Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-ai
pulumi-cdk
pulumi-cloud
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Title
i
important-carpet-93412
10/05/2020, 9:26 PMHi guys,
I have an error with Azure Next gen and Azure Firewall.
I receive the follow error but I don't have any idea.
Everything it looks good to me, I have created a public static standard IP and I still receive this error: Code="AzureFirewallPublicIPNotProvided" Message="AzureFirewall azurefirewall references subnet /subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/test-rg/providers/Microsoft.Network/virtualNetworks/vnethub936acd5b/subnets/AzureFirewallSubnet, but does not provide a PublicIP Address." Details=[]
Any hint?
This is part of the code:
pip = azure_nextgen.network.latest.PublicIPAddress(
"fwpip",
public_ip_address_name="fwpip",
resource_group_name=rg_name,
public_ip_allocation_method="Static",
location=location,
sku = {
"name": "Standard"
}
)
azure_firewall = azure_nextgen.network.latest.AzureFirewall("azureFirewall",
application_rule_collections=[{
"name": "apprulecoll",
}],
azure_firewall_name="azurefirewall",
ip_configurations=[{
"name": "azureFirewallIpConfiguration",
"subnet": vnet.subnets[1],
"public_ip_address": pip,
}],
location=location,
nat_rule_collections=[{
"name": "natrulecoll",
}],
network_rule_collections=[{
"name": "netrulecoll",
}],
resource_group_name=rg_name,
sku={
"name": "AZFW_VNet",
"tier": "Standard",
},
tags={
"key1": "value1",
},
threat_intel_mode="Alert",
zones=[])
s
sparse-park-68967
10/06/2020, 5:36 AMMy understanding is that the public_ip_address is actually expecting a subresource reference, i.e. the resource id of the pip: https://github.com/pulumi/pulumi-azure-nextgen/blob/master/sdk/python/pulumi_azure_nextgen/network/latest/_inputs.py#L15917.
t
tall-librarian-49374
10/06/2020, 5:43 AMYes, something like
"public_ip_address": {
"id": pip.id,
},i
important-carpet-93412
10/06/2020, 7:47 AMSame error :-(
This is the definition of VNET
vnet = azure.network.VirtualNetwork(vnet_name,
location=location,
resource_group_name=rg_name,
address_spaces=[vnet_addr],
subnets=[
azure.network.VirtualNetworkSubnetArgs(
name=vnet_gw_subnet,
address_prefix=vnet_gw_subnet_addr,
),
azure.network.VirtualNetworkSubnetArgs(
name=vnet_fw_subnet,
address_prefix=vnet_fw_subnet_addr,
),
azure.network.VirtualNetworkSubnetArgs(
name=vnet_core_subnet,
address_prefix=vnet_core_subnet_addr,
#security_group=nsg.id,
),
],
tags={
"environment": env,
})
t
tall-librarian-49374
10/06/2020, 7:54 AMHmm, it looks like it should be named
publicIPAddressi
important-carpet-93412
10/06/2020, 10:35 AMI will confirm to you that you are right, this is the right configuration:
ip_configurations=[{
"name": "azureFirewallIpConfiguration",
"subnet": {
"id": vnet.subnets[1].id
},
"publicIPAddress": {
"id": pip.id
},
}],
Then the documentation is wrong, it needs to fix it because it report wrong property
t
tall-librarian-49374
10/06/2020, 10:37 AMDiscussed in https://github.com/pulumi/pulumi-azure-nextgen/issues/49 I will take a look
👍 1
i
important-carpet-93412
10/06/2020, 10:51 AMI have raised in github as well