diff --git a/README.md b/README.md
index 5c0ab71..709ddad 100644
--- a/README.md
+++ b/README.md
@@ -61,15 +61,15 @@ No modules.
## Inputs
-| Name | Description | Type | Default | Required |
-| --------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | -------------- | ------- | :------: |
-| [project](#input\_project) | Project name | `string` | n/a | yes |
-| [env](#input\_env) | Environment name | `string` | n/a | yes |
-| [location](#input\_location) | Specifies the supported Azure location where the resource exists | `string` | n/a | yes |
-| [resource\_group](#input\_resource\_group) | The name of the resource group in which resources is created | `string` | n/a | yes |
-| [tags](#input\_tags) | A mapping of tags to assign to the resource | `map(string)` | {} | no |
-| [custom\_nsg\_name](#input\_custom\_nsg\_name) | Custom network security group name | `string` | null | no |
-| [security\_rules](#input\_security\_rules) | List of objects representing security rules | list(object({
name = optional(string)
description = optional(string)
priority = optional(number)
direction = optional(string)
access = optional(string)
protocol = optional(string)
source_port_range = optional(string)
destination_port_range = optional(string)
source_address_prefix = optional(string)
destination_address_prefix = optional(string)
}))
| [] | no |
+| Name | Description | Type | Default | Required |
+| --------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- |-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| ------- | :------: |
+| [project](#input\_project) | Project name | `string` | n/a | yes |
+| [env](#input\_env) | Environment name | `string` | n/a | yes |
+| [location](#input\_location) | Specifies the supported Azure location where the resource exists | `string` | n/a | yes |
+| [resource\_group](#input\_resource\_group) | The name of the resource group in which resources is created | `string` | n/a | yes |
+| [tags](#input\_tags) | A mapping of tags to assign to the resource | `map(string)` | {} | no |
+| [custom\_nsg\_name](#input\_custom\_nsg\_name) | Custom network security group name | `string` | null | no |
+| [security\_rules](#input\_security\_rules) | List of objects representing security rules | list(object({
name = optional(string)
description = optional(string)
priority = optional(number)
direction = optional(string)
access = optional(string)
protocol = optional(string)
source_port_range = optional(string)
destination_port_range = optional(string)
source_address_prefix = optional(string)
source_address_prefixes = optional(list(string))
destination_address_prefix = optional(string)
}))
| [] | no |
## Outputs
diff --git a/main.tf b/main.tf
index 45c3251..08fa69e 100644
--- a/main.tf
+++ b/main.tf
@@ -20,7 +20,8 @@ resource "azurerm_network_security_group" "this" {
protocol = security_rule.value["protocol"]
source_port_range = security_rule.value["source_port_range"]
destination_port_range = security_rule.value["destination_port_range"]
- source_address_prefix = security_rule.value["source_address_prefix"]
+ source_address_prefix = lookup(security_rule.value, "source_address_prefix", null)
+ source_address_prefixes = lookup(security_rule.value, "source_address_prefixes", [])
destination_address_prefix = security_rule.value["destination_address_prefix"]
}
}
diff --git a/variables.tf b/variables.tf
index 164a9a7..c802e97 100644
--- a/variables.tf
+++ b/variables.tf
@@ -41,6 +41,7 @@ variable "security_rules" {
source_port_range = optional(string)
destination_port_range = optional(string)
source_address_prefix = optional(string)
+ source_address_prefixes = optional(list(string))
destination_address_prefix = optional(string)
}))
description = "List of objects representing security rules"