azurerm_vpn_site - support new property o365_policy #16820
Conversation
| A `o365_policy` block supports the following: | ||
|
|
||
| * `breakout_category` - (Optional) A `breakout_category` block as defined above. | ||
|
|
||
| --- | ||
|
|
||
| A `breakout_category` block supports the following: | ||
|
|
||
| * `allow_category_enabled` - (Optional) Is allow category controlled? Defaults to `false`. | ||
|
|
||
| * `default_category_enabled` - (Optional) Is default category controlled? Defaults to `false`. | ||
|
|
||
| * `optimize_category_enabled` - (Optional) Is optimize category controlled? Defaults to `false`. | ||
|
|
There was a problem hiding this comment.
i think this needs to be reworked as its not very intuitive what is being set.
what does it mean by breakout category? what is allow vs default vs optimise? should it be o365_breakout_policy? or o365_breakout_catagory_policy
allow_controlled = true etc?
There was a problem hiding this comment.
@katbyte , I think service team would expand the sub properties of o365_policy to introduce other o365 policies in the future. So suggest keep o365_policy. I updated breakout_category to traffic_category. See more details from https://docs.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-vpn-split-tunnel?view=o365-worldwide.
|
@katbyte , thanks for your comments. I've updated code. Please take another look. Thanks in advance. |
| A `traffic_category` block supports the following: | ||
|
|
||
| * `allow_controlled` - (Optional) Is allow category controlled? Defaults to `false`. | ||
|
|
||
| * `default_controlled` - (Optional) Is default category controlled? Defaults to `false`. | ||
|
|
||
| * `optimize_controlled` - (Optional) Is optimize category controlled? Defaults to `false`. |
There was a problem hiding this comment.
i'm still not sure what these values are doing? could we eitehr fixuyp the property names or the descriptions?
There was a problem hiding this comment.
Here is the defintion of Allow/Default/Optimize endpoint.
Here are the ip ranges for office that fall within specific Allow/Optimize/Default categories of traffic. What this tells is essentially what kind of traffic from the branch should go directly to Office and what can flow via Virtual WAN, mostly Optimized traffic needs to be breakout from branch as it is latency sensitive. This would have been ideally integrated with sd-wan vendors so depending on this policy, they can configure the branch cpe devices with right routing for office traffic.
|
@katbyte, thanks for your comments. I've updated code. Please take another look. Thanks in advance. |
|
This functionality has been released in v3.12.0 of the Terraform Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
|
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions. |
This PR is to support new property
o365_policy.--- PASS: TestAccVpnSite_basic (301.95s)
--- PASS: TestAccVpnSite_complete (303.11s)
--- PASS: TestAccVpnSite_requiresImport (338.98s)
--- PASS: TestAccVpnSite_o365Policy (423.74s)
--- PASS: TestAccVpnSite_update (578.85s)