nemo
/
terraform-data-newrelic-whitelist
mirror of https://github.com/captn3m0/terraform-data-newrelic-whitelist.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Synthetics IP Ranges support 

Synthetics IP Ranges support
This commit is contained in:
Nemo 2019-11-14 17:26:11 +05:30 committed by GitHub
parent ea32d15137 7c4205a671
commit 39f5fb2aa9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 260 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
README.md
View File

@ -9,7 +9,7 @@ This is maintained against https://docs.newrelic.com/docs/apm/new-relic-apm/gett
```hcl
module "newrelic-whitelist" {
source = "captn3m0/newrelic-whitelist/data"
version = "1.0.0"
version = "2019.11.04"
}
resource "aws_security_group_rule" "allow_all_to_newrelic" {
@ -22,29 +22,45 @@ resource "aws_security_group_rule" "allow_all_to_newrelic" {
}
```
# Outputs
## Outputs
| Name | Description |
|:---------------------|:------------------------------------------------------------------------------------|
| apm\_cidrs | List of all New Relic APM CIDRs. Whitelist for egress against 443 |
| apm\_cidrs\_eu | List of New Relic APM CIDRs (EU). Whitelist for egress against 443 |
| apm\_cidrs\_us | List of New Relic APM CIDRs (US). Whitelist for egress against 443 |
| browser\_domains | List of all New Relic Browser application domains. |
| browser\_domains\_eu | List of New Relic Browser application domains (EU). |
| browser\_domains\_us | List of New Relic Browser application domains (US). |
| infra\_cidrs | List of all New Relic Infrastructure Agent CIDRs. Whitelist for egress against 443 |
| infra\_cidrs\_eu | List of New Relic Infrastructure Agent CIDRs (EU). Whitelist for egress against 443 |
| infra\_cidrs\_us | List of New Relic Infrastructure Agent CIDRs (US). Whitelist for egress against 443 |
| mobile\_domains | List of all New Relic Mobile Application domains. |
| mobile\_domains\_eu | List of New Relic Mobile application domains (EU). |
| mobile\_domains\_us | List of New Relic Mobile Application domains (US). |
| ticketing\_cidrs | |
| webhook\_cidrs | |
| Name | Description |
|------|-------------|
| apm\_cidrs | List of all New Relic APM CIDRs. Whitelist for egress against 443 |
| apm\_cidrs\_eu | List of New Relic APM CIDRs (EU). Whitelist for egress against 443 |
| apm\_cidrs\_us | List of New Relic APM CIDRs (US). Whitelist for egress against 443 |
| browser\_domains | List of all New Relic Browser application domains. |
| browser\_domains\_eu | List of New Relic Browser application domains (EU). |
| browser\_domains\_us | List of New Relic Browser application domains (US). |
| infra\_cidrs | List of all New Relic Infrastructure Agent CIDRs. Whitelist for egress against 443 |
| infra\_cidrs\_eu | List of New Relic Infrastructure Agent CIDRs (EU). Whitelist for egress against 443 |
| infra\_cidrs\_us | List of New Relic Infrastructure Agent CIDRs (US). Whitelist for egress against 443 |
| mobile\_domains | List of all New Relic Mobile Application domains. |
| mobile\_domains\_eu | List of New Relic Mobile application domains (EU). |
| mobile\_domains\_us | List of New Relic Mobile Application domains (US). |
| synthetics\_cidrs | List of New Relic Synthetic Minion IPs as /32 CIDR for both US and EU accounts |
| synthetics\_cidrs\_eu | List of New Relic Synthetic Minion IPs as /32 CIDR for EU accounts |
| synthetics\_cidrs\_us | List of New Relic Synthetic Minion IPs as /32 CIDR for US accounts |
| synthetics\_ips | List of New Relic Synthetic Minion IPs for both US and EU accounts |
| synthetics\_ips\_eu | List of New Relic Synthetic Minion IPs for EU accounts |
| synthetics\_ips\_us | List of New Relic Synthetic Minion IPs for US accounts |
| synthetics\_private\_cidrs\_eu | Synthetic Private Minion endpoint IPs as CIDR ranges for EU accounts |
| synthetics\_private\_cidrs\_us | Synthetic Private Minion endpoint IPs as CIDR ranges for US accounts |
| synthetics\_private\_domains\_eu | Synthetic Private Minion endpoint Domains for EU accounts |
| synthetics\_private\_domains\_us | Synthetic Private Minion endpoint Domains for US accounts |
| synthetics\_private\_ips\_eu | Synthetic Private Minion endpoint IPs for eu accounts |
| synthetics\_private\_ips\_us | Synthetic Private Minion endpoint IPs for US accounts |
| ticketing\_cidrs | Third-party ticketing integrations will be sent from these CIDRs |
| ticketing\_cidrs\_eu | Same as ticketing_cidrs, but exclusively for EU accounts |
| ticketing\_cidrs\_us | Same as ticketing_cidrs, but exclusively for US accounts |
| webhook\_cidrs | New Relic-generated webhooks for alert policies will be sent from these CIDRs |
| webhook\_cidrs\_eu | Same as webhook_cidrs, but exclusively for EU accounts |
| webhook\_cidrs\_us | Same as webhook_cidrs, but exclusively for US accounts |
# Versioning
This module is versioned as per the New Relic "Last Updated" date on [the docs website](https://docs.newrelic.com/docs/apm/new-relic-apm/getting-started/networks). The versioning scheme is `YYYY.MM.DD` (with zeros for padding).
This module is versioned as per the New Relic "Last Updated" date on [the docs website](https://docs.newrelic.com/docs/apm/new-relic-apm/getting-started/networks). The versioning scheme is `YYYY.MM.DD` (with zeros for padding). Changes are usually backwards compatible, but if any breaking changes are made (such as output name changes) between released versions, they will be noted below and in the release notes.
# LICENSE

135
locals.tf
View File

@ -47,8 +47,141 @@ locals {
]
}
ticketing_and_webhooks = [
ticketing_and_webhooks_us = [
"50.31.164.0/24",
"162.247.240.0/22",
]
ticketing_and_webhooks_eu = [
"158.177.65.64/29",
"159.122.103.184/29",
"161.156.125.32/28",
]
synthetics_private_domains = {
us = "synthetics-horde.nr-data.net"
eu = "synthetics-horde.eu01.nr-data.net"
}
synthetics_private_ips = {
us = [
"13.248.153.51",
"76.223.21.185",
]
eu = [
"185.221.86.57",
"185.221.86.25",
]
}
# Documented at https://docs.newrelic.com/docs/synthetics/new-relic-synthetics/administration/synthetics-public-minion-ips#locations-labels
# https://s3.amazonaws.com/nr-synthetics-assets/nat-ip-dnsname/production/ip.json
synthetics_us = [
"34.224.255.169",
"34.201.89.115",
"52.44.71.247",
"35.168.185.185",
"35.168.141.9",
"52.21.22.43",
"18.217.88.49",
"18.221.231.23",
"18.217.159.174",
"13.56.137.180",
"54.241.52.158",
"52.36.251.118",
"54.200.187.189",
"34.216.201.131",
"35.182.104.198",
"52.60.83.48",
"54.76.137.83",
"34.241.198.127",
"34.242.252.249",
"35.178.22.102",
"35.177.175.106",
"35.177.31.93",
"52.47.183.1",
"52.47.151.56",
"52.47.138.207",
"18.194.77.136",
"18.195.163.71",
"35.158.225.167",
"13.48.9.24",
"13.48.110.136",
"13.53.195.221",
"13.114.248.197",
"52.68.223.178",
"52.79.210.83",
"52.79.128.135",
"13.228.35.210",
"13.228.39.146",
"54.79.127.20",
"54.153.159.26",
"13.55.72.115",
"13.127.97.140",
"13.127.48.170",
"18.162.140.46",
"18.162.37.58",
"18.162.37.84",
"18.231.56.185",
"52.67.114.110",
"157.175.118.77",
"157.175.21.254",
"157.175.116.90",
]
# https://s3.amazonaws.com/nr-synthetics-assets/nat-ip-dnsname/eu/ip.json
synthetics_eu = [
"52.55.5.95",
"3.226.130.207",
"3.226.166.29",
"3.221.162.190",
"3.209.231.131",
"34.231.42.238",
"3.130.159.252",
"3.13.7.11",
"3.130.155.242",
"54.241.225.13",
"13.52.82.190",
"54.203.35.154",
"52.41.176.146",
"54.70.67.57",
"52.36.137.104",
"99.79.171.209",
"35.182.62.100",
"52.49.136.252",
"54.194.249.4",
"34.246.126.141",
"35.177.225.27",
"3.10.3.62",
"35.176.182.243",
"15.188.0.93",
"15.188.24.216",
"35.180.222.79",
"18.196.204.231",
"18.194.190.77",
"52.58.190.36",
"13.48.93.230",
"13.48.119.249",
"13.48.122.131",
"3.113.168.207",
"3.114.96.177",
"13.124.210.74",
"52.78.104.15",
"18.138.125.43",
"18.139.249.51",
"13.237.25.50",
"52.64.34.29",
"3.104.27.23",
"13.235.112.208",
"13.234.196.179",
"18.162.84.186",
"18.162.159.153",
"18.162.240.143",
"18.229.104.97",
"18.229.121.209",
"157.175.27.172",
"157.175.106.232",
"157.175.115.252",
]
}

95
outputs.tf
View File

@ -70,10 +70,97 @@ output "mobile_domains_eu" {
value = ["${local.mobile["eu"]}"]
}
output "ticketing_cidrs" {
value = ["${local.ticketing_and_webhooks}"]
output "synthetics_ips" {
description = "List of New Relic Synthetic Minion IPs for both US and EU accounts"
value = [
"${concat(local.synthetics_us, local.synthetics_eu)}",
]
}
output "webhook_cidrs" {
value = ["${local.ticketing_and_webhooks}"]
output "synthetics_private_ips_us" {
value = ["${local.synthetics_private_ips["us"]}"]
description = "Synthetic Private Minion endpoint IPs for US accounts"
}
output "synthetics_private_domains_us" {
value = ["${local.synthetics_private_domains["us"]}"]
description = "Synthetic Private Minion endpoint Domains for US accounts"
}
output "synthetics_private_cidrs_us" {
value = ["${formatlist("%s/32", local.synthetics_private_ips["us"])}"]
description = "Synthetic Private Minion endpoint IPs as CIDR ranges for US accounts"
}
output "synthetics_private_ips_eu" {
value = ["${local.synthetics_private_ips["eu"]}"]
description = "Synthetic Private Minion endpoint IPs for eu accounts"
}
output "synthetics_private_domains_eu" {
value = ["${local.synthetics_private_domains["eu"]}"]
description = "Synthetic Private Minion endpoint Domains for EU accounts"
}
output "synthetics_private_cidrs_eu" {
value = ["${formatlist("%s/32", local.synthetics_private_ips["eu"])}"]
description = "Synthetic Private Minion endpoint IPs as CIDR ranges for EU accounts"
}
output "synthetics_cidrs" {
description = "List of New Relic Synthetic Minion IPs as /32 CIDR for both US and EU accounts"
value = ["${formatlist("%s/32", concat(local.synthetics_us, local.synthetics_eu))}"]
}
output "synthetics_ips_us" {
description = "List of New Relic Synthetic Minion IPs for US accounts"
value = ["${local.synthetics_us}"]
}
output "synthetics_cidrs_us" {
description = "List of New Relic Synthetic Minion IPs as /32 CIDR for US accounts"
value = ["${formatlist("%s/32", local.synthetics_us)}"]
}
output "synthetics_ips_eu" {
description = "List of New Relic Synthetic Minion IPs for EU accounts"
value = ["$${local.synthetics_eu}"]
}
output "synthetics_cidrs_eu" {
description = "List of New Relic Synthetic Minion IPs as /32 CIDR for EU accounts"
value = ["${formatlist("%s/32", local.synthetics_eu)}"]
}
output "ticketing_cidrs" {
description = "Third-party ticketing integrations will be sent from these CIDRs"
value = ["${concat(local.ticketing_and_webhooks_us, local.ticketing_and_webhooks_eu)}"]
}
output "ticketing_cidrs_us" {
description = "Same as ticketing_cidrs, but exclusively for US accounts"
value = ["${local.ticketing_and_webhooks_us}"]
}
output "ticketing_cidrs_eu" {
description = "Same as ticketing_cidrs, but exclusively for EU accounts"
value = ["${local.ticketing_and_webhooks_eu}"]
}
# The webhook_* outputs are same as ticketing_
output "webhook_cidrs" {
description = "New Relic-generated webhooks for alert policies will be sent from these CIDRs"
value = ["${concat(local.ticketing_and_webhooks_us, local.ticketing_and_webhooks_eu)}"]
}
output "webhook_cidrs_us" {
description = "Same as webhook_cidrs, but exclusively for US accounts"
value = ["${local.ticketing_and_webhooks_us}"]
}
output "webhook_cidrs_eu" {
description = "Same as webhook_cidrs, but exclusively for EU accounts"
value = ["${local.ticketing_and_webhooks_eu}"]
}