From bfba3cf4860b917c1d871e3de05e0f63d1f9ba2b Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 25 Nov 2025 16:32:59 +0200 Subject: [PATCH 1/4] Handle separate lz key for snet and nsg --- .../_locals.tf | 43 ++++++++++++++++--- 1 file changed, 36 insertions(+), 7 deletions(-) diff --git a/src/modules/_networking/subnet_network_security_group_association/_locals.tf b/src/modules/_networking/subnet_network_security_group_association/_locals.tf index 9c0119b1..4c0d4289 100644 --- a/src/modules/_networking/subnet_network_security_group_association/_locals.tf +++ b/src/modules/_networking/subnet_network_security_group_association/_locals.tf @@ -1,16 +1,45 @@ locals { + subnet_lz_key = ( + try(var.settings.lz_key, null) != null ? + var.settings.lz_key : + try(var.settings.sub_lz_key, var.client_config.landingzone_key) + ) + + nsg_lz_key = ( + try(var.settings.lz_key, null) != null ? + var.settings.lz_key : + try(var.settings.nsg_lz_key, var.client_config.landingzone_key) + ) + subnet_id = try( - var.resources[ - try(var.settings.lz_key, var.client_config.landingzone_key) - ].virtual_networks[split("/", var.settings.subnet_ref)[0]].subnets[split("/", var.settings.subnet_ref)[1]].id, + var.resources[local.subnet_lz_key] + .virtual_networks[split("/", var.settings.subnet_ref)[0]] + .subnets[split("/", var.settings.subnet_ref)[1]] + .id, var.settings.subnet_ref ) - network_security_group_id = try( - var.resources[ - try(var.settings.lz_key, var.client_config.landingzone_key) - ].network_security_groups[var.settings.network_security_group_ref].id, + var.resources[local.nsg_lz_key] + .network_security_groups[var.settings.network_security_group_ref] + .id, var.settings.network_security_group_ref ) } + +# locals { +# subnet_id = try( +# var.resources[ +# try(var.settings.lz_key, var.client_config.landingzone_key) +# ].virtual_networks[split("/", var.settings.subnet_ref)[0]].subnets[split("/", var.settings.subnet_ref)[1]].id, +# var.settings.subnet_ref +# ) + + +# network_security_group_id = try( +# var.resources[ +# try(var.settings.lz_key, var.client_config.landingzone_key) +# ].network_security_groups[var.settings.network_security_group_ref].id, +# var.settings.network_security_group_ref +# ) +# } From e0013e33c6c7faa4466a26a79a55756bae4dbee1 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 1 Dec 2025 17:07:17 +0200 Subject: [PATCH 2/4] Change ip conifg argument LZ reference --- src/modules/_networking/virtual_network_gateway/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/modules/_networking/virtual_network_gateway/main.tf b/src/modules/_networking/virtual_network_gateway/main.tf index 0edf46ac..0d4b4579 100644 --- a/src/modules/_networking/virtual_network_gateway/main.tf +++ b/src/modules/_networking/virtual_network_gateway/main.tf @@ -19,11 +19,11 @@ resource "azurerm_virtual_network_gateway" "main" { private_ip_address_allocation = try(ip_configuration.value.private_ip_address_allocation, null) public_ip_address_id = var.resources[ - try(ip_configuration.value.lz_key, var.client_config.landingzone_key) + try(ip_configuration.value.lz_key, ip_configuration.value.pip_lz_key, var.client_config.landingzone_key) ].public_ips[ip_configuration.value.public_ip_address_ref].id subnet_id = var.resources[ - try(ip_configuration.value.lz_key, var.client_config.landingzone_key) + try(ip_configuration.value.lz_key, ip_configuration.value.snet_lz_key, var.client_config.landingzone_key) ].virtual_networks[ split("/", ip_configuration.value.subnet_ref)[0] ].subnets[ From a32948d8d40471b2b53b3a7308a64c221434c5a9 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 1 Dec 2025 18:03:13 +0200 Subject: [PATCH 3/4] FIx fallback to expression in locals --- .../subnet_network_security_group_association/_locals.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/modules/_networking/subnet_network_security_group_association/_locals.tf b/src/modules/_networking/subnet_network_security_group_association/_locals.tf index 4c0d4289..f1daf37f 100644 --- a/src/modules/_networking/subnet_network_security_group_association/_locals.tf +++ b/src/modules/_networking/subnet_network_security_group_association/_locals.tf @@ -16,14 +16,14 @@ locals { .virtual_networks[split("/", var.settings.subnet_ref)[0]] .subnets[split("/", var.settings.subnet_ref)[1]] .id, - var.settings.subnet_ref + var.settings.subnet_id ) network_security_group_id = try( var.resources[local.nsg_lz_key] .network_security_groups[var.settings.network_security_group_ref] .id, - var.settings.network_security_group_ref + var.settings.network_security_group_id ) } From 54d2b54035b7ba998f669426bd7c7ec39976e680 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 2 Dec 2025 09:52:07 +0200 Subject: [PATCH 4/4] Remove comments --- .../_locals.tf | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/src/modules/_networking/subnet_network_security_group_association/_locals.tf b/src/modules/_networking/subnet_network_security_group_association/_locals.tf index f1daf37f..e9574711 100644 --- a/src/modules/_networking/subnet_network_security_group_association/_locals.tf +++ b/src/modules/_networking/subnet_network_security_group_association/_locals.tf @@ -26,20 +26,3 @@ locals { var.settings.network_security_group_id ) } - -# locals { -# subnet_id = try( -# var.resources[ -# try(var.settings.lz_key, var.client_config.landingzone_key) -# ].virtual_networks[split("/", var.settings.subnet_ref)[0]].subnets[split("/", var.settings.subnet_ref)[1]].id, -# var.settings.subnet_ref -# ) - - -# network_security_group_id = try( -# var.resources[ -# try(var.settings.lz_key, var.client_config.landingzone_key) -# ].network_security_groups[var.settings.network_security_group_ref].id, -# var.settings.network_security_group_ref -# ) -# }