Merge pull request #9 from terraform-modules/add-4445

add INC000002587282: tcp/4445 for EnCase
terraform-modules · Jan 19, 2021 · 1e4488d · 1e4488d
2 parents 75306e3 + 2c9eb8d
commit 1e4488d
Show file tree

Hide file tree

Showing 6 changed files with 54 additions and 7 deletions.
diff --git a/it-windows-base/CHANGELOG.md b/it-windows-base/CHANGELOG.md
@@ -1,3 +1,6 @@
 # v1.0 -- 20200731
+  * create from running security group it-windows-base for use throughout
+
+# v1.1 -- 20210119
+  * add EnCase source 148.129.71.121 to 4445/tcp (ticket INC000002587282)
 
-* create from running security group it-windows-base for use throughout
diff --git a/it-windows-base/README.md b/it-windows-base/README.md
@@ -34,7 +34,6 @@ module "it-windows-base" {
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| \_module\_version | Module version number | `string` | `"1.0"` | no |
 | description | Security Group Description | `string` | `"Windows Common Base Security Group"` | no |
 | egress\_networks | List of egress networks (all ports) | `list(string)` | <pre>[<br>  "0.0.0.0/0"<br>]</pre> | no |
 | egress\_security\_groups | List of egress security groups (all ports) | `list(string)` | `[]` | no |

diff --git a/it-windows-base/main.tf b/it-windows-base/main.tf
@@ -114,7 +114,7 @@ resource "aws_security_group" "this_security_group" {
   tags = merge(
     map("Name", "sg-${local.name}"),
     var.tags,
-    map("boc:tf_module_version", var._module_version),
+    map("boc:tf_module_version", local._module_version),
     map("boc:vpc:info", join(" ", compact(list(var.vpc_id, var.vpc_full_name)))),
   )
 }
diff --git a/it-windows-base/ports.tf b/it-windows-base/ports.tf
@@ -22,6 +22,7 @@ locals {
   n_mgmt        = ["148.129.162.0/24", "148.129.95.0/24"]
   n_backup      = ["10.193.0.0/22"]
   n_ansible     = ["172.24.12.239/32"]
+  n_encase      = ["148.129.121.72/32"]
   source_groups = ["all", "external"]
   name          = var.name
   ports = [
@@ -31,6 +32,7 @@ locals {
     [5201, 5201, "udp", "iperf3", local.n_all, ["external"]],
     [1556, 1556, "tcp", "Netbackup", local.n_backup, ["external"]],
     [3389, 3389, "tcp", "RDP", local.n_census, ["external"]],
+    [4445, 4445, "tcp", "EnCase", local.n_encase, ["external"]],
     [5986, 5986, "tcp", "WinRM-https", local.n_ansible, ["external"]],
   ]
 

diff --git a/it-windows-base/version.tf b/it-windows-base/version.tf
@@ -1,5 +1,3 @@
-variable "_module_version" {
-  description = "Module version number"
-  type        = string
-  default     = "1.0"
+locals {
+  _module_version = "1.1"
 }
diff --git a/rds-mssql/README.md b/rds-mssql/README.md
@@ -0,0 +1,45 @@
+# About
+
+This describes how to use the aws-common-security-groups submodule for rds-mssql
+
+# Usage
+
+```code
+module "rds-mssql" {
+  source = "git::https://vc1.csvd.census.gov/terraform-modules/aws-common-security-groups.git//rds-mssql"
+
+  # name = "m-rds-mssql"
+  vpc_id = var.vpc_id
+  vpc_full_name = "vpc1-services"
+  # Name, CostAllocation, and Environment are pre-set
+  # tags = { }
+}
+```
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| aws | n/a |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| name | Security group Name | `string` | `"m-rds-mssql"` | no |
+| tags | Extra security group tags | `map` | <pre>{<br>  "CostAllocation": "csvd:infrastructure",<br>  "Environment": "csvd-infrastructure"<br>}</pre> | no |
+| vpc\_full\_name | VPC full name | `string` | `""` | no |
+| vpc\_id | VPC ID Number | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| this\_security\_group\_arn | Created security group ARN |
+| this\_security\_group\_id | Created security group ID |