fix insecure cidr_blocks in load test

2022-05-16 16:37:45 -04:00 · 2022-05-16 16:37:45 -04:00 · bc5f13e331
parent 4b5919f95a
commit bc5f13e331
2 changed files with 7 additions and 7 deletions
--- a/test/load/terraform/consul.tf
+++ b/test/load/terraform/consul.tf
@ -37,9 +37,9 @@ module "consul_servers" {

  vpc_id                  = module.vpc.vpc_id
  subnet_ids              = module.vpc.public_subnets
-  allowed_ssh_cidr_blocks = ["0.0.0.0/0"]
+  allowed_ssh_cidr_blocks = ["10.0.0.0/16"]

-  allowed_inbound_cidr_blocks = ["0.0.0.0/0"]
+  allowed_inbound_cidr_blocks = ["10.0.0.0/16"]
  ssh_key_name                = module.keys.key_name

 }
@ -57,9 +57,9 @@ module "consul_clients" {

  vpc_id                  = module.vpc.vpc_id
  subnet_ids              = module.vpc.public_subnets
-  allowed_ssh_cidr_blocks = ["0.0.0.0/0"]
+  allowed_ssh_cidr_blocks = ["10.0.0.0/16"]

-  allowed_inbound_cidr_blocks = ["0.0.0.0/0"]
+  allowed_inbound_cidr_blocks = ["10.0.0.0/16"]
  ssh_key_name                = module.keys.key_name
 }

--- a/test/load/terraform/test-servers.tf
+++ b/test/load/terraform/test-servers.tf
@ -31,19 +31,19 @@ resource "aws_security_group" "test-servers" {
    to_port         = 8500
    security_groups = [module.consul_clients.security_group_id]
    protocol        = "6"
-    cidr_blocks     = ["0.0.0.0/0"]
+    cidr_blocks     = ["10.0.0.0/16"]
  }
  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "6"
-    cidr_blocks = ["0.0.0.0/0"]
+    cidr_blocks = ["10.0.0.0/16"]
  }
  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
-    cidr_blocks = ["0.0.0.0/0"]
+    cidr_blocks = ["10.0.0.0/16"]
  }
 }