Expose public IP address of VPN gateway resource as an attribute

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

When setting up the ip_configuration block for the azurerm_virtual_network_gateway resource. A public IP is usually used. This is done by allocating a azurerm_public_ip with its allocation_method set to "Dynamic".

This has an issue in the terraform output where the azurerm_public_ip.ip_address attribute is blank due to the allocation occurring after the provisioning of the attached azurerm_virtual_network_gateway resource. The public IP is important for setting up point-to-site connections to the VPN in development. This has a workaround of just executing a terraform refresh after the apply, however the public IP address is stored in the metadata of the resource which can be found in vendor/github.com/Azure/azure-sdk-for-go/services/network/mgmt/2020-07-01/network/models.go::VirtualNetworkGatewayIPConfigurationPropertiesFormat line 40935. Therefore, we could expose the public IP address as an attribute of the azurerm_virtual_network_gateway resource.

Steps to implement change

In resourceVirtualNetworkGatewayRead use the Network.PublicIPsClient to retrieve the IP address of the public IP subresource located in the virtual network gateway properties. This is found in VirtualNetworkGateway.VirtualNetworkGatewayPropertiesFormat.IPConfigurations[**index**].VirtualNetworkGatewayIPConfigurationPropertiesFormat.PublicIPAddress which is of type SubResource. From this we can get the resource group and ID and use that to query the properties of the associated public IP subresource. Once we have that we can add it as a property to the ResourceData returned for the virtual network gateway resource.

New or Affected Resource(s)

azurerm_virtual_network_gateway

Potential Terraform Configuration

resource "azurerm_public_ip" "example" {
  name                = "test"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name

  allocation_method = "Dynamic"
}

resource "azurerm_virtual_network_gateway" "example" {
    name                = "test"
    location            = azurerm_resource_group.example.location
    resource_group_name = azurerm_resource_group.example.name

    type     = "Vpn"
    vpn_type = "RouteBased"

    active_active = false
    enable_bgp    = false
    sku           = "Basic"

    ip_configuration {
      name                          = "vnetGatewayConfig"
      public_ip_address_id          = azurerm_public_ip.example.id
      private_ip_address_allocation = "Dynamic"
      subnet_id                     = azurerm_subnet.example.id
    }
  }
}

output "vpn_ip" { 
  value = azurerm_virtual_network_gateway.example.public_ip_address
}

hashicorp / terraform-provider-azurerm