allow openvpn ports for vpcaccess

[awsible] / roles / vpcaccess-infrastructure / tasks / main.yml

diff --git a/roles/vpcaccess-infrastructure/tasks/main.yml b/roles/vpcaccess-infrastructure/tasks/main.yml
index 878402e72982bcb0ecc74122cd8bafa6be440c7f..9b594a96262d012d493b70ae243ce3bc1861a28f 100644 (file)
--- a/roles/vpcaccess-infrastructure/tasks/main.yml
+++ b/roles/vpcaccess-infrastructure/tasks/main.yml
@@ -11,6 +11,14 @@
       from_port: -1
       to_port: -1
       cidr_ip: "{{ vpc.vpc.cidr_block }}"
+    - proto: tcp
+      from_port: 1195
+      to_port: 1195
+      cidr_ip: 0.0.0.0/0
+    - proto: udp
+      from_port: 1194
+      to_port: 1194
+      cidr_ip: 0.0.0.0/0
     elb_type: internal
     elb_rules:
     - proto: tcp
@@ -28,6 +36,7 @@
       interval: 30
       unhealthy_threshold: 2
       healthy_threshold: 2
+    min_size: 1
     max_size: 1
 
 - name: not implemented yet