Support for checking `api_server_authorized_ip_ranges` when `public_network_access_enabled` is `true`

[lonegunmanb]

Is there an existing issue for this?

• I have searched the existing issues

Description

According to the document:

When public_network_access_enabled is set to true, 0.0.0.0/32 must be added to authorized_ip_ranges in the api_server_access_profile block.

We should add a precondition to enforce this rule, but since it would be a breaking change, I think we should implement this feature in our next major version release.

New or Affected Resource(s)/Data Source(s)

azurerm_kubernetes_cluster

Potential Terraform Configuration

No response

References

precondition {
      condition     = !var.public_network_access_enabled || try(contains(var.api_server_authorized_ip_ranges, "0.0.0.0/32"), false)
      error_message = "When `public_network_access_enabled` is set to true, `0.0.0.0/32` must be added to `authorized_ip_ranges` in the `api_server_access_profile block`."
    }