Skip to content

enhancement: Make firewall variables and routing intent optional when not used. #17

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

enhancement: Make firewall variables and routing intent optional when not used. #17

wants to merge 2 commits into from

Conversation

@stimmerman
Copy link

@stimmerman stimmerman commented Oct 15, 2025

Our use case that lead to this PR was:

  • 2 vHubs, one with a firewall, one without.
  • Routing intent disabled in both vHub's

The code used to call the module:

module "vwan" {
  source = "/Users/stimmerman/src/schubergphilis/terraform-azure-mcaf-vwan"

  create_new_resource_group = true
  resource_group_name       = module.naming_gwc["vwan"].naming.management_governance.resource_groups
  virtual_wan = {
    name                           = module.naming_gwc["vwan"].naming.networking.virtual_wan
    allow_branch_to_branch_traffic = true
  }

  virtual_hubs = {
    gwc = {
      address_prefix        = "10.124.1.0/24"
      enable_routing_intent = false
      firewall_deploy       = false
      location              = var.location_gwc
      virtual_hub_name      = module.naming_gwc["vwan"].naming.networking.virtual_hub
    }
    weu = {
      address_prefix                    = "10.124.3.0/24"
      enable_routing_intent             = false
      firewall_classic_ip_config        = true
      firewall_dns_servers              = ["8.8.8.8"]
      firewall_intrusion_detection_mode = "Off"
      firewall_name                     = module.naming_weu["vwan"].naming.networking.azure_firewall
      firewall_policy_name              = module.naming_weu["vwan"].naming.networking.azure_firewall_policy
      firewall_proxy_enabled            = true
      firewall_public_ip_count          = 1
      firewall_sku_tier                 = "Standard"
      firewall_threat_intelligence_mode = "Off"
      firewall_zones                    = ["1", "2", "3"]
      location                          = var.location_weu
      virtual_hub_name                  = module.naming_weu["vwan"].naming.networking.virtual_hub
    }
  }
  location = var.location_gwc
  tags     = local.tags
}

@github-actions github-actions bot added the feature New feature or request label Oct 15, 2025
@github-actions

This comment was marked as resolved.

Sign in to view
@github-actions
Copy link
Contributor

github-actions bot commented Oct 15, 2025
edited
Loading

Terraform Format and Style 🖌 success

Terraform Initialization ⚙️ ``

Terraform Lint 📖 success

Terraform Validation 🤖 success

Validation Output 

Success! The configuration is valid.

@stimmerman stimmerman changed the title Enhancement: Make firewall variables and routing intent optional when not used. enhancement: Make firewall variables and routing intent optional when not used. Oct 15, 2025
@stimmerman stimmerman force-pushed the vhub-improvements-arg-be branch from 1eb52c6 to cfd5fbd Compare October 15, 2025 12:32
Blankf
Blankf approved these changes Oct 17, 2025
View reviewed changes
Copy link
Contributor

@Blankf Blankf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved and tested with classic and new firewall option, did not see any changes from the previous one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Blankf Blankf Blankf approved these changes

Assignees

No one assigned

Labels

feature New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@stimmerman @Blankf