Hello Imperva,

I would like to draw your attention to the following use case:

1 The current Terraform code in the DRA Admin module spins up a machine with a public IP address. My first question is whether it’s possible to modify the code to include an option to disable the Elastic IP address.
Additionally, during the execution of the script for the DRA Admin and DRA Analytics modules, it attempts to connect to the application via the public IP address from the deployment machine.

module.dra_admin[0].null_resource.readiness (local-exec): Executing: ["/bin/bash" "-c" " while true; do\n response=$(curl -k -s -o /dev/null -w \"%{http_code}\" --request GET 'https://3.13.11.65:8443/mvc/login')\n if [ $response -eq 200 ]; then\n exit 0\n else\n sleep 60\n fi\n done"] module.dra_analytics[0].null_resource.readiness (local-exec): Executing: ["/bin/bash" "-c" " while true; do\n response=$(curl -k -s -o /dev/null -w \"%{http_code}\" --request GET 'https://3.13.11.65:8443/mvc/login')\n if [ $response -eq 200 ]; then\n exit 0\n else\n sleep 60\n fi\n done"]

2 If there is no specific reason for the current setup, may I suggest altering the code so that the script attempts to connect to the respective DRA component via its private IP address first, and then, if necessary, via its public IP address?

examples/aws/installation/dsf_single_account_deployment/.terraform/modules/dra_admin/main.tf
readiness_script = templatefile("${path.module}/readiness.tftpl", { admin_server_public_ip = try(local.private_ip,local.public_ip,) })

examples/aws/installation/dsf_single_account_deployment/.terraform/modules/dra_analytics/main.tf
readiness_script = templatefile("${path.module}/readiness.tftpl", { admin_server_public_ip = try(var.admin_server_private_ip, var.admin_server_public_ip,) })

Thank you for reviewing my submission. Please let me know your thoughts.