| provider "aws" { |
| region = "us-east-1" |
| } |
| |
| terraform { |
| backend "remote" { |
| hostname = "app.terraform.io" |
| organization = "trustedfirmware" |
| workspaces { |
| name = "prod" |
| } |
| } |
| } |
| |
| resource "aws_key_pair" "systems-bot-ssh" { |
| key_name = "systems-bot-ssh" |
| public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD4sTKtm4X8+GK9Rt1/p2hJAAMXGzLhFD28WtrObZApzZnzcHv9hn2vFPmVuffnqgajqxLaCPubHXUetnkXvwf9d22vyIoynjPStmtpCAGZH2muUChG62VxW9cX1N/lJioTdPu08cgfxNxlntUt4LRzA8cnv44ZEl4Zis4CcleNAY4Yve9nE4fSRxd+UioHYHwHY07gmTUI1qhjV3LHjpoEvFCn8YBjNieXyP4VYYBY1gyF0Z1YkWsdTpGuHg+uDoFdNfKnctq2bRuyTlKWJuNccLK3Fsz4iNI8M2ns0PuBJxQF2YXj1N9gIuPxTD4FNQKCuX+b2JDJTIBVzoLqv3at systems-bot-ssh" |
| } |
| |
| # Pre-existing imported security groups |
| # "Flexnet" security group |
| resource "aws_security_group" "flexnet-sg" { |
| name = "Flexnet" |
| description = "Flexnet access" |
| } |
| |
| resource "aws_security_group_rule" "flexnet-sg" { |
| cidr_blocks = [ |
| "172.31.32.0/20", |
| ] |
| description = "Fastmodels http" |
| from_port = 81 |
| ipv6_cidr_blocks = [] |
| prefix_list_ids = [] |
| protocol = "tcp" |
| security_group_id = "sg-010ac7a82860d6f10" |
| self = false |
| to_port = 81 |
| type = "ingress" |
| } |
| |
| resource "aws_security_group_rule" "flexnet-sg-1" { |
| cidr_blocks = [ |
| "172.31.32.0/20", |
| ] |
| description = "Flexnet upper range" |
| from_port = 1000 |
| ipv6_cidr_blocks = [] |
| prefix_list_ids = [] |
| protocol = "tcp" |
| security_group_id = "sg-010ac7a82860d6f10" |
| self = false |
| to_port = 64000 |
| type = "ingress" |
| } |
| |
| resource "aws_security_group_rule" "flexnet-sg-2" { |
| cidr_blocks = [ |
| "172.31.32.0/20", |
| ] |
| description = "Flexnet upper range UDP" |
| from_port = 1000 |
| ipv6_cidr_blocks = [] |
| prefix_list_ids = [] |
| protocol = "udp" |
| security_group_id = "sg-010ac7a82860d6f10" |
| self = false |
| to_port = 64000 |
| type = "ingress" |
| } |
| |
| resource "aws_security_group_rule" "flexnet-sg-3" { |
| cidr_blocks = [ |
| "0.0.0.0/0", |
| ] |
| from_port = 0 |
| ipv6_cidr_blocks = [] |
| prefix_list_ids = [] |
| protocol = "-1" |
| security_group_id = "sg-010ac7a82860d6f10" |
| self = false |
| to_port = 0 |
| type = "egress" |
| } |
| |
| # "ci" security group |
| resource "aws_security_group" "ci-sg" { |
| name = "ci" |
| description = "Jenkins" |
| } |
| |
| resource "aws_security_group_rule" "ci-sg" { |
| cidr_blocks = [ |
| "0.0.0.0/0", |
| ] |
| from_port = 80 |
| ipv6_cidr_blocks = [] |
| prefix_list_ids = [] |
| protocol = "tcp" |
| security_group_id = "sg-05f5a50eee7a51e40" |
| self = false |
| to_port = 80 |
| type = "ingress" |
| } |
| |
| resource "aws_security_group_rule" "ci-sg-1" { |
| cidr_blocks = [] |
| from_port = 80 |
| ipv6_cidr_blocks = [ |
| "::/0", |
| ] |
| prefix_list_ids = [] |
| protocol = "tcp" |
| security_group_id = "sg-05f5a50eee7a51e40" |
| self = false |
| to_port = 80 |
| type = "ingress" |
| } |
| |
| resource "aws_security_group_rule" "ci-sg-2" { |
| cidr_blocks = [ |
| "0.0.0.0/0", |
| ] |
| from_port = 8080 |
| ipv6_cidr_blocks = [] |
| prefix_list_ids = [] |
| protocol = "tcp" |
| security_group_id = "sg-05f5a50eee7a51e40" |
| self = false |
| to_port = 8080 |
| type = "ingress" |
| } |
| |
| resource "aws_security_group_rule" "ci-sg-3" { |
| cidr_blocks = [] |
| from_port = 8080 |
| ipv6_cidr_blocks = [ |
| "::/0", |
| ] |
| prefix_list_ids = [] |
| protocol = "tcp" |
| security_group_id = "sg-05f5a50eee7a51e40" |
| self = false |
| to_port = 8080 |
| type = "ingress" |
| } |
| |
| resource "aws_security_group_rule" "ci-sg-4" { |
| cidr_blocks = [ |
| "0.0.0.0/0", |
| ] |
| from_port = 22 |
| ipv6_cidr_blocks = [] |
| prefix_list_ids = [] |
| protocol = "tcp" |
| security_group_id = "sg-05f5a50eee7a51e40" |
| self = false |
| to_port = 22 |
| type = "ingress" |
| } |
| |
| resource "aws_security_group_rule" "ci-sg-5" { |
| cidr_blocks = [ |
| "0.0.0.0/0", |
| ] |
| from_port = 50000 |
| ipv6_cidr_blocks = [] |
| prefix_list_ids = [] |
| protocol = "tcp" |
| security_group_id = "sg-05f5a50eee7a51e40" |
| self = false |
| to_port = 50000 |
| type = "ingress" |
| } |
| |
| resource "aws_security_group_rule" "ci-sg-6" { |
| cidr_blocks = [] |
| from_port = 50000 |
| ipv6_cidr_blocks = [ |
| "::/0", |
| ] |
| prefix_list_ids = [] |
| protocol = "tcp" |
| security_group_id = "sg-05f5a50eee7a51e40" |
| self = false |
| to_port = 50000 |
| type = "ingress" |
| } |
| |
| resource "aws_security_group_rule" "ci-sg-7" { |
| cidr_blocks = [ |
| "0.0.0.0/0", |
| ] |
| from_port = 443 |
| ipv6_cidr_blocks = [] |
| prefix_list_ids = [] |
| protocol = "tcp" |
| security_group_id = "sg-05f5a50eee7a51e40" |
| self = false |
| to_port = 443 |
| type = "ingress" |
| } |
| |
| resource "aws_security_group_rule" "ci-sg-8" { |
| cidr_blocks = [] |
| from_port = 443 |
| ipv6_cidr_blocks = [ |
| "::/0", |
| ] |
| prefix_list_ids = [] |
| protocol = "tcp" |
| security_group_id = "sg-05f5a50eee7a51e40" |
| self = false |
| to_port = 443 |
| type = "ingress" |
| } |
| |
| resource "aws_security_group_rule" "ci-sg-9" { |
| cidr_blocks = [ |
| "0.0.0.0/0", |
| ] |
| from_port = 0 |
| ipv6_cidr_blocks = [] |
| prefix_list_ids = [] |
| protocol = "-1" |
| security_group_id = "sg-05f5a50eee7a51e40" |
| self = false |
| to_port = 0 |
| type = "egress" |
| } |
| |
| resource "aws_security_group_rule" "ci-sg-10" { |
| cidr_blocks = [ |
| "95.217.117.19/32", |
| "3.80.150.227/32", |
| ] |
| from_port = 9100 |
| ipv6_cidr_blocks = [] |
| prefix_list_ids = [] |
| protocol = "tcp" |
| security_group_id = "sg-05f5a50eee7a51e40" |
| self = false |
| to_port = 9100 |
| type = "ingress" |
| } |
| |
| |