AFS
/
xdr-terraform-live


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142
							# Set common variables for everything. This is automatically pulled in in the root terragrunt.hcl configuration to
# feed forward to the child modules.
locals {
  remote_state_bucket = "afsxdr-terraform-state" # Could be moved to environment/partition.
  binaries_bucket     = "afsxdr-binaries"        # Storage for binaries

  inside_domain = "msoc.defpoint.local"
  global_tags = {
    "Schedule" = "MSOC",
    #"Last_Updated" = timestamp() # while this is cool, its usefulness does not warrant the constant updates.
  }

  trusted_ips = [ # IPs for 'permissive' ingress. Used for the bastion host and for testing. Think twice before employing.
    "12.245.107.250/32",   # DPS Office Legato
    "12.204.167.162/32",   # DPS Office San Antonio
    "54.86.98.62/32",      # DPS AWS User VPN
    "75.138.227.80/32",    # Duane Waddle
    "24.11.231.98/32",     # George Starcher
    "99.151.37.185/32",    # Wesley Leonard
    "70.106.200.157/32",   # John Reuther
    "108.243.20.48/32",    # Ryan Plas
    "73.10.53.113/32",     # Rick Page Home
    "50.21.207.50/32",     # Brad Poulton
    "70.160.60.248/32",    # Brandon Naughton
    "173.71.212.4/32",     # Ryan Howard
    "99.56.213.129/32",    # Fred Damstra
    "97.117.78.121/32",    # Colby Williams
  ]
  portal_test_whitelist = local.trusted_ips # for now, an alias

  key_pairs = {
    # Should be your username -> key pair
    "msoc-build" = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDv8N5N/ECQNKdqZKmjQqGkPiAtJc3WmWdpcZmhxUfplGRFW0IlHGH/wPUgkXXg+djWNpMyT+bqWI8B4Q18uw0Y+w09lN+F1t/vp2GNPYyIPHTGbr2u/r5RCuPXc5Gg6ogkneyAipPCPAhBRbvPaFtfLSJ94ba01LoFs4xgCIZXetr/3ql61OlLyB8vb8FohpW/7u32zzOVJwObA+QlDrRgivaYpwNBxd+No9HEz29dUVFMsKb3ko0GpBuu4pptbj73XxP0EeodMj0hee0FH4kEkZy80LVbg2WeTsq6Mi/FRZmeGt5f3oZEcfflGqYOPA4FmhTrc9O9pp36DDOGts79TeZ6abky+a0jRJQvaeN8x8DZ6PQXfVGpOrNst5zw0Z9EP3ZrFAkX6CYfZkckq0h5Fs+rcWLeUfM/ppZqcyNBDys7zxjFNdmWk86pgn+XvdCVIlsp99B6CzgDoAJkay09ROVqh39HTK7m2aKZoyFWZvUpaqUOlLkOb47bMQzIBSp8Yaoo4PozSg0lQOzkJl3JTR0OZksbeN0pFKY4qNcUcpgUU5mVYs5SXWAOsih51kC5s+0F6Uxt+iDjT9ASaF1O+Bl46UnhpwrtN4ckpHsFnp58mdfhJCUMjt6PX+UPxjRlSL21EkjGALybG2C0gPuoGo0x5bEsZl/gFrFJ+3r6gQ== MSOC Build Key",
    "fdamstra" = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDF3pGU9+HufgfEhPP7P0Lt7kqfGWLTGd6sfJgSypcSo3FP1XhwFOWkaNvZIpoIeQXhux5vTm+RoqYZ/3Gj7hcGMLdoHWArvLHD2AGjxbFnsmiCioQgsC/rYLBjiWNsDdVF5Arofby/RwzivMAi7yivhY4nGzXPsHZoucB0Wi34/9AmxbvXWv6ckuWkMjrXVe+uwFje3U7jQHRW9jQRpCRRfUjVA4FmH0PWqWFBlt/zqsDPOzbxNNhAvyrJho7jVBNjCLsq0++lT8BDKrYbaZiT0F2c9uIDRpHJSdjpqVCf9bghmeJWYMoNHAkGR7WCFjPCJ7QM57a2oRBtm1A/EWcr",
  }

  # Some sane defaults we don't want to specify everywhere
  is_legacy = false # By default, accounts are not legacy accounts
  extra_ebs_key_admins = [ ]
  extra_ebs_key_users  = [ ]
  extra_ebs_key_attachers = [ ]
}