From df1b29e4747eb43717c2a12983812d3b64145f6f Mon Sep 17 00:00:00 2001
From: =?utf8?q?C=C3=A1ssio=20Gabriel?= <cassiogabrielcontato@gmail.com>
Date: Sat, 24 Jan 2026 13:16:21 -0300
Subject: [PATCH] Add Security Group settings

---
 assessment/terraform/main.tf | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/assessment/terraform/main.tf b/assessment/terraform/main.tf
index 16ad0ea..6116451 100644
--- a/assessment/terraform/main.tf
+++ b/assessment/terraform/main.tf
@@ -102,3 +102,25 @@ resource "aws_route_table_association" "private" {
   route_table_id = aws_route_table.private.id
 }
 
+# -------------------------------------------------------
+
+# Security group for the Wahzuh instance
+resource "aws_security_group" "wazuh_ec2" {
+  name        = "wazuh-ec2-sg"
+  description = "Minimal access security group for Wazuh EC2"
+  vpc_id      = aws_vpc.this.id
+
+  tags = {
+    Name = "wazuh-ec2-sg"
+  }
+}
+
+# Inbound rules for the Wahzuh security group
+resource "aws_security_group" "egress_all" {
+  type              = "egress"
+  security_group_id = aws_security_group.wazuh_ec2.id
+  from_port         = 0
+  to_port           = 0
+  protocol          = "-1" # All protocols
+  cidr_blocks       = ["0.0.0.0/0"]
+}
-- 
2.34.1