Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add if (parAzBastionEnabled) to nsg create bastion #575

Merged
merged 2 commits into from
Jul 17, 2023
Merged

Add if (parAzBastionEnabled) to nsg create bastion #575

merged 2 commits into from
Jul 17, 2023

Conversation

woutermation
Copy link
Contributor

@woutermation woutermation commented Jul 14, 2023
edited
Loading

Fixes #573

Overview/Summary

When setting Bastion to disabled the NSG is still deployed, expect that the NSG is not deployed

By adding if (parAzBastionEnabled) to the NSG creation this is fixed

This PR fixes/adds/changes/removes

Change hubNetworking.bicep line 368 with

resource resBastionNsg 'Microsoft.Network/networkSecurityGroups@2021-08-01' = if (parAzBastionEnabled) {
}

Breaking Changes

None

Testing Evidence

NSG is not created ;-)

As part of this Pull Request I have

@jtracey93 jtracey93 self-requested a review July 14, 2023 14:02
jtracey93
jtracey93 requested changes Jul 14, 2023
View reviewed changes
Copy link
Collaborator

@jtracey93 jtracey93 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @woutermation,

Thanks for the PR, much appreciated.

I think one more thing needs changing on line 287 to ensure that if Bastion isn't enabled the NSG isn't tried to be referenced:

https://github.com/woutermation/ALZ-Bicep/blob/woutermation/issue573/infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep#L287-L291

Can you add to the condition that already exists to also check for parAzBastionEnabled being true?

Thanks

@jtracey93 jtracey93 self-assigned this Jul 14, 2023
@woutermation
Copy link
Contributor Author

Good catch, I removed de AzureBastionSubnet from my parameter file that's why it didn't show up during testing (my bad ;-)) and note to self to always test with the default param file.

@jtracey93
Copy link
Collaborator

/azp run validateazcloud

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@jtracey93 jtracey93 merged commit ec30e29 into Azure:main Jul 17, 2023
@woutermation woutermation deleted the woutermation/issue573 branch September 6, 2023 13:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jtracey93 jtracey93 jtracey93 approved these changes

Assignees

@jtracey93 jtracey93

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Bastion NSG deployed when parAzBastionEnabled -eq $false
2 participants
@woutermation @jtracey93