Comments (4)
Having this resource replicate the aws_security_group_rule
would require the API endpoint to be rewritten by our friends at Heroku because as you mention the API overwrites/replaces rulesets.
The good news is that you can pass a list to HCL blocks. This is some example code I came up with for another person looking for similar behavior:
provider "heroku" {}
resource "heroku_space" "foobar" {
name = "joe-testing-1"
organization = "my-team"
region = "virginia"
}
locals {
prd = [
{
action = "allow"
source = "8.8.8.8/32"
}
]
vpn = [
{
action = "allow"
source = "8.8.4.4/32"
}
]
space = [
{
action = "allow"
source = "${heroku_space.foobar.outbound_ips[0]}/32"
},
{
action = "allow"
source = "${heroku_space.foobar.outbound_ips[1]}/32"
},
{
action = "allow"
source = "${heroku_space.foobar.outbound_ips[2]}/32"
},
{
action = "allow"
source = "${heroku_space.foobar.outbound_ips[3]}/32"
}
]
}
resource "heroku_space_inbound_ruleset" "lock_space_to_itself" {
space = "${heroku_space.foobar.id}"
rule = ["${local.prd}"]
rule = ["${local.vpn}"]
rule = ["${local.space}"]
}
from terraform-provider-heroku.
TL;DR you can pass lists of maps into an HCL block and it'll just work.
from terraform-provider-heroku.
Helpful suggestion! I'll try this out. There's an additional axis here, that is my space has a count so that introduces splat syntax.
It's not strictly true that support for this would require a Heroku API change. One would have to get the rules via the api, and do some comparisons, then send the set back.
from terraform-provider-heroku.
This didn't end up working for me, so I just used the older deprecated trusted_ip_ranges
from terraform-provider-heroku.
Related Issues (20)
- Consistent use of ReviewApp resource HOT 21
- Confirm option for heroku_addon uses app id instead of app name. HOT 2
- heroku_team_collaborator.app_id requires potentially costly lookups HOT 4
- Invalid credentials provided Issue HOT 2
- heroku_cert no longer works
- heroku_build resource seems to not take Config Vars into account HOT 6
- Release Action: failed to publish artifacts HOT 1
- heroku_space data source returns name for ID
- Terraform keeps saying there's a change to be applied to a `heroku_config` resource, even after applying. HOT 11
- Creating a formation with quantity=0 is not respected (but updating to 0 is respected) HOT 3
- `heroku_slug` connection reset error when uploading to AWS S3
- feature request: formation batch updates HOT 4
- Is it still possible to use the Heroku provider after Heroku now rejects Basic Authentication? HOT 3
- Addon could not be found. But addon exists in the Heroku addon library. HOT 4
- Manage Heroku enterprise-level resources (particularly enterprise users)
- How to Specify `entrypoint` for `heroku_app` ? HOT 5
- Wait for ACM (Automated Certificate Management)? HOT 1
- API error when managing users "Requested range order is not allowed" HOT 4
- Option to make `heroku_app_config_association` destroy no-op? HOT 1
- Any plan to support app-level permissions?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-heroku.