fix: allow control plane ingress to webhook

2024-12-14 11:57:59 +00:00 · 2022-04-11 19:38:03 +02:00 · 2022-04-11 19:38:03 +02:00 · ac1c696fdb
commit ac1c696fdb
parent db48b12d08
1 changed files with 18 additions and 0 deletions
--- a/terraform/aws/modules/cluster/main.tf
+++ b/terraform/aws/modules/cluster/main.tf
@ -112,6 +112,24 @@ resource "aws_security_group" "additional" {
    ]
  }

+  # allow control-plane to access webhook
+  ingress {
+    from_port        = 9443
+    to_port          = 9443
+    protocol         = "tcp"
+    cidr_blocks      = ["0.0.0.0/0"]
+    ipv6_cidr_blocks = ["::/0"]
+  }
+
+  ingress {
+    from_port        = 443
+    to_port          = 443
+    protocol         = "tcp"
+    cidr_blocks      = ["0.0.0.0/0"]
+    ipv6_cidr_blocks = ["::/0"]
+  }
+
+
  # 443, 53, 123 is already allowed
  egress {
    from_port        = 80