I'm looking for a solution to add multiple ip addresses restriction on the App Service: Below is my code that I'm trying to fix it but I have hard time achieving this:
variable "ip_address_list" {
type = list
default = ["20.20.20.3" , "10.10.10.2"]}
This is just an example of my variable that I want to implement and part of the site_config is the following:
site_config {
dynamic "ip_restriction" {
for_each = var.ip_address_list
content {
ip_address = cidrhost(ip_restriction.value, 0)
action = "Allow"
}
}
when I run terraform plan I receive the following error:
on main.tf line 208, in resource "azurerm_app_service" "hook-service":
208: ip_address = cidrhost(ip_restriction.value, 0) ip_restriction.value is "20.20.20.3"
Call to function "cidrhost" failed: invalid CIDR expression: invalid CIDR address: 20.20.20.3.
I received this error for both ip addresses. Also after if there is a way for this solution to be implemented I need to have another restriction based on a virtual subnet which it has to communicate with the other servers that are created in a module
{
ip_address = null
name = "Subnet"
action = "Allow"
virtual_network_subnet_id = azurerm_subnet.subnet.id
action = "Allow"
priority = 200
service_tag = null
}
The subnet have creation of Service Endpoint as ("Microsoft.Web")
cidrhost requires the prefix to be in CIDR notation which is for example
"20.20.20.3/32"
https://www.terraform.io/docs/language/functions/cidrhost.html