Add fallback vnet for failover dns resolving.

infra-as-code/bicep/modules/hubNetworking/generateddocs/hubNetworking.bicep.md

@@ -36,6 +36,7 @@ parPrivateDnsZonesEnabled | No       | Switch to enable/disable Private DNS Zone
 parPrivateDnsZonesResourceGroup | No       | Resource Group Name for Private DNS Zones.
 parPrivateDnsZones | No       | Array of DNS Zones to provision in Hub Virtual Network. Default: All known Azure Private DNS Zones
 parPrivateDnsZoneAutoMergeAzureBackupZone | No       | Set Parameter to false to skip the addition of a Private DNS Zone for Azure Backup.
+parVirtualNetworkIdToLinkFailover | No       | Resource ID of Failover VNet for Private DNS Zone VNet Failover Links
 parVpnGatewayConfig | No       | Configuration for VPN virtual network gateway to be deployed. If a VPN virtual network gateway is not desired an empty object should be used as the input parameter in the parameter file, i.e. "parVpnGatewayConfig": {   "value": {} }
 parExpressRouteGatewayConfig | No       | Configuration for ExpressRoute virtual network gateway to be deployed. If a ExpressRoute virtual network gateway is not desired an empty object should be used as the input parameter in the parameter file, i.e. "parExpressRouteGatewayConfig": {   "value": {} }
 parTags        | No       | Tags you would like to be applied to all resources in this module.
@@ -284,6 +285,12 @@ Set Parameter to false to skip the addition of a Private DNS Zone for Azure Back
 
 - Default value: `True`
 
+### parVirtualNetworkIdToLinkFailover
+
+![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square)
+
+Resource ID of Failover VNet for Private DNS Zone VNet Failover Links
+
 ### parVpnGatewayConfig
 
 ![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square)
@@ -534,6 +541,9 @@ outHubVirtualNetworkId | string |
         "parPrivateDnsZoneAutoMergeAzureBackupZone": {
             "value": true
         },
+        "parVirtualNetworkIdToLinkFailover": {
+            "value": ""
+        },
         "parVpnGatewayConfig": {
             "value": {
                 "name": "[format('{0}-Vpn-Gateway', parameters('parCompanyPrefix'))]",

infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep

@@ -211,6 +211,9 @@ param parPrivateDnsZones array = [
 @sys.description('Set Parameter to false to skip the addition of a Private DNS Zone for Azure Backup.')
 param parPrivateDnsZoneAutoMergeAzureBackupZone bool = true
 
+@sys.description('Resource ID of Failover VNet for Private DNS Zone VNet Failover Links')
+param parVirtualNetworkIdToLinkFailover string = ''
+
 //ASN must be 65515 if deploying VPN & ER for co-existence to work: https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-coexist-resource-manager#limits-and-limitations
 @sys.description('''Configuration for VPN virtual network gateway to be deployed. If a VPN virtual network gateway is not desired an empty object should be used as the input parameter in the parameter file, i.e.
 "parVpnGatewayConfig": {
@@ -761,6 +764,7 @@ module modPrivateDnsZones '../privateDnsZones/privateDnsZones.bicep' = if (parPr
     parLocation: parLocation
     parTags: parTags
     parVirtualNetworkIdToLink: resHubVnet.id
+    parVirtualNetworkIdToLinkFailover: parVirtualNetworkIdToLinkFailover
     parPrivateDnsZones: parPrivateDnsZones
     parPrivateDnsZoneAutoMergeAzureBackupZone: parPrivateDnsZoneAutoMergeAzureBackupZone
     parTelemetryOptOut: parTelemetryOptOut

infra-as-code/bicep/modules/privateDnsZones/generateddocs/privateDnsZones.bicep.md

@@ -11,6 +11,7 @@ parPrivateDnsZones | No       | Array of custom DNS Zones to provision in Hub Vi
 parPrivateDnsZoneAutoMergeAzureBackupZone | No       | Set Parameter to false to skip the addition of a Private DNS Zone for Azure Backup.
 parTags        | No       | Tags you would like to be applied to all resources in this module.
 parVirtualNetworkIdToLink | No       | Resource ID of VNet for Private DNS Zone VNet Links.
+parVirtualNetworkIdToLinkFailover | No       | Resource ID of VNet for Failover Private DNS Zone VNet Links.
 parTelemetryOptOut | No       | Set Parameter to true to Opt-out of deployment telemetry.
 
 ### parLocation
@@ -49,6 +50,12 @@ Tags you would like to be applied to all resources in this module.
 
 Resource ID of VNet for Private DNS Zone VNet Links.
 
+### parVirtualNetworkIdToLinkFailover
+
+![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square)
+
+Resource ID of VNet for Failover Private DNS Zone VNet Links.
+
 ### parTelemetryOptOut
 
 ![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square)
@@ -158,6 +165,9 @@ outPrivateDnsZonesNames | array |
         "parVirtualNetworkIdToLink": {
             "value": ""
         },
+        "parVirtualNetworkIdToLinkFailover": {
+            "value": ""
+        },
         "parTelemetryOptOut": {
             "value": false
         }

infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json

@@ -87,6 +87,9 @@
     "parVirtualNetworkIdToLink": {
       "value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxxxxxxxx/providers/Microsoft.Network/virtualNetworks/xxxxxxxxxxx"
     },
+    "parVirtualNetworkIdToLinkFailover": {
+      "value": ""
+    },
     "parTelemetryOptOut": {
       "value": false
     }

infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep

@@ -83,6 +83,10 @@ param parTags object = {}
 @sys.description('Resource ID of VNet for Private DNS Zone VNet Links.')
 param parVirtualNetworkIdToLink string = ''
 
+@sys.description('Resource ID of VNet for Failover Private DNS Zone VNet Links.')
+param parVirtualNetworkIdToLinkFailover string = ''
+
+
 @sys.description('Set Parameter to true to Opt-out of deployment telemetry.')
 param parTelemetryOptOut bool = false
 
@@ -180,6 +184,18 @@ resource resVirtualNetworkLink 'Microsoft.Network/privateDnsZones/virtualNetwork
   dependsOn: resPrivateDnsZones
 }]
 
+resource resVirtualNetworkLinkFailover 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2020-06-01' = [for privateDnsZoneName in varPrivateDnsZonesMerge: if (!empty(parVirtualNetworkIdToLinkFailover)) {
+  name: '${privateDnsZoneName}/${take('fallbacklink-${uniqueString(parVirtualNetworkIdToLinkFailover)}', 80)}'
+  location: 'global'
+  properties: {
+    registrationEnabled: false
+    virtualNetwork: {
+      id: parVirtualNetworkIdToLinkFailover
+    }
+  }
+  dependsOn: resPrivateDnsZones
+}]
+
 module modCustomerUsageAttribution '../../CRML/customerUsageAttribution/cuaIdResourceGroup.bicep' = if (!parTelemetryOptOut) {
   #disable-next-line no-loc-expr-outside-params
   name: 'pid-${varCuaid}-${uniqueString(resourceGroup().location)}'

infra-as-code/bicep/modules/vwanConnectivity/generateddocs/vwanConnectivity.bicep.md

@@ -28,6 +28,7 @@ parPrivateDnsZonesResourceGroup | No       | Resource Group Name for Private DNS
 parPrivateDnsZones | No       | Array of DNS Zones to provision in Hub Virtual Network.
 parPrivateDnsZoneAutoMergeAzureBackupZone | No       | Set Parameter to false to skip the addition of a Private DNS Zone for Azure Backup.
 parVirtualNetworkIdToLink | No       | Resource ID of VNet for Private DNS Zone VNet Links
+parVirtualNetworkIdToLinkFailover | No       | Resource ID of Failover VNet for Private DNS Zone VNet Failover Links
 parTags        | No       | Tags you would like to be applied to all resources in this module.
 parTelemetryOptOut | No       | Set Parameter to true to Opt-out of deployment telemetry
 
@@ -216,6 +217,12 @@ Set Parameter to false to skip the addition of a Private DNS Zone for Azure Back
 
 Resource ID of VNet for Private DNS Zone VNet Links
 
+### parVirtualNetworkIdToLinkFailover
+
+![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square)
+
+Resource ID of Failover VNet for Private DNS Zone VNet Failover Links
+
 ### parTags
 
 ![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square)
@@ -398,6 +405,9 @@ outPrivateDnsZonesNames | array |
         "parVirtualNetworkIdToLink": {
             "value": ""
         },
+        "parVirtualNetworkIdToLinkFailover": {
+            "value": ""
+        },
         "parTags": {
             "value": {}
         },

infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json

@@ -149,6 +149,14 @@
         "Environment": "Live"
       }
     },
+    "parVirtualNetworkIdToLinkFailover": {
+      "value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/HUB_Networking_POC/providers/Microsoft.Network/virtualNetworks/alz-hub-eastus-failover"
+    },
+    "parTags": {
+      "value": {
+        "Environment": "Live"
+      }
+    },
     "parTelemetryOptOut": {
       "value": false
     }

infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep

@@ -165,6 +165,9 @@ param parPrivateDnsZoneAutoMergeAzureBackupZone bool = true
 @sys.description('Resource ID of VNet for Private DNS Zone VNet Links')
 param parVirtualNetworkIdToLink string = ''
 
+@sys.description('Resource ID of Failover VNet for Private DNS Zone VNet Failover Links')
+param parVirtualNetworkIdToLinkFailover string = ''
+
 @sys.description('Tags you would like to be applied to all resources in this module.')
 param parTags object = {}
 
@@ -337,6 +340,7 @@ module modPrivateDnsZones '../privateDnsZones/privateDnsZones.bicep' = if (parPr
     parPrivateDnsZones: parPrivateDnsZones
     parPrivateDnsZoneAutoMergeAzureBackupZone: parPrivateDnsZoneAutoMergeAzureBackupZone
     parVirtualNetworkIdToLink: parVirtualNetworkIdToLink
+    parVirtualNetworkIdToLinkFailover: parVirtualNetworkIdToLinkFailover
   }
 }