66 ])
77 technology_allowlist = flatten ([for t in var . program_technologies : local . allowlist_map [t ]])
88 worker_egress_allowlist = setunion ([var . ci_server_url ], local. technology_allowlist , var. worker_egress_allowlist )
9+ cg_space_users = setunion (var. cf_org_managers , var. developer_emails )
910}
1011
1112# the `depends_on` lines for each resource or module is needed to properly sequence initial creation
@@ -20,8 +21,7 @@ module "manager_space" {
2021 cf_org_name = var. cf_org_name
2122 cf_space_name = " ${ var . cf_space_prefix } -manager"
2223 allow_ssh = var. allow_ssh
23- deployers = var. cf_org_managers
24- developers = var. developer_emails
24+ developers = local. cg_space_users
2525 auditors = var. auditor_emails
2626}
2727
@@ -32,8 +32,7 @@ module "worker_space" {
3232 cf_org_name = var. cf_org_name
3333 cf_space_name = " ${ var . cf_space_prefix } -workers"
3434 allow_ssh = true # manager must be able to cf ssh into workers
35- deployers = var. cf_org_managers
36- developers = var. developer_emails
35+ developers = local. cg_space_users
3736 auditors = var. auditor_emails
3837 security_group_names = [" trusted_local_networks_egress" ]
3938}
@@ -145,8 +144,7 @@ module "egress_space" {
145144 cf_org_name = var. cf_org_name
146145 cf_space_name = " ${ var . cf_space_prefix } -egress"
147146 allow_ssh = var. allow_ssh
148- deployers = var. cf_org_managers
149- developers = var. developer_emails
147+ developers = local. cg_space_users
150148 auditors = var. auditor_emails
151149 security_group_names = [" public_networks_egress" ]
152150}
0 commit comments