Restrict access to Jenkins Server by default

[PaulDuvall]

Restrict access to a non-existent IP Address by default and require the user to enter their /32 IP as a parameter.

[jeffb-stell]

255.255.255.255/32 is a good IP for this (never matches, doesn't throw errors in APIs)

[vrivellino]

FWIW, AWS suggest 127.0.0.1/32 when you need to limit egress on security groups defined in CloudFormation. If, for whatever reason, AWS were to allow broadcast traffic in a VPC, 255.255.255.255/32 would match it. Where as the loopback netblock should never be seen outside of the loopback device.

PS: Hope all is well over at Stelligent. ;)

[akuma12]

I created a pull request that fixes this issue. It restricts all inbound SSH rules to only the creator's IP Address at the /32 range. Should web access on port 8080 be restricted as well? That's an easy change.

[PaulDuvall]

@akuma12 Yes, thanks. Btw, I'll be creating a new issue to remove the need for Jenkins and use CodeBuild, but we'll get to it when we can :-)