Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Subnets still created when configuration scope set to enabled = false #450

Closed
ATuckwell opened this issue Aug 30, 2022 · 3 comments · Fixed by #454
Closed

Subnets still created when configuration scope set to enabled = false #450

ATuckwell opened this issue Aug 30, 2022 · 3 comments · Fixed by #454
Assignees
@krowlandson
Labels
bug Something isn't working

Comments

@ATuckwell
Copy link
Contributor

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Versions

terraform: 1.1.2

azure provider: 3.0.2

module: 2.3.1

Description

Describe the bug

During a recent customer deployment there was some confusion created when the VNG and AF config was set to enabled = false, but the module still attempted to deploy these subnets, i.e. The CIDR ranges that were left within the VNG and AF address prefix still showed up within a terraform plan. Only when the address prefix was removed did the module stop trying to create these subnets.

Steps to Reproduce

Within the advanced configuration of a Virtual network using the settings.connectivity.tf (as per guide here), the hub network is configured with the required address space.

Example hub network config
image

If virtual network gateway or azure firewall config is set to enabled = false, but has address prefix configured, the module will try to create this subnet within the hub virtual network.

image

If the address prefix is a valid address range within the virtual network address space the subnet will be created, even though enabled = false. This has been confirmed for both the VNG and AF subnets.

image

image

If the Address prefix is NOT a valid address range within the virtual network address space, then it will show on the terraform plan, but will error upon terraform apply (as expected as this is not a valid prefix).

image
image

Screenshots

Screenshots added above.

Additional context

  • This may not be a bug, and is potentially expected behaviour, but this issue caused issues during a customer deployment using the advanced deployment guidance.
  • This has only been tested within the first hub network, but assumption is that the second hub network will use the same logic.
@ghost ghost added the Needs: Triage 🔍 Needs triaging by the team label Aug 30, 2022
@krowlandson krowlandson changed the title Bug Report Subnets still created when configuration scope set to enabled = false Aug 30, 2022
@krowlandson krowlandson self-assigned this Aug 30, 2022
@ghost ghost removed the Needs: Triage 🔍 Needs triaging by the team label Aug 30, 2022
@krowlandson
Copy link
Contributor

Thank you for logging this @ATuckwell... as discussed online, this should be a relatively simple fix and the outcome you describe was the original intent of the logic.

I also don't feel this should have a negative impact on existing customers once implemented so we should be able to add this under a minor release.

Will speak to the team to get this appropriately prioritised on our backlog.

@krowlandson krowlandson added the bug Something isn't working label Aug 30, 2022
@ATuckwell
Copy link
Contributor Author

@JamJarchitect , FYI as per proposal of updating logic within module.

ATuckwell added a commit to ATuckwell/terraform-azurerm-caf-enterprise-scale that referenced this issue Sep 6, 2022
@ATuckwell
Updates to resolve issue Azure#450
bedeccc
@ATuckwell ATuckwell mentioned this issue Sep 6, 2022
Merged
6 tasks
@krowlandson krowlandson linked a pull request Sep 6, 2022 that will close this issue
Updates to resolve issue #450 #454
Merged
6 tasks
krowlandson pushed a commit that referenced this issue Sep 6, 2022
@ATuckwell @actions-user
Updates subnet creation logic (#454)
423c074 
* Updates to resolve issue #450

* Add updates to baseline_values.json

Co-authored-by: github-actions <action@github.com>
@ghost ghost locked as resolved and limited conversation to collaborators Oct 6, 2022
@krowlandson
Copy link
Contributor

Trigger ADO Sync

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@krowlandson krowlandson

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Updates to resolve issue #450 ATuckwell/terraform-azurerm-caf-enterprise-scale
2 participants
@krowlandson @ATuckwell