search

Azure / terraform-azurerm-openai

Terraform module for deploying Azure OpenAI Service.
MIT License
41 stars 30 forks source link

Support for not linking the network to a preexisting cidr #92

Open jmturwy opened 3 weeks ago

jmturwy commented 3 weeks ago

Is there an existing issue for this?

Description

Currently when using my own private dns zone and a shared cidr, each module attempts to link the privatendpoint cidr to the existing zone. Since this is handled outside of the module and using the shared cidr, the module will fail saying that the cidr link already exisists.

#  private_dns_zone = {
#    name                = "privatelink.openai.azure.com"
#    resource_group_name = data.terraform_remote_state.oai_base.outputs.resource_group_name
#  }
#  private_endpoint = {
#    "pe_endpoint_${local.team}" = {
#      dns_zone_virtual_network_link_name = "pe_${local.team}_dns_zone_link"
#      private_dns_entry_enabled       = true
#      dns_zone_virtual_network_link   = "dns_zone_link"
#      is_manual_connection            = false
#      name                            = "pe_${local.team}"
#      private_service_connection_name = "pe_${local.team}_connection"
#      subnet_name                     = data.terraform_remote_state.oai_base.outputs.subnet_name
#      vnet_name                       = data.terraform_remote_state.oai_base.outputs.vnet_name
#      vnet_rg_name                    = data.terraform_remote_state.oai_base.outputs.resource_group_name
#    }
#  }
 ----[start]----
│ {"error":{"code":"Conflict","message":"Private zone 'privatelink.openai.azure.com' is already linked to the virtual network '\/subscriptions\/FOO\/resourceGroups\/private-endpoint\/providers\/Microsoft.Network\/virtualNetworks\/vnet'."},"status":"Failed"}
│ -----[end]-----

Can we make the module for linking a

New or Affected Resource(s)/Data Source(s)

resource "azurerm_private_dns_zone_virtual_network_link" "dns_zone_link"

Potential Terraform Configuration

https://github.com/Azure/terraform-azurerm-openai/blob/main/private_endpoint.tf#L65

Maybe it looks like this:
`count = length(var.private_endpoint) > 0 && var.private_dns_zone == null ? 1 : 0`

https://github.com/Azure/terraform-azurerm-openai/blob/main/private_endpoint.tf#L48C3-L48C83

References

No response

zioproto commented 3 weeks ago

Hello,

this seems to be a valid issue.

if the user provides the var.private_dns_zone then the assumption is that the link is already done.

I will propose a PR