terraform: I have existing vpc/security group values that I want this instance to use

biocorecrg / master_of_pores

Nextflow pipeline for analysis of direct RNA Nanopore reads

https://biocorecrg.github.io/master_of_pores/

MIT License

93 stars 16 forks source link

terraform: I have existing vpc/security group values that I want this instance to use #108

Closed xguse closed 2 years ago

xguse commented 2 years ago

Can someone point me in a good direction to learn how to simply have these values be used rather than what the default security.tf file seems to do which is create these with values specified?

We have gone to great lengths to make sure that we have consistent and safe settings on our infrastructure and I would rather use our values than create new ones.

Is this possible?

toniher commented 2 years ago

Hi @xguse I must admit that recipe is a bit too concise. It may be helpful for you having a look at a more detailed one here for the upcoming version: https://github.com/biocorecrg/MOP2/blob/main/terraform/awsbatch/security.tf (for AWS Batch). You can skip those resources you already have defined in your infrastructure and adapt the recipes as they fit best for you. In the end, this should not be a limitation for running the pipeline. Do not hesitate to let me know if you got stuck in any step...

xguse commented 2 years ago

Lets say for example that I have an existing VPC and Security Group that I want the EC2 to use. How might I adjust the existing resource definition [see below] to not set values for what the security group should look like, but instead to supply the security group that I want it to use?

resource "aws_security_group" "allow_ssh" {

    name = "allow_ssh"
    //vpc_id = "${aws_vpc.nf-env.id}"
    ingress {
        cidr_blocks = [
              "0.0.0.0/0"
        ]
        from_port = 22
        to_port = 22
        protocol = "tcp"
    }

    // Terraform removes the default rule
    egress {
        from_port = 0
        to_port = 0
        protocol = "-1"
        cidr_blocks = ["0.0.0.0/0"]
    }
}

I apologize for asking you about terraform rather than your tool itself here. I promise that I have spent quite some time looking through their docs for this and I am afraid to admit that I just cant figure it out!

lucacozzuto commented 2 years ago

Well, we are not expert of terraform. @toniher has some experience but I think it will be good to ask to other people. Maybe it can be useful for us too :)

xguse commented 2 years ago

@lucacozzuto totally understood. Thanks anyway!

If I work it out I will report back here hopefully.