Add variables for private_endpoint_network_policies

Signed-off-by: Jim Enright <[email protected]>
cloudera-labs · Nov 8, 2023 · a6a71f3 · a6a71f3
1 parent 6b59193
commit a6a71f3
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/modules/terraform-cdp-azure-pre-reqs/README.md b/modules/terraform-cdp-azure-pre-reqs/README.md
@@ -85,7 +85,7 @@ In each directory an example `terraform.tfvars.sample` values file is included t
 | <a name="input_cdp_resourcegroup_name"></a> [cdp\_resourcegroup\_name](#input\_cdp\_resourcegroup\_name) | Pre-existing Resource Group for CDP environment. Required if create\_vnet is false. | `string` | `null` | no |
 | <a name="input_cdp_subnet_names"></a> [cdp\_subnet\_names](#input\_cdp\_subnet\_names) | List of subnet names for CDP Resources. Required if create\_vnet is false. | `list(any)` | `null` | no |
 | <a name="input_cdp_subnet_range"></a> [cdp\_subnet\_range](#input\_cdp\_subnet\_range) | Size of each (internal) cluster subnet. Required if create\_vpc is true. | `number` | `19` | no |
-| <a name="input_cdp_subnets_private_endpoint_network_policies_enabled"></a> [cdp\_subnets\_private\_endpoint\_network\_policies\_enabled](#input\_cdp\_subnets\_private\_endpoint\_network\_policies\_enabled) | Enable or Disable network policies for the private endpoint on the CDP subnets | `bool` | `false` | no |
+| <a name="input_cdp_subnets_private_endpoint_network_policies_enabled"></a> [cdp\_subnets\_private\_endpoint\_network\_policies\_enabled](#input\_cdp\_subnets\_private\_endpoint\_network\_policies\_enabled) | Enable or Disable network policies for the private endpoint on the CDP subnets | `bool` | `true` | no |
 | <a name="input_cdp_vnet_name"></a> [cdp\_vnet\_name](#input\_cdp\_vnet\_name) | Pre-existing VNet Name for CDP environment. Required if create\_vnet is false. | `string` | `null` | no |
 | <a name="input_create_azure_cml_nfs"></a> [create\_azure\_cml\_nfs](#input\_create\_azure\_cml\_nfs) | Whether to create NFS for CML | `bool` | `false` | no |
 | <a name="input_create_vm_mounting_nfs"></a> [create\_vm\_mounting\_nfs](#input\_create\_vm\_mounting\_nfs) | Whether to create a VM which mounts this NFS | `bool` | `true` | no |
@@ -98,7 +98,7 @@ In each directory an example `terraform.tfvars.sample` values file is included t
 | <a name="input_enable_raz"></a> [enable\_raz](#input\_enable\_raz) | Flag to enable Ranger Authorization Service (RAZ) | `bool` | `true` | no |
 | <a name="input_env_tags"></a> [env\_tags](#input\_env\_tags) | Tags applied to provisioned resources | `map(any)` | `null` | no |
 | <a name="input_gateway_subnet_range"></a> [gateway\_subnet\_range](#input\_gateway\_subnet\_range) | Size of each gateway subnet. Required if create\_vpc is true. | `number` | `24` | no |
-| <a name="input_gateway_subnets_private_endpoint_network_policies_enabled"></a> [gateway\_subnets\_private\_endpoint\_network\_policies\_enabled](#input\_gateway\_subnets\_private\_endpoint\_network\_policies\_enabled) | Enable or Disable network policies for the private endpoint on the Gateway subnets | `bool` | `false` | no |
+| <a name="input_gateway_subnets_private_endpoint_network_policies_enabled"></a> [gateway\_subnets\_private\_endpoint\_network\_policies\_enabled](#input\_gateway\_subnets\_private\_endpoint\_network\_policies\_enabled) | Enable or Disable network policies for the private endpoint on the Gateway subnets | `bool` | `true` | no |
 | <a name="input_idbroker_managed_identity_name"></a> [idbroker\_managed\_identity\_name](#input\_idbroker\_managed\_identity\_name) | IDBroker Managed Identity name | `string` | `null` | no |
 | <a name="input_idbroker_role_assignments"></a> [idbroker\_role\_assignments](#input\_idbroker\_role\_assignments) | List of Role Assignments for the IDBroker Managed Identity | <pre>list(object({<br>    role        = string<br>    description = string<br>    })<br>  )</pre> | <pre>[<br>  {<br>    "description": "Assign VM Contributor Role to IDBroker Identity at Subscription Level",<br>    "role": "Virtual Machine Contributor"<br>  },<br>  {<br>    "description": "Assign Managed Identity Operator Role to IDBroker Identity at Subscription Level",<br>    "role": "Managed Identity Operator"<br>  }<br>]</pre> | no |
 | <a name="input_ingress_extra_cidrs_and_ports"></a> [ingress\_extra\_cidrs\_and\_ports](#input\_ingress\_extra\_cidrs\_and\_ports) | List of extra CIDR blocks and ports to include in Security Group Ingress rules | <pre>object({<br>    cidrs = list(string)<br>    ports = list(number)<br>  })</pre> | <pre>{<br>  "cidrs": [],<br>  "ports": []<br>}</pre> | no |

diff --git a/modules/terraform-cdp-azure-pre-reqs/variables.tf b/modules/terraform-cdp-azure-pre-reqs/variables.tf
@@ -171,7 +171,7 @@ variable "cdp_subnets_private_endpoint_network_policies_enabled" {
   type        = bool
   description = "Enable or Disable network policies for the private endpoint on the CDP subnets"
 
-  default = false
+  default = true
 
 }
 
@@ -180,7 +180,7 @@ variable "gateway_subnets_private_endpoint_network_policies_enabled" {
 
   description = "Enable or Disable network policies for the private endpoint on the Gateway subnets"
 
-  default = false
+  default = true
 }
 
 # ------- Storage Resources -------