Skip to content

Commit

Permalink
Merge pull request #8 from Coalfire-CF/fmt
Browse files Browse the repository at this point in the history 
added evasive bracket
  • Loading branch information
@douglas-f
douglas-f authored Oct 27, 2023
2 parents 1a96b52 + 91e7636 commit e1a9eea
Show file tree
Hide file tree
Showing 5 changed files with 22 additions and 21 deletions.
1 change: 1 addition & 0 deletions terraform/prod/us-va/mgmt/backup/backupConfig.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ resource "azurerm_recovery_services_vault" "ars_vault" {
location = var.location
resource_group_name = data.terraform_remote_state.setup.outputs.management_rg_name
sku = "Standard"
}

resource "azurerm_backup_container_storage_account" "container" {
resource_group_name = data.terraform_remote_state.setup.outputs.management_rg_name
Expand Down
4 changes: 2 additions & 2 deletions terraform/prod/us-va/mgmt/bastion/bastion.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,8 @@ module "bastion1" {
kv_id = data.terraform_remote_state.core.outputs.core_kv_id
trusted_launch = false # For now, we are not using trusted launch. Fails with the CIS marketplace image.

regional_tags = var.regional_tags
global_tags = var.global_tags
regional_tags = var.regional_tags
global_tags = var.global_tags

source_image_reference = {
publisher = "center-for-internet-security-inc"
Expand Down
2 changes: 1 addition & 1 deletion terraform/prod/us-va/mgmt/sentinel/sentinel.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ module "sentinel" {
log_analytics_workspace_id = data.terraform_remote_state.core.outputs.core_la_workspace_id
log_analytics_workspace_name = data.terraform_remote_state.core.outputs.core_la_workspace_name

global_tags = var.global_tags
global_tags = var.global_tags
regional_tags = merge({
Function = "SEIM"
Plane = "Management"
Expand Down
4 changes: 2 additions & 2 deletions terraform/prod/us-va/region-setup/setup.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,10 @@ module "setup" {
core_kv_id = data.terraform_remote_state.core.outputs.core_kv_id
diag_log_analytics_id = data.terraform_remote_state.core.outputs.core_la_id
admin_principal_ids = var.admin_principal_ids

# uncomment the following line when the mgmt-network is created
#firewall_vnet_subnet_ids = values(data.terraform_remote_state.usgv_mgmt_vnet.outputs.usgv_mgmt_vnet_subnet_ids) #Uncomment and rerun terraform apply after the mgmt-network is created

additional_resource_groups = [
"${local.resource_prefix}-identity-rg"
]
Expand Down
32 changes: 16 additions & 16 deletions terraform/prod/us-va/security-core/core.tf
View file
Original file line number Diff line number Diff line change
@@ -1,22 +1,22 @@
module "core" {
source = "github.com/Coalfire-CF/ACE-Azure-SecurityCore"

subscription_id = var.subscription_id
resource_prefix = local.resource_prefix
location_abbreviation = var.location_abbreviation
location = var.location
app_abbreviation = var.app_abbreviation
tenant_id = var.tenant_id
regional_tags = var.regional_tags
global_tags = merge(var.global_tags, local.global_local_tags)
core_rg_name = "${local.resource_prefix}-core-rg"
cidrs_for_remote_access = var.cidrs_for_remote_access
ip_for_remote_access = var.ip_for_remote_access
admin_principal_ids = var.admin_principal_ids
app_subscription_ids = var.app_subscription_ids
enable_sub_logs = false
enable_aad_logs = false
enable_aad_permissions = false
subscription_id = var.subscription_id
resource_prefix = local.resource_prefix
location_abbreviation = var.location_abbreviation
location = var.location
app_abbreviation = var.app_abbreviation
tenant_id = var.tenant_id
regional_tags = var.regional_tags
global_tags = merge(var.global_tags, local.global_local_tags)
core_rg_name = "${local.resource_prefix}-core-rg"
cidrs_for_remote_access = var.cidrs_for_remote_access
ip_for_remote_access = var.ip_for_remote_access
admin_principal_ids = var.admin_principal_ids
app_subscription_ids = var.app_subscription_ids
enable_sub_logs = false
enable_aad_logs = false
enable_aad_permissions = false
azure_private_dns_zones = [
"privatelink.azurecr.us",
"privatelink.database.usgovcloudapi.net",
Expand Down

0 comments on commit e1a9eea

Please sign in to comment.