This PR adds a deployment of Amazon Web Services' Quantum Ledger Database (QLDB) with a VPC endpoint. The following changes have been made to the Terraform configuration:
Added an AWS QLDB ledger resource with the specified name and permissions mode, and with deletion protection enabled to prevent accidental deletion of the ledger.
Added a security group resource with the specified name and description, and allowing TLS traffic from the VPC and all egress traffic.
Added an AWS VPC endpoint resource with the QLDB service name, endpoint type and attached to the security group resource. This allows QLDB clients to access the QLDB service using a private IP address within the VPC, without requiring a public IP address or internet gateway.
By deploying QLDB with a VPC endpoint, we are enhancing the security and privacy of our QLDB deployment. By using a private IP address within the VPC, we can ensure that traffic between QLDB clients and the QLDB service remains within the VPC and does not traverse the internet, which reduces the risk of interception or tampering of data.
Additionally, by configuring the security group to allow only TLS traffic from the VPC and all egress traffic, we are implementing a defense-in-depth strategy to protect our QLDB deployment against unauthorized access or attack.
In summary, this PR provides a secure and private deployment of QLDB with a VPC endpoint, which ensures the integrity, confidentiality, and availability of our data in QLDB.
aws_qldb_ledger.this: Creating...
aws_security_group.qldb: Creating...
aws_security_group.qldb: Creation complete after 3s [id=sg-0b5b52130abe0592e]
aws_vpc_endpoint.qldb: Creating...
aws_qldb_ledger.this: Still creating... [10s elapsed]
aws_vpc_endpoint.qldb: Still creating... [10s elapsed]
aws_qldb_ledger.this: Still creating... [20s elapsed]
aws_vpc_endpoint.qldb: Still creating... [20s elapsed]
aws_qldb_ledger.this: Still creating... [30s elapsed]
aws_vpc_endpoint.qldb: Still creating... [30s elapsed]
aws_qldb_ledger.this: Still creating... [40s elapsed]
aws_vpc_endpoint.qldb: Still creating... [40s elapsed]
aws_qldb_ledger.this: Still creating... [50s elapsed]
aws_vpc_endpoint.qldb: Still creating... [51s elapsed]
aws_qldb_ledger.this: Still creating... [1m0s elapsed]
aws_vpc_endpoint.qldb: Still creating... [1m1s elapsed]
aws_qldb_ledger.this: Still creating... [1m10s elapsed]
aws_vpc_endpoint.qldb: Still creating... [1m11s elapsed]
aws_vpc_endpoint.qldb: Creation complete after 1m13s [id=vpce-026ccdf5ce5d2788d]
aws_qldb_ledger.this: Still creating... [1m20s elapsed]
aws_qldb_ledger.this: Still creating... [1m30s elapsed]
aws_qldb_ledger.this: Still creating... [1m40s elapsed]
aws_qldb_ledger.this: Still creating... [1m50s elapsed]
aws_qldb_ledger.this: Still creating... [2m0s elapsed]
aws_qldb_ledger.this: Still creating... [2m10s elapsed]
aws_qldb_ledger.this: Creation complete after 2m14s [id=dp-dev]
Releasing state lock. This may take a few moments...
Apply complete! Resources: 3 added, 0 changed, 0 destroyed.
Outputs:
arn = "arn:aws:qldb:us-west-2:042093043970:ledger/dp-dev"
id = "dp-dev"
This PR adds a deployment of Amazon Web Services' Quantum Ledger Database (QLDB) with a VPC endpoint. The following changes have been made to the Terraform configuration:
By deploying QLDB with a VPC endpoint, we are enhancing the security and privacy of our QLDB deployment. By using a private IP address within the VPC, we can ensure that traffic between QLDB clients and the QLDB service remains within the VPC and does not traverse the internet, which reduces the risk of interception or tampering of data.
Additionally, by configuring the security group to allow only TLS traffic from the VPC and all egress traffic, we are implementing a defense-in-depth strategy to protect our QLDB deployment against unauthorized access or attack.
In summary, this PR provides a secure and private deployment of QLDB with a VPC endpoint, which ensures the integrity, confidentiality, and availability of our data in QLDB.
inputs:
Terragrunt Apply: