| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103 |
- locals {
- # Source IPs for splunk data
- splunk_data_sources_default = []
- splunk_data_sources_exceptions = {
- mdr-prod-afs = [
- "170.248.172.0/23", # Corporate Network
- "20.190.250.137/32", # Azure: EastUS2_External_Access
- "52.232.227.197/32", # Azure: Azure US-East Palo
- "52.185.64.173/32", # Azure: CentralUS_External_Access
- "52.242.225.98/32", # Azure: Azure US-Central Palo 20200721
- "52.177.84.83/32", # Azure: Lab_External_Access
- ],
- mdr-prod-nga = [
- "199.16.64.3/32",
- ],
- mdr-prod-bas = [
- "52.61.137.158/32",
- ],
- mdr-prod-dgi = [
- "3.32.175.159/32",
- "15.200.13.143/32", # MSOCI-1776
- ],
- mdr-prod-ca-c19 = [
- "44.242.164.146/32",
- "44.234.190.14/32",
- "44.228.141.151/32",
- "18.215.158.202/32",
- "54.234.108.195/32",
- "34.228.38.91/32",
- "44.226.172.7/32", # 2022-06-22 From Ben Troglia WEST MSOCI-2214
- "52.24.211.95/32",
- "52.35.39.247/32",
- "3.226.9.146/32", # 2022-06-22 From Ben Troglia EAST MSOCI-2214
- "44.207.196.144/32",
- "44.207.241.26/32",
- ],
- afs-mdr-prod-c2-gov = [
- "170.248.172.0/23", # legacy afs_whitelist
- "20.190.250.137/32", # legacy afs_azure_whitelist: EastUS2_External_Access
- "52.232.227.197/32", # legacy afs_azure_whitelist: Azure US-East Palo
- "52.185.64.173/32", # legacy afs_azure_whitelist: CentralUS_External_Access
- "52.242.225.98/32", # legacy afs_azure_whitelist: Azure US-Central Palo 20200721
- "52.177.84.83/32", # legacy afs_azure_whitelist: Lab_External_Access
- "199.16.64.3/32", # legacy nga_whitelist
- "54.205.60.17/32", #FRTIB ALIGHT
- "52.206.203.98/32", #FRTIB ALIGHT
- "34.233.188.131/32", #FRTIB ALIGHT
- "34.214.247.125/32", #FRTIB ALIGHT2
- "44.235.174.214/32", #FRTIB ALIGHT2
- "52.89.203.9/32", #FRTIB ALIGHT2
- "52.61.113.202/32", #FRTIB VDI
- "15.200.226.57/32", #FRTIB CMPS
- "52.61.137.158/32", #BAS-Commerce CMPS
- "34.223.59.103/32", # CA-C19
- "44.234.190.14/32", # CA-C19
- "44.228.141.151/32", # CA-C19
- "18.215.158.202/32", # CA-C19
- "54.234.108.195/32", # CA-C19
- "34.228.38.91/32", # CA-C19
- "3.32.175.159/32", # DGI
- "15.200.13.143/32", # DGI
- "3.221.245.113/32", # FRTIB Chaos us-east-1
- "34.237.100.242/32", # FRTIB Chaos us-east-1
- "35.172.75.107/32", # FRTIB Chaos us-east-1
- "54.164.205.89/32", # FRTIB Chaos us-east-1
- "54.209.105.32/32", # FRTIB Chaos us-east-1
- "54.224.69.136/32", # FRTIB Chaos us-east-1
- "34.237.183.65/32", # FRTIB Chaos prod us-east-1
- "34.227.214.27/32", # FRTIB Chaos prod us-east-1
- "3.232.76.136/32", # FRTIB Chaos prod us-east-1
- ],
- mdr-prod-frtib = [
- "52.61.113.202/32",
- "54.205.60.17/32", # 2021-05-04 From John Conrad john.conrad.2@alight.com
- "52.206.203.98/32",
- "34.233.188.131/32",
- "15.200.226.57/32", # 2021-07-12 From "Nguyen, Brian A." <brian.a.nguyen@accenturefederal.com>
- "34.214.247.125/32", # 2022-01-20 From John Conrad john.conrad.2@alight.com
- "44.235.174.214/32",
- "52.89.203.9/32",
- "3.221.245.113/32", # FRTIB Chaos us-east-1
- "34.237.100.242/32", # FRTIB Chaos us-east-1
- "35.172.75.107/32", # FRTIB Chaos us-east-1
- "54.164.205.89/32", # FRTIB Chaos us-east-1
- "54.209.105.32/32", # FRTIB Chaos us-east-1
- "54.224.69.136/32", # FRTIB Chaos us-east-1
- "34.237.183.65/32", # FRTIB Chaos prod us-east-1
- "34.227.214.27/32", # FRTIB Chaos prod us-east-1
- "3.232.76.136/32", # FRTIB Chaos prod us-east-1
- ],
- afs-mdr-test-c2-gov = [
- "170.248.172.0/23", # ?
- "20.190.250.137/32", # ?
- "52.232.227.197/32", # ?
- "52.185.64.173/32", # ?
- "52.242.225.98/32", # ?
- "52.177.84.83/32", # ?
- "199.16.64.3/32", #?
- "99.56.213.129/32", # Fred Damstra's Home IP - For testing
- ],
- }
- splunk_data_sources = lookup(local.splunk_data_sources_exceptions, var.account_name, local.splunk_data_sources_default)
- }
|
