Hi Team,
I was able to use csvdecode for creating NSG rules and work fine.
I was trying now the same with Azure Firewall but looks more complicated.
Do you see this possible? Can you please help me?
See below code I would need to adapt
resource "azurerm_firewall_policy_rule_collection_group" "group" {
for_each = var.azurefw_rule_collection_group
name = each.key
firewall_policy_id = azurerm_firewall_policy.fw_policy[0].id
priority = each.value.priority
dynamic "application_rule_collection" {
for_each = contains(keys(each.value), "application_rule_collections") ? each.value.application_rule_collections : {}
content {
name = application_rule_collection.key
action = application_rule_collection.value.action
priority = application_rule_collection.value.priority
dynamic "rule" {
for_each = application_rule_collection.value.rules
content {
name = rule.key
source_addresses = lookup(rule.value, "source_addresses", null)
source_ip_groups = lookup(rule.value, "source_ip_groups", null)
destination_fqdns = lookup(rule.value, "destination_fqdns", null)
dynamic "protocols" {
for_each = rule.value.protocols
content {
type = protocols.value.type
port = protocols.value.port
}
}
}
}
}
}
dynamic "network_rule_collection" {
for_each = contains(keys(each.value), "network_rule_collections") ? each.value.network_rule_collections : {}
content {
name = network_rule_collection.key
action = network_rule_collection.value.action
priority = network_rule_collection.value.priority
dynamic "rule" {
for_each = network_rule_collection.value.rules
content {
name = rule.key
protocols = lookup(rule.value, "protocols", null)
destination_ports = lookup(rule.value, "destination_ports", null)
source_addresses = lookup(rule.value, "source_addresses", null)
source_ip_groups = lookup(rule.value, "source_ip_groups", null)
destination_addresses = lookup(rule.value, "destination_addresses", null)
destination_ip_groups = lookup(rule.value, "destination_ip_groups", null)
destination_fqdns = lookup(rule.value, "destination_fqdns", null)
}
}
}
}
Many Thanks
Andrea