Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for azurerm_application_gateway PrivateLink attributes #10923

Open
geertn opened this issue Mar 10, 2021 · 0 comments
Open

Support for azurerm_application_gateway PrivateLink attributes #10923

geertn opened this issue Mar 10, 2021 · 0 comments
Labels
enhancement service/application-gateway

Comments

@geertn
Copy link

geertn commented Mar 10, 2021

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

In Azure you can create a Private Link Service on an Application Gateway and after that, create a Private Endpoint to the PLS using the following construct:

resource "azurerm_private_endpoint" "pe" {
  name                = "${local.name_prefix}-gw-pe"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  subnet_id           = data.azurerm_subnet.mgmt.id

  private_service_connection {
    name                           = "${local.name_prefix}-xxx-pe"
    private_connection_resource_id = "/subscriptions/xxx/resourceGroups/rg/providers/Microsoft.Network/applicationGateways/waf-apigw"
    is_manual_connection = false
    subresource_names = [
      "apigw-feip01"
    ]
  }
}

However Terraform azurerm provider doesn't support setting the Private Link configuration.

Azure CLI has the ability to add a Private Link Resource to the Application Gateway:
https://docs.microsoft.com/en-us/cli/azure/network/application-gateway/private-link?view=azure-cli-latest#az_network_application_gateway_private_link_add
https://github.com/Azure/azure-cli/blob/dev/src/azure-cli/azure/cli/command_modules/network/custom.py#L475

REST API has support too:
https://docs.microsoft.com/en-us/rest/api/application-gateway/applicationgateways/createorupdate#request-body
https://docs.microsoft.com/en-us/rest/api/application-gateway/applicationgateways/createorupdate#applicationgatewayprivatelinkconfiguration

GoSDK seems to have support too:
https://github.com/Azure/azure-sdk-for-go/blob/071e3dc47fba538f4d7bcd482a320b699c89812f/services/network/mgmt/2020-05-01/network/applicationgatewayprivatelinkresources.go

ARM/Bicep:
https://docs.microsoft.com/en-us/azure/templates/microsoft.network/applicationgateways?tabs=bicep

New or Affected Resource(s)

  • azurerm_application_gateway

Potential Terraform Configuration

# Copy-paste your Terraform configurations here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file. For
# security, you can also encrypt the files using our GPG public key.

I'd like to reference to the Bicep example

References

  • #0000
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement service/application-gateway
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@favoretti @geertn