Open cecheta opened 1 month ago
microsoft-github-policy-service[bot]
commented
1 month ago [!IMPORTANT] The "Needs: Triage :mag:" label must be removed once the triage process is complete!
[!TIP] For additional guidance on how to triage this issue/PR, see the BRM Issue Triage documentation.
stewartadam
commented
1 month ago How does one go about migrating multiple privateDnsZoneResourceIds in this new format? Prior, a single group name was provided with several zones (up to 5, per docs).
Now, each zone resource has a corresponding group name in each privateDnsZoneGroupConfigs entry and they can no longer share a name.
AlexanderSehr
commented
1 month ago Hey @stewartadam,
if we take the original PR into account, compare the changes and IF I'm not mistaken, then the original implementation did only 'share' the name of the 'privateDnsZoneGroups' via the parameter 'name' which defaulted to 'default' (and still does).
Then there is one other 'name' property as part of the privateDnsZoneConfigs property. This used to be the name of each provided private DNS resource, and now it still is - BUT - also allows you to specify the name of the config yourself if you want.
Again, I hope I didn't mess up writing the above 😄 cc: @cecheta
stewartadam
commented
1 month ago Thanks, that worked - moving name up to the top, for example:
module monitorPrivateEndpoint 'br/public:avm/res/network/private-endpoint:0.7.0' = {
name: 'privateEndpointDeployment-monitor'
params: {
name: 'monitor-pep'
subnetResourceId: privateEndpointSubnetId
privateLinkServiceConnections: [
{
name: 'monitor-pl'
properties: {
groupIds: ['azuremonitor']
privateLinkServiceId: monitorPrivateLinkScope.outputs.resourceId
}
}
]
privateDnsZoneGroup: {
name: 'monitor-dnslinkgrp'
privateDnsZoneGroupConfigs: [
{ privateDnsZoneResourceId: monitorPrivateDnsZones[0].outputs.resourceId }
{ privateDnsZoneResourceId: monitorPrivateDnsZones[1].outputs.resourceId }
{ privateDnsZoneResourceId: monitorPrivateDnsZones[2].outputs.resourceId }
{ privateDnsZoneResourceId: monitorPrivateDnsZones[3].outputs.resourceId }
{ privateDnsZoneResourceId: privateDnsZones[dnsZoneBlobIndex].outputs.resourceId }
]
}
}
dependsOn: [monitorPrivateDnsZones, privateDnsZones]
}Thanks, that worked - moving
nameup to the top, for example:module monitorPrivateEndpoint 'br/public:avm/res/network/private-endpoint:0.7.0' = { name: 'privateEndpointDeployment-monitor' params: { name: 'monitor-pep' subnetResourceId: privateEndpointSubnetId privateLinkServiceConnections: [ { name: 'monitor-pl' properties: { groupIds: ['azuremonitor'] privateLinkServiceId: monitorPrivateLinkScope.outputs.resourceId } } ] privateDnsZoneGroup: { name: 'monitor-dnslinkgrp' privateDnsZoneGroupConfigs: [ { privateDnsZoneResourceId: monitorPrivateDnsZones[0].outputs.resourceId } { privateDnsZoneResourceId: monitorPrivateDnsZones[1].outputs.resourceId } { privateDnsZoneResourceId: monitorPrivateDnsZones[2].outputs.resourceId } { privateDnsZoneResourceId: monitorPrivateDnsZones[3].outputs.resourceId } { privateDnsZoneResourceId: privateDnsZones[dnsZoneBlobIndex].outputs.resourceId } ] } } dependsOn: [monitorPrivateDnsZones, privateDnsZones] }
Glad to hear 💪 Sidenote: The above looks almost like a piece of art 😄 nice.
microsoft-github-policy-service[bot]
commented
1 month ago [!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-bicep) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.
[!TIP]
- To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
- To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!
microsoft-github-policy-service[bot]
commented
1 month ago [!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-bicep) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.
[!TIP]
- To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
- To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!
microsoft-github-policy-service[bot]
commented
1 month ago [!CAUTION] This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-bicep) immediate attention as it hasn't been responded to within 6 business days.
[!TIP]
- To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!
- Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.
Check for previous/existing GitHub issues
Description
Following #2718, the interface for defining a private endpoint has changed (see https://github.com/Azure/Azure-Verified-Modules/pull/1249).
privateDnsZoneGroupNameandprivateDnsZoneResourceIdshave been consolidated into one paramprivateDnsZoneGroup, which now also allows a name for eachprivateDnsZoneConfigto be specified.All modules using
avm/res/network/private-endpointshould be updated to0.7.0, and the params updated.