resource "aws_security_group" "dsk-agent-allow-security" {
  name        = "dsk-agent-allow-security"
  description = "Allow inbound traffic"
  vpc_id      = var.VPC_ID
  
  ingress {
    description      = "Allow SSH traffic"
    from_port        = 2222
    to_port          = 2222
    protocol         = "tcp"
    cidr_blocks      = ["39.115.183.236/32"]
  }

  ingress {
    description      = "Allow HTTPS traffic"
    from_port        = 443
    to_port          = 443
    protocol         = "tcp"
    cidr_blocks      = ["39.115.183.236/32"]
  }

  ingress {
    description      = "Allow HTTP traffic"
    from_port        = 80
    to_port          = 80
    protocol         = "tcp"
    cidr_blocks      = ["39.115.183.236/32"]
  }

  egress {
    from_port        = 0
    to_port          = 0
    protocol         = "-1"
    cidr_blocks      = ["0.0.0.0/0"]
    ipv6_cidr_blocks = ["::/0"]
  }

  tags = {
    Name = "dsk-agent-allow-security"
  }
}