Use variable vpc_cidr_block

heerener · heerener · commit c3f0e8caecb0 · 2025-04-09T15:21:40.000+02:00
diff --git a/main.tf b/main.tf
@@ -236,6 +236,7 @@ module "private_alb_config" {
 
   private_alb_arn      = module.private_alb_basic.private_alb_arn
   waf_logs_bucket_name = var.waf_logs_bucket_name
+  vpc_cidr_block       = module.network.vpc_cidr_block
 }
 
 module "public_nlb_config" {
diff --git a/obp_private_alb_config/private-alb-waf.tf b/obp_private_alb_config/private-alb-waf.tf
@@ -2,7 +2,7 @@ resource "aws_wafv2_ip_set" "internal_ips" {
   name               = "internal_IPs"
   scope              = "REGIONAL"
   ip_address_version = "IPV4"
-  addresses          = ["10.0.0.0/16"]
+  addresses          = [var.vpc_cidr_block]
 }
 resource "aws_wafv2_web_acl" "basic_protection" {
   name  = "private-alb-waf"
diff --git a/obp_private_alb_config/variables.tf b/obp_private_alb_config/variables.tf
@@ -9,3 +9,9 @@ variable "waf_logs_bucket_name" {
   type        = string
   sensitive   = false
 }
+
+variable "vpc_cidr_block" {
+  description = "CIDR block or network range of the VPC"
+  type        = string
+  sensitive   = false
+}

Original file line number	Diff line number	Diff line change
`@@ -236,6 +236,7 @@ module "private_alb_config" {`
`236`	`236`
`237`	`237`	`private_alb_arn = module.private_alb_basic.private_alb_arn`
`238`	`238`	`waf_logs_bucket_name = var.waf_logs_bucket_name`
	`239`	`+ vpc_cidr_block = module.network.vpc_cidr_block`
`239`	`240`	`}`
`240`	`241`
`241`	`242`	`module "public_nlb_config" {`
Original file line number	Diff line number	Diff line change
`@@ -2,7 +2,7 @@ resource "aws_wafv2_ip_set" "internal_ips" {`
`2`	`2`	`name = "internal_IPs"`
`3`	`3`	`scope = "REGIONAL"`
`4`	`4`	`ip_address_version = "IPV4"`
`5`		`- addresses = ["10.0.0.0/16"]`
	`5`	`+ addresses = [var.vpc_cidr_block]`
`6`	`6`	`}`
`7`	`7`	`resource "aws_wafv2_web_acl" "basic_protection" {`
`8`	`8`	`name = "private-alb-waf"`