diff --git a/auth_approle_certmanager.tf b/auth_approle_certmanager.tf index 20bc4f8..cfd8191 100644 --- a/auth_approle_certmanager.tf +++ b/auth_approle_certmanager.tf @@ -5,15 +5,11 @@ resource "vault_approle_auth_backend_role" "certmanager" { token_ttl = 30 token_max_ttl = 30 token_bound_cidrs = [ - "198.18.17.3/32", - "198.18.13.32/32", - "198.18.13.33/32", - "198.18.13.34/32", - "198.18.13.46/32", - "198.18.25.5/32", # ausyd1nxvm2052.main.unkin.net - "198.18.26.3/32", # ausyd1nxvm2053.main.unkin.net - "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net - "198.18.28.8/32", # ausyd1nxvm2055.main.unkin.net - "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net + "198.18.25.5/32", # ausyd1nxvm2052.main.unkin.net + "198.18.26.3/32", # ausyd1nxvm2053.main.unkin.net + "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net + "198.18.28.8/32", # ausyd1nxvm2055.main.unkin.net + "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net + "198.18.29.239/32", # ausyd1nxvm2097.main.unkin.net ] } diff --git a/auth_approle_puppetapi.tf b/auth_approle_puppetapi.tf index 9b65de6..60d204d 100644 --- a/auth_approle_puppetapi.tf +++ b/auth_approle_puppetapi.tf @@ -5,15 +5,11 @@ resource "vault_approle_auth_backend_role" "puppetapi" { token_ttl = 30 token_max_ttl = 30 token_bound_cidrs = [ - "198.18.17.3/32", - "198.18.13.32/32", - "198.18.13.33/32", - "198.18.13.34/32", - "198.18.13.46/32", - "198.18.25.5/32", # ausyd1nxvm2052.main.unkin.net - "198.18.26.3/32", # ausyd1nxvm2053.main.unkin.net - "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net - "198.18.28.8/32", # ausyd1nxvm2055.main.unkin.net - "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net + "198.18.25.5/32", # ausyd1nxvm2052.main.unkin.net + "198.18.26.3/32", # ausyd1nxvm2053.main.unkin.net + "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net + "198.18.28.8/32", # ausyd1nxvm2055.main.unkin.net + "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net + "198.18.29.239/32", # ausyd1nxvm2097.main.unkin.net ] } diff --git a/auth_approle_sshsign-host-role.tf b/auth_approle_sshsign-host-role.tf index 9cb9520..8d7aacc 100644 --- a/auth_approle_sshsign-host-role.tf +++ b/auth_approle_sshsign-host-role.tf @@ -5,15 +5,11 @@ resource "vault_approle_auth_backend_role" "sshsign-host-role" { token_ttl = 30 token_max_ttl = 30 token_bound_cidrs = [ - "198.18.17.3/32", - "198.18.13.32/32", - "198.18.13.33/32", - "198.18.13.34/32", - "198.18.13.46/32", - "198.18.25.5/32", # ausyd1nxvm2052.main.unkin.net - "198.18.26.3/32", # ausyd1nxvm2053.main.unkin.net - "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net - "198.18.28.8/32", # ausyd1nxvm2055.main.unkin.net - "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net + "198.18.25.5/32", # ausyd1nxvm2052.main.unkin.net + "198.18.26.3/32", # ausyd1nxvm2053.main.unkin.net + "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net + "198.18.28.8/32", # ausyd1nxvm2055.main.unkin.net + "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net + "198.18.29.239/32", # ausyd1nxvm2097.main.unkin.net ] } diff --git a/auth_approle_sshsigner.tf b/auth_approle_sshsigner.tf index 26e5a73..ba6509c 100644 --- a/auth_approle_sshsigner.tf +++ b/auth_approle_sshsigner.tf @@ -8,15 +8,11 @@ resource "vault_approle_auth_backend_role" "sshsigner" { token_ttl = 30 token_max_ttl = 30 token_bound_cidrs = [ - "198.18.17.3/32", - "198.18.13.32/32", - "198.18.13.33/32", - "198.18.13.34/32", - "198.18.13.46/32", - "198.18.25.5/32", # ausyd1nxvm2052.main.unkin.net - "198.18.26.3/32", # ausyd1nxvm2053.main.unkin.net - "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net - "198.18.28.8/32", # ausyd1nxvm2055.main.unkin.net - "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net + "198.18.25.5/32", # ausyd1nxvm2052.main.unkin.net + "198.18.26.3/32", # ausyd1nxvm2053.main.unkin.net + "198.18.27.89/32", # ausyd1nxvm2054.main.unkin.net + "198.18.28.8/32", # ausyd1nxvm2055.main.unkin.net + "198.18.29.33/32", # ausyd1nxvm2056.main.unkin.net + "198.18.29.239/32", # ausyd1nxvm2097.main.unkin.net ] }