terraform - monitoring 최신화

2023-11-23 14:19:27 +09:00
parent 64d5496f58
commit 1645a5061c
3 changed files with 113 additions and 125 deletions
--- a/terraform/aws_instance/monitoring/ec2.tf
+++ b/terraform/aws_instance/monitoring/ec2.tf
@@ -4,7 +4,7 @@ resource "aws_security_group" "grafana-allow-security" {
  vpc_id      = var.VPC_ID
  
  ingress {
-    description      = "SSH"
+    description      = "Allow SSH traffic"
    from_port        = 22
    to_port          = 22
    protocol         = "tcp"
@@ -12,52 +12,52 @@ resource "aws_security_group" "grafana-allow-security" {
  }

  ingress {
-    description      = "TLS from grafana"
+    description      = "Allow HTTP traffic"
+    from_port        = 80
+    to_port          = 80
+    protocol         = "tcp"
+    cidr_blocks      = ["118.223.123.161/32"]
+  }
+
+  ingress {
+    description      = "Allow TLS traffic"
    from_port        = 443
    to_port          = 443
    protocol         = "tcp"
    cidr_blocks      = ["118.223.123.161/32"]
  }

-  ingress {
-    description      = ""
-    from_port        = 443
-    to_port          = 443
-    protocol         = "tcp"
-    cidr_blocks      = ["0.0.0.0/0"]
-  }
+  # ingress {
+  #   description      = ""
+  #   from_port        = 443
+  #   to_port          = 443
+  #   protocol         = "tcp"
+  #   cidr_blocks      = ["0.0.0.0/0"]
+  # }

-  ingress {
-    description      = ""
-    from_port        = 80
-    to_port          = 80
-    protocol         = "tcp"
-    cidr_blocks      = ["0.0.0.0/0"]
-  }
+  # ingress {
+  #   description      = "TLS from teleport"
+  #   from_port        = 30168
+  #   to_port          = 30168
+  #   protocol         = "tcp"
+  #   cidr_blocks      = ["0.0.0.0/0"]
+  # }

-  ingress {
-    description      = "TLS from teleport"
-    from_port        = 30168
-    to_port          = 30168
-    protocol         = "tcp"
-    cidr_blocks      = ["0.0.0.0/0"]
-  }
+  # ingress {
+  #   description      = ""
+  #   from_port        = 32084
+  #   to_port          = 32084
+  #   protocol         = "tcp"
+  #   cidr_blocks      = ["172.0.0.0/8"]
+  # }

-  ingress {
-    description      = ""
-    from_port        = 32084
-    to_port          = 32084
-    protocol         = "tcp"
-    cidr_blocks      = ["172.0.0.0/8"]
-  }
-
-  ingress {
-    description      = "loki"
-    from_port        = 31768
-    to_port          = 31768
-    protocol         = "tcp"
-    cidr_blocks      = ["172.24.0.0/16"]
-  }
+  # ingress {
+  #   description      = "loki"
+  #   from_port        = 31768
+  #   to_port          = 31768
+  #   protocol         = "tcp"
+  #   cidr_blocks      = ["172.24.0.0/16"]
+  # }

  ingress {
    description      = ""