vshn-lbaas-exoscale: Update LB security group to allow SSH to the LBs from anywhere #51
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
simu
changed the title
simu
added a commit
to appuio/terraform-openshift4-exoscale
that referenced
this pull request
Feb 15, 2024
We remove the SSH access from anywhere for the cluster VMs by updating the `all_machines` security group to only allow SSH from other machines in the `all_machines` security group. This PR requires appuio/terraform-modules#51 in order to ensure that the LBs remain accessible from anywhere via SSH and can act as SSH jumphosts for SSH access to the cluster VMs.
3 tasks
simu
force-pushed
the
feat/vshn-lbaas-exoscale/allow-ssh-from-anywhere
branch
from
efdd61d
to
b14ba17
Compare
… from anywhere We add explicit rules for SSH to the LBs in the LB security group as preparation for removing the SSH from anywhere rule from the `all_machines` security group in terraform-openshift4-exoscale.
simu
force-pushed
the
feat/vshn-lbaas-exoscale/allow-ssh-from-anywhere
branch
from
b14ba17
to
08d4437
Compare
DebakelOrakel
approved these changes
Feb 15, 2024
simu
added a commit
to appuio/terraform-openshift4-exoscale
that referenced
this pull request
Feb 15, 2024
We remove the SSH access from anywhere for the cluster VMs by updating the `all_machines` security group to only allow SSH from other machines in the `all_machines` security group. This PR requires appuio/terraform-modules#51 in order to ensure that the LBs remain accessible from anywhere via SSH and can act as SSH jumphosts for SSH access to the cluster VMs.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
We add explicit rules for SSH to the LBs in the LB security group as preparation for removing the SSH from anywhere rule from the
all_machinessecurity group in terraform-openshift4-exoscale.See also appuio/terraform-openshift4-exoscale#78
Checklist
bug,enhancement,documentation,change,breaking,dependencyas they show up in the changelog