azureterraformterraform-provider-azureazure-load-balancer

How to update Azure's load balancer from basic to standard in Terraform?


I got a warning in Azure Portal that my load balancer "is on Basic SKU which will be retired on 30 September 2025. Learn more about Standard SKU and migration steps."

I have been trying to find without success how to upgrade my Terraform code.

This is my Terraform:

resource "azurerm_lb" "foo" {
  name = "foo-${var.URL_NAME}"

  frontend_ip_configuration {
    name                 = "PublicIPAddress"
    public_ip_address_id = azurerm_public_ip.foo_lb_ip.id
  }

   location            = var.AZURE_REGION
  resource_group_name = data.azurerm_resource_group.foo.name
}

resource "azurerm_lb_backend_address_pool" "foo" {
  name            = "BackEndAddressPool"
  loadbalancer_id = azurerm_lb.foo.id
}

resource "azurerm_network_interface_backend_address_pool_association" "foo" {
  count                   = var.NUMBER_OF_VMS
  backend_address_pool_id = azurerm_lb_backend_address_pool.foo.id
  ip_configuration_name   = "internal"
  network_interface_id    = azurerm_network_interface.foo[count.index].id
}

resource "azurerm_lb_probe" "foo" {
  name            = "foo-${var.URL_NAME}"
  protocol        = "Tcp"
  port            = 9999
  loadbalancer_id = azurerm_lb.foo.id
}

resource "azurerm_lb_rule" "foo" {
  name                           = "foo-${var.URL_NAME}"
  protocol                       = "Tcp"
  frontend_port                  = 9999
  backend_port                   = 9999
  frontend_ip_configuration_name = azurerm_lb.foo.frontend_ip_configuration[0].name
  loadbalancer_id                = azurerm_lb.foo.id
  backend_address_pool_ids       = [azurerm_lb_backend_address_pool.foo.id]
}

resource "azurerm_public_ip" "foo_lb_ip" {
  name                = "foo-lb-ip"
  allocation_method   = "Dynamic"
  location            = var.AZURE_REGION
  resource_group_name = data.azurerm_resource_group.foo.name
}

Solution

  • How to update Azure's load balancer from basic to standard in Terraform?

    To update Azure's Load Balancer from Basic to Standard, you need to change the LB SKU to 'Standard' and ensure that the public IP SKU is also 'Standard'. Only then will the Load Balancer be updated to Standard.

    Note: If you cannot afford downtime for the resource, you can use create_before_destroy = true. This feature will create the new resource first and ensure it is fully operational before destroying the old resource. This is crucial for minimizing downtime between resources. However, make sure to use a new name for the resource when you use this feature.

    lifecycle {
        create_before_destroy = true
      }
    

    Here is Terraform code to update Azure Load balancer SKU to Standard

    provider "azurerm" {
      features {}
    }
    
    resource "azurerm_resource_group" "example" {
      name     = "network-RG2"
      location = "West Europe"
     
    }
    
    resource "azurerm_virtual_network" "example" {
      name                = "sample-network1"
      address_space       = ["10.0.0.0/16"]
      location            = azurerm_resource_group.example.location
      resource_group_name = azurerm_resource_group.example.name
    }
    
    resource "azurerm_subnet" "example" {
      name                 = "internal1"
      resource_group_name  = azurerm_resource_group.example.name
      virtual_network_name = azurerm_virtual_network.example.name
      address_prefixes     = ["10.0.2.0/24"]
    }
    
    resource "azurerm_public_ip" "example" {
      name                = "venkat-pip1"
      location            = azurerm_resource_group.example.location
      resource_group_name = azurerm_resource_group.example.name
      allocation_method   = "Static"
      sku                 = "Standard"
    }
    
    resource "azurerm_lb" "example" {
      name                = "venkat-lb1"
      location            = azurerm_resource_group.example.location
      resource_group_name = azurerm_resource_group.example.name
      sku                 = "Standard"
    
      frontend_ip_configuration {
        name                 = "primary"
        public_ip_address_id = azurerm_public_ip.example.id
      }
    depends_on = [ azurerm_public_ip.example ]
    }
    
    resource "azurerm_lb_backend_address_pool" "example" {
      loadbalancer_id = azurerm_lb.example.id
      name            = "acctestpool1"
    }
    
    resource "azurerm_network_interface" "example" {
      name                = "venkat-nic1"
      location            = azurerm_resource_group.example.location
      resource_group_name = azurerm_resource_group.example.name
    
      ip_configuration {
        name                          = "venkattestconfig1"
        subnet_id                     = azurerm_subnet.example.id
        private_ip_address_allocation = "Dynamic"
      }
    
    }
    resource "azurerm_network_interface_backend_address_pool_association" "example" {
      network_interface_id    = azurerm_network_interface.example.id
      ip_configuration_name   = "venkattestconfig1"
      backend_address_pool_id = azurerm_lb_backend_address_pool.example.id
    }
    

    Terraform apply:

    enter image description here enter image description here

    After executing the terraform script, The Azure Load balancer SKU has been changed to Standard

    enter image description here

    Alternatively, you can also use PowerShell code in terraform by using null resource block to upgrade load balancer sku to Standard. below is the terraform code with null resource

    resource "null_resource" "powershell" {
      triggers = {
        }
    
    provisioner "local-exec" {
            command = <<-EOT
            Start-AzBasicLoadBalancerUpgrade -ResourceGroupName <loadBalancerRGName> -BasicLoadBalancerName <basicLBName> -validateScenarioOnly
            EOT
          }
    }