Merge pull request #41 from 44smkn/feature/add-sg

Add sg
44smkn · Mar 13, 2022 · 93fe5ac · 93fe5ac
2 parents a73d9fd + 8849fd5
commit 93fe5ac
Showing 1 changed file with 18 additions and 0 deletions.
diff --git a/modules/eks-with-karpenter/main.tf b/modules/eks-with-karpenter/main.tf
@@ -52,6 +52,15 @@ module "eks" {
       type                       = "egress"
       source_node_security_group = true
     }
+
+    ingress_nodes_karpenter_ports_tcp = {
+      description                = "Karpenter readiness"
+      protocol                   = "tcp"
+      from_port                  = 8443
+      to_port                    = 8443
+      type                       = "ingress"
+      source_node_security_group = true
+    }
   }
 
   # Extend node-to-node security group rules
@@ -73,6 +82,15 @@ module "eks" {
       cidr_blocks      = ["0.0.0.0/0"]
       ipv6_cidr_blocks = ["::/0"]
     }
+
+    aws_lb_controller_webhook = {
+      description                   = "Cluster API to AWS LB Controller webhook"
+      protocol                      = "all"
+      from_port                     = 9443
+      to_port                       = 9443
+      type                          = "ingress"
+      source_cluster_security_group = true
+    }
   }
 
   # Only need one node to get Karpenter up and running