Terraform-provider-azurerm: Data source data.azurerm_public_ips with empty public_ips

Created on 15 Sep 2020  ·  10Comments  ·  Source: terraform-providers/terraform-provider-azurerm

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and AzureRM Provider) Version

terraform -v
Terraform v0.13.2
+ provider registry.terraform.io/hashicorp/azurerm v2.27.0
+ provider registry.terraform.io/hashicorp/local v1.4.0
+ provider registry.terraform.io/hashicorp/tls v2.2.0

Affected Resource(s)

  • azurerm_public_ips - data source

Terraform Configuration Files

terraform {
  required_version = ">= 0.13"
  required_providers {
    azurerm = ">= 2.26.0"
  }
}

provider "azurerm" {
  subscription_id = var.subscription_id
  client_id       = var.client_id
  client_secret   = var.client_secret
  tenant_id       = var.tenant_id
  features {}
}

resource "azurerm_resource_group" "rg_example" {
  name     = "rg-example"
  location = "uksouth"
}

resource "azurerm_virtual_network" "vnet_example" {
  name                = "${azurerm_resource_group.rg_example.name}-vnet"
  resource_group_name = azurerm_resource_group.rg_example.name
  location            = azurerm_resource_group.rg_example.location
  address_space       = ["10.0.0.0/16"]
}

resource "azurerm_subnet" "snet_example_gateway" {
  name                 = "${azurerm_resource_group.rg_example.name}-snet-gateway"
  resource_group_name  = azurerm_resource_group.rg_example.name
  address_prefixes     = ["10.0.1.0/24"]
  virtual_network_name = azurerm_virtual_network.vnet_example.name
}

resource "azurerm_network_security_group" "nsg_example_gateway" {
  name                = "${azurerm_resource_group.rg_example.name}-nsg-gateway"
  resource_group_name = azurerm_resource_group.rg_example.name
  location            = azurerm_resource_group.rg_example.location

  security_rule {
    name                       = "GatewayAllowSSH"
    access                     = "Allow"
    description                = "Allow SSH"
    destination_address_prefix = "*"
    destination_port_range     = "22"
    direction                  = "Inbound"
    priority                   = 200
    protocol                   = "Tcp"
    source_address_prefix      = "Internet"
    source_port_range          = "*"
  }
}

resource "azurerm_subnet_network_security_group_association" "snet-nsg-gateway" {
  subnet_id                 = azurerm_subnet.snet_example_gateway.id
  network_security_group_id = azurerm_network_security_group.nsg_example_gateway.id
}

resource "azurerm_public_ip" "pip_example_gateway" {
  name                    = "${azurerm_resource_group.rg_example.name}-pip-gateway"
  resource_group_name     = azurerm_resource_group.rg_example.name
  location                = azurerm_resource_group.rg_example.location
  allocation_method       = "Static"
  domain_name_label       = "${azurerm_resource_group.rg_example.name}-vm-gateway"
  idle_timeout_in_minutes = 30
}

data "azurerm_public_ip" "pip_example_gateway_ip" {
  name                = azurerm_public_ip.pip_example_gateway.name
  resource_group_name = azurerm_resource_group.rg_example.name
  depends_on = [azurerm_linux_virtual_machine.vm_example_gateway]
}

data "azurerm_public_ips" "pip_example_gateway_ips" {
  resource_group_name = azurerm_resource_group.rg_example.name
  depends_on = [azurerm_linux_virtual_machine.vm_example_gateway]
}

resource "azurerm_network_interface" "nic_example_gateway" {
  name                    = "${azurerm_resource_group.rg_example.name}-nic-gateway"
  resource_group_name     = azurerm_resource_group.rg_example.name
  location                = azurerm_resource_group.rg_example.location
  internal_dns_name_label = var.vm_gateway_internal_dns_name

  ip_configuration {
    name                          = "${azurerm_resource_group.rg_example.name}-nic-gateway-ip"
    subnet_id                     = azurerm_subnet.snet_example_gateway.id
    private_ip_address_allocation = "Dynamic"
    public_ip_address_id          = azurerm_public_ip.pip_example_gateway.id
  }
}

resource "azurerm_linux_virtual_machine" "vm_example_gateway" {
  name                = "${azurerm_resource_group.rg_example.name}-vm-gateway"
  resource_group_name = azurerm_resource_group.rg_example.name
  location            = azurerm_resource_group.rg_example.location
  network_interface_ids = [
    azurerm_network_interface.nic_example_gateway.id
  ]
  size = "Standard_B1ms" # "Standard_B1s"

  os_disk {
    name                 = "${azurerm_resource_group.rg_example.name}-vm-gateway-osdisk"
    caching              = "ReadWrite"
    storage_account_type = "Standard_LRS"
  }

  source_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "18.04-LTS"
    version   = "latest"
  }

  admin_username                  = var.vm_gateway_admin_username
  admin_password                  = var.vm_gateway_admin_password
  disable_password_authentication = false

  ...
}

output "vm_gateway_private_ip_addresses" {
  value       = azurerm_network_interface.nic_example_gateway.private_ip_addresses
}

output "vm_gateway_public_ip_addresses" {
  value = data.azurerm_public_ips.pip_example_gateway_ips.public_ips
}
output "vm_gateway_public_ip_address" {
  value = data.azurerm_public_ip.pip_example_gateway_ip.ip_address
}

output "vm_gateway_fqdn" {
  value       = data.azurerm_public_ip.pip_example_gateway_ip.fqdn
}

Expected Behavior

The output value vm_gateway_public_ip_addresses should present public IPs based on the data source data.azurerm_public_ips.pip_example_gateway_ips.public_ips.

Actual Behavior

The output value vm_gateway_public_ip_addresses is empty:

...
Apply complete! Resources: 11 added, 0 changed, 0 destroyed.

Outputs:

vm_gateway_fqdn = rg-example-vm-gateway.uksouth.cloudapp.azure.com
vm_gateway_private_ip_addresses = [
  "10.0.1.4",
]
vm_gateway_public_ip_address = 51.135.49.69
vm_gateway_public_ip_addresses = []

Steps to Reproduce

  1. terraform apply
question servicpublic-ip
Source
picture mloskot

Most helpful comment

Seems something in 2.18.0 broke it. Be good to see this fixed as knowing all IPs that match a prefix that are attached or not is a valid use case.

picture rlees85 on 17 Sep 2020
👍2

All 10 comments

Thanks for opening this issue. After checked, seems you have to add property "attached = true" in data source "azurerm_public_ips" since vm is attached. See more details from doc. For more usage problem, suggest to submit to hashicorp community forum.

Sample code:

data "azurerm_public_ips" "test" {
  resource_group_name = azurerm_resource_group.test.name
  attached            = true

  depends_on = [azurerm_linux_virtual_machine.test]
}
neil-yechenwei picture neil-yechenwei on 16 Sep 2020

@neil-yechenwei Thanks for the helpful answer. The attached=true did the trick and I receive the public IP block filled with values:

vm_gateway_public_ip_addresses = [
  {
    "domain_name_label" = "rg-example-vm-gateway"
    "fqdn" = "rg-example-vm-gateway.uksouth.cloudapp.azure.com"
    "id" = "/subscriptions/CCCCCCCC-CCCC-CCCC-CCCC-CCCCCCCCCCCC/resourceGroups/rg-example/providers/Microsoft.Network/publicIPAddresses/rg-example-pip-gateway"
    "ip_address" = "51.234.56.78"
    "name" = "rg-example-pip-gateway"
  },
]

I'd read the docs, but it indicates the attached argument is optional. I'd assumed that if I don't specify it, I should get any/all non-empty IPs.

mloskot picture mloskot on 17 Sep 2020
👍1

Seems something in 2.18.0 broke it. Be good to see this fixed as knowing all IPs that match a prefix that are attached or not is a valid use case.

rlees85 picture rlees85 on 17 Sep 2020
👍2

The default value of attached is false. So when not specifying attached or setting it as false, data source azurerm_public_ips would list unattached ips.

neil-yechenwei picture neil-yechenwei on 28 Sep 2020

@neil-yechenwei That was/is clear. The confusion remains though, as I explained in the https://github.com/terraform-providers/terraform-provider-azurerm/issues/8476#issuecomment-694122625

I'd read the docs, but it indicates the attached argument is optional. I'd assumed that if I don't specify it, I should get any/all non-empty IPs.

mloskot picture mloskot on 28 Sep 2020

Per @tombuildsstuff 's suggestion, the default value for a boolean would be false we intentionally don't document this on every field as it'd be superfluous.

neil-yechenwei picture neil-yechenwei on 9 Oct 2020

@neil-yechenwei Okey, it makes sense.

I just think possible interpretation of attached = false is that azurerm_public_ips includes all IPs excluding the attached ones.

mloskot picture mloskot on 9 Oct 2020

If no more problems for this issue, suggest to close this issue. If you have any other issue, please file a new one. Thanks.

neil-yechenwei picture neil-yechenwei on 9 Oct 2020

Yes, this can be closed. Thanks

mloskot picture mloskot on 9 Oct 2020

I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

hashibot[bot] picture hashibot[bot] on 8 Nov 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

voyera picture voyera  ·  3Comments
steffencircle picture steffencircle  ·  3Comments
Kanikamiglani31 picture Kanikamiglani31  ·  3Comments
Lachlan-White picture Lachlan-White  ·  3Comments
akamalov picture akamalov  ·  3Comments