Merge pull request #47 from lacework/change-default-nat-config

wilderj · web-flow · commit 94d4428dfdd0 · 2025-01-13T17:07:53.000-05:00
Change default nat config
diff --git a/README.md b/README.md
@@ -115,7 +115,7 @@ No modules.
 | <a name="input_suffix"></a> [suffix](#input\_suffix) | A string to be appended to the end of the name of all new resources. | `string` | `""` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Set of tags which will be added to the resources managed by the module. | `map(string)` | `{}` | no |
 | <a name="input_tenant_id"></a> [tenant\_id](#input\_tenant\_id) | TenantId where LW Sidekick is deployed | `string` | `""` | no |
-| <a name="input_use_nat_gateway"></a> [use\_nat\_gateway](#input\_use\_nat\_gateway) | Whether to use a NAT gateway instead of public IPs on scanning instances. Defaults to `true`. | `bool` | `true` | no |
+| <a name="input_use_nat_gateway"></a> [use\_nat\_gateway](#input\_use\_nat\_gateway) | Whether to use a NAT gateway instead of public IPs on scanning instances. Defaults to `false`. | `bool` | `false` | no |
 
 ## Outputs
 
diff --git a/examples/custom-vnet/main.tf b/examples/custom-vnet/main.tf
@@ -60,11 +60,9 @@ module "lacework_azure_agentless_scanning_rg_and_vnet" {
   create_log_analytics_workspace = true
   region                         = local.region
 
-  // When using a custom vnet with the default NAT gateway (use_nat_gateway = true),
-  // you must specify the network security group here:
-  custom_network_security_group = azurerm_network_security_group.example.id
-  
-  // If you want to use public IPs instead of a NAT gateway, comment out the line above
-  // and uncomment this line:
-  // use_nat_gateway = false
+  // When using a custom vnet with the NAT gateway (use_nat_gateway = true),
+  // uncomment the two lines below and specify the network security group:
+
+  // use_nat_gateway = true
+  // custom_network_security_group = azurerm_network_security_group.example.id
 }
diff --git a/variables.tf b/variables.tf
@@ -62,8 +62,8 @@ variable "tags" {
 
 variable "use_nat_gateway" {
   type        = bool
-  description = "Whether to use a NAT gateway instead of public IPs on scanning instances. Defaults to `true`."
-  default     = true
+  description = "Whether to use a NAT gateway instead of public IPs on scanning instances. Defaults to `false`."
+  default     = false
 }
 
 variable "custom_network" {

Original file line number	Diff line number	Diff line change
`@@ -62,8 +62,8 @@ variable "tags" {`
`62`	`62`
`63`	`63`	`variable "use_nat_gateway" {`
`64`	`64`	`type = bool`
`65`		- description = "Whether to use a NAT gateway instead of public IPs on scanning instances. Defaults to `true`."
`66`		`- default = true`
	`65`	+ description = "Whether to use a NAT gateway instead of public IPs on scanning instances. Defaults to `false`."
	`66`	`+ default = false`
`67`	`67`	`}`
`68`	`68`
`69`	`69`	`variable "custom_network" {`