Terraform - Azure Virtual Network Gateway failed to deploy

Question

I am trying to create a very simple in Azure VPN Gateway with terraform and I get the following error.

│ Error: waiting for completion of Virtual Network Gateway: (Name "test-vnetgateway-backend" / Resource Group "test-network-backend"): Code="VmssGatewayDeploymentFailed" Message="The gateway deployment operation failed due to an intermittent error. Please try again." Details=[]

I am trying to deploy this in West Europe region. Could this be any capacity limitations?

This is my terraform code, which is simple. There are no any detailed messages from terraform either.

resource "azurerm_public_ip" "test-gateway-pip" {
  provider = azurerm.dcs_test

  name                = "test-pip-vnetgateway"
  location            = var.default_location
  resource_group_name = module.test-vnet-backend.resource_group[0].name
  allocation_method   = "Static"
  sku                 = "Standard"
  domain_name_label   = "test-vnetgateway-backend"

  tags = var.default_tags
}

resource "azurerm_virtual_network_gateway" "test-gateway" {
  provider = azurerm.dcs_test

  name                = "test-vnetgateway-backend"
  location            = var.default_location
  resource_group_name = module.test-vnet-backend.resource_group[0].name

  type     = "Vpn"
  vpn_type = "RouteBased"

  active_active = false
  enable_bgp    = false
  sku           = "VpnGw2"

  ip_configuration {
    public_ip_address_id          = azurerm_public_ip.test-gateway-pip.id
    private_ip_address_allocation = "Dynamic"
    subnet_id                     = module.test-vnet-backend.vnet_subnets.gateway.id
  }
}

Could someone please help me on this?

Answer 1

I tried to deploy- Azure Virtual Network Gateway using terraform and I was able to provision the requirement successfully.

When Azure encounters a problem while creating the Virtual Network Gateway, it displays the error message "VmssGatewayDeploymentFailed". This issue can arise from various factors, such as Azure's service malfunctions, configuration errors, or insufficient resources in the West Europe region.

1. Capacity Limitations: Capacity limitations in some regions are usually short-lived for Azure. To see if there are any current problems in the West Europe region, you can visit the Service Health dashboard in the Azure portal.

2. Terraform Configuration Review: You are using Terraform to create a simple Azure VPN Gateway that has a public IP and a virtual network gateway. Your configuration follows the standard settings, but you should verify that all the resources you refer to (such as the subnet and the resource group) are properly set up and available.

3. Terraform State: Sometimes Terraform's state can get out of sync with the actual state in Azure. Running terraform refresh might help in updating the state.

I tried a demo version of configure to check the problem really persist with the mentioned region.

My demo Terraform configuration:

provider "azurerm" {
  features {}
}
resource "azurerm_resource_group" "example" {
  name     = "testvk-rg"
  location = "West Europe"
}

resource "azurerm_virtual_network" "example" {
  name                = "testvnet"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name
  address_space       = ["10.0.0.0/16"]
}

resource "azurerm_subnet" "example" {
  name                 = "GatewaySubnet"
  resource_group_name  = azurerm_resource_group.example.name
  virtual_network_name = azurerm_virtual_network.example.name
  address_prefixes     = ["10.0.1.0/24"]
}

resource "azurerm_public_ip" "example" {
  name                = "testpip"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name

  allocation_method = "Dynamic"
}

resource "azurerm_virtual_network_gateway" "example" {
  name                = "testvng"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name

  type     = "Vpn"
  vpn_type = "RouteBased"

  active_active = false
  enable_bgp    = false
  sku           = "Basic"

  ip_configuration {
    name                          = "vnetGatewayConfig"
    public_ip_address_id          = azurerm_public_ip.example.id
    private_ip_address_allocation = "Dynamic"
    subnet_id                     = azurerm_subnet.example.id
  }
}

Output:

If the problem persists Try changing the region, as this might be due to the capacity limitations that Azure sometimes faces in certain regions. These limitations are usually temporary for some particular time.