xpk/terraform-training
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: xpk:5f11260c53030858a07c4caf7d67c76f9d659bcb
Branches Tags
xpk:master
..
compare: xpk:69a279012311ae24bd70f79456392ff5d806ff9d
Branches Tags
xpk:master

No commits in common. "5f11260c53030858a07c4caf7d67c76f9d659bcb" and "69a279012311ae24bd70f79456392ff5d806ff9d" have entirely different histories.
5f11260c53 ... 69a2790123

3 changed files with 11 additions and 8 deletions
Show Stats Expand all files Collapse all files

1
NetworkContentDelivery/Exercise3/CfIps.json Normal file
View File

@ -0,0 +1 @@
{"result":{"ipv4_cidrs":["173.245.48.0/20","103.21.244.0/22","103.22.200.0/22","103.31.4.0/22","141.101.64.0/18","108.162.192.0/18","190.93.240.0/20","188.114.96.0/20","197.234.240.0/22","198.41.128.0/17","162.158.0.0/15","104.16.0.0/13","104.24.0.0/14","172.64.0.0/13","131.0.72.0/22"],"ipv6_cidrs":["2400:cb00::/32","2606:4700::/32","2803:f800::/32","2405:b500::/32","2405:8100::/32","2a06:98c0::/29","2c0f:f248::/32"],"etag":"38f79d050aa027e3be3865e495dcc9bc"},"success":true,"errors":[],"messages":[]}

4
NetworkContentDelivery/Exercise3/README.md
View File

@ -11,7 +11,7 @@
| Name | Version | | Name | Version |
|------|---------| |------|---------|
| aws | 5.51.1 | | aws | 5.51.1 |
| http | 3.4.2 | | null | 3.2.2 |
## Modules ## Modules
@ -26,10 +26,10 @@
| Name | Type | | Name | Type |
|------|------| |------|------|
| [aws_ec2_managed_prefix_list.pl1](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_managed_prefix_list) | resource | | [aws_ec2_managed_prefix_list.pl1](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_managed_prefix_list) | resource |
| [null_resource.CloudflareIps](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
| [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source | | [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source |
| [aws_iam_policy_document.dynamodb_endpoint_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | | [aws_iam_policy_document.dynamodb_endpoint_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_iam_policy_document.s3_endpoint_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | | [aws_iam_policy_document.s3_endpoint_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [http_http.CloudflareIps](https://registry.terraform.io/providers/hashicorp/http/latest/docs/data-sources/http) | data source |
## Inputs ## Inputs

14
NetworkContentDelivery/Exercise3/main.tf
View File

@ -89,20 +89,22 @@ data "aws_iam_policy_document" "dynamodb_endpoint_policy" {
} }
} }
resource "null_resource" "CloudflareIps" {
data "http" "CloudflareIps" { provisioner "local-exec" {
url = "https://api.cloudflare.com/client/v4/ips" command = "wget -qO CfIps.json https://api.cloudflare.com/client/v4/ips"
request_headers = {
Accept = "application/json"
} }
} }
locals {
CfIpJson = jsondecode(file("${path.module}/CfIps.json"))
}
resource "aws_ec2_managed_prefix_list" "pl1" { resource "aws_ec2_managed_prefix_list" "pl1" {
name = "CloudflareIpRanges" name = "CloudflareIpRanges"
address_family = "IPv4" address_family = "IPv4"
max_entries = 20 max_entries = 20
dynamic "entry" { dynamic "entry" {
for_each = jsondecode(data.http.CloudflareIps.response_body)["result"]["ipv4_cidrs"] for_each = local.CfIpJson.result.ipv4_cidrs
content { content {
cidr = entry.value cidr = entry.value
description = "Cloudflare IP" description = "Cloudflare IP"