Attaching VM Scale Set to Application Gateway's backend pool

0
votes

Can anyone provide an example of how to add an Azure VM Scale Set (VMSS) to an application gateway's backend pool using Terraform.

I can only find one example that I cannot get to work for me. Although terraform plan and terraform apply do not error, the VMSS is not added to the backend pool. I wonder if my problems are caused by the fact the backend_address_pool output from the app gateway resource is a block as opposed to a single attribute.

I am using Terraform 0.12.5, with AzureRM provider 1.31.0.

App Gateway resource output:

output "name" {
  value = azurerm_application_gateway.pool[*].name
}

output "id" {
  value = azurerm_application_gateway.pool[*].id
}

output "backend_address_pool" {
  value = azurerm_application_gateway.pool[*].backend_address_pool
}

VMSS module declaration:

module "vmss_example" {
...
application_gateway_backend_address_pool_ids = ["${module.app_gateway_example[0].id}/backendAddressPools/my-backend-address-pool"]
}

After the resources have been created, rerunning terraform plan wants to change the vmss from:

...
- ip_configuration {
              - application_gateway_backend_address_pool_ids = [] -> null
              - application_security_group_ids               = [] -> null
              - load_balancer_backend_address_pool_ids       = [] -> null
              - load_balancer_inbound_nat_rules_ids          = [] -> null
              - name                                         = "ipconfig" -> null
              - primary                                      = true -> null
              - subnet_id                                    = "/subscriptions/#########-####-####-####-############/resourceGroups/demo-modules-rg/providers/Microsoft.Network/virtualNetworks/vnetdemodemo01/subnets/subnetdemovm01" -> null
            }
...

to:

...
+ ip_configuration {
              + application_gateway_backend_address_pool_ids = (known after apply)
              + application_security_group_ids               = []
              + load_balancer_backend_address_pool_ids       = []
              + load_balancer_inbound_nat_rules_ids          = (known after apply)
              + name                                         = "ipconfig"
              + primary                                      = true
              + subnet_id                                    = "/subscriptions/#########-####-####-####-############/resourceGroups/demo-modules-rg/providers/Microsoft.Network/virtualNetworks/vnetdemodemo01/subnets/subnetdemovm01"
            }
...

Which I believe means that it is trying to update application_gateway_backend_address_pool_ids.

Any help, pointers or suggestions will be gratefully received. TIA

1
azureterraformterraform-provider-azure

1 Answers

1
votes

Yes, you just need to use application_gateway_backend_address_pool_ids to specify an array of references to backend address pools of application gateways in the ip_configuration block.

For example, this works on my side with Terraform v0.12.5 + provider.azurerm v1.32.0 :

ip_configuration {
  name                                   = "TestIPConfiguration"
  primary                                = true
  subnet_id                              = "${azurerm_subnet.backend.id}"
  application_gateway_backend_address_pool_ids = "${azurerm_application_gateway.network.backend_address_pool[*].id}"
}

Or, this also works application_gateway_backend_address_pool_ids = ["${azurerm_application_gateway.network.backend_address_pool[0].id}"]

Check the output

output "backend_address_pool" {
    value = "${azurerm_application_gateway.network.backend_address_pool[*].id}"
}

enter image description here