From ab3531d5c4919dbdc4cde071ab97b799b07d871a Mon Sep 17 00:00:00 2001
From: David <david_tjokroaminoto@tech.gov.sg>
Date: Mon, 19 Dec 2022 11:59:50 +0800
Subject: [PATCH] feat: added 3389 block for udp also (security hub complain)

---
 nacl.tf | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/nacl.tf b/nacl.tf
index 982974f..ae42b2c 100644
--- a/nacl.tf
+++ b/nacl.tf
@@ -57,6 +57,16 @@ resource "aws_network_acl_rule" "public_inbound_rdp_rule_deny" {
   rule_action    = "deny"
 }
 
+resource "aws_network_acl_rule" "public_inbound_rdp_rule_deny_udp" {
+  network_acl_id = aws_network_acl.public.id
+  cidr_block     = "0.0.0.0/0"
+  rule_number    = 106
+  protocol       = "udp"
+  from_port      = 3389
+  to_port        = 3389
+  rule_action    = "deny"
+}
+
 resource "aws_network_acl_rule" "public_outbound_rdp_rule_deny" {
   network_acl_id = aws_network_acl.public.id
   rule_number    = 105
@@ -167,6 +177,17 @@ resource "aws_network_acl_rule" "private_inbound_rdp_rule_deny" {
   rule_action    = "deny"
 }
 
+resource "aws_network_acl_rule" "private_inbound_rdp_rule_deny_udp" {
+  network_acl_id = aws_network_acl.private.id
+  cidr_block     = "0.0.0.0/0"
+  rule_number    = 106
+  protocol       = "udp"
+  from_port      = 3389
+  to_port        = 3389
+  rule_action    = "deny"
+}
+
+
 resource "aws_network_acl_rule" "private_outbound_rdp_rule_deny" {
   network_acl_id = aws_network_acl.private.id
   rule_number    = 105