Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Why using instance firewall instead of relaying on security lists? #24

Open
SafaAlfulaij opened this issue Jun 8, 2023 · 1 comment
Open

Why using instance firewall instead of relaying on security lists? #24

SafaAlfulaij opened this issue Jun 8, 2023 · 1 comment

Comments

@SafaAlfulaij
Copy link

As written in the title.
I see that the firewall is being set on the instance and PostgreSQL level, together with security lists.
Isn't security lists enough? I believe that if someone lost access to a network ip, it would take more time to enter maintenance mode and add the new ip (in case of public subnet).
@paihari
Copy link

paihari commented Jul 27, 2023

Thanks for the terra files, works like designed. Like stated earlier by @SafaAlfulaij . It works fine in the private subnet.
But If i have application(in my test tested my pgadmin4) peer public subnet in the same VCN and have configured needed ingress/egress. The connection is not allowed. The scenario is close to the real world.

What need to be done, can you suggest the changes to be done to the code

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@SafaAlfulaij @paihari