DNS Private Resolver deployment in hub

[Vallentyne]

The implementation of DNS Private Resolver here doesn't match the recommendation in CAF or other docs. The MS Cloud Adoption Framework guidance has the DNS Private Resolver in the hub vnet. The benefits of placing into the hub rather than the identity spoke:

• no need to create new network links from resolver to spokes
• private endpoint DNS zones are already in hub, and logic exists to link to hub vnet already
• fewer peer traversals for DNS queries (slight cost impact)
• ref: https://learn.microsoft.com/en-us/azure/dns/private-resolver-architecture#centralized-dns-architecture https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/dns-for-on-premises-and-azure-resources

Describe the solution you'd like Have an option for deploying the resolver into the hub vnet.

[github-actions[bot]]

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 7 days.