RDS access for shlink

pinkeen · pinkeen · commit cf24d30ed259 · 2021-03-16T16:30:10.000+01:00
diff --git a/roles/cs.aws-security-group/defaults/main.yml b/roles/cs.aws-security-group/defaults/main.yml
@@ -4,3 +4,6 @@ aws_security_group_redis_create: no
 aws_security_group_elasticsearch_create: no
 aws_security_group_name_prefix: mageops
 aws_security_group_persistant_extra_rules: []
+
+# Extra groups to allow access to RDS
+aws_security_group_rds_access_extra_groups: []
diff --git a/roles/cs.aws-security-group/tasks/main.yml b/roles/cs.aws-security-group/tasks/main.yml
@@ -121,7 +121,7 @@
     rules:
       - proto: tcp
         ports: 3306
-        group_name: "{{ aws_security_group_app_name }}"
+        group_name: "{{ [aws_security_group_app_name] + aws_security_group_rds_access_extra_groups | default([]) }}"
       - proto: tcp
         ports: 3306
         cidr_ip: "{{ mageops_trusted_cidr_blocks }}"
