hashicorp · katbyte · Nov 10, 2020 · Nov 5, 2020 · Nov 6, 2020 · Nov 10, 2020
diff --git a/azurerm/internal/services/network/point_to_site_vpn_gateway_resource.go b/azurerm/internal/services/network/point_to_site_vpn_gateway_resource.go
@@ -93,6 +93,48 @@ func resourceArmPointToSiteVPNGateway() *schema.Resource {
 								},
 							},
 						},
+
+						"route_config": {
+							Type:     schema.TypeList,
+							Optional: true,
+							Computed: true,
+							MaxItems: 1,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"associated_route_table_id": {
+										Type:         schema.TypeString,
+										Required:     true,
+										ValidateFunc: validate2.VirtualHubRouteTableID,
+									},
+
+									"propagated_route_table": {
+										Type:     schema.TypeList,
+										Optional: true,
+										MaxItems: 1,
+										Elem: &schema.Resource{
+											Schema: map[string]*schema.Schema{
+												"ids": {
+													Type:     schema.TypeList,
+													Required: true,
+													Elem: &schema.Schema{
+														Type:         schema.TypeString,
+														ValidateFunc: validate2.VirtualHubRouteTableID,
+													},
+												},
+
+												"labels": {
+													Type:     schema.TypeList,
+													Optional: true,
+													Elem: &schema.Schema{
+														Type: schema.TypeString,
+													},
+												},
+											},
+										},
+									},
+								},
+							},
+						},
 					},
 				},
 			},
@@ -103,6 +145,46 @@ func resourceArmPointToSiteVPNGateway() *schema.Resource {
 				ValidateFunc: validation.IntAtLeast(0),
 			},
 
+			"custom_dns_servers": {
+				Type:     schema.TypeList,
+				Optional: true,
+				Elem: &schema.Schema{
+					Type:         schema.TypeString,
+					ValidateFunc: validation.IsIPv4Address,
+				},
+			},
+
+			"connection_health": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"total_ingress_bytes_transferred": {
+							Type:     schema.TypeInt,
+							Computed: true,
+						},
+
+						"total_egress_bytes_transferred": {
+							Type:     schema.TypeInt,
+							Computed: true,
+						},
+
+						"vpn_client_connections_count": {
+							Type:     schema.TypeInt,
+							Computed: true,
+						},
+
+						"allocated_ip_addresses": {
+							Type:     schema.TypeList,
+							Computed: true,
+							Elem: &schema.Schema{
+								Type: schema.TypeString,
+							},
+						},
+					},
+				},
+			},
+
 			"tags": tags.Schema(),
 		},
 	}
@@ -152,6 +234,10 @@ func resourceArmPointToSiteVPNGatewayCreateUpdate(d *schema.ResourceData, meta i
 		},
 		Tags: tags.Expand(t),
 	}
+	customDNSServers := utils.ExpandStringSlice(d.Get("custom_dns_servers").([]interface{}))
+	if len(*customDNSServers) != 0 {
+		parameters.P2SVpnGatewayProperties.CustomDNSServers = customDNSServers
+	}
 
 	future, err := client.CreateOrUpdate(ctx, resourceGroup, name, parameters)
 	if err != nil {
@@ -201,6 +287,10 @@ func resourceArmPointToSiteVPNGatewayRead(d *schema.ResourceData, meta interface
 	}
 
 	if props := resp.P2SVpnGatewayProperties; props != nil {
+		d.Set("custom_dns_servers", utils.FlattenStringSlice(props.CustomDNSServers))
+		if err := d.Set("connection_health", flattenPointToSiteVPNGatewayConnectionHealth(props.VpnClientConnectionHealth)); err != nil {
+			return fmt.Errorf("setting `connection_health`: %+v", err)
+		}
 		flattenedConfigurations := flattenPointToSiteVPNGatewayConnectionConfiguration(props.P2SConnectionConfigurations)
 		if err := d.Set("connection_configuration", flattenedConfigurations); err != nil {
 			return fmt.Errorf("Error setting `connection_configuration`: %+v", err)
@@ -275,13 +365,72 @@ func expandPointToSiteVPNGatewayConnectionConfiguration(input []interface{}) *[]
 				VpnClientAddressPool: &network.AddressSpace{
 					AddressPrefixes: &addressPrefixes,
 				},
+				RoutingConfiguration: expandPointToSiteVPNGatewayConnectionRouteConfiguration(raw["route_config"].([]interface{})),
 			},
 		})
 	}
 
 	return &configurations
 }
 
+func expandPointToSiteVPNGatewayConnectionRouteConfiguration(input []interface{}) *network.RoutingConfiguration {
+	if len(input) == 0 {
+		return nil
+	}
+	v := input[0].(map[string]interface{})
+	return &network.RoutingConfiguration{
+		AssociatedRouteTable: &network.SubResource{
+			ID: utils.String(v["associated_route_table_id"].(string)),
+		},
+		PropagatedRouteTables: expandPointToSiteVPNGatewayConnectionRouteConfigurationPropagatedRouteTable(v["propagated_route_table"].([]interface{})),
+	}
+}
+
+func expandPointToSiteVPNGatewayConnectionRouteConfigurationPropagatedRouteTable(input []interface{}) *network.PropagatedRouteTable {
+	if len(input) == 0 {
+		return nil
+	}
+	v := input[0].(map[string]interface{})
+	idRaws := utils.ExpandStringSlice(v["ids"].([]interface{}))
+	ids := make([]network.SubResource, len(*idRaws))
+	for i, item := range *idRaws {
+		ids[i] = network.SubResource{
+			ID: utils.String(item),
+		}
+	}
+	return &network.PropagatedRouteTable{
+		Labels: utils.ExpandStringSlice(v["labels"].([]interface{})),
+		Ids:    &ids,
+	}
+}
+
+func flattenPointToSiteVPNGatewayConnectionHealth(input *network.VpnClientConnectionHealth) []interface{} {
+	if input == nil {
+		return []interface{}{}
+	}
+
+	var totalIngressBytesTransferred, totalEgressBytesTransferred int64
+	if input.TotalIngressBytesTransferred != nil {
+		totalIngressBytesTransferred = *input.TotalIngressBytesTransferred
+	}
+	if input.TotalEgressBytesTransferred != nil {
+		totalEgressBytesTransferred = *input.TotalEgressBytesTransferred
+	}
+	var vpnClientConnectionsCount int32
+	if input.VpnClientConnectionsCount != nil {
+		vpnClientConnectionsCount = *input.VpnClientConnectionsCount
+	}
+
+	return []interface{}{
+		map[string]interface{}{
+			"total_ingress_bytes_transferred": totalIngressBytesTransferred,
+			"total_egress_bytes_transferred":  totalEgressBytesTransferred,
+			"vpn_client_connections_count":    vpnClientConnectionsCount,
+			"allocated_ip_addresses":          utils.FlattenStringSlice(input.AllocatedIPAddresses),
+		},
+	}
+}
+
 func flattenPointToSiteVPNGatewayConnectionConfiguration(input *[]network.P2SConnectionConfiguration) []interface{} {
 	if input == nil {
 		return []interface{}{}
@@ -315,8 +464,45 @@ func flattenPointToSiteVPNGatewayConnectionConfiguration(input *[]network.P2SCon
 					"address_prefixes": addressPrefixes,
 				},
 			},
+			"route_config": flattenPointToSiteVPNGatewayConnectionRouteConfiguration(v.RoutingConfiguration),
 		})
 	}
 
 	return output
 }
+
+func flattenPointToSiteVPNGatewayConnectionRouteConfiguration(input *network.RoutingConfiguration) []interface{} {
+	if input == nil {
+		return []interface{}{}
+	}
+	var associatedRouteTableId string
+	if input.AssociatedRouteTable != nil && input.AssociatedRouteTable.ID != nil {
+		associatedRouteTableId = *input.AssociatedRouteTable.ID
+	}
+	return []interface{}{
+		map[string]interface{}{
+			"associated_route_table_id": associatedRouteTableId,
+			"propagated_route_table":    flattenPointToSiteVPNGatewayConnectionRouteConfigurationPropagatedRouteTable(input.PropagatedRouteTables),
+		},
+	}
+}
+
+func flattenPointToSiteVPNGatewayConnectionRouteConfigurationPropagatedRouteTable(input *network.PropagatedRouteTable) []interface{} {
+	if input == nil {
+		return []interface{}{}
+	}
+	ids := make([]string, 0)
+	if input.Ids != nil {
+		for _, item := range *input.Ids {
+			if item.ID != nil {
+				ids = append(ids, *item.ID)
+			}
+		}
+	}
+	return []interface{}{
+		map[string]interface{}{
+			"ids":    ids,
+			"labels": utils.FlattenStringSlice(input.Labels),
+		},
+	}
+}
diff --git a/azurerm/internal/services/network/tests/point_to_site_vpn_gateway_resource_test.go b/azurerm/internal/services/network/tests/point_to_site_vpn_gateway_resource_test.go
@@ -174,22 +174,37 @@ func testAccAzureRMAzureRMPointToSiteVPNGateway_updated(data acceptance.TestData
 	return fmt.Sprintf(`
 %s
 
+resource "azurerm_virtual_hub_route_table" "test" {
+  name           = "acctest-RouteTable-%d"
+  virtual_hub_id = azurerm_virtual_hub.test.id
+}
+
 resource "azurerm_point_to_site_vpn_gateway" "test" {
   name                        = "acctestp2sVPNG-%d"
   location                    = azurerm_resource_group.test.location
   resource_group_name         = azurerm_resource_group.test.name
   virtual_hub_id              = azurerm_virtual_hub.test.id
   vpn_server_configuration_id = azurerm_vpn_server_configuration.test.id
   scale_unit                  = 2
+  custom_dns_servers          = ["3.3.3.3"]
 
   connection_configuration {
     name = "first"
     vpn_client_address_pool {
       address_prefixes = ["172.100.0.0/14", "10.100.0.0/14"]
     }
+
+    route_config {
+      associated_route_table_id = azurerm_virtual_hub_route_table.test.id
+
+      propagated_route_table {
+        ids    = [azurerm_virtual_hub_route_table.test.id]
+        labels = ["label1", "label2"]
+      }
+    }
   }
 }
-`, template, data.RandomInteger)
+`, template, data.RandomInteger, data.RandomInteger)
 }
 
 func testAccAzureRMAzureRMPointToSiteVPNGateway_requiresImport(data acceptance.TestData) string {

diff --git a/website/docs/r/point_to_site_vpn_gateway.html.markdown b/website/docs/r/point_to_site_vpn_gateway.html.markdown
@@ -42,6 +42,8 @@ The following arguments are supported:
 
 * `vpn_server_configuration_id` - (Required) The ID of the VPN Server Configuration which this Point-to-Site VPN Gateway should use. Changing this forces a new resource to be created.
 
+* `custom_dns_servers` - (Optional) A list of IP Addresses of DNS Servers for the Point-to-Site VPN Gateway.
+
 * `tags` - (Optional) A mapping of tags to assign to the Point-to-Site VPN Gateway.
 
 ---
@@ -52,18 +54,50 @@ A `connection_configuration` block supports the following:
 
 * `vpn_client_address_pool` - (Required) A `vpn_client_address_pool` block as defined below.
 
+* `route_config` - (Optional) A `route_config` block as defined below.
+
 ---
 
 A `vpn_client_address_pool` block supports the following:
 
 * `address_prefixes` - (Required) A list of CIDR Ranges which should be used as Address Prefixes.
 
+---
+
+A `route_config` block supports the following:
+
+* `associated_route_table_id` - (Required) The Virtual Hub Route Table resource id associated with this Routing Configuration.
+
+* `propagated_route_table` - (Optional) A `propagated_route_table` block as defined below.
+
+---
+
+A `propagated_route_table` block supports the following:
+
+* `ids` - (Required) The list of Virtual Hub Route Table resource id which the routes will be propagated to.
+
+* `labels` - (Optional) The list of labels to logically group VWan Route Tables.
+
 ## Attributes Reference
 
 The following attributes are exported:
 
 * `id` - The ID of the Point-to-Site VPN Gateway.
 
+* `connection_health` - A `connection_health` block as defined below.
+
+---
+
+A `connection_health` block exports the following:
+
+* `allocated_ip_addresses` - A List of allocated ip addresses to the connected Point-to-Site vpn clients.
+
+* `total_ingress_bytes_transferred` - The total of the Ingress Bytes Transferred in this Point-to-Site Vpn connection.
+
+* `total_egress_bytes_transferred` - The total of the Egress Bytes Transferred in this connection.
+
+* `vpn_client_connections_count` - The total of p2s vpn clients connected at this time to this Point-to-Site Vpn Gateway.
+
 ## Timeouts
 
 The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions: