github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-03-18 07:23:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Control plane security group always whitelist worker security group and revert #186 (#631)

Browse Source 
* Updates and revert #186

* update readme

* update changelog

* update changelog
This commit is contained in:
Ryan Ooi
2019-12-20 23:45:01 +08:00
committed by Max Williams
parent 583c32d286
commit b7ffc1b591
6 changed files with 18 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
cluster.tf
View File

@@ -34,7 +34,7 @@ resource "aws_eks_cluster" "this" {
}
resource "aws_security_group" "cluster" {
count = var.cluster_create_security_group && var.create_eks ? 1 : 0
count = var.cluster_security_group_id == "" && var.create_eks ? 1 : 0
name_prefix = var.cluster_name
description = "EKS cluster security group."
vpc_id = var.vpc_id
@@ -47,7 +47,7 @@ resource "aws_security_group" "cluster" {
}
resource "aws_security_group_rule" "cluster_egress_internet" {
count = var.cluster_create_security_group && var.create_eks ? 1 : 0
count = var.cluster_security_group_id == "" && var.create_eks ? 1 : 0
description = "Allow cluster egress access to the Internet."
protocol = "-1"
security_group_id = local.cluster_security_group_id
@@ -58,7 +58,7 @@ resource "aws_security_group_rule" "cluster_egress_internet" {
}
resource "aws_security_group_rule" "cluster_https_worker_ingress" {
count = var.cluster_create_security_group && var.create_eks ? 1 : 0
count = var.create_eks ? 1 : 0
description = "Allow pods to communicate with the EKS cluster API."
protocol = "tcp"
security_group_id = local.cluster_security_group_id