2e8c29e474
This commit implements the migration of current firewall rules from a private subnet specific form into a more structured form. First of all, we create a new entity called `Firewall` which represents the sum of all of the firewall rules per resource. Secondly, we are breaking the firewall-private_subnet relationship and make it a part of the vm resource. This way, we are able to apply different firewalls to individual resources in the same subnet. Therefore, customers have a more granular control over the accessibility of the resources. An advantages use case would be, simply shutting down all of the access into a database from public internet and allowing application VMs to be accessible. Migration work consists of 4 individual steps; 1. Create the new `Firewall` entity. 2. Add a new column `firewall_id` to the firewall_rule entity. 3. Create new `firewall` entity for all of the VMs in the system. 4. Repopulate copies of the current firewall_rules per VM since in the old system, there was only 1 copy for all of the resources in the same subnet.
2.4 KiB
2.4 KiB