Part of #273
What
Extract all security group definitions (nginx, control-plane, etcd, worker) out of aws-resource-creation into a standalone Terraform root with its own state file.
Why
Currently all 4 node-type security groups are passed as one combined variable blob into aws-resource-creation. Any SG rule change requires a full plan across EC2 and DNS resources.
Acceptance Criteria
Part of #273
What
Extract all security group definitions (nginx, control-plane, etcd, worker) out of
aws-resource-creationinto a standalone Terraform root with its own state file.Why
Currently all 4 node-type security groups are passed as one combined variable blob into
aws-resource-creation. Any SG rule change requires a full plan across EC2 and DNS resources.Acceptance Criteria
security-groupscomponent is a standalone Terraform root underterraform/implementations/aws/security-groups/aws_security_groupresourcedata "aws_security_group"by tag