Closed aavdberg closed 1 week ago
If I am following your example correctly, some network security groups (assuming this is what is meant by NS records, but please correct me if I am wrong) are being implicitly created as a result of public DNS zone deployment.
Implicitly deployed resources are not tracked by deployment stacks and are documented in our known limitations here: https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/deployment-stacks?tabs=azure-powershell.
So, they should not be deleted when the same template is deployed, even though they are not in the bicep file; the deployment stack doesn't know about them. If an implicitly created resource is a child resource of a managed resource in a deployment stack, and the deployment stack cleans up the managed resource, then the implicitly created child resource would be deleted. This is not a feature of the deployment stack though, just a function of how resource hierarchy works (but it could be a useful thing to know for cleanup of these non-managed implicitly created resources).
Hello @aavdberg - friendly follow up on your question. Thanks!
Hi @aavdberg - friendly follow up on your question. Thanks!
Hi @azcloudfarmer have deployed with Deployment Stack and it's working now.
The ns records are not deleted when they are not in the code.
Have a question about Deployment Stacks and Public DNS Zones.
When I deploy with bicep a Public DNS Zone in Azure and don't specify the NS records these get automatily created.
But when I deploy the same bicep with Deployment Stack, my question is when I configure the parameter -ActionOnUnmanage "deleteResources" with the powershell cmdlet New-AzResourceGroupDeploymentStack
Do the NS records get deleted and do I need to specify these also in the bicep file?
@alex-frankel @anthony-c-martin ?