Scribd
Upload
6 views1 page

Terraform to allow and block a single IP address

This document provides a Terraform template for creating an AWS security group that blocks traffic from a specific IP address (10.20.30.40) while allowing traffic from another specific IP address (50.60.70.80). It includes instructions to replace the VPC ID and outlines the necessary inbound and outbound rules. The template can be applied using Terraform commands after saving the code in a `.tf` file.

Uploaded by

saiakkina
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
6 views1 page

Terraform to allow and block a single IP address

This document provides a Terraform template for creating an AWS security group that blocks traffic from a specific IP address (10.20.30.40) while allowing traffic from another specific IP address (50.60.70.80). It includes instructions to replace the VPC ID and outlines the necessary inbound and outbound rules. The template can be applied using Terraform commands after saving the code in a `.tf` file.

Uploaded by

saiakkina
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 1

To block a single IP address (e.g., 10.20.30.

40) and allow only another single IP


address (e.g., 50.60.70.80) using an AWS security group, you need to create inbound
rules for both scenarios. Here's a Terraform template to achieve that:

```hcl
provider "aws" {
region = "us-east-1" # Update with your desired region
}

resource "aws_security_group" "allow_only_specific_ips_sg" {


name = "allow-only-specific-ips-sg"
description = "Security group to allow only specific IP addresses"
vpc_id = "your-vpc-id" # Update with your VPC ID

// Inbound rule to block traffic from specific IP address


ingress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["10.20.30.40/32"]
}

// Inbound rule to allow traffic from specific IP address


ingress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["50.60.70.80/32"]
}

// Outbound rule to allow all traffic


egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
```

Make sure to replace `"your-vpc-id"` with the ID of your VPC where you want to
create this security group. This Terraform template will create a security group
named "allow-only-specific-ips-sg" with two inbound rules: one to block traffic
from the IP address 10.20.30.40 and another to allow traffic from the IP address
50.60.70.80. Additionally, it includes an outbound rule that allows all traffic to
any destination.

After saving the above code in a `.tf` file, you can run `terraform init`,
`terraform plan`, and `terraform apply` commands in the directory where the file is
located to create the security group in your AWS account.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy