You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment
Terraform Version
1.3.5
AzureRM Provider Version
3.32.0
Affected Resource(s)/Data Source(s)
azurerm_private_endpoint
Terraform Configuration Files
# -----------------------------------------------------------------# Terraform config and variablesterraform {
required_version=">= 1.3.5"required_providers {
azurerm={
source ="hashicorp/azurerm"
version ="3.32.0"
}
}
backend"local" {
}
}
provider"azurerm" {
skip_provider_registration=truefeatures {
}
}
variable"rg" {
type=stringdescription="resource group of the IoTHub and private endpoint"
}
variable"iothub" {
type=stringdescription="the IoTHub name"
}
variable"netrg" {
type=stringdescription="resource group of the VNet and private DNS zone"
}
variable"net" {
type=stringdescription="name of the VNet"
}
variable"subnet" {
type=stringdescription="name of the Subnet"
}
# -----------------------------------------------------------------# References to the existing resourcesdata"azurerm_resource_group""rg" {
name=var.rg
}
data"azurerm_subnet""net" {
name=var.subnetvirtual_network_name=var.netresource_group_name=var.netrg
}
data"azurerm_private_dns_zone""devices" {
name="privatelink.azure-devices.net"resource_group_name=var.netrg
}
data"azurerm_private_dns_zone""servicebus" {
name="privatelink.servicebus.windows.net"resource_group_name=var.netrg
}
# -----------------------------------------------------------------# The IoTHub can't be just any, but must have high enough tier# to have own servicebus endpoint, so…resource"azurerm_iothub""iothub" {
name=var.iothubresource_group_name=data.azurerm_resource_group.rg.namelocation=data.azurerm_resource_group.rg.locationsku {
name="S1"capacity=1
}
}
# -----------------------------------------------------------------# This is a minimal private endpoint configuration that can be# created. However if the private endpoint is created manually,# it will have two `ip_configuration`s and that cannot be imported.resource"azurerm_private_endpoint""pe" {
name="${var.iothub}-pe"resource_group_name=data.azurerm_resource_group.rg.namelocation=data.azurerm_resource_group.rg.locationsubnet_id=data.azurerm_subnet.net.idcustom_network_interface_name="${var.iothub}-pe-nic"/* Without these two blocks, two IP addresses get allocated and assigned the two DNS names: - ${var.iothub}.azure-devices.net - ${var.iothub}<somerandomsuffix>.servicebus.windows.net But if I wanted to specify static addresses, I can't, because two blocks are not accepted here. ip_configuration { name = "iothub" private_ip_address = "10.0.7.231" } ip_configuration { name = "eventhub" private_ip_address = "10.0.7.232" }*/private_dns_zone_group {
name=var.netrgprivate_dns_zone_ids=[
data.azurerm_private_dns_zone.devices.id,
data.azurerm_private_dns_zone.servicebus.id,
]
}
private_service_connection {
name="iothub"private_connection_resource_id=azurerm_iothub.iothub.idis_manual_connection=falsesubresource_names=[ "iotHub" ]
}
}
Debug Output/Panic Output
╷
│ Error: Too many ip_configuration blocks
│
│ on iothub-pe-test.tf line 100, in resource "azurerm_private_endpoint""pe":
│ 100: ip_configuration {
│
│ No more than 1 "ip_configuration" blocks are allowed
╵
Expected Behaviour
I first had the private endpoint created manually, and tried to import it to the terraform definitions. The plan included this part:
so I added those two ip_configuration blocks and expected terraform plan to say that no changes need to be done.
Actual Behaviour
╷
│ Error: Too many ip_configuration blocks
│
│ on iothub-pe-test.tf line 100, in resource "azurerm_private_endpoint" "pe":
│ 100: ip_configuration {
│
│ No more than 1 "ip_configuration" blocks are allowed
╵
Note that azurerm_network_interface does allow multiple ip_configuration blocks, but in this case the network interface is subordinate to the private endpoint, which does not.
Steps to Reproduce
Create an IoTHub, which must be at least S1 tier (the lower tiers don't have the servicebus endpoint), and either
create private endpoint for it manually, then try to coopt into terraform, or
try to create a private endpoint with explicitly assigned IP addresses
Hi @jan-hudec thanks for opening the issue! PR #19389 is adding the support for multiple ip_configuration block, would you mind subscribing to it for update?
Is there an existing issue for this?
Community Note
Terraform Version
1.3.5
AzureRM Provider Version
3.32.0
Affected Resource(s)/Data Source(s)
azurerm_private_endpoint
Terraform Configuration Files
Debug Output/Panic Output
Expected Behaviour
I first had the private endpoint created manually, and tried to import it to the terraform definitions. The plan included this part:
so I added those two
ip_configuration
blocks and expectedterraform plan
to say that no changes need to be done.Actual Behaviour
╷
│ Error: Too many ip_configuration blocks
│
│ on iothub-pe-test.tf line 100, in resource "azurerm_private_endpoint" "pe":
│ 100: ip_configuration {
│
│ No more than 1 "ip_configuration" blocks are allowed
╵
Note that
azurerm_network_interface
does allow multipleip_configuration
blocks, but in this case the network interface is subordinate to the private endpoint, which does not.Steps to Reproduce
Create an IoTHub, which must be at least S1 tier (the lower tiers don't have the servicebus endpoint), and either
Important Factoids
No response
References
https://learn.microsoft.com/en-us/azure/templates/microsoft.network/privateendpoints says ipConfigurations is an array, and talks about it in plural, but https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint says (and the error confirms) only one
ip_configuration
block is allowed.The text was updated successfully, but these errors were encountered: