This PR refreshes the ingress and egress rules for the security groups created by this Terraform module to tighten the security requirements; more specifically:
removes the redundant rule for the load balancer allowing incoming HTTP traffic to ensure a secured connection from the identity provider
updates the egress rule for the load balancer to allow only TCP traffic to the VPC for SCIM bridge
update the egress rule for the ECS service for SCIM bridge to allow only HTTPS traffic
To test:
[x] deploy SCIM bridge from scratch using the Terraform example from this branch
[x] deploy SCIM bridge from main, switch to this branch, and run terraform apply
[x] confirm provisioning works as expected on a SCIM bridge deployed from this branch
This PR refreshes the ingress and egress rules for the security groups created by this Terraform module to tighten the security requirements; more specifically:
To test:
main
, switch to this branch, and runterraform apply