matrix/matrix-ops
3
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
matrix-ops/IaC-test/securitygroups.tf

213 lines
8 KiB
Terraform
Raw Normal View History

Setup resource and data sources and refactor controller setup
2024-05-23 08:47:29 +00:00
# Datasource of sunet ssh-from-jumphost security group.
data "openstack_networking_secgroup_v2" "sshfromjumphosts" {
name = "ssh-from-jumphost"
}
data "openstack_networking_secgroup_v2" "allegress" {
name = "allegress"
}
Fix some typos and comment out some unused parts for now.
2024-10-23 08:07:08 +00:00
#resource "openstack_networking_secgroup_v2" "microk8s-old" {
# name = "microk8s-old"
# description = "Traffic to allow between microk8s hosts"
#}
#
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule1" {
# direction = "ingress"
# ethertype = "IPv4"
# protocol = "tcp"
# port_range_min = 16443
# port_range_max = 16443
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule2" {
# direction = "ingress"
# ethertype = "IPv6"
# protocol = "tcp"
# port_range_min = 16443
# port_range_max = 16443
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule3" {
# direction = "ingress"
# ethertype = "IPv4"
# protocol = "tcp"
# port_range_min = 10250
# port_range_max = 10250
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule4" {
# direction = "ingress"
# ethertype = "IPv6"
# protocol = "tcp"
# port_range_min = 10250
# port_range_max = 10250
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule5" {
# direction = "ingress"
# ethertype = "IPv4"
# protocol = "tcp"
# port_range_min = 10255
# port_range_max = 10255
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule6" {
# direction = "ingress"
# ethertype = "IPv6"
# protocol = "tcp"
# port_range_min = 10255
# port_range_max = 10255
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule7" {
# direction = "ingress"
# ethertype = "IPv4"
# protocol = "tcp"
# port_range_min = 25000
# port_range_max = 25000
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule8" {
# direction = "ingress"
# ethertype = "IPv6"
# protocol = "tcp"
# port_range_min = 25000
# port_range_max = 25000
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule9" {
# direction = "ingress"
# ethertype = "IPv4"
# protocol = "tcp"
# port_range_min = 12379
# port_range_max = 12379
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule10" {
# direction = "ingress"
# ethertype = "IPv6"
# protocol = "tcp"
# port_range_min = 12379
# port_range_max = 12379
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule11" {
# direction = "ingress"
# ethertype = "IPv4"
# protocol = "tcp"
# port_range_min = 10257
# port_range_max = 10257
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule12" {
# direction = "ingress"
# ethertype = "IPv6"
# protocol = "tcp"
# port_range_min = 10257
# port_range_max = 10257
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule13" {
# direction = "ingress"
# ethertype = "IPv4"
# protocol = "tcp"
# port_range_min = 10259
# port_range_max = 10259
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule14" {
# direction = "ingress"
# ethertype = "IPv6"
# protocol = "tcp"
# port_range_min = 10259
# port_range_max = 10259
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule15" {
# direction = "ingress"
# ethertype = "IPv4"
# protocol = "tcp"
# port_range_min = 19001
# port_range_max = 19001
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule16" {
# direction = "ingress"
# ethertype = "IPv6"
# protocol = "tcp"
# port_range_min = 19001
# port_range_max = 19001
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule17" {
# direction = "ingress"
# ethertype = "IPv4"
# protocol = "udp"
# port_range_min = 4789
# port_range_max = 4789
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule18" {
# direction = "ingress"
# ethertype = "IPv6"
# protocol = "udp"
# port_range_min = 4789
# port_range_max = 4789
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule19" {
# direction = "ingress"
# ethertype = "IPv4"
# protocol = "udp"
# port_range_min = 51820
# port_range_max = 51820
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#resource "openstack_networking_secgroup_rule_v2" "microk8s_rule20" {
# direction = "ingress"
# ethertype = "IPv6"
# protocol = "udp"
# port_range_min = 51820
# port_range_max = 51820
# remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id
# security_group_id = openstack_networking_secgroup_v2.microk8s-old.id
#}
#
#resource "openstack_networking_secgroup_v2" "https" {
# name = "https"
# description = "Allow https to ingress controller"
#}
#
#resource "openstack_networking_secgroup_rule_v2" "https_rule1" {
# # External traffic
# direction = "ingress"
# ethertype = "IPv4"
# protocol = "tcp"
# port_range_min = 443
# port_range_max = 443
# remote_ip_prefix = "0.0.0.0/0"
# security_group_id = openstack_networking_secgroup_v2.https.id
#}
Reference in a new issue Copy permalink