diff --git a/infra-as-code/bicep/modules/hubNetworking/generateddocs/hubNetworking.bicep.md b/infra-as-code/bicep/modules/hubNetworking/generateddocs/hubNetworking.bicep.md index 225cb2a6a..0c05b5f2d 100644 --- a/infra-as-code/bicep/modules/hubNetworking/generateddocs/hubNetworking.bicep.md +++ b/infra-as-code/bicep/modules/hubNetworking/generateddocs/hubNetworking.bicep.md @@ -34,6 +34,7 @@ parDisableBgpRoutePropagation | No | Switch to enable/disable BGP Propagat parPrivateDnsZonesEnabled | No | Switch to enable/disable Private DNS Zones deployment. parPrivateDnsZonesResourceGroup | No | Resource Group Name for Private DNS Zones. parPrivateDnsZones | No | Array of DNS Zones to provision in Hub Virtual Network. Default: All known Azure Private DNS Zones +parPrivateDnsZoneAutoMergeAzureBackupZone | No | Set Parameter to false to skip the addition of a Private DNS Zone for Azure Backup. parVpnGatewayConfig | No | Configuration for VPN virtual network gateway to be deployed. If a VPN virtual network gateway is not desired an empty object should be used as the input parameter in the parameter file, i.e. "parVpnGatewayConfig": { "value": {} } parExpressRouteGatewayConfig | No | Configuration for ExpressRoute virtual network gateway to be deployed. If a ExpressRoute virtual network gateway is not desired an empty object should be used as the input parameter in the parameter file, i.e. "parExpressRouteGatewayConfig": { "value": {} } parTags | No | Tags you would like to be applied to all resources in this module. @@ -266,6 +267,14 @@ Array of DNS Zones to provision in Hub Virtual Network. Default: All known Azure - Default value: `[format('privatelink.{0}.azmk8s.io', toLower(parameters('parLocation')))] [format('privatelink.{0}.batch.azure.com', toLower(parameters('parLocation')))] [format('privatelink.{0}.kusto.windows.net', toLower(parameters('parLocation')))] privatelink.adf.azure.com privatelink.afs.azure.net privatelink.agentsvc.azure-automation.net privatelink.analysis.windows.net privatelink.api.azureml.ms privatelink.azconfig.io privatelink.azure-api.net privatelink.azure-automation.net privatelink.azurecr.io privatelink.azure-devices.net privatelink.azure-devices-provisioning.net privatelink.azurehdinsight.net privatelink.azurehealthcareapis.com privatelink.azurestaticapps.net privatelink.azuresynapse.net privatelink.azurewebsites.net privatelink.batch.azure.com privatelink.blob.core.windows.net privatelink.cassandra.cosmos.azure.com privatelink.cognitiveservices.azure.com privatelink.database.windows.net privatelink.datafactory.azure.net privatelink.dev.azuresynapse.net privatelink.dfs.core.windows.net privatelink.dicom.azurehealthcareapis.com privatelink.digitaltwins.azure.net privatelink.directline.botframework.com privatelink.documents.azure.com privatelink.eventgrid.azure.net privatelink.file.core.windows.net privatelink.gremlin.cosmos.azure.com privatelink.guestconfiguration.azure.com privatelink.his.arc.azure.com privatelink.kubernetesconfiguration.azure.com privatelink.managedhsm.azure.net privatelink.mariadb.database.azure.com privatelink.media.azure.net privatelink.mongo.cosmos.azure.com privatelink.monitor.azure.com privatelink.mysql.database.azure.com privatelink.notebooks.azure.net privatelink.ods.opinsights.azure.com privatelink.oms.opinsights.azure.com privatelink.pbidedicated.windows.net privatelink.postgres.database.azure.com privatelink.prod.migration.windowsazure.com privatelink.purview.azure.com privatelink.purviewstudio.azure.com privatelink.queue.core.windows.net privatelink.redis.cache.windows.net privatelink.redisenterprise.cache.azure.net privatelink.search.windows.net privatelink.service.signalr.net privatelink.servicebus.windows.net privatelink.siterecovery.windowsazure.com privatelink.sql.azuresynapse.net privatelink.table.core.windows.net privatelink.table.cosmos.azure.com privatelink.tip1.powerquery.microsoft.com privatelink.token.botframework.com privatelink.vaultcore.azure.net privatelink.web.core.windows.net privatelink.webpubsub.azure.com` +### parPrivateDnsZoneAutoMergeAzureBackupZone + +![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square) + +Set Parameter to false to skip the addition of a Private DNS Zone for Azure Backup. + +- Default value: `True` + ### parVpnGatewayConfig ![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square) @@ -510,6 +519,9 @@ outHubVirtualNetworkId | string | "privatelink.webpubsub.azure.com" ] }, + "parPrivateDnsZoneAutoMergeAzureBackupZone": { + "value": true + }, "parVpnGatewayConfig": { "value": { "name": "[format('{0}-Vpn-Gateway', parameters('parCompanyPrefix'))]", diff --git a/infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep b/infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep index 186282127..534bdfe0b 100644 --- a/infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep +++ b/infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep @@ -205,6 +205,9 @@ param parPrivateDnsZones array = [ 'privatelink.webpubsub.azure.com' ] +@sys.description('Set Parameter to false to skip the addition of a Private DNS Zone for Azure Backup.') +param parPrivateDnsZoneAutoMergeAzureBackupZone bool = true + //ASN must be 65515 if deploying VPN & ER for co-existence to work: https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-coexist-resource-manager#limits-and-limitations @sys.description('''Configuration for VPN virtual network gateway to be deployed. If a VPN virtual network gateway is not desired an empty object should be used as the input parameter in the parameter file, i.e. "parVpnGatewayConfig": { @@ -755,6 +758,7 @@ module modPrivateDnsZones '../privateDnsZones/privateDnsZones.bicep' = if (parPr parTags: parTags parVirtualNetworkIdToLink: resHubVnet.id parPrivateDnsZones: parPrivateDnsZones + parPrivateDnsZoneAutoMergeAzureBackupZone: parPrivateDnsZoneAutoMergeAzureBackupZone parTelemetryOptOut: parTelemetryOptOut } } diff --git a/infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json b/infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json index ccb16ece2..686de4bd2 100644 --- a/infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json +++ b/infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json @@ -176,6 +176,9 @@ "privatelink.webpubsub.azure.com" ] }, + "parPrivateDnsZoneAutoMergeAzureBackupZone": { + "value": true + }, "parVpnGatewayConfig": { "value": { "name": "alz-Vpn-Gateway", diff --git a/infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json b/infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json index 4c21757dc..dd5b18b0a 100644 --- a/infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json +++ b/infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json @@ -138,6 +138,9 @@ "privatelink.redis.cache.chinacloudapi.cn" ] }, + "parPrivateDnsZoneAutoMergeAzureBackupZone": { + "value": true + }, "parVpnGatewayConfig": { "value": { "name": "alz-Vpn-Gateway", diff --git a/infra-as-code/bicep/modules/privateDnsZones/README.md b/infra-as-code/bicep/modules/privateDnsZones/README.md index a8e29483b..6cce7a75d 100644 --- a/infra-as-code/bicep/modules/privateDnsZones/README.md +++ b/infra-as-code/bicep/modules/privateDnsZones/README.md @@ -31,7 +31,7 @@ The following DNS Zone use a geo code associated to the Azure Region. - `privatelink.xxx.backup.windowsazure.com` -If the Azure Region entered in `parLocation` matches a lookup to the map in `varAzBackupGeoCodes` we will append Geo Codes (value) used to generate region-specific DNS zone names for Azure Backup private endpoints. then insert Azure Backup Private DNS Zone with appropriate geo code inserted alongside zones in `parPrivateDnsZones` into a new array called `varPrivateDnsZonesMerge`. If not just return `parPrivateDnsZones` as the only values in `varPrivateDnsZonesMerge`. +If the Azure Region entered in `parLocation` matches a lookup to the map in `varAzBackupGeoCodes` we will append Geo Codes (value) used to generate region-specific DNS zone names for Azure Backup private endpoints. then insert Azure Backup Private DNS Zone with appropriate geo code inserted alongside zones in `parPrivateDnsZones` into a new array called `varPrivateDnsZonesMerge`. If not just return `parPrivateDnsZones` as the only values in `varPrivateDnsZonesMerge`. To override this see the parameter `parPrivateDnsZoneAutoMergeAzureBackupZone`. > For more information on Azure Backup and Private Link, or geo codes, please refer to: [Create and use private endpoints for Azure Backup](https://learn.microsoft.com/azure/backup/private-endpoints#when-using-custom-dns-server-or-host-files) diff --git a/infra-as-code/bicep/modules/privateDnsZones/generateddocs/privateDnsZones.bicep.md b/infra-as-code/bicep/modules/privateDnsZones/generateddocs/privateDnsZones.bicep.md index 546c1d657..2eae1b5f0 100644 --- a/infra-as-code/bicep/modules/privateDnsZones/generateddocs/privateDnsZones.bicep.md +++ b/infra-as-code/bicep/modules/privateDnsZones/generateddocs/privateDnsZones.bicep.md @@ -8,6 +8,7 @@ Parameter name | Required | Description -------------- | -------- | ----------- parLocation | No | The Azure Region to deploy the resources into. parPrivateDnsZones | No | Array of custom DNS Zones to provision in Hub Virtual Network. +parPrivateDnsZoneAutoMergeAzureBackupZone | No | Set Parameter to false to skip the addition of a Private DNS Zone for Azure Backup. parTags | No | Tags you would like to be applied to all resources in this module. parVirtualNetworkIdToLink | No | Resource ID of VNet for Private DNS Zone VNet Links. parTelemetryOptOut | No | Set Parameter to true to Opt-out of deployment telemetry. @@ -28,6 +29,14 @@ Array of custom DNS Zones to provision in Hub Virtual Network. - Default value: `[format('privatelink.{0}.azmk8s.io', toLower(parameters('parLocation')))] [format('privatelink.{0}.batch.azure.com', toLower(parameters('parLocation')))] [format('privatelink.{0}.kusto.windows.net', toLower(parameters('parLocation')))] privatelink.adf.azure.com privatelink.afs.azure.net privatelink.agentsvc.azure-automation.net privatelink.analysis.windows.net privatelink.api.azureml.ms privatelink.azconfig.io privatelink.azure-api.net privatelink.azure-automation.net privatelink.azurecr.io privatelink.azure-devices.net privatelink.azure-devices-provisioning.net privatelink.azurehdinsight.net privatelink.azurehealthcareapis.com privatelink.azurestaticapps.net privatelink.azuresynapse.net privatelink.azurewebsites.net privatelink.batch.azure.com privatelink.blob.core.windows.net privatelink.cassandra.cosmos.azure.com privatelink.cognitiveservices.azure.com privatelink.database.windows.net privatelink.datafactory.azure.net privatelink.dev.azuresynapse.net privatelink.dfs.core.windows.net privatelink.dicom.azurehealthcareapis.com privatelink.digitaltwins.azure.net privatelink.directline.botframework.com privatelink.documents.azure.com privatelink.eventgrid.azure.net privatelink.file.core.windows.net privatelink.gremlin.cosmos.azure.com privatelink.guestconfiguration.azure.com privatelink.his.arc.azure.com privatelink.kubernetesconfiguration.azure.com privatelink.managedhsm.azure.net privatelink.mariadb.database.azure.com privatelink.media.azure.net privatelink.mongo.cosmos.azure.com privatelink.monitor.azure.com privatelink.mysql.database.azure.com privatelink.notebooks.azure.net privatelink.ods.opinsights.azure.com privatelink.oms.opinsights.azure.com privatelink.pbidedicated.windows.net privatelink.postgres.database.azure.com privatelink.prod.migration.windowsazure.com privatelink.purview.azure.com privatelink.purviewstudio.azure.com privatelink.queue.core.windows.net privatelink.redis.cache.windows.net privatelink.redisenterprise.cache.azure.net privatelink.search.windows.net privatelink.service.signalr.net privatelink.servicebus.windows.net privatelink.siterecovery.windowsazure.com privatelink.sql.azuresynapse.net privatelink.table.core.windows.net privatelink.table.cosmos.azure.com privatelink.tip1.powerquery.microsoft.com privatelink.token.botframework.com privatelink.vaultcore.azure.net privatelink.web.core.windows.net privatelink.webpubsub.azure.com` +### parPrivateDnsZoneAutoMergeAzureBackupZone + +![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square) + +Set Parameter to false to skip the addition of a Private DNS Zone for Azure Backup. + +- Default value: `True` + ### parTags ![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square) @@ -140,6 +149,9 @@ outPrivateDnsZonesNames | array | "privatelink.webpubsub.azure.com" ] }, + "parPrivateDnsZoneAutoMergeAzureBackupZone": { + "value": true + }, "parTags": { "value": {} }, diff --git a/infra-as-code/bicep/modules/privateDnsZones/parameters/mc-privateDnsZones.parameters.all.json b/infra-as-code/bicep/modules/privateDnsZones/parameters/mc-privateDnsZones.parameters.all.json index 659f7c1f1..e387e2596 100644 --- a/infra-as-code/bicep/modules/privateDnsZones/parameters/mc-privateDnsZones.parameters.all.json +++ b/infra-as-code/bicep/modules/privateDnsZones/parameters/mc-privateDnsZones.parameters.all.json @@ -38,6 +38,14 @@ "privatelink.redis.cache.chinacloudapi.cn" ] }, + "parPrivateDnsZoneAutoMergeAzureBackupZone": { + "value": true + }, + "parTags": { + "value": { + "Environment": "Live" + } + }, "parVirtualNetworkIdToLink": { "value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxxxxxxxx/providers/Microsoft.Network/virtualNetworks/xxxxxxxxxxx" }, @@ -45,4 +53,4 @@ "value": false } } -} \ No newline at end of file +} diff --git a/infra-as-code/bicep/modules/privateDnsZones/parameters/mc-privateDnsZones.parameters.min.json b/infra-as-code/bicep/modules/privateDnsZones/parameters/mc-privateDnsZones.parameters.min.json index 659f7c1f1..ff3ebeee2 100644 --- a/infra-as-code/bicep/modules/privateDnsZones/parameters/mc-privateDnsZones.parameters.min.json +++ b/infra-as-code/bicep/modules/privateDnsZones/parameters/mc-privateDnsZones.parameters.min.json @@ -45,4 +45,4 @@ "value": false } } -} \ No newline at end of file +} diff --git a/infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json b/infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json index db140f6eb..ac87cc7b8 100644 --- a/infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json +++ b/infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json @@ -76,6 +76,9 @@ "privatelink.webpubsub.azure.com" ] }, + "parPrivateDnsZoneAutoMergeAzureBackupZone": { + "value": true + }, "parTags": { "value": { "Environment": "Live" diff --git a/infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep b/infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep index e1dcde8dc..f5590beef 100644 --- a/infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep +++ b/infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep @@ -74,6 +74,9 @@ param parPrivateDnsZones array = [ 'privatelink.webpubsub.azure.com' ] +@sys.description('Set Parameter to false to skip the addition of a Private DNS Zone for Azure Backup.') +param parPrivateDnsZoneAutoMergeAzureBackupZone bool = true + @sys.description('Tags you would like to be applied to all resources in this module.') param parTags object = {} @@ -154,7 +157,7 @@ var varAzBackupGeoCodes = { } // If region entered in parLocation and matches a lookup to varAzBackupGeoCodes then insert Azure Backup Private DNS Zone with appropriate geo code inserted alongside zones in parPrivateDnsZones. If not just return parPrivateDnsZones -var varPrivateDnsZonesMerge = contains(varAzBackupGeoCodes, parLocation) ? union(parPrivateDnsZones, [ 'privatelink.${varAzBackupGeoCodes[toLower(parLocation)]}.backup.windowsazure.com' ]) : parPrivateDnsZones +var varPrivateDnsZonesMerge = parPrivateDnsZoneAutoMergeAzureBackupZone && contains(varAzBackupGeoCodes, parLocation) ? union(parPrivateDnsZones, [ 'privatelink.${varAzBackupGeoCodes[toLower(parLocation)]}.backup.windowsazure.com' ]) : parPrivateDnsZones // Customer Usage Attribution Id var varCuaid = '981733dd-3195-4fda-a4ee-605ab959edb6' diff --git a/infra-as-code/bicep/modules/vwanConnectivity/README.md b/infra-as-code/bicep/modules/vwanConnectivity/README.md index ab536a3aa..0d99c1a64 100644 --- a/infra-as-code/bicep/modules/vwanConnectivity/README.md +++ b/infra-as-code/bicep/modules/vwanConnectivity/README.md @@ -43,7 +43,8 @@ The module will generate the following outputs: | outVirtualHubName | string | alz-vhub-eastus | | outVirtualHubId | string | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus | | outDdosPlanResourceId | string | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/ddosProtectionPlans/alz-ddos-plan | -| outPrivateDnsZones | array | `["name": "privatelink.azurecr.io", "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/net-lz-spk-eastus-rg/providers/Microsoft.Network/privateDnsZones/privatelink.azurecr.io"]` | +| outPrivateDnsZones | array | `[{"name":"privatelink.azurecr.io","id":"/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/net-lz-spk-eastus-rg/providers/Microsoft.Network/privateDnsZones/privatelink.azurecr.io"},{"name":"privatelink.azurewebsites.net","id":"/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/net-lz-spk-eastus-rg/providers/Microsoft.Network/privateDnsZones/privatelink.azurewebsites.net"}]` | +| outPrivateDnsZonesNames | array | `["privatelink.azurecr.io", "privatelink.azurewebsites.net"]` | ## Deployment diff --git a/infra-as-code/bicep/modules/vwanConnectivity/generateddocs/vwanConnectivity.bicep.md b/infra-as-code/bicep/modules/vwanConnectivity/generateddocs/vwanConnectivity.bicep.md index 077ab53cb..4e5bdb7bd 100644 --- a/infra-as-code/bicep/modules/vwanConnectivity/generateddocs/vwanConnectivity.bicep.md +++ b/infra-as-code/bicep/modules/vwanConnectivity/generateddocs/vwanConnectivity.bicep.md @@ -26,6 +26,7 @@ parDdosPlanName | No | DDoS Plan Name. parPrivateDnsZonesEnabled | No | Switch to enable/disable Private DNS Zones deployment. parPrivateDnsZonesResourceGroup | No | Resource Group Name for Private DNS Zones. parPrivateDnsZones | No | Array of DNS Zones to provision in Hub Virtual Network. +parPrivateDnsZoneAutoMergeAzureBackupZone | No | Set Parameter to false to skip the addition of a Private DNS Zone for Azure Backup. parVirtualNetworkIdToLink | No | Resource ID of VNet for Private DNS Zone VNet Links parTags | No | Tags you would like to be applied to all resources in this module. parTelemetryOptOut | No | Set Parameter to true to Opt-out of deployment telemetry @@ -200,6 +201,14 @@ Array of DNS Zones to provision in Hub Virtual Network. - Default value: `[format('privatelink.{0}.azmk8s.io', toLower(parameters('parLocation')))] [format('privatelink.{0}.batch.azure.com', toLower(parameters('parLocation')))] [format('privatelink.{0}.kusto.windows.net', toLower(parameters('parLocation')))] privatelink.adf.azure.com privatelink.afs.azure.net privatelink.agentsvc.azure-automation.net privatelink.analysis.windows.net privatelink.api.azureml.ms privatelink.azconfig.io privatelink.azure-api.net privatelink.azure-automation.net privatelink.azurecr.io privatelink.azure-devices.net privatelink.azure-devices-provisioning.net privatelink.azurehdinsight.net privatelink.azurehealthcareapis.com privatelink.azurestaticapps.net privatelink.azuresynapse.net privatelink.azurewebsites.net privatelink.batch.azure.com privatelink.blob.core.windows.net privatelink.cassandra.cosmos.azure.com privatelink.cognitiveservices.azure.com privatelink.database.windows.net privatelink.datafactory.azure.net privatelink.dev.azuresynapse.net privatelink.dfs.core.windows.net privatelink.dicom.azurehealthcareapis.com privatelink.digitaltwins.azure.net privatelink.directline.botframework.com privatelink.documents.azure.com privatelink.eventgrid.azure.net privatelink.file.core.windows.net privatelink.gremlin.cosmos.azure.com privatelink.guestconfiguration.azure.com privatelink.his.arc.azure.com privatelink.kubernetesconfiguration.azure.com privatelink.managedhsm.azure.net privatelink.mariadb.database.azure.com privatelink.media.azure.net privatelink.mongo.cosmos.azure.com privatelink.monitor.azure.com privatelink.mysql.database.azure.com privatelink.notebooks.azure.net privatelink.ods.opinsights.azure.com privatelink.oms.opinsights.azure.com privatelink.pbidedicated.windows.net privatelink.postgres.database.azure.com privatelink.prod.migration.windowsazure.com privatelink.purview.azure.com privatelink.purviewstudio.azure.com privatelink.queue.core.windows.net privatelink.redis.cache.windows.net privatelink.redisenterprise.cache.azure.net privatelink.search.windows.net privatelink.service.signalr.net privatelink.servicebus.windows.net privatelink.siterecovery.windowsazure.com privatelink.sql.azuresynapse.net privatelink.table.core.windows.net privatelink.table.cosmos.azure.com privatelink.tip1.powerquery.microsoft.com privatelink.token.botframework.com privatelink.vaultcore.azure.net privatelink.web.core.windows.net privatelink.webpubsub.azure.com` +### parPrivateDnsZoneAutoMergeAzureBackupZone + +![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square) + +Set Parameter to false to skip the addition of a Private DNS Zone for Azure Backup. + +- Default value: `True` + ### parVirtualNetworkIdToLink ![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square) @@ -230,6 +239,7 @@ outVirtualHubName | array | outVirtualHubId | array | outDdosPlanResourceId | string | outPrivateDnsZones | array | +outPrivateDnsZonesNames | array | ## Snippets @@ -380,6 +390,9 @@ outPrivateDnsZones | array | "privatelink.webpubsub.azure.com" ] }, + "parPrivateDnsZoneAutoMergeAzureBackupZone": { + "value": true + }, "parVirtualNetworkIdToLink": { "value": "" }, diff --git a/infra-as-code/bicep/modules/vwanConnectivity/parameters/mc-vwanConnectivity.parameters.all.json b/infra-as-code/bicep/modules/vwanConnectivity/parameters/mc-vwanConnectivity.parameters.all.json index 8e54bd923..34f1066da 100644 --- a/infra-as-code/bicep/modules/vwanConnectivity/parameters/mc-vwanConnectivity.parameters.all.json +++ b/infra-as-code/bicep/modules/vwanConnectivity/parameters/mc-vwanConnectivity.parameters.all.json @@ -99,6 +99,9 @@ "privatelink.redis.cache.chinacloudapi.cn" ] }, + "parPrivateDnsZoneAutoMergeAzureBackupZone": { + "value": true + }, "parVirtualNetworkIdToLink": { "value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/HUB_Networking_POC/providers/Microsoft.Network/virtualNetworks/alz-hub-eastus" }, diff --git a/infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json b/infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json index 2c047802e..65d6432c8 100644 --- a/infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json +++ b/infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json @@ -137,6 +137,9 @@ "privatelink.webpubsub.azure.com" ] }, + "parPrivateDnsZoneAutoMergeAzureBackupZone": { + "value": true + }, "parVirtualNetworkIdToLink": { "value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/HUB_Networking_POC/providers/Microsoft.Network/virtualNetworks/alz-hub-eastus" }, diff --git a/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep b/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep index d7750a01d..29ac26bbc 100644 --- a/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep +++ b/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep @@ -157,6 +157,9 @@ param parPrivateDnsZones array = [ 'privatelink.webpubsub.azure.com' ] +@sys.description('Set Parameter to false to skip the addition of a Private DNS Zone for Azure Backup.') +param parPrivateDnsZoneAutoMergeAzureBackupZone bool = true + @sys.description('Resource ID of VNet for Private DNS Zone VNet Links') param parVirtualNetworkIdToLink string = '' @@ -315,8 +318,9 @@ module modPrivateDnsZones '../privateDnsZones/privateDnsZones.bicep' = if (parPr params: { parLocation: parLocation parTags: parTags - parVirtualNetworkIdToLink: parVirtualNetworkIdToLink parPrivateDnsZones: parPrivateDnsZones + parPrivateDnsZoneAutoMergeAzureBackupZone: parPrivateDnsZoneAutoMergeAzureBackupZone + parVirtualNetworkIdToLink: parVirtualNetworkIdToLink } } @@ -349,3 +353,4 @@ output outDdosPlanResourceId string = resDdosProtectionPlan.id // Output Private DNS Zones output outPrivateDnsZones array = (parPrivateDnsZonesEnabled ? modPrivateDnsZones.outputs.outPrivateDnsZones : []) +output outPrivateDnsZonesNames array = (parPrivateDnsZonesEnabled ? modPrivateDnsZones.outputs.outPrivateDnsZonesNames : [])