terraform-aws-elastic-beanstalk-environment icon indicating copy to clipboard operation
terraform-aws-elastic-beanstalk-environment copied to clipboard

Published 20 hours ago verified publisher icon cloudposse

ssh_source_restriction is no longer available

Open DangerDawson opened this issue 5 years ago • 4 comments
trafficstars

The following change removed ssh_source_restriction https://github.com/cloudposse/terraform-aws-elastic-beanstalk-environment/commit/fe6d0d7242dff18928cc204fb3c693e104978b17#diff-7a370d8342e7203b805911c92454f0f4L494 but it is still present in the docs, and is also a variable that can be passed in, is this intentional?

I have checked a recent environment using the changes that have been made, and it no longer locks ssh down to the said source, but is now available to the world.

DangerDawson avatar Jul 03 '20 16:07 DangerDawson

It was probably not intentional. Can you submit a PR to fix?

osterman avatar Jul 03 '20 16:07 osterman

Just opened a PR: https://github.com/cloudposse/terraform-aws-elastic-beanstalk-environment/pull/124

DangerDawson avatar Jul 06 '20 09:07 DangerDawson

If somebody will bring that back?

lukas085 avatar Apr 20 '21 11:04 lukas085

I figured out a work around for this issue - just set the additional_settings like this:

  additional_settings = [{
    namespace = "aws:autoscaling:launchconfiguration"
    name      = "SSHSourceRestriction"
    value     = "tcp,22,22,123.45.67.89/24"
  }]

Where 123.45.67.89/24 is the CIDR block from which you would like to limit SSH access.

nathant727 avatar Mar 23 '22 22:03 nathant727