Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add EnablePrivateLinkFastPath to the Express Route Connection resource #25596

Merged
merged 11 commits into from
Apr 16, 2024

Conversation

fjaeckel
Copy link
Contributor

Community Note

  • Please vote on this PR by adding a 👍 reaction to the original PR to help the community and maintainers prioritize for review
  • Please do not leave "+1" or "me too" comments, they generate extra noise for PR followers and do not help prioritize for review

Description

Add a new optional EnablePrivateLinkFastPath option to the Express Route Connection resource. This enables users to enable the feature via Terraform on their Express Route connection.

I chose enable_private_link_fast_path to align with the Azure documentation, this can be changed of course.

The prior PR #20619 has mentioned to add this option, but it has not added the option. Instead it has added ExpressRouteGatewayBypass.

The option exists for a long time already and is officially documented in the API specs: https://learn.microsoft.com/en-us/azure/templates/microsoft.network/2022-07-01/expressroutegateways?pivots=deployment-language-terraform

I have used the documentation from https://learn.microsoft.com/en-us/azure/templates/microsoft.network/expressroutegateways?pivots=deployment-language-terraform#expressrouteconnectionproperties-2 to supply the necessary documentation.

PR Checklist

  • I have followed the guidelines in our Contributing Documentation.
  • I have checked to ensure there aren't other open Pull Requests for the same update/change.
  • I have checked if my changes close any open issues. If so please include appropriate closing keywords below.
  • I have updated/added Documentation as required written in a helpful and kind way to assist users that may be unfamiliar with the resource / data source.
  • I have used a meaningful PR title to help maintainers and other users understand this change and help prevent duplicate work.
    For example: “resource_name_here - description of change e.g. adding property new_property_name_here

Changes to existing Resource / Data Source

  • I have added an explanation of what my changes do and why I'd like you to include them (This may be covered by linking to an issue above, but may benefit from additional explanation).
  • I have written new tests for my resource or datasource changes & updated any relevent documentation.
  • I have successfully run tests with my changes locally. If not, please provide details on testing challenges that prevented you running the tests.
  • (For changes that include a state migration only). I have manually tested the migration path between relevant versions of the provider.

Testing

  • My submission includes Test coverage as described in the Contribution Guide and the tests pass. (if this is not possible for any reason, please include details of why you did or could not add test coverage)

Change Log

Below please provide what should go into the changelog (if anything) conforming to the Changelog Format documented here.

  • azurerm_express_route_connection - support for the enable_private_link_fast_path property

This is a (please select all that apply):

  • Bug Fix
  • New Feature (ie adding a service, resource, or data source)
  • Enhancement
  • Breaking Change

Related Issue(s)

Copy link
Member

@stephybun stephybun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this @fjaeckel. I left some comments and questions in-line. If you can take a look through those then we'll be happy to give this another review.

The documentation states, that `express_route_gateway_bypass_enabled`
needs to be enabled for `private_link_fast_path_enabled` to work. Thus
we're guarding the `Create` and `Update` function to error, in case the
dependency isn't met.
@fjaeckel
Copy link
Contributor Author

Tests failed prior, because I accidentally changed the name of the Azure side Parameter, even though it was correct the first time. Fixed in 6ce4de4

@github-actions github-actions bot added size/S and removed size/XS labels Apr 15, 2024
Copy link
Member

@stephybun stephybun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @fjaeckel LGTM 👍

@stephybun stephybun merged commit 56ac3fc into hashicorp:main Apr 16, 2024
33 checks passed
@github-actions github-actions bot added this to the v3.100.0 milestone Apr 16, 2024
fjaeckel added a commit to fjaeckel/terraform-provider-azurerm that referenced this pull request Apr 17, 2024
… Virtual Network Gateway Connection

In relation to hashicorp#25596 this
is needed also on the Virtual Network Gateway Connection, for users who
connect their Express Routes via VNGs.

This option is only available, when the
`VirtualNetworkGatewayConnectionType` is `ExpressRoute` and when
`expressRouteGatewayBypass` is set, thus guarding for that.
stephybun added a commit that referenced this pull request Apr 18, 2024
fjaeckel added a commit to fjaeckel/terraform-provider-azurerm that referenced this pull request Apr 18, 2024
In this resource its called `express_route_gateway_bypass`, without the
`_enabled`, documentation is already correct.

This was a copy&paste error from: hashicorp#25596
stephybun pushed a commit that referenced this pull request Apr 18, 2024
…onnection resource (#25650)

* Add EnablePrivateLinkFastPath` as `private_link_fast_path_enabled` to Virtual Network Gateway Connection

In relation to #25596 this
is needed also on the Virtual Network Gateway Connection, for users who
connect their Express Routes via VNGs.

This option is only available, when the
`VirtualNetworkGatewayConnectionType` is `ExpressRoute` and when
`expressRouteGatewayBypass` is set, thus guarding for that.

* Add documentation

* Add tests for expressroute with auth_key

* Add Expressroute VNG connection with FastPath enabled

* All hail the linter

ran terrafmt

* Use Standard SKU public IP address

Verified with our internal configuration, that is indeed correct.

* Use `Static` Public IP address

* Fix incorrect use of express_route_gateway_bypass_enabled

In this resource its called `express_route_gateway_bypass`, without the
`_enabled`, documentation is already correct.

This was a copy&paste error from: #25596

* Add datasource documentation
dduportal pushed a commit to jenkins-infra/azure that referenced this pull request Apr 19, 2024
<Actions>
<action
id="f410411e63aff4bb73a81c2aec1d373cf8a903e63b30dee2006b0030d8a94cc8">
        <h3>Bump Terraform `azurerm` provider version</h3>
<details
id="1d9343c012f5434ac9fe8a98135bae3667b399259be16d9b14302ea3bd424a24">
            <summary>Update Terraform lock file</summary>
<p>changes detected:&#xA;&#x9;&#34;hashicorp/azurerm&#34; updated from
&#34;3.99.0&#34; to &#34;3.100.0&#34; in file
&#34;.terraform.lock.hcl&#34;</p>
            <details>
                <summary>3.100.0</summary>
<pre>Changelog retrieved
from:&#xA;&#x9;https://github.com/hashicorp/terraform-provider-azurerm/releases/tag/v3.100.0&#xA;ENHANCEMENTS:&#xA;&#xA;*
dependencies: updating `hashicorp/go-azure-sdk` to `v0.20240417.1084633`
([#25659](hashicorp/terraform-provider-azurerm#25659
`compute` - update Virtual Machine and Virtual Machine Scale Set
resources and data sources to use `hashicorp/go-azure-sdk`
([#25533](hashicorp/terraform-provider-azurerm#25533
`machine_learning` - Add new `machine_learning` block that supports
`purge_soft_deleted_workspace_on_destroy`
([#25624](hashicorp/terraform-provider-azurerm#25624
`loganalytics` - update cluster resource to use `hashicorp/go-azure-sdk`
([#23373](hashicorp/terraform-provider-azurerm#23373
Data Source: `azurerm_management_group` - now exports the
`tenant_scoped_id` attribute
([#25555](hashicorp/terraform-provider-azurerm#25555
`azurerm_container_app` - the
`ingress.ip_security_restriction.ip_address_range` property will now
accept an IP address as valid input
([#25609](hashicorp/terraform-provider-azurerm#25609
`azurerm_container_group` - the `identity` block can now be updated
([#25543](hashicorp/terraform-provider-azurerm#25543
`azurerm_express_route_connection` - support for the
`private_link_fast_path_enabled` property
([#25596](hashicorp/terraform-provider-azurerm#25596
`azurerm_hdinsight_hadoop_cluster` - support for the
`private_link_configuration` block
([#25629](hashicorp/terraform-provider-azurerm#25629
`azurerm_hdinsight_hbase_cluster` - support for the
`private_link_configuration` block
([#25629](hashicorp/terraform-provider-azurerm#25629
`azurerm_hdinsight_interactive_query_cluster` - support for the
`private_link_configuration` block
([#25629](hashicorp/terraform-provider-azurerm#25629
`azurerm_hdinsight_kafka_cluster` - support for the
`private_link_configuration` block
([#25629](hashicorp/terraform-provider-azurerm#25629
`azurerm_hdinsight_spark_cluster` - support for the
`private_link_configuration` block
([#25629](hashicorp/terraform-provider-azurerm#25629
`azurerm_management_group` - now exports the `tenant_scoped_id`
attribute
([#25555](hashicorp/terraform-provider-azurerm#25555
`azurerm_monitor_activity_log_alert` - support for the `location`
property
([#25389](hashicorp/terraform-provider-azurerm#25389
`azurerm_mysql_flexible_server` - update validating regex for `sku_name`
([#25642](hashicorp/terraform-provider-azurerm#25642
`azurerm_postgresql_flexible_server` - support for the `GeoRestore`
`create_mode`
([#25664](hashicorp/terraform-provider-azurerm#25664
`azurerm_virtual_network_gateway_connection` - support for the
`private_link_fast_path_enabled` property
([#25650](hashicorp/terraform-provider-azurerm#25650
`azurerm_windows_web_app` - support for the `handler_mapping` block
([#25631](hashicorp/terraform-provider-azurerm#25631
`azurerm_windows_web_app_slot` - support for the `handler_mapping` block
([#25631](https://github.com/hashicorp/terraform-provider-azurerm/issues/25631))&#xA;&#xA;BUG
FIXES:&#xA;&#xA;* storage: prevent a bug causing the second storage
account key to be used for authentication instead of the first
([#25652](hashicorp/terraform-provider-azurerm#25652
`azurerm_active_directory_domain_service` - prevent an issue where
`filtered_sync_enabled` was not being updated
([#25594](hashicorp/terraform-provider-azurerm#25594
`azurerm_application_insights` - add a state migration to fix the
resource ID casing of Application Insights resources
([#25628](hashicorp/terraform-provider-azurerm#25628
`azurerm_function_app_hybrid_connection` - can now use relay resources
created in a different resource group
([#25541](hashicorp/terraform-provider-azurerm#25541
`azurerm_kubernetes_cluster_node_pool` - prevent plan diff when the
`windows_profile.outbound_nat_enabled` property is unset
([#25644](hashicorp/terraform-provider-azurerm#25644
`azurerm_machine_learning_compute_cluster` - fix location to point to
parent resource for computes
([#25643](hashicorp/terraform-provider-azurerm#25643
`azurerm_machine_learning_compute_instance` - fix location to point to
parent resource for computes
([#25643](hashicorp/terraform-provider-azurerm#25643
`azurerm_storage_account` - check replication type when evaluating
support level for shares and queues for V1 storage accounts
([#25581](hashicorp/terraform-provider-azurerm#25581
`azurerm_storage_account` - added a sanity check for `dns_endpoint_type`
and `blob_properties.restore_policy`
([#25450](hashicorp/terraform-provider-azurerm#25450
`azurerm_web_app_hybrid_connection` - can now use relay resources
created in a different resource group
([#25541](hashicorp/terraform-provider-azurerm#25541
`azurerm_windows_web_app` - prevent removal of
`site_config.application_stack.node_version` when `app_settings` are
updated
([#25488](hashicorp/terraform-provider-azurerm#25488
`azurerm_windows_web_app_slot` - prevent removal of
`site_config.application_stack.node_version` when `app_settings` are
updated
([#25489](https://github.com/hashicorp/terraform-provider-azurerm/issues/25489))&#xA;&#xA;DEPRECATIONS:&#xA;&#xA;*
`logz` - the Logz resources are deprecated and will be removed in v4.0
of the AzureRM Provider since the API no longer allows new instances to
be created
([#25405](hashicorp/terraform-provider-azurerm#25405
`azurerm_machine_learning_compute_instance` - marked the `location`
field as deprecated in v4.0 of the provider
([#25643](hashicorp/terraform-provider-azurerm#25643
`azurerm_kubernetes_cluster` - the following properties have been
deprecated since the API no longer supports cluster creation with legacy
Azure Entra integration: `client_app_id`, `server_app_id`,
`server_app_secret` and `managed`
([#25200](https://github.com/hashicorp/terraform-provider-azurerm/issues/25200))&#xA;&#xA;&#xA;</pre>
            </details>
        </details>
<a
href="https://infra.ci.jenkins.io/job/updatecli/job/azure/job/main/117/">Jenkins
pipeline link</a>
    </action>
</Actions>

---

<table>
  <tr>
    <td width="77">
<img src="https://www.updatecli.io/images/updatecli.png" alt="Updatecli
logo" width="50" height="50">
    </td>
    <td>
      <p>
Created automatically by <a
href="https://www.updatecli.io/">Updatecli</a>
      </p>
      <details><summary>Options:</summary>
        <br />
<p>Most of Updatecli configuration is done via <a
href="https://www.updatecli.io/docs/prologue/quick-start/">its
manifest(s)</a>.</p>
        <ul>
<li>If you close this pull request, Updatecli will automatically reopen
it, the next time it runs.</li>
<li>If you close this pull request and delete the base branch, Updatecli
will automatically recreate it, erasing all previous commits made.</li>
        </ul>
        <p>
Feel free to report any issues at <a
href="https://github.com/updatecli/updatecli/issues">github.com/updatecli/updatecli</a>.<br
/>
If you find this tool useful, do not hesitate to star <a
href="https://github.com/updatecli/updatecli/stargazers">our GitHub
repository</a> as a sign of appreciation, and/or to tell us directly on
our <a
href="https://matrix.to/#/#Updatecli_community:gitter.im">chat</a>!
        </p>
      </details>
    </td>
  </tr>
</table>

Co-authored-by: Jenkins Infra Bot (updatecli) <[email protected]>
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 17, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants