[x] This isn't an open-ended question (open a discussion if it is).
:computer: System information
Operating System: macOS
Data Safe Haven version: develop @ 78ba7b7
:package: Packages
List of packages
```none
Paste list of packages here
```
:no_entry_sign: Describe the problem
We allow deployers to specify which IP addresses users/admin etc. will connect from but don't check whether these overlap. If they do, the NSG rules will fail to deploy.
Example of overlap:
1.1.0.0/24
1.1.0.22/32
:deciduous_tree: Log messages
Relevant log messages
```none
azure-native:network:NetworkSecurityGroup (sre_networking_nsg_application_gateway):
error: Code="OverlappingSubnetsNotPermittedInSecurityRule" Message="Security rule parameter SourceAddressPrefix for rule with Id
/subscriptions/3f1a8e26-eae2-4539-952a-0a6184ec248a/resourceGroups/shm-pink-sre-fuschia-rg/providers/Microsoft.Network/networkSecurityGroups/shm-pink-sre-fuschia-nsg-application-gateway/securityRules/AllowUsersInternetInbound contains
overlapping subnets [91.235.65.0/24, 91.235.65.22/32], which is not permitted." Details=[]
```
:recycle: To reproduce
Try to deploy an SRE with overlapping ranges in admin_ip_addresses
:white_check_mark: Checklist
:computer: System information
:package: Packages
List of packages
```none Paste list of packages here ```:no_entry_sign: Describe the problem
We allow deployers to specify which IP addresses users/admin etc. will connect from but don't check whether these overlap. If they do, the NSG rules will fail to deploy.
Example of overlap:
:deciduous_tree: Log messages
Relevant log messages
```none azure-native:network:NetworkSecurityGroup (sre_networking_nsg_application_gateway): error: Code="OverlappingSubnetsNotPermittedInSecurityRule" Message="Security rule parameter SourceAddressPrefix for rule with Id /subscriptions/3f1a8e26-eae2-4539-952a-0a6184ec248a/resourceGroups/shm-pink-sre-fuschia-rg/providers/Microsoft.Network/networkSecurityGroups/shm-pink-sre-fuschia-nsg-application-gateway/securityRules/AllowUsersInternetInbound contains overlapping subnets [91.235.65.0/24, 91.235.65.22/32], which is not permitted." Details=[] ```:recycle: To reproduce
Try to deploy an SRE with overlapping ranges in
admin_ip_addresses