Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Infrastructure as Code Cookbook

You're reading from   Infrastructure as Code Cookbook Automate complex infrastructures

Arrow left icon
Product type Paperback
Published in Feb 2017
Publisher Packt
ISBN-13 9781786464910
Length 440 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Pierre Pomès Pierre Pomès
Author Profile Icon Pierre Pomès
Pierre Pomès
Stephane Jourdan Stephane Jourdan
Author Profile Icon Stephane Jourdan
Stephane Jourdan
Arrow right icon
View More author details
Toc

Table of Contents (12) Chapters Close

Preface 1. Vagrant Development Environments FREE CHAPTER 2. Provisioning IaaS with Terraform 3. Going Further with Terraform 4. Automating Complete Infrastructures with Terraform 5. Provisioning the Last Mile with Cloud-Init 6. Fundamentals of Managing Servers with Chef and Puppet 7. Testing and Writing Better Infrastructure Code with Chef and Puppet 8. Maintaining Systems Using Chef and Puppet 9. Working with Docker 10. Maintaining Docker Containers Index

Using AWS security groups with Terraform

Amazon's security groups are similar to traditional firewalls, with ingress (incoming traffic) and egress (outgoing traffic) rules applied to EC2 instances. Those rules can be updated on-demand. We'll create an initial security group allowing ingress Secure Shell (SSH) traffic only for our own IP address, while allowing all outgoing traffic.

Getting ready

To step through this recipe, you will need the following:

  • A working Terraform installation
  • An AWS provider configured in Terraform (refer to the previous recipe)
  • An Internet connection

How to do it…

The resource we're using is called aws_security_group. Here's the basic structure:

resource "aws_security_group" "base_security_group" {
  name        = "base_security_group"
  description = "Base Security Group"

  ingress { }

  egress { }

}

We know we want to allow inbound TCP/22 for SSH only for our own IP (replace 1.2.3.4/32 with yours!...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image