Describe the bug
VMSS reports:
At least one of your VMSS instances has a default outbound IP, which is insecure and will no longer be assigned by default for new subnets after March 2026. To secure your VMSS and subnets and ensure future compatibility, follow guidance to add an explicit method of outbound and set your subnets to private.
https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/default-outbound-access
This will also apply to other subnets
See https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet#default_outbound_access_enabled-1
Steps to reproduce
- view resource processor vmss in azure portal
- observe message
The fix is to set this on the required subnets in terraform
default_outbound_access_enabled = false (or true) where appropriate
Azure TRE release version (e.g. v0.14.0 or main):
main
Deployed Azure TRE components - click the (i) in the UI:
UI Version:
0.8.16
API Version:
0.25.0
Describe the bug
VMSS reports:
At least one of your VMSS instances has a default outbound IP, which is insecure and will no longer be assigned by default for new subnets after March 2026. To secure your VMSS and subnets and ensure future compatibility, follow guidance to add an explicit method of outbound and set your subnets to private.
https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/default-outbound-access
This will also apply to other subnets
See https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet#default_outbound_access_enabled-1
Steps to reproduce
The fix is to set this on the required subnets in terraform
default_outbound_access_enabled = false(or true) where appropriateAzure TRE release version (e.g. v0.14.0 or main):
main
Deployed Azure TRE components - click the (i) in the UI:
UI Version:
0.8.16
API Version:
0.25.0