Using AWS security groups with Terraform
Amazon's security groups are similar to traditional firewalls, with ingress (incoming traffic) and egress (outgoing traffic) rules applied to EC2 instances. Those rules can be updated on-demand. We'll create an initial security group allowing ingress Secure Shell (SSH) traffic only for our own IP address, while allowing all outgoing traffic.
Getting ready
To step through this recipe, you will need the following:
A working Terraform installation
An AWS provider configured in Terraform (refer to the previous recipe)
An Internet connection
How to do it…
The resource we're using is called aws_security_group. Here's the basic structure:
resource "aws_security_group" "base_security_group" {
name = "base_security_group"
description = "Base Security Group"
ingress { }
egress { }
}We know we want to allow inbound TCP/22 for SSH only for our own IP (replace 1.2.3.4/32 with yours!), and allow everything outbound. Here's how it looks:
ingress {
from_port...
