This repository has been archived by the owner on Nov 27, 2023. It is now read-only.
ECS: Redid security group generation for LBs #2215
Open
Commits on Jan 11, 2023
-
ECS: Created slightly-complicated-service test
Summary: Can be used to test service-service interaction, and stacks with more than one service Test Plan: This is a unit test Signed-off-by: Nitzan Raz <[email protected]>
-
ECS: Creating special security groups for ingress, instead of adding …
…the ingress rule to other security groups Solves docker-archive#1783 Previously, the ECS stack included an ingress rule to allow LB to reach the tasks. However, it added this ingress rule toe very Docker network security group, meaning other tasks on the same Docker network, possibly sensitive, were accessible externally. We now create a new security group for port assignments for every service that has ports, and attach that security group only to that service. This prevents other tasks in the same Docker networks are not accessible externally. Signed-off-by: Nitzan Raz <[email protected]>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.