From d7537f37d11876be99fcd32dd8b09b75318109d0 Mon Sep 17 00:00:00 2001 From: Dany Contreras <78437433+danycontre@users.noreply.github.com> Date: Mon, 4 Nov 2024 11:55:05 -0600 Subject: [PATCH] updates --- workload/arm/deploy-baseline.json | 18 ++++++++++-------- workload/bicep/deploy-baseline.bicep | 8 ++++---- workload/bicep/modules/networking/deploy.bicep | 4 ++-- workload/portal-ui/portal-ui-baseline.json | 4 ++-- 4 files changed, 18 insertions(+), 16 deletions(-) diff --git a/workload/arm/deploy-baseline.json b/workload/arm/deploy-baseline.json index 9ade1272e..e7f1c1d29 100644 --- a/workload/arm/deploy-baseline.json +++ b/workload/arm/deploy-baseline.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.30.23.60470", - "templateHash": "1471421731411469646" + "templateHash": "3013332418835867885" }, "name": "AVD Accelerator - Baseline Deployment", "description": "AVD Accelerator - Deployment Baseline", @@ -330,12 +330,14 @@ }, "avdVnetPrivateDnsZoneConnectionResourceId": { "type": "string", + "defaultValue": "", "metadata": { "description": "The ResourceID of the AVD Private DNS Zone for Connection. (privatelink.wvd.azure.com). Only required if createPrivateDNSZones is set to false." } }, "avdVnetPrivateDnsZoneDiscoveryResourceId": { "type": "string", + "defaultValue": "", "metadata": { "description": "The ResourceID of the AVD Private DNS Zone for Discovery. (privatelink-global.wvd.azure.com). Only required if createPrivateDNSZones is set to false." } @@ -4189,7 +4191,7 @@ "_generator": { "name": "bicep", "version": "0.30.23.60470", - "templateHash": "15141958373406407244" + "templateHash": "11742268930182457765" }, "name": "AVD LZA networking", "description": "This module deploys vNet, NSG, ASG, UDR, private DNs zones", @@ -8547,13 +8549,13 @@ "type": "string", "value": "[if(parameters('createPrivateDnsZones'), reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', format('{0}', parameters('workloadSubsId')), format('{0}', parameters('networkObjectsRgName'))), 'Microsoft.Resources/deployments', format('Private-DNS-Kv-{0}', parameters('time'))), '2022-09-01').outputs.resourceId.value, '')]" }, - "aVDDnsConnectionZoneResourceId": { + "avdDnsConnectionZoneResourceId": { "type": "string", - "value": "[if(parameters('createPrivateDnsZones'), reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', format('{0}', parameters('workloadSubsId')), format('{0}', parameters('networkObjectsRgName'))), 'Microsoft.Resources/deployments', format('Private-DNS-AVD-Connection{0}', parameters('time'))), '2022-09-01').outputs.resourceId.value, '')]" + "value": "[if(and(parameters('createPrivateDnsZones'), parameters('deployAvdPrivateLinkService')), reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', format('{0}', parameters('workloadSubsId')), format('{0}', parameters('networkObjectsRgName'))), 'Microsoft.Resources/deployments', format('Private-DNS-AVD-Connection{0}', parameters('time'))), '2022-09-01').outputs.resourceId.value, '')]" }, - "aVDDnsDiscoveryZoneResourceId": { + "avdDnsDiscoveryZoneResourceId": { "type": "string", - "value": "[if(parameters('createPrivateDnsZones'), reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', format('{0}', parameters('workloadSubsId')), format('{0}', parameters('networkObjectsRgName'))), 'Microsoft.Resources/deployments', format('Private-DNS-AVD-Discovery-{0}', parameters('time'))), '2022-09-01').outputs.resourceId.value, '')]" + "value": "[if(and(parameters('createPrivateDnsZones'), parameters('deployAvdPrivateLinkService')), reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', format('{0}', parameters('workloadSubsId')), format('{0}', parameters('networkObjectsRgName'))), 'Microsoft.Resources/deployments', format('Private-DNS-AVD-Discovery-{0}', parameters('time'))), '2022-09-01').outputs.resourceId.value, '')]" } } } @@ -8659,8 +8661,8 @@ "value": "[parameters('workspacePublicNetworkAccess')]" }, "privateEndpointSubnetResourceId": "[if(parameters('createAvdVnet'), createObject('value', format('{0}/subnets/{1}', reference(subscriptionResourceId('Microsoft.Resources/deployments', format('Networking-{0}', parameters('time'))), '2022-09-01').outputs.virtualNetworkResourceId.value, variables('varVnetPrivateEndpointSubnetName'))), createObject('value', parameters('existingVnetPrivateEndpointSubnetResourceId')))]", - "avdVnetPrivateDnsZoneDiscoveryResourceId": "[if(parameters('createPrivateDnsZones'), createObject('value', reference(subscriptionResourceId('Microsoft.Resources/deployments', format('Networking-{0}', parameters('time'))), '2022-09-01').outputs.aVDDnsDiscoveryZoneResourceId.value), createObject('value', parameters('avdVnetPrivateDnsZoneDiscoveryResourceId')))]", - "avdVnetPrivateDnsZoneConnectionResourceId": "[if(parameters('createPrivateDnsZones'), createObject('value', reference(subscriptionResourceId('Microsoft.Resources/deployments', format('Networking-{0}', parameters('time'))), '2022-09-01').outputs.aVDDnsConnectionZoneResourceId.value), createObject('value', parameters('avdVnetPrivateDnsZoneConnectionResourceId')))]", + "avdVnetPrivateDnsZoneDiscoveryResourceId": "[if(parameters('createPrivateDnsZones'), createObject('value', reference(subscriptionResourceId('Microsoft.Resources/deployments', format('Networking-{0}', parameters('time'))), '2022-09-01').outputs.avdDnsDiscoveryZoneResourceId.value), createObject('value', parameters('avdVnetPrivateDnsZoneDiscoveryResourceId')))]", + "avdVnetPrivateDnsZoneConnectionResourceId": "[if(parameters('createPrivateDnsZones'), createObject('value', reference(subscriptionResourceId('Microsoft.Resources/deployments', format('Networking-{0}', parameters('time'))), '2022-09-01').outputs.avdDnsConnectionZoneResourceId.value), createObject('value', parameters('avdVnetPrivateDnsZoneConnectionResourceId')))]", "privateEndpointConnectionName": { "value": "[variables('varPrivateEndPointConnectionName')]" }, diff --git a/workload/bicep/deploy-baseline.bicep b/workload/bicep/deploy-baseline.bicep index ded91c47d..97e368e65 100644 --- a/workload/bicep/deploy-baseline.bicep +++ b/workload/bicep/deploy-baseline.bicep @@ -171,10 +171,10 @@ param deployAvdPrivateLinkService bool = false param createPrivateDnsZones bool = true @sys.description('The ResourceID of the AVD Private DNS Zone for Connection. (privatelink.wvd.azure.com). Only required if createPrivateDNSZones is set to false.') -param avdVnetPrivateDnsZoneConnectionResourceId string +param avdVnetPrivateDnsZoneConnectionResourceId string = '' @sys.description('The ResourceID of the AVD Private DNS Zone for Discovery. (privatelink-global.wvd.azure.com). Only required if createPrivateDNSZones is set to false.') -param avdVnetPrivateDnsZoneDiscoveryResourceId string +param avdVnetPrivateDnsZoneDiscoveryResourceId string = '' @sys.description('Use existing Azure private DNS zone for Azure files privatelink.file.core.windows.net or privatelink.file.core.usgovcloudapi.net. (Default: "")') param avdVnetPrivateDnsZoneFilesId string = '' @@ -1173,8 +1173,8 @@ module managementPLane './modules/avdManagementPlane/deploy.bicep' = { hostPoolPublicNetworkAccess: hostPoolPublicNetworkAccess workspacePublicNetworkAccess: workspacePublicNetworkAccess privateEndpointSubnetResourceId: createAvdVnet ? '${networking.outputs.virtualNetworkResourceId}/subnets/${varVnetPrivateEndpointSubnetName}' : existingVnetPrivateEndpointSubnetResourceId - avdVnetPrivateDnsZoneDiscoveryResourceId: createPrivateDnsZones ? networking.outputs.aVDDnsDiscoveryZoneResourceId : avdVnetPrivateDnsZoneDiscoveryResourceId - avdVnetPrivateDnsZoneConnectionResourceId: createPrivateDnsZones ? networking.outputs.aVDDnsConnectionZoneResourceId : avdVnetPrivateDnsZoneConnectionResourceId + avdVnetPrivateDnsZoneDiscoveryResourceId: createPrivateDnsZones ? networking.outputs.avdDnsDiscoveryZoneResourceId : avdVnetPrivateDnsZoneDiscoveryResourceId + avdVnetPrivateDnsZoneConnectionResourceId: createPrivateDnsZones ? networking.outputs.avdDnsConnectionZoneResourceId : avdVnetPrivateDnsZoneConnectionResourceId privateEndpointConnectionName: varPrivateEndPointConnectionName privateEndpointDiscoveryName: varPrivateEndPointDiscoveryName privateEndpointWorkspaceName: varPrivateEndPointWorkspaceName diff --git a/workload/bicep/modules/networking/deploy.bicep b/workload/bicep/modules/networking/deploy.bicep index 258e30847..c9591278a 100644 --- a/workload/bicep/modules/networking/deploy.bicep +++ b/workload/bicep/modules/networking/deploy.bicep @@ -645,5 +645,5 @@ output applicationSecurityGroupResourceId string = deployAsg ? applicationSecuri output virtualNetworkResourceId string = createVnet ? virtualNetwork.outputs.resourceId : '' output azureFilesDnsZoneResourceId string = createPrivateDnsZones ? privateDnsZoneAzureFiles.outputs.resourceId : '' output keyVaultDnsZoneResourceId string = createPrivateDnsZones ? privateDnsZoneKeyVault.outputs.resourceId : '' -output aVDDnsConnectionZoneResourceId string = createPrivateDnsZones ? privateDnsZoneAVDConnection.outputs.resourceId : '' -output aVDDnsDiscoveryZoneResourceId string = createPrivateDnsZones ? privateDnsZoneAVDDiscovery.outputs.resourceId : '' +output avdDnsConnectionZoneResourceId string = (createPrivateDnsZones && deployAvdPrivateLinkService) ? privateDnsZoneAVDConnection.outputs.resourceId : '' +output avdDnsDiscoveryZoneResourceId string = (createPrivateDnsZones && deployAvdPrivateLinkService) ? privateDnsZoneAVDDiscovery.outputs.resourceId : '' diff --git a/workload/portal-ui/portal-ui-baseline.json b/workload/portal-ui/portal-ui-baseline.json index 446484ceb..18f240ef3 100644 --- a/workload/portal-ui/portal-ui-baseline.json +++ b/workload/portal-ui/portal-ui-baseline.json @@ -2496,8 +2496,8 @@ "deployDDoSNetworkProtection": "[steps('network').deployDDoSNetworkProtection]", "deployPrivateEndpointKeyvaultStorage": "[steps('network').deployPrivateEndpointKeyvaultStorage]", "deployAvdPrivateLinkService": "[steps('network').deployAvdPrivateLinkService]", - "hostPoolPublicNetworkAccess": "[steps('network').hostPoolPrivateEndpointNetworkAccessSelector]", - "workspacePublicNetworkAccess": "[steps('network').workspacePrivateEndpointNetworkAccessSelector]", + "hostPoolPublicNetworkAccess": "[if(equals(steps('network').deployAvdPrivateLinkService, true), steps('network').hostPoolPrivateEndpointNetworkAccessSelector, 'Enabled')]", + "workspacePublicNetworkAccess": "[if(equals(steps('network').deployAvdPrivateLinkService, true), steps('network').workspacePrivateEndpointNetworkAccessSelector, 'Enabled')]", "createPrivateDnsZones": "[steps('network').virtualNetworkPrivateDnsZone]", "avdVnetPrivateDnsZoneFilesId": "[if(and(equals(steps('network').deployPrivateEndpointKeyvaultStorage, true), equals(steps('network').virtualNetworkPrivateDnsZone, false)), steps('network').virtualNetworkPrivateDnsZoneSelection.virtualNetworkPrivateDnsZoneFilesSelector.id, '')]", "avdVnetPrivateDnsZoneKeyvaultId": "[if(and(equals(steps('network').deployPrivateEndpointKeyvaultStorage, true), equals(steps('network').virtualNetworkPrivateDnsZone, false)), steps('network').virtualNetworkPrivateDnsZoneSelection.virtualNetworkPrivateDnsZoneKeyvaultSelector.id, '')]",