Skip to content

Commit

Permalink
⚰️ Do not expose Guacamole container private IP address as traffic ca…
Browse files Browse the repository at this point in the history
…n be routed to any available IP by the ApplicationGateway backend pool
  • Loading branch information
jemrobinson committed Apr 19, 2024
1 parent 6fbb889 commit 308b145
Show file tree
Hide file tree
Showing 2 changed files with 1 addition and 7 deletions.
4 changes: 0 additions & 4 deletions data_safe_haven/infrastructure/stacks/sre/remote_desktop.py
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@
from data_safe_haven.external import AzureIPv4Range
from data_safe_haven.infrastructure.common import (
get_id_from_subnet,
get_ip_address_from_container_group,
)
from data_safe_haven.infrastructure.components import (
AzureADApplication,
Expand Down Expand Up @@ -421,9 +420,6 @@ def __init__(
"connection_db_name": db_guacamole_connections,
"connection_db_server_name": db_server_guacamole.db_server.name,
"container_group_name": container_group.name,
"container_ip_address": get_ip_address_from_container_group(
container_group
),
"disable_copy": props.disable_copy,
"disable_paste": props.disable_paste,
"resource_group_name": resource_group.name,
Expand Down
4 changes: 1 addition & 3 deletions data_safe_haven/provisioning/sre_provisioning_manager.py
Original file line number Diff line number Diff line change
Expand Up @@ -84,9 +84,7 @@ def restart_remote_desktop_containers(self) -> None:
self.remote_desktop_params["resource_group_name"],
self.subscription_name,
)
guacamole_provisioner.restart(
self.remote_desktop_params["container_ip_address"]
)
guacamole_provisioner.restart()

def update_remote_desktop_connections(self) -> None:
"""Update connection information on the Guacamole PostgreSQL server"""
Expand Down

0 comments on commit 308b145

Please sign in to comment.