resource "aws_security_group" "prod-dmz-sg-datasaker" { description = "Security group dmz-datasaker" name = "prod-dmz-sg-datasaker" tags = { "Name" = "prod-dmz-sg-datasaker" } vpc_id = aws_vpc.vpc-prod-datasaker.id } resource "aws_security_group_rule" "pub-only-exem" { cidr_blocks = ["115.178.73.2/32","115.178.73.91/32"] from_port = 22 protocol = "tcp" security_group_id = aws_security_group.prod-dmz-sg-datasaker.id to_port = 22 type = "ingress" } resource "aws_security_group_rule" "pub-out-any" { cidr_blocks = ["0.0.0.0/0"] from_port = 0 protocol = "tcp" security_group_id = aws_security_group.prod-dmz-sg-datasaker.id to_port = 65535 type = "egress" } ################################################################################ resource "aws_security_group" "prod-priv-sg-datasaker" { description = "Security group prod-datasaker" name = "prod-priv-sg-datasaker" tags = { "Name" = "prod-priv-sg-datasaker" } vpc_id = aws_vpc.vpc-prod-datasaker.id } resource "aws_security_group_rule" "priv-in-any" { cidr_blocks = ["0.0.0.0/0"] from_port = 22 protocol = "tcp" security_group_id = aws_security_group.prod-priv-sg-datasaker.id to_port = 22 type = "ingress" } resource "aws_security_group_rule" "priv-in-icmp" { cidr_blocks = ["0.0.0.0/0"] from_port = 8 protocol = "icmp" security_group_id = aws_security_group.prod-priv-sg-datasaker.id to_port = 8 type = "ingress" } resource "aws_security_group_rule" "priv-out-icmp" { cidr_blocks = ["0.0.0.0/0"] from_port = 8 protocol = "icmp" security_group_id = aws_security_group.prod-priv-sg-datasaker.id to_port = 8 type = "egress" } resource "aws_security_group_rule" "priv-out-any" { cidr_blocks = ["0.0.0.0/0"] from_port = 0 protocol = "tcp" security_group_id = aws_security_group.prod-priv-sg-datasaker.id to_port = 65535 type = "egress" }