terraform – Dynamically add IPv4 address or ranges to an Azure APIM Api Policy

I am trying to automate the building of my apim with TerraForm… it was going quite well until i have hit a wall 😀
one of the policies needs to be restricted to a couple of ip addresses + 1 range, but the dev and prod adressess are different in different environments
eg


    
10.0.0.100
10.0.0.101

So i thought if i create a couple of NamedValue variables in the APIM using TF eg:

AllowedIPAddresses="10.0.0.100,10.0.0.101"
AllowedIPRanges="10.0.0.200-10.0.0.209,10.0.0.230-10.0.0.239"

These can easily be created and managed in different environments by TF and as long as i could split the comma separated address/ranges somehow in the policy eg

    
    

Problem

I cannot seem to split the values up in the policy! when i create the api in TF, i am importing the policy xml from a file against the api’s operation, so the policy needs to be as generic as possible and dependant on variables.

I did try a couple of the friendly neighbourhood helpers and they gave encouraging signs that it was possible using the .Split and for each statements but i could not seem to get to a place were the syntax was accepted on saving the policy, eg the following the portal says in invalid:

 ("allowed-ips").Split(','))" />

any advice or maybe other approaches would be appreciated

Read more here: Source link