Menu
I'm likely approaching this completely wrong, but it's the only way I can understand it currently, without reworking a lot of other code that depends on the same data structures...
We have some json specifying some IP addresses that we wish to substitute into some firewall rules, depending on which version of the environment we are deploying.
"customer_ranges": {
"prod": {
"customer_cidr": "192.168.0.0/24"
},
"test": {
"customer_cidr": "192.168.1.0/24"
}
},
Basically, looping through each environment, we check if the rule is built for this environment or not, and if it is, then we need to subsitute in the ip range, for where the string '#Env_customer_cidr' is found. One of the places this occurs is within the source_ranges_names variable:
The code I currently have, which doesn't work, is based on what I imagine is a case statement, written in terraform conditionals:
source_ranges = distinct(flatten([for source in [for source in v.source_ranges_names : source == "#Env" ? replace(source, "#Env", env) : (source == "#Env_customer_cidr" && env == "prod" ? "${var.customer_ranges["prod"]["customer_cidr"]}" : ( source == "#Env_customer_cidr" && env == "test" : "${var.customer_ranges["test"]["customer_cidr"]}" : local.defined_ranges[source] )) ]]))
I'm hoping that the logic is pretty obvious, if the correct string is found, depending on the value of the env we substitute in the correct IP range. Finally, if neither tag is matched, it should return the source without edits. However I'm constantly facing issues with either the conditional operator requiring a false condition, but from my code I think that's always provided, or the wrong number of closing parenthesis?
With some editing, I've got just one error now:
source_ranges = distinct(flatten([for source in [for source in v.source_ranges_names :
source == "#Env" ? replace(source, "#Env", env) :
(source == "#Env_customer_cidr" && env == "prod" ? "${var.customer_ranges["prod"]["customer_cidr"]}" :
( source == "#Env_customer_cidr" && env == "test" ? "${var.customer_ranges["test"]["customer_cidr"]}" :
local.defined_ranges[source] ))]]))
│ Error: Unbalanced parentheses
│
│ on main.tf line 25, in locals:
│ 25: source_ranges = distinct(flatten([for source in [for source in v.source_ranges_names : source == "#Env" ? replace(source, "#Env", env) : (source == "#Env_customer_cidr" && env == "prod" ? "${var.customer_ranges["prod"]["customer_cidr"]}" : ( source == "#Env_customer_cidr" && env == "test" : "${var.customer_ranges["test"]["customer_cidr"]}" : local.defined_ranges[source] )) ]]))
│
│ Expected a closing parenthesis to terminate the expression.
╵
635
asked Jan 19 '26 13:01
Apart from extra ], your condition is incorrect. The general form is:
condition ? true_val : false_val
not
condition : true_val : false_val
So it should be:
source == "#Env_customer_cidr" && env == "test" ? "${var.customer_ranges["test"]["customer_cidr"]}" : local.defined_ranges[source]
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
