We have a VHUB and 2 VNet spokes (there is more but I have tried to simplify things)
VNet 1 hosts the internet break out and 3rd party Firewalls
VNet 2 hosts the internal resources etc.
Each VNet has its own Route Table.
VNet1 (fortigate_vnet) : Route Table 1 (rt_fortigate)
VNet2 : Route Table 2 (rt_modern)
When peering VNet 1 to the VHub I am propagating the routes from Route Table 1 to Route Table 2
Route table 2 has a default route to next hop VNet 1 which creates a cyclic dependency. Is there an other code block that I can use other than the two below to achieve the same outcome?
resource “azurerm_virtual_hub_route_table” “rt_modern” {
name = var.modern_rt_name
virtual_hub_id = azurerm_virtual_hub.hub_1.id
route {
name = “default_rt”
destinations_type = “CIDR”
destinations = [“0.0.0.0/0”]
next_hop_type = “ResourceId”
next_hop = azurerm_virtual_hub_connection.fortigate_vnet.id
}
}
resource “azurerm_virtual_hub_connection” “fortigate_vnet” {
name = var.fortigate_to_hub
virtual_hub_id = azurerm_virtual_hub.hub_1.id
remote_virtual_network_id = var.fortigate_vnet_id
routing {
associated_route_table_id = azurerm_virtual_hub_route_table.rt_fortigate.id
propagated_route_table {
route_table_ids = [azurerm_virtual_hub_route_table.rt_fortigate.id,
azurerm_virtual_hub_route_table.rt_modern.id
]
}
static_vnet_route {
name = "default_rt"
address_prefixes = ["0.0.0.0/0"]
next_hop_ip_address = "10.100.0.132" #IP address of the FortiGates
}
}
}
Please let me know if I should have created this post elsewhere.