forked from grg1bbs/Terraform_ISE_AWS_Deployment
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsg.tf
38 lines (37 loc) · 1.07 KB
/
sg.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# Create Security Group for ISE
resource "aws_security_group" "ise_network_access" {
name = "ise-network-access"
vpc_id = aws_vpc.vpc.id
description = "Allow traffic for ISE"
egress = [
{
cidr_blocks = [
"0.0.0.0/0",
]
description = "Allow all outbound"
from_port = 0
ipv6_cidr_blocks = []
prefix_list_ids = []
protocol = "-1"
security_groups = []
self = false
to_port = 0
},
]
ingress = [
{
cidr_blocks = [
var.vpc_cidr,
var.on_prem_subnet,
]
description = "Allow all from On-Prem network and VPC subnets"
from_port = 0
ipv6_cidr_blocks = []
prefix_list_ids = []
protocol = "-1"
security_groups = []
self = false
to_port = 0
},
]
}