From dc0406777924c548e5c7a4421e8d9b6b3e82336b Mon Sep 17 00:00:00 2001
From: Nemo <me@captnemo.in>
Date: Thu, 18 Apr 2019 17:02:29 +0530
Subject: [PATCH] Initial Commit

---
 LICENSE      | 21 ++++++++++++++
 README.md    | 48 +++++++++++++++++++++++++++++++
 locals.tf    | 54 +++++++++++++++++++++++++++++++++++
 main.tf      |  1 +
 outputs.tf   | 79 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 variables.tf |  1 +
 6 files changed, 204 insertions(+)
 create mode 100644 LICENSE
 create mode 100644 README.md
 create mode 100644 locals.tf
 create mode 100644 main.tf
 create mode 100644 outputs.tf
 create mode 100644 variables.tf

diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..7a166b0
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2010 Abhay Rana
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..b75f2d4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,48 @@
+# terraform-data-newrelic-whitelist ![](https://img.shields.io/badge/license-MIT-blue.svg)
+
+This module provides lists of the IP addresses and domains used by New Relic collectors (for example, https://collector.newrelic.com) for communicating with the New Relic agent installed on your server.
+
+This is maintained against https://docs.newrelic.com/docs/apm/new-relic-apm/getting-started/networks
+
+# Usage
+
+```hcl
+module "newrelic-whitelist" {
+  source  = "captn3m0/newrelic-whitelist/data"
+  version = "1.0.0"
+}
+
+resource "aws_security_group_rule" "allow_all_to_newrelic" {
+  type            = "egress"
+  from_port       = 0
+  to_port         = 443
+  protocol        = "tcp"
+  cidr_blocks     = ["${module.newrelic-whitelist.cidr}"]
+  security_group_id = "sg-123456"
+}
+```
+
+# Outputs
+
+| Name                 | Description                                                                         |
+|:---------------------|:------------------------------------------------------------------------------------|
+| apm\_cidrs           | List of all New Relic APM CIDRs. Whitelist for egress against 443                   |
+| apm\_cidrs\_eu       | List of New Relic APM CIDRs (EU). Whitelist for egress against 443                  |
+| apm\_cidrs\_us       | List of New Relic APM CIDRs (US). Whitelist for egress against 443                  |
+| browser\_domains     | List of all New Relic Browser application domains.                                  |
+| browser\_domains\_eu | List of New Relic Browser application domains (EU).                                 |
+| browser\_domains\_us | List of New Relic Browser application domains (US).                                 |
+| infra\_cidrs         | List of all New Relic Infrastructure Agent CIDRs. Whitelist for egress against 443  |
+| infra\_cidrs\_eu     | List of New Relic Infrastructure Agent CIDRs (EU). Whitelist for egress against 443 |
+| infra\_cidrs\_us     | List of New Relic Infrastructure Agent CIDRs (US). Whitelist for egress against 443 |
+| mobile\_domains      | List of all New Relic Mobile Application domains.                                   |
+| mobile\_domains\_eu  | List of New Relic Mobile application domains (EU).                                  |
+| mobile\_domains\_us  | List of New Relic Mobile Application domains (US).                                  |
+| ticketing\_cidrs     |                                                                                     |
+| webhook\_cidrs       |                                                                                     |
+
+
+
+# LICENSE
+
+Licensed under MIT. See [nemo.mit-license.org](https://nemo.mit-license.org/) for complete text.
diff --git a/locals.tf b/locals.tf
new file mode 100644
index 0000000..3c5f9f7
--- /dev/null
+++ b/locals.tf
@@ -0,0 +1,54 @@
+locals {
+  apm = {
+    us = [
+      "50.31.164.0/24",
+      "162.247.240.0/22",
+    ]
+
+    eu = [
+      "185.221.84.0/22",
+    ]
+  }
+
+  infra = {
+    us = [
+      "50.31.164.0/24",
+      "162.247.240.0/22",
+    ]
+
+    eu = [
+      "185.221.84.0/22",
+    ]
+  }
+
+  browser = {
+    us = [
+      "bam.nr-data.net",
+      "js-agent.newrelic.com",
+    ]
+
+    eu = [
+      "eu01.nr-data.net",
+      "bam.eu01.nr-data.net​",
+    ]
+  }
+
+  mobile = {
+    us = [
+      "mobile-collector.newrelic.com",
+      "mobile-crash.newrelic.com",
+      "mobile-symbol-upload.newrelic.com",
+    ]
+
+    eu = [
+      "mobile-collector.eu01.nr-data.net",
+      "mobile-crash.eu01.nr-data.net",
+      "mobile-symbol-upload.eu01.nr-data.net",
+    ]
+  }
+
+  ticketing_and_webhooks = [
+    "50.31.164.0/24",
+    "162.247.240.0/22",
+  ]
+}
diff --git a/main.tf b/main.tf
new file mode 100644
index 0000000..8b13789
--- /dev/null
+++ b/main.tf
@@ -0,0 +1 @@
+
diff --git a/outputs.tf b/outputs.tf
new file mode 100644
index 0000000..71ca5d4
--- /dev/null
+++ b/outputs.tf
@@ -0,0 +1,79 @@
+output "apm_cidrs" {
+  description = "List of all New Relic APM CIDRs. Whitelist for egress against 443"
+
+  value = ["${concat(local.apm["us"], local.apm["eu"])}"]
+}
+
+output "apm_cidrs_us" {
+  description = "List of New Relic APM CIDRs (US). Whitelist for egress against 443"
+
+  value = ["${local.apm["us"]}"]
+}
+
+output "apm_cidrs_eu" {
+  description = "List of New Relic APM CIDRs (EU). Whitelist for egress against 443"
+
+  value = ["${local.apm["eu"]}"]
+}
+
+output "infra_cidrs" {
+  description = "List of all New Relic Infrastructure Agent CIDRs. Whitelist for egress against 443"
+
+  value = ["${concat(local.infra["us"], local.infra["eu"])}"]
+}
+
+output "infra_cidrs_us" {
+  description = "List of New Relic Infrastructure Agent CIDRs (US). Whitelist for egress against 443"
+
+  value = ["${local.infra["us"]}"]
+}
+
+output "infra_cidrs_eu" {
+  description = "List of New Relic Infrastructure Agent CIDRs (EU). Whitelist for egress against 443"
+
+  value = ["${local.infra["eu"]}"]
+}
+
+output "browser_domains" {
+  description = "List of all New Relic Browser application domains."
+
+  value = ["${concat(local.browser["us"], local.browser["eu"])}"]
+}
+
+output "browser_domains_us" {
+  description = "List of New Relic Browser application domains (US)."
+
+  value = ["${local.browser["us"]}"]
+}
+
+output "browser_domains_eu" {
+  description = "List of New Relic Browser application domains (EU)."
+
+  value = ["${local.browser["eu"]}"]
+}
+
+output "mobile_domains" {
+  description = "List of all New Relic Mobile Application domains."
+
+  value = ["${concat(local.mobile["us"], local.mobile["eu"])}"]
+}
+
+output "mobile_domains_us" {
+  description = "List of New Relic Mobile Application domains (US)."
+
+  value = ["${local.mobile["us"]}"]
+}
+
+output "mobile_domains_eu" {
+  description = "List of New Relic Mobile application domains (EU)."
+
+  value = ["${local.mobile["eu"]}"]
+}
+
+output "ticketing_cidrs" {
+  value = ["${local.ticketing_and_webhooks}"]
+}
+
+output "webhook_cidrs" {
+  value = ["${local.ticketing_and_webhooks}"]
+}
diff --git a/variables.tf b/variables.tf
new file mode 100644
index 0000000..8b13789
--- /dev/null
+++ b/variables.tf
@@ -0,0 +1 @@
+