search

CirclesUBI / infrastructure-provisioning

Infrastructure and Services for Circles
GNU Affero General Public License v3.0
5 stars 2 forks source link

Move rocketchat instances to private subnet #5

Open edzillion opened 5 years ago

edzillion commented 5 years ago

The current implementation has the RC instances on public subnet. This is not ideal from security POV

edzillion commented 5 years ago

@xwvvvvwx can you link that VPC module you were showing me?

d-xo commented 5 years ago

https://registry.terraform.io/modules/terraform-aws-modules/vpc/aws/1.31.0

edzillion commented 5 years ago

what do you think? should we try to move to this right away?

edzillion commented 5 years ago

btw the auto blue-green deployments seem to be working perfect now :smile:

d-xo commented 5 years ago

btw the auto blue-green deployments seem to be working perfect now 😄

nice!!!!

what do you think? should we try to move to this right away?

Do we have a way to test the changes, and then rollback if they fail?

edzillion commented 5 years ago

Do we have a way to test the changes, and then rollback if they fail?

Not sure. I mean terraform is supposed to allow rollbacks but I have never tried it before, have you?