I am trying to convert an AWS CloudFormation script to Terraform but the problem I am facing here is Cloudformation has something called conditions were we can specify multiple conditions to match before creating a resource but I am struggling to replicate the same in terraform.
Example code of ClodeFormation:
Conditions:
NACLDefaultPublicAllowed: !Equals [ !Ref NACLOpenByDefault, "true"]
NACLDefaultPrivateOnly: !Equals [ !Ref NACLOpenByDefault, "false"]
InboundSSHIsAllowed: !Equals [ !Ref AllowInboundSSH, "true"]
InboundRDPIsAllowed: !Equals [ !Ref AllowInboundRDP, "true"]
InboundVPNIsAllowed: !Equals [ !Ref AllowInboundVPN, "true"]
OutboundHTTPIsAllowed: !Equals [ !Ref AllowOutboundHTTP, "true"]
OutboundHTTPSIsAllowed: !Equals [ !Ref AllowOutboundHTTPS, "true"]
HasRemoteHomeNetwork: !Not [ !Equals [ !Ref RemoteHomeNetworkCIDR, ""]]
HasRemoteRepositories: !Not [ !Equals [ !Ref RemoteRepositoriesCIDR, ""]]
AddMGMTInboundSSHRules: !And
- !Condition HasRemoteHomeNetwork
- !Condition NACLDefaultPrivateOnly
- !Condition InboundSSHIsAllowed
AddMGMTInboundRDPRules: !And
- !Condition HasRemoteHomeNetwork
- !Condition NACLDefaultPrivateOnly
- !Condition InboundRDPIsAllowed
AddMGMTInboundVPNRules: !And
- !Condition HasRemoteHomeNetwork
- !Condition NACLDefaultPrivateOnly
- !Condition InboundVPNIsAllowed
AddMGMTOutboundEphemeralRemoteHomeNetworkRules: !Or
- !Condition AddMGMTInboundSSHRules
- !Condition AddMGMTInboundVPNRules
AddOutboundHTTPAnywhereRules: !And
- !Condition OutboundHTTPIsAllowed
- !Condition NACLDefaultPrivateOnly
AddOutboundHTTPSAnywhereRules: !And
- !Condition OutboundHTTPSIsAllowed
- !Condition NACLDefaultPrivateOnly
AddInboundEphemeralAnywhereRules: !Or
- !Condition AddOutboundHTTPAnywhereRules
- !Condition AddOutboundHTTPSAnywhereRules
AddRemoteRepositoriesCIDR: !And
- !Condition HasRemoteRepositories
- !Condition NACLDefaultPrivateOnly
now when I create a resource(in CloudFormation) I can directly use:
rNACLEntryAllowOutboundHTTPfromPUBLtoRemoteRepositories:
Type: "AWS::EC2::NetworkAclEntry"
Condition: AddRemoteRepositoriesCIDR
Properties:
xxxx
rNACLEntryAllowOutboundHTTPSfromPUBLtoRemoteRepositories:
Type: "AWS::EC2::NetworkAclEntry"
Condition: HasRemoteHomeNetwork
Properties:
xxxx
and so on
How can I get the same result in terraform?