Converting VWAN hub to secure hub (Azure Firewall)

Hi!

How can get Terraform to “Convert to secure hub”?

I’m trying to deploy a virtual WAN in Azure, and I’ve got the vWAN created with hubs, and VNETs connected.

I’m using
azurerm_virtual_hub
azurerm_virtual_wan
azurerm_virtual_network
azurerm_virtual_hub_connection

I’m confused why there’s no syntax in the *_virtual_hub module that would allow me to create the hub as secured with a block inside.

I see that there is *_virtual_hub_security_partner_provider, which happens at least similarly, or perhaps only similar through the GUI? Is there an analogous “*_virutal_hub_secure_hub” or something with a better name?

I don’t find any settings elsewhere that indicate converting a hub to a secured hub.

I’ve also gone after the idea of creating an azurerm_firewall and attaching it to the hub, but I get blocked at trying to define the subnet ID for the hub, or why the subnet isn’t named “AzureFirewallSubnet”.

I’m hoping that I’ve missed something simple.

Thanks for any assistance.

Best,
Dana