Merge pull request #35 from redpanda-data/sarah/default-sg

bugfix: If the VPC is provided do not create a default security group
redpanda-data · Oct 9, 2024 · f2e47d8 · f2e47d8
2 parents a7edfe7 + 9d7d765
commit f2e47d8
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/customer-managed/aws/README.md b/customer-managed/aws/README.md
@@ -4,7 +4,10 @@ This repository contains [Terraform](https://developer.hashicorp.com/terraform)
 customers are responsible for creating in association with a Redpanda customer-managed VPC cluster. These resources
 should be created in advance by the customer and then provided to Redpanda during cluster creation.
 
-> There may be resources in this repository that already exist within your environment (for example, the VPC) that you don't want to create. Variables are provided for this purpose.
+> There may be resources in this repository that already exist within your environment (for example, the VPC) that you 
+> don't want to create. Variables are provided for this purpose.
+
+> This code is provided as examples and should be reviewed to ensure it adheres to policies within your organization.
 
 # Prerequisites
 

diff --git a/customer-managed/aws/terraform/network.tf b/customer-managed/aws/terraform/network.tf
@@ -120,6 +120,7 @@ resource "aws_vpc_endpoint" "s3" {
 # egress rules in the security group and recreates it with the rules specified
 # here. Check the docs for more details.
 resource "aws_default_security_group" "redpanda" {
+  count   = local.create_vpc ? 1 : 0
   vpc_id  = data.aws_vpc.redpanda.id
   ingress = []
   egress  = []