github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-03-20 16:43:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: Create cluster_private_access security group rules when it should (#981)

Browse Source 
BREAKING CHANGES: Default for `cluster_endpoint_private_access_cidrs` is now `null` instead of `["0.0.0.0/0"]`. It makes the variable required when `cluster_create_endpoint_private_access_sg_rule` is set to `true`. This will force everyone who want to have a private access to set explicitly their allowed subnets for the sake of the principle of least access by default.
This commit is contained in:
Anthony Dahanne
2020-09-02 16:38:02 -04:00
committed by GitHub
parent 44d59da57b
commit 1adbe82e15
3 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cluster.tf
View File

@@ -48,7 +48,7 @@ resource "aws_eks_cluster" "this" {
}
resource "aws_security_group_rule" "cluster_private_access" {
count = var.create_eks && var.cluster_endpoint_private_access && var.cluster_endpoint_public_access == false ? 1 : 0
count = var.create_eks && var.cluster_create_endpoint_private_access_sg_rule && var.cluster_endpoint_private_access ? 1 : 0
type = "ingress"
from_port = 443
to_port = 443