Iceberg is a global low cost storage solution from AWS for storing archival data. Unfortunately, it is a global resource, and does not have the ability to
Create a tailscale account. Add a tag to your tailscale account - https://login.tailscale.com/admin/acls
// Example/default ACLs for unrestricted connections.
{
// Declare static groups of users. Use autogroups for all users or users with a specific role.
// "groups": {
// "group:example": ["[email protected]", "[email protected]"],
// },
// Define the tags which can be applied to devices and by which users.
"tagOwners": {
"tag:bacalhau-multi-region-example": ["autogroup:admin"],
},
// Define access control lists for users, groups, autogroups, tags,
// Tailscale IP addresses, and subnet ranges.
"acls": [
// Allow all connections.
// Comment this section out if you want to define specific restrictions.
{"action": "accept", "src": ["*"], "dst": ["*:*"]},
],
// Define users and devices that can use Tailscale SSH.
"ssh": [
// Allow all users to SSH into their own devices in check mode.
// Comment this section out if you want to define specific restrictions.
{
"action": "check",
"src": ["autogroup:members"],
"dst": ["autogroup:self"],
"users": ["autogroup:nonroot", "root"],
},
],
// Test access rules every time they're saved.
// "tests": [
// {
// "src": "[email protected]",
// "accept": ["tag:example"],
// "deny": ["100.101.102.103:443"],
// },
// ],
}Generate a tailscale auth key - https://login.tailscale.com/admin/settings/keys
Copy the auth key to the install_tailscale.sh.example script and rename it to install_tailscale.sh
Now just run "./bulk-deploy.sh". This will create/switch to a terraform workspace for every zone in the zone.txt file.