Marco, we have done a POC of this in the past as a model constraint. So, juju bootstrap aws aws --constraints security-groups=sg1,sg2 juju set-model-constraints security-groups=sg1,sg2,...
How does that feel? Nicholas On Sat, Jan 13, 2018 at 1:08 AM, Kapil Thangavelu <kap...@gmail.com> wrote: > two cents, typical real world requirements vary, in the enterprise you > might have various tiering by architectural layer (front end waf elb > ingress, waf servers, set of dmz components/web servers, set of app > servers, set of dbs) all structured out with connectivity models. typically > these map to a m:n on security group basis to service model, based on the > model's responsibilities and consumers. > > On Fri, Jan 12, 2018 at 8:09 AM, Mark Shuttleworth <m...@ubuntu.com> > wrote: > >> On 12/22/2017 03:03 AM, Marco Ceppi wrote: >> > When it comes to scaling operations this can be tedious. I know there >> > are configurations for VPC-ID - is there also a similar security-group >> > setting where either the default model SG will be set based on user >> > input instead of created or a setting where an additional "model" >> > security group can be set so instances have it in addition to the >> > model/instance security group? >> >> I think it makes sense that the model creation process might accept such >> a parameter, yes. >> >> Does a security group per model make sense, or should it be per >> application in the model (though that sounds like it might be wasteful). >> >> Mark >> >> -- >> Juju mailing list >> Juju@lists.ubuntu.com >> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailm >> an/listinfo/juju >> > > > -- > Juju mailing list > Juju@lists.ubuntu.com > Modify settings or unsubscribe at: https://lists.ubuntu.com/ > mailman/listinfo/juju > >
-- Juju mailing list Juju@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju