Come aggiungere più indirizzi ip per azure service bus firewall in modo dinamico utilizzando terraforma.
Sono stato in grado di aggiungere gli indirizzi per il servizio di bus istanza mentre codificare gli indirizzi di tf del codice. Ma terraforma sta cercando di creare più network_ruleset risorse con questo modicare il codice.
resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "West Europe"
}
resource "azurerm_servicebus_namespace" "example" {
name = "example-sb-namespace"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
sku = "Premium"
capacity = 1
}
resource "azurerm_virtual_network" "example" {
name = "example-vnet"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
address_space = ["172.17.0.0/16"]
dns_servers = ["10.0.0.4", "10.0.0.5"]
}
resource "azurerm_subnet" "example" {
name = "default"
resource_group_name = azurerm_resource_group.example.name
virtual_network_name = azurerm_virtual_network.example.name
address_prefixes = ["172.17.0.0/24"]
service_endpoints = ["Microsoft.ServiceBus"]
}
locals {
ip_rules = [
"1.1.1.1",
"2.2.2.2",
"123.145.168.143",
"1.23.54.67",
"145.36.142.127",
"192.168.0.0/24",
"194.145.123.0/26"
]
}
resource "azurerm_servicebus_namespace_network_rule_set" "example" {
namespace_name = azurerm_servicebus_namespace.example.name
resource_group_name = azurerm_resource_group.example.name
default_action = "Deny"
trusted_services_allowed = true
network_rules {
subnet_id = azurerm_subnet.example.id
ignore_missing_vnet_service_endpoint = false
}
for_each = toset(local.ip_rules1)
ip_rules = [each.value]
# ip_rules = [
# "1.1.1.1",
# "2.2.2.2",
# "123.145.168.143",
# "1.23.54.67",
# "45.36.142.127",
# "192.168.0.0/24",
# "194.145.123.0/26"
# ]
}
Come ottenere questo scenario rispetto al azure service bus istanza.