Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

azurerm_bastion_host Premium REQUIRES public_ip_address_id ip_configuration block item #28220

Open
1 task done
ko5tas opened this issue Dec 9, 2024 · 1 comment
Open
1 task done

azurerm_bastion_host Premium REQUIRES public_ip_address_id ip_configuration block item #28220

ko5tas opened this issue Dec 9, 2024 · 1 comment
Labels
enhancement service/network v/4.x

Comments

@ko5tas
Copy link

ko5tas commented Dec 9, 2024

Is there an existing issue for this?

  • I have searched the existing issues

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.9.6

AzureRM Provider Version

4.13.0

Affected Resource(s)/Data Source(s)

azurerm_bastion_host

Terraform Configuration Files

resource "azurerm_bastion_host" "tked_neu_bastion1" {
  name                      = "tked_neu_bastion1"
  resource_group_name       = azurerm_resource_group.tked_poc_neu_rg.name
  location                  = var.region_1
  sku                       = "Premium"
  scale_units               = 3
  zones                     = []
  session_recording_enabled = false
  copy_paste_enabled        = true
  shareable_link_enabled    = true
  ip_connect_enabled        = true

  kerberos_enabled = false

  ip_configuration {
    name      = "IpConf"
    subnet_id = azurerm_subnet.tked_neu_vnet_bastion_subnet.id
    //public_ip_address_id = azurerm_public_ip.bastion1_pip.id
  }
}

Debug Output/Panic Output

$ terraform apply -auto-approve
╷
│ Error: Missing required argument
│
│   on 005_bastion.tf line 32, in resource "azurerm_bastion_host" "tked_neu_bastion1":
│   32:   ip_configuration {
│
│ The argument "public_ip_address_id" is required, but no definition was found.
╵

Expected Behaviour

Provision bastion with no public IP and private IP connectivity enabled only.
When sku is "Premium" and ip_connect_enabled is set to true, a public IP should not be required.

Actual Behaviour

Cannot proceed without not creating a public IP.
Tried creating the bastion using the azure cli and Bicep but they all required a public IP even with the same parameters as the terraform code sets above.

Steps to Reproduce

terraform apply

Important Factoids

no

References

no
@ko5tas
Copy link
Author

ko5tas commented Dec 11, 2024

@rcskosir I think this is a huge BUG and not an enchacement because you are effectively deprived of the option to use private IPs as the endpoint when selecting "Premium" as the sku.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement service/network v/4.x
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ko5tas @rcskosir