IKEv2 Integrity Support

[bandwiches]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.6.2

AzureRM Provider Version

3.0.0

Affected Resource(s)/Data Source(s)

azurerm_virtual_network_gateway_connection

Terraform Configuration Files

N/A

Debug Output/Panic Output

N/A

Expected Behaviour

Virtual Network Gateway Connection will be built and IPSec policy would have IKEv2 Integrity with GCM value.

Actual Behaviour

Virtual Network Gateway Connection is built, but the IKEv2 Integrity value is blank.

Steps to Reproduce

N/A

Important Factoids

No

References

TL;DR - Azure doesn't actually support any GCM values for IKEv2 Integrity.

It's very weird, the Azure Documentation states that IKEv2 Integrity supports GCM values, but in Azure they are not even available. The azurerm_virtual_network_gateway_connection module will build the resource successfully, but the IKEv2 Integrity value will be blank when you look at it inside Azure Portal. I would expect this to result in an error, but the resource builds successfully.

Related Azure-Docs Issue

[neil-yechenwei]

Thanks for raising this issue. As it's an service API issue, so I filed an issue on https://github.com/Azure/azure-rest-api-specs/issues/27628. We will take another look once the invalid enum values are removed from azure-rest-api-spec. Thanks.