# Set account-wide variables. These are automatically pulled in to configure the remote state bucket in the root # terragrunt.hcl configuration. locals { account_name = "afs-mdr-common-services" account_alias = "afs-mdr-common-services" aws_account_id = "471284459109" instance_termination_protection = true # set to true for production! account_tags = { } c2_account_standards_path = "../../../../prod/aws/mdr-prod-c2/005-account-standards-c2" # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation standard_vpc_cidr = "10.1.1.0/22" ##################################### # DNS Zones hosted_public_dns_zones = [ "accenturefederalcyber.com", "accenturefederalcyber.net", "xdr.accenturefederalcyber.com", "xdrtest.accenturefederalcyber.com", ] # Delegated zones are created in different accounts delegated_public_dns_zones = { "caasp.xdr.accenturefederalcyber.com" = [ "tbd1.awsdns-15.com.", "tbd2.awsdns-15.com.", "tbd3.awsdns-15.com.", "tbd4.awsdns-15.com." ] } # For testing create_test_instance = false test_instance_key_name = "fdamstra" # The key with which to provision the test instance # # Account Specific Module Variables security_vpc_cidr = "10.1.0.0/22" # Palo Alto moved to govcloud # panorama_count = 2 # We need a second serial number for 2 # #panorama_instance_type = "m5.2xlarge" # panorama_instance_type = "t3.xlarge" # panorama_key_name = "fdamstra" # DO NOT CHANGE # palo_alto_count = 2 # should be divisible by 2 # palo_alto_instance_type = "m5.xlarge" # palo_alto_key_name = "fdamstra" # DO NOT CHANGE # # # To generate auth keys, log in to the panorama cli and run: # # request bootstrap vm-auth-key generate lifetime 720 # # where 720 is the validity period in hours (720 is 30 days) # # (Should only need to be valid when you stand up the firewall) # palo_alto_auth_keys = [ # "919502713609312", # Expires at: 2020/07/30 21:32:44 # "655051814206833", # Expires at: 2020/07/30 21:32:45 # ] # palo_alto_license_keys = [ # one per count # "32836999", # "65202677" # ] # palo_alto_feature_auth_keys = [ # one per count, not yet implemented # "28341453", # "62158825" # ] }