pulumi-awsx icon indicating copy to clipboard operation
pulumi-awsx copied to clipboard

Published 20 hours ago verified publisher icon pulumi

Limit default security group in ingress for ECS cluster

Open clstokes opened this issue 5 years ago • 0 comments

The default ECS cluster security group allows ingress to all ports from all IP addresses. This should be restricted to the appropriate load balancers and ports as set by the deployed applications - per the TODO in the code linked below.

https://github.com/pulumi/pulumi-awsx/blob/3c2cd20b945d9a5fa8cf5f76e399ff16961248d1/nodejs/awsx/ecs/cluster.ts#L139-L144

clstokes avatar Jan 21 '20 17:01 clstokes