From 625acbdcca3f87768aba8ab445cdf1ab9d8d2485 Mon Sep 17 00:00:00 2001 From: Nemo Date: Thu, 18 Apr 2019 16:42:41 +0530 Subject: [PATCH] Initial Commit --- LICENSE | 21 +++++++++++++++++++++ README.md | 38 ++++++++++++++++++++++++++++++++++++++ main.tf | 1 + outputs.tf | 24 ++++++++++++++++++++++++ variables.tf | 1 + 5 files changed, 85 insertions(+) create mode 100644 LICENSE create mode 100644 README.md create mode 100644 main.tf create mode 100644 outputs.tf create mode 100644 variables.tf diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..fce633e --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2017 Abhay Rana + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..ad1a931 --- /dev/null +++ b/README.md @@ -0,0 +1,38 @@ +# terraform-http-duo-whitelist ![](https://img.shields.io/badge/license-MIT-blue.svg) + +This module provides an updated list of Duo's public CIDRs. These are maintained against the Duo Documentation: https://help.duo.com/s/article/1337 + +# Usage + +```hcl +module "duo-whitelist" { + source = "captn3m0/duo-whitelist/http" + version = "1.0.0" +} + +resource "aws_security_group_rule" "allow_all_to_duo" { + type = "egress" + from_port = 0 + to_port = 443 + protocol = "tcp" + cidr_blocks = ["${module.duo-whitelist.cidr}"] + security_group_id = "sg-123456" +} +``` + +# Outputs + +The following outputs are exported: + +## cidrs + +Description: List of all Duo Service CIDRs. Whitelist for egress + +## trusted\_endpoints\_cidrs + +Description: Duo's Trusted Endpoint CIDRs. Whitelist for ingress + + +# LICENSE + +Licensed under MIT. See [nemo.mit-license.org](https://nemo.mit-license.org/) for complete text. diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/main.tf @@ -0,0 +1 @@ + diff --git a/outputs.tf b/outputs.tf new file mode 100644 index 0000000..526fc98 --- /dev/null +++ b/outputs.tf @@ -0,0 +1,24 @@ +output "cidrs" { + description = "List of all Duo Service CIDRs. Whitelist for egress" + + value = [ + "54.241.191.128/26", + "54.236.251.192/26", + "52.19.127.192/26", + "52.32.63.128/26", + "52.59.243.192/26", + "35.182.14.128/26", + ] +} + +output "trusted_endpoints_cidrs" { + description = "List of Duo's Trusted Endpoint CIDRs. Whitelist for ingress" + + value = [ + "13.56.32.240/29", + "52.32.63.176/30", + "52.19.127.200/30", + "52.59.243.200/30", + "35.182.14.128/30", + ] +} diff --git a/variables.tf b/variables.tf new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/variables.tf @@ -0,0 +1 @@ +