This is an automated email from the ASF dual-hosted git repository. lfrolov pushed a commit to branch DATALAB-2969 in repository https://gitbox.apache.org/repos/asf/incubator-datalab.git
commit 2b21e33226335befdff249ecd7af0904b84a5ac4 Author: leonidfrolov <[email protected]> AuthorDate: Mon Aug 15 14:42:52 2022 +0300 [DATALAB-2969]: added predefines sg for aws external endpoint --- infrastructure-provisioning/terraform/aws/endpoint/main/instance.tf | 2 +- infrastructure-provisioning/terraform/aws/endpoint/main/network.tf | 5 +++++ infrastructure-provisioning/terraform/aws/endpoint/main/variables.tf | 4 ++++ 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/infrastructure-provisioning/terraform/aws/endpoint/main/instance.tf b/infrastructure-provisioning/terraform/aws/endpoint/main/instance.tf index 6bfc09b59..f863c9342 100644 --- a/infrastructure-provisioning/terraform/aws/endpoint/main/instance.tf +++ b/infrastructure-provisioning/terraform/aws/endpoint/main/instance.tf @@ -28,7 +28,7 @@ resource "aws_instance" "endpoint" { instance_type = var.endpoint_instance_shape key_name = var.key_name subnet_id = data.aws_subnet.data_subnet.id - security_groups = [aws_security_group.endpoint_sec_group.id] + security_groups = [aws_security_group.data_sg.id] iam_instance_profile = aws_iam_instance_profile.endpoint_profile.name root_block_device { volume_type = "gp2" diff --git a/infrastructure-provisioning/terraform/aws/endpoint/main/network.tf b/infrastructure-provisioning/terraform/aws/endpoint/main/network.tf index 983bebc10..37198fc49 100644 --- a/infrastructure-provisioning/terraform/aws/endpoint/main/network.tf +++ b/infrastructure-provisioning/terraform/aws/endpoint/main/network.tf @@ -85,6 +85,7 @@ resource "aws_route" "route" { resource "aws_security_group" "endpoint_sec_group" { name = local.endpoint_sg_name + count = var.sg_id == "" ? 1 : 0 vpc_id = data.aws_vpc.data_vpc.id ingress { from_port = 22 @@ -143,6 +144,10 @@ resource "aws_security_group" "endpoint_sec_group" { } } +data "aws_security_group" "data_sg" { + id = var.sg_id == "" ? aws_security_group.endpoint_sec_group.id : var.sg_id +} + resource "aws_eip" "endpoint_eip" { vpc = true tags = { diff --git a/infrastructure-provisioning/terraform/aws/endpoint/main/variables.tf b/infrastructure-provisioning/terraform/aws/endpoint/main/variables.tf index f186ba8e5..9c89bcdba 100644 --- a/infrastructure-provisioning/terraform/aws/endpoint/main/variables.tf +++ b/infrastructure-provisioning/terraform/aws/endpoint/main/variables.tf @@ -53,6 +53,10 @@ variable "vpc_id" { default = "" } +variable "sg_id" { + default = "" +} + variable "subnet_id" { default = "" } --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
