Enables WAFv2 Protection of /admin path

globals.hcl

@@ -39,63 +39,37 @@ locals {
     "73.213.108.186/32",   # LaDonia Wicks
   ]
 
-  admin_remote_ipset = [ 
-    {
-      "value" = "108.28.205.174/32"   # James Kerr Home
-      type    = "IPV4"
-    },
-    {
-      "value" = "73.10.53.113/32"    # Rick Page Home
-      type    = "IPV4"
-    },
-    {
-      "value" = "99.151.37.185/32"   # Wesley Leonard Home
-      type    = "IPV4"
-    },
-    {
-      "value" = "74.211.32.26/32"   # Brad Poulton Home
-      type    = "IPV4"
-    },
-    {
-      "value" = "104.9.149.90/32"    # Greg Rivas Home
-      type    = "IPV4"
-    },
-    {
-      "value" = "100.4.76.3/32"      # Brandon Naughton Home
-      type    = "IPV4"
-    },
-    {
-      "value" = "170.248.173.247/32" # AFS site
-      type    = "IPV4"
-    },
-    {
-      "value" = "170.248.173.245/32" # AFS site
-      type    = "IPV4"
-    },
-    {
-      "value" = "70.120.41.230/32"   # Will Ledesma Home
-      type    = "IPV4"
-    },
-    {
-      "value" = "107.207.74.118/32"  # Angelita Crawley Home
-      type    = "IPV4"
-    },
-    {
-      "value" = "69.207.192.131/32"  # Aaron Flores Home
-      type    = "IPV4"
-    },
-    {
-      "value" = "96.231.213.193/32"  # Rob Robinette Home
-      type    = "IPV4"
-    },
-    {
-      "value" = "70.120.19.33/32"   # Hilda Colon-Martinez Home
-      type    = "IPV4"
-    },
-    {
-      "value" = "198.13.82.11/32"   # Hussein Carrenard Home
-      type    = "IPV4"
-    },
+  admin_ips = [ 
+    "108.28.205.174/32",  # James Kerr Home
+    "73.10.53.113/32",    # Rick Page Home
+    "99.151.37.185/32",   # Wesley Leonard Home
+    "74.211.32.26/32",    # Brad Poulton Home
+    "104.9.149.90/32",    # Greg Rivas Home
+    "100.4.76.3/32",      # Brandon Naughton Home
+    "170.248.173.247/32", # AFS site
+    "170.248.173.245/32", # AFS site
+    #"70.120.41.230/32",   # Will Ledesma Home - Away on Leave
+    "107.207.74.118/32",  # Angelita Crawley Home
+    "69.207.192.131/32",  # Aaron Flores Home
+    "70.120.19.33/32",    # Hilda Colon-Martinez Home
+    "198.13.82.11/32",    # Hussein Carrenard Home
+  ]
+
+  # from https://config.zscaler.com/zscalergov.net/cenr
+  zscalar_ips = [
+    "165.225.3.0/24",
+    "136.226.10.0/23",
+    "136.226.12.0/23",
+    "136.226.14.0/23",
+    "165.225.46.0/24",
+    "136.226.6.0/23",
+    "136.226.4.0/23",
+    "136.226.8.0/23",
+    "136.226.22.0/24",
+    "165.225.48.0/24",
+    "136.226.18.0/23",
+    "136.226.16.0/23",
+    "136.226.20.0/23",
   ]
 
   # Customer External IPs

prod/aws-us-gov/mdr-prod-c2/200-customer-portal/terragrunt.hcl

@@ -13,7 +13,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/customer_portal?ref=v3.3.1"
+  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/customer_portal?ref=v3.3.5"
 }
 
 dependency "vpc" {

prod/aws-us-gov/mdr-prod-c2/220-instance-jira/terragrunt.hcl

@@ -13,7 +13,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/jira/instance_jira?ref=v3.3.4"
+  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/jira/instance_jira?ref=v3.3.5"
 }
 
 dependency "vpc" {

prod/aws-us-gov/mdr-prod-frtib/190-splunk-customer-searchhead/terragrunt.hcl

@@ -13,7 +13,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/splunk_servers/customer_searchhead?ref=v3.3.1"
+  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/splunk_servers/customer_searchhead?ref=v3.3.5"
 }
 
 dependency "vpc" {

test/aws-us-gov/mdr-test-c2/200-customer-portal/terragrunt.hcl

@@ -13,7 +13,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/customer_portal?ref=v3.3.1"
+  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/customer_portal?ref=v3.3.5"
 }
 
 dependency "vpc" {