From d5d055497237c43db64d4f373ef7cf191055fea3 Mon Sep 17 00:00:00 2001 From: Ludovico Magnocavallo Date: Wed, 16 Feb 2022 12:54:49 +0100 Subject: [PATCH] remove redundant firewall rules and subnets --- .../data/firewall-rules/dev/rules.yaml | 18 +----------------- ...-orc-ew1.yaml => dev-dataplatform-ew1.yaml} | 4 ++-- .../data/subnets/dev/dev-dp-lod-ew1.yaml | 5 ----- .../data/subnets/dev/dev-dp-trf-ew1.yaml | 5 ----- .../subnets/prod/prod-dataplatform-ew1.yaml | 8 ++++++++ .../data/subnets/prod/prod-dp-lod-ew1.yaml | 5 ----- .../data/subnets/prod/prod-dp-orc-ew1.yaml | 8 -------- .../data/subnets/prod/prod-dp-trf-ew1.yaml | 5 ----- 8 files changed, 11 insertions(+), 47 deletions(-) rename fast/stages/02-networking-vpn/data/subnets/dev/{dev-dp-orc-ew1.yaml => dev-dataplatform-ew1.yaml} (55%) delete mode 100644 fast/stages/02-networking-vpn/data/subnets/dev/dev-dp-lod-ew1.yaml delete mode 100644 fast/stages/02-networking-vpn/data/subnets/dev/dev-dp-trf-ew1.yaml create mode 100644 fast/stages/02-networking-vpn/data/subnets/prod/prod-dataplatform-ew1.yaml delete mode 100644 fast/stages/02-networking-vpn/data/subnets/prod/prod-dp-lod-ew1.yaml delete mode 100644 fast/stages/02-networking-vpn/data/subnets/prod/prod-dp-orc-ew1.yaml delete mode 100644 fast/stages/02-networking-vpn/data/subnets/prod/prod-dp-trf-ew1.yaml diff --git a/fast/stages/02-networking-vpn/data/firewall-rules/dev/rules.yaml b/fast/stages/02-networking-vpn/data/firewall-rules/dev/rules.yaml index 42b3611a..8f911cef 100644 --- a/fast/stages/02-networking-vpn/data/firewall-rules/dev/rules.yaml +++ b/fast/stages/02-networking-vpn/data/firewall-rules/dev/rules.yaml @@ -7,7 +7,7 @@ allow-dataflow-load-ingress-traffic: sources: [] ranges: - 10.10.0.0/24 - - 10.10.1.0/24 + - 10.10.1.0/24 targets: [] use_service_accounts: false rules: @@ -15,19 +15,3 @@ allow-dataflow-load-ingress-traffic: ports: - 12345 - 12346 - -allow-composer-health-checks: - description: "Allow Health Checks" - direction: INGRESS - action: allow - sources: [] - ranges: - - 130.211.0.0/22 - - 35.191.0.0/16 - targets: [] - use_service_accounts: false - rules: - - protocol: tcp - ports: - - 80 - - 443 diff --git a/fast/stages/02-networking-vpn/data/subnets/dev/dev-dp-orc-ew1.yaml b/fast/stages/02-networking-vpn/data/subnets/dev/dev-dataplatform-ew1.yaml similarity index 55% rename from fast/stages/02-networking-vpn/data/subnets/dev/dev-dp-orc-ew1.yaml rename to fast/stages/02-networking-vpn/data/subnets/dev/dev-dataplatform-ew1.yaml index 2e8cb651..4d7f4c3b 100644 --- a/fast/stages/02-networking-vpn/data/subnets/dev/dev-dp-orc-ew1.yaml +++ b/fast/stages/02-networking-vpn/data/subnets/dev/dev-dataplatform-ew1.yaml @@ -1,8 +1,8 @@ # skip boilerplate check region: europe-west1 -description: Default subnet for dev Data Platform - Orchestration layer Composer +description: Default subnet for dev Data Platform ip_cidr_range: 172.18.16.0/24 -secondary_ip_range : +secondary_ip_range: pods: 172.18.24.0/22 services: 172.18.28.0/24 diff --git a/fast/stages/02-networking-vpn/data/subnets/dev/dev-dp-lod-ew1.yaml b/fast/stages/02-networking-vpn/data/subnets/dev/dev-dp-lod-ew1.yaml deleted file mode 100644 index c73197c0..00000000 --- a/fast/stages/02-networking-vpn/data/subnets/dev/dev-dp-lod-ew1.yaml +++ /dev/null @@ -1,5 +0,0 @@ -# skip boilerplate check - -region: europe-west1 -description: Default subnet for dev Data Platform - Load layer Dataflow -ip_cidr_range: 10.10.0.0/24 diff --git a/fast/stages/02-networking-vpn/data/subnets/dev/dev-dp-trf-ew1.yaml b/fast/stages/02-networking-vpn/data/subnets/dev/dev-dp-trf-ew1.yaml deleted file mode 100644 index d9af1267..00000000 --- a/fast/stages/02-networking-vpn/data/subnets/dev/dev-dp-trf-ew1.yaml +++ /dev/null @@ -1,5 +0,0 @@ -# skip boilerplate check - -region: europe-west1 -description: Default subnet for dev Data Platform - Transformation layer Dataflow -ip_cidr_range: 10.10.1.0/24 diff --git a/fast/stages/02-networking-vpn/data/subnets/prod/prod-dataplatform-ew1.yaml b/fast/stages/02-networking-vpn/data/subnets/prod/prod-dataplatform-ew1.yaml new file mode 100644 index 00000000..148df253 --- /dev/null +++ b/fast/stages/02-networking-vpn/data/subnets/prod/prod-dataplatform-ew1.yaml @@ -0,0 +1,8 @@ +# skip boilerplate check + +region: europe-west1 +description: Default subnet for prod Data Platform +ip_cidr_range: 10.20.2.0/24 +secondary_ip_range: + pods: 10.20.8.0/22 + services: 10.20.12.0/24 diff --git a/fast/stages/02-networking-vpn/data/subnets/prod/prod-dp-lod-ew1.yaml b/fast/stages/02-networking-vpn/data/subnets/prod/prod-dp-lod-ew1.yaml deleted file mode 100644 index 51c989d0..00000000 --- a/fast/stages/02-networking-vpn/data/subnets/prod/prod-dp-lod-ew1.yaml +++ /dev/null @@ -1,5 +0,0 @@ -# skip boilerplate check - -region: europe-west1 -description: Default subnet for dev Data Platform - Load layer Dataflow -ip_cidr_range: 10.20.0.0/24 diff --git a/fast/stages/02-networking-vpn/data/subnets/prod/prod-dp-orc-ew1.yaml b/fast/stages/02-networking-vpn/data/subnets/prod/prod-dp-orc-ew1.yaml deleted file mode 100644 index 7afee90d..00000000 --- a/fast/stages/02-networking-vpn/data/subnets/prod/prod-dp-orc-ew1.yaml +++ /dev/null @@ -1,8 +0,0 @@ -# skip boilerplate check - -region: europe-west1 -description: Default subnet for dev Data Platform - Orchestration layer Composer -ip_cidr_range: 10.20.2.0/24 -secondary_ip_range : - pods: 10.20.8.0/22 - services: 10.20.12.0/24 \ No newline at end of file diff --git a/fast/stages/02-networking-vpn/data/subnets/prod/prod-dp-trf-ew1.yaml b/fast/stages/02-networking-vpn/data/subnets/prod/prod-dp-trf-ew1.yaml deleted file mode 100644 index 68baa92b..00000000 --- a/fast/stages/02-networking-vpn/data/subnets/prod/prod-dp-trf-ew1.yaml +++ /dev/null @@ -1,5 +0,0 @@ -# skip boilerplate check - -region: europe-west1 -description: Default subnet for dev Data Platform - Transformation layer Dataflow -ip_cidr_range: 10.20.1.0/24