Dynamic Priority change when adding multiple IP Restriction for App Services on Azure using terraform
I'm looking a solution for changing the priority on a dynamic "ip_restriction" the code that I use is
variable "ip_address_list" {
type = list
default = ["20.20.20.3/32" , "10.10.10.2/32"]
}
site_config {
dynamic "ip_restriction" {
for_each = var.ip_address_list
content {
ip_address = cidrhost(ip_restriction.value, 0)
action = "Allow"
priority = 100
}
}
When using this code I got the following output
- ip_restriction= [
- {
- action= "Allow"
- headers= (known after apply)
- ip_address= "20.20.20.3"
- name= (known after apply)
- priority= 100
- service_tag= null
- virtual_network_subnet_id = null },
- {
- action= "Allow"
- headers= (known after apply)
- ip_address= "10.10.10.2"
- name= (known after apply)
- priority= 100
- service_tag= null
- virtual_network_subnet_id = null }, ]
Solution
You can use something like this:
locals {
ip_address_list = [
{
ip_add : "20.20.20.3/32",
prior : "100"
},
{
ip_add : "10.10.10.2/32",
prior : "101"
}
]
}
and then
site_config {
dynamic "ip_restriction" {
for_each = local.ip_address_list
content {
ip_address = ip_restriction.value["ip_add"]
action = "Allow"
priority = ip_restriction.value["prior"]
}
}
Output:
Note: Instead of declaring the variables you can declare the locals as given above and then use the site config block provided above.
Update: As per this Github issue @martinjt commented that it expects ipadd/32 as the subnet mask is not included in new versions . So, changed the above code by removing the cidrhost and did a apply it got deployed successfully.
Error: with cidrhost
After removing the cidrhost
- Provision new SQL Azure database into existing, non-terraform managed SQL Server instance
- How to link Google Kubernetes Engine (GKE) and Cloud SQL database?
- Terraform directory Structure for common infrastructure on aws for ADO pipeline
- What does "eksctl create iamserviceaccount" do under the hood on an EKS cluster?
- Creating a cloudsql instance in the VPC network of my Project
- Terraform keeps reporting changes - Codepipeline
- Which resource needs a static route through a Transit Gateway API?
- Basic SQL commands in Terraform
- Terraform depends_on needs to wait for an ecs container to start AND BE HEALTHY before it continues
- azapi_resource_action: Invalid value for "str" parameter: string required
- Terraform fails to import key pair with Amazon EC2
- Azure postgresql flexible server restore with terraform
- How can I list Terraform resources with their IDs
- Delete kubernetes node pull with Terraform without cluster recreating
- Azure Container App Fails to Pull Image from ACR: UNAUTHORIZED Authentication Required
- Terraform Gives errors Failed to load plugin schemas
- In rundeck / terraform, how can I use the option block to capture user input and use it in a command block?
- Configure Application Insights for Azure Function App (Terraform)
- terraform error when integrating S3 website redirect with CloudFront
- Nat Gateway Profile for AKS using terraform
- Terraform and Azure: Problems with association between NetworkSecurityGroups and Subnets
- How to save Terraform output variable into a Github Action’s environment variable
- The local or global variables in policies file in SNS are not able to resolve the values
- terraform when using data sources no stored state was found for the given workspace in the given backend
- Upgrading AWS RDS aurora from serverless v1 to serverless v2 using terraform
- How to install multiple or two versions of Terraform?
- Terraform will damage your computer on macOS Intel
- Upgrade terraform to specific version
- Should I commit my .terraform-version file?
- Terraform code not creating multiple rules in Azure Storage lifecycle