Adds list of users for access to storage and more service endpoints

This sets up the rest of the service endpoints on the subnets. It also adds a variable map specifically to grant IP access to the storage buckets. This new variable map is necessary since the azure storage ip rules do not accept /32 CIDR ranges. The rest of the services do support cidr ranges.
2020-01-23 18:41:29 -05:00
parent 536eccdb90
commit 38ce1ef2b2
3 changed files with 15 additions and 7 deletions
--- a/terraform/providers/dev/buckets.tf
+++ b/terraform/providers/dev/buckets.tf
@@ -9,7 +9,7 @@ module "task_order_bucket" {
  region       = var.region
  policy       = "Allow"
  subnet_ids   = [module.vpc.subnets]
-  whitelist    = var.admin_user_whitelist
+  whitelist    = var.storage_admin_whitelist
 }

 # TF State should be restricted to admins only, but IP protected
@@ -25,5 +25,5 @@ module "tf_state" {
  region       = var.region
  policy       = "Deny"
  subnet_ids   = []
-  whitelist    = var.admin_user_whitelist
+  whitelist    = var.storage_admin_whitelist
 }