AVD LZA support for Azure China [ mooncake ]

[Poven795909]

Overview/Summary

Introduced code changes to support AVD LZA baseline deployment on Azure china cloud

This PR fixes/adds/changes/removes

1. Adds a deploy to Azure china button which redirects Portal UI deployment to portal.azure.cn
2. Adds changes to hide Scaling plan, Msix app attach when deployment is done in any azure china region.
3. Adds info box changes to warn users that Scaling plan, msix app attach is not supported in Azure china and also adds an info box warning that the monitoring and diagnostic settings as part of LZA is only supported on Chineast2 and chinanorth3 region
4. Adds a new variable for Cloud environment. This variable is again used to create conditional variables for scaling plan and msix app attach.
5. Adds changes to create specific private DNS zones if cloud env is Azure china.
6. Changes in the bicep code to use "Standard" key vault if deployment is in Azure china as "Premium SKU" is not supported.
7. Changes ZT key vault to use System assigned Identity from user assigned identity.
8. Adds "federatedclientId" pointing to an empty string for Zer trust deployment.
9. Updates Monitoring info box to hide warning if deployment is in non-china region.

Breaking Changes

1. Updated Zero trust deployment to use System assigned identity as user assigned identity was not supported in Azure China. However tested the code for both Azure china and Azure commercial deployment and it works fine.

Testing Evidence

Have tested the code deployment in Azure china and Azure commercial and both works fine. Have been continusly updating testing status with evidence in the teams chat with the AVD PM and core team.

As part of this Pull Request I have

• [x] Read the Contribution Guide and ensured this PR is compliant with the guide
• [x] Ensured the resource API versions in .bicep file/s I am adding/editing are using the latest API version possible
• [x] Checked for duplicate Pull Requests
• [ ] Associated it with relevant GitHub Issues
• [x] (AVD LZA Team Only) Associated it with relevant ADO Items
• [x] Ensured my code/branch is up-to-date with the latest changes in the main branch
• [x] Performed testing and provided evidence.
• [x] Updated relevant and associated documentation (e.g. Contribution Guide, Module READMEs, Docs etc.)

[danycontre]

Hey folks, in general changes look good, do you know if the change to move ZT from managed ID to system assigned was testing on all clouds?

@jamasten @swathibhat1 @Poven795909

[Poven795909]

@danycontre @swathibhat1 I tested it on Azure China and Azure Commercial, it works fine in both of them. I couldn't test in Azure US gov as I don't have access. I remember while discussing with Jason that System Assigned ID does work in Us gov , however I will let @jamasten to confirm.

[jamasten]

Using the system assigned identity will work in US Gov.