Skip to content

Commit

Permalink
Merge pull request #625 from rust-lang/chore-playground-remove-ip-of-…
Browse files Browse the repository at this point in the history
…old-bastion-ec2-from-allowlist

chore(playground): remove ip of old bastion EC2 from allowlist
  • Loading branch information
MarcoIeni authored Oct 28, 2024
2 parents a0cf043 + 2cdc120 commit 9d21602
Showing 1 changed file with 0 additions and 26 deletions.
26 changes: 0 additions & 26 deletions terraform/playground/instance.tf
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,6 @@ data "dns_a_record_set" "bastion" {
host = "bastion.infra.rust-lang.org"
}

data "dns_a_record_set" "bastion2" {
host = "bastion2.infra.rust-lang.org"
}

resource "aws_security_group" "playground" {
vpc_id = data.terraform_remote_state.shared.outputs.prod_vpc.id
name = "rust-prod-playground"
Expand Down Expand Up @@ -46,28 +42,6 @@ resource "aws_security_group" "playground" {
}
}

dynamic "ingress" {
for_each = toset(data.dns_a_record_set.bastion2.addrs)
content {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["${ingress.value}/32"]
description = "SSH from the bastion"
}
}

dynamic "ingress" {
for_each = toset(data.dns_a_record_set.bastion2.addrs)
content {
from_port = -1
to_port = -1
protocol = "icmp"
cidr_blocks = ["${ingress.value}/32"]
description = "ICMP from the bastion"
}
}

// node_exporter access from the monitoring instance
dynamic "ingress" {
for_each = toset(data.dns_a_record_set.monitoring.addrs)
Expand Down

0 comments on commit 9d21602

Please sign in to comment.