How to implement Regex inside AWS Wafv2 IP set from IP white list txt file?

samitpatel55 · November 13, 2020, 4:30pm

Hi,

I have been trying to convert an IP whitelist rule from AWS WAF Classic to WAFv2, and struggling to finish it.

I have to Regex into 3 txt files grabbing IPV4 & IPV6 addresses.
Can’t seem to get the loop to work, so it pulls the IP addresses & load it into my TF resource.

How do I loop through this correctly? I’m trying to filter through the file with Regex to take out each IP address and insert it into my IP resource.

Staring with IPV4, will clone it for IPV6.

     resource "aws_wafv2_ip_set" "example" {
      name               = "example"
      description        = "Example IP set"
      scope              = var.target_scope
      ip_address_version = "IPV4"
for_each = var.ipv4_whitelist
      addresses          = each.key
      tags = {
        Tag1 = "Value1"
        Tag2 = "Value2"
      }
    }


    data "template_file" "ip_whitelist" {
      template = file("./ip_whitelist.txt")
    }


    locals {

      ipv_4 = { 
        {for ipv4 in data.template.ip_whitelist }
        var.whitelist_ip_list_ipv4)
      if contains length("\\d{0,3}\\.\\d{0,3}\\.\\d{0,3}\\.\\d{0,3}\\/\\d{0,2}", var.whitelist_ip))
      }

    variable ipv4_whitelist
    default = []

ip_whitelist.txt

1.1.1.1/32
2.2.2.2./32
0000:0000:00

Thanks in advance.

Samit

Topic		Replies	Views
Ip_set_descriptors as list AWS	0	708	September 19, 2019
WAF web acl statements AWS waf	0	394	March 19, 2024
Aws waf ipset failes to create Terraform	0	836	December 4, 2019
Filtering a list of strings for a module argument Terraform vault , azure	1	2296	May 11, 2021
How to exclude allowlist from WAF rule? AWS	1	425	April 6, 2023

How to implement Regex inside AWS Wafv2 IP set from IP white list txt file?

Related topics