pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Locks down keyvaults to subnets and administrator ip addresses

Browse Source
This commit is contained in:
Rob Gil
2020-01-23 11:02:12 -05:00
parent c31d68a18c
commit dab6cdb7dc
4 changed files with 30 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
terraform/providers/dev/keyvault.tf
View File

@@ -7,5 +7,8 @@ module "keyvault" {
tenant_id = var.tenant_id
principal_id = "f9bcbe58-8b73-4957-aee2-133dc3e58063"
admin_principals = var.admin_users
policy = "Deny"
subnet_ids = [module.vpc.subnets]
whitelist = var.admin_user_whitelist
}