I've run into a weird issue on Terraform v 0.11.8. We are trying to close down the ports of ACR and make it available only in-network and also for the app-services access it.
The terraform IP_restriction rules documentation shows something like this.
network_rule_set {default_action = "Deny"**ip_rule = [{action = "Allow"ip_range = "x.x.x.x"},{action = "Allow"ip_range = "y.y.y.y"}...]**}I have list of IPs in my variable/local
variable "myIps" {type="list"default="[x.x.x.x, y.y.y.y, z.z.z.z, ....]"}How do I convert the list of elements [x.x.x.x] into list of Objects with[{action = "Allow" ip_range = "x.x.x.x"}]. The first property action = "Allow" is always static. I have to pass the IP from my variable into the object property.
I tried with regex pattern like
variable "test2" {type="string"default = "{action=\"Allow\", ip_range=\"%s\"}"}but this returns string not the List of Objects.
Thanks!
Best Answer
You could use a for loop to iterate the ip_rule entries.
Here is a working example on my side with Terraform v0.12.9+ provider.azurerm v1.36.1.
resource "azurerm_resource_group" "test" {name = "example-test"location = "East US"}variable "ips" {type= "list"default= ["8.8.8.8", "1.1.1.1","2.2.2.2"]}resource "azurerm_container_registry" "acr" {name = "mytestacr123"resource_group_name = "${azurerm_resource_group.test.name}"location = "${azurerm_resource_group.test.location}"admin_enabled = falsesku = "Premium"# georeplication_locations = ["East US"]network_rule_set {default_action = "Deny"# ip_rule blockip_rule = [for ip in var.ips: {action = "Allow"ip_range = ip}] }}Result:
