Open cecheta opened 1 month ago
[!IMPORTANT] The "Needs: Triage :mag:" label must be removed once the triage process is complete!
[!TIP] For additional guidance on how to triage this issue/PR, see the BRM Issue Triage documentation.
How does one go about migrating multiple privateDnsZoneResourceIds in this new format? Prior, a single group name was provided with several zones (up to 5, per docs).
Now, each zone resource has a corresponding group name in each privateDnsZoneGroupConfigs entry and they can no longer share a name.
Hey @stewartadam,
if we take the original PR into account, compare the changes and IF I'm not mistaken, then the original implementation did only 'share' the name of the 'privateDnsZoneGroups' via the parameter 'name'
which defaulted to 'default' (and still does).
Then there is one other 'name'
property as part of the privateDnsZoneConfigs
property. This used to be the name of each provided private DNS resource
, and now it still is - BUT - also allows you to specify the name of the config yourself if you want.
Again, I hope I didn't mess up writing the above 😄 cc: @cecheta
Thanks, that worked - moving name
up to the top, for example:
module monitorPrivateEndpoint 'br/public:avm/res/network/private-endpoint:0.7.0' = {
name: 'privateEndpointDeployment-monitor'
params: {
name: 'monitor-pep'
subnetResourceId: privateEndpointSubnetId
privateLinkServiceConnections: [
{
name: 'monitor-pl'
properties: {
groupIds: ['azuremonitor']
privateLinkServiceId: monitorPrivateLinkScope.outputs.resourceId
}
}
]
privateDnsZoneGroup: {
name: 'monitor-dnslinkgrp'
privateDnsZoneGroupConfigs: [
{ privateDnsZoneResourceId: monitorPrivateDnsZones[0].outputs.resourceId }
{ privateDnsZoneResourceId: monitorPrivateDnsZones[1].outputs.resourceId }
{ privateDnsZoneResourceId: monitorPrivateDnsZones[2].outputs.resourceId }
{ privateDnsZoneResourceId: monitorPrivateDnsZones[3].outputs.resourceId }
{ privateDnsZoneResourceId: privateDnsZones[dnsZoneBlobIndex].outputs.resourceId }
]
}
}
dependsOn: [monitorPrivateDnsZones, privateDnsZones]
}
Thanks, that worked - moving
name
up to the top, for example:module monitorPrivateEndpoint 'br/public:avm/res/network/private-endpoint:0.7.0' = { name: 'privateEndpointDeployment-monitor' params: { name: 'monitor-pep' subnetResourceId: privateEndpointSubnetId privateLinkServiceConnections: [ { name: 'monitor-pl' properties: { groupIds: ['azuremonitor'] privateLinkServiceId: monitorPrivateLinkScope.outputs.resourceId } } ] privateDnsZoneGroup: { name: 'monitor-dnslinkgrp' privateDnsZoneGroupConfigs: [ { privateDnsZoneResourceId: monitorPrivateDnsZones[0].outputs.resourceId } { privateDnsZoneResourceId: monitorPrivateDnsZones[1].outputs.resourceId } { privateDnsZoneResourceId: monitorPrivateDnsZones[2].outputs.resourceId } { privateDnsZoneResourceId: monitorPrivateDnsZones[3].outputs.resourceId } { privateDnsZoneResourceId: privateDnsZones[dnsZoneBlobIndex].outputs.resourceId } ] } } dependsOn: [monitorPrivateDnsZones, privateDnsZones] }
Glad to hear 💪 Sidenote: The above looks almost like a piece of art 😄 nice.
[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-bicep) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.
[!TIP]
- To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
- To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!
[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-bicep) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.
[!TIP]
- To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
- To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!
[!CAUTION] This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-bicep) immediate attention as it hasn't been responded to within 6 business days.
[!TIP]
- To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!
- Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.
Check for previous/existing GitHub issues
Description
Following #2718, the interface for defining a private endpoint has changed (see https://github.com/Azure/Azure-Verified-Modules/pull/1249).
privateDnsZoneGroupName
andprivateDnsZoneResourceIds
have been consolidated into one paramprivateDnsZoneGroup
, which now also allows a name for eachprivateDnsZoneConfig
to be specified.All modules using
avm/res/network/private-endpoint
should be updated to0.7.0
, and the params updated.