2

I'm trying to create an application gateway (Standard V2) with both public IP and private IP configuration, but upon creation only public IP is being created and private IP configuration is nowhere to be found. I don't see any mistake in my terraform code at all. I'm not sure where I'm missing things.Below is my terraform code. 

provider "azurerm" {
  version = "=1.44"
}
provider "null" {
  version = "=2.1"
}

resource "azurerm_public_ip" "appgwip" {
  name                = "appgwtestpip"
  location            = "Southeast Asia"
  resource_group_name = "myrgname"
  allocation_method   = "Static"
  sku  = "Standard"
}

resource "azurerm_application_gateway" "appgw" {
    depends_on  = [azurerm_public_ip.appgwip]
    name = "testappgw-sea"
    resource_group_name = "myrgname"
    location  = "Southeast Asia"
    sku {
        name = "Standard_v2"
        tier = "Standard_v2"
        capacity = 2
    }
    gateway_ip_configuration {
        name = "APPGW-IPCONFIG-test"
        subnet_id = "mysubnetid"
    }
    frontend_port {
        name = "Httpport"
        port = 80
    }
    frontend_ip_configuration {
        name = "AppgwPIPConfig"
        public_ip_address_id = azurerm_public_ip.appgwip.id
        private_ip_address   = "An IP address within the subnet range"
        private_ip_address_allocation  = "Static"
    }
    backend_address_pool {
        name = "test-bp"
 {
         name = "test-listener-80"
         frontend_ip_configuration_name = "AppgwPIPConfig"
         frontend_port_name = "Httpport"
         protocol = "Http"
     }
     request_routing_rule {
         name = "test-rule01"
         rule_type = "Basic"
         http_listener_name = "test-listener-80"
         backend_address_pool_name = "test-bp"
         backend_http_settings_name = "test-http"
     }

}
Improve this question
1
  • @NancyXiong Haven't tried out yet. Will Accept if it works. Commented Jun 8, 2020 at 7:44

1 Answer 1

Reset to default
6

You should define two frontend_ip_configuration blocks, one is used for public IP configuration, another is used for private IP configuration.

Here is a working example for your reference.

 # since these variables are re-used - a locals block makes this more maintainable
locals {
  backend_address_pool_name      = "${azurerm_virtual_network.test.name}-beap"
  frontend_port_name             = "${azurerm_virtual_network.test.name}-feport"
  frontend_ip_configuration_name = "${azurerm_virtual_network.test.name}-feip"
  http_setting_name              = "${azurerm_virtual_network.test.name}-be-htst"
  listener_name                  = "${azurerm_virtual_network.test.name}-httplstn"
  request_routing_rule_name      = "${azurerm_virtual_network.test.name}-rqrt"
  redirect_configuration_name    = "${azurerm_virtual_network.test.name}-rdrcfg"
}




resource "azurerm_application_gateway" "network" {
  name                = "example-appgateway"
  resource_group_name = "${azurerm_resource_group.test.name}"
  location            = "${azurerm_resource_group.test.location}"

  sku {
    name     = "WAF_v2"
    tier     = "WAF_v2"
    capacity = 2
  }

  gateway_ip_configuration {
    name      = "my-gateway-ip-configuration"
    subnet_id = "${azurerm_subnet.frontend.id}"
  }


  frontend_port {
    name = "${local.frontend_port_name}"
    port = 80
  }

  frontend_ip_configuration {
    name                 = "${local.frontend_ip_configuration_name}"
    public_ip_address_id = "${azurerm_public_ip.test.id}"
  }


 frontend_ip_configuration {
    name                 = "${local.frontend_ip_configuration_name}-private"
    subnet_id = "${azurerm_subnet.frontend.id}"
    private_ip_address_allocation = "Static"
    private_ip_address = "10.254.0.10"
  }



  backend_address_pool {
    name = "${local.backend_address_pool_name}"
  }

  backend_http_settings {
    name                  = "${local.http_setting_name}"
    cookie_based_affinity = "Disabled"
    path                  = "/path1/"
    port                  = 80
    protocol              = "Http"
    request_timeout       = 1
  }

  http_listener {
    name                           = "${local.listener_name}"
    frontend_ip_configuration_name = "${local.frontend_ip_configuration_name}"
    frontend_port_name             = "${local.frontend_port_name}"
    protocol                       = "Http"
  }

  request_routing_rule {
    name                       = "${local.request_routing_rule_name}"
    rule_type                  = "Basic"
    http_listener_name         = "${local.listener_name}"
    backend_address_pool_name  = "${local.backend_address_pool_name}"
    backend_http_settings_name = "${local.http_setting_name}"
  }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

This worked, Accepted the answer. However I don't see this two front-end IP config things explained anywhere in the doc terraform.io/docs/providers/azurerm/r/…. Also I can see they have mentioned "subnet_id" as required field. but as you can see in the my question I did not mention subnet_id at all and still I was able to create appgw successfully. Guess there is a lot of groom for improvement in their docs.
Yeah, document need to clarify it.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.