Terraform - Create a List of Objects from List of Values

Question

I've run into a weird issue on Terraform v 0.11.8. We are trying to close down the ports of ACR and make it available only in-network and also for the app-services access it.

The terraform IP_restriction rules documentation shows something like this.

network_rule_set {
    default_action = "Deny"
    **ip_rule = [{
      action = "Allow"
      ip_range = "x.x.x.x"
    },
    {
      action = "Allow"
      ip_range = "y.y.y.y"
    }...]**
  }

I have list of IPs in my variable/local

variable "myIps" {
   type="list"
   default="[x.x.x.x, y.y.y.y, z.z.z.z, ....]"
}

How do I convert the list of elements [x.x.x.x] into list of Objects with [{action = "Allow" ip_range = "x.x.x.x"}]. The first property action = "Allow" is always static. I have to pass the IP from my variable into the object property.

I tried with regex pattern like

variable "test2" {
  type="string"
  default = "{action=\"Allow\", ip_range=\"%s\"}"
}

but this returns string not the List of Objects.

Thanks!

Answer 1

You could use a for loop to iterate the ip_rule entries.

Here is a working example on my side with Terraform v0.12.9 + provider.azurerm v1.36.1.

resource "azurerm_resource_group" "test" {
  name     = "example-test"
  location = "East US"
}


variable "ips" {
   type= "list"
   default= ["8.8.8.8", "1.1.1.1","2.2.2.2"]

}

resource "azurerm_container_registry" "acr" {
    name                =   "mytestacr123"
    resource_group_name =   "${azurerm_resource_group.test.name}"
    location            =   "${azurerm_resource_group.test.location}"
    admin_enabled       =   false
    sku                 =   "Premium"


   # georeplication_locations    =   ["East US"]

    network_rule_set        {
        default_action  =   "Deny"
        # ip_rule block
          ip_rule =  [
              for ip in var.ips: {
              action  = "Allow"
              ip_range = ip
                     }
              ] 
          }
}

Result: