Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use private_endpoint_network_policies_enabled instead of enforce_private_link_endpoint_network_policies in the example code #246

Open
1 task done
lonegunmanb opened this issue Sep 13, 2022 · 3 comments
Open
1 task done

Use private_endpoint_network_policies_enabled instead of enforce_private_link_endpoint_network_policies in the example code #246

lonegunmanb opened this issue Sep 13, 2022 · 3 comments

Comments

@lonegunmanb
Copy link
Member

Is there an existing issue for this?

  • I have searched the existing issues

Description

Now the azurerm_subnet resource in the example folder used enforce_private_link_endpoint_network_policies:

resource "azurerm_subnet" "test" {
  address_prefixes                               = ["10.52.0.0/24"]
  name                                           = "${random_id.prefix.hex}-sn"
  resource_group_name                            = local.resource_group.name
  virtual_network_name                           = azurerm_virtual_network.test.name
  enforce_private_link_endpoint_network_policies = true
}

The enforce_private_link_endpoint_network_policies has been deprecated and will be removed in azurerm 4.0, we should use private_endpoint_network_policies_enabled instead.

New or Affected Resource(s)/Data Source(s)

azurerm_subnet

Potential Terraform Configuration

resource "azurerm_subnet" "test" {
  address_prefixes                          = ["10.52.0.0/24"]
  name                                      = "${random_id.prefix.hex}-sn"
  resource_group_name                       = local.resource_group.name
  virtual_network_name                      = azurerm_virtual_network.test.name
  private_endpoint_network_policies_enabled = true
}

References

https://github.com/hashicorp/terraform-provider-azurerm/blob/main/internal/services/network/subnet_resource.go#L207
@lonegunmanb lonegunmanb mentioned this issue Sep 13, 2022
Closed
@ravick4u
Copy link

I am also getting the exact same error. Any update on this?

@lonegunmanb
Copy link
Member Author

lonegunmanb commented Nov 14, 2023
edited
Loading

Hi @ravick4u I've tried a fix but I found that we cannot use private_endpoint_network_policies_enabled directly now as this response pointed out.

But I think maybe we can add this attribute to ignore_changes list as this is only an example.

@BenjaminNolan
Copy link

BenjaminNolan commented Aug 23, 2024
edited
Loading

Anyone coming here after googling this error:

Error: Unsupported argument
│ 
│   on ./path/to/virtual_network/subnets.tf line 8, in resource "azurerm_subnet" "additional_subnets":
│    8:   private_endpoint_network_policies_enabled = each.value.enable_pe_policy

Hashicorp released AzureRM v4.0.0 11 hours ago, which apparently breaks the suggested fix as well.

Seems the fix is to use this instead:

private_link_service_network_policies_enabled = each.value.enable_pe_policy
private_endpoint_network_policies             = "Enabled"

There's more info on other breaking changes in the 4.0.0 upgrade guide.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@BenjaminNolan @lonegunmanb @ravick4u