diff --git a/README.md b/README.md index f0bd25082..686fc7bde 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ Detailed information about how to use, deploy and extend artifacts found in this ## Overview The Azure Landing Zones Bicep repo provides an approach for deploying and managing the core platform capabilities of Cloud Adoption Framework Azure Landing Zones conceptual architecture using Bicep. -In its current incarnation each module can deployed separately via command line but in future releases a more automated approach, via orchestration modules, will be published; but due to current Bicep & ARM limitations this is not possible today. +In its current incarnation each module can be deployed separately via command line but in future releases a more automated approach, via orchestration modules, will be published; but due to current Bicep & ARM limitations this is not possible today. ## Getting Started @@ -64,11 +64,11 @@ Any use of third-party trademarks or logos are subject to those third-party's po ## Security -If you believe you have found a security vulnerability in this repository,please refer to [this guide][vulnerability_reporting] on how to report it. +If you believe you have found a security vulnerability in this repository, please refer to [this guide][vulnerability_reporting] on how to report it. ## Support -For support on the artifacts contained in this repository please refer to [this guide][support_statement] for more details. +For support on the artifacts contained in this repository, please refer to [this guide][support_statement] for more details. diff --git a/infra-as-code/bicep/modules/spokeNetworking/README.md b/infra-as-code/bicep/modules/spokeNetworking/README.md index f03900dba..82b11b291 100644 --- a/infra-as-code/bicep/modules/spokeNetworking/README.md +++ b/infra-as-code/bicep/modules/spokeNetworking/README.md @@ -5,7 +5,6 @@ This module defines spoke networking based on the recommendations from the Azure Module deploys the following resources: - Virtual Network (Spoke VNet) -- Subnets - UDR - if Firewall is enabled ## Parameters @@ -20,7 +19,7 @@ The module requires the following inputs: | parDdosProtectionPlanId | string | Empty string `''` | Existing DDoS Protection plan to utilize | None | `/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/Hub_Networking_POC/providers/Microsoft.Network/ddosProtectionPlans/alz-ddos-plan` | | parSpokeNetworkAddressPrefix | string | '10.11.0.0/16' | CIDR for Spoke Network | None | '10.11.0.0/16' | | parSpokeNetworkName | string | 'vnet-spoke' | The Name of the Spoke Virtual Network. | None | 'vnet-spoke' | - | parDNSServerIPArray | array | Empty array `[]` | Array IP DNS Servers to use for VNet DNS Resolution | None | `['10.10.1.4', '10.20.1.5']` | + | parDnsServerIPs | array | Empty array `[]` | DNS Servers to use for VNet DNS Resolution | None | `['10.10.1.4', '10.20.1.5']` | | parNextHopIPAddress | string | Empty string `''` | IP Address where network traffic should route to leverage DNS Proxy | None | '192.168.50.4' | | parSpokeToHubRouteTableName | string | 'rtb-spoke-to-hub' | Name of Route table to create for the default route of Hub. | None | 'rtb-spoke-to-hub ' | | parTelemetryOptOut | bool | false | Set Parameter to true to Opt-out of deployment telemetry | None | false | @@ -31,8 +30,8 @@ The module will generate the following outputs: | Output | Type | Example | | --------------------------- | ------ | --------------------------------------------------------------------------------------------------------------------------------------------------- | -| outSpookeVirtualNetworkName | string | Corp-Spoke-eastus | -| outSpokeVirtualNetworkid | string | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxxx-xxxxxxxxx/resourceGroups/net-core-hub-eastus-rg/providers/Microsoft.Network/virtualNetworks/vnet-hub-eastus | +| outSpokeVirtualNetworkName | string | Corp-Spoke-eastus | +| outSpokeVirtualNetworkId | string | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxxx-xxxxxxxxx/resourceGroups/net-core-hub-eastus-rg/providers/Microsoft.Network/virtualNetworks/vnet-hub-eastus | ## Deployment diff --git a/infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep b/infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep index 40826e46c..20aac2797 100644 --- a/infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep +++ b/infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep @@ -1,31 +1,31 @@ @description('The Azure Region to deploy the resources into. Default: resourceGroup().location') param parLocation string = resourceGroup().location -@description('Switch which allows BGP Route Propagation to be disabled on the route table') +@description('Switch which allows BGP Route Propagation to be disabled on the route table. Default: false') param parBGPRoutePropagation bool = false -@description('Tags you would like to be applied to all resources in this module') +@description('Tags you would like to be applied to all resources in this module. Default: Empty Object') param parTags object = {} @description('Id of the DdosProtectionPlan which will be applied to the Virtual Network. Default: Empty String') param parDdosProtectionPlanId string = '' -@description('The IP address range for all virtual networks to use.') +@description('The IP address range for all virtual networks to use. Default: 10.11.0.0/16') param parSpokeNetworkAddressPrefix string = '10.11.0.0/16' @description('The Name of the Spoke Virtual Network. Default: vnet-spoke') param parSpokeNetworkName string = 'vnet-spoke' @description('Array of DNS Server IP addresses for VNet. Default: Empty Array') -param parDNSServerIPArray array = [] +param parDnsServerIPs array = [] @description('IP Address where network traffic should route to leveraged with DNS Proxy. Default: Empty String') param parNextHopIPAddress string = '' @description('Name of Route table to create for the default route of Hub. Default: rtb-spoke-to-hub') -param parSpoketoHubRouteTableName string = 'rtb-spoke-to-hub' +param parSpokeToHubRouteTableName string = 'rtb-spoke-to-hub' -@description('Set Parameter to true to Opt-out of deployment telemetry') +@description('Set Parameter to true to Opt-out of deployment telemetry. Default: false') param parTelemetryOptOut bool = false // Customer Usage Attribution Id @@ -46,14 +46,14 @@ resource resSpokeVirtualNetwork 'Microsoft.Network/virtualNetworks@2021-02-01' = ddosProtectionPlan: (!empty(parDdosProtectionPlanId) ? true : false) ? { id: parDdosProtectionPlanId } : null - dhcpOptions: (!empty(parDNSServerIPArray) ? true : false) ? { - dnsServers: parDNSServerIPArray + dhcpOptions: (!empty(parDnsServerIPs) ? true : false) ? { + dnsServers: parDnsServerIPs } : null } } -resource resSpoketoHubRouteTable 'Microsoft.Network/routeTables@2021-02-01' = if (!empty(parNextHopIPAddress)) { - name: parSpoketoHubRouteTableName +resource resSpokeToHubRouteTable 'Microsoft.Network/routeTables@2021-02-01' = if (!empty(parNextHopIPAddress)) { + name: parSpokeToHubRouteTableName location: parLocation tags: parTags properties: { @@ -78,4 +78,4 @@ module modCustomerUsageAttribution '../../CRML/customerUsageAttribution/cuaIdRes } output outSpokeVirtualNetworkName string = resSpokeVirtualNetwork.name -output outSpokeVirtualNetworkid string = resSpokeVirtualNetwork.id +output outSpokeVirtualNetworkId string = resSpokeVirtualNetwork.id diff --git a/infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.parameters.example.json b/infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.parameters.example.json index d97b963d6..4a316e46b 100644 --- a/infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.parameters.example.json +++ b/infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.parameters.example.json @@ -17,13 +17,13 @@ "parSpokeNetworkName": { "value": "vnet-spoke" }, - "parDNSServerIPArray": { + "parDnsServerIPs": { "value": [] }, "parNextHopIPAddress": { "value": "" }, - "parSpoketoHubRouteTableName": { + "parSpokeToHubRouteTableName": { "value": "rtb-spoke-to-hub" }, "parTags": {