search

Azure / terraform-azurerm-hubnetworking

Terraform verified module for deploying multi-hub & spoke architectures
https://registry.terraform.io/modules/Azure/hubnetworking/azurerm/latest
MIT License
22 stars 17 forks source link

firewall: default_ip_configuration.public_ip_config.name is ignored #47

Closed d0ru closed 1 year ago

d0ru commented 1 year ago

Is there an existing issue for this?

Greenfield/Brownfield provisioning

greenfield

Terraform Version

1.5.3

Module Version

0.2.0

AzureRM Provider Version

3.66.0

Affected Resource(s)/Data Source(s)

azurerm_public_ip.fw_default_ip_configuration_pip

Terraform Configuration Files

variable "tenant_id" {}
variable "subscription_id" {}
variable "location" {}

variable "proj" {}
variable "env" {}
variable "default_tags" {}

variable "vnet_hub_address_space" {}
variable "vnet_hub_routing_address_space" {}
variable "firewall_subnet_address_prefix" {}

resource "azurerm_resource_group" "network" {
  name     = module.naming-network.resource_group.name_unique
  location = var.location
  tags     = var.default_tags
}

module "naming-hub" {
  source  = "Azure/naming/azurerm"
  version = "~> 0.3"
  suffix  = ["${var.proj}", "${var.env}", "hub"]
}

module "naming-network" {
  source  = "Azure/naming/azurerm"
  version = "~> 0.3"
  suffix  = ["${var.proj}", "${var.env}", "network"]
}

module "hubnetworking" {
  source  = "Azure/hubnetworking/azurerm"
  version = "~> 0.2"

  hub_virtual_networks = {
    neu-hub = {
      name                            = module.naming-hub.virtual_network.name_unique
      location                        = azurerm_resource_group.network.location
      resource_group_name             = azurerm_resource_group.network.name
      resource_group_creation_enabled = false
      resource_group_lock_enabled     = false
      #mesh_peering_enabled            = true

      address_space         = var.vnet_hub_address_space
      routing_address_space = var.vnet_hub_routing_address_space
      firewall = {
        name              = module.naming-hub.firewall.name_unique
        sku_tier          = "Standard"
        sku_name          = "AZFW_VNet"
        threat_intel_mode = "Off"
        zones             = ["1", "2", "3"]
        default_ip_configuration = {
          public_ip_config = {
            name  = [module.naming-hub.public_ip.name_unique]
            zones = ["1", "2", "3"]
            tags  = var.default_tags
          }
        }
        subnet_address_prefix = var.firewall_subnet_address_prefix
        tags                  = var.default_tags
      }
      tags = var.default_tags
    }
  }
}

terraform {
  required_version = ">= 1.3"
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 3.66"
    }
  }
}

provider "azurerm" {
  subscription_id = var.subscription_id
  tenant_id       = var.tenant_id

  features {
    resource_group {
      prevent_deletion_if_contains_resources = true
    }
  }
}

tfvars variables values

tenant_id       = "f17ae016-64fd-452e-bbb1-XXXXX"
subscription_id = "9720b7c2-64c1-4038-bcfe-XXXXX"
location        = "northeurope"

# project
proj = "vpp"
env  = "nonprod"

default_tags = {
  "environment" : "nonprod",
  "project"     : "vpp",
}

vnet_hub_address_space         = ["10.100.0.0/16"]
vnet_hub_routing_address_space = ["10.100.0.0/16"]
firewall_subnet_address_prefix = "10.100.0.0/24"

Debug Output/Panic Output

no panic here after using SKU "AZFW_VNet"

Expected Behaviour

It should have created a PIP with name pip-vpp-nonprod-hub-txs9.

Actual Behaviour

It has used the same name as the firewall.

$ tf console
> module.naming-hub.firewall.name_unique
"fw-vpp-nonprod-hub-txs9"
> module.naming-hub.public_ip.name_unique
"pip-vpp-nonprod-hub-txs9"

Steps to Reproduce

No response

Important Factoids

No response

References

No response

matt-FFFFFF commented 1 year ago

Hi @d0ru

Thanks for trying out the module - we will work on this!