firewall azure postgress

2025-07-01 17:49:02 +02:00
parent 7d2e8b5392
commit a063f7aff8
1 changed files with 7 additions and 51 deletions
--- a/databases/azure-rds-flexpostgres/firewall.tf
+++ b/databases/azure-rds-flexpostgres/firewall.tf
@@ -1,57 +1,13 @@
-/*resource "azurerm_postgresql_flexible_server_firewall_rule" "all-azure-services" {
-  name                = "AllAzureServices"
-  server_id = azurerm_postgresql_flexible_server.postgresql-server.id
-  start_ip_address    = "0.0.0.0"
-  end_ip_address      = "0.0.0.0"
-}*/
-
-
-/*
-# OLD USA
-resource "azurerm_postgresql_flexible_server_firewall_rule" "fw-a-rule1" {
-  name                = "a1"
-  server_id = azurerm_postgresql_flexible_server.postgresql-server.id
-  start_ip_address    = "52.249.189.38"
-  end_ip_address      = "52.249.189.38"
+module "fw-ips" {
+    source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//databases/firewall_ips"
 }

-# OLD APAC
-resource "azurerm_postgresql_flexible_server_firewall_rule" "fw-a-rule2" {
-  name                = "a2"
-  server_id = azurerm_postgresql_flexible_server.postgresql-server.id
-  start_ip_address    = "13.67.39.86"
-  end_ip_address      = "13.67.39.86"
-}
+resource "azurerm_postgresql_flexible_server_firewall_rule" "fw_rule" {
+  for_each = module.fw-ips.ips_az_qcs

-# OLD EUROPE
-resource "azurerm_postgresql_flexible_server_firewall_rule" "fw-a-rule3" {
-  name                = "a3"
+  name                = each.key
  server_id = azurerm_postgresql_flexible_server.postgresql-server.id
-  start_ip_address    = "20.67.110.207"
-  end_ip_address      = "20.67.110.207"
-}
-*/
+  start_ip_address    = each.value.0
+  end_ip_address      = each.value.1

-# New EUROPE
-resource "azurerm_postgresql_flexible_server_firewall_rule" "fw-a-rule4" {
-  name                = "azeurope"
-  server_id = azurerm_postgresql_flexible_server.postgresql-server.id
-  start_ip_address    = "20.160.170.99"
-  end_ip_address      = "20.160.170.99"
-}
-
-# New USA
-resource "azurerm_postgresql_flexible_server_firewall_rule" "fw-a-rule5" {
-  name                = "azusa"
-  server_id = azurerm_postgresql_flexible_server.postgresql-server.id
-  start_ip_address    = "20.169.241.157"
-  end_ip_address      = "20.169.241.157"
-}
-
-# New APAC
-resource "azurerm_postgresql_flexible_server_firewall_rule" "fw-a-rule6" {
-  name                = "azapac"
-  server_id = azurerm_postgresql_flexible_server.postgresql-server.id
-  start_ip_address    = "52.163.112.12"
-  end_ip_address      = "52.163.112.12"
 }