Bug in ip_restriction for app services

Hi.

I have following definition for an app service:
resource “azurerm_app_service” “aboapi” {
name = “aboapi”
location = azurerm_resource_group.my_rg_group.location
resource_group_name = azurerm_resource_group.my_rg_group.name
app_service_plan_id = azurerm_app_service_plan.rg_name.id
site_config {
dotnet_framework_version = “v4.0”
min_tls_version = “1.2”
always_on = true
websockets_enabled = false
ip_restriction = [
{
action = “Allow”
headers =
ip_address = “123.34.45.6/32”
name = “Allow_My_IP”
priority = 100
service_tag = “”
virtual_network_subnet_id = “”
},
]
}
}

What happens is when I run terraform apply, it tells me that it also needs service_tag and virtual_network_subnet_id to be configured. According to the docs they are optional and can/should be empty.
But then when I add values to both, terraform tells me they cannot have any values and only ip_address should be configured…

1 Like