diff --git a/services/terraform/self-host/aws_db.tf b/services/terraform/self-host/aws_db.tf --- a/services/terraform/self-host/aws_db.tf +++ b/services/terraform/self-host/aws_db.tf @@ -23,7 +23,7 @@ from_port = local.mariadb_port to_port = local.mariadb_port protocol = "tcp" - cidr_blocks = ["${var.allowed_ip}/32"] + cidr_blocks = [for ip in var.allowed_ips : "${ip}/32"] } # Outbound rules diff --git a/services/terraform/self-host/aws_lb.tf b/services/terraform/self-host/aws_lb.tf --- a/services/terraform/self-host/aws_lb.tf +++ b/services/terraform/self-host/aws_lb.tf @@ -14,7 +14,7 @@ from_port = 443 to_port = 443 protocol = "tcp" - cidr_blocks = ["${var.allowed_ip}/32"] + cidr_blocks = [for ip in var.allowed_ips : "${ip}/32"] } egress { diff --git a/services/terraform/self-host/variables.tf b/services/terraform/self-host/variables.tf --- a/services/terraform/self-host/variables.tf +++ b/services/terraform/self-host/variables.tf @@ -19,9 +19,9 @@ default = "us-west-1" } -variable "allowed_ip" { - description = "IP address" - type = string +variable "allowed_ips" { + description = "List of allowed ipv4 addresses" + type = list(string) } variable "user_created_vpc" {