nemo
/
terraform-data-looker-ips
mirror of https://github.com/captn3m0/terraform-data-looker-ips.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Adds Looker IP addresses for GCP-hosted instances

This commit is contained in:
Nemo 2020-04-21 15:55:53 +05:30
parent 41b328cf97
commit d5f0befb0b
4 changed files with 254 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
CHANGELOG.md
View File

@ -7,7 +7,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [Unreleased]
## [1.1.2][1.1.2] - 2020-03-209
## [1.2.0][1.2.0] - 2020-04-1
### Added
- Added Looker IP addresses for GCP hosted instances.
## [1.1.2][1.1.2] - 2020-03-20
### Added
@ -35,7 +41,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Initial Release
[unreleased]: https://github.com/captn3m0/terraform-data-looker-ips/compare/1.1.2...HEAD
[unreleased]: https://github.com/captn3m0/terraform-data-looker-ips/compare/1.2.0...HEAD
[1.1.2]: https://github.com/captn3m0/terraform-data-looker-ips/compare/1.2.0...1.1.2
[1.1.2]: https://github.com/captn3m0/terraform-data-looker-ips/compare/1.1.2...1.1.1
[1.1.1]: https://github.com/captn3m0/terraform-data-looker-ips/compare/1.1.1...1.1.0
[1.1.0]: https://github.com/captn3m0/terraform-data-looker-ips/compare/1.1.0...1.0.0

66
README.md
View File

@ -1,19 +1,18 @@
# terraform-data-looker-ips
Looker's IP addresses,
as per [their documentation](https://docs.looker.com/setup-and-management/enabling-secure-db).
Looker's IP addresses, as per [their documentation](https://docs.looker.com/setup-and-management/enabling-secure-db).
> All network traffic from Looker will come from one of the following IP addresses, based on the region where your Looker instance is hosted. Please whitelist each of the IP addresses in the appropriate region listed below. These whitelist IP addresses also apply for SFTP and SMTP destinations.
> All network traffic from Looker will come from one of the following IP addresses, based on the host+region where your Looker instance is hosted. Please whitelist each of the IP addresses in the appropriate region listed below. These whitelist IP addresses also apply for SFTP and SMTP destinations. Starting April 2020, Looker-hosted instances are hosted on GCP by default.
# Usage
```
module "looker-ips" {
source = "captn3m0/looker-ips/data"
version = "1.1.2"
version = "1.2.0"
}
resource "aws_security_group_rule" "allow_all_from_looker_us" {
resource "aws_security_group_rule" "allow_all_from_looker_aws_us" {
type = "ingress"
from_port = 0
to_port = 443
@ -26,26 +25,45 @@ resource "aws_security_group_rule" "allow_all_from_looker_us" {
## Outputs
All output variables are lists. The output names are based on 2 letter
[ISO country codes][3166] and [common continent codes](https://datahub.io/core/continent-codes#readme)
[ISO country codes][3166] and [common continent codes](https://datahub.io/core/continent-codes#readme) for instances hosted in AWS. For instances hosted in GCP, [the corresponding region codes are used](https://cloud.google.com/compute/docs/regions-zones).
| Name | Description |
| ---------- | -------------------------------------------- |
| `as` | Looker IP Addresses in Asia |
| `as_cidr` | Looker IP Addresses in Asia in CIDR |
| `au` | Looker IP Addresses in Australia |
| `au_cidr` | Looker IP Addresses in Australia in CIDR |
| `ca` | Looker IP Addresses in Canada |
| `ca_cidr` | Looker IP Addresses in Canada in CIDR |
| `de` | Looker IP Addresses in Germany |
| `de_cidr` | Looker IP Addresses in Germany in CIDR |
| `ie` | Looker IP Addresses in Ireland |
| `ie_cidr` | Looker IP Addresses in Ireland in CIDR |
| `sa` | Looker IP Addresses in South America |
| `sa_cidr` | Looker IP Addresses in South America in CIDR |
| `us` | Looker IP Addresses in United States |
| `us_cidr` | Looker IP Addresses in United States in CIDR |
| `all_ips` | Looker IP addresses everywhere |
| `all_cidr` | Looker IP addresses everywhere in CIDR |
To decide which one you need to use, you will need to know:
1. Whether your instance is hosted in GCP or AWS?
2. Which region/country it is hosted in?
| Name | Description |
|------|-------------|
| all\_cidr | Looker IP addresses everywhere in CIDR |
| all\_ips | Looker IP addresses everywhere (both AWS and GCP) |
| as | Looker IP Addresses in Asia (AWS only) |
| as\_cidr | Looker IP Addresses in Asia in CIDR (AWS only) |
| au | Looker IP Addresses in Australia (AWS only) |
| au\_cidr | Looker IP Addresses in Australia in CIDR (AWS only) |
| aws\_cidr | Looker IP addresses everywhere in CIDR (AWS only) |
| aws\_ips | Looker IP addresses everywhere (AWS only) |
| ca | Looker IP Addresses in Canada (AWS only) |
| ca\_cidr | Looker IP Addresses in Canada in CIDR (AWS only) |
| de | Looker IP Addresses in Germany (AWS only) |
| de\_cidr | Looker IP Addresses in Germany in CIDR (AWS only) |
| gcp\_cidr | Looker IP addresses everywhere in CIDR (GCP only) |
| gcp\_europe\_west2\_cidr | Looker CIDRs for instances hosted in GCP (London / europe-west2) |
| gcp\_europe\_west2\_ips | Looker IPs for instances hosted in GCP (London / europe-west2) |
| gcp\_europe\_west3\_cidr | Looker CIDRs for instances hosted in GCP (Frankfurt / europe-west3) |
| gcp\_europe\_west3\_ips | Looker IPs for instances hosted in GCP (Frankfurt / europe-west3) |
| gcp\_ips | Looker IP addresses everywhere (GCP only) |
| gcp\_us\_east1\_cidr | Looker CIDRs for instances hosted in GCP (South Carolina / us-east1) |
| gcp\_us\_east1\_ips | Looker IPs for instances hosted in GCP (South Carolina / us-east1) |
| gcp\_us\_east4\_cidr | Looker CIDRs for instances hosted in GCP (Northern Virginia / us-east4) |
| gcp\_us\_east4\_ips | Looker IPs for instances hosted in GCP (Northern Virginia / us-east4) |
| gcp\_us\_west1\_cidr | Looker CIDRs for instances hosted in GCP (Oregon / us-west1) |
| gcp\_us\_west1\_ips | Looker IPs for instances hosted in GCP (Oregon / us-west1) |
| ie | Looker IP Addresses in Ireland (AWS only) |
| ie\_cidr | Looker IP Addresses in Ireland in CIDR (AWS only) |
| sa | Looker IP Addresses in South America (AWS only) |
| sa\_cidr | Looker IP Addresses in South America in CIDR (AWS only) |
| us | Looker IP Addresses in United States (AWS only) |
| us\_cidr | Looker IP Addresses in United States in CIDR (AWS only) |
# Changelog

37
locals.tf
View File

@ -1,4 +1,41 @@
locals {
// South Carolina
gcp-us-east1 = [
"35.196.243.26",
"35.196.36.95",
]
// Northern Virginia
gcp-us-east4 = [
"35.186.176.0",
"35.245.211.109",
"35.245.121.2",
]
# Oregon
gcp-us-west1 = [
"34.82.227.133",
"35.233.172.23",
"34.83.141.137",
"34.83.151.46",
"35.185.199.172",
]
# London
gcp-europe-west2 = [
"35.246.117.58",
"34.89.40.253"
]
# Frankfurt
gcp-europe-west3 = [
"34.89.161.120",
"34.89.225.213"
]
us = [
"54.208.10.167",
"54.209.116.191",

198
outputs.tf
View File

@ -1,97 +1,231 @@
output "us" {
description = "Looker IP Addresses in United States"
description = "Looker IP Addresses in United States (AWS only)"
value = "${local.us}"
}
output "ca" {
description = "Looker IP Addresses in Canada"
description = "Looker IP Addresses in Canada (AWS only)"
value = "${local.ca}"
}
output "as" {
description = "Looker IP Addresses in Asia"
description = "Looker IP Addresses in Asia (AWS only)"
value = "${local.as}"
}
output "ie" {
description = "Looker IP Addresses in Ireland"
description = "Looker IP Addresses in Ireland (AWS only)"
value = "${local.ie}"
}
output "de" {
description = "Looker IP Addresses in Germany"
description = "Looker IP Addresses in Germany (AWS only)"
value = "${local.de}"
}
output "au" {
description = "Looker IP Addresses in Australia"
description = "Looker IP Addresses in Australia (AWS only)"
value = "${local.au}"
}
output "sa" {
description = "Looker IP Addresses in South America"
description = "Looker IP Addresses in South America (AWS only)"
value = "${local.sa}"
}
output "all_ips" {
description = "Looker IP addresses everywhere"
output "aws_ips" {
description = "Looker IP addresses everywhere (AWS only)"
value = "${concat(
local.us,
local.ca,
local.as,
local.ie,
local.de,
local.au,
local.sa,
)}"
local.gcp-us-east1,
local.gcp-us-east4,
local.gcp-us-west1,
local.gcp-europe-west2,
local.gcp-europe-west3,
)}"
}
output "us_cidr" {
description = "Looker IP Addresses in United States in CIDR"
description = "Looker IP Addresses in United States in CIDR (AWS only)"
value = ["${formatlist("%s/32", local.us)}"]
}
output "ca_cidr" {
description = "Looker IP Addresses in Canada in CIDR"
description = "Looker IP Addresses in Canada in CIDR (AWS only)"
value = ["${formatlist("%s/32", local.ca)}"]
}
output "as_cidr" {
description = "Looker IP Addresses in Asia in CIDR"
description = "Looker IP Addresses in Asia in CIDR (AWS only)"
value = ["${formatlist("%s/32", local.as)}"]
}
output "ie_cidr" {
description = "Looker IP Addresses in Ireland in CIDR"
description = "Looker IP Addresses in Ireland in CIDR (AWS only)"
value = ["${formatlist("%s/32", local.ie)}"]
}
output "de_cidr" {
description = "Looker IP Addresses in Germany in CIDR"
description = "Looker IP Addresses in Germany in CIDR (AWS only)"
value = ["${formatlist("%s/32", local.de)}"]
}
output "au_cidr" {
description = "Looker IP Addresses in Australia in CIDR"
description = "Looker IP Addresses in Australia in CIDR (AWS only)"
value = ["${formatlist("%s/32", local.au)}"]
}
output "sa_cidr" {
description = "Looker IP Addresses in South America in CIDR"
description = "Looker IP Addresses in South America in CIDR (AWS only)"
value = ["${formatlist("%s/32", local.sa)}"]
}
output "aws_cidr" {
description = "Looker IP addresses everywhere in CIDR (AWS only)"
value = "${formatlist("%s/32", concat(
local.us,
local.ca,
local.as,
local.ie,
local.de,
local.au,
local.sa,
))}"
}
# GCP Section Begins
##### GCP IPs #####
// South Carolina
output "gcp_us_east1_ips" {
description = "Looker IPs for instances hosted in GCP (South Carolina / us-east1)"
value = "${local.gcp-us-east1}"
}
// Northern Virginia
output "gcp_us_east4_ips" {
description = "Looker IPs for instances hosted in GCP (Northern Virginia / us-east4)"
value = "${local.gcp-us-east4}"
}
// Oregon
output "gcp_us_west1_ips" {
description = "Looker IPs for instances hosted in GCP (Oregon / us-west1)"
value = "${local.gcp-us-west1}"
}
// London
output "gcp_europe_west2_ips" {
description = "Looker IPs for instances hosted in GCP (London / europe-west2)"
value = "${local.gcp-europe-west2}"
}
// Frankfurt
output "gcp_europe_west3_ips" {
description = "Looker IPs for instances hosted in GCP (Frankfurt / europe-west3)"
value = "${local.gcp-europe-west3}"
}
// South Carolina
output "gcp_us_east1_cidr" {
description = "Looker CIDRs for instances hosted in GCP (South Carolina / us-east1)"
value = ["${formatlist("%s/32", local.gcp-us-east1)}"]
}
##### GCP CIDRs #####
// Northern Virginia
output "gcp_us_east4_cidr" {
description = "Looker CIDRs for instances hosted in GCP (Northern Virginia / us-east4)"
value = ["${formatlist("%s/32", local.gcp-us-east4)}"]
}
// Oregon
output "gcp_us_west1_cidr" {
description = "Looker CIDRs for instances hosted in GCP (Oregon / us-west1)"
value = ["${formatlist("%s/32", local.gcp-us-west1)}"]
}
// London
output "gcp_europe_west2_cidr" {
description = "Looker CIDRs for instances hosted in GCP (London / europe-west2)"
value = ["${formatlist("%s/32", local.gcp-europe-west2)}"]
}
// Frankfurt
output "gcp_europe_west3_cidr" {
description = "Looker CIDRs for instances hosted in GCP (Frankfurt / europe-west3)"
value = ["${formatlist("%s/32", local.gcp-europe-west3)}"]
}
##### GCP Common ####
output "gcp_cidr" {
description = "Looker IP addresses everywhere in CIDR (GCP only)"
value = "${formatlist("%s/32", concat(
local.gcp-us-east1,
local.gcp-us-east4,
local.gcp-us-west1,
local.gcp-europe-west2,
local.gcp-europe-west3,
))}"
}
output "gcp_ips" {
description = "Looker IP addresses everywhere (GCP only)"
value = "${concat(
local.us,
local.ca,
local.as,
local.ie,
local.de,
local.au,
local.sa,
)}"
}
##### Combined AWS+GCP #####
output "all_cidr" {
description = "Looker IP addresses everywhere in CIDR"
value = "${formatlist("%s/32", concat(
local.us,
local.ca,
local.as,
local.ie,
local.de,
local.au,
local.sa,
))}"
local.gcp-us-east1,
local.gcp-us-east4,
local.gcp-us-west1,
local.gcp-europe-west2,
local.gcp-europe-west3,
local.us,
local.ca,
local.as,
local.ie,
local.de,
local.au,
local.sa,
))}"
}
output "all_ips" {
description = "Looker IP addresses everywhere (both AWS and GCP)"
value = "${concat(
local.gcp-us-east1,
local.gcp-us-east4,
local.gcp-us-west1,
local.gcp-europe-west2,
local.gcp-europe-west3,
local.us,
local.ca,
local.as,
local.ie,
local.de,
local.au,
local.sa,
)}"
}