From 683c0157325e0e0ac7c573d3f97bf6dbefe62370 Mon Sep 17 00:00:00 2001
From: seungwookc97 <sochoi0832@gmail.com>
Date: Thu, 2 Oct 2025 16:46:21 +0900
Subject: [PATCH] =?UTF-8?q?chore=20:=20=ED=85=8C=EB=9D=BC=ED=8F=BC=20ingre?=
 =?UTF-8?q?ss=20=EC=84=A4=EC=A0=95=20http,https,nginx=20=EA=B4=80=EB=A6=AC?=
 =?UTF-8?q?=EC=9E=90=20=ED=8E=98=EC=9D=B4=EC=A7=80=EB=A7=8C=20=ED=97=88?=
 =?UTF-8?q?=EC=9A=A9=ED=95=98=EB=8F=84=EB=A1=9D=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 terraform/main.tf | 30 ++++++++++++++++++++++++------
 1 file changed, 24 insertions(+), 6 deletions(-)

diff --git a/terraform/main.tf b/terraform/main.tf
index 2e43504c..93093b37 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -113,17 +113,35 @@ resource "aws_route_table_association" "association_4" {
 resource "aws_security_group" "sg_1" {
   name = "${var.prefix}-sg-1"
 
+  # HTTP 허용
   ingress {
-    from_port = 0
-    to_port   = 0
-    protocol  = "all"
+    from_port   = 80
+    to_port     = 80
+    protocol    = "tcp"
     cidr_blocks = ["0.0.0.0/0"]
   }
 
+  # HTTPS 허용
+  ingress {
+    from_port   = 443
+    to_port     = 443
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  # Nginx Proxy Manager 관리자 페이지
+  ingress {
+    from_port   = 81
+    to_port     = 81
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  # Egress - 외부로 나가는 트래픽은 허용 (패키지 다운로드, API 호출 등)
   egress {
-    from_port = 0
-    to_port   = 0
-    protocol  = "all"
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
     cidr_blocks = ["0.0.0.0/0"]
   }