search

Azure / ALZ-Bicep

This repository contains the Azure Landing Zones (ALZ) Bicep modules that help deliver and deploy the Azure Landing Zone conceptual architecture in a modular approach. https://aka.ms/alz/docs
MIT License
749 stars 501 forks source link

💡 Feature Request - Add zone configuration for hub network PIPs #241

Closed BernieWhite closed 1 year ago

BernieWhite commented 2 years ago

Describe the solution you'd like

Currently several public IP addresses are created for numerous services in the hub networking module, this includes:

Currently there is a configuration for availability zones supported with Azure Firewall which also sets the zones property of the public IP address through the parAzureFirewallAvailabilityZones parameter.

For VPN/ ER gateways, to fully support availability zones a AZ SKU + a public IP across more then one zone is required for zone redundancy. If you deploy via that Azure Portal, the Zone Redundancy option includes zones 1, 2, 3.

Currently I can't see any docs specifically calling out if Azure Bastion supports availability zones and the resource configuration does not have a telling zones property so I will assume not.

The other PIPs ideally should support availability zones to align to Well-Architected Framework (WAF) recommendation for reliability when a region supports it.

Additional context

This is reported by PSRule for Azure: https://azure.github.io/PSRule.Rules.Azure/en/rules/Azure.PublicIP.AvailabilityZone/

Related to #206

jtracey93 commented 2 years ago

Ado sync

jhajduk-microsoft commented 2 years ago

Fixed in PR 306 - waiting for merge