Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New Resource: Add DDos Protection Plan for Virtual Network. #2654

Merged
merged 12 commits into from
Jan 14, 2019
Merged

Conversation

metacpp
Copy link
Contributor

@metacpp metacpp commented Jan 12, 2019

This PR introduces:

  1. New resource (requested in [Feature Request]DDOS Protection Plan #2584, azurerm_ddos_protection_plan, which is only allowed per region.
  2. New field, ddos_protection_plan, in azurerm_virtual_network.

Copy link
Collaborator

@katbyte katbyte left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@metacpp,

Does you description indicate there can be only one? if that is the case your tests will need to be refactored into a single test case, and a note on the docs might be helpful as well.

@metacpp
Copy link
Contributor Author

metacpp commented Jan 12, 2019

Does you description indicate there can be only one?
@katbyte Yes, and I grouped all the tests into group test.

Copy link
Collaborator

@katbyte katbyte left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @metacpp, thanks for the udpates,

I've left a few comments inline.

azurerm/resource_arm_virtual_network.go Outdated Show resolved Hide resolved
azurerm/resource_arm_virtual_network.go Outdated Show resolved Hide resolved
azurerm/resource_arm_virtual_network.go Outdated Show resolved Hide resolved
Copy link
Collaborator

@katbyte katbyte left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @metacpp, LGTM now 🚀

@katbyte katbyte merged commit 90dbea9 into master Jan 14, 2019
@katbyte katbyte deleted the ddos_plan branch January 14, 2019 20:51
katbyte added a commit that referenced this pull request Jan 14, 2019
@hbuckle
Copy link
Contributor

hbuckle commented Jan 15, 2019

@katbyte, @metacpp I was developing something else against a build of master and I think I found a small bug in this - Azure seems to default ddos protection to false even when not specified, so you always get a diff

resource "azurerm_resource_group" "resource_group" {
  name     = "hbtest_vnet"
  location = "uksouth"
}

resource "azurerm_virtual_network" "virtual_network" {
  name                = "hbtest_vnet"
  address_space       = ["10.0.0.0/16"]
  location            = "${azurerm_resource_group.resource_group.location}"
  resource_group_name = "${azurerm_resource_group.resource_group.name}"
}
terraform apply -auto-approve

azurerm_resource_group.resource_group: Creating...
  location: "" => "uksouth"
  name:     "" => "hbtest_vnet"
  tags.%:   "" => "<computed>"
azurerm_resource_group.resource_group: Creation complete after 1s (ID: /subscriptions/020ef497-e33d-4705-859b-08663256a4bc/resourceGroups/hbtest_vnet)
azurerm_virtual_network.virtual_network: Creating...
  address_space.#:     "" => "1"
  address_space.0:     "" => "10.0.0.0/16"
  location:            "" => "uksouth"
  name:                "" => "hbtest_vnet"
  resource_group_name: "" => "hbtest_vnet"
  subnet.#:            "" => "<computed>"
  tags.%:              "" => "<computed>"
azurerm_virtual_network.virtual_network: Still creating... (10s elapsed)
azurerm_virtual_network.virtual_network: Creation complete after 11s (ID: /subscriptions/020ef497-e33d-4705-859b-...ft.Network/virtualNetworks/hbtest_vnet)

Apply complete! Resources: 2 added, 0 changed, 0 destroyed.

terraform plan

Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

azurerm_resource_group.resource_group: Refreshing state... (ID: /subscriptions/020ef497-e33d-4705-859b-08663256a4bc/resourceGroups/hbtest_vnet)
azurerm_virtual_network.virtual_network: Refreshing state... (ID: /subscriptions/020ef497-e33d-4705-859b-...ft.Network/virtualNetworks/hbtest_vnet)

------------------------------------------------------------------------

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  ~ azurerm_virtual_network.virtual_network
      ddos_protection_plan.#: "1" => "0"


Plan: 0 to add, 1 to change, 0 to destroy.

Json returned from the API

{
  "name": "hbtest_vnet",
  "id": "/subscriptions/xxx/resourceGroups/hbtest_vnet/providers/Microsoft.Network/virtualNetworks/hbtest_vnet",
  "etag": "W/\"0611dcfd-bfc6-43cd-a2af-434ab17f827e\"",
  "type": "Microsoft.Network/virtualNetworks",
  "location": "uksouth",
  "tags": {},
  "properties": {
    "provisioningState": "Succeeded",
    "resourceGuid": "98c5a26b-ab3d-49f9-8564-e15b424f3d37",
    "addressSpace": {
      "addressPrefixes": [
        "10.0.0.0/16"
      ]
    },
    "dhcpOptions": {
      "dnsServers": []
    },
    "virtualNetworkPeerings": [],
    "enableDdosProtection": false,
    "enableVmProtection": false
  }
}

@metacpp
Copy link
Contributor Author

metacpp commented Jan 15, 2019

@hbuckle thanks for reporting this issue, I can reproduce it and I've prepared a quick fix for it.

@ghost
Copy link

ghost commented Mar 5, 2019

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks!

@ghost ghost locked and limited conversation to collaborators Mar 5, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants