From 0b2df284100db9c03dcdc290f99091f199fb5eef Mon Sep 17 00:00:00 2001 From: Christopher Baines Date: Thu, 5 Jul 2018 11:42:08 +0100 Subject: Improve the public ip address handling Support multiple addresses to handle the GOV.UK PaaS, which has multiple egress points. --- terraform/aws/backend/main.tf | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'terraform/aws') diff --git a/terraform/aws/backend/main.tf b/terraform/aws/backend/main.tf index fff5444..45d660f 100644 --- a/terraform/aws/backend/main.tf +++ b/terraform/aws/backend/main.tf @@ -66,8 +66,8 @@ variable "mini_environment_admin_guix_public_key" { type = "string" } -variable "mini_environment_admin_public_ip_address" { - type = "string" +variable "mini_environment_admin_egress_cidr_blocks" { + type = "list" } variable "backend_slug" { @@ -168,7 +168,9 @@ resource "aws_security_group" "ssh_access_from_mini_environment_admin" { from_port = 0 to_port = 22 protocol = "tcp" - cidr_blocks = ["${var.mini_environment_admin_public_ip_address}/32"] + cidr_blocks = [ + "${var.mini_environment_admin_egress_cidr_blocks}" + ] } } -- cgit v1.2.3