Feature Request: Support for Azure Private DNS Zone per Azure Region

[Parallo-TerryPan]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

The module currently does not support per region Azure Private DNS Zones.

Is your feature request related to a problem?

When working with PaaS services with built-in DR capabilities (geo-redundant storage accounts, SQL DB failover groups, etc.), multiple region Private Endpoints are mandatory. https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/private-link-and-dns-integration-at-scale#private-link-and-dns-integration-in-hub-and-spoke-network-architectures.

The module currently only deploys a single set of Azure Private DNS Zones.

Describe the solution you'd like

• A toggle to enable DNS zones to be deployed per virtual network hub location.
• Since Private DNS zones are global resources, they need to be in different resource groups. These resource groups will need to have region specific naming.
• Virtual network links to the hub will need to link to their respective Private DNS Zone. e.g. East US hub will link to the East US private DNS Zone.

Things to consider: Related Azure policies may be affected.

Additional context

Here is a great document from Adam Stuart detailing the complexities of Multi-region use of Azure Private Link https://github.com/adstuart/azure-privatelink-multiregion

[matt-FFFFFF]

Hi,

We do not plan to add this feature here. We will instead be working on a dedicated module for private DNS zones, which can achieve the scale that you are looking for.