clean and simplify

1 files changed, 5 insertions, 6 deletions

diff --git a/terraform/infra.tf b/terraform/infra.tf
index daaea057..c413239e 100644
--- a/terraform/infra.tf
+++ b/terraform/infra.tf
@@ -63,6 +63,7 @@ resource "openstack_networking_subnet_v2" "baserock_subnet" {
 resource "openstack_networking_secgroup_v2" "sg_base" {
   name        = "base"
   description = "Allow all outgoing traffic, and allow incoming ICMP (ping) and SSH connections"
+  delete_default_rules = "true"
 }
 
 resource "openstack_networking_secgroup_rule_v2" "sg_base_egress_icmp" {
@@ -73,19 +74,17 @@ resource "openstack_networking_secgroup_rule_v2" "sg_base_egress_icmp" {
   security_group_id = "${openstack_networking_secgroup_v2.sg_base.id}"
 }
 
-resource "openstack_networking_secgroup_rule_v2" "sg_base_egress_tcp" {
+resource "openstack_networking_secgroup_rule_v2" "sg_base_egress_any" {
   direction         = "egress"
   ethertype         = "IPv4"
-  protocol          = "tcp"
   remote_ip_prefix  = "0.0.0.0/0"
   security_group_id = "${openstack_networking_secgroup_v2.sg_base.id}"
 }
 
-resource "openstack_networking_secgroup_rule_v2" "sg_base_egress_udp" {
+resource "openstack_networking_secgroup_rule_v2" "sg_base_egress_any_v6" {
   direction         = "egress"
-  ethertype         = "IPv4"
-  protocol          = "udp"
-  remote_ip_prefix  = "0.0.0.0/0"
+  ethertype         = "IPv6"
+  remote_ip_prefix  = "::/0"
   security_group_id = "${openstack_networking_secgroup_v2.sg_base.id}"
 }