diff --git a/it-windows-base/CHANGELOG.md b/it-windows-base/CHANGELOG.md
index 4315820..e9e2e5e 100644
--- a/it-windows-base/CHANGELOG.md
+++ b/it-windows-base/CHANGELOG.md
@@ -5,6 +5,11 @@
* add EnCase source 148.129.71.121 to 4445/tcp (ticket INC000002587282)
* add Riverbed Transaction Agent (formerly appcapture) 172.24.100.107 to 27401/tcp
-# v1.2 -- 20210226
+# v1.2.0 -- 20210226
* add HPSA and HPOM
* ticket INC000002652291
+
+# v1.2.1 -- 20210528
+ * remove HPSA and HPOM
+ * ticket INC000002703111
+
diff --git a/it-windows-base/README.md b/it-windows-base/README.md
index 7c2097e..d4b7039 100644
--- a/it-windows-base/README.md
+++ b/it-windows-base/README.md
@@ -2,7 +2,7 @@
This describes how to use the aws-common-security-groups submodule for it-windows-base.
-Commonly used ports and services are set up here, including ICMP, AD, RDP, NTP, DNS, SNMP,
+Commonly used ports and services are set up here, including ICMP, AD, RDP, NTP, DNS, SNMP,
monit, munin, iperf, netperf, NetBackup and Opsware.
## Usage
@@ -22,46 +22,48 @@ module "it-windows-base" {
| Name | Version |
|------|---------|
-| terraform | >= 0.12 |
+| [terraform](#requirement\_terraform) | >= 0.12 |
## Providers
| Name | Version |
|------|---------|
-| aws | n/a |
+| [aws](#provider\_aws) | n/a |
## Modules
-No Modules.
+No modules.
## Resources
-| Name |
-|------|
-| [aws_security_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/security_group) |
-| [aws_security_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) |
-| [aws_vpc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) |
+| Name | Type |
+|------|------|
+| [aws_security_group.this_security_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
+| [aws_security_group.egress_security_groups](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/security_group) | data source |
+| [aws_security_group.ingress_security_groups](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/security_group) | data source |
+| [aws_vpc.selected](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source |
+| [aws_vpc.this_vpc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| description | Security Group Description | `string` | `"Windows Common Base Security Group"` | no |
-| egress\_networks | List of egress networks (all ports) | `list(string)` | [
"0.0.0.0/0"
]
| no |
-| egress\_security\_groups | List of egress security groups (all ports) | `list(string)` | `[]` | no |
-| enable\_self | Enable\|Disable self full access | `bool` | `false` | no |
-| ingress\_networks | List of ingress networks for external access (not all ports) | `list(string)` | [
"0.0.0.0/0"
]
| no |
-| ingress\_security\_groups | List of ingress security groups for all ports | `list(string)` | `[]` | no |
-| name | Security Group Name | `string` | `"it-windows-base"` | no |
-| short\_description | Security Group Short Description | `string` | `"Windows"` | no |
-| tags | Extra security group tags | `map` | {
"CostAllocation": "csvd:infrastructure",
"Environment": "csvd-infrastructure"
} | no |
-| use\_vpc\_cidr | Enable\|Disable use of VPC CIDR block in the ingress\_networks | `bool` | `false` | no |
-| vpc\_full\_name | VPC Name | `string` | `""` | no |
-| vpc\_id | VPC ID Number | `string` | n/a | yes |
+| [description](#input\_description) | Security Group Description | `string` | `"Windows Common Base Security Group"` | no |
+| [egress\_networks](#input\_egress\_networks) | List of egress networks (all ports) | `list(string)` | [
"0.0.0.0/0"
]
| no |
+| [egress\_security\_groups](#input\_egress\_security\_groups) | List of egress security groups (all ports) | `list(string)` | `[]` | no |
+| [enable\_self](#input\_enable\_self) | Enable\|Disable self full access | `bool` | `false` | no |
+| [ingress\_networks](#input\_ingress\_networks) | List of ingress networks for external access (not all ports) | `list(string)` | [
"0.0.0.0/0"
]
| no |
+| [ingress\_security\_groups](#input\_ingress\_security\_groups) | List of ingress security groups for all ports | `list(string)` | `[]` | no |
+| [name](#input\_name) | Security Group Name | `string` | `"it-windows-base"` | no |
+| [short\_description](#input\_short\_description) | Security Group Short Description | `string` | `"Windows"` | no |
+| [tags](#input\_tags) | Extra security group tags | `map` | {
"CostAllocation": "csvd:infrastructure",
"Environment": "csvd-infrastructure"
} | no |
+| [use\_vpc\_cidr](#input\_use\_vpc\_cidr) | Enable\|Disable use of VPC CIDR block in the ingress\_networks | `bool` | `false` | no |
+| [vpc\_full\_name](#input\_vpc\_full\_name) | VPC Name | `string` | `""` | no |
+| [vpc\_id](#input\_vpc\_id) | VPC ID Number | `string` | n/a | yes |
## Outputs
| Name | Description |
|------|-------------|
-| this\_security\_group\_arn | Created security group ARN |
-| this\_security\_group\_id | Created security group ID |
+| [this\_security\_group\_arn](#output\_this\_security\_group\_arn) | Created security group ARN |
+| [this\_security\_group\_id](#output\_this\_security\_group\_id) | Created security group ID |
diff --git a/it-windows-base/ports.tf b/it-windows-base/ports.tf
index 6b9aee2..ba25b3c 100644
--- a/it-windows-base/ports.tf
+++ b/it-windows-base/ports.tf
@@ -17,15 +17,15 @@
## this adds iperf3
locals {
- n_all = ["0.0.0.0/0"]
- n_census = ["148.129.0.0/16", "192.168.0.0/16", "172.16.0.0/12", "10.0.0.0/8"]
- n_mgmt = ["148.129.162.0/24", "148.129.95.0/24"]
- n_backup = ["10.193.0.0/22"]
- n_ansible = ["172.24.12.239/32"]
- n_encase = ["148.129.121.72/32"]
- n_riverbed = ["172.24.100.107/32"]
- n_hpsa = ["172.24.100.141/32", "172.24.100.154/32", "172.24.100.165/32"]
- n_hpom = ["172.24.105.24/32"]
+ n_all = ["0.0.0.0/0"]
+ n_census = ["148.129.0.0/16", "192.168.0.0/16", "172.16.0.0/12", "10.0.0.0/8"]
+ n_mgmt = ["148.129.162.0/24", "148.129.95.0/24"]
+ n_backup = ["10.193.0.0/22"]
+ n_ansible = ["172.24.12.239/32"]
+ n_encase = ["148.129.121.72/32"]
+ n_riverbed = ["172.24.100.107/32"]
+ # n_hpsa = ["172.24.100.141/32", "172.24.100.154/32", "172.24.100.165/32"]
+ # n_hpom = ["172.24.105.24/32"]
source_groups = ["all", "external"]
name = var.name
ports = [
@@ -38,9 +38,9 @@ locals {
[4445, 4445, "tcp", "EnCase", local.n_encase, ["external"]],
[5986, 5986, "tcp", "WinRM-https", local.n_ansible, ["external"]],
[27401, 27401, "tcp", "TransactionAgent", local.n_riverbed, ["external"]],
- [1002, 1002, "tcp", "HPSA", local.n_hpsa, ["external"]],
- [383, 383, "tcp", "HPOM", local.n_hpom, ["external"]],
- [383, 383, "udp", "HPOM", local.n_hpom, ["external"]],
+ # [1002, 1002, "tcp", "HPSA", local.n_hpsa, ["external"]],
+ # [383, 383, "tcp", "HPOM", local.n_hpom, ["external"]],
+ # [383, 383, "udp", "HPOM", local.n_hpom, ["external"]],
]
# these are ignored
@@ -57,3 +57,6 @@ locals {
s => [for p in local.p_map : p if contains(p["source_group"], s)]
}
}
+
+# INC000002703111
+# remove 383, 1002
diff --git a/it-windows-base/version.tf b/it-windows-base/version.tf
index 1ee6619..54b3493 100644
--- a/it-windows-base/version.tf
+++ b/it-windows-base/version.tf
@@ -1,3 +1,3 @@
locals {
- _module_version = "1.2.0"
+ _module_version = "1.2.1"
}