resource "aws_security_group" "production_api_app" {
name = "production_api_app"
description = "Allow SSH, and traffic over port 80 inbound, anything outbound"
vpc_id = "${var.vpc_id}"
lifecycle {
create_before_destroy = true
}
# Allow SSH from anywhere
ingress {
from_port = 22
to_port = 22
protocol = "TCP"
cidr_blocks = ["0.0.0.0/0"]
}
# Allow HTTP from anywhere
ingress {
from_port = 80
to_port = 80
protocol = "TCP"
cidr_blocks = ["0.0.0.0/0"]
}
# Allow HTTPS from anywhere
ingress {
from_port = 443
to_port = 443
protocol = "TCP"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}