Closed sheaphillips closed 3 years ago
FortiGate Firewalls are currently in place; however, Check Point Firewalls are being evaluated for a potential switch
Ryan J has finished his prototype and is ready to demo.
*.{{identifier}}-{{environment}}.nimbus.cloud.gov.bc.ca
accounts.network.routes
, in project.json
public_subdomain
is routed to the specified alb_name
nimbus.cloud.gov.bc.ca
*.{{identifier}}-{{environment}}.nimbus.cloud.gov.bc.ca
myapp.gov.bc.ca
project.json
*.{{identifier}}-{{environment}}.nimbus.cloud.gov.bc.ca
project.json
project.json
Links
TDB
Links
The project spec is defined using a project.json
file.
Proposed schema for the network configuration (see network object in the accounts list):
{
"identifier": "a1bc23",
"name": "Example Project Spec",
"accounts": [
{
"name": "Development",
"environment": "dev",
"alb": [
{
"name": "default"
},
{
"name": "alb-for-service-0"
}
],
"network": {
"routes": [
{
"public_subdomain": "service-0",
"alb_name": "alb-for-service-0"
},
{
"public_subdomain": "service-1",
"alb_name": "created-by-tenant"
}
]
},
"extra_tfc_workspaces": ["service-1"]
},
{
"name": "Test",
"environment": "test",
"alb": [
{
"name": "default"
}
],
"network": {}
},
{
"name": "Production",
"environment": "prod",
"alb": [
{
"name": "default"
}
],
"network": {}
},
{
"name": "Tools",
"environment": "sandbox",
"alb": [],
"network": {}
},
{
"name": "Unclassified",
"environment": "unclass",
"alb": [],
"network": {}
}
]
}
Describe the issue This is a manual process which could overwhelm Cloud Ops. It's a bit of an unknown how we handle the firewalls. There was work done on the demo app which will feed into the design of an automated approach.
Which Sprint Priority is this issue related to? Priority 2
Additional context
Definition of done