hashicorp · katbyte · Feb 23, 2023 · Feb 23, 2023 · Feb 23, 2023
@@ -68,13 +68,31 @@ func resourceExpressRouteConnection() *pluginsdk.Resource {
 				Optional: true,
 			},
 
+			"enabled_express_route_gateway_bypass": {
+				Type:     pluginsdk.TypeBool,
+				Optional: true,
+				Default:  false,
+			},
+
 			"routing": {
 				Type:     pluginsdk.TypeList,
 				Optional: true,
 				Computed: true,
 				MaxItems: 1,
 				Elem: &pluginsdk.Resource{
 					Schema: map[string]*pluginsdk.Schema{
+						"inbound_route_map_id": {
+							Type:         pluginsdk.TypeString,
+							Optional:     true,
+							ValidateFunc: validate.RouteMapID,
+						},
+
+						"outbound_route_map_id": {
+							Type:         pluginsdk.TypeString,
+							Optional:     true,
+							ValidateFunc: validate.RouteMapID,
+						},
+
 						"associated_route_table_id": {
 							Type:         pluginsdk.TypeString,
 							Optional:     true,
@@ -158,9 +176,10 @@ func resourceExpressRouteConnectionCreate(d *pluginsdk.ResourceData, meta interf
 			ExpressRouteCircuitPeering: &network.ExpressRouteCircuitPeeringID{
 				ID: utils.String(d.Get("express_route_circuit_peering_id").(string)),
 			},
-			EnableInternetSecurity: utils.Bool(d.Get("enable_internet_security").(bool)),
-			RoutingConfiguration:   expandExpressRouteConnectionRouting(d.Get("routing").([]interface{})),
-			RoutingWeight:          utils.Int32(int32(d.Get("routing_weight").(int))),
+			EnableInternetSecurity:    utils.Bool(d.Get("enable_internet_security").(bool)),
+			RoutingConfiguration:      expandExpressRouteConnectionRouting(d.Get("routing").([]interface{})),
+			RoutingWeight:             utils.Int32(int32(d.Get("routing_weight").(int))),
+			ExpressRouteGatewayBypass: utils.Bool(d.Get("enabled_express_route_gateway_bypass").(bool)),
 		},
 	}
 
@@ -209,6 +228,10 @@ func resourceExpressRouteConnectionRead(d *pluginsdk.ResourceData, meta interfac
 		d.Set("authorization_key", props.AuthorizationKey)
 		d.Set("enable_internet_security", props.EnableInternetSecurity)
 
+		if props.ExpressRouteGatewayBypass != nil {
+			d.Set("enabled_express_route_gateway_bypass", props.ExpressRouteGatewayBypass)
+		}
+
 		circuitPeeringID := ""
 		if v := props.ExpressRouteCircuitPeering; v != nil {
 			circuitPeeringID = *v.ID
@@ -247,9 +270,10 @@ func resourceExpressRouteConnectionUpdate(d *pluginsdk.ResourceData, meta interf
 			ExpressRouteCircuitPeering: &network.ExpressRouteCircuitPeeringID{
 				ID: utils.String(d.Get("express_route_circuit_peering_id").(string)),
 			},
-			EnableInternetSecurity: utils.Bool(d.Get("enable_internet_security").(bool)),
-			RoutingConfiguration:   expandExpressRouteConnectionRouting(d.Get("routing").([]interface{})),
-			RoutingWeight:          utils.Int32(int32(d.Get("routing_weight").(int))),
+			EnableInternetSecurity:    utils.Bool(d.Get("enable_internet_security").(bool)),
+			RoutingConfiguration:      expandExpressRouteConnectionRouting(d.Get("routing").([]interface{})),
+			RoutingWeight:             utils.Int32(int32(d.Get("routing_weight").(int))),
+			ExpressRouteGatewayBypass: utils.Bool(d.Get("enabled_express_route_gateway_bypass").(bool)),
 		},
 	}
 
@@ -305,6 +329,18 @@ func expandExpressRouteConnectionRouting(input []interface{}) *network.RoutingCo
 		}
 	}
 
+	if inboundRouteMapId := v["inbound_route_map_id"].(string); inboundRouteMapId != "" {
+		result.InboundRouteMap = &network.SubResource{
+			ID: utils.String(inboundRouteMapId),
+		}
+	}
+
+	if outboundRouteMapId := v["outbound_route_map_id"].(string); outboundRouteMapId != "" {
+		result.OutboundRouteMap = &network.SubResource{
+			ID: utils.String(outboundRouteMapId),
+		}
+	}
+
 	if propagatedRouteTable := v["propagated_route_table"].([]interface{}); len(propagatedRouteTable) != 0 {
 		result.PropagatedRouteTables = expandExpressRouteConnectionPropagatedRouteTable(propagatedRouteTable)
 	}
@@ -346,12 +382,20 @@ func flattenExpressRouteConnectionRouting(input *network.RoutingConfiguration) (
 		return nil, err
 	}
 
-	return []interface{}{
-		map[string]interface{}{
-			"associated_route_table_id": routeTableId.ID(),
-			"propagated_route_table":    flattenExpressRouteConnectionPropagatedRouteTable(input.PropagatedRouteTables),
-		},
-	}, nil
+	result := map[string]interface{}{
+		"associated_route_table_id": routeTableId.ID(),
+		"propagated_route_table":    flattenExpressRouteConnectionPropagatedRouteTable(input.PropagatedRouteTables),
+	}
+
+	if input.InboundRouteMap != nil && input.InboundRouteMap.ID != nil {
+		result["inbound_route_map_id"] = input.InboundRouteMap.ID
+	}
+
+	if input.OutboundRouteMap != nil && input.OutboundRouteMap.ID != nil {
+		result["outbound_route_map_id"] = input.OutboundRouteMap.ID
+	}
+
+	return []interface{}{result}, nil
 }
 
 func flattenExpressRouteConnectionPropagatedRouteTable(input *network.PropagatedRouteTable) []interface{} {

@@ -86,14 +86,7 @@ func testAccExpressRouteConnection_update(t *testing.T) {
 		},
 		data.ImportStep(),
 		{
-			Config: r.complete(data),
-			Check: acceptance.ComposeTestCheckFunc(
-				check.That(data.ResourceName).ExistsInAzure(r),
-			),
-		},
-		data.ImportStep(),
-		{
-			Config: r.basic(data),
+			Config: r.update(data),
 			Check: acceptance.ComposeTestCheckFunc(
 				check.That(data.ResourceName).ExistsInAzure(r),
 			),
@@ -170,6 +163,81 @@ resource "azurerm_express_route_connection" "test" {
 `, r.template(data), data.RandomInteger)
 }
 
+func (r ExpressRouteConnectionResource) update(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+%s
+
+resource "azurerm_route_map" "routemap1" {
+  name           = "routemapfirst"
+  virtual_hub_id = azurerm_virtual_hub.test.id
+
+  rule {
+    name                 = "rule1"
+    next_step_if_matched = "Continue"
+
+    action {
+      type = "Add"
+
+      parameter {
+        as_path = ["22334"]
+      }
+    }
+
+    match_criterion {
+      match_condition = "Contains"
+      route_prefix    = ["10.0.0.0/8"]
+    }
+  }
+}
+
+resource "azurerm_route_map" "routemap2" {
+  name           = "routemapsecond"
+  virtual_hub_id = azurerm_virtual_hub.test.id
+
+  rule {
+    name                 = "rule1"
+    next_step_if_matched = "Continue"
+
+    action {
+      type = "Add"
+
+      parameter {
+        as_path = ["22334"]
+      }
+    }
+
+    match_criterion {
+      match_condition = "Contains"
+      route_prefix    = ["10.0.0.0/8"]
+    }
+  }
+}
+
+resource "azurerm_express_route_connection" "test" {
+  name                                 = "acctest-ExpressRouteConnection-%d"
+  express_route_gateway_id             = azurerm_express_route_gateway.test.id
+  express_route_circuit_peering_id     = azurerm_express_route_circuit_peering.test.id
+  routing_weight                       = 2
+  authorization_key                    = "90f8db47-e25b-4b65-a68b-7743ced2a16b"
+  enable_internet_security             = true
+  enabled_express_route_gateway_bypass = true
+
+  routing {
+    associated_route_table_id = azurerm_virtual_hub.test.default_route_table_id
+
+    propagated_route_table {
+      labels          = ["label1"]
+      route_table_ids = [azurerm_virtual_hub.test.default_route_table_id]
+    }
+
+    inbound_route_map_id  = azurerm_route_map.routemap1.id
+    outbound_route_map_id = azurerm_route_map.routemap2.id
+  }
+  depends_on = [azurerm_route_map.routemap1, azurerm_route_map.routemap2]
+}
+`, r.template(data), data.RandomInteger)
+}
+
 func (r ExpressRouteConnectionResource) template(data acceptance.TestData) string {
 	return fmt.Sprintf(`
 provider "azurerm" {

@@ -95,6 +95,8 @@ The following arguments are supported:
 * `authorization_key` - (Optional) The authorization key to establish the Express Route Connection.
 
 * `enable_internet_security` - (Optional) Is Internet security enabled for this Express Route Connection?
+
+* `enabled_express_route_gateway_bypass` - (Optional) Indicates whether FastPath enabled for Virtual Wan Firewall Hub. Defaults to `false`.
 
 * `routing` - (Optional) A `routing` block as defined below.
 
@@ -106,6 +108,10 @@ A `routing` block supports the following:
 
 * `associated_route_table_id` - (Optional) The ID of the Virtual Hub Route Table associated with this Express Route Connection.
 
+* `inbound_route_map_id` - (Optional) The ID of the RouteMap associated with this Express Route Connection for inbound learned routes.
+
+* `outbound_route_map_id` - (Optional) The ID of the RouteMap associated with this Express Route Connection for outbound advertised routes.
+
 * `propagated_route_table` - (Optional) A `propagated_route_table` block as defined below.
 
 ---