Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add the ability to allow access based on security group ID #29

Merged
merged 6 commits into from
Jun 9, 2017
Merged

Add the ability to allow access based on security group ID #29

merged 6 commits into from
Jun 9, 2017

Conversation

tfhartmann
Copy link
Member

This is useful for internal bastion, so for example when you only want this host to be open to a particular SG rather then a CIDR range

Sorry about opening a second PR, I would have added to the previous one, but wasn't fast enough :p

@tfhartmann
Adding allowed_cidr var
009ee82 
This should allow us to pass CIDR blocks to the Security Group, which
lets us use this module for internal bastion hosts, or bastion hosts
that shouldn't be open to the world.
@tfhartmann
Splitting SG and SG Rule
063a53c
@tfhartmann
Merge remote-tracking branch 'tf_community/master'
a511c8f
@tfhartmann
Adding the ability to pass a SG ID
29f00b8
@tfhartmann tfhartmann mentioned this pull request Jun 8, 2017
Merged
antonbabenko
antonbabenko reviewed Jun 9, 2017
View reviewed changes
README.md Outdated
@@ -27,6 +27,7 @@ Only SSH access is allowed to the bastion host.
* `eip` - EIP to put into EC2 tag (can be used with scripts like https://github.com/skymill/aws-ec2-assign-elastic-ip, default - empty value)
* `key_name` - Launch configuration key name to be applied to created instance(s).
* `allowed_cidr` - A list of CIDR Networks to allow ssh access to. Defaults to 0.0.0.0/0
* `allowed_security_groups` - A list of Security Group ID's to allow access to. Defaults to empty list
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It can be more descriptive if you say "A list of Security Group ID's to allow access to the bastion host (useful if bastion is deployed internally)".

@tfhartmann
Copy link
Member Author

done and done

@antonbabenko
Copy link
Member

Cool. Update CHANGELOG as well, please. LGTM, you can now merge and tag it yourself :)

@tfhartmann
Copy link
Member Author

tfhartmann commented Jun 9, 2017
edited
Loading

Sweet, I am now drunk with power! 🔋

@tfhartmann tfhartmann merged commit fdd5270 into terraform-community-modules:master Jun 9, 2017
@tfhartmann tfhartmann deleted the tfhartmann/add_allowed_sg branch June 9, 2017 14:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@antonbabenko antonbabenko antonbabenko left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tfhartmann @antonbabenko