From fd60f4014da1952677da9d1065e69c72cb9cee84 Mon Sep 17 00:00:00 2001 From: Dave Arnold Date: Fri, 7 Jun 2024 12:51:13 -0400 Subject: [PATCH] it works --- .terraform.lock.hcl | 50 ++++++++++++++++++++++----------------------- main.tf | 24 +++++++++++++++++++--- 2 files changed, 46 insertions(+), 28 deletions(-) diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl index dfec258..861ced8 100644 --- a/.terraform.lock.hcl +++ b/.terraform.lock.hcl @@ -1,25 +1,25 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "5.51.1" - constraints = ">= 4.20.1" - hashes = [ - "h1:ESfxP2tCO6IZldSQnepXmIm+x+VtaQt/bKgGjYE+0BY=", - "zh:03d524b70ab300d90dc4dccad0c28b18d797b8986722b7a93e40a41500450eaa", - "zh:04dbcb7ab52181a784877c409f6c882df34bda686d8c884d511ebd4abf493f0c", - "zh:2b068f7838e0f3677829258df05d8b9d73fe6434a1a809f8710956cc1c01ea03", - "zh:41a4b1e4adbf7c90015ebff17a719fc08133b8a2c4dcefd2fa281552126e59a8", - "zh:48b1adf57f695a72c88c598f99912171ef7067638fd63fb0c6ad3fa397b3f7c3", - "zh:5c2fb26ecb83adac90d06dcf5f97edbc944824c2821816b1653e1a2b9d37b3c4", - "zh:93df05f53702df829d9b9335e559ad8b313808dbd2fad8b2ff14f176732e693d", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:b5da39898602e44551b56e2803a42d92ea7115e35b1792efbf6649da37ef597b", - "zh:b7ab7f743f864ed8d479a7cb04fd3ce00c376f867ee5b53c4c1acaef6e286c54", - "zh:e7e7b2d8ee486415481a25ac7bdded20bd2897d5dd0790741798f31935b9528d", - "zh:e8008e3f5ef560fd9004d1ed1738f0f53e99b0ce961d967e95fc7c02e5954e4e", - "zh:f1296f648b8608ffa930b52519b00ed01eebedde9fdaf94205b365536e6c3916", - "zh:f8539960fd978a54990740ee984c6f7f743c9c32c7734e2601e92abfe54367e9", - "zh:fd182e6e20bb52982752a5d8c4b16887565f413a9d50d9d394d2c06eea8a195e", - ] -} +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.52.0" + constraints = ">= 4.20.1" + hashes = [ + "h1:Z+mvggOAJJdEwf2p2fxT6WUW0Pch8Ky+LhsZa1TdqFg=", + "zh:22c4599d47cd59e5519c52afc528fa2aec43b4434f369870ee2806daa071449d", + "zh:3c2edc482662a654f84db4cd3f2cdd8f200147207d053d2e95082744b7814e6d", + "zh:57edc36f908c64de37e92a978f3d675604315a725268da936fcd1e270199db47", + "zh:79e7afd5fb161f2eb2b7f8e7fd5cbb7f56a2c64f141b56f511ec69337ad3e96b", + "zh:82c6ae9a7f971b6ee8c476b6eb7f1be9d24ddd183cbf025f52628084ddb3a5ae", + "zh:92faecc0a8f573f57f37d24415862380a40341eb13d66beb738dd0873899a58e", + "zh:963d3c0e1aa22c872cd96f04ceb41c388137b972f714efbde989221bf7f6f723", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:af6d3bb94aa8a84d740e3731d2379cc5e12aa48d5db0f7489c4639f3814a22d7", + "zh:b9f7aceeaf5daf71394eab9bf0f9f56fdc762cac90e4d62e63aa3fcdf6c1c127", + "zh:c3dcfc2569edae4f36b798c76da7f7633e7bf322505d447d7c370a56c2a30dd2", + "zh:c8abb21c5ceba857f0eaff9e531d781dc655f8cdfae1cf056066daae72546a7f", + "zh:d92004a6a2a770d2542fd9c01b685418ab8d7ab422cf2cdce35dde789bc8593c", + "zh:dc794660b1d6d8f26a917e0ffab1875aa75144736875efaa60f29c72bf02afbf", + "zh:df931c4905e35ae43d558f6cda15f05710a7a24ecbb94533f8822e7572126512", + ] +} diff --git a/main.tf b/main.tf index cd02820..008a9ef 100644 --- a/main.tf +++ b/main.tf @@ -15,6 +15,23 @@ data "aws_iam_policy_document" "s3_access" { } +resource "aws_security_group" "allow_amznlinux_cdn" { + name = "allow_amznlinux_cdn" + description = "Allow TLS inbound traffic and all outbound traffic" + vpc_id = local.vpc_id + + tags = { + Name = "allow_amznlinux_cdn" + } +} + +resource "aws_vpc_security_group_egress_rule" "allow_all_traffic_ipv4" { + security_group_id = aws_security_group.allow_amznlinux_cdn.id + cidr_ipv4 = "0.0.0.0/0" + ip_protocol = "-1" # semantically equivalent to all ports +} + + locals { vpc_id = "vpc-00576a396ec570b94" } @@ -29,13 +46,13 @@ data "aws_region" "current" {} module "main" { source = "HappyPathway/image-pipeline/aws" - project_name = "image-pipeline-demo" + project_name = "image-pipeline-demo2" environment = "dev" source_repo_name = "image-pipeline-hello-world" source_repo_branch = "main" + builder_image = "aws/codebuild/standard:7.0" create_new_repo = true create_new_role = true - builder_image = "aws/codebuild/amazonlinux2-x86_64-standard:5.0" build_permissions_iam_doc = data.aws_iam_policy_document.s3_access build_environment_variables = [ for proxy_var in keys(local.proxy_env_vars) : @@ -50,9 +67,10 @@ module "main" { vpc_id = local.vpc_id security_group_ids = [ "sg-0d828d223df9834a6", + aws_security_group.allow_amznlinux_cdn.id ] subnets = [ - "subnet-062189d742937204e" + "subnet-0b1992a84536c581b" ] } }