summaryrefslogtreecommitdiff
path: root/terraform/infra.tf
diff options
context:
space:
mode:
Diffstat (limited to 'terraform/infra.tf')
-rw-r--r--terraform/infra.tf11
1 files changed, 5 insertions, 6 deletions
diff --git a/terraform/infra.tf b/terraform/infra.tf
index daaea057..c413239e 100644
--- a/terraform/infra.tf
+++ b/terraform/infra.tf
@@ -63,6 +63,7 @@ resource "openstack_networking_subnet_v2" "baserock_subnet" {
resource "openstack_networking_secgroup_v2" "sg_base" {
name = "base"
description = "Allow all outgoing traffic, and allow incoming ICMP (ping) and SSH connections"
+ delete_default_rules = "true"
}
resource "openstack_networking_secgroup_rule_v2" "sg_base_egress_icmp" {
@@ -73,19 +74,17 @@ resource "openstack_networking_secgroup_rule_v2" "sg_base_egress_icmp" {
security_group_id = "${openstack_networking_secgroup_v2.sg_base.id}"
}
-resource "openstack_networking_secgroup_rule_v2" "sg_base_egress_tcp" {
+resource "openstack_networking_secgroup_rule_v2" "sg_base_egress_any" {
direction = "egress"
ethertype = "IPv4"
- protocol = "tcp"
remote_ip_prefix = "0.0.0.0/0"
security_group_id = "${openstack_networking_secgroup_v2.sg_base.id}"
}
-resource "openstack_networking_secgroup_rule_v2" "sg_base_egress_udp" {
+resource "openstack_networking_secgroup_rule_v2" "sg_base_egress_any_v6" {
direction = "egress"
- ethertype = "IPv4"
- protocol = "udp"
- remote_ip_prefix = "0.0.0.0/0"
+ ethertype = "IPv6"
+ remote_ip_prefix = "::/0"
security_group_id = "${openstack_networking_secgroup_v2.sg_base.id}"
}
View Lorry Controller Status