Feature request: Describe and create additional network resources in the YAML file.

[richardf5]

Description

By itself, the resulting landing zone is a great start but is not fully formed.

Describe the solution you'd like

If the pipelines are to be used to deploy future changes, the complete starter module needs to be enhanced to include additional resources. An example would be a VNet in the identity subscription used for Domain Controllers. Another might be NSG's (with rules) for the Connectivity Subscription.

Describe any alternatives you've considered

I've started to add in AVM modules for some of these items, however it is one thing to feed some YAML parameters into a module, but quite another to cycle through lists of NSGs, ASGs etc. without hardcoding some items or providing a hacky type solution. If you have a more mature method, I'd love to see it added into the Accelerator please!

Additional context

[oZakari]

Hi @richardf5, just for clarification is the for the ALZ Bicep Accelerator or the ALZ Terraform Accelerator?

[richardf5]

Hi @richardf5, just for clarification is the for the ALZ Bicep Accelerator or the ALZ Terraform Accelerator?

My apologies. This is for the Terraform Accelerator.

[richardf5]

While I think about it, I have other resources that I need to add too. Assuming that the pipelines will deploy all Landing Zone Resources going forward, we'll need to include ExpressRoute circuits, firewall rules, an easy way to create and consume Application Security Groups and UDRs etc.

Some of these are not just in the Connectivity Subscription. As an example, I usually create an ASG for Domain Controllers then tag them and use the ASG in my NSGs within the Identity Subscription.

It gets hard to reference ASGs as an example in the YAML. I presume there's a way to construct a ResourceID from a text field?

Thank you BTW - Love what you've all created this far!

Happy to contribute where I can.