From 0e6d0fe57ee62e8fbc448a9cdb9241b762c0ac3c Mon Sep 17 00:00:00 2001
From: "Matthew C. Morgan" <matthew.c.morgan@census.gov>
Date: Thu, 20 Mar 2025 19:42:37 -0400
Subject: [PATCH] update sg naming

---
 security_groups.tf | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/security_groups.tf b/security_groups.tf
index 6683944..f19e47a 100644
--- a/security_groups.tf
+++ b/security_groups.tf
@@ -50,15 +50,11 @@ resource "aws_security_group" "additional_eks_cluster_sg" {
       aws_security_group.all_worker_mgmt.id,
     ]
   }
-  # this grants in-VPC access to the K8S api
-  # updated to get all census private cidrs to get on-prem, as we are now       sending the interface traffic over
-  # a private IP only (disabling public access). This is to reach a cluster     api from another account and VPC
-  # so we open all the cloud accounts too
+
   ingress {
-    from_port = 443
-    to_port   = 443
-    protocol  = "tcp"
-    #    cidr_blocks = [ var.vpc_cidr_block ]
+    from_port   = 443
+    to_port     = 443
+    protocol    = "tcp"
     cidr_blocks = concat(var.census_private_cidr, ["10.0.0.0/8"])
   }