pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adds list of users for access to storage and more service endpoints

Browse Source 
This sets up the rest of the service endpoints on the subnets. It also
adds a variable map specifically to grant IP access to the storage
buckets. This new variable map is necessary since the azure storage ip
rules do not accept /32 CIDR ranges. The rest of the services do support
cidr ranges.
This commit is contained in:
Rob Gil
2020-01-23 18:41:29 -05:00
parent 536eccdb90
commit 38ce1ef2b2
3 changed files with 15 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
terraform/providers/dev/variables.tf
View File

@@ -39,8 +39,8 @@ variable "networks" {
variable "service_endpoints" {
type = map
default = {
public = ""
private = "Microsoft.Storage,Microsoft.KeyVault"
public = "Microsoft.ContainerRegistry" # Not necessary but added to avoid infinite state loop
private = "Microsoft.Storage,Microsoft.KeyVault,Microsoft.ContainerRegistry,Microsoft.Sql"
}
}
@@ -96,6 +96,14 @@ variable "admin_user_whitelist" {
}
}
variable "storage_admin_whitelist" {
type = map
default = {
"Rob Gil" = "66.220.238.246"
"Dan Corrigan Work" = "108.16.207.173"
}
}
variable "vpn_client_cidr" {
type = list
default = ["172.16.255.0/24"]