64 lines
2 KiB
HCL
64 lines
2 KiB
HCL
# Security groups lb-frontend
|
|
resource "openstack_networking_secgroup_v2" "lb-dco" {
|
|
name = "lb-frontend"
|
|
description = "Ingress lb traffic to allow."
|
|
provider=openstack.dco
|
|
}
|
|
|
|
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule_v4_dco" {
|
|
direction = "ingress"
|
|
ethertype = "IPv4"
|
|
protocol = "tcp"
|
|
port_range_min = "8443"
|
|
port_range_max = "8443"
|
|
provider = openstack.dco
|
|
remote_ip_prefix = "87.251.31.118/32"
|
|
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
|
}
|
|
|
|
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule2_v4_dco" {
|
|
direction = "ingress"
|
|
ethertype = "IPv4"
|
|
protocol = "tcp"
|
|
port_range_min = "16443"
|
|
port_range_max = "16443"
|
|
provider = openstack.dco
|
|
remote_ip_prefix = "87.251.31.118/32"
|
|
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
|
}
|
|
|
|
# From mgmt1
|
|
|
|
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule3_v4_dco" {
|
|
direction = "ingress"
|
|
ethertype = "IPv4"
|
|
protocol = "tcp"
|
|
port_range_min = "16443"
|
|
port_range_max = "16443"
|
|
provider = openstack.dco
|
|
remote_ip_prefix = "89.47.191.66/32"
|
|
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
|
}
|
|
|
|
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule4_v4_dco" {
|
|
direction = "ingress"
|
|
ethertype = "IPv4"
|
|
protocol = "tcp"
|
|
port_range_min = "80"
|
|
port_range_max = "80"
|
|
provider = openstack.dco
|
|
remote_ip_prefix = "89.47.191.66/32"
|
|
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
|
}
|
|
|
|
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule5_v4_dco" {
|
|
direction = "ingress"
|
|
ethertype = "IPv4"
|
|
protocol = "tcp"
|
|
port_range_min = "443"
|
|
port_range_max = "443"
|
|
provider = openstack.dco
|
|
remote_ip_prefix = "89.47.191.66/32"
|
|
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
|
}
|