Objective: Trying to create Azure vpn gateway with AAD authencation type with Terraform
Code I am using:
Azure Rm version: 2.99
Main.tf
resource "azurerm_virtual_network_gateway" "vpn-gw" {
name = "vng-${var.env}-we"
location = azurerm_resource_group.rg[0].location
resource_group_name = azurerm_resource_group.rg[0].name
type = "Vpn"
vpn_type = "RouteBased"
active_active = true
enable_bgp = false
sku = "VpnGw1AZ"
ip_configuration {
name = "vnetGatewayConfig"
public_ip_address_id = azurerm_public_ip.vpn-gateway-ip.id
private_ip_address_allocation = "Dynamic"
subnet_id = azurerm_subnet.gw_snet[0].id
}
ip_configuration {
name = "vnetGatewayConfig1"
public_ip_address_id = azurerm_public_ip.vpn-gateway-ip-secondary.id
private_ip_address_allocation = "Dynamic"
subnet_id = azurerm_subnet.gw_snet[0].id
}
ip_configuration {
name = "vnetGatewayConfig2"
public_ip_address_id = azurerm_public_ip.vpn-gateway-ip-vpn.id
private_ip_address_allocation = "Dynamic"
subnet_id = azurerm_subnet.gw_snet[0].id
}
vpn_client_configuration {
address_space = ["xx.xxx.xx/24"]
vpn_authentication_types = ["AAD"]
tenant_uri = "https://login.microsoftonline.com/xxxxxxxxxxxxxxxxxxxxxxxxx"
audience_id = "41b23e61-6c1e-4545-b367-cd054e0ed4b4"
aad_issuer_uri = "https://sts.windows.net/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}
}
I am getting error:
Error: Unsupported argument
│
│ on main.tf line 834, in resource "azurerm_virtual_network_gateway" "vpn-gw":
│ 834: vpn_authentication_types = ["AAD"]
│
│ An argument named "vpn_authentication_types" is not expected here.
╵
╷
│ Error: Unsupported argument
│
│ on main.tf line 835, in resource "azurerm_virtual_network_gateway" "vpn-gw":
│ 835: tenant_uri = "https://login.microsoftonline.com/************************************"
│
│ An argument named "tenant_uri" is not expected here.
╵
╷
│ Error: Unsupported argument
│
│ on main.tf line 836, in resource "azurerm_virtual_network_gateway" "vpn-gw":
│ 836: audience_id = "41b23e61-6c1e-4545-b367-cd054e0ed4b4"
│
│ An argument named "audience_id" is not expected here.
Reference Documentation:
https://github.com/hashicorp/terraform-provider-azurerm/issues/5079
Please help how to fix this issue
You are using azurerm version: 2.99 so you should use related Terraform azurerm documentation
Your errors could be resolved if you use:
vpn_auth_types instead of vpn_authentication_types
aad_tenant instead of tenant_uri
aad_audience instead of audience_id
aad_issuer instaed of aad_issuer_uri
resource "azurerm_virtual_network_gateway" "vpn-gw" {
name = "vng-${var.env}-we"
location = azurerm_resource_group.rg[0].location
resource_group_name = azurerm_resource_group.rg[0].name
type = "Vpn"
vpn_type = "RouteBased"
active_active = true
enable_bgp = false
sku = "VpnGw1AZ"
ip_configuration {
name = "vnetGatewayConfig"
public_ip_address_id = azurerm_public_ip.vpn-gateway-ip.id
private_ip_address_allocation = "Dynamic"
subnet_id = azurerm_subnet.gw_snet[0].id
}
ip_configuration {
name = "vnetGatewayConfig1"
public_ip_address_id = azurerm_public_ip.vpn-gateway-ip-secondary.id
private_ip_address_allocation = "Dynamic"
subnet_id = azurerm_subnet.gw_snet[0].id
}
ip_configuration {
name = "vnetGatewayConfig2"
public_ip_address_id = azurerm_public_ip.vpn-gateway-ip-vpn.id
private_ip_address_allocation = "Dynamic"
subnet_id = azurerm_subnet.gw_snet[0].id
}
vpn_client_configuration {
address_space = ["xx.xxx.xx/24"]
vpn_auth_types = ["AAD"]
aad_tenant = "https://login.microsoftonline.com/xxxxxxxxxxxxxxxxxxxxxxxxx"
aad_audience = "41b23e61-6c1e-4545-b367-cd054e0ed4b4"
aad_issuer = "https://sts.windows.net/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}
}