zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

refactor DRS org policy

This commit is contained in:
Ludovico Magnocavallo 2022-02-13 10:40:23 +01:00
parent 2d27d20f1a
commit 00f24698d0
1 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
fast/stages/01-resman/organization.tf
View File

@ -104,15 +104,13 @@ module "organization" {
local.list_allow, { values = ["in:INTERNAL"] } local.list_allow, { values = ["in:INTERNAL"] }
) )
"constraints/compute.vmExternalIpAccess" = local.list_deny "constraints/compute.vmExternalIpAccess" = local.list_deny
"constraints/iam.allowedPolicyMemberDomains" = { "constraints/iam.allowedPolicyMemberDomains" = merge(
inherit_from_parent = false local.list_allow, {
suggested_value = null values = concat(
status = true [var.organization.customer_id],
values = concat( try(local.policy_configs.allowed_policy_member_domains, [])
[var.organization.customer_id], )
try(local.policy_configs.allowed_policy_member_domains, []) })
)
}
"constraints/run.allowedIngress" = merge( "constraints/run.allowedIngress" = merge(
local.list_allow, { values = ["is:internal"] } local.list_allow, { values = ["is:internal"] }
) )