Adapt former Atlassian provider to Google Cloud

.gitignore

@@ -0,0 +1 @@
+.terraform*

README.md

@@ -1,15 +1,15 @@
-# Bitbucket Whitelist IP Addresses
+# Google Cloud IP Addresses
 
-This module provides both an IPv4 and IPv6 list of IP Addresses from Bitbucket, useful for whitelisting and security
-groups.
+This module provides both an IPv4 and IPv6 list of Google Cloud 
+IP Addresses fetched from https://www.gstatic.com/ipranges/cloud.json
 
 ## Example usages
 
 ### AWS Security group
 
 ```
-module "bitbucket_ips" {
-  source = "calidae/ip-addresses/bitbucket"
+module "gcloud" {
+  source = "calidae/google-cloud-ip-ranges/http"
 }
 
 resource "aws_security_group" "example" {
@@ -20,38 +20,9 @@ resource "aws_security_group" "example" {
     from_port        = 443
     to_port          = 443
     protocol         = "tcp"
-    cidr_blocks      = module.bitbucket_ips.ipv4_range
-    ipv6_cidr_blocks = module.bitbucket_ips.ipv6_range
-    description      = "Webhooks from Atlassian public IP range"
-  }
-}
-```
-
-### AWS Policy
-
-```
-module "bitbucket_ips" {
-  source = "calidae/ip-addresses/bitbucket"
-}
-
-data "aws_iam_policy_document" "example" {
-  statement {
-    effect  = "Allow"
-    actions = ["sts:AssumeRoleWithWebIdentity"]
-    principals {
-      type        = "Federated"
-      identifiers = ["arn:aws:iam::XXXXXXXXXXXX:oidc-provider/api.bitbucket.org/2.0/workspaces/mywspace/pipelines-config/identity/oidc"]
-    }
-    condition {
-      test     = "StringEquals"
-      variable = "api.bitbucket.org/2.0/workspaces/mywspace/pipelines-config/identity/oidc:aud"
-      values   = ["ari:cloud:bitbucket::workspace/mywspace_uuid"]
-    }
-    condition {
-      test     = "IpAddress"
-      variable = "aws:SourceIp"
-      values   = module.bitbucket_ips.ipv4_range
-    }
+    cidr_blocks      = module.gcloud.ipv4_range
+    ipv6_cidr_blocks = module.gcloud.ipv6_range
+    description      = "Connections from Google Cloud"
   }
 }
 ```

main.tf

@@ -1,20 +1,19 @@
-# Get the JSON list of IP Addresses from Bitbucket.
-data "http" "bitbucket_ips" {
-  url = "https://ip-ranges.atlassian.com/"
+data "http" "this" {
+  url = var.url
 
   request_headers = {
     "Accept" = "application/json"
   }
 }
 
 locals {
-  ip_range = tolist(jsondecode(data.http.bitbucket_ips.response_body).items[*].cidr)
+  _prefixes = tolist(jsondecode(data.http.this.response_body).prefixes)
   ipv4_range = compact([
-    for cidr in local.ip_range :
-    replace(cidr, "/.*[:].*/", "")
+    for p in local._prefixes :
+    contains(keys(p), "ipv4Prefix") ? p.ipv4Prefix : null
   ])
   ipv6_range = compact([
-    for cidr in local.ip_range :
-    replace(cidr, "/.*[.].*/", "")
+    for p in local._prefixes :
+    contains(keys(p), "ipv6Prefix") ? p.ipv6Prefix : null
   ])
 }

output.tf

@@ -1,24 +1,9 @@
-output "ip_range" {
-  description = "A list of IPv4 and IPv6 Addresses for outbound connections from Bitbucket's services."
-  value       = local.ip_range
-}
-
 output "ipv4_range" {
-  description = "A list of IPv4 Addresses for outbound connections from Bitbucket's services."
+  description = "A list of IPv4 Addresses for outbound connections from Google Cloud."
   value       = local.ipv4_range
 }
 
 output "ipv6_range" {
-  description = "A list of IPv6 Addresses for outbound connections from Bitbucket's services."
-  value       = local.ipv6_range
-}
-
-output "ipv4_ip_addresses" {
-  description = "Alias to ipv4_range"
-  value       = local.ipv4_range
-}
-
-output "ipv6_ip_addresses" {
-  description = "Alias to ipv6_range"
+  description = "A list of IPv6 Addresses for outbound connections from Google Cloud."
   value       = local.ipv6_range
 }

variables.tf

@@ -0,0 +1,3 @@
+variable "url" {
+  default = "https://www.gstatic.com/ipranges/cloud.json"
+}

versions.tf

@@ -1,9 +1,9 @@
 terraform {
-  required_version = ">= 0.12"
+  required_version = ">= 1"
   required_providers {
     http = {
       source  = "hashicorp/http"
-      version = ">= 2.2.0, < 4.0.0"
+      version = ">= 3"
     }
   }
 }