removed legacy references to inline_fqdn_rules, updated allowlist (#5134

)
ministryofjustice · Oct 3, 2023 · c889b73 · c889b73
1 parent cd5f566
commit c889b73
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 22 deletions.
diff --git a/terraform/environments/core-network-services/firewall-rules/fqdn_rules.json b/terraform/environments/core-network-services/firewall-rules/fqdn_rules.json
@@ -14,7 +14,8 @@
     ".ubuntu.com",
     ".docker.io",
     ".docker.com",
-    ".ghcr.io"
+    ".ghcr.io",
+    ".amazontrust.com"
   ],
   "fw_home_net_ips": ["10.26.0.0/16", "10.27.0.0/16"]
 }
diff --git a/terraform/environments/core-network-services/firewall-rules/inline_fqdn_rules.json b/terraform/environments/core-network-services/firewall-rules/inline_fqdn_rules.json
diff --git a/terraform/environments/core-network-services/locals.tf b/terraform/environments/core-network-services/locals.tf
@@ -36,7 +36,6 @@ locals {
   production_rules      = fileexists("./firewall-rules/production_rules.json") ? jsondecode(templatefile("./firewall-rules/production_rules.json", local.all_cidr_ranges)) : {}
   fqdn_firewall_rules   = fileexists("./firewall-rules/fqdn_rules.json") ? jsondecode(file("./firewall-rules/fqdn_rules.json")) : {}
   inline_firewall_rules = fileexists("./firewall-rules/inline_rules.json") ? jsondecode(templatefile("./firewall-rules/inline_rules.json", local.all_cidr_ranges)) : {}
-  inline_fqdn_rules     = fileexists("./firewall-rules/inline_fqdn_rules.json") ? jsondecode(file("./firewall-rules/inline_fqdn_rules.json")) : {}
   firewall_rules        = merge(local.development_rules, local.test_rules, local.preproduction_rules, local.production_rules)
 
   vpn_attachments = fileexists("./vpn_attachments.json") ? jsondecode(file("./vpn_attachments.json")) : {}