|
|
@@ -13,13 +13,33 @@ locals {
|
|
|
proxy_ip = "10.80.101.166"
|
|
|
salt_master = "salt-master.pvt.xdr.accenturefederalcyber.com"
|
|
|
salt_master_ip = "10.80.101.170"
|
|
|
+ hec = "moose-hec.mdr.defpoint.com"
|
|
|
hec_pub = "moose-hec.mdr.defpoint.com"
|
|
|
hec_pub_ack = "moose-hec-ack.mdr.defpoint.com"
|
|
|
|
|
|
# When there are multiples, put govcloud first, then commercial, and alternate if there are more than 2.
|
|
|
# Put any standalone IPs at the end.
|
|
|
cidr_map = {
|
|
|
- "vpc-access" = [ "10.80.101.133/32", "10.80.101.126/32", "10.40.20.0/22" ], # vpc-access in mdr-prod-c2-gov
|
|
|
+ "vpc-splunk" = [ "10.40.16.0/22", # Splunk -- **MOOSE**
|
|
|
+ "10.80.0.0/16", # legacy moose subnet
|
|
|
+ ],
|
|
|
+ "vpc-access" = [ "10.40.20.0/22", # VPN, bastions (if any), etc.
|
|
|
+ "10.80.101.133/32", # legacy bastion
|
|
|
+ "10.80.101.126/32", # legacy openvpn
|
|
|
+ ],
|
|
|
+ "vpc-public" = [ "10.40.24.0/22" ], # Public sites (github, ghe-backup, jira, ...)
|
|
|
+ "vpc-scanners" = [ "10.40.12.0/22" ], # Qualys, etc.
|
|
|
+ "vpc-system-services" = [ "10.32.0.0/22", # Internal services such as dns, mailrelay, etc.
|
|
|
+ "10.40.0.0/22",
|
|
|
+ "10.80.101.230/32", # legacy sensu
|
|
|
+ "10.80.101.170/32", # legacy salt master
|
|
|
+ "10.80.101.166/32", # legacy proxy
|
|
|
+ "10.80.101.197/32", # legacy repo
|
|
|
+ "10.80.1.107/32", # legacy smtp
|
|
|
+ ],
|
|
|
+ "vpc-private-services" = [ "10.40.28.0/22" ], # Private Services - fm-shared-search, qcompliance, phantom, etc.
|
|
|
+
|
|
|
+ # "old" mappings before architecture planning... we should eliminate these.
|
|
|
"bastions" = [ "10.80.101.133/32", "10.40.20.0/22" ], # vpc-access in mdr-prod-c2-gov
|
|
|
"vpns" = [ "10.80.101.126/32", "10.40.20.0/22" ], # vpc-access in mdr-prod-c2-gov
|
|
|
"scanners" = [ "10.40.12.0/22" ], # vpc-qualys
|
Frederick Damstra