Skip to content

Instantly share code, notes, and snippets.

@aodj

aodj/main.tf

Created March 23, 2020 10:54
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save aodj/f9903e2b00086527c1a39905ac463864 to your computer and use it in GitHub Desktop.
Save aodj/f9903e2b00086527c1a39905ac463864 to your computer and use it in GitHub Desktop.
Download ZIP
Using chunklist in TF11
Raw
main.tf
variable "ips" {
default = [
"1.1.1.1/32",
"2.2.2.2/32",
"3.3.3.3/32",
"4.4.4.4/32",
"5.5.5.5/32",
"6.6.6.6/32",
"7.7.7.7/32",
"8.8.8.8/29",
"9.9.9.9/32"
]
}
locals {
chunks = "${chunklist(var.ips, 5)}"
rules = [
{ action = "allow", priority = "0", match = { versioned_expr = "SRC_IPS_V1", config = { src_ip_ranges = ["${local.chunks[0]}"] }}},
{ action = "deny(403)", priority = "2147483647", match = { versioned_expr = "SRC_IPS_V1", config = { src_ip_ranges = ["*"] }}, description = "Default rule: deny all"}
]
}
output "rules" {
value = "${local.rules}"
}
Raw
output
$ terraform apply
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Outputs:
foo = [
{
"action" = "allow"
"match" = {
"config" = {
"src_ip_ranges" = [
[
"1.1.1.1/32",
"2.2.2.2/32",
"3.3.3.3/32",
"4.4.4.4/32",
"5.5.5.5/32",
],
]
}
"versioned_expr" = "SRC_IPS_V1"
}
"priority" = "0"
},
{
"action" = "deny(403)"
"description" = "Default rule: deny all"
"match" = {
"config" = {
"src_ip_ranges" = [
"*",
]
}
"versioned_expr" = "SRC_IPS_V1"
}
"priority" = "2147483647"
},
]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment