-

ministryofjustice · Dec 17, 2024 · d99bf6b · d99bf6b
1 parent db0777c
commit d99bf6b
Showing 1 changed file with 32 additions and 32 deletions.
diff --git a/terraform/environments/corporate-staff-rostering/locals_security_groups.tf b/terraform/environments/corporate-staff-rostering/locals_security_groups.tf
@@ -152,22 +152,22 @@ locals {
           security_groups = ["load-balancer"]
           # NOTE: will need to be changed to point to client access possibly
         }
-        rpc_tcp_web = { # typo in name - this is for UDP but can't easily be changed
-          description     = "135: UDP MS-RPC allow ingress from app and db servers"
-          from_port       = 135
-          to_port         = 135
-          protocol        = "UDP"
-          security_groups = ["app", "database"]
-          # NOTE: csr_clientaccess will need to be added here to cidr_blocks
-        }
-        rpc_tcp_web2 = {
-          description     = "135: TCP MS-RPC allow ingress from app and db servers"
-          from_port       = 135
-          to_port         = 135
-          protocol        = "TCP"
-          security_groups = ["app", "database"]
-          # NOTE: csr_clientaccess will need to be added here to cidr_blocks
-        }
+        #rpc_tcp_web = { # typo in name - this is for UDP but can't easily be changed
+        #  description     = "135: UDP MS-RPC allow ingress from app and db servers"
+        #  from_port       = 135
+        #  to_port         = 135
+        #  protocol        = "UDP"
+        #  security_groups = ["app", "database"]
+        #  # NOTE: csr_clientaccess will need to be added here to cidr_blocks
+        #}
+        #rpc_tcp_web2 = {
+        #  description     = "135: TCP MS-RPC allow ingress from app and db servers"
+        #  from_port       = 135
+        #  to_port         = 135
+        #  protocol        = "TCP"
+        #  security_groups = ["app", "database"]
+        #  # NOTE: csr_clientaccess will need to be added here to cidr_blocks
+        #}
         https_web = {
           description     = "443: enduserclient https ingress"
           from_port       = 443
@@ -288,22 +288,22 @@ locals {
         }
         # IMPORTANT: check if an 'allow all from load-balancer' rule is required
         # IMPORTANT: check whether http/https traffic is still needed? It's in the original but not used at an app level
-        rpc_tcp_app = { # typo in name - this is for UDP but can't easily be changed
-          description     = "135: UDP MS-RPC allow ingress from app and db servers"
-          from_port       = 135
-          to_port         = 135
-          protocol        = "UDP"
-          security_groups = ["web", "database"]
-          # NOTE: csr_clientaccess will need to be added here to cidr_blocks
-        }
-        rpc_tcp_app2 = {
-          description     = "135: TCP MS-RPC allow ingress from app and db servers"
-          from_port       = 135
-          to_port         = 135
-          protocol        = "TCP"
-          security_groups = ["web", "database"]
-          # NOTE: csr_clientaccess will need to be added here to cidr_blocks
-        }
+        #rpc_tcp_app = { # typo in name - this is for UDP but can't easily be changed
+        #  description     = "135: UDP MS-RPC allow ingress from app and db servers"
+        #  from_port       = 135
+        #  to_port         = 135
+        #  protocol        = "UDP"
+        #  security_groups = ["web", "database"]
+        #  # NOTE: csr_clientaccess will need to be added here to cidr_blocks
+        #}
+        #rpc_tcp_app2 = {
+        #  description     = "135: TCP MS-RPC allow ingress from app and db servers"
+        #  from_port       = 135
+        #  to_port         = 135
+        #  protocol        = "TCP"
+        #  security_groups = ["web", "database"]
+        #  # NOTE: csr_clientaccess will need to be added here to cidr_blocks
+        #}
         smb_tcp_app = {
           description     = "445: TCP SMB allow ingress from app and db servers"
           from_port       = 445