Merge pull request 'feat: add new puppetca' (#15) from benvin/new_puppetca into master

Reviewed-on: #15

auth_approle_certmanager.tf

@@ -5,15 +5,11 @@ resource "vault_approle_auth_backend_role" "certmanager" {
   token_ttl      = 30
   token_max_ttl  = 30
   token_bound_cidrs = [
-    "198.18.17.3/32",
-    "198.18.13.32/32",
-    "198.18.13.33/32",
-    "198.18.13.34/32",
-    "198.18.13.46/32",
-    "198.18.25.5/32",  # ausyd1nxvm2052.main.unkin.net
-    "198.18.26.3/32",  # ausyd1nxvm2053.main.unkin.net
-    "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net
-    "198.18.28.8/32",  # ausyd1nxvm2055.main.unkin.net
-    "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net
+    "198.18.25.5/32",   # ausyd1nxvm2052.main.unkin.net
+    "198.18.26.3/32",   # ausyd1nxvm2053.main.unkin.net
+    "198.18.27.89/32",  # ausyd1nxvm2054.main.unkin.net
+    "198.18.28.8/32",   # ausyd1nxvm2055.main.unkin.net
+    "198.18.29.33/32",  # ausyd1nxvm2056.main.unkin.net
+    "198.18.29.239/32", # ausyd1nxvm2097.main.unkin.net
   ]
 }

auth_approle_puppetapi.tf

@@ -5,15 +5,11 @@ resource "vault_approle_auth_backend_role" "puppetapi" {
   token_ttl      = 30
   token_max_ttl  = 30
   token_bound_cidrs = [
-    "198.18.17.3/32",
-    "198.18.13.32/32",
-    "198.18.13.33/32",
-    "198.18.13.34/32",
-    "198.18.13.46/32",
-    "198.18.25.5/32",  # ausyd1nxvm2052.main.unkin.net
-    "198.18.26.3/32",  # ausyd1nxvm2053.main.unkin.net
-    "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net
-    "198.18.28.8/32",  # ausyd1nxvm2055.main.unkin.net
-    "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net
+    "198.18.25.5/32",   # ausyd1nxvm2052.main.unkin.net
+    "198.18.26.3/32",   # ausyd1nxvm2053.main.unkin.net
+    "198.18.27.89/32",  # ausyd1nxvm2054.main.unkin.net
+    "198.18.28.8/32",   # ausyd1nxvm2055.main.unkin.net
+    "198.18.29.33/32",  # ausyd1nxvm2056.main.unkin.net
+    "198.18.29.239/32", # ausyd1nxvm2097.main.unkin.net
   ]
 }

auth_approle_sshsign-host-role.tf

@@ -5,15 +5,11 @@ resource "vault_approle_auth_backend_role" "sshsign-host-role" {
   token_ttl      = 30
   token_max_ttl  = 30
   token_bound_cidrs = [
-    "198.18.17.3/32",
-    "198.18.13.32/32",
-    "198.18.13.33/32",
-    "198.18.13.34/32",
-    "198.18.13.46/32",
-    "198.18.25.5/32",  # ausyd1nxvm2052.main.unkin.net
-    "198.18.26.3/32",  # ausyd1nxvm2053.main.unkin.net
-    "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net
-    "198.18.28.8/32",  # ausyd1nxvm2055.main.unkin.net
-    "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net
+    "198.18.25.5/32",   # ausyd1nxvm2052.main.unkin.net
+    "198.18.26.3/32",   # ausyd1nxvm2053.main.unkin.net
+    "198.18.27.89/32",  # ausyd1nxvm2054.main.unkin.net
+    "198.18.28.8/32",   # ausyd1nxvm2055.main.unkin.net
+    "198.18.29.33/32",  # ausyd1nxvm2056.main.unkin.net
+    "198.18.29.239/32", # ausyd1nxvm2097.main.unkin.net
   ]
 }

auth_approle_sshsigner.tf

@@ -8,15 +8,11 @@ resource "vault_approle_auth_backend_role" "sshsigner" {
   token_ttl     = 30
   token_max_ttl = 30
   token_bound_cidrs = [
-    "198.18.17.3/32",
-    "198.18.13.32/32",
-    "198.18.13.33/32",
-    "198.18.13.34/32",
-    "198.18.13.46/32",
-    "198.18.25.5/32",  # ausyd1nxvm2052.main.unkin.net
-    "198.18.26.3/32",  # ausyd1nxvm2053.main.unkin.net
-    "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net
-    "198.18.28.8/32",  # ausyd1nxvm2055.main.unkin.net
-    "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net
+    "198.18.25.5/32",   # ausyd1nxvm2052.main.unkin.net
+    "198.18.26.3/32",   # ausyd1nxvm2053.main.unkin.net
+    "198.18.27.89/32",  # ausyd1nxvm2054.main.unkin.net
+    "198.18.28.8/32",   # ausyd1nxvm2055.main.unkin.net
+    "198.18.29.33/32",  # ausyd1nxvm2056.main.unkin.net
+    "198.18.29.239/32", # ausyd1nxvm2097.main.unkin.net
   ]
 }