From 60c290d43b90f6354ca917e2b2c4158e3f66a62d Mon Sep 17 00:00:00 2001
From: Hector Kemp <hkemp@redhat.com>
Date: Fri, 4 Oct 2024 12:00:27 +0100
Subject: [PATCH] Remove egress rule + add 443 ingress rule

---
 zero-egress/main.tf | 14 +++-----------
 1 file changed, 3 insertions(+), 11 deletions(-)

diff --git a/zero-egress/main.tf b/zero-egress/main.tf
index f272626..ffa5b14 100644
--- a/zero-egress/main.tf
+++ b/zero-egress/main.tf
@@ -29,20 +29,12 @@ module "vpc" {
 
 resource "aws_security_group" "authorize_inbound_vpc_traffic" {
   ingress {
-    from_port   = 0
-    to_port     = 0
-    protocol    = "-1"
+    from_port   = 443
+    to_port     = 443
+    protocol    = "tcp"
     cidr_blocks = var.private_subnets
   }
   vpc_id = module.vpc.vpc_id
-
-  egress {
-    from_port        = 0
-    to_port          = 0
-    protocol         = "-1"
-    cidr_blocks      = ["0.0.0.0/0"]
-    ipv6_cidr_blocks = ["::/0"]
-  }
 }
 
 # https://docs.aws.amazon.com/AmazonECR/latest/userguide/vpc-endpoints.html