Hi ,
Trying to pass a block of destination ip’s as variable for aws network firewall rule group . But i am getting below error . Below is the code block and tf.vars
Inappropriate value for attribute "destination": string required.
rule_group {
rules_source {
stateful_rule {
action = "PASS"
header {
destination = var.aws_eu_central_ip_ranges
destination_port = "ANY"
direction = "ANY"
protocol = "TCP"
source = "10.0.0.0/24"
source_port = "ANY"
}
}
}
tf.vars –
variable "aws_eu_central_ip_ranges" {
type = "list"
default = [
"52.219.170.0/23" ,
"52.219.168.0/24"
]
}
Hi @pavant85,
The error indicates that the destination attribute is a string, but you are trying to assign it a list of strings. I’m not sure what resource this is, or what the semantics of each block are, but it’s likely you will want to iterate over the aws_eu_central_ip_ranges, adding a separate block (probably the header block) for each one.
If the header block is the one you want to duplicate, you can use the dynamic feature to assign the values, which may look something like
dynamic "header" {
for_each = var.aws_eu_central_ip_ranges
content {
destination = header.value
destination_port = “ANY”
direction = “ANY”
protocol = “TCP”
source = “10.0.0.0/24”
source_port = “ANY”
}
}