Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix clashing DNS rule names #19

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
+100 −100
Open

Fix clashing DNS rule names #19

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
200 changes: 100 additions & 100 deletions modules/consul-security-group-rules/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,157 +5,157 @@
resource "azurerm_network_security_rule" "allow_server_rpc_inbound" {
count = "${length(var.allowed_inbound_cidr_blocks)}"

access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.server_rpc_port}"
direction = "Inbound"
name = "ServerRPC${count.index}"
access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.server_rpc_port}"
direction = "Inbound"
name = "ServerRPC${count.index}"
network_security_group_name = "${var.security_group_name}"
priority = "${200 + count.index}"
protocol = "Tcp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
priority = "${200 + count.index}"
protocol = "Tcp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
}

resource "azurerm_network_security_rule" "allow_cli_rpc_inbound" {
count = "${length(var.allowed_inbound_cidr_blocks)}"

access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.cli_rpc_port}"
direction = "Inbound"
name = "CLIRPC${count.index}"
access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.cli_rpc_port}"
direction = "Inbound"
name = "CLIRPC${count.index}"
network_security_group_name = "${var.security_group_name}"
priority = "${250 + count.index}"
protocol = "Tcp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
priority = "${250 + count.index}"
protocol = "Tcp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
}

resource "azurerm_network_security_rule" "allow_serf_lan_tcp_inbound" {
count = "${length(var.allowed_inbound_cidr_blocks)}"

access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.serf_lan_port}"
direction = "Inbound"
name = "SerfLan${count.index}"
access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.serf_lan_port}"
direction = "Inbound"
name = "SerfLan${count.index}"
network_security_group_name = "${var.security_group_name}"
priority = "${300 + count.index}"
protocol = "Tcp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
priority = "${300 + count.index}"
protocol = "Tcp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
}

resource "azurerm_network_security_rule" "allow_serf_lan_udp_inbound" {
count = "${length(var.allowed_inbound_cidr_blocks)}"

access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.serf_lan_port}"
direction = "Inbound"
name = "SerfLanUdp${count.index}"
access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.serf_lan_port}"
direction = "Inbound"
name = "SerfLanUdp${count.index}"
network_security_group_name = "${var.security_group_name}"
priority = "${350 + count.index}"
protocol = "Udp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
priority = "${350 + count.index}"
protocol = "Udp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
}

resource "azurerm_network_security_rule" "allow_serf_wan_tcp_inbound" {
count = "${length(var.allowed_inbound_cidr_blocks)}"

access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.serf_wan_port}"
direction = "Inbound"
name = "SerfWan${count.index}"
access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.serf_wan_port}"
direction = "Inbound"
name = "SerfWan${count.index}"
network_security_group_name = "${var.security_group_name}"
priority = "${400 + count.index}"
protocol = "Tcp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
priority = "${400 + count.index}"
protocol = "Tcp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
}

resource "azurerm_network_security_rule" "allow_serf_wan_udp_inbound" {
count = "${length(var.allowed_inbound_cidr_blocks)}"

access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.serf_wan_port}"
direction = "Inbound"
name = "SerfWanUdp${count.index}"
access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.serf_wan_port}"
direction = "Inbound"
name = "SerfWanUdp${count.index}"
network_security_group_name = "${var.security_group_name}"
priority = "${450 + count.index}"
protocol = "Udp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
priority = "${450 + count.index}"
protocol = "Udp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
}

resource "azurerm_network_security_rule" "allow_http_api_inbound" {
count = "${length(var.allowed_inbound_cidr_blocks)}"

access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.http_api_port}"
direction = "Inbound"
name = "HttpApi${count.index}"
access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.http_api_port}"
direction = "Inbound"
name = "HttpApi${count.index}"
network_security_group_name = "${var.security_group_name}"
priority = "${500 + count.index}"
protocol = "Tcp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
priority = "${500 + count.index}"
protocol = "Tcp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
}

resource "azurerm_network_security_rule" "allow_dns_tcp_inbound" {
count = "${length(var.allowed_inbound_cidr_blocks)}"

access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.dns_port}"
direction = "Inbound"
name = "Dns${count.index}"
access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.dns_port}"
direction = "Inbound"
name = "DnsTcp${count.index}"
network_security_group_name = "${var.security_group_name}"
priority = "${550 + count.index}"
protocol = "Tcp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
priority = "${550 + count.index}"
protocol = "Tcp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
}

resource "azurerm_network_security_rule" "allow_dns_udp_inbound" {
count = "${length(var.allowed_inbound_cidr_blocks)}"

access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.dns_port}"
direction = "Inbound"
name = "Dns${count.index}"
access = "Allow"
destination_address_prefix = "*"
destination_port_range = "${var.dns_port}"
direction = "Inbound"
name = "DnsUdp${count.index}"
network_security_group_name = "${var.security_group_name}"
priority = "${600 + count.index}"
protocol = "Udp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
priority = "${600 + count.index}"
protocol = "Udp"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "${element(var.allowed_inbound_cidr_blocks, count.index)}"
source_port_range = "1024-65535"
}

resource "azurerm_network_security_rule" "denyall" {
access = "Deny"
destination_address_prefix = "*"
destination_port_range = "*"
direction = "Inbound"
name = "DenyAll"
access = "Deny"
destination_address_prefix = "*"
destination_port_range = "*"
direction = "Inbound"
name = "DenyAll"
network_security_group_name = "${var.security_group_name}"
priority = 999
protocol = "*"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "*"
source_port_range = "*"
priority = 999
protocol = "*"
resource_group_name = "${var.resource_group_name}"
source_address_prefix = "*"
source_port_range = "*"
}