azurerm_nat_gateway_public_ip_prefix_association - support associating IPv6 Public IP Prefixes (hashicorp#32195)

[ENHANCEMENT] * `azurerm_nat_gateway_public_ip_prefix_association` - add support for IPv6 public IP prefixes

Author: teowa

internal/services/network/nat_gateway_public_ip_prefix_association_resource.go

@@ -12,8 +12,8 @@ import (
 	"github.com/hashicorp/go-azure-helpers/lang/pointer"
 	"github.com/hashicorp/go-azure-helpers/lang/response"
 	"github.com/hashicorp/go-azure-helpers/resourcemanager/commonids"
-	"github.com/hashicorp/go-azure-sdk/resource-manager/network/2023-09-01/publicipprefixes"
 	"github.com/hashicorp/go-azure-sdk/resource-manager/network/2025-01-01/natgateways"
+	"github.com/hashicorp/go-azure-sdk/resource-manager/network/2025-01-01/publicipprefixes"
 	"github.com/hashicorp/terraform-provider-azurerm/helpers/tf"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/clients"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/locks"
@@ -71,8 +71,8 @@ func resourceNATGatewayPublicIpPrefixAssociationCreate(d *pluginsdk.ResourceData
 		return err
 	}
 
-	locks.ByName(natGatewayId.NatGatewayName, natGatewayResourceName)
-	defer locks.UnlockByName(natGatewayId.NatGatewayName, natGatewayResourceName)
+	locks.ByID(natGatewayId.ID())
+	defer locks.UnlockByID(natGatewayId.ID())
 
 	natGateway, err := client.Get(ctx, *natGatewayId, natgateways.DefaultGetOperationOptions())
 	if err != nil {
@@ -89,27 +89,42 @@ func resourceNATGatewayPublicIpPrefixAssociationCreate(d *pluginsdk.ResourceData
 		return fmt.Errorf("retrieving %s: `properties` was nil", natGatewayId)
 	}
 
-	id := commonids.NewCompositeResourceID(natGatewayId, publicIpPrefixId)
-
-	publicIpPrefixes := make([]natgateways.SubResource, 0)
-	if natGateway.Model.Properties.PublicIPPrefixes != nil {
-		for _, existingPublicIPPrefix := range *natGateway.Model.Properties.PublicIPPrefixes {
-			if existingPublicIPPrefix.Id == nil {
-				continue
-			}
+	publicIpPrefix, err := meta.(*clients.Client).Network.PublicIPPrefixes.Get(ctx, *publicIpPrefixId, publicipprefixes.DefaultGetOperationOptions())
+	if err != nil {
+		if response.WasNotFound(publicIpPrefix.HttpResponse) {
+			return fmt.Errorf("%s was not found", publicIpPrefixId)
+		}
+		return fmt.Errorf("retrieving %s: %+v", publicIpPrefixId, err)
+	}
+	if publicIpPrefix.Model == nil {
+		return fmt.Errorf("retrieving %s: `model` was nil", publicIpPrefixId)
+	}
+	if publicIpPrefix.Model.Properties == nil {
+		return fmt.Errorf("retrieving %s: `properties` was nil", publicIpPrefixId)
+	}
 
-			if strings.EqualFold(*existingPublicIPPrefix.Id, publicIpPrefixId.ID()) {
-				return tf.ImportAsExistsError("azurerm_nat_gateway_public_ip_prefix_association", id.ID())
-			}
+	isIPv6 := pointer.From(publicIpPrefix.Model.Properties.PublicIPAddressVersion) == publicipprefixes.IPVersionIPvSix
+	id := commonids.NewCompositeResourceID(natGatewayId, publicIpPrefixId)
 
-			publicIpPrefixes = append(publicIpPrefixes, existingPublicIPPrefix)
+	gatewayProperties := natGateway.Model.Properties
+	publicIpPrefixes := pointer.From(gatewayProperties.PublicIPPrefixes)
+	if isIPv6 {
+		publicIpPrefixes = pointer.From(gatewayProperties.PublicIPPrefixesV6)
+	}
+	for _, existingPublicIPPrefix := range publicIpPrefixes {
+		if strings.EqualFold(pointer.From(existingPublicIPPrefix.Id), publicIpPrefixId.ID()) {
+			return tf.ImportAsExistsError("azurerm_nat_gateway_public_ip_prefix_association", id.ID())
 		}
 	}
 
 	publicIpPrefixes = append(publicIpPrefixes, natgateways.SubResource{
 		Id: pointer.To(publicIpPrefixId.ID()),
 	})
-	natGateway.Model.Properties.PublicIPPrefixes = &publicIpPrefixes
+	if isIPv6 {
+		gatewayProperties.PublicIPPrefixesV6 = pointer.To(publicIpPrefixes)
+	} else {
+		gatewayProperties.PublicIPPrefixes = pointer.To(publicIpPrefixes)
+	}
 
 	if err := client.CreateOrUpdateThenPoll(ctx, *natGatewayId, *natGateway.Model); err != nil {
 		return fmt.Errorf("updating %s: %+v", natGatewayId, err)
@@ -140,32 +155,16 @@ func resourceNATGatewayPublicIpPrefixAssociationRead(d *pluginsdk.ResourceData,
 		return fmt.Errorf("retrieving %s: %+v", id.First, err)
 	}
 
-	if model := natGateway.Model; model != nil {
-		if props := model.Properties; props != nil {
-			if props.PublicIPPrefixes == nil {
-				log.Printf("[DEBUG] %s doesn't have any Public IP Prefixes - removing from state!", id.First)
-				d.SetId("")
-				return nil
-			}
-
-			publicIPPrefixId := ""
-			for _, pipp := range *props.PublicIPPrefixes {
-				if pipp.Id == nil {
-					continue
-				}
-
-				if strings.EqualFold(*pipp.Id, id.Second.ID()) {
-					publicIPPrefixId = *pipp.Id
-					break
-				}
-			}
-
-			if publicIPPrefixId == "" {
-				log.Printf("[DEBUG] Association between %s and %s was not found - removing from state", id.First, id.Second)
-				d.SetId("")
-				return nil
-			}
-		}
+	if natGateway.Model == nil {
+		return fmt.Errorf("retrieving %s: `model` was nil", id.First)
+	}
+	if natGateway.Model.Properties == nil {
+		return fmt.Errorf("retrieving %s: `properties` was nil", id.First)
+	}
+	if !natGatewayPublicIpPrefixAssociationExists(natGateway.Model.Properties, id.Second.ID()) {
+		log.Printf("[DEBUG] Association between %s and %s was not found - removing from state", id.First, id.Second)
+		d.SetId("")
+		return nil
 	}
 
 	d.Set("nat_gateway_id", id.First.ID())
@@ -184,8 +183,8 @@ func resourceNATGatewayPublicIpPrefixAssociationDelete(d *pluginsdk.ResourceData
 		return err
 	}
 
-	locks.ByName(id.First.NatGatewayName, natGatewayResourceName)
-	defer locks.UnlockByName(id.First.NatGatewayName, natGatewayResourceName)
+	locks.ByID(id.First.ID())
+	defer locks.UnlockByID(id.First.ID())
 
 	natGateway, err := client.Get(ctx, *id.First, natgateways.DefaultGetOperationOptions())
 	if err != nil {
@@ -202,23 +201,64 @@ func resourceNATGatewayPublicIpPrefixAssociationDelete(d *pluginsdk.ResourceData
 		return fmt.Errorf("retrieving %s: `properties` was nil", id.First)
 	}
 
-	publicIpPrefixes := make([]natgateways.SubResource, 0)
-	if publicIPPrefixes := natGateway.Model.Properties.PublicIPPrefixes; publicIPPrefixes != nil {
-		for _, publicIPPrefix := range *publicIPPrefixes {
-			if publicIPPrefix.Id == nil {
-				continue
-			}
-
-			if !strings.EqualFold(*publicIPPrefix.Id, id.Second.ID()) {
-				publicIpPrefixes = append(publicIpPrefixes, publicIPPrefix)
-			}
-		}
+	if !removeNATGatewayPublicIpPrefixAssociation(natGateway.Model.Properties, id.Second.ID()) {
+		return nil
 	}
-	natGateway.Model.Properties.PublicIPPrefixes = &publicIpPrefixes
 
 	if err := client.CreateOrUpdateThenPoll(ctx, *id.First, *natGateway.Model); err != nil {
-		return fmt.Errorf("removing association between %s and %s: %+v", id.First, id.Second, err)
+		return fmt.Errorf("deleting %s: %+v", id, err)
 	}
 
 	return nil
 }
+
+func natGatewayPublicIpPrefixAssociationExists(properties *natgateways.NatGatewayPropertiesFormat, publicIpPrefixId string) bool {
+	if properties == nil {
+		return false
+	}
+
+	for _, publicIpPrefix := range pointer.From(properties.PublicIPPrefixes) {
+		if strings.EqualFold(pointer.From(publicIpPrefix.Id), publicIpPrefixId) {
+			return true
+		}
+	}
+
+	for _, publicIpPrefix := range pointer.From(properties.PublicIPPrefixesV6) {
+		if strings.EqualFold(pointer.From(publicIpPrefix.Id), publicIpPrefixId) {
+			return true
+		}
+	}
+
+	return false
+}
+
+func removeNATGatewayPublicIpPrefixAssociation(properties *natgateways.NatGatewayPropertiesFormat, publicIpPrefixId string) bool {
+	if properties == nil {
+		return false
+	}
+
+	removed := false
+	updatedIPv4Prefixes := make([]natgateways.SubResource, 0)
+	for _, publicIpPrefix := range pointer.From(properties.PublicIPPrefixes) {
+		if strings.EqualFold(pointer.From(publicIpPrefix.Id), publicIpPrefixId) {
+			removed = true
+			continue
+		}
+
+		updatedIPv4Prefixes = append(updatedIPv4Prefixes, publicIpPrefix)
+	}
+	properties.PublicIPPrefixes = pointer.To(updatedIPv4Prefixes)
+
+	updatedIPv6Prefixes := make([]natgateways.SubResource, 0)
+	for _, publicIpPrefix := range pointer.From(properties.PublicIPPrefixesV6) {
+		if strings.EqualFold(pointer.From(publicIpPrefix.Id), publicIpPrefixId) {
+			removed = true
+			continue
+		}
+
+		updatedIPv6Prefixes = append(updatedIPv6Prefixes, publicIpPrefix)
+	}
+	properties.PublicIPPrefixesV6 = pointer.To(updatedIPv6Prefixes)
+
+	return removed
+}