48 lines
1.6 KiB
HCL
48 lines
1.6 KiB
HCL
# Data sources for existing groups
|
|
|
|
# Datasource of sunet ssh-from-jumphost security group.
|
|
data "openstack_networking_secgroup_v2" "sshfromjumphosts" {
|
|
name = "ssh-from-jumphost"
|
|
}
|
|
|
|
data "openstack_networking_secgroup_v2" "allegress" {
|
|
name = "allegress"
|
|
}
|
|
|
|
# Resources to define new security groups
|
|
|
|
# Securitygroup to allow kubernetes nodes
|
|
resource "openstack_networking_secgroup_v2" "kubenode" {
|
|
name = "kubenode"
|
|
description = "Securitygroup for microk8s nodes"
|
|
delete_default_rules = true
|
|
}
|
|
|
|
resource "openstack_networking_secgroup_rule_v2" "kubeingressv4" {
|
|
direction = "ingress"
|
|
ethertype = "IPv4"
|
|
remote_group_id = openstack_networking_secgroup_v2.kubenode.id
|
|
security_group_id = openstack_networking_secgroup_v2.kubenode.id
|
|
}
|
|
|
|
resource "openstack_networking_secgroup_rule_v2" "kubeingressv6" {
|
|
direction = "ingress"
|
|
ethertype = "IPv6"
|
|
remote_group_id = openstack_networking_secgroup_v2.kubenode.id
|
|
security_group_id = openstack_networking_secgroup_v2.kubenode.id
|
|
}
|
|
|
|
resource "openstack_networking_secgroup_rule_v2" "kubeegressv4" {
|
|
direction = "egress"
|
|
ethertype = "IPv4"
|
|
remote_group_id = openstack_networking_secgroup_v2.kubenode.id
|
|
security_group_id = openstack_networking_secgroup_v2.kubenode.id
|
|
}
|
|
|
|
resource "openstack_networking_secgroup_rule_v2" "kubeegressv6" {
|
|
direction = "egress"
|
|
ethertype = "IPv6"
|
|
remote_group_id = openstack_networking_secgroup_v2.kubenode.id
|
|
security_group_id = openstack_networking_secgroup_v2.kubenode.id
|
|
}
|