diff --git a/aws/container-linux/kubernetes/controllers.tf b/aws/container-linux/kubernetes/controllers.tf index 990bc631c..bfd2f75eb 100644 --- a/aws/container-linux/kubernetes/controllers.tf +++ b/aws/container-linux/kubernetes/controllers.tf @@ -159,6 +159,16 @@ resource "aws_security_group_rule" "controller-flannel-self" { self = true } +resource "aws_security_group_rule" "controller-node-exporter" { + security_group_id = "${aws_security_group.controller.id}" + + type = "ingress" + protocol = "tcp" + from_port = 9100 + to_port = 9100 + source_security_group_id = "${aws_security_group.worker.id}" +} + resource "aws_security_group_rule" "controller-kubelet-read" { security_group_id = "${aws_security_group.controller.id}" diff --git a/aws/container-linux/kubernetes/workers.tf b/aws/container-linux/kubernetes/workers.tf index f9f746168..09cf01af2 100644 --- a/aws/container-linux/kubernetes/workers.tf +++ b/aws/container-linux/kubernetes/workers.tf @@ -142,6 +142,16 @@ resource "aws_security_group_rule" "worker-flannel-self" { self = true } +resource "aws_security_group_rule" "worker-node-exporter" { + security_group_id = "${aws_security_group.worker.id}" + + type = "ingress" + protocol = "tcp" + from_port = 9100 + to_port = 9100 + self = true +} + resource "aws_security_group_rule" "worker-kubelet" { security_group_id = "${aws_security_group.worker.id}"