Enabled Virtual WAN scenario in a new vwanConnectivity module

[faister]

Overview/Summary

This PR is an implementation of a module used to deploy the Virtual WAN network topology and its components according to the Azure Landing Zone conceptual architecture which can be found here.

This PR fixes/adds/changes/removes

1. Implements vwanConnectivity module
2. Resolves 💡 Feature Request - Enable Azure Virtual WAN scenario in the Hub Networking module #133
3. Implements SE Backlog Item 73009
4. Supports AZFW as a DNS proxy as per Add Firewall Policy resource for VWAN implementation Enterprise-Scale#922

Breaking Changes

None

Testing Evidence

Azure East US deployment evidence:

Resources deployed:

Overall deployment status:

vwanConnectivity deployment status:

VWAN overview:

Firewall policy:

Azure China deployment in China East 2evidence

Resources deployed:

Overall deployment status:

vwanConnectivity deployment status:

VWAN overview:

Firewall policy:

As part of this Pull Request I have

• Checked for duplicate Pull Requests
• Associated it with relevant [ADO items] (https://dev.azure.com/unifiedactiontracker/Solution%20Engineering/_backlogs/backlog/Azure%20Landing%20Zone%20Bicep/Backlog%20Bugs%20Feedback/?workitem=73009)
• Ensured my code/branch is up-to-date with the latest changes in the main branch
• Performed testing and provided evidence.
• Updated relevant and associated documentation.

[jtracey93]

Nice work @faister, just a few bits, but nothing major 👍

Also do you think we should create another module like the Hub Networking but using VWAN instead?

Also do we need to update the Deployment Flow wiki page with an option here for VWAN or just a note?

[faister]

Nice work @faister Fai Lai FTE, just a few bits, but nothing major 👍

Thanks @jtracey93

Also do you think we should create another module like the Hub Networking but using VWAN instead?

This is another module for VWAN, like hub networking.

Also do we need to update the Deployment Flow wiki page with an option here for VWAN or just a note?

Added another part in the Deployment Flow wiki to call out optional modules. Reason for calling this out as optional is because the VWAN networking scenario is rather niche for customers.

But to get parity with ES repo, the next thing I could work on would be the orchestration to deploy a Contoso RI using ALZ Bicep modules. But that is dependent on the unstable orchestration issue which you are tracking with the PG.

Have also enabled AZFW as a DNS proxy as per Azure/Enterprise-Scale#922 and test it out too. Part of this PR too.

[jfaurskov]

/azp run e2e

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[jfaurskov]

/azp run e2e

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[jfaurskov]

/azp run e2e

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[jtracey93]

A few final pieces and I think we are there 👍

Nice work @faister

[faister]

A few final pieces and I think we are there 👍

Nice work @faister Fai Lai FTE

Too easy, committed your changes. Are we good to approve and merge? Got some customers waiting for this :)

[jtracey93]

/azp run e2e

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[jtracey93]

Approving even though Link Check fails as this will exist once the PR has been merged as included with this PR

stale