0

getting this error

│ Error: waiting for update of Application Gateway: (Name "dev-waf-sec" / Resource Group "dev-network-rg"): Code="InternalServerError" Message="An error occurred." Details=[] │ │ with azurerm_application_gateway.waf, │ on waf.tf line 84, in resource "azurerm_application_gateway" "waf": │ 84: resource "azurerm_application_gateway" "waf" {

Here is my config

resource "azurerm_virtual_network" "vnet" {
    name                = "${var.environment}-vnet"
    resource_group_name = data.azurerm_resource_group.network-rg.name
    location            = var.location
    address_space       = ["10.254.0.0/16"]
    tags = {
        environment = var.environment
        organizationName = var.organization-name
        applicationDescription = var.application-description-admin
    }
}

resource "azurerm_subnet" "vnet-subnet-frontend" {
    name                 = "${var.environment}-frontend-subnet"
    resource_group_name  = data.azurerm_resource_group.network-rg.name
    virtual_network_name = azurerm_virtual_network.vnet.name
    address_prefixes     = ["10.254.0.0/24"]
}

resource "azurerm_subnet" "vnet-subnet-backend" {
    name                 = "${var.environment}-backend-subnet"
    resource_group_name  = data.azurerm_resource_group.network-rg.name
    virtual_network_name = azurerm_virtual_network.vnet.name
    address_prefixes     = ["10.254.2.0/24"]
}

resource "azurerm_public_ip" "vnet-pip" {
    name                = "${var.environment}-pip"
    resource_group_name = data.azurerm_resource_group.network-rg.name
    location            = var.location
    allocation_method   = "Dynamic"
    tags = {
        environment = var.environment
        organizationName = var.organization-name
        applicationDescription = var.application-description-admin
    }
}

resource "azurerm_network_security_group" "vnet-nsg" {
    # checkov:skip=CKV_AZURE_10
    name                = "${var.environment}-nsg"
    resource_group_name = data.azurerm_resource_group.network-rg.name
    location            = var.location

    security_rule {
        name                       = "${var.environment}-nsg-allow-ssh"
        priority                   = 100
        direction                  = "Inbound"
        access                     = "Allow"
        protocol                   = "Tcp"
        source_port_range          = "*"
        destination_port_range     = "22"
        source_address_prefix      = "*"
        destination_address_prefix = "*"
    }

    tags = {
        environment = var.environment
        organizationName = var.organization-name
        applicationDescription = var.application-description-admin
    }
}

resource "azurerm_subnet_network_security_group_association" "vnet-subnet-frontend-nsg" {
    subnet_id                 = azurerm_subnet.vnet-subnet-frontend.id
    network_security_group_id = azurerm_network_security_group.vnet-nsg.id
}

resource "azurerm_subnet_network_security_group_association" "vnet-subnet-backend-nsg" {
    subnet_id                 = azurerm_subnet.vnet-subnet-backend.id
    network_security_group_id = azurerm_network_security_group.vnet-nsg.id
}

locals {
    backend_address_pool_name = "${var.environment}-backend-address-pool"
    frontend_ip_configuration_name = "${var.environment}-frontend-ip-configuration"
    frontend_port_name = "${var.environment}-frontend-port"
    http_setting_name = "${var.environment}-http-setting"
    http_listener_name = "${var.environment}-http-listener"
    request_routing_rule_name = "${var.environment}-request-routing-rule"
    redirect_configuration_name = "${var.environment}-redirect-configuration"
}

resource "azurerm_application_gateway" "waf" {
    name = "${var.environment}-waf"
    resource_group_name = data.azurerm_resource_group.network-rg.name
    location = var.location
    sku {
        name = "WAF_Medium"
        tier = "WAF"
        capacity = 2
    }

    waf_configuration {
        enabled = true
        firewall_mode = "Detection"
        rule_set_type = "OWASP"
        rule_set_version = "3.0"
    }

    gateway_ip_configuration {
        name = "${var.environment}-gateway-ip-configuration"
        subnet_id = azurerm_subnet.vnet-subnet-frontend.id
    }

    frontend_port {
        name = local.frontend_port_name
        port = 80
    }

    frontend_ip_configuration {
        name = local.frontend_ip_configuration_name
        public_ip_address_id = azurerm_public_ip.vnet-pip.id
    }

    backend_address_pool {
        name = local.backend_address_pool_name
    }

    backend_http_settings {
        name = local.http_setting_name
        cookie_based_affinity = "Disabled"
        port = 80
        protocol = "Http"
        request_timeout = 60
    }

    http_listener {
        name = local.http_listener_name
        frontend_ip_configuration_name = local.frontend_ip_configuration_name
        frontend_port_name = local.frontend_port_name
        protocol = "Http"
    }

    request_routing_rule {
        name = local.request_routing_rule_name
        rule_type = "Basic"
        http_listener_name = local.http_listener_name
        backend_address_pool_name = local.backend_address_pool_name
        backend_http_settings_name = local.http_setting_name
    }
}

it was working before, then I change the location, and revert it, then the error comes up...I've tried destroying and create again...after destroying, I 'll get an error message in the line of the resource with the id is alread available if i want to manage with terraform, I should import it. After importing, I'll get the error again

Oluwafemi Awoyemi
  • 1

0 Answers0