TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / ci / terraform / refs/heads/master / . / main.tf
blob: 4471b52dc22b755cd6a282008d2940d60c51da5b [file] [log] [blame]
Kelley Spoon500a7e92020-07-14 04:11:20 -0500[diff] [blame]1provider "aws" {
2 region = "us-east-1"
3}
4
5terraform {
6 backend "remote" {
7 hostname = "app.terraform.io"
8 organization = "trustedfirmware"
9 workspaces {
10 name = "prod"
11 }
12 }
13}
14
Kelley Spoon688f1cd2020-07-14 05:53:32 -0500[diff] [blame]15resource "aws_key_pair" "systems-bot-ssh" {
16 key_name = "systems-bot-ssh"
17 public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD4sTKtm4X8+GK9Rt1/p2hJAAMXGzLhFD28WtrObZApzZnzcHv9hn2vFPmVuffnqgajqxLaCPubHXUetnkXvwf9d22vyIoynjPStmtpCAGZH2muUChG62VxW9cX1N/lJioTdPu08cgfxNxlntUt4LRzA8cnv44ZEl4Zis4CcleNAY4Yve9nE4fSRxd+UioHYHwHY07gmTUI1qhjV3LHjpoEvFCn8YBjNieXyP4VYYBY1gyF0Z1YkWsdTpGuHg+uDoFdNfKnctq2bRuyTlKWJuNccLK3Fsz4iNI8M2ns0PuBJxQF2YXj1N9gIuPxTD4FNQKCuX+b2JDJTIBVzoLqv3at systems-bot-ssh"
18}
19
Kelley Spoon500a7e92020-07-14 04:11:20 -0500[diff] [blame]20# Pre-existing imported security groups
21# "Flexnet" security group
22resource "aws_security_group" "flexnet-sg" {
23 name = "Flexnet"
24 description = "Flexnet access"
25}
26
27resource "aws_security_group_rule" "flexnet-sg" {
28 cidr_blocks = [
29 "172.31.32.0/20",
30 ]
31 description = "Fastmodels http"
32 from_port = 81
33 ipv6_cidr_blocks = []
34 prefix_list_ids = []
35 protocol = "tcp"
36 security_group_id = "sg-010ac7a82860d6f10"
37 self = false
38 to_port = 81
39 type = "ingress"
40}
41
42resource "aws_security_group_rule" "flexnet-sg-1" {
43 cidr_blocks = [
44 "172.31.32.0/20",
45 ]
46 description = "Flexnet upper range"
47 from_port = 1000
48 ipv6_cidr_blocks = []
49 prefix_list_ids = []
50 protocol = "tcp"
51 security_group_id = "sg-010ac7a82860d6f10"
52 self = false
53 to_port = 64000
54 type = "ingress"
55}
56
57resource "aws_security_group_rule" "flexnet-sg-2" {
58 cidr_blocks = [
59 "172.31.32.0/20",
60 ]
61 description = "Flexnet upper range UDP"
62 from_port = 1000
63 ipv6_cidr_blocks = []
64 prefix_list_ids = []
65 protocol = "udp"
66 security_group_id = "sg-010ac7a82860d6f10"
67 self = false
68 to_port = 64000
69 type = "ingress"
70}
71
72resource "aws_security_group_rule" "flexnet-sg-3" {
73 cidr_blocks = [
74 "0.0.0.0/0",
75 ]
76 from_port = 0
77 ipv6_cidr_blocks = []
78 prefix_list_ids = []
79 protocol = "-1"
80 security_group_id = "sg-010ac7a82860d6f10"
81 self = false
82 to_port = 0
83 type = "egress"
84}
85
86# "ci" security group
87resource "aws_security_group" "ci-sg" {
88 name = "ci"
89 description = "Jenkins"
90}
91
92resource "aws_security_group_rule" "ci-sg" {
93 cidr_blocks = [
94 "0.0.0.0/0",
95 ]
96 from_port = 80
97 ipv6_cidr_blocks = []
98 prefix_list_ids = []
99 protocol = "tcp"
100 security_group_id = "sg-05f5a50eee7a51e40"
101 self = false
102 to_port = 80
103 type = "ingress"
104}
105
106resource "aws_security_group_rule" "ci-sg-1" {
107 cidr_blocks = []
108 from_port = 80
109 ipv6_cidr_blocks = [
110 "::/0",
111 ]
112 prefix_list_ids = []
113 protocol = "tcp"
114 security_group_id = "sg-05f5a50eee7a51e40"
115 self = false
116 to_port = 80
117 type = "ingress"
118}
119
120resource "aws_security_group_rule" "ci-sg-2" {
121 cidr_blocks = [
122 "0.0.0.0/0",
123 ]
124 from_port = 8080
125 ipv6_cidr_blocks = []
126 prefix_list_ids = []
127 protocol = "tcp"
128 security_group_id = "sg-05f5a50eee7a51e40"
129 self = false
130 to_port = 8080
131 type = "ingress"
132}
133
134resource "aws_security_group_rule" "ci-sg-3" {
135 cidr_blocks = []
136 from_port = 8080
137 ipv6_cidr_blocks = [
138 "::/0",
139 ]
140 prefix_list_ids = []
141 protocol = "tcp"
142 security_group_id = "sg-05f5a50eee7a51e40"
143 self = false
144 to_port = 8080
145 type = "ingress"
146}
147
148resource "aws_security_group_rule" "ci-sg-4" {
149 cidr_blocks = [
150 "0.0.0.0/0",
151 ]
152 from_port = 22
153 ipv6_cidr_blocks = []
154 prefix_list_ids = []
155 protocol = "tcp"
156 security_group_id = "sg-05f5a50eee7a51e40"
157 self = false
158 to_port = 22
159 type = "ingress"
160}
161
162resource "aws_security_group_rule" "ci-sg-5" {
163 cidr_blocks = [
164 "0.0.0.0/0",
165 ]
166 from_port = 50000
167 ipv6_cidr_blocks = []
168 prefix_list_ids = []
169 protocol = "tcp"
170 security_group_id = "sg-05f5a50eee7a51e40"
171 self = false
172 to_port = 50000
173 type = "ingress"
174}
175
176resource "aws_security_group_rule" "ci-sg-6" {
177 cidr_blocks = []
178 from_port = 50000
179 ipv6_cidr_blocks = [
180 "::/0",
181 ]
182 prefix_list_ids = []
183 protocol = "tcp"
184 security_group_id = "sg-05f5a50eee7a51e40"
185 self = false
186 to_port = 50000
187 type = "ingress"
188}
189
190resource "aws_security_group_rule" "ci-sg-7" {
191 cidr_blocks = [
192 "0.0.0.0/0",
193 ]
194 from_port = 443
195 ipv6_cidr_blocks = []
196 prefix_list_ids = []
197 protocol = "tcp"
198 security_group_id = "sg-05f5a50eee7a51e40"
199 self = false
200 to_port = 443
201 type = "ingress"
202}
203
204resource "aws_security_group_rule" "ci-sg-8" {
205 cidr_blocks = []
206 from_port = 443
207 ipv6_cidr_blocks = [
208 "::/0",
209 ]
210 prefix_list_ids = []
211 protocol = "tcp"
212 security_group_id = "sg-05f5a50eee7a51e40"
213 self = false
214 to_port = 443
215 type = "ingress"
216}
217
218resource "aws_security_group_rule" "ci-sg-9" {
219 cidr_blocks = [
220 "0.0.0.0/0",
221 ]
222 from_port = 0
223 ipv6_cidr_blocks = []
224 prefix_list_ids = []
225 protocol = "-1"
226 security_group_id = "sg-05f5a50eee7a51e40"
227 self = false
228 to_port = 0
229 type = "egress"
230}
Kelley Spoon7face092022-05-04 19:37:48 -0500[diff] [blame]231
232resource "aws_security_group_rule" "ci-sg-10" {
233 cidr_blocks = [
234 "95.217.117.19/32",
235 "3.80.150.227/32",
236 ]
237 from_port = 9100
238 ipv6_cidr_blocks = []
239 prefix_list_ids = []
240 protocol = "tcp"
241 security_group_id = "sg-05f5a50eee7a51e40"
242 self = false
243 to_port = 9100
244 type = "ingress"
245}
246
247