WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
Skip to content

Commit b0b9940

Browse files
florianowflorianow
committed
chore: change IP list to string
1 parent e289fbb commit b0b9940

File tree

2 files changed

+15
-8
lines changed

2 files changed

+15
-8
lines changed

main.tf

Lines changed: 10 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -147,31 +147,37 @@ resource "azurerm_network_security_group" "agw_nsg" {
147147
resource_group_name = azurerm_resource_group.minio_rg.name
148148
}
149149

150+
locals {
151+
allowed_ips_list = [
152+
for ip in split(",", var.allowed_ip_addresses) : trimspace(ip)
153+
]
154+
}
155+
150156
resource "azurerm_network_security_rule" "allow_https_ui" {
151-
count = length(var.allowed_ip_addresses)
157+
count = length(local.allowed_ips_list)
152158
name = "AllowHTTPS-UI-${count.index}"
153159
priority = 100 + count.index
154160
direction = "Inbound"
155161
access = "Allow"
156162
protocol = "Tcp"
157163
source_port_range = "*"
158164
destination_port_range = "443"
159-
source_address_prefix = var.allowed_ip_addresses[count.index]
165+
source_address_prefix = local.allowed_ips_list[count.index]
160166
destination_address_prefix = "*"
161167
resource_group_name = azurerm_resource_group.minio_rg.name
162168
network_security_group_name = azurerm_network_security_group.agw_nsg.name
163169
}
164170

165171
resource "azurerm_network_security_rule" "allow_https_api" {
166-
count = length(var.allowed_ip_addresses)
172+
count = length(local.allowed_ips_list)
167173
name = "AllowHTTPS-API-${count.index}"
168174
priority = 200 + count.index
169175
direction = "Inbound"
170176
access = "Allow"
171177
protocol = "Tcp"
172178
source_port_range = "*"
173179
destination_port_range = "8443"
174-
source_address_prefix = var.allowed_ip_addresses[count.index]
180+
source_address_prefix = local.allowed_ips_list[count.index]
175181
destination_address_prefix = "*"
176182
resource_group_name = azurerm_resource_group.minio_rg.name
177183
network_security_group_name = azurerm_network_security_group.agw_nsg.name

variables.tf

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -76,12 +76,13 @@ variable "coraza_waf_image" {
7676
}
7777

7878
variable "allowed_ip_addresses" {
79-
type = list(string)
80-
description = "List of IP addresses that will be allowed to access the MinIO service (CIDR format, e.g., ['203.0.113.0/32', '192.168.1.0/24'])"
79+
type = string
80+
description = "Comma-separated list of IP addresses that will be allowed to access the MinIO service in CIDR format. Example: '203.0.113.0/32' for a single IP or '10.10.10.2/32,192.168.1.0/24' for multiple IPs."
81+
default = "10.10.10.2/32"
8182
validation {
8283
condition = alltrue([
83-
for ip in var.allowed_ip_addresses : can(cidrhost(ip, 0))
84+
for ip in split(",", var.allowed_ip_addresses) : can(cidrhost(trimspace(ip), 0))
8485
])
85-
error_message = "All IP addresses must be in valid CIDR format (e.g., '203.0.113.0/32' for a single IP or '192.168.1.0/24' for a subnet)."
86+
error_message = "All IP addresses must be in valid CIDR format (e.g., '10.10.10.2/32' for a single IP or '192.168.1.0/24' for a subnet)."
8687
}
8788
}

0 commit comments

Comments
 (0)