search

hashicorp / terraform-provider-azurerm

Terraform provider for Azure Resource Manager
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs
Mozilla Public License 2.0
4.6k stars 4.64k forks source link

azurerm_frontdoor_custom_https_configuration error #11348

Open tonijofiu opened 3 years ago

tonijofiu commented 3 years ago

Affected Resource(s)

Terraform Configuration Files

data "azurerm_key_vault" "vault" {
  name                = var.keyvault_name
  resource_group_name = "example-${terraform.workspace}-resources"
}

resource "azurerm_frontdoor" "example-fd" {
  name                                         = "example-${terraform.workspace}-fd"
  resource_group_name                          = azurerm_resource_group.example.name
  enforce_backend_pools_certificate_name_check = false

  frontend_endpoint {
    name      = "example-frontend-endpoint"
    host_name = "example-${terraform.workspace}-fd.azurefd.net"
  }

  frontend_endpoint {
    name      = "example-customdomain-frontend-endpoint"
    host_name = "example.org"
  }

  backend_pool {
    name = "web-ui"
    backend {
      host_header = "example.azureedge.net"
      address     = "example.azureedge.net"
      http_port   = 80
      https_port  = 443
    }

    load_balancing_name = "webuiloadbalancer"
    health_probe_name   = "webuihealthprobe"
  }

  backend_pool {
    name = "web-api"
    backend {
      host_header = azurerm_app_service.example.default_site_hostname
      address     = azurerm_app_service.example.default_site_hostname
      http_port   = 80
      https_port  = 443
    }

    load_balancing_name = "loadBalancingSettings-1598938294970"
    health_probe_name   = "healthProbeSettings-1598938294969"
  }

  backend_pool_load_balancing {
    name = "webuiloadbalancer"
  }

  backend_pool_health_probe {
    name                = "webuihealthprobe"
    enabled             = true
    interval_in_seconds = 50
    path                = "/index.html"
    protocol            = "Https"
  }

  backend_pool_load_balancing {
    name = "loadBalancingSettings-1598938294970"
  }

  backend_pool_health_probe {
    name                = "healthProbeSettings-1598938294969"
    enabled             = false
    interval_in_seconds = 50
    path                = "/api/healthcheck"
    protocol            = "Https"
  }

  routing_rule {
    name               = "redirect-https"
    accepted_protocols = ["Http"]
    patterns_to_match  = ["/*"]
    frontend_endpoints = ["example-frontend-endpoint", "example-customdomain-frontend-edpoint"]
    redirect_configuration {
      redirect_protocol = "HttpsOnly"
      redirect_type     = "Found"
    }
  }

 routing_rule {
    name               = "web-api"
    accepted_protocols = ["Https"]
    patterns_to_match  = ["/api/*", "/swagger", "/swagger/*"]
    frontend_endpoints = ["example-frontend-endpoint", "example-customdomain-frontend-edpoint"]
    forwarding_configuration {
      forwarding_protocol = "MatchRequest"
      backend_pool_name   = "web-api"
    }
  }
  routing_rule {
    accepted_protocols = ["Https"]
    frontend_endpoints = ["example-frontend-endpoint", "example-customdomain-frontend-edpoint"]
    name               = "web-ui"
    patterns_to_match  = ["/*", ]

    forwarding_configuration {
      cache_enabled                         = true
      cache_query_parameter_strip_directive = "StripAll"
      cache_use_dynamic_compression         = true
      forwarding_protocol                   = "MatchRequest"
      backend_pool_name                     = "web-ui"
    }
  }
}

resource "azurerm_frontdoor_custom_https_configuration" "example_custom_https_0" {
  frontend_endpoint_id              = azurerm_frontdoor.example.frontend_endpoints["example-frontend-endpoint"]
  custom_https_provisioning_enabled = false
}

resource "azurerm_frontdoor_custom_https_configuration" "example_custom_https_1" {
  frontend_endpoint_id              = azurerm_frontdoor.example.frontend_endpoints["example-customdomain-frontend-edpoint"]
  custom_https_provisioning_enabled = true

  custom_https_configuration {
    certificate_source                         = "AzureKeyVault"
    azure_key_vault_certificate_secret_name    = "example"
    azure_key_vault_certificate_secret_version = var.keyvault_secret_version
    azure_key_vault_certificate_vault_id       = data.azurerm_key_vault.vault.id
  }
}

Error

According to the documentation, I tried to use this resource, but it throws the following error. Works without Custom HTTP settings.


`in resource "azurerm_frontdoor_custom_https_configuration" "example_custom_https_1":
 183:   frontend_endpoint_id              = azurerm_frontdoor.example.frontend_endpoints[1]
    |----------------
    | azurerm_frontdoor.example.frontend_endpoints is map of string with 2 elements

The given key does not identify an element in this collection value.
  1. terraform init
  2. terraform plan

Important Factoids

References

ericjohnson2 commented 3 years ago

What version of the provider are you using? There is plenty of issues open regarding the ordering and structure of Front Door resources - I would refer you to https://github.com/terraform-providers/terraform-provider-azurerm/issues/9153 for the general discussion and https://github.com/terraform-providers/terraform-provider-azurerm/pull/9357 for Part I of the fix.

tonijofiu commented 3 years ago

@ericjohnson2 2.53.0

WodansSon commented 3 years ago

Is this a typo? (e.g. example-customdomain-frontend-edpoint) should it be example-customdomain-frontend-endpoint? If it is a typo I would consider this a bug as the resource should be validating that the endpoints exist in the resource before allowing the apply to continue.