Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Option for subnet delegations #526

Merged
merged 11 commits into from
Jun 7, 2023
Merged

Option for subnet delegations #526

merged 11 commits into from
Jun 7, 2023

Conversation

picccard
Copy link
Contributor

Overview/Summary

Delegating a subnet to an azure service is possible in terraform, but not yet possible in the bicep version of ALZ.
The feature is not well documented though: Azure/terraform-azurerm-caf-enterprise-scale#711

This PR fixes/adds/changes/removes

  1. Adds support for optional delegating a subnet to an single azure service
    1.1 Subnets that should not have delegations can skip/ignore the use of this property
    1.2 The vnet resource api accepts the delegation object to be a list, but my attempt to delegate for two services failed. I've never successfully delegated a subnet to two services, that might cause conflicts if both azure services deploy stuff into the subnet on the same IP(?)

Breaking Changes

None

Testing Evidence

-WhatIf deployment of two new subnets with delegation:
image

As part of this Pull Request I have

@ghost ghost added the Needs: Triage 🔍 Needs triaging by the team label May 15, 2023
@picccard picccard mentioned this pull request May 15, 2023
Open
jtracey93
jtracey93 requested changes May 18, 2023
View reviewed changes
Copy link
Collaborator

@jtracey93 jtracey93 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @Piccard, please remove the Private DNS Resolver additions here and just leave the delegation pieces

@jtracey93 jtracey93 added enhancement and removed Needs: Triage 🔍 Needs triaging by the team labels May 18, 2023
@ghost ghost removed the Needs: Author Feedback label May 19, 2023
@picccard
Copy link
Contributor Author

Ok, removed the new subnets and left only the functionality to delegate subnets.

There is not any doc explaining how-to delegate subnets yet, but I don't see any good place to put it.

@picccard picccard requested a review from jtracey93 May 26, 2023 23:27
@jtracey93
Copy link
Collaborator

@Piccard could you resolve the test failures please 👍

@jtracey93
Copy link
Collaborator

/azp run validateazcloud

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@jtracey93
Copy link
Collaborator

/azp run e2e

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@jtracey93 jtracey93 merged commit c6f01fb into Azure:main Jun 7, 2023
@picccard picccard deleted the subnet-delegations branch June 7, 2023 19:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jtracey93 jtracey93 jtracey93 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@picccard @jtracey93