We are spinning up external VPCs and new instances in those VPCs. There is an existing terraformer security rule that allows outbound SSH to 0.0.0.0/0, so we can use SSH to administer those hosts from terraformer (i.e. run ansible). The corresponding WinRM rule is limited to only the NOM VPC subnet 10.224.0.0/16 and we can't modify it.
Motivation and context
Need to spin up/administer windows hosts in peered VPCs
Implementation notes
Modify the existing line 61 in the code from [aws_subnet.operations.cidr_block] to either:
all 0.0.0.0/0
RFC1918 addresses - 172.16.0.0/12, 192.168.0.0/16
Acceptance criteria
[ ] Spin up any host in another VPC/subnet and open a listener on port 5985/5986. Make sure it connects
💡 Summary
We are spinning up external VPCs and new instances in those VPCs. There is an existing terraformer security rule that allows outbound SSH to
0.0.0.0/0, so we can use SSH to administer those hosts from terraformer (i.e. run ansible). The corresponding WinRM rule is limited to only the NOM VPC subnet10.224.0.0/16and we can't modify it.Motivation and context
Need to spin up/administer windows hosts in peered VPCs
Implementation notes
Modify the existing line 61 in the code from
[aws_subnet.operations.cidr_block]to either:0.0.0.0/0172.16.0.0/12,192.168.0.0/16Acceptance criteria