aws_ip_ranges

Use this data source to get the IP ranges of various AWS products and services.

Example Usage

yamlhcldata:
  aws_ip_ranges:
    european_ec2:
      regions:
        - eu-west-1
        - eu-central-1
      services:
        - ec2
resource:
  aws_security_group:
    from_europe:
      name: from_europe
      ingress:
        from_port: 443
        to_port: 443
        protocol: tcp
        cidr_blocks:
          - '${data.aws_ip_ranges.european_ec2.cidr_blocks}'
      tags:
        CreateDate: '${data.aws_ip_ranges.european_ec2.create_date}'
        SyncToken: '${data.aws_ip_ranges.european_ec2.sync_token}'
data "aws_ip_ranges" "european_ec2" {
  regions = [ "eu-west-1", "eu-central-1" ]
  services = [ "ec2" ]
}

resource "aws_security_group" "from_europe" {

  name = "from_europe"

  ingress {
    from_port = "443"
    to_port = "443"
    protocol = "tcp"
    cidr_blocks = [ "${data.aws_ip_ranges.european_ec2.cidr_blocks}" ]
  }

  tags {
    CreateDate = "${data.aws_ip_ranges.european_ec2.create_date}"
    SyncToken = "${data.aws_ip_ranges.european_ec2.sync_token}"
  }

}

Argument Reference

regions - (Optional) Filter IP ranges by regions (or include all regions, if omitted). Valid items are global (for cloudfront) as well as all AWS regions (e.g. eu-central-1)
services - (Required) Filter IP ranges by services. Valid items are amazon (for amazon.com), cloudfront, ec2, route53 and route53_healthchecks.

~> NOTE: If the specified combination of regions and services does not yield any CIDR blocks, Terraform will fail.

Attributes Reference

cidr_blocks - The lexically ordered list of CIDR blocks.
create_date - The publication time of the IP ranges (e.g. 2016-08-03-23-46-05).
sync_token - The publication time of the IP ranges, in Unix epoch time format (e.g. 1470267965).

See the source of this document at Terraform.io