From efbe64999e763420ab6c87b23e4cf6f5e5b04e09 Mon Sep 17 00:00:00 2001 From: Matthew Date: Sun, 13 Jan 2019 22:23:37 +0000 Subject: [PATCH 01/12] add support for pick-hostname behaviours --- azurerm/resource_arm_application_gateway.go | 45 +- .../resource_arm_application_gateway_test.go | 206 +++++ .../docs/r/application_gateway.html.markdown | 768 +++++++++--------- 3 files changed, 625 insertions(+), 394 deletions(-) diff --git a/azurerm/resource_arm_application_gateway.go b/azurerm/resource_arm_application_gateway.go index 3d0497b6f21d..53544a23c9c7 100644 --- a/azurerm/resource_arm_application_gateway.go +++ b/azurerm/resource_arm_application_gateway.go @@ -116,6 +116,11 @@ func resourceArmApplicationGateway() *schema.Resource { }, true), }, + "pick_host_name_from_backend_address": { + Type: schema.TypeBool, + Optional: true, + }, + "request_timeout": { Type: schema.TypeInt, Optional: true, @@ -499,7 +504,7 @@ func resourceArmApplicationGateway() *schema.Resource { "host": { Type: schema.TypeString, - Required: true, + Optional: true, }, "interval": { @@ -517,6 +522,11 @@ func resourceArmApplicationGateway() *schema.Resource { Required: true, }, + "pick_host_name_from_backend_http_settings": { + Type: schema.TypeBool, + Optional: true, + }, + "minimum_servers": { Type: schema.TypeInt, Optional: true, @@ -1087,15 +1097,17 @@ func expandApplicationGatewayBackendHTTPSettings(d *schema.ResourceData, gateway port := int32(v["port"].(int)) protocol := v["protocol"].(string) cookieBasedAffinity := v["cookie_based_affinity"].(string) + pickHostNameFromBackendAddress := v["pick_host_name_from_backend_address"].(bool) requestTimeout := int32(v["request_timeout"].(int)) setting := network.ApplicationGatewayBackendHTTPSettings{ Name: &name, ApplicationGatewayBackendHTTPSettingsPropertiesFormat: &network.ApplicationGatewayBackendHTTPSettingsPropertiesFormat{ - CookieBasedAffinity: network.ApplicationGatewayCookieBasedAffinity(cookieBasedAffinity), - Port: utils.Int32(port), - Protocol: network.ApplicationGatewayProtocol(protocol), - RequestTimeout: utils.Int32(requestTimeout), + CookieBasedAffinity: network.ApplicationGatewayCookieBasedAffinity(cookieBasedAffinity), + PickHostNameFromBackendAddress: utils.Bool(pickHostNameFromBackendAddress), + Port: utils.Int32(port), + Protocol: network.ApplicationGatewayProtocol(protocol), + RequestTimeout: utils.Int32(requestTimeout), }, } @@ -1153,6 +1165,9 @@ func flattenApplicationGatewayBackendHTTPSettings(input *[]network.ApplicationGa if port := props.Port; port != nil { output["port"] = int(*port) } + if pickHostNameFromBackendAddress := props.PickHostNameFromBackendAddress; pickHostNameFromBackendAddress != nil { + output["pick_host_name_from_backend_address"] = bool(*pickHostNameFromBackendAddress) + } output["protocol"] = string(props.Protocol) if timeout := props.RequestTimeout; timeout != nil { output["request_timeout"] = int(*timeout) @@ -1544,17 +1559,19 @@ func expandApplicationGatewayProbes(d *schema.ResourceData) *[]network.Applicati protocol := v["protocol"].(string) timeout := int32(v["timeout"].(int)) unhealthyThreshold := int32(v["unhealthy_threshold"].(int)) + pickHostNameFromBackendHTTPSettings := v["pick_host_name_from_backend_http_settings"].(bool) output := network.ApplicationGatewayProbe{ Name: utils.String(name), ApplicationGatewayProbePropertiesFormat: &network.ApplicationGatewayProbePropertiesFormat{ - Host: utils.String(host), - Interval: utils.Int32(interval), - MinServers: utils.Int32(minServers), - Path: utils.String(probePath), - Protocol: network.ApplicationGatewayProtocol(protocol), - Timeout: utils.Int32(timeout), - UnhealthyThreshold: utils.Int32(unhealthyThreshold), + Host: utils.String(host), + Interval: utils.Int32(interval), + MinServers: utils.Int32(minServers), + Path: utils.String(probePath), + Protocol: network.ApplicationGatewayProtocol(protocol), + Timeout: utils.Int32(timeout), + UnhealthyThreshold: utils.Int32(unhealthyThreshold), + PickHostNameFromBackendHTTPSettings: utils.Bool(pickHostNameFromBackendHTTPSettings), }, } @@ -1620,6 +1637,10 @@ func flattenApplicationGatewayProbes(input *[]network.ApplicationGatewayProbe) [ output["unhealthy_threshold"] = int(*threshold) } + if pickHostNameFromBackendHTTPSettings := props.PickHostNameFromBackendHTTPSettings; pickHostNameFromBackendHTTPSettings != nil { + output["pick_host_name_from_backend_http_settings"] = bool(*pickHostNameFromBackendHTTPSettings) + } + if minServers := props.MinServers; minServers != nil { output["minimum_servers"] = int(*minServers) } diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index a80b0206413d..8d18cf6ae920 100644 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -222,6 +222,56 @@ func TestAccAzureRMApplicationGateway_probes(t *testing.T) { }) } +func TestAccAzureRMApplicationGateway_probesPickHostNameFromBackendHTTPSettings(t *testing.T) { + resourceName := "azurerm_application_gateway.test" + ri := acctest.RandInt() + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAzureRMApplicationGateway_probesPickHostNameFromBackendHTTPSettings(ri, testLocation()), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMApplicationGatewayExists(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "probe.0.pick_host_name_from_backend_http_settings"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAzureRMApplicationGateway_settingsPickHostNameFromBackendAddress(t *testing.T) { + resourceName := "azurerm_application_gateway.test" + ri := acctest.RandInt() + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAzureRMApplicationGateway_settingsPickHostNameFromBackendAddress(ri, testLocation()), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMApplicationGatewayExists(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "backend_http_settings.0.pick_host_name_from_backend_address"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func TestAccAzureRMApplicationGateway_sslCertificate(t *testing.T) { resourceName := "azurerm_application_gateway.test" ri := acctest.RandInt() @@ -836,6 +886,162 @@ resource "azurerm_application_gateway" "test" { `, template, rInt) } +func testAccAzureRMApplicationGateway_probesPickHostNameFromBackendHTTPSettings(rInt int, location string) string { + template := testAccAzureRMApplicationGateway_template(rInt, location) + return fmt.Sprintf(` +%s + +# since these variables are re-used - a locals block makes this more maintainable +locals { + backend_address_pool_name = "${azurerm_virtual_network.test.name}-beap" + frontend_port_name = "${azurerm_virtual_network.test.name}-feport" + frontend_ip_configuration_name = "${azurerm_virtual_network.test.name}-feip" + http_setting_name = "${azurerm_virtual_network.test.name}-be-htst" + listener_name = "${azurerm_virtual_network.test.name}-httplstn" + probe_name = "${azurerm_virtual_network.test.name}-probe" + request_routing_rule_name = "${azurerm_virtual_network.test.name}-rqrt" +} + +resource "azurerm_application_gateway" "test" { + name = "acctestag-%d" + resource_group_name = "${azurerm_resource_group.test.name}" + location = "${azurerm_resource_group.test.location}" + + sku { + name = "Standard_Small" + tier = "Standard" + capacity = 2 + } + + gateway_ip_configuration { + name = "my-gateway-ip-configuration" + subnet_id = "${azurerm_subnet.test.id}" + } + + frontend_port { + name = "${local.frontend_port_name}" + port = 80 + } + + frontend_ip_configuration { + name = "${local.frontend_ip_configuration_name}" + public_ip_address_id = "${azurerm_public_ip.test.id}" + } + + backend_address_pool { + name = "${local.backend_address_pool_name}" + } + + backend_http_settings { + name = "${local.http_setting_name}" + cookie_based_affinity = "Disabled" + pick_host_name_from_backend_address = true + port = 80 + probe_name = "${local.probe_name}" + protocol = "Http" + request_timeout = 1 + } + + probe { + name = "${local.probe_name}" + protocol = "Http" + path = "/test" + timeout = 120 + interval = 300 + unhealthy_threshold = 8 + pick_host_name_from_backend_http_settings = true + } + + http_listener { + name = "${local.listener_name}" + frontend_ip_configuration_name = "${local.frontend_ip_configuration_name}" + frontend_port_name = "${local.frontend_port_name}" + protocol = "Http" + } + + request_routing_rule { + name = "${local.request_routing_rule_name}" + rule_type = "Basic" + http_listener_name = "${local.listener_name}" + backend_address_pool_name = "${local.backend_address_pool_name}" + backend_http_settings_name = "${local.http_setting_name}" + } +} +`, template, rInt) +} + +func testAccAzureRMApplicationGateway_settingsPickHostNameFromBackendAddress(rInt int, location string) string { + template := testAccAzureRMApplicationGateway_template(rInt, location) + return fmt.Sprintf(` +%s + +# since these variables are re-used - a locals block makes this more maintainable +locals { + backend_address_pool_name = "${azurerm_virtual_network.test.name}-beap" + frontend_port_name = "${azurerm_virtual_network.test.name}-feport" + frontend_ip_configuration_name = "${azurerm_virtual_network.test.name}-feip" + http_setting_name = "${azurerm_virtual_network.test.name}-be-htst" + listener_name = "${azurerm_virtual_network.test.name}-httplstn" + request_routing_rule_name = "${azurerm_virtual_network.test.name}-rqrt" +} + +resource "azurerm_application_gateway" "test" { + name = "acctestag-%d" + resource_group_name = "${azurerm_resource_group.test.name}" + location = "${azurerm_resource_group.test.location}" + + sku { + name = "Standard_Small" + tier = "Standard" + capacity = 2 + } + + gateway_ip_configuration { + name = "my-gateway-ip-configuration" + subnet_id = "${azurerm_subnet.test.id}" + } + + frontend_port { + name = "${local.frontend_port_name}" + port = 80 + } + + frontend_ip_configuration { + name = "${local.frontend_ip_configuration_name}" + public_ip_address_id = "${azurerm_public_ip.test.id}" + } + + backend_address_pool { + name = "${local.backend_address_pool_name}" + } + + backend_http_settings { + name = "${local.http_setting_name}" + cookie_based_affinity = "Disabled" + pick_host_name_from_backend_address = true + port = 80 + protocol = "Http" + request_timeout = 1 + } + + http_listener { + name = "${local.listener_name}" + frontend_ip_configuration_name = "${local.frontend_ip_configuration_name}" + frontend_port_name = "${local.frontend_port_name}" + protocol = "Http" + } + + request_routing_rule { + name = "${local.request_routing_rule_name}" + rule_type = "Basic" + http_listener_name = "${local.listener_name}" + backend_address_pool_name = "${local.backend_address_pool_name}" + backend_http_settings_name = "${local.http_setting_name}" + } +} +`, template, rInt) +} + func testAccAzureRMApplicationGateway_sslCertificate(rInt int, location string) string { template := testAccAzureRMApplicationGateway_template(rInt, location) return fmt.Sprintf(` diff --git a/website/docs/r/application_gateway.html.markdown b/website/docs/r/application_gateway.html.markdown index 7f2f43032ee2..fb05ef1c1720 100644 --- a/website/docs/r/application_gateway.html.markdown +++ b/website/docs/r/application_gateway.html.markdown @@ -1,18 +1,18 @@ ---- -layout: "azurerm" -page_title: "Azure Resource Manager: azurerm_application_gateway" -sidebar_current: "docs-azurerm-resource-application-gateway" -description: |- - Manages an Application Gateway. ---- - -# azurerm_application_gateway - -Manages an Application Gateway. - -## Example Usage - -```hcl +--- +layout: "azurerm" +page_title: "Azure Resource Manager: azurerm_application_gateway" +sidebar_current: "docs-azurerm-resource-application-gateway" +description: |- + Manages an Application Gateway. +--- + +# azurerm_application_gateway + +Manages an Application Gateway. + +## Example Usage + +```hcl resource "azurerm_resource_group" "test" { name = "example-resources" location = "West US" @@ -109,370 +109,374 @@ resource "azurerm_application_gateway" "network" { backend_http_settings_name = "${local.http_setting_name}" } } -``` - -## Argument Reference - -The following arguments are supported: - -* `name` - (Required) The name of the Application Gateway. Changing this forces a new resource to be created. - -* `resource_group_name` - (Required) The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created. - -* `location` - (Required) The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created. - -* `backend_address_pool` - (Required) One or more `backend_address_pool` blocks as defined below. - -* `backend_http_settings` - (Required) One or more `backend_http_settings` blocks as defined below. - -* `frontend_ip_configuration` - (Required) One or more `frontend_ip_configuration` blocks as defined below. - -* `frontend_port` - (Required) One or more `frontend_port` blocks as defined below. - -* `gateway_ip_configuration` - (Required) One or more `gateway_ip_configuration` blocks as defined below. - -* `http_listener` - (Required) One or more `http_listener` blocks as defined below. - -* `request_routing_rule` - (Required) One or more `request_routing_rule` blocks as defined below. - -* `sku` - (Required) A `sku` block as defined below. - ---- - -* `authentication_certificate` - (Optional) One or more `authentication_certificate` blocks as defined below. - -* `disabled_ssl_protocols` - (Optional) A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are `TLSv1_0`, `TLSv1_1` and `TLSv1_2`. - -* `probe` - (Optional) One or more `probe` blocks as defined below. - -* `tags` - (Optional) A mapping of tags to assign to the resource. - -* `url_path_map` - (Optional) One or more `url_path_map` blocks as defined below. - -* `waf_configuration` - (Optional) A `waf_configuration` block as defined below. - ---- - -A `authentication_certificate` block supports the following: - -* `name` - (Required) The Name of the Authentication Certificate to use. - -* `data` - (Required) The contents of the Authentication Certificate which should be used. - ---- - -A `authentication_certificate` block, within the `backend_http_settings` block supports the following: - -* `name` - (Required) The name of the Authentication Certificate. - ---- - -A `backend_address_pool` block supports the following: - -* `name` - (Required) The name of the Backend Address Pool. - -* `fqdn_list` - (Optional) A list of FQDN's which should be part of the Backend Address Pool. - -* `ip_address_list` - (Optional) A list of IP Addresses which should be part of the Backend Address Pool. - ---- - -A `backend_http_settings` block supports the following: - -* `cookie_based_affinity` - (Required) Is Cookie-Based Affinity enabled? Possible values are `Enabled` and `Disabled`. - -* `name` - (Required) The name of the Backend HTTP Settings Collection. - -* `port`- (Required) The port which should be used for this Backend HTTP Settings Collection. - -* `probe_name` - (Required) The name of an associated HTTP Probe. - -* `protocol`- (Required) The Protocol which should be used. Possible values are `Http` and `Https`. - -* `request_timeout` - (Required) The request timeout in seconds, which must be between 1 and 86400 seconds. - -* `authentication_certificate` - (Optional) One or more `authentication_certificate` blocks. - ---- - -A `frontend_ip_configuration` block supports the following: - -* `name` - (Required) The name of the Frontend IP Configuration. - -* `subnet_id` - (Required) The ID of the Subnet which the Application Gateway should be connected to. - -* `private_ip_address` - (Optional) The Private IP Address to use for the Application Gateway. - -* `public_ip_address_id` - (Optional) The ID of a Public IP Address which the Application Gateway should use. - --> **NOTE:** The Allocation Method for this Public IP Address should be set to `Dynamic`. - -* `private_ip_address_allocation` - (Optional) The Allocation Method for the Private IP Address. Possible values are `Dynamic` and `Static`. - ---- - -A `frontend_port` block supports the following: - -* `name` - (Required) The name of the Frontend Port. - -* `port` - (Required) The port used for this Frontend Port. - ---- - -A `gateway_ip_configuration` block supports the following: - -* `name` - (Required) The Name of this Gateway IP Configuration. - -* `subnet_id` - (Required) The ID of a Subnet. - ---- - -A `http_listener` block supports the following: - -* `name` - (Required) The Name of the HTTP Listener. - -* `frontend_ip_configuration_name` - (Required) The Name of the Frontend IP Configuration used for this HTTP Listener. - -* `frontend_port_name` - (Required) The Name of the Frontend Port use for this HTTP Listener. - -* `host_name` - (Optional) The Hostname which should be used for this HTTP Listener. - -* `protocol` - (Required) The Protocol to use for this HTTP Listener. Possible values are `Http` and `Https`. - -* `require_sni` - (Optional) Should Server Name Indication be Required? Defaults to `false`. - -* `ssl_certificate_name` - (Optional) The name of the associated SSL Certificate which should be used for this HTTP Listener. - ---- - -A `match` block supports the following: - -* `body` - (Optional) A snippet from the Response Body which must be present in the Response. Defaults to `*`. - -* `status_code` - (Optional) A list of allowed status codes for this Health Probe. - ---- - -A `path_rule` block supports the following: - -* `name` - (Required) The Name of the Path Rule. - -* `paths` - (Required) A list of Paths used in this Path Rule. - -* `backend_address_pool_name` - (Required) The Name of the Backend Address Pool to use for this Path Rule. - -* `backend_http_settings_name` - (Required) The Name of the Backend HTTP Settings Collection to use for this Path Rule. - ---- - -A `probe` block support the following: - -* `host` - (Required) The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. - -* `interval` - (Required) The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds. - -* `name` - (Required) The Name of the Probe. - -* `protocol` - (Required) The Protocol used for this Probe. Possible values are `Http` and `Https`. - -* `path` - (Required) The Path used for this Probe. - -* `timeout` - (Required) The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds. - -* `unhealthy_threshold` - (Required) The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 - 20 seconds. - -* `match` - (Optional) A `match` block as defined above. - -* `minimum_servers` - (Optional) The minimum number of servers that are always marked as healthy. Defaults to `0`. - ---- - -A `request_routing_rule` block supports the following: - -* `name` - (Required) The Name of this Request Routing Rule. - -* `rule_type` - (Required) The Type of Routing that should be used for this Rule. Possible values are `Basic` and `PathBasedRouting`. - -* `http_listener_name` - (Required) The Name of the HTTP Listener which should be used for this Routing Rule. - -* `backend_address_pool_name` - (Optional) The Name of the Backend Address Pool which should be used for this Routing Rule. - -* `backend_http_settings_name` - (Optional) The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. - -* `url_path_map_name` - (Optional) The Name of the URL Path Map which should be associated with this Routing Rule. - ---- - -A `sku` block supports the following: - -* `name` - (Required) The Name of the SKU to use for this Application Gateway. Possible values are `Standard_Small`, `Standard_Medium`, `Standard_Large`, `Standard_v2`, `WAF_Medium`, `WAF_Large`, and `WAF_v2`. - -* `tier` - (Required) The Tier of the SKU to use for this Application Gateway. Possible values are `Standard`, `Standard_v2`, `WAF` and `WAF_v2`. - -* `capacity` - (Required) The Capacity of the SKU to use for this Application Gateway - which must be between 1 and 10. - ---- - -A `url_path_map` block supports the following: - -* `name` - (Required) The Name of the URL Path Map. - -* `default_backend_address_pool_name` - (Required) The Name of the Default Backend Address Pool which should be used for this URL Path Map. - -* `default_backend_http_settings_name` - (Required) The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. - -* `path_rule` - (Required) One or more `path_rule` blocks as defined above. - ---- - -A `waf_configuration` block supports the following: - -* `enabled` - (Required) Is the Web Application Firewall be enabled? - -* `firewall_mode` - (Required) The Web Application Firewall Mode. Possible values are `Detection` and `Prevention`. - -* `rule_set_type` - (Required) The Type of the Rule Set used for this Web Application Firewall. - -* `rule_set_version` - (Required) The Version of the Rule Set used for this Web Application Firewall. - -## Attributes Reference - -The following attributes are exported: - -* `id` - The ID of the Application Gateway. - -* `authentication_certificate` - A list of `authentication_certificate` blocks as defined below. - -* `backend_address_pool` - A list of `backend_address_pool` blocks as defined below. - -* `backend_http_settings` - A list of `backend_http_settings` blocks as defined below. - -* `frontend_ip_configuration` - A list of `frontend_ip_configuration` blocks as defined below. - -* `frontend_port` - A list of `frontend_port` blocks as defined below. - -* `gateway_ip_configuration` - A list of `gateway_ip_configuration` blocks as defined below. - -* `http_listener` - A list of `http_listener` blocks as defined below. - -* `probe` - A `probe` block as defined below. - -* `request_routing_rule` - A list of `request_routing_rule` blocks as defined below. - -* `ssl_certificate` - A list of `ssl_certificate` blocks as defined below. - -* `url_path_map` - A list of `url_path_map` blocks as defined below. - ---- - -A `authentication_certificate` block exports the following: - -* `id` - The ID of the Authentication Certificate. - ---- - -A `authentication_certificate` block, within the `backend_http_settings` block exports the following: - -* `id` - The ID of the Authentication Certificate. - ---- - -A `backend_address_pool` block exports the following: - -* `id` - The ID of the Backend Address Pool. - ---- - -A `backend_http_settings` block exports the following: - -* `id` - The ID of the Backend HTTP Settings Configuration. - -* `probe_id` - The ID of the associated Probe. - ---- - -A `frontend_ip_configuration` block exports the following: - -* `id` - The ID of the Frontend IP Configuration. - ---- - -A `frontend_port` block exports the following: - -* `id` - The ID of the Frontend Port. - ---- - -A `gateway_ip_configuration` block exports the following: - -* `id` - The ID of the Gateway IP Configuration. - ---- - -A `http_listener` block exports the following: - -* `id` - The ID of the HTTP Listener. - -* `frontend_ip_configuration_id` - The ID of the associated Frontend Configuration. - -* `frontend_port_id` - The ID of the associated Frontend Port. - -* `ssl_certificate_id` - The ID of the associated SSL Certificate. - ---- - -A `path_rule` block exports the following: - -* `id` - The ID of the Path Rule. - -* `backend_address_pool_id` - The ID of the Backend Address Pool used in this Path Rule. - -* `backend_http_settings_id` - The ID of the Backend HTTP Settings Collection used in this Path Rule. - ---- - -A `probe` block exports the following: - -* `id` - The ID of the Probe. - ---- - -A `request_routing_rule` block exports the following: - -* `id` - The ID of the Request Routing Rule. - -* `http_listener_id` - The ID of the associated HTTP Listener. - -* `backend_address_pool_id` - The ID of the associated Backend Address Pool. - -* `backend_http_settings_id` - The ID of the associated Backend HTTP Settings Configuration. - -* `url_path_map_id` - The ID of the associated URL Path Map. - ---- - -A `ssl_certificate` block exports the following: - -* `id` - The ID of the SSL Certificate. - -* `public_cert_data` - The Public Certificate Data associated with the SSL Certificate. - ---- - -A `url_path_map` block exports the following: - -* `id` - The ID of the URL Path Map. - -* `default_backend_address_pool_id` - The ID of the Default Backend Address Pool. - -* `default_backend_http_settings_id` - The ID of the Default Backend HTTP Settings Collection. - -* `path_rule` - A list of `path_rule` blocks as defined above. - -## Import - -Application Gateway's can be imported using the `resource id`, e.g. - -```shell -terraform import azurerm_application_gateway.test /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/applicationGateways/myGateway1 -``` +``` + +## Argument Reference + +The following arguments are supported: + +* `name` - (Required) The name of the Application Gateway. Changing this forces a new resource to be created. + +* `resource_group_name` - (Required) The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created. + +* `location` - (Required) The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created. + +* `backend_address_pool` - (Required) One or more `backend_address_pool` blocks as defined below. + +* `backend_http_settings` - (Required) One or more `backend_http_settings` blocks as defined below. + +* `frontend_ip_configuration` - (Required) One or more `frontend_ip_configuration` blocks as defined below. + +* `frontend_port` - (Required) One or more `frontend_port` blocks as defined below. + +* `gateway_ip_configuration` - (Required) One or more `gateway_ip_configuration` blocks as defined below. + +* `http_listener` - (Required) One or more `http_listener` blocks as defined below. + +* `request_routing_rule` - (Required) One or more `request_routing_rule` blocks as defined below. + +* `sku` - (Required) A `sku` block as defined below. + +--- + +* `authentication_certificate` - (Optional) One or more `authentication_certificate` blocks as defined below. + +* `disabled_ssl_protocols` - (Optional) A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are `TLSv1_0`, `TLSv1_1` and `TLSv1_2`. + +* `probe` - (Optional) One or more `probe` blocks as defined below. + +* `tags` - (Optional) A mapping of tags to assign to the resource. + +* `url_path_map` - (Optional) One or more `url_path_map` blocks as defined below. + +* `waf_configuration` - (Optional) A `waf_configuration` block as defined below. + +--- + +A `authentication_certificate` block supports the following: + +* `name` - (Required) The Name of the Authentication Certificate to use. + +* `data` - (Required) The contents of the Authentication Certificate which should be used. + +--- + +A `authentication_certificate` block, within the `backend_http_settings` block supports the following: + +* `name` - (Required) The name of the Authentication Certificate. + +--- + +A `backend_address_pool` block supports the following: + +* `name` - (Required) The name of the Backend Address Pool. + +* `fqdn_list` - (Optional) A list of FQDN's which should be part of the Backend Address Pool. + +* `ip_address_list` - (Optional) A list of IP Addresses which should be part of the Backend Address Pool. + +--- + +A `backend_http_settings` block supports the following: + +* `cookie_based_affinity` - (Required) Is Cookie-Based Affinity enabled? Possible values are `Enabled` and `Disabled`. + +* `name` - (Required) The name of the Backend HTTP Settings Collection. + +* `port`- (Required) The port which should be used for this Backend HTTP Settings Collection. + +* `probe_name` - (Required) The name of an associated HTTP Probe. + +* `protocol`- (Required) The Protocol which should be used. Possible values are `Http` and `Https`. + +* `request_timeout` - (Required) The request timeout in seconds, which must be between 1 and 86400 seconds. + +* `pick_host_name_from_backend_address` - (Optional) Whether host header should be picked from the host name of the backend server. + +* `authentication_certificate` - (Optional) One or more `authentication_certificate` blocks. + +--- + +A `frontend_ip_configuration` block supports the following: + +* `name` - (Required) The name of the Frontend IP Configuration. + +* `subnet_id` - (Required) The ID of the Subnet which the Application Gateway should be connected to. + +* `private_ip_address` - (Optional) The Private IP Address to use for the Application Gateway. + +* `public_ip_address_id` - (Optional) The ID of a Public IP Address which the Application Gateway should use. + +-> **NOTE:** The Allocation Method for this Public IP Address should be set to `Dynamic`. + +* `private_ip_address_allocation` - (Optional) The Allocation Method for the Private IP Address. Possible values are `Dynamic` and `Static`. + +--- + +A `frontend_port` block supports the following: + +* `name` - (Required) The name of the Frontend Port. + +* `port` - (Required) The port used for this Frontend Port. + +--- + +A `gateway_ip_configuration` block supports the following: + +* `name` - (Required) The Name of this Gateway IP Configuration. + +* `subnet_id` - (Required) The ID of a Subnet. + +--- + +A `http_listener` block supports the following: + +* `name` - (Required) The Name of the HTTP Listener. + +* `frontend_ip_configuration_name` - (Required) The Name of the Frontend IP Configuration used for this HTTP Listener. + +* `frontend_port_name` - (Required) The Name of the Frontend Port use for this HTTP Listener. + +* `host_name` - (Optional) The Hostname which should be used for this HTTP Listener. + +* `protocol` - (Required) The Protocol to use for this HTTP Listener. Possible values are `Http` and `Https`. + +* `require_sni` - (Optional) Should Server Name Indication be Required? Defaults to `false`. + +* `ssl_certificate_name` - (Optional) The name of the associated SSL Certificate which should be used for this HTTP Listener. + +--- + +A `match` block supports the following: + +* `body` - (Optional) A snippet from the Response Body which must be present in the Response. Defaults to `*`. + +* `status_code` - (Optional) A list of allowed status codes for this Health Probe. + +--- + +A `path_rule` block supports the following: + +* `name` - (Required) The Name of the Path Rule. + +* `paths` - (Required) A list of Paths used in this Path Rule. + +* `backend_address_pool_name` - (Required) The Name of the Backend Address Pool to use for this Path Rule. + +* `backend_http_settings_name` - (Required) The Name of the Backend HTTP Settings Collection to use for this Path Rule. + +--- + +A `probe` block support the following: + +* `host` - (Required) The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. + +* `interval` - (Required) The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds. + +* `name` - (Optional) The Name of the Probe. Cannot be set if `pick_host_name_from_backend_http_settings` is set to true. + +* `protocol` - (Required) The Protocol used for this Probe. Possible values are `Http` and `Https`. + +* `path` - (Required) The Path used for this Probe. + +* `timeout` - (Required) The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds. + +* `unhealthy_threshold` - (Required) The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 - 20 seconds. + +* `pick_host_name_from_backend_http_settings` - (Optional) Whether the host header should be picked from the backend http settings. + +* `match` - (Optional) A `match` block as defined above. + +* `minimum_servers` - (Optional) The minimum number of servers that are always marked as healthy. Defaults to `0`. + +--- + +A `request_routing_rule` block supports the following: + +* `name` - (Required) The Name of this Request Routing Rule. + +* `rule_type` - (Required) The Type of Routing that should be used for this Rule. Possible values are `Basic` and `PathBasedRouting`. + +* `http_listener_name` - (Required) The Name of the HTTP Listener which should be used for this Routing Rule. + +* `backend_address_pool_name` - (Optional) The Name of the Backend Address Pool which should be used for this Routing Rule. + +* `backend_http_settings_name` - (Optional) The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. + +* `url_path_map_name` - (Optional) The Name of the URL Path Map which should be associated with this Routing Rule. + +--- + +A `sku` block supports the following: + +* `name` - (Required) The Name of the SKU to use for this Application Gateway. Possible values are `Standard_Small`, `Standard_Medium`, `Standard_Large`, `Standard_v2`, `WAF_Medium`, `WAF_Large`, and `WAF_v2`. + +* `tier` - (Required) The Tier of the SKU to use for this Application Gateway. Possible values are `Standard`, `Standard_v2`, `WAF` and `WAF_v2`. + +* `capacity` - (Required) The Capacity of the SKU to use for this Application Gateway - which must be between 1 and 10. + +--- + +A `url_path_map` block supports the following: + +* `name` - (Required) The Name of the URL Path Map. + +* `default_backend_address_pool_name` - (Required) The Name of the Default Backend Address Pool which should be used for this URL Path Map. + +* `default_backend_http_settings_name` - (Required) The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. + +* `path_rule` - (Required) One or more `path_rule` blocks as defined above. + +--- + +A `waf_configuration` block supports the following: + +* `enabled` - (Required) Is the Web Application Firewall be enabled? + +* `firewall_mode` - (Required) The Web Application Firewall Mode. Possible values are `Detection` and `Prevention`. + +* `rule_set_type` - (Required) The Type of the Rule Set used for this Web Application Firewall. + +* `rule_set_version` - (Required) The Version of the Rule Set used for this Web Application Firewall. + +## Attributes Reference + +The following attributes are exported: + +* `id` - The ID of the Application Gateway. + +* `authentication_certificate` - A list of `authentication_certificate` blocks as defined below. + +* `backend_address_pool` - A list of `backend_address_pool` blocks as defined below. + +* `backend_http_settings` - A list of `backend_http_settings` blocks as defined below. + +* `frontend_ip_configuration` - A list of `frontend_ip_configuration` blocks as defined below. + +* `frontend_port` - A list of `frontend_port` blocks as defined below. + +* `gateway_ip_configuration` - A list of `gateway_ip_configuration` blocks as defined below. + +* `http_listener` - A list of `http_listener` blocks as defined below. + +* `probe` - A `probe` block as defined below. + +* `request_routing_rule` - A list of `request_routing_rule` blocks as defined below. + +* `ssl_certificate` - A list of `ssl_certificate` blocks as defined below. + +* `url_path_map` - A list of `url_path_map` blocks as defined below. + +--- + +A `authentication_certificate` block exports the following: + +* `id` - The ID of the Authentication Certificate. + +--- + +A `authentication_certificate` block, within the `backend_http_settings` block exports the following: + +* `id` - The ID of the Authentication Certificate. + +--- + +A `backend_address_pool` block exports the following: + +* `id` - The ID of the Backend Address Pool. + +--- + +A `backend_http_settings` block exports the following: + +* `id` - The ID of the Backend HTTP Settings Configuration. + +* `probe_id` - The ID of the associated Probe. + +--- + +A `frontend_ip_configuration` block exports the following: + +* `id` - The ID of the Frontend IP Configuration. + +--- + +A `frontend_port` block exports the following: + +* `id` - The ID of the Frontend Port. + +--- + +A `gateway_ip_configuration` block exports the following: + +* `id` - The ID of the Gateway IP Configuration. + +--- + +A `http_listener` block exports the following: + +* `id` - The ID of the HTTP Listener. + +* `frontend_ip_configuration_id` - The ID of the associated Frontend Configuration. + +* `frontend_port_id` - The ID of the associated Frontend Port. + +* `ssl_certificate_id` - The ID of the associated SSL Certificate. + +--- + +A `path_rule` block exports the following: + +* `id` - The ID of the Path Rule. + +* `backend_address_pool_id` - The ID of the Backend Address Pool used in this Path Rule. + +* `backend_http_settings_id` - The ID of the Backend HTTP Settings Collection used in this Path Rule. + +--- + +A `probe` block exports the following: + +* `id` - The ID of the Probe. + +--- + +A `request_routing_rule` block exports the following: + +* `id` - The ID of the Request Routing Rule. + +* `http_listener_id` - The ID of the associated HTTP Listener. + +* `backend_address_pool_id` - The ID of the associated Backend Address Pool. + +* `backend_http_settings_id` - The ID of the associated Backend HTTP Settings Configuration. + +* `url_path_map_id` - The ID of the associated URL Path Map. + +--- + +A `ssl_certificate` block exports the following: + +* `id` - The ID of the SSL Certificate. + +* `public_cert_data` - The Public Certificate Data associated with the SSL Certificate. + +--- + +A `url_path_map` block exports the following: + +* `id` - The ID of the URL Path Map. + +* `default_backend_address_pool_id` - The ID of the Default Backend Address Pool. + +* `default_backend_http_settings_id` - The ID of the Default Backend HTTP Settings Collection. + +* `path_rule` - A list of `path_rule` blocks as defined above. + +## Import + +Application Gateway's can be imported using the `resource id`, e.g. + +```shell +terraform import azurerm_application_gateway.test /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/applicationGateways/myGateway1 +``` From 631a4f217af922012ce4c0d3b8557e3854114bf4 Mon Sep 17 00:00:00 2001 From: kt Date: Mon, 14 Jan 2019 00:16:00 -0800 Subject: [PATCH 02/12] cleanup after merge --- azurerm/resource_arm_application_gateway_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index 8e7cb34b6eb2..f3d38dbc5e25 100644 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -224,8 +224,8 @@ func TestAccAzureRMApplicationGateway_probes(t *testing.T) { func TestAccAzureRMApplicationGateway_probesPickHostNameFromBackendHTTPSettings(t *testing.T) { resourceName := "azurerm_application_gateway.test" - ri := acctest.RandInt() - + ri := tf.AccRandTimeInt() + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -249,7 +249,7 @@ func TestAccAzureRMApplicationGateway_probesPickHostNameFromBackendHTTPSettings( func TestAccAzureRMApplicationGateway_settingsPickHostNameFromBackendAddress(t *testing.T) { resourceName := "azurerm_application_gateway.test" - ri := acctest.RandInt() + ri := tf.AccRandTimeInt() resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, From cb3902adabef39a8a958c0ea0dc5cd6fe0c18464 Mon Sep 17 00:00:00 2001 From: Matthew Sills Date: Mon, 14 Jan 2019 09:46:51 +0000 Subject: [PATCH 03/12] make fmt; remove trailing whitespace --- azurerm/resource_arm_application_gateway_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index f3d38dbc5e25..b430516c4171 100644 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -225,7 +225,7 @@ func TestAccAzureRMApplicationGateway_probes(t *testing.T) { func TestAccAzureRMApplicationGateway_probesPickHostNameFromBackendHTTPSettings(t *testing.T) { resourceName := "azurerm_application_gateway.test" ri := tf.AccRandTimeInt() - + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, From a9a78a876c567c4302ac1d19e4d3251878f2fe48 Mon Sep 17 00:00:00 2001 From: Matthew Sills Date: Mon, 14 Jan 2019 10:14:32 +0000 Subject: [PATCH 04/12] remove unnecessary type conversions --- azurerm/resource_arm_application_gateway.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azurerm/resource_arm_application_gateway.go b/azurerm/resource_arm_application_gateway.go index 53544a23c9c7..3452d40c23b4 100644 --- a/azurerm/resource_arm_application_gateway.go +++ b/azurerm/resource_arm_application_gateway.go @@ -1166,7 +1166,7 @@ func flattenApplicationGatewayBackendHTTPSettings(input *[]network.ApplicationGa output["port"] = int(*port) } if pickHostNameFromBackendAddress := props.PickHostNameFromBackendAddress; pickHostNameFromBackendAddress != nil { - output["pick_host_name_from_backend_address"] = bool(*pickHostNameFromBackendAddress) + output["pick_host_name_from_backend_address"] = *pickHostNameFromBackendAddress } output["protocol"] = string(props.Protocol) if timeout := props.RequestTimeout; timeout != nil { @@ -1638,7 +1638,7 @@ func flattenApplicationGatewayProbes(input *[]network.ApplicationGatewayProbe) [ } if pickHostNameFromBackendHTTPSettings := props.PickHostNameFromBackendHTTPSettings; pickHostNameFromBackendHTTPSettings != nil { - output["pick_host_name_from_backend_http_settings"] = bool(*pickHostNameFromBackendHTTPSettings) + output["pick_host_name_from_backend_http_settings"] = *pickHostNameFromBackendHTTPSettings } if minServers := props.MinServers; minServers != nil { From 2839008d13195ced9d7133d771d78f691f835af9 Mon Sep 17 00:00:00 2001 From: Matthew Date: Tue, 15 Jan 2019 05:38:36 +0000 Subject: [PATCH 05/12] add explicit defaults --- azurerm/resource_arm_application_gateway.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/azurerm/resource_arm_application_gateway.go b/azurerm/resource_arm_application_gateway.go index 3452d40c23b4..0d624902adcb 100644 --- a/azurerm/resource_arm_application_gateway.go +++ b/azurerm/resource_arm_application_gateway.go @@ -119,6 +119,7 @@ func resourceArmApplicationGateway() *schema.Resource { "pick_host_name_from_backend_address": { Type: schema.TypeBool, Optional: true, + Default: false, }, "request_timeout": { @@ -525,6 +526,7 @@ func resourceArmApplicationGateway() *schema.Resource { "pick_host_name_from_backend_http_settings": { Type: schema.TypeBool, Optional: true, + Default: false, }, "minimum_servers": { From 1653e408c409841a8274ea43078946d073ecf3d5 Mon Sep 17 00:00:00 2001 From: Matthew Date: Tue, 15 Jan 2019 07:12:07 +0000 Subject: [PATCH 06/12] check values in test --- azurerm/resource_arm_application_gateway_test.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index b430516c4171..2162f8a9c827 100644 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -236,6 +236,7 @@ func TestAccAzureRMApplicationGateway_probesPickHostNameFromBackendHTTPSettings( Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists(resourceName), resource.TestCheckResourceAttrSet(resourceName, "probe.0.pick_host_name_from_backend_http_settings"), + resource.TestCheckResourceAttr(resourceName, "probe.0.pick_host_name_from_backend_http_settings", "true"), ), }, { @@ -261,6 +262,7 @@ func TestAccAzureRMApplicationGateway_settingsPickHostNameFromBackendAddress(t * Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists(resourceName), resource.TestCheckResourceAttrSet(resourceName, "backend_http_settings.0.pick_host_name_from_backend_address"), + resource.TestCheckResourceAttr(resourceName, "backend_http_settings.0.pick_host_name_from_backend_address", "true"), ), }, { From fe639aef4e0a7dafce401294caa50f11d87b1f28 Mon Sep 17 00:00:00 2001 From: Matthew Sills Date: Tue, 15 Jan 2019 11:30:43 +0000 Subject: [PATCH 07/12] reinstate windows lineends in documentation --- .../docs/r/application_gateway.html.markdown | 772 +++++++++--------- 1 file changed, 386 insertions(+), 386 deletions(-) diff --git a/website/docs/r/application_gateway.html.markdown b/website/docs/r/application_gateway.html.markdown index fb05ef1c1720..584b3874152e 100644 --- a/website/docs/r/application_gateway.html.markdown +++ b/website/docs/r/application_gateway.html.markdown @@ -1,18 +1,18 @@ ---- -layout: "azurerm" -page_title: "Azure Resource Manager: azurerm_application_gateway" -sidebar_current: "docs-azurerm-resource-application-gateway" -description: |- - Manages an Application Gateway. ---- - -# azurerm_application_gateway - -Manages an Application Gateway. - -## Example Usage - -```hcl +--- +layout: "azurerm" +page_title: "Azure Resource Manager: azurerm_application_gateway" +sidebar_current: "docs-azurerm-resource-application-gateway" +description: |- + Manages an Application Gateway. +--- + +# azurerm_application_gateway + +Manages an Application Gateway. + +## Example Usage + +```hcl resource "azurerm_resource_group" "test" { name = "example-resources" location = "West US" @@ -109,374 +109,374 @@ resource "azurerm_application_gateway" "network" { backend_http_settings_name = "${local.http_setting_name}" } } -``` - -## Argument Reference - -The following arguments are supported: - -* `name` - (Required) The name of the Application Gateway. Changing this forces a new resource to be created. - -* `resource_group_name` - (Required) The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created. - -* `location` - (Required) The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created. - -* `backend_address_pool` - (Required) One or more `backend_address_pool` blocks as defined below. - -* `backend_http_settings` - (Required) One or more `backend_http_settings` blocks as defined below. - -* `frontend_ip_configuration` - (Required) One or more `frontend_ip_configuration` blocks as defined below. - -* `frontend_port` - (Required) One or more `frontend_port` blocks as defined below. - -* `gateway_ip_configuration` - (Required) One or more `gateway_ip_configuration` blocks as defined below. - -* `http_listener` - (Required) One or more `http_listener` blocks as defined below. - -* `request_routing_rule` - (Required) One or more `request_routing_rule` blocks as defined below. - -* `sku` - (Required) A `sku` block as defined below. - ---- - -* `authentication_certificate` - (Optional) One or more `authentication_certificate` blocks as defined below. - -* `disabled_ssl_protocols` - (Optional) A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are `TLSv1_0`, `TLSv1_1` and `TLSv1_2`. - -* `probe` - (Optional) One or more `probe` blocks as defined below. - -* `tags` - (Optional) A mapping of tags to assign to the resource. - -* `url_path_map` - (Optional) One or more `url_path_map` blocks as defined below. - -* `waf_configuration` - (Optional) A `waf_configuration` block as defined below. - ---- - -A `authentication_certificate` block supports the following: - -* `name` - (Required) The Name of the Authentication Certificate to use. - -* `data` - (Required) The contents of the Authentication Certificate which should be used. - ---- - -A `authentication_certificate` block, within the `backend_http_settings` block supports the following: - -* `name` - (Required) The name of the Authentication Certificate. - ---- - -A `backend_address_pool` block supports the following: - -* `name` - (Required) The name of the Backend Address Pool. - -* `fqdn_list` - (Optional) A list of FQDN's which should be part of the Backend Address Pool. - -* `ip_address_list` - (Optional) A list of IP Addresses which should be part of the Backend Address Pool. - ---- - -A `backend_http_settings` block supports the following: - -* `cookie_based_affinity` - (Required) Is Cookie-Based Affinity enabled? Possible values are `Enabled` and `Disabled`. - -* `name` - (Required) The name of the Backend HTTP Settings Collection. - -* `port`- (Required) The port which should be used for this Backend HTTP Settings Collection. - -* `probe_name` - (Required) The name of an associated HTTP Probe. - -* `protocol`- (Required) The Protocol which should be used. Possible values are `Http` and `Https`. - -* `request_timeout` - (Required) The request timeout in seconds, which must be between 1 and 86400 seconds. - -* `pick_host_name_from_backend_address` - (Optional) Whether host header should be picked from the host name of the backend server. - -* `authentication_certificate` - (Optional) One or more `authentication_certificate` blocks. - ---- - -A `frontend_ip_configuration` block supports the following: - -* `name` - (Required) The name of the Frontend IP Configuration. - -* `subnet_id` - (Required) The ID of the Subnet which the Application Gateway should be connected to. - -* `private_ip_address` - (Optional) The Private IP Address to use for the Application Gateway. - -* `public_ip_address_id` - (Optional) The ID of a Public IP Address which the Application Gateway should use. - --> **NOTE:** The Allocation Method for this Public IP Address should be set to `Dynamic`. - -* `private_ip_address_allocation` - (Optional) The Allocation Method for the Private IP Address. Possible values are `Dynamic` and `Static`. - ---- - -A `frontend_port` block supports the following: - -* `name` - (Required) The name of the Frontend Port. - -* `port` - (Required) The port used for this Frontend Port. - ---- - -A `gateway_ip_configuration` block supports the following: - -* `name` - (Required) The Name of this Gateway IP Configuration. - -* `subnet_id` - (Required) The ID of a Subnet. - ---- - -A `http_listener` block supports the following: - -* `name` - (Required) The Name of the HTTP Listener. - -* `frontend_ip_configuration_name` - (Required) The Name of the Frontend IP Configuration used for this HTTP Listener. - -* `frontend_port_name` - (Required) The Name of the Frontend Port use for this HTTP Listener. - -* `host_name` - (Optional) The Hostname which should be used for this HTTP Listener. - -* `protocol` - (Required) The Protocol to use for this HTTP Listener. Possible values are `Http` and `Https`. - -* `require_sni` - (Optional) Should Server Name Indication be Required? Defaults to `false`. - -* `ssl_certificate_name` - (Optional) The name of the associated SSL Certificate which should be used for this HTTP Listener. - ---- - -A `match` block supports the following: - -* `body` - (Optional) A snippet from the Response Body which must be present in the Response. Defaults to `*`. - -* `status_code` - (Optional) A list of allowed status codes for this Health Probe. - ---- - -A `path_rule` block supports the following: - -* `name` - (Required) The Name of the Path Rule. - -* `paths` - (Required) A list of Paths used in this Path Rule. - -* `backend_address_pool_name` - (Required) The Name of the Backend Address Pool to use for this Path Rule. - -* `backend_http_settings_name` - (Required) The Name of the Backend HTTP Settings Collection to use for this Path Rule. - ---- - -A `probe` block support the following: - -* `host` - (Required) The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. - -* `interval` - (Required) The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds. - -* `name` - (Optional) The Name of the Probe. Cannot be set if `pick_host_name_from_backend_http_settings` is set to true. - -* `protocol` - (Required) The Protocol used for this Probe. Possible values are `Http` and `Https`. - -* `path` - (Required) The Path used for this Probe. - -* `timeout` - (Required) The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds. - -* `unhealthy_threshold` - (Required) The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 - 20 seconds. - -* `pick_host_name_from_backend_http_settings` - (Optional) Whether the host header should be picked from the backend http settings. - -* `match` - (Optional) A `match` block as defined above. - -* `minimum_servers` - (Optional) The minimum number of servers that are always marked as healthy. Defaults to `0`. - ---- - -A `request_routing_rule` block supports the following: - -* `name` - (Required) The Name of this Request Routing Rule. - -* `rule_type` - (Required) The Type of Routing that should be used for this Rule. Possible values are `Basic` and `PathBasedRouting`. - -* `http_listener_name` - (Required) The Name of the HTTP Listener which should be used for this Routing Rule. - -* `backend_address_pool_name` - (Optional) The Name of the Backend Address Pool which should be used for this Routing Rule. - -* `backend_http_settings_name` - (Optional) The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. - -* `url_path_map_name` - (Optional) The Name of the URL Path Map which should be associated with this Routing Rule. - ---- - -A `sku` block supports the following: - -* `name` - (Required) The Name of the SKU to use for this Application Gateway. Possible values are `Standard_Small`, `Standard_Medium`, `Standard_Large`, `Standard_v2`, `WAF_Medium`, `WAF_Large`, and `WAF_v2`. - -* `tier` - (Required) The Tier of the SKU to use for this Application Gateway. Possible values are `Standard`, `Standard_v2`, `WAF` and `WAF_v2`. - -* `capacity` - (Required) The Capacity of the SKU to use for this Application Gateway - which must be between 1 and 10. - ---- - -A `url_path_map` block supports the following: - -* `name` - (Required) The Name of the URL Path Map. - -* `default_backend_address_pool_name` - (Required) The Name of the Default Backend Address Pool which should be used for this URL Path Map. - -* `default_backend_http_settings_name` - (Required) The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. - -* `path_rule` - (Required) One or more `path_rule` blocks as defined above. - ---- - -A `waf_configuration` block supports the following: - -* `enabled` - (Required) Is the Web Application Firewall be enabled? - -* `firewall_mode` - (Required) The Web Application Firewall Mode. Possible values are `Detection` and `Prevention`. - -* `rule_set_type` - (Required) The Type of the Rule Set used for this Web Application Firewall. - -* `rule_set_version` - (Required) The Version of the Rule Set used for this Web Application Firewall. - -## Attributes Reference - -The following attributes are exported: - -* `id` - The ID of the Application Gateway. - -* `authentication_certificate` - A list of `authentication_certificate` blocks as defined below. - -* `backend_address_pool` - A list of `backend_address_pool` blocks as defined below. - -* `backend_http_settings` - A list of `backend_http_settings` blocks as defined below. - -* `frontend_ip_configuration` - A list of `frontend_ip_configuration` blocks as defined below. - -* `frontend_port` - A list of `frontend_port` blocks as defined below. - -* `gateway_ip_configuration` - A list of `gateway_ip_configuration` blocks as defined below. - -* `http_listener` - A list of `http_listener` blocks as defined below. - -* `probe` - A `probe` block as defined below. - -* `request_routing_rule` - A list of `request_routing_rule` blocks as defined below. - -* `ssl_certificate` - A list of `ssl_certificate` blocks as defined below. - -* `url_path_map` - A list of `url_path_map` blocks as defined below. - ---- - -A `authentication_certificate` block exports the following: - -* `id` - The ID of the Authentication Certificate. - ---- - -A `authentication_certificate` block, within the `backend_http_settings` block exports the following: - -* `id` - The ID of the Authentication Certificate. - ---- - -A `backend_address_pool` block exports the following: - -* `id` - The ID of the Backend Address Pool. - ---- - -A `backend_http_settings` block exports the following: - -* `id` - The ID of the Backend HTTP Settings Configuration. - -* `probe_id` - The ID of the associated Probe. - ---- - -A `frontend_ip_configuration` block exports the following: - -* `id` - The ID of the Frontend IP Configuration. - ---- - -A `frontend_port` block exports the following: - -* `id` - The ID of the Frontend Port. - ---- - -A `gateway_ip_configuration` block exports the following: - -* `id` - The ID of the Gateway IP Configuration. - ---- - -A `http_listener` block exports the following: - -* `id` - The ID of the HTTP Listener. - -* `frontend_ip_configuration_id` - The ID of the associated Frontend Configuration. - -* `frontend_port_id` - The ID of the associated Frontend Port. - -* `ssl_certificate_id` - The ID of the associated SSL Certificate. - ---- - -A `path_rule` block exports the following: - -* `id` - The ID of the Path Rule. - -* `backend_address_pool_id` - The ID of the Backend Address Pool used in this Path Rule. - -* `backend_http_settings_id` - The ID of the Backend HTTP Settings Collection used in this Path Rule. - ---- - -A `probe` block exports the following: - -* `id` - The ID of the Probe. - ---- - -A `request_routing_rule` block exports the following: - -* `id` - The ID of the Request Routing Rule. - -* `http_listener_id` - The ID of the associated HTTP Listener. - -* `backend_address_pool_id` - The ID of the associated Backend Address Pool. - -* `backend_http_settings_id` - The ID of the associated Backend HTTP Settings Configuration. - -* `url_path_map_id` - The ID of the associated URL Path Map. - ---- - -A `ssl_certificate` block exports the following: - -* `id` - The ID of the SSL Certificate. - -* `public_cert_data` - The Public Certificate Data associated with the SSL Certificate. - ---- - -A `url_path_map` block exports the following: - -* `id` - The ID of the URL Path Map. - -* `default_backend_address_pool_id` - The ID of the Default Backend Address Pool. - -* `default_backend_http_settings_id` - The ID of the Default Backend HTTP Settings Collection. - -* `path_rule` - A list of `path_rule` blocks as defined above. - -## Import - -Application Gateway's can be imported using the `resource id`, e.g. - -```shell -terraform import azurerm_application_gateway.test /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/applicationGateways/myGateway1 -``` +``` + +## Argument Reference + +The following arguments are supported: + +* `name` - (Required) The name of the Application Gateway. Changing this forces a new resource to be created. + +* `resource_group_name` - (Required) The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created. + +* `location` - (Required) The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created. + +* `backend_address_pool` - (Required) One or more `backend_address_pool` blocks as defined below. + +* `backend_http_settings` - (Required) One or more `backend_http_settings` blocks as defined below. + +* `frontend_ip_configuration` - (Required) One or more `frontend_ip_configuration` blocks as defined below. + +* `frontend_port` - (Required) One or more `frontend_port` blocks as defined below. + +* `gateway_ip_configuration` - (Required) One or more `gateway_ip_configuration` blocks as defined below. + +* `http_listener` - (Required) One or more `http_listener` blocks as defined below. + +* `request_routing_rule` - (Required) One or more `request_routing_rule` blocks as defined below. + +* `sku` - (Required) A `sku` block as defined below. + +--- + +* `authentication_certificate` - (Optional) One or more `authentication_certificate` blocks as defined below. + +* `disabled_ssl_protocols` - (Optional) A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are `TLSv1_0`, `TLSv1_1` and `TLSv1_2`. + +* `probe` - (Optional) One or more `probe` blocks as defined below. + +* `tags` - (Optional) A mapping of tags to assign to the resource. + +* `url_path_map` - (Optional) One or more `url_path_map` blocks as defined below. + +* `waf_configuration` - (Optional) A `waf_configuration` block as defined below. + +--- + +A `authentication_certificate` block supports the following: + +* `name` - (Required) The Name of the Authentication Certificate to use. + +* `data` - (Required) The contents of the Authentication Certificate which should be used. + +--- + +A `authentication_certificate` block, within the `backend_http_settings` block supports the following: + +* `name` - (Required) The name of the Authentication Certificate. + +--- + +A `backend_address_pool` block supports the following: + +* `name` - (Required) The name of the Backend Address Pool. + +* `fqdn_list` - (Optional) A list of FQDN's which should be part of the Backend Address Pool. + +* `ip_address_list` - (Optional) A list of IP Addresses which should be part of the Backend Address Pool. + +--- + +A `backend_http_settings` block supports the following: + +* `cookie_based_affinity` - (Required) Is Cookie-Based Affinity enabled? Possible values are `Enabled` and `Disabled`. + +* `name` - (Required) The name of the Backend HTTP Settings Collection. + +* `port`- (Required) The port which should be used for this Backend HTTP Settings Collection. + +* `probe_name` - (Required) The name of an associated HTTP Probe. + +* `protocol`- (Required) The Protocol which should be used. Possible values are `Http` and `Https`. + +* `request_timeout` - (Required) The request timeout in seconds, which must be between 1 and 86400 seconds. + +* `pick_host_name_from_backend_address` - (Optional) Whether host header should be picked from the host name of the backend server. + +* `authentication_certificate` - (Optional) One or more `authentication_certificate` blocks. + +--- + +A `frontend_ip_configuration` block supports the following: + +* `name` - (Required) The name of the Frontend IP Configuration. + +* `subnet_id` - (Required) The ID of the Subnet which the Application Gateway should be connected to. + +* `private_ip_address` - (Optional) The Private IP Address to use for the Application Gateway. + +* `public_ip_address_id` - (Optional) The ID of a Public IP Address which the Application Gateway should use. + +-> **NOTE:** The Allocation Method for this Public IP Address should be set to `Dynamic`. + +* `private_ip_address_allocation` - (Optional) The Allocation Method for the Private IP Address. Possible values are `Dynamic` and `Static`. + +--- + +A `frontend_port` block supports the following: + +* `name` - (Required) The name of the Frontend Port. + +* `port` - (Required) The port used for this Frontend Port. + +--- + +A `gateway_ip_configuration` block supports the following: + +* `name` - (Required) The Name of this Gateway IP Configuration. + +* `subnet_id` - (Required) The ID of a Subnet. + +--- + +A `http_listener` block supports the following: + +* `name` - (Required) The Name of the HTTP Listener. + +* `frontend_ip_configuration_name` - (Required) The Name of the Frontend IP Configuration used for this HTTP Listener. + +* `frontend_port_name` - (Required) The Name of the Frontend Port use for this HTTP Listener. + +* `host_name` - (Optional) The Hostname which should be used for this HTTP Listener. + +* `protocol` - (Required) The Protocol to use for this HTTP Listener. Possible values are `Http` and `Https`. + +* `require_sni` - (Optional) Should Server Name Indication be Required? Defaults to `false`. + +* `ssl_certificate_name` - (Optional) The name of the associated SSL Certificate which should be used for this HTTP Listener. + +--- + +A `match` block supports the following: + +* `body` - (Optional) A snippet from the Response Body which must be present in the Response. Defaults to `*`. + +* `status_code` - (Optional) A list of allowed status codes for this Health Probe. + +--- + +A `path_rule` block supports the following: + +* `name` - (Required) The Name of the Path Rule. + +* `paths` - (Required) A list of Paths used in this Path Rule. + +* `backend_address_pool_name` - (Required) The Name of the Backend Address Pool to use for this Path Rule. + +* `backend_http_settings_name` - (Required) The Name of the Backend HTTP Settings Collection to use for this Path Rule. + +--- + +A `probe` block support the following: + +* `host` - (Required) The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. Cannot be set if `pick_host_name_from_backend_http_settings` is set to true. + +* `interval` - (Required) The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds. + +* `name` - (Required) The Name of the Probe. + +* `protocol` - (Required) The Protocol used for this Probe. Possible values are `Http` and `Https`. + +* `path` - (Required) The Path used for this Probe. + +* `timeout` - (Required) The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds. + +* `unhealthy_threshold` - (Required) The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 - 20 seconds. + +* `pick_host_name_from_backend_http_settings` - (Optional) Whether the host header should be picked from the backend http settings. + +* `match` - (Optional) A `match` block as defined above. + +* `minimum_servers` - (Optional) The minimum number of servers that are always marked as healthy. Defaults to `0`. + +--- + +A `request_routing_rule` block supports the following: + +* `name` - (Required) The Name of this Request Routing Rule. + +* `rule_type` - (Required) The Type of Routing that should be used for this Rule. Possible values are `Basic` and `PathBasedRouting`. + +* `http_listener_name` - (Required) The Name of the HTTP Listener which should be used for this Routing Rule. + +* `backend_address_pool_name` - (Optional) The Name of the Backend Address Pool which should be used for this Routing Rule. + +* `backend_http_settings_name` - (Optional) The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. + +* `url_path_map_name` - (Optional) The Name of the URL Path Map which should be associated with this Routing Rule. + +--- + +A `sku` block supports the following: + +* `name` - (Required) The Name of the SKU to use for this Application Gateway. Possible values are `Standard_Small`, `Standard_Medium`, `Standard_Large`, `Standard_v2`, `WAF_Medium`, `WAF_Large`, and `WAF_v2`. + +* `tier` - (Required) The Tier of the SKU to use for this Application Gateway. Possible values are `Standard`, `Standard_v2`, `WAF` and `WAF_v2`. + +* `capacity` - (Required) The Capacity of the SKU to use for this Application Gateway - which must be between 1 and 10. + +--- + +A `url_path_map` block supports the following: + +* `name` - (Required) The Name of the URL Path Map. + +* `default_backend_address_pool_name` - (Required) The Name of the Default Backend Address Pool which should be used for this URL Path Map. + +* `default_backend_http_settings_name` - (Required) The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. + +* `path_rule` - (Required) One or more `path_rule` blocks as defined above. + +--- + +A `waf_configuration` block supports the following: + +* `enabled` - (Required) Is the Web Application Firewall be enabled? + +* `firewall_mode` - (Required) The Web Application Firewall Mode. Possible values are `Detection` and `Prevention`. + +* `rule_set_type` - (Required) The Type of the Rule Set used for this Web Application Firewall. + +* `rule_set_version` - (Required) The Version of the Rule Set used for this Web Application Firewall. + +## Attributes Reference + +The following attributes are exported: + +* `id` - The ID of the Application Gateway. + +* `authentication_certificate` - A list of `authentication_certificate` blocks as defined below. + +* `backend_address_pool` - A list of `backend_address_pool` blocks as defined below. + +* `backend_http_settings` - A list of `backend_http_settings` blocks as defined below. + +* `frontend_ip_configuration` - A list of `frontend_ip_configuration` blocks as defined below. + +* `frontend_port` - A list of `frontend_port` blocks as defined below. + +* `gateway_ip_configuration` - A list of `gateway_ip_configuration` blocks as defined below. + +* `http_listener` - A list of `http_listener` blocks as defined below. + +* `probe` - A `probe` block as defined below. + +* `request_routing_rule` - A list of `request_routing_rule` blocks as defined below. + +* `ssl_certificate` - A list of `ssl_certificate` blocks as defined below. + +* `url_path_map` - A list of `url_path_map` blocks as defined below. + +--- + +A `authentication_certificate` block exports the following: + +* `id` - The ID of the Authentication Certificate. + +--- + +A `authentication_certificate` block, within the `backend_http_settings` block exports the following: + +* `id` - The ID of the Authentication Certificate. + +--- + +A `backend_address_pool` block exports the following: + +* `id` - The ID of the Backend Address Pool. + +--- + +A `backend_http_settings` block exports the following: + +* `id` - The ID of the Backend HTTP Settings Configuration. + +* `probe_id` - The ID of the associated Probe. + +--- + +A `frontend_ip_configuration` block exports the following: + +* `id` - The ID of the Frontend IP Configuration. + +--- + +A `frontend_port` block exports the following: + +* `id` - The ID of the Frontend Port. + +--- + +A `gateway_ip_configuration` block exports the following: + +* `id` - The ID of the Gateway IP Configuration. + +--- + +A `http_listener` block exports the following: + +* `id` - The ID of the HTTP Listener. + +* `frontend_ip_configuration_id` - The ID of the associated Frontend Configuration. + +* `frontend_port_id` - The ID of the associated Frontend Port. + +* `ssl_certificate_id` - The ID of the associated SSL Certificate. + +--- + +A `path_rule` block exports the following: + +* `id` - The ID of the Path Rule. + +* `backend_address_pool_id` - The ID of the Backend Address Pool used in this Path Rule. + +* `backend_http_settings_id` - The ID of the Backend HTTP Settings Collection used in this Path Rule. + +--- + +A `probe` block exports the following: + +* `id` - The ID of the Probe. + +--- + +A `request_routing_rule` block exports the following: + +* `id` - The ID of the Request Routing Rule. + +* `http_listener_id` - The ID of the associated HTTP Listener. + +* `backend_address_pool_id` - The ID of the associated Backend Address Pool. + +* `backend_http_settings_id` - The ID of the associated Backend HTTP Settings Configuration. + +* `url_path_map_id` - The ID of the associated URL Path Map. + +--- + +A `ssl_certificate` block exports the following: + +* `id` - The ID of the SSL Certificate. + +* `public_cert_data` - The Public Certificate Data associated with the SSL Certificate. + +--- + +A `url_path_map` block exports the following: + +* `id` - The ID of the URL Path Map. + +* `default_backend_address_pool_id` - The ID of the Default Backend Address Pool. + +* `default_backend_http_settings_id` - The ID of the Default Backend HTTP Settings Collection. + +* `path_rule` - A list of `path_rule` blocks as defined above. + +## Import + +Application Gateway's can be imported using the `resource id`, e.g. + +```shell +terraform import azurerm_application_gateway.test /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/applicationGateways/myGateway1 +``` From 42e72d1b945fd997e5becf83d1d9c6fd8022407f Mon Sep 17 00:00:00 2001 From: Matthew Date: Thu, 17 Jan 2019 22:43:24 +0000 Subject: [PATCH 08/12] app gateway: remove unnecessary two-stage test --- azurerm/resource_arm_application_gateway_test.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index 2162f8a9c827..8bba2bc95efe 100644 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -235,7 +235,6 @@ func TestAccAzureRMApplicationGateway_probesPickHostNameFromBackendHTTPSettings( Config: testAccAzureRMApplicationGateway_probesPickHostNameFromBackendHTTPSettings(ri, testLocation()), Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists(resourceName), - resource.TestCheckResourceAttrSet(resourceName, "probe.0.pick_host_name_from_backend_http_settings"), resource.TestCheckResourceAttr(resourceName, "probe.0.pick_host_name_from_backend_http_settings", "true"), ), }, @@ -261,7 +260,6 @@ func TestAccAzureRMApplicationGateway_settingsPickHostNameFromBackendAddress(t * Config: testAccAzureRMApplicationGateway_settingsPickHostNameFromBackendAddress(ri, testLocation()), Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists(resourceName), - resource.TestCheckResourceAttrSet(resourceName, "backend_http_settings.0.pick_host_name_from_backend_address"), resource.TestCheckResourceAttr(resourceName, "backend_http_settings.0.pick_host_name_from_backend_address", "true"), ), }, From 28bd8469c440907d43b940e6a5d6fb50916f4136 Mon Sep 17 00:00:00 2001 From: Matthew Date: Thu, 17 Jan 2019 23:13:07 +0000 Subject: [PATCH 09/12] app gateway: add defaults to documentation --- website/docs/r/application_gateway.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/r/application_gateway.html.markdown b/website/docs/r/application_gateway.html.markdown index 584b3874152e..9513efe4f3dd 100644 --- a/website/docs/r/application_gateway.html.markdown +++ b/website/docs/r/application_gateway.html.markdown @@ -191,7 +191,7 @@ A `backend_http_settings` block supports the following: * `request_timeout` - (Required) The request timeout in seconds, which must be between 1 and 86400 seconds. -* `pick_host_name_from_backend_address` - (Optional) Whether host header should be picked from the host name of the backend server. +* `pick_host_name_from_backend_address` - (Optional) Whether host header should be picked from the host name of the backend server. Defaults to `false`. * `authentication_certificate` - (Optional) One or more `authentication_certificate` blocks. @@ -283,7 +283,7 @@ A `probe` block support the following: * `unhealthy_threshold` - (Required) The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 - 20 seconds. -* `pick_host_name_from_backend_http_settings` - (Optional) Whether the host header should be picked from the backend http settings. +* `pick_host_name_from_backend_http_settings` - (Optional) Whether the host header should be picked from the backend http settings. Defaults to `false`. * `match` - (Optional) A `match` block as defined above. From a6ad62445ae1918335393cc6a8624c7863ab5841 Mon Sep 17 00:00:00 2001 From: Matthew Date: Thu, 17 Jan 2019 23:14:33 +0000 Subject: [PATCH 10/12] app gateway: mark host as optional --- website/docs/r/application_gateway.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/application_gateway.html.markdown b/website/docs/r/application_gateway.html.markdown index 9513efe4f3dd..d2d59c4eb495 100644 --- a/website/docs/r/application_gateway.html.markdown +++ b/website/docs/r/application_gateway.html.markdown @@ -269,7 +269,7 @@ A `path_rule` block supports the following: A `probe` block support the following: -* `host` - (Required) The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. Cannot be set if `pick_host_name_from_backend_http_settings` is set to true. +* `host` - (Optional) The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. Cannot be set if `pick_host_name_from_backend_http_settings` is set to true. * `interval` - (Required) The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds. From 811ecb981c29e9889c7ffb309b419969559112f0 Mon Sep 17 00:00:00 2001 From: Matthew Date: Thu, 17 Jan 2019 23:24:29 +0000 Subject: [PATCH 11/12] app gateway: cross checks on host/pick --- azurerm/resource_arm_application_gateway.go | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/azurerm/resource_arm_application_gateway.go b/azurerm/resource_arm_application_gateway.go index 0d624902adcb..20abeb23f2aa 100644 --- a/azurerm/resource_arm_application_gateway.go +++ b/azurerm/resource_arm_application_gateway.go @@ -796,6 +796,20 @@ func resourceArmApplicationGatewayCreateUpdate(d *schema.ResourceData, meta inte }, } + for _, probe := range *probes { + probeProperties := *probe.ApplicationGatewayProbePropertiesFormat + host := *probeProperties.Host + pick := *probeProperties.PickHostNameFromBackendHTTPSettings + + if host == "" && !pick { + return fmt.Errorf("One of `host` or `pick_host_name_from_backend_http_settings` must be set") + } + + if host != "" && pick { + return fmt.Errorf("Only one of `host` or `pick_host_name_from_backend_http_settings` can be set") + } + } + if _, ok := d.GetOk("waf_configuration"); ok { gateway.ApplicationGatewayPropertiesFormat.WebApplicationFirewallConfiguration = expandApplicationGatewayWafConfig(d) } From 48eb9059b7551bf854316f4c9c0464bdd3042995 Mon Sep 17 00:00:00 2001 From: Matthew Date: Thu, 17 Jan 2019 23:41:00 +0000 Subject: [PATCH 12/12] app gateway: add missed backticks on true --- website/docs/r/application_gateway.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/application_gateway.html.markdown b/website/docs/r/application_gateway.html.markdown index 3a83bfecd5ef..98a23e7afc78 100644 --- a/website/docs/r/application_gateway.html.markdown +++ b/website/docs/r/application_gateway.html.markdown @@ -269,7 +269,7 @@ A `path_rule` block supports the following: A `probe` block support the following: -* `host` - (Optional) The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. Cannot be set if `pick_host_name_from_backend_http_settings` is set to true. +* `host` - (Optional) The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. Cannot be set if `pick_host_name_from_backend_http_settings` is set to `true`. * `interval` - (Required) The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.