Open gerrynicol opened 2 days ago
Hey @gerrynicol, appreciate you calling this out and sharing the documentation as it does appear related to upcoming changes to firewall that the management IP is now going to be required for standard and premium skus for certain features. Will put this in the backlog to fix.
No problem @oZakari.
As a workaround at present I have changed the value here from Basic to Standard and the resource has deployed with the management PIP assigned to the subnet.
Assume there will be changes required to factor in all SKU types im the code going forward.
resource resAzureFirewall 'Microsoft.Network/azureFirewalls@2023-02-01' = if (parAzFirewallEnabled) { dependsOn: [ resGateway ] name: parAzFirewallName location: parLocation tags: parTags zones: (!empty(parAzFirewallAvailabilityZones) ? parAzFirewallAvailabilityZones : []) properties: parAzFirewallTier == 'Standard' ? { ipConfigurations: varAzFirewallUseCustomPublicIps ? map(parAzFirewallCustomPublicIps, ip => {
On further testing, when I then subsequently try to add an additional custom Public IP into the parameter file as below, I get an error.
cannot have more than one subnet reference, please ensure only one IpConfiguration contains a subnet reference","details"
"parAzFirewallCustomPublicIps": { "value": [
What happened? Provide a clear and concise description of the bug, including deployment details.
The Management subnet and public IP address is not associated with the Azure Firewall when the standard SKU is seletced. It is when the Basic SKU is selected.
Unsure if its related to this link where it seems that there may have been a change to Azure Firewall? - https://learn.microsoft.com/en-us/azure/firewall/management-nic
Please provide the correlation id associated with your error or bug.
No error, this looks like configuartion.
What was the expected outcome?
The Management IP and subnet are associated with the AzureFirewallManagementSubnet
Relevant log output
Check previous GitHub issues
Code of Conduct