Hi,
I use a TF module to provision an EKS cluster with limited public access to k8s control plane. I want to whitelist a CIDR range of Terraform Cloud for EKS control plane to be able to apply changes.
What’s a CIDR of Terrafrom Cloud service?
5 Likes
I am also interested in this - Terraform Cloud external IPs
1 Like
Yea, we run a private gitlab, we need to have the TF Cloud Public CIDR for the ACL
Thanks
3 Likes
Have the exact same issue. Trying to manage a GKE cluster with the K8s provider, but do not know which CIDR ranges to whitelist.
Looks like nobody from HashiCorp reading threads at all…
Multiple threads running on this and I wanted to make sure we followed up with the answer!
Unsure if Im replying to the latest thread about this issue. I know there are a few in here.
Ive just sunk a couple of hours into learning how to handle the output of the TFC CIDR API described at https://www.terraform.io/docs/cloud/architectural-details/ip-ranges.html -> https://www.terraform.io/docs/cloud/api/ip-ranges.html.
With great fan-fair I was able to munge the API results into a value that was usable with the azurerm_storage_account network_roles ip_rules resources.
Only to then find out that the values returned by the above API dont give us the ranges we need to whitelist the runners themselves. I really dont want to open up my Azure Storage Account access to the world and rely solely on one item of security to prevent access.
As a learning activity, 5 stars.
Solving the problem I set out to achieve and finding out that the vendors API doesnt give us the values we need? 0 stars.