Spoke Vnet peering with Vwan virtual hub

[faister]

Overview/Summary

Connect a spoke virtual network to a Virtual WAN virtual hub. Example shows how a Vnet in one region, i.e., WestUS can be peered with Vwan virtual hub in another region, EastUS.

This PR fixes/adds/changes/removes

1. Adds vnetPeeringVwan module.
2. Resolves 💡 Feature Request - Enable Azure Virtual WAN scenario in the Hub Networking module #133
3. Implements SE Backlog Item 99027

Breaking Changes

N/A

Testing Evidence

As part of this Pull Request I have

• Checked for duplicate Pull Requests
• Associated it with relevant ADO items
• Ensured my code/branch is up-to-date with the latest changes in the main branch
• Performed testing and provided evidence.
• Updated relevant and associated documentation.

[jtracey93]

Nice work @faister.

Should this module only deploy the VWAN? Hub Virtual Network Connection (aka peering)? Rather than also deploying the spoke VNet?

As the spoke VNet module (https://github.com/Azure/ALZ-Bicep/tree/main/infra-as-code/bicep/modules/spokeNetworking) can be used to create the spoke and then we just need an equivalent for the virtualNetworkPeer (https://github.com/Azure/ALZ-Bicep/tree/main/infra-as-code/bicep/modules/virtualNetworkPeer) module for VWAN?

[faister]

Nice work @faister Fai Lai FTE.

Should this module only deploy the VWAN? Hub Virtual Network Connection (aka peering)? Rather than also deploying the spoke VNet?

As the spoke VNet module (https://github.com/Azure/ALZ-Bicep/tree/main/infra-as-code/bicep/modules/spokeNetworking) can be used to create the spoke and then we just need an equivalent for the virtualNetworkPeer (https://github.com/Azure/ALZ-Bicep/tree/main/infra-as-code/bicep/modules/virtualNetworkPeer) module for VWAN?

@jtracey93 Thanks. I'll change this to introduce a new parameter, which is the remote spoke vnet resource id. This allows an existing vnet (from any subscription) to be peered with the vwan vhub. However if the remote spoke vnet resource id is empty, then it will create a new vnet. This makes it easier for anyone to use this module, rather than having to call another module, and it is also consistent with how vnetPeeringVwan works in the parent enterprise-scale repo. What do you think?

[jtracey93]

Hey @faister,

let's not do the Spoke VNET creation at all here, just the VWAN Connection/Peering.

And then can create a "mini-orchestration" module that does all these together which I believe @KiZach is going to create once this is merged as part of #173 👍👍

[faister]

Hey @faister,

let's not do the Spoke VNET creation at all here, just the VWAN Connection/Peering.

And then can create a "mini-orchestration" module that does all these together which I believe @KiZach is going to create once this is merged as part of #173 👍👍

done, will do some testing tomorrow

[jtracey93]

Hey @faister, looks great.

I have made a few changes and committed them into your branch directly checkout the last 3 commits.

Can you please review and test again, once you've pulled down my latest commits, to make sure you are happy with my changes to this module?

Cheers

Jack

[KiZach]

Hey @faister and @jtracey93

When this PR is merged I have the #173 ready for review, as it will support both standard Hub & Spoke and Azure WAN spoke peering.

[faister]

@jtracey93
final test done, see az cli deployment output below:
deploymenttest-final.txt

[jtracey93]

LGTM 👍👍