From 2d2a807dc0c429291daf8c8273e408ecd153932a Mon Sep 17 00:00:00 2001
From: Joris van de Donk <jorisdon@amazon.com>
Date: Wed, 9 Oct 2024 08:35:20 +0000
Subject: [PATCH] fix(horde): allow inbound access to horde agents on ports
 7000-7010 from other horde agents

---
 modules/unreal/horde/sg.tf | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/modules/unreal/horde/sg.tf b/modules/unreal/horde/sg.tf
index 9792c81f..73c729f9 100644
--- a/modules/unreal/horde/sg.tf
+++ b/modules/unreal/horde/sg.tf
@@ -220,3 +220,14 @@ resource "aws_vpc_security_group_ingress_rule" "unreal_horde_service_inbound_age
   to_port                      = 443
   ip_protocol                  = "tcp"
 }
+
+# Horde agents allow inbound access from other agents
+resource "aws_vpc_security_group_ingress_rule" "unreal_horde_agents_inbound_agents" {
+  count                        = length(var.agents) > 0 ? 1 : 0
+  security_group_id            = aws_security_group.unreal_horde_agent_sg[0].id
+  description                  = "Allow inbound traffic to Horde Agents from other Horde Agents."
+  referenced_security_group_id = aws_security_group.unreal_horde_agent_sg[0].id
+  from_port                    = 7000
+  to_port                      = 7010
+  ip_protocol                  = "tcp"
+}