From 969c50f80a08b86b8495caf4669b4320809b2fd6 Mon Sep 17 00:00:00 2001 From: Tor Ivar Date: Thu, 4 Nov 2021 10:30:09 +0100 Subject: [PATCH 1/7] Updated readme publicIpZones description --- arm/Microsoft.Network/virtualNetworkGateways/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/virtualNetworkGateways/readme.md b/arm/Microsoft.Network/virtualNetworkGateways/readme.md index d885ee4955..07cc61a06d 100644 --- a/arm/Microsoft.Network/virtualNetworkGateways/readme.md +++ b/arm/Microsoft.Network/virtualNetworkGateways/readme.md @@ -33,7 +33,7 @@ This module deploys a Virtual Network Gateway. | `metricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | Optional. The name of metrics that will be streamed. | | `publicIpLogsToEnable` | array | `[DDoSProtectionNotifications, DDoSMitigationFlowLogs, DDoSMitigationReports]` | `[DDoSProtectionNotifications, DDoSMitigationFlowLogs, DDoSMitigationReports]` | Optional. The name of logs that will be streamed. | | `publicIPPrefixId` | string | | | Optional. Resource Id of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix. | -| `publicIpZones` | array | `[1]` | | Optional. Specifies the zones of the Public IP address. | +| `publicIpZones` | array | `[]` | | Optional. Specifies the zones of the Public IP address. Basic IP SKU does not support Availability Zones.| | `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `tags` | object | `{object}` | | Optional. Tags of the resource. | | `virtualNetworkGatewayLogsToEnable` | array | `[GatewayDiagnosticLog, TunnelDiagnosticLog, RouteDiagnosticLog, IKEDiagnosticLog, P2SDiagnosticLog]` | `[GatewayDiagnosticLog, TunnelDiagnosticLog, RouteDiagnosticLog, IKEDiagnosticLog, P2SDiagnosticLog]` | Optional. The name of logs that will be streamed. | From ac865c578e26758c61b6c4dfd753122dcd503174 Mon Sep 17 00:00:00 2001 From: Tor Ivar Date: Thu, 4 Nov 2021 10:30:32 +0100 Subject: [PATCH 2/7] Updated virtualNetworkGateway module publicIpZones --- arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep b/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep index 5105c60c47..c74d6841be 100644 --- a/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep +++ b/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep @@ -11,9 +11,7 @@ param gatewayPipName array = [] param publicIPPrefixId string = '' @description('Optional. Specifies the zones of the Public IP address.') -param publicIpZones array = [ - '1' -] +param publicIpZones array = [] @description('Optional. DNS name(s) of the Public IP resource(s). If you enabled active-active configuration, you need to provide 2 DNS names, if you want to use this feature. A region specific suffix will be appended to it, e.g.: your-DNS-name.westeurope.cloudapp.azure.com') param domainNameLabel array = [] @@ -308,7 +306,7 @@ resource virtualGatewayPublicIP 'Microsoft.Network/publicIPAddresses@2021-02-01' publicIPPrefix: ((!empty(publicIPPrefixId)) ? publicIPPrefix : json('null')) dnsSettings: ((length(virtualGatewayPipName_var) == length(domainNameLabel)) ? json('{"domainNameLabel": "${domainNameLabel[index]}"}') : json('null')) } - zones: publicIpZones + zones: contains(zoneRedundantSkus, virtualNetworkGatewaySku) ? publicIpZones : json('null') }] @batchSize(1) From 47fdef41ffd8435bb37a094b6a1a2cb217b389da Mon Sep 17 00:00:00 2001 From: Tor Ivar Date: Fri, 5 Nov 2021 09:28:03 +0100 Subject: [PATCH 3/7] Changed all json('null') to null after comment --- .../virtualNetworkGateways/deploy.bicep | 38 +++++++++---------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep b/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep index c324e7fba9..ce183ca8be 100644 --- a/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep +++ b/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep @@ -264,8 +264,8 @@ var vpnClientConfiguration = { vpnClientAddressPoolPrefix ] } - vpnClientRootCertificates: (empty(clientRootCertData) ? json('null') : vpnClientRootCertificates) - vpnClientRevokedCertificates: (empty(clientRevokedCertThumbprint) ? json('null') : vpmClientRevokedCertificates) + vpnClientRootCertificates: (empty(clientRootCertData) ? null : vpnClientRootCertificates) + vpnClientRevokedCertificates: (empty(clientRevokedCertThumbprint) ? null : vpmClientRevokedCertificates) } module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { @@ -285,10 +285,10 @@ resource virtualGatewayPublicIP 'Microsoft.Network/publicIPAddresses@2021-02-01' } properties: { publicIPAllocationMethod: gatewayPipAllocationMethod - publicIPPrefix: ((!empty(publicIPPrefixId)) ? publicIPPrefix : json('null')) - dnsSettings: ((length(virtualGatewayPipName_var) == length(domainNameLabel)) ? json('{"domainNameLabel": "${domainNameLabel[index]}"}') : json('null')) + publicIPPrefix: ((!empty(publicIPPrefixId)) ? publicIPPrefix : null) + dnsSettings: ((length(virtualGatewayPipName_var) == length(domainNameLabel)) ? json('{"domainNameLabel": "${domainNameLabel[index]}"}') : null) } - zones: contains(zoneRedundantSkus, virtualNetworkGatewaySku) ? publicIpZones : json('null') + zones: contains(zoneRedundantSkus, virtualNetworkGatewaySku) ? publicIpZones : null }] @batchSize(1) @@ -305,12 +305,12 @@ resource virtualGatewayPublicIP_lock 'Microsoft.Authorization/locks@2016-09-01' resource virtualNetworkGatewayPublicIp_diagnosticSettings 'Microsoft.Insights/diagnosticsettings@2017-05-01-preview' = [for (virtualGatewayPublicIpName, index) in virtualGatewayPipName_var: if ((!empty(diagnosticStorageAccountId)) || (!empty(workspaceId)) || (!empty(eventHubAuthorizationRuleId)) || (!empty(eventHubName))) { name: '${virtualGatewayPublicIpName}-diagnosticSettings' properties: { - storageAccountId: (empty(diagnosticStorageAccountId) ? json('null') : diagnosticStorageAccountId) - workspaceId: (empty(workspaceId) ? json('null') : workspaceId) - eventHubAuthorizationRuleId: (empty(eventHubAuthorizationRuleId) ? json('null') : eventHubAuthorizationRuleId) - eventHubName: (empty(eventHubName) ? json('null') : eventHubName) - metrics: ((empty(diagnosticStorageAccountId) && empty(workspaceId) && empty(eventHubAuthorizationRuleId) && empty(eventHubName)) ? json('null') : diagnosticsMetrics) - logs: ((empty(diagnosticStorageAccountId) && empty(workspaceId) && empty(eventHubAuthorizationRuleId) && empty(eventHubName)) ? json('null') : publicIpDiagnosticsLogs) + storageAccountId: (empty(diagnosticStorageAccountId) ? null : diagnosticStorageAccountId) + workspaceId: (empty(workspaceId) ? null : workspaceId) + eventHubAuthorizationRuleId: (empty(eventHubAuthorizationRuleId) ? null : eventHubAuthorizationRuleId) + eventHubName: (empty(eventHubName) ? null : eventHubName) + metrics: ((empty(diagnosticStorageAccountId) && empty(workspaceId) && empty(eventHubAuthorizationRuleId) && empty(eventHubName)) ? null : diagnosticsMetrics) + logs: ((empty(diagnosticStorageAccountId) && empty(workspaceId) && empty(eventHubAuthorizationRuleId) && empty(eventHubName)) ? null : publicIpDiagnosticsLogs) } scope: virtualGatewayPublicIP[index] }] @@ -325,14 +325,14 @@ resource virtualNetworkGateway 'Microsoft.Network/virtualNetworkGateways@2021-02 ipConfigurations: (activeActive_var ? activeActiveIpConfiguration : activePassiveIpConfiguration) activeActive: activeActive_var enableBgp: enableBgp_var - bgpSettings: ((virtualNetworkGatewayType == 'ExpressRoute') ? json('null') : bgpSettings) + bgpSettings: ((virtualNetworkGatewayType == 'ExpressRoute') ? null : bgpSettings) sku: { name: virtualNetworkGatewaySku tier: virtualNetworkGatewaySku } gatewayType: virtualNetworkGatewayType vpnType: vpnType_var - vpnClientConfiguration: (empty(vpnClientAddressPoolPrefix) ? json('null') : vpnClientConfiguration) + vpnClientConfiguration: (empty(vpnClientAddressPoolPrefix) ? null : vpnClientConfiguration) } dependsOn: [ virtualGatewayPublicIP @@ -351,12 +351,12 @@ resource virtualNetworkGateway_lock 'Microsoft.Authorization/locks@2016-09-01' = resource virtualNetworkGateway_diagnosticSettings 'Microsoft.Insights/diagnosticsettings@2017-05-01-preview' = if ((!empty(diagnosticStorageAccountId)) || (!empty(workspaceId)) || (!empty(eventHubAuthorizationRuleId)) || (!empty(eventHubName))) { name: '${virtualNetworkGateway.name}-diagnosticSettings' properties: { - storageAccountId: (empty(diagnosticStorageAccountId) ? json('null') : diagnosticStorageAccountId) - workspaceId: (empty(workspaceId) ? json('null') : workspaceId) - eventHubAuthorizationRuleId: (empty(eventHubAuthorizationRuleId) ? json('null') : eventHubAuthorizationRuleId) - eventHubName: (empty(eventHubName) ? json('null') : eventHubName) - metrics: ((empty(diagnosticStorageAccountId) && empty(workspaceId) && empty(eventHubAuthorizationRuleId) && empty(eventHubName)) ? json('null') : diagnosticsMetrics) - logs: ((empty(diagnosticStorageAccountId) && empty(workspaceId) && empty(eventHubAuthorizationRuleId) && empty(eventHubName)) ? json('null') : virtualNetworkGatewayDiagnosticsLogs) + storageAccountId: (empty(diagnosticStorageAccountId) ? null : diagnosticStorageAccountId) + workspaceId: (empty(workspaceId) ? null : workspaceId) + eventHubAuthorizationRuleId: (empty(eventHubAuthorizationRuleId) ? null : eventHubAuthorizationRuleId) + eventHubName: (empty(eventHubName) ? null : eventHubName) + metrics: ((empty(diagnosticStorageAccountId) && empty(workspaceId) && empty(eventHubAuthorizationRuleId) && empty(eventHubName)) ? null : diagnosticsMetrics) + logs: ((empty(diagnosticStorageAccountId) && empty(workspaceId) && empty(eventHubAuthorizationRuleId) && empty(eventHubName)) ? null : virtualNetworkGatewayDiagnosticsLogs) } scope: virtualNetworkGateway } From ac46fd837903d1c0c6830562fa0dc7223ca06beb Mon Sep 17 00:00:00 2001 From: Tor Ivar Date: Fri, 5 Nov 2021 09:36:57 +0100 Subject: [PATCH 4/7] Added parenthesis for zones parameter --- arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep b/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep index ce183ca8be..666c1206d0 100644 --- a/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep +++ b/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep @@ -288,7 +288,7 @@ resource virtualGatewayPublicIP 'Microsoft.Network/publicIPAddresses@2021-02-01' publicIPPrefix: ((!empty(publicIPPrefixId)) ? publicIPPrefix : null) dnsSettings: ((length(virtualGatewayPipName_var) == length(domainNameLabel)) ? json('{"domainNameLabel": "${domainNameLabel[index]}"}') : null) } - zones: contains(zoneRedundantSkus, virtualNetworkGatewaySku) ? publicIpZones : null + zones: (contains(zoneRedundantSkus, virtualNetworkGatewaySku) ? publicIpZones : null) }] @batchSize(1) From bba08761d584a03cbf86724ecd722e49a967e53d Mon Sep 17 00:00:00 2001 From: Tor Ivar Date: Sat, 6 Nov 2021 19:54:22 +0100 Subject: [PATCH 5/7] Updated parameter description vnetgateway --- arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep b/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep index df4fb8d18f..ec39bf8b01 100644 --- a/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep +++ b/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep @@ -10,7 +10,7 @@ param gatewayPipName array = [] @description('Optional. Resource Id of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix.') param publicIPPrefixId string = '' -@description('Optional. Specifies the zones of the Public IP address.') +@description('Optional. Specifies the zones of the Public IP address. Basic IP SKU does not support Availability Zones.') param publicIpZones array = [] @description('Optional. DNS name(s) of the Public IP resource(s). If you enabled active-active configuration, you need to provide 2 DNS names, if you want to use this feature. A region specific suffix will be appended to it, e.g.: your-DNS-name.westeurope.cloudapp.azure.com') From 46c3408a3b9ee1783ff18509513a96a799394e2a Mon Sep 17 00:00:00 2001 From: Tor Ivar Date: Sat, 6 Nov 2021 19:58:11 +0100 Subject: [PATCH 6/7] Removed parenthesis on pipzones property --- arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep b/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep index ec39bf8b01..2c13bfd90a 100644 --- a/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep +++ b/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep @@ -288,7 +288,7 @@ resource virtualGatewayPublicIP 'Microsoft.Network/publicIPAddresses@2021-02-01' publicIPPrefix: !empty(publicIPPrefixId) ? publicIPPrefix : null dnsSettings: length(virtualGatewayPipName_var) == length(domainNameLabel) ? json('{"domainNameLabel": "${domainNameLabel[index]}"}') : null } - zones: (contains(zoneRedundantSkus, virtualNetworkGatewaySku) ? publicIpZones : null) + zones: contains(zoneRedundantSkus, virtualNetworkGatewaySku) ? publicIpZones : null }] @batchSize(1) From bbd537863ca7a4bbdd5fcb5c57292b99c5e98efd Mon Sep 17 00:00:00 2001 From: Tor Ivar Date: Sat, 6 Nov 2021 20:02:00 +0100 Subject: [PATCH 7/7] Minor syntax update to readme --- arm/Microsoft.Network/virtualNetworkGateways/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/virtualNetworkGateways/readme.md b/arm/Microsoft.Network/virtualNetworkGateways/readme.md index d549df4d75..88dc05491b 100644 --- a/arm/Microsoft.Network/virtualNetworkGateways/readme.md +++ b/arm/Microsoft.Network/virtualNetworkGateways/readme.md @@ -33,7 +33,7 @@ This module deploys a Virtual Network Gateway. | `metricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | Optional. The name of metrics that will be streamed. | | `publicIpLogsToEnable` | array | `[DDoSProtectionNotifications, DDoSMitigationFlowLogs, DDoSMitigationReports]` | `[DDoSProtectionNotifications, DDoSMitigationFlowLogs, DDoSMitigationReports]` | Optional. The name of logs that will be streamed. | | `publicIPPrefixId` | string | | | Optional. Resource Id of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix. | -| `publicIpZones` | array | `[]` | | Optional. Specifies the zones of the Public IP address. Basic IP SKU does not support Availability Zones.| +| `publicIpZones` | array | `[]` | | Optional. Specifies the zones of the Public IP address. Basic IP SKU does not support Availability Zones. | | `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `tags` | object | `{object}` | | Optional. Tags of the resource. | | `virtualNetworkGatewayLogsToEnable` | array | `[GatewayDiagnosticLog, TunnelDiagnosticLog, RouteDiagnosticLog, IKEDiagnosticLog, P2SDiagnosticLog]` | `[GatewayDiagnosticLog, TunnelDiagnosticLog, RouteDiagnosticLog, IKEDiagnosticLog, P2SDiagnosticLog]` | Optional. The name of logs that will be streamed. |