professional-service-best-practices/landingzone
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add security rule for ssh and change project for object storage

Browse source
This commit is contained in:
Michael_Sodan 2025-06-02 13:42:51 +00:00
parent e4472fb205
commit ebd27b6700
4 changed files with 23 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
01-network.tf
View file

@ -95,10 +95,10 @@ resource "stackit_network" "p3_lan_network1" {
resource "stackit_network_interface" "p3_lan1" { resource "stackit_network_interface" "p3_lan1" {
project_id = module.project.project_info["project3"].project_id project_id = module.project.project_info["project3"].project_id
network_id = stackit_network.p2_lan_network1.network_id network_id = stackit_network.p3_lan_network1.network_id
security = true security = false
name = "P3LAN1" name = "P3LAN1"
security_group_ids = [ stackit_security_group.example.security_group_id ] //security_group_ids = [ stackit_security_group.example.security_group_id ]
} }
/* resource "stackit_network" "p2_wan_network1" { /* resource "stackit_network" "p2_wan_network1" {

2
05-server.tf
View file

@ -47,7 +47,7 @@ resource "stackit_server" "dev_server_p3" {
name = "server2" name = "server2"
boot_volume = { boot_volume = {
source_type = "volume" source_type = "volume"
source_id = stackit_volume.example_vol.volume_id source_id = stackit_volume.example_vol_p3.volume_id
} }
availability_zone = var.region_az1 availability_zone = var.region_az1
machine_type = var.flavor machine_type = var.flavor

16
06-security-group.tf
View file

@ -33,3 +33,19 @@ resource "stackit_security_group_rule" "icmp_egress" {
} }
} }
resource "stackit_security_group_rule" "ssh_ingress" {
security_group_id = stackit_security_group.example.security_group_id
project_id = module.project.project_info["project2"].project_id
direction = "ingress"
protocol = {
name = "tcp"
}
port_range = {
max = 22
min = 22
}
}

6
07-object-storage.tf
View file

@ -1,16 +1,16 @@
resource "stackit_objectstorage_bucket" "example" { resource "stackit_objectstorage_bucket" "example" {
project_id = module.project.project_info["project2"].project_id project_id = module.project.project_info["project3"].project_id
name = "project-core-testbucket444" name = "project-core-testbucket444"
} }
resource "stackit_objectstorage_credentials_group" "example" { resource "stackit_objectstorage_credentials_group" "example" {
project_id = module.project.project_info["project2"].project_id project_id = module.project.project_info["project3"].project_id
name = "example-credentials-group" name = "example-credentials-group"
depends_on = [ stackit_objectstorage_bucket.example ] depends_on = [ stackit_objectstorage_bucket.example ]
} }
resource "stackit_objectstorage_credential" "example" { resource "stackit_objectstorage_credential" "example" {
project_id = module.project.project_info["project2"].project_id project_id = module.project.project_info["project3"].project_id
credentials_group_id = stackit_objectstorage_credentials_group.example.credentials_group_id credentials_group_id = stackit_objectstorage_credentials_group.example.credentials_group_id
expiration_timestamp = "2027-01-02T03:04:05Z" expiration_timestamp = "2027-01-02T03:04:05Z"
depends_on = [ stackit_objectstorage_credentials_group.example ] depends_on = [ stackit_objectstorage_credentials_group.example ]