search

Azure / arm-template-whatif

A repository to track issues related to what-if noise suppression
MIT License
90 stars 14 forks source link

Microsoft.Network/virtualNetworks/virtualNetworkPeerings properties #179

Open danbrad opened 3 years ago

danbrad commented 3 years ago

Describe the noise

Resource type

Microsoft.Network/virtualNetworks/virtualNetworkPeerings

apiVersion (i.e. 2019-04-01)

2020-05-01

Client

Bicep

Relevant ARM Template code (we only need the resource object for the above resourceType and apiVersion, but if it's easier you can include the entire template

resource peering 'Microsoft.Network/virtualNetworks/virtualNetworkPeerings@2020-05-01' = {
  name: 'vNet1Name/vNet2Name'
  properties: {
    remoteVirtualNetwork: {
      id: vNet2.id
    }
    allowForwardedTraffic: false
    allowGatewayTransit: false
    allowVirtualNetworkAccess: true
    useRemoteGateways: false
  }
}

Expected response (i.e. "I expected no noise since the template has not been modified since the resources were deployed)

I expected no noise since the template has not been modified since the resources were deployed)

Current (noisy) response (either include a screenshot of the what-if output, or copy/paste the text)

  ~ Microsoft.Network/virtualNetworks/vnet-uksouth-hub/virtualNetworkPeerings/hub-to-vnet-spoke-LBR-01 [2020-05-01]
    - properties.doNotVerifyRemoteGateways: false
    - properties.remoteAddressSpace:

        addressPrefixes: [
          0: "10.120.0.0/16"
        ]
jonlanceley commented 3 years ago

To add to the above when a Hub script is re-run, and in Azure a spoke environment e.g. dev has created the vnet peering to the hub already.

On the hub script run what-if is shown as deleting the peering when it is actually ignored. (The Hub script contains no vnet peering code, the vnet peering is done by the Dev spoke Bicep file. So the Hub bicep file should show this in what-if as ignored.

~ Microsoft.Network/virtualNetworks/nonprod-we-vnet [2021-02-01]
- properties.virtualNetworkPeerings: [
        0:
          name:                                         "dev-we-vnet-peering"
          properties.allowForwardedTraffic:             true
          properties.allowGatewayTransit:               false
          properties.allowVirtualNetworkAccess:         true
          properties.doNotVerifyRemoteGateways:         false
          properties.peeringSyncLevel:                  "FullyInSync"
          properties.remoteAddressSpace.addressPrefixes: [
            0: "10.200.48.0/20"
          ]
          properties.remoteVirtualNetwork.id:           "/subscriptions/xxxxxxxx/resourceGroups/network-nonprod-dev-we-rg/providers/Microsoft.Network/virtualNetworks/dev-we-vnet"
          properties.remoteVirtualNetworkAddressSpace.addressPrefixes: [
            0: "10.200.48.0/20"
          ]
          properties.useRemoteGateways:                 false
      ]
gavhooper commented 3 years ago

We also have this issue where peerings are always stated as being deleted when deploying a vnet without peerings, is there any update?