Type
XRD
Group
aws.platform.upbound.io
Version
v1alpha1
apiVersion: aws.platform.upbound.io/v1alpha1
kind: XSecurityGroup
No description provided.
Parameters used to customize the cluster
No description provided.
Array List of CIDR blocks (optional).
eks-nodegroup
apiVersion: aws.platform.upbound.io/v1alpha1
kind: XSecurityGroup
metadata:
annotations:
render.crossplane.io/composition-path: apis/composition.yaml
render.crossplane.io/function-path: examples/functions.yaml
name: eks-nodegroup
spec:
parameters:
id: configuration-aws-securitygroup
region: us-west-2
rules:
- description: Allow All Traffic eks-nodegroup SG
isSelf: true
protocol: "-1"
type: ingress
- description: Allow Traffic from eks-controlplane SG
fromPort: 10250
protocol: tcp
sourceSecurityGroupName: eks-controlplane
toPort: 10250
type: ingress
- description: Allow Traffic from eks-controlplane SG
fromPort: 5443
protocol: tcp
sourceSecurityGroupName: eks-controlplane
toPort: 5443
type: ingress
- description: Allow Traffic from eks-controlplane SG
fromPort: 11520
protocol: tcp
sourceSecurityGroupName: eks-controlplane
toPort: 11520
type: ingress
- description: Allow Traffic for Webhooks from eks-controlplane SG
fromPort: 9443
protocol: tcp
sourceSecurityGroupName: eks-controlplane
toPort: 9443
type: ingress
- description: Allow Traffic for Webhooks from eks-controlplane SG
fromPort: 8443
protocol: tcp
sourceSecurityGroupName: eks-controlplane
toPort: 8443
type: ingress
- description: Allow Traffic for Webhooks from eks-controlplane SG
fromPort: 443
protocol: tcp
sourceSecurityGroupName: eks-controlplane
toPort: 443
type: ingress
- cidrBlocks:
- 0.0.0.0/0
description: Allow All Traffic Outbound
protocol: "-1"
type: egress
eks-controlplane
apiVersion: aws.platform.upbound.io/v1alpha1
kind: XSecurityGroup
metadata:
annotations:
render.crossplane.io/composition-path: apis/composition.yaml
render.crossplane.io/function-path: examples/functions.yaml
name: eks-controlplane
spec:
parameters:
id: configuration-aws-securitygroup
region: us-west-2
rules:
- description: Allow HTTPS Traffic from eks-controlplane SG
fromPort: 443
protocol: tcp
sourceSecurityGroupName: eks-nodegroup
toPort: 443
type: ingress
- cidrBlocks:
- 10.0.0.0/8
- 168.74.0.0/16
- 172.16.0.0/12
- 192.168.0.0/16
description: Allow traffic to ControlPlane
fromPort: 443
protocol: tcp
toPort: 443
type: ingress
- description: Allow All Traffic from eks-controlplane SG
isSelf: true
protocol: "-1"
type: ingress
- description: Allow All Traffic Outbound
isSelf: true
protocol: "-1"
type: egress
- description: Allow Traffic to eks-nodegroup SG
fromPort: 10250
protocol: tcp
sourceSecurityGroupName: eks-nodegroup
toPort: 10250
type: egress
- description: Allow Traffic to eks-nodegroup SG
fromPort: 5443
protocol: tcp
sourceSecurityGroupName: eks-nodegroup
toPort: 5443
type: egress
- description: Allow Traffic for Webhooks to eks-nodegroup SG
fromPort: 9443
protocol: tcp
sourceSecurityGroupName: eks-nodegroup
toPort: 9443
type: egress
- description: Allow Traffic for Webhooks to eks-nodegroup SG
fromPort: 8443
protocol: tcp
sourceSecurityGroupName: eks-nodegroup
toPort: 8443
type: egress
- description: Allow Traffic for Webhooks to eks-nodegroup SG
fromPort: 443
protocol: tcp
sourceSecurityGroupName: eks-nodegroup
toPort: 443
type: egress
© 2022 Upbound, Inc.
Discover the building blocksfor your internal cloud platform.