fix: disable sg description changes (#624)

liatrio · Sep 1, 2022 · 73f4090 · 73f4090
1 parent 9527e30
commit 73f4090
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 21 deletions.
diff --git a/modules/environment/aws/code-services/main.tf b/modules/environment/aws/code-services/main.tf
@@ -362,9 +362,9 @@ resource "aws_iam_role_policy_attachment" "event_mapper_role_policy_attachment"
 
 #tfsec:ignore:aws-vpc-no-public-egress-sgr
 resource "aws_security_group" "codebuild_security_group" {
- name  = "codebuild-egress"
- vpc_id  = data.aws_vpc.lead_vpc.id
- description = "Allow outbound traffic"
+ name = "codebuild-egress"
+ vpc_id = data.aws_vpc.lead_vpc.id
+ # description = "Allow outbound traffic"
 
  egress {
  description = "Allow outbound traffic"

diff --git a/modules/environment/aws/eks/main.tf b/modules/environment/aws/eks/main.tf
@@ -92,21 +92,21 @@ resource "aws_kms_key" "eks_encryption_kms" {
 resource "aws_security_group" "worker" {
  name_prefix = "${var.cluster}-worker"
  vpc_id = data.aws_vpc.lead_vpc.id
- description = "worker based security groups"
+ # description = "worker based security groups"
 
  ingress {
- description = "Allow SSH access"
- from_port  = 22
- to_port  = 22
- protocol  = "tcp"
+ # description = "Allow SSH access"
+ from_port = 22
+ to_port = 22
+ protocol = "tcp"
 
  cidr_blocks = concat([data.aws_vpc.lead_vpc.cidr_block], var.enable_ssh_access ? [var.internal_vpn_subnet] : [])
  }
  ingress {
- description = "Allow HTTPS access"
- from_port  = 443
- to_port  = 443
- protocol  = "tcp"
+ # description = "Allow HTTPS access"
+ from_port = 443
+ to_port = 443
+ protocol = "tcp"
 
  security_groups = [aws_security_group.elb.id]
  }
@@ -115,7 +115,7 @@ resource "aws_security_group" "worker" {
 resource "aws_security_group" "elb" {
  name_prefix = "${var.cluster}-ingress-elb"
  vpc_id = data.aws_vpc.lead_vpc.id
- description = "Allow HTTPS access"
+ # description = "Allow HTTPS access"
 
  tags = {
  Name = "${var.cluster}-ingress-elb"
@@ -124,21 +124,21 @@ resource "aws_security_group" "elb" {
  }
 
  ingress {
- description = "Allow HTTP access"
- from_port  = 80
- to_port  = 80
- protocol  = "tcp"
+ # description = "Allow HTTP access"
+ from_port = 80
+ to_port = 80
+ protocol = "tcp"
 
  cidr_blocks = [
  "0.0.0.0/0",
  ]
  }
 
  ingress {
- description = "Allow HTTPS access"
- from_port  = 443
- to_port  = 443
- protocol  = "tcp"
+ # description = "Allow HTTPS access"
+ from_port = 443
+ to_port = 443
+ protocol = "tcp"
 
  cidr_blocks = [
  "0.0.0.0/0",