Search code examples
azureredisterraform

How to create a private endpoint for azure redis cache using terraform?

I have created the private endpoint using terraform in azure redis cache.

Here's the relevant part of my Terraform code:

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = ">=3.0.0"
    }
  }
}

provider "azurerm" {
  features {}
}


locals {
  redis_name = "my-private-endpoint"
  resource_group     = "my-resource-group"
  location = "eastus"
}


resource "azurerm_private_endpoint" "example" {
  name                = local.redis_name
  location            = local.location
  resource_group_name = local.resource_group
  subnet_id           = data.azurerm_subnet.example.id

  private_service_connection {
    name                           = "akhil-redis-cache-testing-connection-private"
    private_connection_resource_id = data.azurerm_redis_cache.example.id
    subresource_names              = ["redisCache"]
    is_manual_connection           = false

  }
  private_dns_zone_group {
    name                 = "default"
    private_dns_zone_ids = [azurerm_private_dns_zone.example.id]
  }

}

resource "azurerm_private_dns_zone" "example" {
  name                = "privatelinktest.redis.cache.windows.net"
  resource_group_name = "akhil-rg-a"
}

data "azurerm_subnet" "example" {
  name                 = "aks-subnet"
  virtual_network_name = "akhil-vnet-a"
  resource_group_name  = "akhil-rg-a"
}


data "azurerm_redis_cache" "example" {
  name                = "akhil-redis-cache-testing"
  resource_group_name = "my-resource-group"
}

Once private endpoint is created I am facing the issue when I did netcat on the network:

nc: getaddrinfo for host "akhil-redis-cache-testing.redis.cache.windows.net" port 6380: Name or service not known

I see one difference. In terraform creation fqdn is not creating and when I created manually from azure portal fqdn is creating and it is working with out any error

Using Terraform enter image description here

Manually Creating from azure portal - After that when I p enter image description here

Please guide me on what might be missing when I try to create a private endpoint for Azure Redis Cache using Terraform.

Thanks in Advance

Solution

  • There are several resources that needs to be configured correctly for this to work:

    • Private Endpoint
    • Private DNS Zone
    • DNS Zone Group
    • VNet Link

    Is your Vnet linked to the private DNS zone? I don't see a Vnet link resource in your code.

    "azurerm_private_dns_zone_virtual_network_link" enable DNS resolution and registration inside Azure Virtual Networks using Azure Private DNS.

    resource "azurerm_private_dns_zone_virtual_network_link" "example" {
  name                  = "test"
  resource_group_name   = azurerm_resource_group.example.name
  private_dns_zone_name = azurerm_private_dns_zone.example.name
  virtual_network_id    = azurerm_virtual_network.example.id
}

    Refer: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link