it works

CSVD · Jun 7, 2024 · fd60f40 · fd60f40
1 parent d09a689
commit fd60f40
Show file tree

Hide file tree

Showing 2 changed files with 46 additions and 28 deletions.
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
diff --git a/main.tf b/main.tf
@@ -15,6 +15,23 @@ data "aws_iam_policy_document" "s3_access" {
 }
 
 
+resource "aws_security_group" "allow_amznlinux_cdn" {
+  name        = "allow_amznlinux_cdn"
+  description = "Allow TLS inbound traffic and all outbound traffic"
+  vpc_id      = local.vpc_id
+
+  tags = {
+    Name = "allow_amznlinux_cdn"
+  }
+}
+
+resource "aws_vpc_security_group_egress_rule" "allow_all_traffic_ipv4" {
+  security_group_id = aws_security_group.allow_amznlinux_cdn.id
+  cidr_ipv4         = "0.0.0.0/0"
+  ip_protocol       = "-1" # semantically equivalent to all ports
+}
+
+
 locals {
   vpc_id = "vpc-00576a396ec570b94"
 }
@@ -29,13 +46,13 @@ data "aws_region" "current" {}
 
 module "main" {
   source                      = "HappyPathway/image-pipeline/aws"
-  project_name                = "image-pipeline-demo"
+  project_name                = "image-pipeline-demo2"
   environment                 = "dev"
   source_repo_name            = "image-pipeline-hello-world"
   source_repo_branch          = "main"
+  builder_image               = "aws/codebuild/standard:7.0"
   create_new_repo             = true
   create_new_role             = true
-  builder_image               = "aws/codebuild/amazonlinux2-x86_64-standard:5.0"
   build_permissions_iam_doc   = data.aws_iam_policy_document.s3_access
   build_environment_variables = [ 
    for proxy_var in keys(local.proxy_env_vars) :
@@ -50,9 +67,10 @@ module "main" {
     vpc_id = local.vpc_id
     security_group_ids = [
       "sg-0d828d223df9834a6",
+      aws_security_group.allow_amznlinux_cdn.id
     ]
     subnets = [
-      "subnet-062189d742937204e"
+      "subnet-0b1992a84536c581b"
     ]
   }   
 }