Created
July 21, 2020 17:18
-
-
Save rmzi/043c97a6c1258e01003abd9360845846 to your computer and use it in GitHub Desktop.
Pseudocode for Security Group User Pattern
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| resource "aws_rds_cluster" "db" { | |
| ... | |
| security_group = "" | |
| ... | |
| } | |
| resource "aws_security_group" "airflow-db" { | |
| ... | |
| } | |
| resource "aws_security_group" "airflow-db-user { | |
| ... | |
| } | |
| resource "aws_security_group_rule" "db-user" { | |
| security_group = aws_security_group.airflow-db | |
| source_security_group = aws_security_group.airflow_db_user | |
| port = 5432 | |
| } | |
| resource "aws_ecs_service" "api" { | |
| ... | |
| security_groups = [ | |
| aws_security_group.airflow_db_user.id, | |
| ... | |
| ... | |
| ] | |
| ... | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This was super helpful. I think I successfully implemented this paradigm in
just-city/jc-pipeline-cluster-terraformrepo insecurity_groups.tfif you want to check it out.