From 947561ce1d250796a2c4042d32b9735ac589caa3 Mon Sep 17 00:00:00 2001 From: dsk-minchulahn Date: Tue, 19 Dec 2023 11:52:32 +0900 Subject: [PATCH] =?UTF-8?q?Monitoring=20-=20SG=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- terraform/aws_instance/monitoring/ec2.tf | 24 +++++----- .../aws_instance/monitoring/terraform.tfstate | 46 +++++++----------- .../monitoring/terraform.tfstate.backup | 47 +++++++------------ 3 files changed, 47 insertions(+), 70 deletions(-) diff --git a/terraform/aws_instance/monitoring/ec2.tf b/terraform/aws_instance/monitoring/ec2.tf index d101f67..c21d830 100644 --- a/terraform/aws_instance/monitoring/ec2.tf +++ b/terraform/aws_instance/monitoring/ec2.tf @@ -5,26 +5,26 @@ resource "aws_security_group" "grafana-allow-security" { ingress { description = "Allow SSH traffic" - from_port = 22 - to_port = 22 + from_port = 2222 + to_port = 2222 protocol = "tcp" - cidr_blocks = ["118.223.123.161/32"] + cidr_blocks = ["39.115.183.236/32"] } - ingress { - description = "Allow HTTP traffic" - from_port = 80 - to_port = 80 - protocol = "tcp" - cidr_blocks = ["118.223.123.161/32"] - } + # ingress { + # description = "Allow HTTP traffic" + # from_port = 80 + # to_port = 80 + # protocol = "tcp" + # cidr_blocks = ["118.223.123.161/32"] + # } ingress { - description = "Allow TLS traffic" + description = "Allow HTTPS traffic" from_port = 443 to_port = 443 protocol = "tcp" - cidr_blocks = ["118.223.123.161/32", "39.115.183.138/32"] + cidr_blocks = ["118.223.123.161/32", "39.115.183.138/32", "39.115.183.236/32"] } # ingress { diff --git a/terraform/aws_instance/monitoring/terraform.tfstate b/terraform/aws_instance/monitoring/terraform.tfstate index e4dfac1..27174a8 100644 --- a/terraform/aws_instance/monitoring/terraform.tfstate +++ b/terraform/aws_instance/monitoring/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 4, "terraform_version": "1.5.7", - "serial": 18, + "serial": 22, "lineage": "816258a5-69eb-6967-f105-8709f7e2588d", "outputs": {}, "resources": [ @@ -174,9 +174,10 @@ { "cidr_blocks": [ "118.223.123.161/32", - "39.115.183.138/32" + "39.115.183.138/32", + "39.115.183.236/32" ], - "description": "Allow TLS traffic", + "description": "Allow HTTPS traffic", "from_port": 443, "ipv6_cidr_blocks": [], "prefix_list_ids": [], @@ -185,32 +186,6 @@ "self": false, "to_port": 443 }, - { - "cidr_blocks": [ - "118.223.123.161/32" - ], - "description": "Allow HTTP traffic", - "from_port": 80, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 80 - }, - { - "cidr_blocks": [ - "118.223.123.161/32" - ], - "description": "Allow SSH traffic", - "from_port": 22, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 22 - }, { "cidr_blocks": [ "172.31.0.0/16" @@ -224,6 +199,19 @@ "self": false, "to_port": 0 }, + { + "cidr_blocks": [ + "39.115.183.236/32" + ], + "description": "Allow SSH traffic", + "from_port": 2222, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 2222 + }, { "cidr_blocks": [], "description": "nlb-securitygroup", diff --git a/terraform/aws_instance/monitoring/terraform.tfstate.backup b/terraform/aws_instance/monitoring/terraform.tfstate.backup index 8e6a7fb..d8e311a 100644 --- a/terraform/aws_instance/monitoring/terraform.tfstate.backup +++ b/terraform/aws_instance/monitoring/terraform.tfstate.backup @@ -1,7 +1,7 @@ { "version": 4, "terraform_version": "1.5.7", - "serial": 16, + "serial": 20, "lineage": "816258a5-69eb-6967-f105-8709f7e2588d", "outputs": {}, "resources": [ @@ -173,35 +173,11 @@ "ingress": [ { "cidr_blocks": [ - "118.223.123.161/32" + "118.223.123.161/32", + "39.115.183.138/32", + "39.115.183.236/32" ], - "description": "Allow HTTP traffic", - "from_port": 80, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 80 - }, - { - "cidr_blocks": [ - "118.223.123.161/32" - ], - "description": "Allow SSH traffic", - "from_port": 22, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 22 - }, - { - "cidr_blocks": [ - "118.223.123.161/32" - ], - "description": "Allow TLS traffic", + "description": "Allow HTTPS traffic", "from_port": 443, "ipv6_cidr_blocks": [], "prefix_list_ids": [], @@ -223,6 +199,19 @@ "self": false, "to_port": 0 }, + { + "cidr_blocks": [ + "39.115.183.236/32" + ], + "description": "Allow SSH traffic", + "from_port": 22, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 22 + }, { "cidr_blocks": [], "description": "nlb-securitygroup",