f

hack-a-chain-software · Jun 26, 2023 · e7efaa6 · e7efaa6
1 parent 0f264ce
commit e7efaa6
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 46 deletions.
diff --git a/terraform/network.tf b/terraform/network.tf
@@ -1,7 +1,6 @@
 # The "aws_vpc", "aws_subnet", "aws_db_subnet_group", "aws_internet_gateway", "aws_route_table",
 # "aws_route_table_association", and "aws_network_acl" blocks create and configure a VPC, subnets,
 # a database subnet group, an internet gateway, a route table, and a network access control list (ACL) for the VPC.
-
 resource "aws_vpc" "indexer" {
   enable_dns_support = true
 
@@ -30,7 +29,6 @@ resource "aws_subnet" "indexer" {
 
 resource "aws_subnet" "indexer-b" {
   cidr_block = "10.0.2.0/24"
-
   availability_zone = "us-east-1b"
 
   vpc_id = "${aws_vpc.indexer.id}"
@@ -89,30 +87,21 @@ resource "aws_network_acl" "indexer" {
   subnet_ids = "${aws_subnet.indexer.*.id}"
 
   ingress {
-    protocol   = "tcp"
-    rule_no    = 101
-    action     = "allow"
-    cidr_block = "0.0.0.0/0"
-    from_port  = 1789
-    to_port    = 1789
-  }
-
-  ingress {
-    protocol   = "tcp"
-    rule_no    = 102
+    protocol   = "-1"
+    rule_no    = 100
     action     = "allow"
     cidr_block = "0.0.0.0/0"
-    from_port  = 443
-    to_port    = 443
+    from_port  = 0
+    to_port    = 0
   }
 
-  ingress {
-    protocol   = "tcp"
-    rule_no    = 103
+  egress {
+    protocol   = "-1"
+    rule_no    = 100
     action     = "allow"
     cidr_block = "0.0.0.0/0"
-    from_port  = 80
-    to_port    = 80
+    from_port  = 0
+    to_port    = 0
   }
 
   tags = {

diff --git a/terraform/security-group.tf b/terraform/security-group.tf
@@ -14,37 +14,16 @@ resource "aws_security_group" "indexer" {
   }
 
   ingress {
-    from_port   = 5432
-    to_port     = 5432
-    protocol    = "tcp"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
-
-  ingress {
-    from_port   = 443
-    to_port     = 443
-    protocol    = "tcp"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
-
-  ingress {
-    from_port   = 80
-    to_port     = 80
-    protocol    = "tcp"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
-
-  ingress {
-    from_port   = 22
-    to_port     = 22
-    protocol    = "tcp"
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
     cidr_blocks = ["0.0.0.0/0"]
   }
 
-  ingress {
+  egress {
     from_port   = 0
     to_port     = 0
-    protocol    = "tcp"
+    protocol    = "-1"
     cidr_blocks = ["0.0.0.0/0"]
   }
 }