This bit of code is used to automatically generate the terraform resources to whitelist all Google internal IPs used to ping our App Engine, allowing us to perform uptime checks.
Node and npm (or yarn) must already be installed.
Go to your GCP monitoring project. Navigate to Monitoring > UpTime Checks.
Between the "Uptime checks" title and the "CREATE UPTIME CHECKS" button, you will see a download icon with the "Download whitelisted checker IP adresses" tooltip.
Once clicked, it will download a file named uptime-source-ips.txt. Keep this file around while following the next steps.
This module must always be installed globally. With npm:
npm i -g gae-fw-rules-terraformerOr with yarn:
yarn global add gae-fw-rules-terraformergae-fw-rules-terraformer --dep=<firstDependency> --prio=<startingPriority> --source=<sourcePath> --target=<targetPath>
<firstDependency> should be and already existing firewall rule, the "ALLOW" rule with the highest priority would be better.
<startingPriority> the rule priority which will be incremented 1000 by 1000 by the program. i.e: if you have 50 IPs adresses to include, starting with the priority 10 000 will assigning their priorities respectively to 100000, 11000, 12000, [...], 59000, 600000.
<sourcePath> the path to your IPs list file (see above). Can either be relative or absolute.
<target> a regex matching the Terraform file paths to update. Can either be relative or absolute.
Real-life usage example :
gae-fw-rules-terraformer --dep=allow-rule-russia --prio=8000 --source=/Users/developer/dev/files/uptime-source-ips.txt --target=./environments/**/main.tf
NB: it is recommended to run the terraform format command on all your files after running this script. From your Terraform project root:
terraform fmt -recursive
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.