During testing of HashiCorp Terraform plans, sometimes there is a need to create firewall rules that use your current public Internet IP address, for example for SSH access to the created instances.
Updates:
There is an easy way to programmatically obtain the IP address using a Terraform External Data Source.
Create a shell script that obtains the IP address and returns the value in a JSON object.
whatismyip.sh
#!/bin/bash ... set -e INTERNETIP="$(dig +short myip.opendns.com @resolver1.opendns.com -4)" echo $(jq -n --arg internetip "$INTERNETIP" '{"internet_ip":$internetip}')
Call the external data source and use the output in a firewall rule. The example in aws_security_group_rules.tf shows how to use the public IP address in an AWS security rule created by Terraform to allow SSH access.
aws_security_group_rules.tf
data "external" "whatismyip" { program = ["/bin/bash" , "${path.module}/whatismyip.sh"] } resource "aws_security_group_rule" "allow_ssh_from_my_ip" { type = "ingress" from_port = 22 to_port = 22 protocol = "tcp" cidr_blocks = [format("%s/%s",data.external.whatismyip.result["internet_ip"],32)] security_group_id = "sg-123456" }
Make sure to install jq utility and also make whatismyip.sh executable using:
sudo apt-get install jq chmod 764 whatismyip.sh
Since you are now using an additional data source, the External Data Source, initialize Terraform using:
terraform init
See more Terraform and Ansible examples:
Just a quick fix because the script whatismyip.sh wasn’t working for me, I don’t if its due to my distro (Ubuntu 20.04)…
I’d only added a “-4″ at the end of the dig command:
#!/bin/bash
set -e
INTERNETIP=”$(dig +short myip.opendns.com @resolver1.opendns.com -4)”
echo $(jq -n –arg internetip “$INTERNETIP” ‘{“internet_ip”:$internetip}’)
Now is showing my IPv4, if the IPv6 is required just change the “-4” to “-6” and you’re good to go.
Thanks, Reque, you are right.
I believe that if you have IPV6 and IPV4 addresses, then the command shows both. Your fix is needed to select the required IP version. I will add it to the tutorial.
Or, just use “curl https://checkip.amazonaws.com“
[…] Read Use your public Internet IP address in Terraform. […]