[AWS] Remove Egress SG Rules for PrivateLink Endpoints

databricks / terraform-databricks-sra

The Security Reference Architecture (SRA) implements typical security features as Terraform Templates that are deployed by most high-security organizations, and enforces controls for the largest risks that customers ask about most often.

Other

71 stars 39 forks source link

[AWS] Remove Egress SG Rules for PrivateLink Endpoints #56

Closed JDBraun closed 4 months ago

JDBraun commented 5 months ago

Egress rules are not needed for PrivateLink endpoints since it's only inbound from the cluster itself

https://github.com/databricks/terraform-databricks-sra/blob/254468075f84efe927bf48fe6cd8e4523cfc94a5/aws/tf/modules/sra/privatelink.tf#L274

jdbraun-db commented 4 months ago

addressed here: https://github.com/databricks/terraform-databricks-sra/pull/57.

egress rules removed: https://github.com/databricks/terraform-databricks-sra/blob/6523d99b0eb10e091509745bc34aa8d34e5976f9/aws/tf/modules/sra/privatelink.tf#L2