Removes old IP lists

afs_pop
afs_azure_pop
nga_pop
xdr_interconnect

base/github/vars.tf

@@ -45,10 +45,6 @@ variable "reverse_enabled" {
 }
 
 variable "trusted_ips" { type = list(string) }
-variable "xdr_interconnect" { type = list(string) }
-variable "nga_pop" { type = list(string) }
-variable "afs_azure_pop" { type = list(string) }
-variable "afs_pop" { type = list(string) }
 variable "proxy" { type = string }
 variable "salt_master" { type = string }
 

base/keycloak/vars.tf

@@ -65,10 +65,6 @@ variable "reverse_enabled" {
 }
 
 variable "trusted_ips" { type = list(string) }
-variable "xdr_interconnect" { type = list(string) }
-variable "nga_pop" { type = list(string) }
-variable "afs_azure_pop" { type = list(string) }
-variable "afs_pop" { type = list(string) }
 variable "proxy" { type = string }
 variable "salt_master" { type = string }
 

base/mailrelay/vars.tf

@@ -39,10 +39,6 @@ variable "reverse_enabled" {
 }
 
 variable "trusted_ips" { type = list(string) }
-variable "xdr_interconnect" { type = list(string) }
-variable "nga_pop" { type = list(string) }
-variable "afs_azure_pop" { type = list(string) }
-variable "afs_pop" { type = list(string) }
 variable "proxy" { type = string }
 variable "salt_master" { type = string }
 

base/proxy_server/vars.tf

@@ -33,10 +33,6 @@ variable "reverse_enabled" {
 }
 
 variable "trusted_ips" { type = list(string) }
-variable "xdr_interconnect" { type = list(string) }
-variable "nga_pop" { type = list(string) }
-variable "afs_azure_pop" { type = list(string) }
-variable "afs_pop" { type = list(string) }
 variable "proxy" { type = string }
 variable "salt_master" { type = string }
 

base/repo_server/vars.tf

@@ -33,10 +33,6 @@ variable "reverse_enabled" {
 }
 
 variable "trusted_ips" { type = list(string) }
-variable "xdr_interconnect" { type = list(string) }
-variable "nga_pop" { type = list(string) }
-variable "afs_azure_pop" { type = list(string) }
-variable "afs_pop" { type = list(string) }
 variable "proxy" { type = string }
 variable "salt_master" { type = string }
 variable "repo_server_whitelist" { type = list(string) }

base/rhsso/vars.tf

@@ -65,10 +65,6 @@ variable "reverse_enabled" {
 }
 
 variable "trusted_ips" { type = list(string) }
-variable "xdr_interconnect" { type = list(string) }
-variable "nga_pop" { type = list(string) }
-variable "afs_azure_pop" { type = list(string) }
-variable "afs_pop" { type = list(string) }
 variable "proxy" { type = string }
 variable "salt_master" { type = string }
 

base/salt_master/main.tf

@@ -265,46 +265,6 @@ resource "aws_security_group_rule" "saltstack-external-ips" {
   security_group_id = aws_security_group.salt_master_security_group.id
 }
 
-resource "aws_security_group_rule" "saltstack-afs-pop" {
-  description = "SaltStack - AFS POP"
-  type = "ingress"
-  from_port = "4505"
-  to_port = "4506"
-  protocol = "tcp"
-  cidr_blocks = var.afs_pop
-  security_group_id = aws_security_group.salt_master_security_group.id
-}
-
-resource "aws_security_group_rule" "saltstack-afs-azure-pop" {
-  description = "SaltStack - AFS Azure POP"
-  type = "ingress"
-  from_port = "4505"
-  to_port = "4506"
-  protocol = "tcp"
-  cidr_blocks = var.afs_azure_pop
-  security_group_id = aws_security_group.salt_master_security_group.id
-}
-
-resource "aws_security_group_rule" "saltstack-nga-pop" {
-  description = "SaltStack - NGA POP"
-  type = "ingress"
-  from_port = "4505"
-  to_port = "4506"
-  protocol = "tcp"
-  cidr_blocks = var.nga_pop
-  security_group_id = aws_security_group.salt_master_security_group.id
-}
-
-resource "aws_security_group_rule" "saltstack-xdr-interconnects" {
-  description = "SaltStack - XDR Interconnects"
-  type = "ingress"
-  from_port = "4505"
-  to_port = "4506"
-  protocol = "tcp"
-  cidr_blocks = var.xdr_interconnect
-  security_group_id = aws_security_group.salt_master_security_group.id
-}
-
 #TODO: make this better
 #for now, just allow 22 outbound anywhere
 resource "aws_security_group_rule" "saltstack-github" {

base/salt_master/vars.tf

@@ -33,10 +33,6 @@ variable "reverse_enabled" {
 }
 
 variable "trusted_ips" { type = list(string) }
-variable "xdr_interconnect" { type = list(string) }
-variable "nga_pop" { type = list(string) }
-variable "afs_azure_pop" { type = list(string) }
-variable "afs_pop" { type = list(string) }
 variable "proxy" { type = string }
 variable "salt_master" { type = string }
 

base/sensu/elb.tf

@@ -247,41 +247,6 @@ resource "aws_security_group_rule" "sensu-external-ips" {
   security_group_id = aws_security_group.sensu_alb_server_external.id
 }
 
-#count = 0 in test. No need to let customers connect to test. 
-resource "aws_security_group_rule" "sensu-afs-pop" {
-  count = var.environment == "test" ? 0 : 1
-  description = "Sensu - AFS POP"
-  type = "ingress"
-  from_port = "443"
-  to_port = "443"
-  protocol = "tcp"
-  cidr_blocks = var.afs_pop
-  security_group_id = aws_security_group.sensu_alb_server_external.id
-}
-
-#count = 0 in test. No need to let customers connect to test.
-resource "aws_security_group_rule" "sensu-afs-azure-pop" {
-  count = var.environment == "test" ? 0 : 1
-  description = "Sensu - AFS Azure POP"
-  type = "ingress"
-  from_port = "443"
-  to_port = "443"
-  protocol = "tcp"
-  cidr_blocks = var.afs_azure_pop
-  security_group_id = aws_security_group.sensu_alb_server_external.id
-}
-
-#count = 0 in test. No need to let customers connect to test.
-resource "aws_security_group_rule" "sensu-nga-pop" {
-  count = var.environment == "test" ? 0 : 1
-  description = "Sensu - NGA POP"
-  type = "ingress"
-  from_port = "443"
-  to_port = "443"
-  protocol = "tcp"
-  cidr_blocks = var.nga_pop
-  security_group_id = aws_security_group.sensu_alb_server_external.id
-}
 
 
 #----------------------------------------------------------------------------

base/sensu/vars.tf

@@ -37,10 +37,7 @@ variable "reverse_enabled" {
 }
 
 variable "trusted_ips" { type = list(string) }
-variable "xdr_interconnect" { type = list(string) }
-variable "nga_pop" { type = list(string) }
-variable "afs_azure_pop" { type = list(string) }
-variable "afs_pop" { type = list(string) }
+
 variable "proxy" { type = string }
 variable "salt_master" { type = string }
 

base/teleport-single-instance/vars.tf

@@ -33,10 +33,6 @@ variable "reverse_enabled" {
 }
 
 variable "trusted_ips" { type = list(string) }
-variable "xdr_interconnect" { type = list(string) }
-variable "nga_pop" { type = list(string) }
-variable "afs_azure_pop" { type = list(string) }
-variable "afs_pop" { type = list(string) }
 variable "proxy" { type = string }
 variable "salt_master" { type = string }
 

base/vault/vars.tf

@@ -39,10 +39,6 @@ variable "reverse_enabled" {
 }
 
 variable "trusted_ips" { type = list(string) }
-variable "xdr_interconnect" { type = list(string) }
-variable "nga_pop" { type = list(string) }
-variable "afs_azure_pop" { type = list(string) }
-variable "afs_pop" { type = list(string) }
 variable "proxy" { type = string }
 variable "salt_master" { type = string }