Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clarified Ingress syntax #261

Merged
merged 1 commit into from
Nov 17, 2020
Merged

Clarified Ingress syntax #261

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 22 additions & 14 deletions docs/syntax/composex/ecs.details/network.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,26 +22,34 @@ to whitelist IP addresses that are to be allowed communication to the services,
name which will be shown in the EC2 security group description of the ingress rule.

.. code-block:: yaml
:caption: Ingress Example

x-configs:
app01:
network:
ingress:
ext_sources:
- ipv4: 0.0.0.0/0
protocol: tcp
source_name: all
- ipv4: 1.1.1.1/32
protocol: icmp
source_name: CloudFlareDNS
aws_sources:
- type: SecurityGroup
id: sg-abcd
- type: PrefixList
id: pl-abcd
myself: True/False
Ingress:
ExtSources:
- Ipv4: 0.0.0.0/0
Name: all
- Ipv4: 1.1.1.1/32
Source_name: CloudFlareDNS
AwsSources:
- Type: SecurityGroup
Id: sg-abcd
- Type: PrefixList
Id: pl-abcd
Myself: True/False

.. note::

Future feature is to allow to input a security group ID and the remote account ID to allow ingress traffic from
a security group owned by another of your account (or 3rd party).

.. hint::

The protocol is automatically detected based on the port definition.
By default, it is TCP

.. hint::

To see details about the Ingress default syntax, refer to :ref:`ingress_syntax_ref`
33 changes: 32 additions & 1 deletion docs/syntax/composex/elbv2.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,37 @@ Once again in an effort of making configuration shorter and easier, here as the
These settings are just a shorter notation for the `LB Attributes`_


MacroParameters
================

.. _ingress_syntax_ref:

Ingress
-------

Similar syntax as for ECS Services Ingress, allow you to define Ingress (only applies to ALB).

.. code-block:: yaml
:caption: Ingress Syntax

Ingress:
ExtSources: []
AwsSources: []

.. code-block:: yaml
:caption: ExtSources syntax

ExtSources:
- Name: str (if any non alphanumeric character set, will be deleted)
Description: str
Ipv4: str

.. code-block:: yaml
:caption: AwsSources syntax

AwsSources:
- Type: SecurityGroup|PrefixList (str)
Id: sg-[a-z0-9]+|pl-[a-z0-9]+

Services
========
Expand Down Expand Up @@ -124,7 +155,7 @@ However, it is also possible to shorten the syntax into a simple string


Listeners
---------
=========

You can define in a very simple way your `Listener definition`_ and cross-reference other resources, here, the services
and ACM certificates you might be creating.
Expand Down