Skip to content
This repository was archived by the owner on Aug 4, 2023. It is now read-only.

Commit 73f4090

Browse files
author
Chris Schreiber
authored
fix: disable sg description changes (#624)
1 parent 9527e30 commit 73f4090

File tree

2 files changed

+21
-21
lines changed

2 files changed

+21
-21
lines changed

modules/environment/aws/code-services/main.tf

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -362,9 +362,9 @@ resource "aws_iam_role_policy_attachment" "event_mapper_role_policy_attachment"
362362

363363
#tfsec:ignore:aws-vpc-no-public-egress-sgr
364364
resource "aws_security_group" "codebuild_security_group" {
365-
name = "codebuild-egress"
366-
vpc_id = data.aws_vpc.lead_vpc.id
367-
description = "Allow outbound traffic"
365+
name = "codebuild-egress"
366+
vpc_id = data.aws_vpc.lead_vpc.id
367+
# description = "Allow outbound traffic"
368368

369369
egress {
370370
description = "Allow outbound traffic"

modules/environment/aws/eks/main.tf

Lines changed: 18 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -92,21 +92,21 @@ resource "aws_kms_key" "eks_encryption_kms" {
9292
resource "aws_security_group" "worker" {
9393
name_prefix = "${var.cluster}-worker"
9494
vpc_id = data.aws_vpc.lead_vpc.id
95-
description = "worker based security groups"
95+
# description = "worker based security groups"
9696

9797
ingress {
98-
description = "Allow SSH access"
99-
from_port = 22
100-
to_port = 22
101-
protocol = "tcp"
98+
# description = "Allow SSH access"
99+
from_port = 22
100+
to_port = 22
101+
protocol = "tcp"
102102

103103
cidr_blocks = concat([data.aws_vpc.lead_vpc.cidr_block], var.enable_ssh_access ? [var.internal_vpn_subnet] : [])
104104
}
105105
ingress {
106-
description = "Allow HTTPS access"
107-
from_port = 443
108-
to_port = 443
109-
protocol = "tcp"
106+
# description = "Allow HTTPS access"
107+
from_port = 443
108+
to_port = 443
109+
protocol = "tcp"
110110

111111
security_groups = [aws_security_group.elb.id]
112112
}
@@ -115,7 +115,7 @@ resource "aws_security_group" "worker" {
115115
resource "aws_security_group" "elb" {
116116
name_prefix = "${var.cluster}-ingress-elb"
117117
vpc_id = data.aws_vpc.lead_vpc.id
118-
description = "Allow HTTPS access"
118+
# description = "Allow HTTPS access"
119119

120120
tags = {
121121
Name = "${var.cluster}-ingress-elb"
@@ -124,21 +124,21 @@ resource "aws_security_group" "elb" {
124124
}
125125

126126
ingress {
127-
description = "Allow HTTP access"
128-
from_port = 80
129-
to_port = 80
130-
protocol = "tcp"
127+
# description = "Allow HTTP access"
128+
from_port = 80
129+
to_port = 80
130+
protocol = "tcp"
131131

132132
cidr_blocks = [
133133
"0.0.0.0/0",
134134
]
135135
}
136136

137137
ingress {
138-
description = "Allow HTTPS access"
139-
from_port = 443
140-
to_port = 443
141-
protocol = "tcp"
138+
# description = "Allow HTTPS access"
139+
from_port = 443
140+
to_port = 443
141+
protocol = "tcp"
142142

143143
cidr_blocks = [
144144
"0.0.0.0/0",

0 commit comments

Comments
 (0)