Update security.tf

I have multiple IP's i want to be whitelisted
AdmiraalA · Feb 21, 2024 · a39102b · a39102b
1 parent a6284ae
commit a39102b
Showing 1 changed file with 31 additions and 23 deletions.
diff --git a/security.tf b/security.tf
@@ -1,43 +1,51 @@
+variable "public_ips" {
+  type    = list(string)
+  default = ["82.168.9.145/32", "86.85.108.82/32"]
+}
+
 resource "oci_core_default_security_list" "default_security_list" {
   compartment_id             = var.compartment_ocid
   manage_default_resource_id = oci_core_vcn.default_oci_core_vcn.default_security_list_id
 
   display_name = "Default security list"
+
   egress_security_rules {
     destination = "0.0.0.0/0"
     protocol    = "all"
   }
 
-  ingress_security_rules {
-    protocol = 1 # icmp
-    source   = var.my_public_ip_cidr
-
-    description = "Allow icmp from  ${var.my_public_ip_cidr}"
-
+  dynamic "ingress_security_rules" {
+    for_each = var.public_ips
+    content {
+      protocol    = 1 # ICMP
+      source      = ingress_security_rules.value # Use .value instead of .key
+      description = "Allow ICMP from ${ingress_security_rules.value}"
+    }
   }
 
-  ingress_security_rules {
-    protocol = 6 # tcp
-    source   = var.my_public_ip_cidr
-
-    description = "Allow SSH from ${var.my_public_ip_cidr}"
-
-    tcp_options {
-      min = 22
-      max = 22
+  dynamic "ingress_security_rules" {
+    for_each = var.public_ips
+    content {
+      protocol    = 6 # TCP (SSH)
+      source      = ingress_security_rules.value # Use .value instead of .key
+      description = "Allow SSH from ${ingress_security_rules.value}"
+      tcp_options {
+        min = 22
+        max = 22
+      }
     }
   }
 
   ingress_security_rules {
-    protocol = "all"
-    source   = var.oci_core_vcn_cidr
-
-    description = "Allow all from vcn subnet"
+    protocol    = "all"
+    source      = var.oci_core_vcn_cidr
+    description = "Allow all from VCN subnet"
   }
 
   freeform_tags = {
-    "provisioner"           = "terraform"
-    "environment"           = "${var.environment}"
-    "${var.unique_tag_key}" = "${var.unique_tag_value}"
+    "provisioner"      = "terraform"
+    "environment"      = var.environment
+    "unique_tag_key"   = var.unique_tag_key   # Fixed variable name
+    "unique_tag_value" = var.unique_tag_value # Fixed variable name
   }
-}
+}