Automate fetching lists of new Fastly IPs
ewdurbin opened this issue · 3 comments
ewdurbin commented
#290 updated the firewall for the cdn-logs host with the current ranges of Fastly IP addresses fetched via the API at https://developer.fastly.com/reference/api/utils/public-ip-list/
We should add a mechanism to automatically keep this list up to date so we don't cause logs to stop flowing again. Whatever range was being used to send syslog streams changed sometime in may and it was missed causing fastly to stop reporting any logs at all.
egeakman commented
@ewdurbin did you skip the letter "r" on purpose between "q" and "s" here:
psf-salt/pillar/base/firewall/fastly-logging.sls
Lines 51 to 56 in d6c01b1