Add labels in azurerm_vpn_gateway_connection routing block for propagated_route_tables

[pacrutchet]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Just like it is present in azurerm_virtual_hub_connection we need to be able to specify the label in order to propagate it to the route to various routing tables/hubs

New or Affected Resource(s)

azurerm_vpn_gateway_connection

Potential Terraform Configuration

resource "azurerm_vpn_gateway_connection" "some_vpn" {
  name                      = ""
  remote_vpn_site_id        = 
  vpn_gateway_id            = 

  routing {
      associated_route_table  = ""
      propagated_route_table {
          labels          = [
              "",
          ]
          route_table_ids = [
              "",
          ]
      }
  }

  vpn_link {
      bandwidth_mbps                        = 
      bgp_enabled                           = 
      local_azure_ip_address_enabled        = 
      name                                  = ""
      policy_based_traffic_selector_enabled = 
      protocol                              = ""
      ratelimit_enabled                     = 
      route_weight                          = 0
      shared_key                            = ""
      vpn_site_link_id                      = 

      ipsec_policy {
          dh_group                 = ""
          encryption_algorithm     = ""
          ike_encryption_algorithm = ""
          ike_integrity_algorithm  = ""
          integrity_algorithm      = ""
          pfs_group                = ""
          sa_data_size_kb          = 102400000
          sa_lifetime_sec          = 27000
      }
  }
}

References

• 0000

[pacrutchet]

Hi, Any chance for this to be implemented?

The impact is that today in a Virtual WAN topology, BGP routes learn from site to site vpn are not propagated to other vHub that the one it terminates on.

I need to create the connection manually and then import it in Terraform to work around the issue. Regards, PA

[osten33]

This kind of setup is also supported in the _azurerm_express_routeconnection resource and it should be available also for the vpn connection if one is using VPNs as backup of ER, meaning the routing over both should be identical.