yamlファイルに定義されたIPアドレス情報でAWS WAFのIPセットを作成する

2108 ワード
Terraform AWS メモ AWSWAF AWS テキストリンク

入力となるyamlファイルは以下の通り。

# test.yaml
list:
 - ipaddress: 192.0.2.0/24
   descripton: TEST-NET-1
   date: 20220324

 - ipaddress: 198.51.100.0/24
   type: ipv4
   descripton: TEST-NET-2
   date: 20220324

 - ipaddress: 203.0.113.0/24
   type: ipv4
   descripton: TEST-NET-3
   date: 20220324

yamlファイルを読み込んで、IPセットを作成するterraformコードは以下のとおり。
※バージョン情報:terraform->1.0.6, aws provider->3.58

locals {
  test = yamldecode(file("test.yaml"))
}

resource "aws_wafv2_ip_set" "test" {
  name               = "test"
  description        = "test"
  scope              = "REGIONAL"
  ip_address_version = "IPV4"
  addresses          = local.test.list.*.ipaddress
}

terraform applyを実行し、IPセットを作成する。

{code}
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # aws_wafv2_ip_set.test will be created
  + resource "aws_wafv2_ip_set" "test" {
      + addresses          = [
          + "192.0.2.0/24",
          + "198.51.100.0/24",
          + "203.0.113.0/24",
        ]
      + arn                = (known after apply)
      + description        = "test"
      + id                 = (known after apply)
      + ip_address_version = "IPV4"
      + lock_token         = (known after apply)
      + name               = "test"
      + scope              = "REGIONAL"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

aws_wafv2_ip_set.test: Creating...
aws_wafv2_ip_set.test: Creation complete after 0s [id=xxxxx]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
{/code}