github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-03-25 10:51:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: Create cluster_private_access security group rules when it should (#981)

Browse Source 
BREAKING CHANGES: Default for `cluster_endpoint_private_access_cidrs` is now `null` instead of `["0.0.0.0/0"]`. It makes the variable required when `cluster_create_endpoint_private_access_sg_rule` is set to `true`. This will force everyone who want to have a private access to set explicitly their allowed subnets for the sake of the principle of least access by default.
This commit is contained in:
Anthony Dahanne
2020-09-02 16:38:02 -04:00
committed by GitHub
parent 44d59da57b
commit 1adbe82e15
3 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
variables.tf
View File

@@ -245,10 +245,16 @@ variable "iam_path" {
default = "/"
}
variable "cluster_create_endpoint_private_access_sg_rule" {
description = "Whether to create security group rules for the access to the Amazon EKS private API server endpoint."
type = bool
default = false
}
variable "cluster_endpoint_private_access_cidrs" {
description = "List of CIDR blocks which can access the Amazon EKS private API server endpoint, when public access is disabled"
description = "List of CIDR blocks which can access the Amazon EKS private API server endpoint."
type = list(string)
default = ["0.0.0.0/0"]
default = null
}
variable "cluster_endpoint_private_access" {