github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-04-17 22:39:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: Create SG rule for each new cluster_endpoint_private_access_cidr block (#1549)

Browse Source
This commit is contained in:
Olesia Ivanenko
2021-09-06 15:04:56 +03:00
committed by GitHub
parent d1d135b13f
commit 710903170f
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cluster.tf
View File

@@ -91,13 +91,13 @@ resource "aws_security_group_rule" "cluster_https_worker_ingress" {
} }
resource "aws_security_group_rule" "cluster_private_access_cidrs_source" { resource "aws_security_group_rule" "cluster_private_access_cidrs_source" {
count = var.create_eks && var.cluster_create_endpoint_private_access_sg_rule && var.cluster_endpoint_private_access && var.cluster_endpoint_private_access_cidrs != null ? 1 : 0 for_each = var.create_eks && var.cluster_create_endpoint_private_access_sg_rule && var.cluster_endpoint_private_access && var.cluster_endpoint_private_access_cidrs != null ? toset(var.cluster_endpoint_private_access_cidrs) : []
description = "Allow private K8S API ingress from custom CIDR source." description = "Allow private K8S API ingress from custom CIDR source."
type = "ingress" type = "ingress"
from_port = 443 from_port = 443
to_port = 443 to_port = 443
protocol = "tcp" protocol = "tcp"
cidr_blocks = var.cluster_endpoint_private_access_cidrs cidr_blocks = [each.value]
security_group_id = aws_eks_cluster.this[0].vpc_config[0].cluster_security_group_id security_group_id = aws_eks_cluster.this[0].vpc_config[0].cluster_security_group_id
} }