add global protect rules

terraform/environments/delius-core/modules/environment_all_components/weblogic_alb.tf

@@ -14,10 +14,28 @@ resource "aws_vpc_security_group_ingress_rule" "delius_core_frontend_alb_ingress
   from_port         = "443"
   to_port           = "443"
   ip_protocol       = "tcp"
-  cidr_ipv4         = "35.176.93.186/32" # Global Protect VPN
+  cidr_ipv4         = "81.134.202.29/32" # MoJ Digital VPN
 }
 
 resource "aws_vpc_security_group_ingress_rule" "delius_core_frontend_alb_ingress_http_allowlist" {
+  security_group_id = aws_security_group.delius_frontend_alb_security_group.id
+  description       = "access into delius core frontend alb over http (will redirect)"
+  from_port         = "80"
+  to_port           = "80"
+  ip_protocol       = "tcp"
+  cidr_ipv4         = "81.134.202.29/32" # MoJ Digital VPN
+}
+
+resource "aws_vpc_security_group_ingress_rule" "delius_core_frontend_alb_ingress_https_allowlist_gp" {
+  security_group_id = aws_security_group.delius_frontend_alb_security_group.id
+  description       = "access into delius core frontend alb over https"
+  from_port         = "443"
+  to_port           = "443"
+  ip_protocol       = "tcp"
+  cidr_ipv4         = "35.176.93.186/32" # Global Protect VPN
+}
+
+resource "aws_vpc_security_group_ingress_rule" "delius_core_frontend_alb_ingress_http_allowlist_gp" {
   security_group_id = aws_security_group.delius_frontend_alb_security_group.id
   description       = "access into delius core frontend alb over http (will redirect)"
   from_port         = "80"

terraform/environments/delius-jitbit/lb.tf

@@ -34,6 +34,7 @@ resource "aws_security_group" "load_balancer_security_group" {
     from_port   = 443
     to_port     = 443
     cidr_blocks = [
+      "81.134.202.29/32",  # MoJ Digital VPN
       "35.176.93.186/32",  # Global Protect VPN
       "217.33.148.210/32", # Digital studio
       "195.59.75.0/24",    # ARK internet (DOM1)