jlengrand/engine
1
0
Fork 0
mirror of https://github.com/jlengrand/engine.git synced 2026-03-10 08:11:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: add missing options to completly deny public access

Browse Source
This commit is contained in:
Pierre Mavro
2022-02-18 14:14:31 +01:00
parent ebcae4c6ff
commit 31c5083ad9
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/aws/bootstrap/helm-loki.j2.tf
View File

@@ -71,4 +71,6 @@ resource "aws_s3_bucket_public_access_block" "loki_access" {
ignore_public_acls = true
restrict_public_buckets = true
block_public_policy = true
block_public_acls = true
}

4
lib/aws/bootstrap/s3-qovery-buckets.tf
View File

@@ -13,6 +13,7 @@ resource "aws_s3_bucket" "kubeconfigs_bucket" {
"Name" = "Kubernetes kubeconfig"
}
)
server_side_encryption_configuration {
rule {
apply_server_side_encryption_by_default {
@@ -21,7 +22,6 @@ resource "aws_s3_bucket" "kubeconfigs_bucket" {
}
}
}
}
resource "aws_kms_key" "s3_kubeconfig_kms_encryption" {
@@ -39,4 +39,6 @@ resource "aws_s3_bucket_public_access_block" "kubeconfigs_access" {
ignore_public_acls = true
restrict_public_buckets = true
block_public_policy = true
block_public_acls = true
}