This would be a good start, but this will likely end up being an application level constraint.
Marco On Wed, Jan 17, 2018, 13:56 Nicholas Skaggs <nicholas.ska...@canonical.com> wrote: > Marco, we have done a POC of this in the past as a model constraint. So, > > juju bootstrap aws aws --constraints security-groups=sg1,sg2 > juju set-model-constraints security-groups=sg1,sg2,... > > How does that feel? > > Nicholas > > On Sat, Jan 13, 2018 at 1:08 AM, Kapil Thangavelu <kap...@gmail.com> > wrote: > >> two cents, typical real world requirements vary, in the enterprise you >> might have various tiering by architectural layer (front end waf elb >> ingress, waf servers, set of dmz components/web servers, set of app >> servers, set of dbs) all structured out with connectivity models. typically >> these map to a m:n on security group basis to service model, based on the >> model's responsibilities and consumers. >> >> On Fri, Jan 12, 2018 at 8:09 AM, Mark Shuttleworth <m...@ubuntu.com> >> wrote: >> >>> On 12/22/2017 03:03 AM, Marco Ceppi wrote: >>> > When it comes to scaling operations this can be tedious. I know there >>> > are configurations for VPC-ID - is there also a similar security-group >>> > setting where either the default model SG will be set based on user >>> > input instead of created or a setting where an additional "model" >>> > security group can be set so instances have it in addition to the >>> > model/instance security group? >>> >>> I think it makes sense that the model creation process might accept such >>> a parameter, yes. >>> >>> Does a security group per model make sense, or should it be per >>> application in the model (though that sounds like it might be wasteful). >>> >>> Mark >>> >>> -- >>> Juju mailing list >>> Juju@lists.ubuntu.com >>> Modify settings or unsubscribe at: >>> https://lists.ubuntu.com/mailman/listinfo/juju >>> >> >> >> -- >> Juju mailing list >> Juju@lists.ubuntu.com >> Modify settings or unsubscribe at: >> https://lists.ubuntu.com/mailman/listinfo/juju >> >> > -- > Juju mailing list > Juju@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/juju >
-- Juju mailing list Juju@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju