Hello @Naveen Vanamadi ,
I understand that you are trying to deploy an Azure Firewall using Terraform, but it is failing with an InternalServerError message.
You are trying to deploy an Azure Firewall in East US 2 region and it works fine when you create one through the Azure portal but fails via Terraform.
I checked internally and found that there is an ongoing issue with few Azure Firewall deployments, where sometimes the Azure Firewall is going into a failed state due to a transient known issue with an underlying Azure Firewall service.
The Azure Firewall Product Group team is already working on a fix but there is no ETA available as of yet.
I requested you to create a support request if you need help in recovering the failed Azure Firewall deployment using Terraform, as this will enable the support team to engage with the backend team for further assistance.
We also offered you a one-time free technical support, in case you don't have a support plan.
You created a support request for this issue and the support team investigated it from their end. When checking the backend logs, they found an error which mentioned that the VPN gateway is not in provisioning state.
From the backend error, it seems like you were encountering an issue where the creation of a VPN Gateway was affecting the creation of a Firewall in your Terraform configuration. This can happen if there are dependencies or resource constraints defined in your Terraform code that link these resources together. For example, if you have a firewall policy that specifies routing to be sent over a VPN connection provided by a VPN Gateway, then logically, you cannot create the firewall until after the VPN Gateway is available. Similarly, if there are shared network interfaces or other resources required by both services before they can be created independently.
So, the support team checked the Terraform code that you shared and found that there is a depends_on
variable that is set to depend on subnet, and they asked you to add another depends_on
variable and set it to depend on VPN Gateway and then try to deploy Azure Firewall again.
You added depends_on
conditions to the firewall block for VPN_Gateway and this fixed the issue.
Kindly let us know if the above helps or you need further assistance on this issue.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.