feat: add new puppetmasters to vault approles

2025-05-31 15:17:22 +10:00 · 2025-05-31 15:17:22 +10:00 · 1f35fec37c
commit 1f35fec37c
parent b46d36d03b
4 changed files with 24 additions and 4 deletions
--- a/auth_approle_certmanager.tf
+++ b/auth_approle_certmanager.tf
@ -9,6 +9,11 @@ resource "vault_approle_auth_backend_role" "certmanager" {
    "198.18.13.32/32",
    "198.18.13.33/32",
    "198.18.13.34/32",
-    "198.18.13.46/32"
+    "198.18.13.46/32",
+    "198.18.25.5/32",  # ausyd1nxvm2052.main.unkin.net
+    "198.18.26.3/32",  # ausyd1nxvm2053.main.unkin.net
+    "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net
+    "198.18.28.8/32",  # ausyd1nxvm2055.main.unkin.net
+    "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net
  ]
 }
--- a/auth_approle_puppetapi.tf
+++ b/auth_approle_puppetapi.tf
@ -9,6 +9,11 @@ resource "vault_approle_auth_backend_role" "puppetapi" {
    "198.18.13.32/32",
    "198.18.13.33/32",
    "198.18.13.34/32",
-    "198.18.13.46/32"
+    "198.18.13.46/32",
+    "198.18.25.5/32",  # ausyd1nxvm2052.main.unkin.net
+    "198.18.26.3/32",  # ausyd1nxvm2053.main.unkin.net
+    "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net
+    "198.18.28.8/32",  # ausyd1nxvm2055.main.unkin.net
+    "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net
  ]
 }
--- a/auth_approle_sshsign-host-role.tf
+++ b/auth_approle_sshsign-host-role.tf
@ -9,6 +9,11 @@ resource "vault_approle_auth_backend_role" "sshsign-host-role" {
    "198.18.13.32/32",
    "198.18.13.33/32",
    "198.18.13.34/32",
-    "198.18.13.46/32"
+    "198.18.13.46/32",
+    "198.18.25.5/32",  # ausyd1nxvm2052.main.unkin.net
+    "198.18.26.3/32",  # ausyd1nxvm2053.main.unkin.net
+    "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net
+    "198.18.28.8/32",  # ausyd1nxvm2055.main.unkin.net
+    "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net
  ]
 }
--- a/auth_approle_sshsigner.tf
+++ b/auth_approle_sshsigner.tf
@ -12,6 +12,11 @@ resource "vault_approle_auth_backend_role" "sshsigner" {
    "198.18.13.32/32",
    "198.18.13.33/32",
    "198.18.13.34/32",
-    "198.18.13.46/32"
+    "198.18.13.46/32",
+    "198.18.25.5/32",  # ausyd1nxvm2052.main.unkin.net
+    "198.18.26.3/32",  # ausyd1nxvm2053.main.unkin.net
+    "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net
+    "198.18.28.8/32",  # ausyd1nxvm2055.main.unkin.net
+    "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net
  ]
 }