Open ddejaham opened 9 months ago
hlokensgard
commented
8 months ago @ddejaham a workaround can be to implement the firewall outside of the module and using the output of the module for inputs to the firewall. I hope that we can get the option to configure multiple blocks of ip_configuration in the custom_setting.
matt-FFFFFF
commented
8 months ago Hi we don't support this at the moment. Will will consider this as an enhancement
tobiasehlert
commented
1 month ago I've played around with that a little as mentioned at https://github.com/Azure/terraform-azurerm-caf-enterprise-scale/issues/559#issuecomment-1354931366 with some success. The issue I encounter (as mentioned in https://github.com/Azure/terraform-azurerm-caf-enterprise-scale/issues/879#issuecomment-1873699670) is that the resources created by the module managing the pip (first public IP) is to be removed and forces management outside the landing zone module.
In addition to that, I can't apply a lifecycle management in module.enterprise_scale.azurerm_firewall.connectivity since it's inside a module and can't be used since that block type is reserved for usage in future versions.
Community Note
Versions
terraform: v1.4.6
azure provider: v3.61.0
module: source = "Azure/caf-enterprise-scale/azurerm" version = "4.2.0"
Description
Describe the bug
Hello, We currently have an Azure Firewall deployed with one public IP and would like to add a second. We couldn't find in the documentation how to do this, so we looked in the code and saw that it's possible to enforce the "ip_configuration" part with "custom_settings". However, according to the azurerm_firewall documentation, each IP requires it's own "ip_configuration" block and in "custom_settings" we can only set one. So I'd like to know how to add a second public IP.
Steps to Reproduce
No Steps as it's not a bug.
Screenshots
Additional context