The Azure Container Apps landing zone accelerator is an open-source collection of architectural guidance and reference implementation to accelerate deployment of Azure Container Apps at scale.
Created Firewall Policy with rules to allow egress traffic for needed resources
Created Route Table attached to infra subnet to route all traffic to Firewall
Created Workload Profile in ACA Environment
Changed infra subnet CIDR range to /27 (just to demo this is possible)
Added Diagnostic Settings for Firewall
Added naming convention for Firewall and Firewall Policy
Tested and working:
Tested the egress traffic from ACA App go through Azure Firewall public IP (curl ifconf.me)
Tested and not working:
Redeployed the same template multiple times, and it breaks because of dependencies between modules (noticed this same behavior with the main branch).
Also noticed that Terraform starts creating Diagnostic Settings (DS), then for some reason stops immediately. DS is then created but Terraform is not aware about the creation, so it is not saved into the state file. On next execution, I notice a conflict.
Changes in this PR:
Tested and working:
curl ifconf.me
)Tested and not working: