Skip to content

Commit

Permalink
aws: Attach security group to NLBs for kops-controller
Browse files Browse the repository at this point in the history
  • Loading branch information
hakman committed Oct 7, 2023
1 parent d2b789d commit dc1569c
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions pkg/model/awsmodel/api_loadbalancer.go
Original file line number Diff line number Diff line change
Expand Up @@ -517,6 +517,17 @@ func (b *APILoadBalancerBuilder) Build(c *fi.CloudupModelBuilderContext) error {
SourceGroup: masterGroup.Task,
ToPort: fi.PtrTo(int64(4)),
})
if b.Cluster.UsesNoneDNS() {
c.AddTask(&awstasks.SecurityGroupRule{
Name: fi.PtrTo(fmt.Sprintf("kops-controller-elb-to-master%s", suffix)),
Lifecycle: b.SecurityLifecycle,
FromPort: fi.PtrTo(int64(wellknownports.KopsControllerPort)),
Protocol: fi.PtrTo("tcp"),
SecurityGroup: masterGroup.Task,
ToPort: fi.PtrTo(int64(wellknownports.KopsControllerPort)),
SourceGroup: lbSG,
})
}
}
}

Expand Down

0 comments on commit dc1569c

Please sign in to comment.