From 853ff8fac185686f5611acecce7974d5689a39a9 Mon Sep 17 00:00:00 2001 From: Ritika Patil Date: Wed, 22 Nov 2023 12:00:21 -0600 Subject: [PATCH] docs: (IAC-802) Added note for setting CIDR range to avoid security violation --- docs/CONFIG-VARS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/CONFIG-VARS.md b/docs/CONFIG-VARS.md index f17288c1..77dd88ed 100644 --- a/docs/CONFIG-VARS.md +++ b/docs/CONFIG-VARS.md @@ -70,7 +70,7 @@ You can use `default_public_access_cidrs` to set a default range for all created | Name | Description | Type | Default | Notes | | :--- | ---: | ---: | ---: | ---: | -| default_public_access_cidrs | IP address ranges allowed to access all created cloud resources | list of strings | | Sets a default for all resources. | +| default_public_access_cidrs | IP address ranges allowed to access all created cloud resources | list of strings | | Sets a default for all resources. Not setting the CIDR range creates a fully public site, this is not recommended for security reasons. | | cluster_endpoint_public_access_cidrs | IP address ranges allowed to access the AKS cluster API | list of strings | | For client admin access to the cluster api (by `kubectl`, for example). Only used with `cluster_api_mode=public`| | vm_public_access_cidrs | IP address ranges allowed to access the VMs | list of strings | | Opens port 22 for SSH access to the jump server and/or NFS VM by adding Ingress Rule on the NSG. Only used with `create_jump_public_ip=true` or `create_nfs_public_ip=true` | | postgres_public_access_cidrs | IP address ranges allowed to access the Azure PostgreSQL Flexible Server | list of strings || Opens port 5432 by adding Ingress Rule on the NSG. Only used when creating postgres instances. |