From 0ad60aba1cc13e74d1c12c47c67384bd8f2a22cc Mon Sep 17 00:00:00 2001
From: prashansa joshi <joshirashansa11.gmail.com>
Date: Sun, 22 Sep 2024 12:03:46 +0545
Subject: [PATCH] Outbound sg to 3306

---
 terraform/alb.tf |  2 +-
 terraform/sg.tf  | 24 ++++++++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/terraform/alb.tf b/terraform/alb.tf
index 8d23f3e..14aec50 100644
--- a/terraform/alb.tf
+++ b/terraform/alb.tf
@@ -29,7 +29,7 @@ module "alb" {
 
       health_check = {
         enabled             = true
-        path                = "/health"
+        path                = "/"
         protocol            = "HTTPS"        # Customize this based on your needs
         matcher             = "200-299"      # HTTP status codes that indicate a healthy response
         interval            = 30             # Time in seconds between health checks
diff --git a/terraform/sg.tf b/terraform/sg.tf
index ccc3a9c..0077a4e 100644
--- a/terraform/sg.tf
+++ b/terraform/sg.tf
@@ -53,6 +53,7 @@ resource "aws_security_group" "database" {
     cidr_blocks = ["0.0.0.0/0"]
     # cidr_blocks = local.vpc.vpc_cidr
     # security_groups = [aws_security_group.backend_asg.id]
+    security_groups = [aws_security_group.eb_instances.id] # Restrict access to EB instances only
   }
 
   egress {
@@ -63,3 +64,26 @@ resource "aws_security_group" "database" {
   }
   tags = module.naming.resources.rds.tags
 }
+
+
+
+#################################################
+# EC2
+#################################################
+resource "aws_security_group" "eb_instances" {
+  name        = "eb-instances-sg"
+  description = "Security group for Elastic Beanstalk instances"
+  vpc_id      = data.aws_vpc.adex_poc_default_vpc.id
+
+  # Allow outbound MySQL traffic to the RDS security group
+  egress {
+    from_port       = 3306
+    to_port         = 3306
+    protocol        = "tcp"
+    security_groups = [aws_security_group.database.id]
+  }
+
+  tags = {
+    Name = "EB Instances SG"
+  }
+}