feat(connectivity): Add option to set allow_non_virtual_wan_traffic in express route gateway.

[Slapper]

Overview/Summary

Add option to set allow_non_virtual_wan_traffic value to true or false in express route gateway.

This PR fixes/adds/changes/removes

1. Give the option to set allow_non_virtual_wan_traffic to true in azurerm_express_route_gateway resource

Breaking Changes

None

Testing Evidence

On the latest azurerm versions ( v3.48.0 and higher ) azurerm_express_route_gateway resource has the option to set this value to true. At the time of writing CAF module has no option available .

We saw this issue in our Dev environment during terraform plan : the value was true so using a newer azurerm version the value goes to false, which is the default.

  # module.vWAN.module.alz_connectivity.azurerm_express_route_gateway.virtual_wan["/subscriptions/xxxxx-xxxx-xxxx-xxxxx-xxxxxxxxxx/resourceGroups/dev-connectivity/providers/Microsoft.Network/expressRouteGateways/dev-ergw-northeurope"] will be updated in-place
  ~ resource "azurerm_express_route_gateway" "virtual_wan" {
      ~ allow_non_virtual_wan_traffic = true -> false
        id                            = "/subscriptions/xxxxx-xxxx-xxxx-xxxxx-xxxxxxxxxx/resourceGroups/dev-connectivity/providers/Microsoft.Network/expressRouteGateways/dev-ergw-northeurope"
        name                          = "dev-ergw-northeurope"
        tags                          = {
            "deployedBy"  = "terraform/azure/caf-enterprise-scale"
            "deployedFor" = "Dev"
        }

More info about this option can be found here : hashicorp/terraform-provider-azurerm#20667

As part of this Pull Request I have

• Checked for duplicate Pull Requests
• Associated it with relevant issues, for tracking and closure.
• Ensured my code/branch is up-to-date with the latest changes in the main branch
• Performed testing and provided evidence.
• Updated relevant and associated documentation.

[Slapper]

@microsoft-github-policy-service agree

[matt-FFFFFF]

LGTM - @luke-taylor @jaredfholgate

Please could you have a look and merge/release if you're happy?

Thanks!

[birdnathan]

+1 - Hit by this issue today

[jaredfholgate]

/azp run unit

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[jaredfholgate]

Need to run terraform fmt -recursive to fix the tests.

[jaredfholgate]

Please run terraform fmt. Thanks!

[jaredfholgate]

/azp run unit

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[jaredfholgate]

@Slapper For some reason I am still seeing formatting errors in the unit tests. Two options:

1. Give me access to your repo and I'll fix it there.
2. I can move your branch over to the Azure org and fix it there.

Let me know which you prefer.

Thanks

[Slapper]

Hi @jaredfholgate ,

Feel free to move my branch to Azure project.

( i forgot to run the fmt with the recursive flag so maybe thats was the case )
Thanks!

[jaredfholgate]

/azp run unit

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[jaredfholgate]

Hi @jaredfholgate ,

Feel free to move my branch to Azure project.

( i forgot to run the fmt with the recursive flag so maybe thats was the case ) Thanks!

That has fixed the linting issues, thanks. I will run and update the tests as nessecary now.

[jaredfholgate]

LGTM

[jaredfholgate]

This was released in 5.2.0.

[birdnathan]

@Slapper @jaredfholgate - something not quite right with that release

[birdnathan]

@Slapper @jaredfholgate - something not quite right with that release

Apologies, sorted. Nothing to do with your change. #907 introduced a breaking change. Had to tweak settings.connectivity to also change threat_intelligence_allowlist = [] to threat_intelligence_allowlist = {}