From 5536f5a8c2cc6e004d2a0c106fecf43470f428c2 Mon Sep 17 00:00:00 2001
From: Josh Brower <josh@defensivedepth.com>
Date: Wed, 17 May 2023 09:32:20 -0400
Subject: [PATCH] Add Fleet node to other roles

---
 salt/firewall/defaults.yaml | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/salt/firewall/defaults.yaml b/salt/firewall/defaults.yaml
index ee54f0c1f..176d12ec2 100644
--- a/salt/firewall/defaults.yaml
+++ b/salt/firewall/defaults.yaml
@@ -370,6 +370,19 @@ firewall:
                 - elastic_agent_data
                 - elastic_agent_update
                 - localrules
+            fleet:
+              portgroups:
+                - elasticsearch_rest
+                - docker_registry
+                - influxdb
+                - sensoroni
+                - yum
+                - beats_5044
+                - beats_5644
+                - beats_5056
+                - elastic_agent_control
+                - elastic_agent_data
+                - elastic_agent_update
             sensor:
               portgroups:
                 - beats_5044
@@ -458,6 +471,9 @@ firewall:
             dockernet:
               portgroups:
                 - all
+            fleet:
+              portgroups:
+                - salt_manager
             localhost:
               portgroups:
                 - all
@@ -508,6 +524,19 @@ firewall:
                 - elastic_agent_data
                 - elastic_agent_update
                 - localrules
+            fleet:
+              portgroups:
+                - elasticsearch_rest
+                - docker_registry
+                - influxdb
+                - sensoroni
+                - yum
+                - beats_5044
+                - beats_5644
+                - beats_5056
+                - elastic_agent_control
+                - elastic_agent_data
+                - elastic_agent_update
             sensor:
               portgroups:
                 - beats_5044
@@ -594,6 +623,9 @@ firewall:
             dockernet:
               portgroups:
                 - all
+            fleet:
+              portgroups:
+                - salt_manager
             localhost:
               portgroups:
                 - all