resource "aws_security_group" "catherine_fc_asg_sg" {
    name = "catherine-fc-asg-sg"
    description = "catherine fc security group"
    vpc_id = var.vpc_id
    tags = var.tags
}

resource "aws_security_group_rule" "catherine_fc_asg_sg_ingress" {
    description = "lb security group"
    type = "ingress"
    from_port = 8080
    to_port = 8080
    protocol = "tcp"
    cidr_blocks = [ "0.0.0.0/0" ]

    security_group_id = aws_security_group.catherine_fc_asg_sg.id
}

resource "aws_security_group_rule" "catherine_fc_asg_sg_allow_egress" {
    description = "allow all"
    type = "egress"
    protocol = "all"
    from_port = 0
    to_port = 65535
    cidr_blocks = [ "0.0.0.0/0" ]

    security_group_id = aws_security_group.catherine_fc_asg_sg.id
}

resource "aws_security_group" "catherine_fc_lb_sg" {
    name = "catherine-fc-alb-sg"
    description = "catherine fc security group for load balancer"
    vpc_id = var.vpc_id
    tags = var.tags
}

resource "aws_security_group_rule" "catherine_fc_alb_sg_ingress" {
    description = "alb security group"
    type = "ingress"
    from_port = 443
    to_port = 443
    protocol = "tcp"
    cidr_blocks = [ "0.0.0.0/0" ]

    security_group_id = aws_security_group.catherine_fc_lb_sg.id
}

resource "aws_security_group_rule" "catherine_fc_alb_sg_allow_egress" {
    description = "allow all"
    type = "egress"
    protocol = "all"
    from_port = 0
    to_port = 65535
    cidr_blocks = [ "0.0.0.0/0" ]

    security_group_id = aws_security_group.catherine_fc_lb_sg.id
}