HomePhabricator
Diffusion Comm 249f1d9e48c5

[terraform] configure personal ip address through script and not allowed_ips var
249f1d9e48c5
Actions

Description

[terraform] configure personal ip address through script and not allowed_ips var

Summary:
We rethought the approach in allowing script access to receive a health check from the keyserver load balancer.

Instead of allowing allowed_ips constant access to the load balancer, we decided to simply have the script enable access to the load balancer from the ip address of the
script caller by adding an ingress rule through aws cli during the duration of the script's run.

Test Plan: Ran the aws-deploy script and ensured that a separate ip machine was unable to access the load balancer while the script was able to perform a health check

Reviewers: varun, bartek

Reviewed By: varun, bartek

Subscribers: ashoat, tomek

Differential Revision: https://phab.comm.dev/D12960

Details

Provenance
willAuthored on Aug 4 2024, 8:19 PM
Reviewer
varun
Differential Revision
D12960: [terraform] configure personal ip address through script and not allowed_ips var
Parents
rCOMMd1e1d81a3992: [native] Fix encrypted media upload on Android
Branches
Unknown
Tags
Unknown

Changes (2)

PathSize
services/
terraform/
self-host/

rCOMM249f1d9e48c5

View Options

services/terraform/self-host/aws-deploy.sh

Loading...
View Options

services/terraform/self-host/aws_lb.tf

Loading...