diff options
| -rw-r--r-- | astroshop-terraform/backend.tf | 17 | ||||
| -rw-r--r-- | astroshop-terraform/modules/vpc/README.md | 4 | ||||
| -rw-r--r-- | astroshop-terraform/modules/vpc/main.tf | 3 |
3 files changed, 18 insertions, 6 deletions
diff --git a/astroshop-terraform/backend.tf b/astroshop-terraform/backend.tf index 88e6e36..d962b6b 100644 --- a/astroshop-terraform/backend.tf +++ b/astroshop-terraform/backend.tf @@ -19,9 +19,20 @@ resource "aws_s3_bucket_versioning" "terraform_state" { resource "aws_s3_bucket_server_side_encryption_configuration" "terraform_state" { bucket = aws_s3_bucket.terraform_state.id - rule { - apply_server_side_encryption_by_default { - sse_algorithm = "AES256" + server_side_encryption_configuration { + rule { + apply_server_side_encryption_by_default { + sse_algorithm = "AES256" + } } } +} + +resource "aws_s3_bucket_public_access_block" "terraform_state" { + bucket = aws_s3_bucket.terraform_state.id + + block_public_acls = true + block_public_policy = true + ignore_public_acls = true + restrict_public_buckets = true }
\ No newline at end of file diff --git a/astroshop-terraform/modules/vpc/README.md b/astroshop-terraform/modules/vpc/README.md index bac9af0..7c30b17 100644 --- a/astroshop-terraform/modules/vpc/README.md +++ b/astroshop-terraform/modules/vpc/README.md @@ -207,8 +207,8 @@ Private Subnets (3): ``` ┌────────────────────────────────────────────────────────────┐ -│ INTERNET │ -└───────────────────────┬──────────────────────────────────────┘ +│ INTERNET │ +└───────────────────────┬────────────────────────────────────┘ │ IGW (Internet Gateway) │ diff --git a/astroshop-terraform/modules/vpc/main.tf b/astroshop-terraform/modules/vpc/main.tf index 3694588..5e11a2c 100644 --- a/astroshop-terraform/modules/vpc/main.tf +++ b/astroshop-terraform/modules/vpc/main.tf @@ -4,7 +4,8 @@ resource "aws_vpc" "main" { enable_dns_hostnames = true tags = { - Name = "${var.cluster_name}-vpc" + Name = "${var.cluster_name}-vpc" + "kubernetes.io/cluster/${var.cluster_name}" = "shared" } } |