Security Groups - Kubernetes NodePool - Terraform

[Grounz]

Hi,

As customer of Managed Kubernetes Service, we want secure K8S access from internet network and from private network with security_groups.

With terraform we used: https://registry.terraform.io/providers/ovh/ovh/latest/docs/resources/cloud_project_kube_nodepool for manage nodepool.

But we cannot apply to nodepool a security groups parameter with this ovh module

For security reason we want configure security groups on MKS node..

We can do this by horizon but it's manually, we want do that in Infra as code with terraform.

[mhurtrel]

Good point, indeed today you can create nodepools and security groups as 2 terraform ressources, apply the second ont the instances from the first one, but it is not native and I understand this is challenging when using nodepool autoscaling for example. I added this to our backlog.

[Yayg]

Hello everyone,

In a more general way it is not possible to apply security groups to networks created through openstack cli to public cloud products (as I tried at least). Is this a separate issue somewhere or the same? (since I see this only related to terraform I am not sure)

Thanks by advance for all you awesome work! :)

[LisaPerrier]

Hello @Yayg, I confirm we consider this the same issue and won't work for terraform only :)