feat: Require inbound cidrs be set explicitly

wandb / terraform-google-wandb

A Terraform module for deploying Weights & Biases on GCP.

Apache License 2.0

12 stars 6 forks source link

feat: Require inbound cidrs be set explicitly #78

Closed gls4 closed 12 months ago

gls4 commented 12 months ago

This PR requires that a value be explicitly provided for allowed_inbound_cidrs. To allow all inbound connections, the value ["*"] should be used; this is the value set in the root of the module. To restrict access to specific IPs and/or IP ranges, use CIDR notation:

allowed_inbound_cidrs = [ "x.x.x.x/32", "x.x.x.x/24" ]

This change is also reflected in the examples.

gls4 commented 12 months ago

This change will block the access but will still create the public load balancer. I believe we should suppress the public load balancer creation when setting an env var like internal_something for example.

I made a go at removing the load balancer. The problem is that we have other customers who still need it -- and the resulting terraform is unwieldy at best, and unusable at worst.

jsbroks commented 12 months ago

This PR is included in version 1.15.0 :tada: