update securitygroup to allow inbound 443 to vpc

terraform-modules · Apr 26, 2022 · 1147fd2 · 1147fd2
1 parent 5a10c43
commit 1147fd2
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/examples/full-cluster/securitygroup.tf b/examples/full-cluster/securitygroup.tf
@@ -21,6 +21,13 @@ resource "aws_security_group" "additional_eks_cluster_sg" {
       ##      aws_security_group.cni_custom_sg.id
     ]
   }
+  # this grants in-VPC access to the K8S api
+  ingress {
+    from_port   = 443
+    to_port     = 443
+    protocol    = "tcp"
+    cidr_blocks = [var.vpc_cidr_block]
+  }
 
   egress {
     from_port   = 0