Open picatz opened 2 years ago
Currently, there is no way to really tune the Consul integration outside of enabling/disabling Consul ACLs and the default policy.
https://github.com/picatz/terraform-google-nomad/blob/8c61d662a89c9633a4b38739716f64b2ffd15bfd/vars.tf#L138-L148
But there are many options available. These should be exposed as Terraform variables with secure defaults.
https://github.com/picatz/terraform-google-nomad/blob/8c61d662a89c9633a4b38739716f64b2ffd15bfd/packer/configs/nomad/server.hcl#L45-L53
Extra important ones to consider would be allow_unathenticated and share_ssl. Consider disabling these by default with adjustments to documentation and examples.
allow_unathenticated
share_ssl
Currently, there is no way to really tune the Consul integration outside of enabling/disabling Consul ACLs and the default policy.
https://github.com/picatz/terraform-google-nomad/blob/8c61d662a89c9633a4b38739716f64b2ffd15bfd/vars.tf#L138-L148
But there are many options available. These should be exposed as Terraform variables with secure defaults.
https://github.com/picatz/terraform-google-nomad/blob/8c61d662a89c9633a4b38739716f64b2ffd15bfd/packer/configs/nomad/server.hcl#L45-L53
Extra important ones to consider would be
allow_unathenticatedandshare_ssl. Consider disabling these by default with adjustments to documentation and examples.