docs: update aws to add command to allow KubeSpan wireguard port

Configuring AWS firewall. Signed-off-by: Steve Francis <steve.francis@talos-systems.com> Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
siderolabs · Sep 15, 2023 · 8f4a36b · 8f4a36b
1 parent a7edd05
commit 8f4a36b
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 0 deletions.
diff --git a/website/content/v1.5/talos-guides/install/cloud-platforms/aws.md b/website/content/v1.5/talos-guides/install/cloud-platforms/aws.md
@@ -163,6 +163,15 @@ aws ec2 authorize-security-group-ingress \
     --cidr 0.0.0.0/0
 ```
 
+If you are using KubeSpan and will be adding workers outside of AWS, you need to allow inbound UDP for the Wireguard port:
+
+```bash
+aws ec2 authorize-security-group-ingress \
+    --region $REGION \
+    --group-name talos-aws-tutorial-sg \
+    --protocol udp --port 51820 --cidr 0.0.0.0/0
+```
+
 ### Create a Load Balancer
 
 ```bash

diff --git a/website/content/v1.6/talos-guides/install/cloud-platforms/aws.md b/website/content/v1.6/talos-guides/install/cloud-platforms/aws.md
@@ -163,6 +163,15 @@ aws ec2 authorize-security-group-ingress \
     --cidr 0.0.0.0/0
 ```
 
+If you are using KubeSpan and will be adding workers outside of AWS, you need to allow inbound UDP for the Wireguard port:
+
+```bash
+aws ec2 authorize-security-group-ingress \
+    --region $REGION \
+    --group-name talos-aws-tutorial-sg \
+    --protocol udp --port 51820 --cidr 0.0.0.0/0
+```
+
 ### Create a Load Balancer
 
 ```bash