Outbound sg to 3306

prashansa joshi · prashansa joshi · commit 0ad60aba1cc1 · 2024-09-22T12:03:46.000+05:45
diff --git a/terraform/alb.tf b/terraform/alb.tf
@@ -29,7 +29,7 @@ module "alb" {
 
       health_check = {
         enabled             = true
-        path                = "/health"
+        path                = "/"
         protocol            = "HTTPS"        # Customize this based on your needs
         matcher             = "200-299"      # HTTP status codes that indicate a healthy response
         interval            = 30             # Time in seconds between health checks
diff --git a/terraform/sg.tf b/terraform/sg.tf
@@ -53,6 +53,7 @@ resource "aws_security_group" "database" {
     cidr_blocks = ["0.0.0.0/0"]
     # cidr_blocks = local.vpc.vpc_cidr
     # security_groups = [aws_security_group.backend_asg.id]
+    security_groups = [aws_security_group.eb_instances.id] # Restrict access to EB instances only
   }
 
   egress {
@@ -63,3 +64,26 @@ resource "aws_security_group" "database" {
   }
   tags = module.naming.resources.rds.tags
 }
+
+
+
+#################################################
+# EC2
+#################################################
+resource "aws_security_group" "eb_instances" {
+  name        = "eb-instances-sg"
+  description = "Security group for Elastic Beanstalk instances"
+  vpc_id      = data.aws_vpc.adex_poc_default_vpc.id
+
+  # Allow outbound MySQL traffic to the RDS security group
+  egress {
+    from_port       = 3306
+    to_port         = 3306
+    protocol        = "tcp"
+    security_groups = [aws_security_group.database.id]
+  }
+
+  tags = {
+    Name = "EB Instances SG"
+  }
+}
