Tips-Of-Mine/terraform-azure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add missing fw rules for ml

Browse Source
This commit is contained in:
Dylan Reed 2021-10-07 15:55:47 -04:00
parent e3d2f4db37
commit 7cfe24f0ff
2 changed files with 19 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -2,3 +2,5 @@ quickstart/301-machine-learning-hub-spoke-secure/*.terraform.lock.hcl
quickstart/301-machine-learning-hub-spoke-secure/*.tfstate quickstart/301-machine-learning-hub-spoke-secure/*.tfstate
quickstart/301-machine-learning-hub-spoke-secure/.terraform/providers/registry.terraform.io/hashicorp/azurerm/2.79.1/windows_amd64/terraform-provider-azurerm_v2.79.1_x5.exe quickstart/301-machine-learning-hub-spoke-secure/.terraform/providers/registry.terraform.io/hashicorp/azurerm/2.79.1/windows_amd64/terraform-provider-azurerm_v2.79.1_x5.exe
quickstart/301-machine-learning-hub-spoke-secure/.terraform/providers/registry.terraform.io/hashicorp/random/3.1.0/windows_amd64/terraform-provider-random_v3.1.0_x5.exe quickstart/301-machine-learning-hub-spoke-secure/.terraform/providers/registry.terraform.io/hashicorp/random/3.1.0/windows_amd64/terraform-provider-random_v3.1.0_x5.exe
quickstart/301-machine-learning-hub-spoke-secure/.terraform.tfstate.lock.info
quickstart/301-machine-learning-hub-spoke-secure/terraform.tfstate.*

20
quickstart/301-machine-learning-hub-spoke-secure/azure-firewall.tf
View File

@ -354,6 +354,20 @@ application_rule_collection {
source_ip_groups = [azurerm_ip_group.ip_group_spoke.id] source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]
destination_fqdns = ["dc.services.visualstudio.com"] destination_fqdns = ["dc.services.visualstudio.com"]
} }
rule {
name = "azureml-instances"
protocols {
type = "Http"
port = 80
}
protocols {
type = "Https"
port = 443
}
source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]
destination_fqdns = ["*.instances.azureml.net", "*.instances.azureml.ms"]
}
} }
network_rule_collection { network_rule_collection {
@ -364,8 +378,8 @@ application_rule_collection {
rule { rule {
name = "hub-to-spoke-rule" name = "hub-to-spoke-rule"
protocols = ["Any"] protocols = ["Any"]
source_ip_groups = [azurerm_ip_group.ip_group_spoke.id] source_ip_groups = [azurerm_ip_group.ip_group_spoke.id,azurerm_ip_group.ip_group_hub.id]
destination_ip_groups = [azurerm_ip_group.ip_group_hub.id] destination_ip_groups = [azurerm_ip_group.ip_group_hub.id,azurerm_ip_group.ip_group_spoke.id]
destination_ports = ["*"] destination_ports = ["*"]
} }
@ -421,7 +435,7 @@ application_rule_collection {
name = "Azure-Front-Door-Frontend" name = "Azure-Front-Door-Frontend"
protocols = ["TCP"] protocols = ["TCP"]
source_ip_groups = [azurerm_ip_group.ip_group_spoke.id] source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]
destination_addresses = ["AzureFrontDoor.Frontend"] destination_addresses = ["AzureFrontDoor.Frontend","AzureFrontDoor.FirstParty"]
destination_ports = ["443"] destination_ports = ["443"]
} }