Add support to azurerm_application_gateway for the preview TCP/TLS Proxy feature

[atosadam]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Description

The Application Gateway now supports the provisioning of L4 Proxies, currently in public preview: https://learn.microsoft.com/en-us/azure/application-gateway/tcp-tls-proxy-overview?source=recommendations

It is not possible to currently configure these via Terraform, although the CLI/API has been updated to support: https://learn.microsoft.com/en-us/azure/application-gateway/application-gateway-faq#configuration---tls-tcp-proxy

https://learn.microsoft.com/en-us/rest/api/application-gateway/application-gateways/create-or-update?view=rest-application-gateway-2023-09-01&tabs=HTTP#applicationgatewaybackendsettings

New configuration items are: listeners (as opposed to httpListeners) routingRule backendSettingsCollection

New or Affected Resource(s)/Data Source(s)

azurerm_application_gateway

Potential Terraform Configuration

.....

  frontend_ip_configuration {
    name                 = "myip"
    public_ip_address_id = azurerm_public_ip.example.id
  }

  backend_address_pool {
    name = "mybackendpool"
  }

  backend_settings {
    name                  = "backend_tcp_settings"
    port                  = 1433
    protocol              = "Tcp"
    request_timeout       = 60
  }

  listener {
    name                           = "tcp_listener"
    frontend_ip_configuration_name = "myip"
    frontend_port_name             = "myport"
    protocol                       = "Tcp"
  }

  routing_rule {
    name                       = "myrule"
    priority                   = 9
    rule_type                  = "Basic"
    listener_name              = "tcp_listner"
    backend_address_pool_name  = "mybackendpool"
    backend_settings_name      = "backend_settings"
  }

References

https://learn.microsoft.com/en-us/azure/application-gateway/application-gateway-faq#configuration---tls-tcp-proxy

https://learn.microsoft.com/en-us/rest/api/application-gateway/application-gateways/create-or-update?view=rest-application-gateway-2023-09-01&tabs=HTTP#applicationgatewaybackendsettings

https://learn.microsoft.com/en-us/azure/application-gateway/tcp-tls-proxy-overview?source=recommendations

[zacksiri]

Definitely need this. I thought the standard lb can do this but apparently that's just a pass through.