feat(GH-1): add support of data_plane_proxy_authentication_mode and data_plane_proxy_private_link_delegation_enabled

Closes #1

Author: jmapro

.gitlab-ci.yml

@@ -1,7 +1,7 @@
 ---
 variables:
     TF_MIN_VERSION: "1.8"
-    AZURERM_PROVIDER_MIN_VERSION: "4.0"
+    AZURERM_PROVIDER_MIN_VERSION: "4.19"
 
 include:
   - project: 'claranet/projects/cloud/azure/terraform/ci'

README.md

@@ -72,7 +72,7 @@ module "app_configuration" {
 | Name | Version |
 |------|---------|
 | azurecaf | ~> 1.2.28 |
-| azurerm | ~> 4.0 |
+| azurerm | ~> 4.19 |
 
 ## Modules
 
@@ -95,6 +95,8 @@ module "app_configuration" {
 | client\_name | Client name/account used in naming. | `string` | n/a | yes |
 | custom\_name | Custom App Configuration, generated if not set. | `string` | `""` | no |
 | custom\_replica | Create one or multiple custom AppConfig replica. | <pre>list(object({<br/>    location = string<br/>    name     = string<br/>  }))</pre> | `[]` | no |
+| data\_plane\_proxy\_authentication\_mode | The data plane proxy authentication mode. | `string` | `"Local"` | no |
+| data\_plane\_proxy\_private\_link\_delegation\_enabled | Whether data plane proxy private link delegation is enabled. | `bool` | `false` | no |
 | default\_tags\_enabled | Option to enable or disable default tags. | `bool` | `true` | no |
 | diagnostic\_settings\_custom\_name | Custom name of the diagnostics settings, name will be `default` if not set. | `string` | `"default"` | no |
 | environment | Project environment. | `string` | n/a | yes |

providers.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "~> 4.0"
+      version = "~> 4.19"
     }
     azurecaf = {
       source  = "claranet/azurecaf"

r-app-configuration.tf

@@ -11,6 +11,9 @@ resource "azurerm_app_configuration" "main" {
   soft_delete_retention_days = var.soft_delete_retention_days
   local_auth_enabled         = var.local_auth_enabled
 
+  data_plane_proxy_authentication_mode             = var.data_plane_proxy_authentication_mode
+  data_plane_proxy_private_link_delegation_enabled = var.data_plane_proxy_private_link_delegation_enabled
+
   dynamic "identity" {
     for_each = var.identity[*]
     content {
@@ -36,6 +39,13 @@ resource "azurerm_app_configuration" "main" {
   }
 
   tags = merge(local.default_tags, var.extra_tags)
+
+  lifecycle {
+    precondition {
+      condition     = (var.data_plane_proxy_authentication_mode == "Local" && !var.data_plane_proxy_private_link_delegation_enabled) || (var.data_plane_proxy_authentication_mode == "Pass-through")
+      error_message = "`data_plane_proxy_private_link_delegation_enabled` cannot be set to `true` when `data_plane_proxy_authentication_mode` is set to `Local`"
+    }
+  }
 }
 
 moved {

variables-app-configuration.tf

@@ -63,3 +63,15 @@ variable "custom_replica" {
   default  = []
   nullable = false
 }
+
+variable "data_plane_proxy_authentication_mode" {
+  description = "The data plane proxy authentication mode."
+  type        = string
+  default     = "Local"
+}
+
+variable "data_plane_proxy_private_link_delegation_enabled" {
+  description = "Whether data plane proxy private link delegation is enabled."
+  type        = bool
+  default     = false
+}