feat: add fallbacktointernet for dns zone #962
Conversation
jantorep
requested a deployment
to
BicepUpdateDocumentation
GitHub Actions
Waiting
oZakari
requested a deployment
to
BicepUpdateDocumentation
GitHub Actions
Waiting
oZakari
requested a deployment
to
BicepUpdateDocumentation
GitHub Actions
Waiting
oZakari
requested a deployment
to
BicepUpdateDocumentation
GitHub Actions
Waiting
oZakari
changed the title
oZakari
requested a deployment
to
BicepUpdateDocumentation
GitHub Actions
Waiting
There was a problem hiding this comment.
Hi @jantorep, thanks again for the PR. Can you take a look at my suggestion as well the parameters.json file with the new param you created? You can then update the table in the markdown file with the new param. The rest of the value gets generated through our PR workflow so no need to worry about those. Let me know if you have any questions.
infra-as-code/bicep/modules/privateDnsZoneLinks/privateDnsZoneLinks.bicep
Outdated
Show resolved
Hide resolved
…Links.bicep I would suggest have the NxDomainRedirect as default in the code. As most does not know about this setting. And based on my experience it's been a big problem where you use private and public Azure services. Co-authored-by: Zach Trocinski <[email protected]>
jantorep
requested a deployment
to
BicepUpdateDocumentation
GitHub Actions
Waiting
microsoft-github-policy-service
bot
removed
the
Needs: Author Feedback 👂
|
I commented in the change request, could we have the default setting to NxDomainRedirect as most wont know about this setting and most will need to use both private and public SaaS services. Both with resources in same tenant and other external tenants. I will also create a pull request to the Markdown file. I noticed the vwan bicep file now points to a AVM module. Will the change i requested here get polulated to the AVM module? Or do i need to request a change there as well? |
jantorep
requested a deployment
to
BicepUpdateDocumentation
GitHub Actions
Waiting
Hi @jantorep, I am just going to leave the default value as true for now to avoid any breaking changes, and try to keep the default configurations consistent across all our ALZ IaC frameworks. The private dns link module is not used at all in the VWAN modules, just the private dns zone creation. Will create the parameter file in your pr to include your new param and then will merge. Thanks again! |
oZakari
requested a deployment
to
BicepUpdateDocumentation
GitHub Actions
Waiting
oZakari
temporarily deployed
to
BicepUpdateDocumentation
GitHub Actions
Inactive
Overview/Summary
Added
@sys.description('Fallback to internet for Azure Private DNS zones.')
param parResolutionPolicy string = 'NxDomainRedirect' on line 17-18
resolutionPolicy: parResolutionPolicy on line 41
This added the Fallback to internet for Azure Private DNS zones parameter to the Virtual Network Link for the Private DNS
Related Issues/Work Items
Closes #961
This PR fixes/adds/changes/removes
Issue is that with Private DNS Zones for PaaS services enabled as of now services that does not have a Private Endpoint does not resolve the Public ### Breaking Changes
Testing Evidence
Tested in our environment and it applies the setting
-)