From d83c5a018f8d0a868f61c2e4104422f988369426 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Thu, 24 Oct 2024 20:29:32 +0200 Subject: [PATCH 01/18] output_test1 --- .../virtual-network-gateway/main.bicep | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/avm/res/network/virtual-network-gateway/main.bicep b/avm/res/network/virtual-network-gateway/main.bicep index 50b856ea0e..a31cd458fd 100644 --- a/avm/res/network/virtual-network-gateway/main.bicep +++ b/avm/res/network/virtual-network-gateway/main.bicep @@ -494,6 +494,29 @@ output activeActive bool = virtualNetworkGateway.properties.activeActive @description('The location the resource was deployed into.') output location string = virtualNetworkGateway.location +@description('The ASN (Autonomous System Number) of the virtual network gateway.') +output asn int = virtualNetworkGateway.properties.bgpSettings.asn + +@description('The public IP address of the virtual network gateway.') +output publicIpAddress string = !empty(existingFirstPipResourceId) ? reference(existingFirstPipResourceId).properties.ipAddress: publicIPAddress[0].outputs.ipAddress + +@description('The default Azure BGP peer IP address.') +output bgpPeerIp string = virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].ipconfigurationId + +@description('The custom Azure APIPA BGP IP address.') +output customBgpIpAddress string = virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].customBgpIpAddresses[0] + +@description('The second public IP address of the virtual network gateway (Active-Active mode).') +output secondPublicIpAddress string = isActiveActive ? !empty(existingSecondPipResourceIdVar) ? reference(existingSecondPipResourceIdVar).properties.ipAddress: publicIPAddress[1].outputs.ipAddress: 'Not applicable (Active-Passive mode)' + + +@description('The second Azure BGP peer IP address (Active-Active mode).') +output secondBgpPeerIp string = isActiveActive ? virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].ipconfigurationId : 'Not applicable (Active-Passive mode)' + +@description('The second custom Azure APIPA BGP IP address (Active-Active mode).') +output secondCustomBgpIpAddress string = isActiveActive ? virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].customBgpIpAddresses[0] : 'Not applicable (Active-Passive mode)' + + // =============== // // Definitions // // =============== // From f3e9a69ce88f92cc8939ed047b1e1fc9649225e4 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Thu, 24 Oct 2024 21:29:16 +0200 Subject: [PATCH 02/18] temporary removed customBgpIpAddress and secondCustomBgpIpAddress --- avm/res/network/virtual-network-gateway/main.bicep | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/avm/res/network/virtual-network-gateway/main.bicep b/avm/res/network/virtual-network-gateway/main.bicep index a31cd458fd..a11b4fcbc2 100644 --- a/avm/res/network/virtual-network-gateway/main.bicep +++ b/avm/res/network/virtual-network-gateway/main.bicep @@ -503,8 +503,8 @@ output publicIpAddress string = !empty(existingFirstPipResourceId) ? reference(e @description('The default Azure BGP peer IP address.') output bgpPeerIp string = virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].ipconfigurationId -@description('The custom Azure APIPA BGP IP address.') -output customBgpIpAddress string = virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].customBgpIpAddresses[0] +// @description('The custom Azure APIPA BGP IP address.') +// output customBgpIpAddress string = virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].customBgpIpAddresses[0] @description('The second public IP address of the virtual network gateway (Active-Active mode).') output secondPublicIpAddress string = isActiveActive ? !empty(existingSecondPipResourceIdVar) ? reference(existingSecondPipResourceIdVar).properties.ipAddress: publicIPAddress[1].outputs.ipAddress: 'Not applicable (Active-Passive mode)' @@ -513,8 +513,8 @@ output secondPublicIpAddress string = isActiveActive ? !empty(existingSecondPipR @description('The second Azure BGP peer IP address (Active-Active mode).') output secondBgpPeerIp string = isActiveActive ? virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].ipconfigurationId : 'Not applicable (Active-Passive mode)' -@description('The second custom Azure APIPA BGP IP address (Active-Active mode).') -output secondCustomBgpIpAddress string = isActiveActive ? virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].customBgpIpAddresses[0] : 'Not applicable (Active-Passive mode)' +// @description('The second custom Azure APIPA BGP IP address (Active-Active mode).') +// output secondCustomBgpIpAddress string = isActiveActive ? virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].customBgpIpAddresses[0] : 'Not applicable (Active-Passive mode)' // =============== // From b001fec6965ba4988052d475306a59ccf02a5c43 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Thu, 24 Oct 2024 22:57:05 +0200 Subject: [PATCH 03/18] customBgpIpAddress and secondCustomBgpIpAddress --- .../network/virtual-network-gateway/main.bicep | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/avm/res/network/virtual-network-gateway/main.bicep b/avm/res/network/virtual-network-gateway/main.bicep index a11b4fcbc2..67d1411dcf 100644 --- a/avm/res/network/virtual-network-gateway/main.bicep +++ b/avm/res/network/virtual-network-gateway/main.bicep @@ -500,21 +500,14 @@ output asn int = virtualNetworkGateway.properties.bgpSettings.asn @description('The public IP address of the virtual network gateway.') output publicIpAddress string = !empty(existingFirstPipResourceId) ? reference(existingFirstPipResourceId).properties.ipAddress: publicIPAddress[0].outputs.ipAddress -@description('The default Azure BGP peer IP address.') -output bgpPeerIp string = virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].ipconfigurationId - -// @description('The custom Azure APIPA BGP IP address.') -// output customBgpIpAddress string = virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].customBgpIpAddresses[0] +@description('The custom Azure APIPA BGP IP address.') +output customBgpIpAddress string = isBgp? virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].customBgpIpAddresses[0] : 'Not applicable (no BGP)' @description('The second public IP address of the virtual network gateway (Active-Active mode).') output secondPublicIpAddress string = isActiveActive ? !empty(existingSecondPipResourceIdVar) ? reference(existingSecondPipResourceIdVar).properties.ipAddress: publicIPAddress[1].outputs.ipAddress: 'Not applicable (Active-Passive mode)' - -@description('The second Azure BGP peer IP address (Active-Active mode).') -output secondBgpPeerIp string = isActiveActive ? virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].ipconfigurationId : 'Not applicable (Active-Passive mode)' - -// @description('The second custom Azure APIPA BGP IP address (Active-Active mode).') -// output secondCustomBgpIpAddress string = isActiveActive ? virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].customBgpIpAddresses[0] : 'Not applicable (Active-Passive mode)' +@description('The second custom Azure APIPA BGP IP address (Active-Active mode).') +output secondCustomBgpIpAddress string = isActiveActive && isBgp ? virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].customBgpIpAddresses[0] : 'Not applicable (Active-Passive mode)' // =============== // From 84937cdcf5851ff99da5f49074535138b082c4c0 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Thu, 24 Oct 2024 23:33:36 +0200 Subject: [PATCH 04/18] exisiting ip output --- avm/res/network/virtual-network-gateway/main.bicep | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/avm/res/network/virtual-network-gateway/main.bicep b/avm/res/network/virtual-network-gateway/main.bicep index 67d1411dcf..6c68c8af1a 100644 --- a/avm/res/network/virtual-network-gateway/main.bicep +++ b/avm/res/network/virtual-network-gateway/main.bicep @@ -498,13 +498,13 @@ output location string = virtualNetworkGateway.location output asn int = virtualNetworkGateway.properties.bgpSettings.asn @description('The public IP address of the virtual network gateway.') -output publicIpAddress string = !empty(existingFirstPipResourceId) ? reference(existingFirstPipResourceId).properties.ipAddress: publicIPAddress[0].outputs.ipAddress +output publicIpAddress string = !empty(existingFirstPipResourceId) ? reference(existingFirstPipResourceId,'2023-04-01').properties.ipAddress: publicIPAddress[0].outputs.ipAddress @description('The custom Azure APIPA BGP IP address.') output customBgpIpAddress string = isBgp? virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].customBgpIpAddresses[0] : 'Not applicable (no BGP)' @description('The second public IP address of the virtual network gateway (Active-Active mode).') -output secondPublicIpAddress string = isActiveActive ? !empty(existingSecondPipResourceIdVar) ? reference(existingSecondPipResourceIdVar).properties.ipAddress: publicIPAddress[1].outputs.ipAddress: 'Not applicable (Active-Passive mode)' +output secondPublicIpAddress string = isActiveActive ? !empty(existingSecondPipResourceIdVar) ? reference(existingSecondPipResourceIdVar,'2023-04-01').properties.ipAddress: publicIPAddress[1].outputs.ipAddress: 'Not applicable (Active-Passive mode)' @description('The second custom Azure APIPA BGP IP address (Active-Active mode).') output secondCustomBgpIpAddress string = isActiveActive && isBgp ? virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].customBgpIpAddresses[0] : 'Not applicable (Active-Passive mode)' From 20af928fcafcfca597908f941c01678e6cd50722 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Thu, 24 Oct 2024 23:51:12 +0200 Subject: [PATCH 05/18] upd --- avm/res/network/virtual-network-gateway/main.bicep | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/avm/res/network/virtual-network-gateway/main.bicep b/avm/res/network/virtual-network-gateway/main.bicep index 6c68c8af1a..f5babf04e4 100644 --- a/avm/res/network/virtual-network-gateway/main.bicep +++ b/avm/res/network/virtual-network-gateway/main.bicep @@ -501,13 +501,13 @@ output asn int = virtualNetworkGateway.properties.bgpSettings.asn output publicIpAddress string = !empty(existingFirstPipResourceId) ? reference(existingFirstPipResourceId,'2023-04-01').properties.ipAddress: publicIPAddress[0].outputs.ipAddress @description('The custom Azure APIPA BGP IP address.') -output customBgpIpAddress string = isBgp? virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].customBgpIpAddresses[0] : 'Not applicable (no BGP)' +output customBgpIpAddress string = clusterSettings.?customBgpIpAddresses @description('The second public IP address of the virtual network gateway (Active-Active mode).') output secondPublicIpAddress string = isActiveActive ? !empty(existingSecondPipResourceIdVar) ? reference(existingSecondPipResourceIdVar,'2023-04-01').properties.ipAddress: publicIPAddress[1].outputs.ipAddress: 'Not applicable (Active-Passive mode)' @description('The second custom Azure APIPA BGP IP address (Active-Active mode).') -output secondCustomBgpIpAddress string = isActiveActive && isBgp ? virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].customBgpIpAddresses[0] : 'Not applicable (Active-Passive mode)' +output secondCustomBgpIpAddress string = isActiveActive ? clusterSettings.?secondCustomBgpIpAddresses : 'Not applicable (Active-Passive mode)' // =============== // From 4ad24d234e9f04cfb42ddb15dadb217f0b29f7ae Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Fri, 25 Oct 2024 08:09:33 +0200 Subject: [PATCH 06/18] update APIPA outputs --- .../virtual-network-gateway/main.bicep | 6 +- .../e2e/activeActiveBGP/dependencies.bicep | 49 ---------- .../tests/e2e/activeActiveBGP/main.test.bicep | 83 ---------------- .../activeActiveBgpAPIPA/dependencies.bicep | 49 ---------- .../e2e/activeActiveBgpAPIPA/main.test.bicep | 85 ---------------- .../dependencies.bicep | 96 ------------------- .../activeActiveExistingPip/main.test.bicep | 88 ----------------- .../e2e/activeActiveNoBGP/dependencies.bicep | 49 ---------- .../e2e/activeActiveNoBGP/main.test.bicep | 83 ---------------- .../e2e/activePassiveBGP/dependencies.bicep | 49 ---------- .../e2e/activePassiveBGP/main.test.bicep | 85 ---------------- .../dependencies.bicep | 74 -------------- .../activePassiveExistingPip/main.test.bicep | 87 ----------------- .../e2e/activePassiveNoBGP/dependencies.bicep | 49 ---------- .../e2e/activePassiveNoBGP/main.test.bicep | 83 ---------------- .../tests/e2e/expressRoute/dependencies.bicep | 30 ------ .../tests/e2e/expressRoute/main.test.bicep | 75 --------------- .../tests/e2e/vpn-no-az/dependencies.bicep | 49 ---------- .../tests/e2e/vpn-no-az/main.test.bicep | 69 ------------- .../tests/e2e/vpn/dependencies.bicep | 49 ---------- .../tests/e2e/vpn/main.test.bicep | 82 ---------------- 21 files changed, 4 insertions(+), 1365 deletions(-) delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/dependencies.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/main.test.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/dependencies.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/main.test.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/dependencies.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/main.test.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/dependencies.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/main.test.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/dependencies.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/main.test.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/dependencies.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/main.test.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/dependencies.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/main.test.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/dependencies.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/main.test.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/dependencies.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/main.test.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/vpn/dependencies.bicep delete mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/vpn/main.test.bicep diff --git a/avm/res/network/virtual-network-gateway/main.bicep b/avm/res/network/virtual-network-gateway/main.bicep index f5babf04e4..bf9ec140ec 100644 --- a/avm/res/network/virtual-network-gateway/main.bicep +++ b/avm/res/network/virtual-network-gateway/main.bicep @@ -501,13 +501,15 @@ output asn int = virtualNetworkGateway.properties.bgpSettings.asn output publicIpAddress string = !empty(existingFirstPipResourceId) ? reference(existingFirstPipResourceId,'2023-04-01').properties.ipAddress: publicIPAddress[0].outputs.ipAddress @description('The custom Azure APIPA BGP IP address.') -output customBgpIpAddress string = clusterSettings.?customBgpIpAddresses +//output customBgpIpAddress string = clusterSettings.?customBgpIpAddresses +output defaultBgpIpAddresses string = isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].defaultBgpIpAddresses, ','): 'Not applicable (No Bgp)' @description('The second public IP address of the virtual network gateway (Active-Active mode).') output secondPublicIpAddress string = isActiveActive ? !empty(existingSecondPipResourceIdVar) ? reference(existingSecondPipResourceIdVar,'2023-04-01').properties.ipAddress: publicIPAddress[1].outputs.ipAddress: 'Not applicable (Active-Passive mode)' @description('The second custom Azure APIPA BGP IP address (Active-Active mode).') -output secondCustomBgpIpAddress string = isActiveActive ? clusterSettings.?secondCustomBgpIpAddresses : 'Not applicable (Active-Passive mode)' +//output secondCustomBgpIpAddress string = isActiveActive ? clusterSettings.?secondCustomBgpIpAddresses : 'Not applicable (Active-Passive mode)' +output secondCustomBgpIpAddress string = isActiveActive && isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].defaultBgpIpAddresses, ','): 'Not applicable (Active-Passive mode)' // =============== // diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/dependencies.bicep deleted file mode 100644 index c3aebf111c..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/dependencies.bicep +++ /dev/null @@ -1,49 +0,0 @@ -@description('Optional. The location to deploy resources to.') -param location string = resourceGroup().location - -@description('Required. The name of the Virtual Network to create.') -param virtualNetworkName string - -@description('Required. The name of the Local Network Gateway to create.') -param localNetworkGatewayName string - -var addressPrefix = '10.0.0.0/16' - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { - name: virtualNetworkName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - addressPrefix - ] - } - subnets: [ - { - name: 'GatewaySubnet' - properties: { - addressPrefix: cidrSubnet(addressPrefix, 16, 0) - } - } - ] - } -} - -resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { - name: localNetworkGatewayName - location: location - properties: { - gatewayIpAddress: '100.100.100.100' - localNetworkAddressSpace: { - addressPrefixes: [ - '192.168.0.0/24' - ] - } - } -} - -@description('The resource ID of the created Virtual Network.') -output vnetResourceId string = virtualNetwork.id - -@description('The resource ID of the created Local Network Gateway.') -output localNetworkGatewayResourceId string = localNetworkGateway.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/main.test.bicep deleted file mode 100644 index 6270baf598..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/main.test.bicep +++ /dev/null @@ -1,83 +0,0 @@ -targetScope = 'subscription' - -metadata name = 'VPN Active Active with BGP settings' -metadata description = 'This instance deploys the module with the VPN Active Active with BGP settings.' - -// ========== // -// Parameters // -// ========== // - -@description('Optional. The name of the resource group to deploy for testing purposes.') -@maxLength(90) -param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' - -@description('Optional. The location to deploy resources to.') -param resourceLocation string = deployment().location - -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') -param serviceShort string = 'nvgaab' - -@description('Optional. A token to inject into the name of each resource.') -param namePrefix string = '#_namePrefix_#' - -// ============ // -// Dependencies // -// ============ // - -// General resources -// ================= -resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { - name: resourceGroupName - location: resourceLocation -} - -module nestedDependencies 'dependencies.bicep' = { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' - params: { - location: resourceLocation - virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' - localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' - } -} - -// ============== // -// Test Execution // -// ============== // - -@batchSize(1) -module testDeployment '../../../main.bicep' = [ - for iteration in ['init', 'idem']: { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' - params: { - location: resourceLocation - name: '${namePrefix}${serviceShort}001' - vpnGatewayGeneration: 'Generation2' - skuName: 'VpnGw2AZ' - gatewayType: 'Vpn' - vNetResourceId: nestedDependencies.outputs.vnetResourceId - clusterSettings: { - clusterMode: 'activeActiveBgp' - } - - domainNameLabel: [ - '${namePrefix}-dm-${serviceShort}' - ] - publicIpZones: [ - 1 - 2 - 3 - ] - vpnType: 'RouteBased' - enablePrivateIpAddress: true - gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId - disableIPSecReplayProtection: true - allowRemoteVnetTraffic: true - enableBgpRouteTranslationForNat: true - } - dependsOn: [ - nestedDependencies - ] - } -] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/dependencies.bicep deleted file mode 100644 index c3aebf111c..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/dependencies.bicep +++ /dev/null @@ -1,49 +0,0 @@ -@description('Optional. The location to deploy resources to.') -param location string = resourceGroup().location - -@description('Required. The name of the Virtual Network to create.') -param virtualNetworkName string - -@description('Required. The name of the Local Network Gateway to create.') -param localNetworkGatewayName string - -var addressPrefix = '10.0.0.0/16' - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { - name: virtualNetworkName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - addressPrefix - ] - } - subnets: [ - { - name: 'GatewaySubnet' - properties: { - addressPrefix: cidrSubnet(addressPrefix, 16, 0) - } - } - ] - } -} - -resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { - name: localNetworkGatewayName - location: location - properties: { - gatewayIpAddress: '100.100.100.100' - localNetworkAddressSpace: { - addressPrefixes: [ - '192.168.0.0/24' - ] - } - } -} - -@description('The resource ID of the created Virtual Network.') -output vnetResourceId string = virtualNetwork.id - -@description('The resource ID of the created Local Network Gateway.') -output localNetworkGatewayResourceId string = localNetworkGateway.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/main.test.bicep deleted file mode 100644 index 16fe844184..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/main.test.bicep +++ /dev/null @@ -1,85 +0,0 @@ -targetScope = 'subscription' - -metadata name = 'VPN Active Active with BGP settings' -metadata description = 'This instance deploys the module with the VPN Active Active with APIPA BGP settings.' - -// ========== // -// Parameters // -// ========== // - -@description('Optional. The name of the resource group to deploy for testing purposes.') -@maxLength(90) -param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' - -@description('Optional. The location to deploy resources to.') -param resourceLocation string = deployment().location - -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') -param serviceShort string = 'nvgaaa' - -@description('Optional. A token to inject into the name of each resource.') -param namePrefix string = '#_namePrefix_#' - -// ============ // -// Dependencies // -// ============ // - -// General resources -// ================= -resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { - name: resourceGroupName - location: resourceLocation -} - -module nestedDependencies 'dependencies.bicep' = { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' - params: { - location: resourceLocation - virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' - localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' - } -} - -// ============== // -// Test Execution // -// ============== // - -@batchSize(1) -module testDeployment '../../../main.bicep' = [ - for iteration in ['init', 'idem']: { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' - params: { - location: resourceLocation - name: '${namePrefix}${serviceShort}001' - vpnGatewayGeneration: 'Generation2' - skuName: 'VpnGw2AZ' - gatewayType: 'Vpn' - vNetResourceId: nestedDependencies.outputs.vnetResourceId - clusterSettings: { - clusterMode: 'activeActiveBgp' - customBgpIpAddresses: ['169.254.21.4','169.254.21.5'] - secondCustomBgpIpAddresses: ['169.254.22.4','169.254.22.5'] - } - - domainNameLabel: [ - '${namePrefix}-dm-${serviceShort}' - ] - publicIpZones: [ - 1 - 2 - 3 - ] - vpnType: 'RouteBased' - enablePrivateIpAddress: true - gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId - disableIPSecReplayProtection: true - allowRemoteVnetTraffic: true - enableBgpRouteTranslationForNat: true - } - dependsOn: [ - nestedDependencies - ] - } -] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/dependencies.bicep deleted file mode 100644 index 8c33f30087..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/dependencies.bicep +++ /dev/null @@ -1,96 +0,0 @@ -@description('Optional. The location to deploy resources to.') -param location string = resourceGroup().location - -@description('Required. The name of the Virtual Network to create.') -param virtualNetworkName string - -@description('Required. The name of the Local Network Gateway to create.') -param localNetworkGatewayName string - -@description('Required. The name of the Public IP to create.') -param existingFirstPipName string - -@description('Required. The name of the secondary Public IP to create in the active-active configuration.') -param existingSecondPipName string - -var addressPrefix = '10.0.0.0/16' - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { - name: virtualNetworkName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - addressPrefix - ] - } - subnets: [ - { - name: 'GatewaySubnet' - properties: { - addressPrefix: cidrSubnet(addressPrefix, 16, 0) - } - } - ] - } -} - -resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { - name: localNetworkGatewayName - location: location - properties: { - gatewayIpAddress: '100.100.100.100' - localNetworkAddressSpace: { - addressPrefixes: [ - '192.168.0.0/24' - ] - } - } -} - -resource existingFirstPip 'Microsoft.Network/publicIPAddresses@2023-04-01' = { - name: existingFirstPipName - location: location - sku: { - name: 'Standard' - tier: 'Regional' - } - properties: { - publicIPAllocationMethod: 'Static' - } - zones: [ - '1' - '2' - '3' - ] -} - -resource existingSecondPip 'Microsoft.Network/publicIPAddresses@2023-04-01' = { - name: existingSecondPipName - location: location - sku: { - name: 'Standard' - tier: 'Regional' - } - properties: { - publicIPAllocationMethod: 'Static' - } - zones: [ - '1' - '2' - '3' - ] -} - - -@description('The resource ID of the created Virtual Network.') -output vnetResourceId string = virtualNetwork.id - -@description('The resource ID of the created Local Network Gateway.') -output localNetworkGatewayResourceId string = localNetworkGateway.id - -@description('The resource ID of the existing Public IP.') -output existingFirstPipResourceId string = existingFirstPip.id - -@description('The resource ID of the existing secondary Public IP.') -output existingSecondPipResourceId string = existingSecondPip.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/main.test.bicep deleted file mode 100644 index 5a0f74ba0b..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/main.test.bicep +++ /dev/null @@ -1,88 +0,0 @@ -targetScope = 'subscription' - -metadata name = 'VPN Active Active without BGP settings using two existent Public IPs' -metadata description = 'This instance deploys the module with the VPN Active Active without BGP settings.' - -// ========== // -// Parameters // -// ========== // - -@description('Optional. The name of the resource group to deploy for testing purposes.') -@maxLength(90) -param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' - -@description('Optional. The location to deploy resources to.') -param resourceLocation string = deployment().location - -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') -param serviceShort string = 'nvgaaep' - -@description('Optional. A token to inject into the name of each resource.') -param namePrefix string = '#_namePrefix_#' - -// ============ // -// Dependencies // -// ============ // - -// General resources -// ================= -resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { - name: resourceGroupName - location: resourceLocation -} - -module nestedDependencies 'dependencies.bicep' = { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' - params: { - location: resourceLocation - virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' - localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' - existingFirstPipName: 'dep-${namePrefix}-pip-${serviceShort}-existing1' - existingSecondPipName: 'dep-${namePrefix}-pip-${serviceShort}-existing2' - } -} - -// ============== // -// Test Execution // -// ============== // - -@batchSize(1) -module testDeployment '../../../main.bicep' = [ - for iteration in ['init', 'idem']: { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' - params: { - location: resourceLocation - name: '${namePrefix}${serviceShort}001' - vpnGatewayGeneration: 'Generation2' - skuName: 'VpnGw2AZ' - gatewayType: 'Vpn' - vNetResourceId: nestedDependencies.outputs.vnetResourceId - existingFirstPipResourceId: nestedDependencies.outputs.existingFirstPipResourceId - - clusterSettings: { - clusterMode: 'activeActiveNoBgp' - existingSecondPipResourceId: nestedDependencies.outputs.existingSecondPipResourceId - } - - domainNameLabel: [ - '${namePrefix}-dm-${serviceShort}' - ] - publicIpZones: [ - 1 - 2 - 3 - ] - vpnType: 'RouteBased' - enablePrivateIpAddress: true - gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId - disableIPSecReplayProtection: true - allowRemoteVnetTraffic: true - enableBgpRouteTranslationForNat: true - } - dependsOn: [ - nestedDependencies - ] - } -] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/dependencies.bicep deleted file mode 100644 index c3aebf111c..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/dependencies.bicep +++ /dev/null @@ -1,49 +0,0 @@ -@description('Optional. The location to deploy resources to.') -param location string = resourceGroup().location - -@description('Required. The name of the Virtual Network to create.') -param virtualNetworkName string - -@description('Required. The name of the Local Network Gateway to create.') -param localNetworkGatewayName string - -var addressPrefix = '10.0.0.0/16' - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { - name: virtualNetworkName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - addressPrefix - ] - } - subnets: [ - { - name: 'GatewaySubnet' - properties: { - addressPrefix: cidrSubnet(addressPrefix, 16, 0) - } - } - ] - } -} - -resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { - name: localNetworkGatewayName - location: location - properties: { - gatewayIpAddress: '100.100.100.100' - localNetworkAddressSpace: { - addressPrefixes: [ - '192.168.0.0/24' - ] - } - } -} - -@description('The resource ID of the created Virtual Network.') -output vnetResourceId string = virtualNetwork.id - -@description('The resource ID of the created Local Network Gateway.') -output localNetworkGatewayResourceId string = localNetworkGateway.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/main.test.bicep deleted file mode 100644 index 7d799c5c2c..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/main.test.bicep +++ /dev/null @@ -1,83 +0,0 @@ -targetScope = 'subscription' - -metadata name = 'VPN Active Active without BGP settings' -metadata description = 'This instance deploys the module with the VPN Active Active without BGP settings.' - -// ========== // -// Parameters // -// ========== // - -@description('Optional. The name of the resource group to deploy for testing purposes.') -@maxLength(90) -param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' - -@description('Optional. The location to deploy resources to.') -param resourceLocation string = deployment().location - -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') -param serviceShort string = 'nvgaa' - -@description('Optional. A token to inject into the name of each resource.') -param namePrefix string = '#_namePrefix_#' - -// ============ // -// Dependencies // -// ============ // - -// General resources -// ================= -resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { - name: resourceGroupName - location: resourceLocation -} - -module nestedDependencies 'dependencies.bicep' = { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' - params: { - location: resourceLocation - virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' - localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' - } -} - -// ============== // -// Test Execution // -// ============== // - -@batchSize(1) -module testDeployment '../../../main.bicep' = [ - for iteration in ['init', 'idem']: { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' - params: { - location: resourceLocation - name: '${namePrefix}${serviceShort}001' - vpnGatewayGeneration: 'Generation2' - skuName: 'VpnGw2AZ' - gatewayType: 'Vpn' - vNetResourceId: nestedDependencies.outputs.vnetResourceId - clusterSettings: { - clusterMode: 'activeActiveNoBgp' - } - - domainNameLabel: [ - '${namePrefix}-dm-${serviceShort}' - ] - publicIpZones: [ - 1 - 2 - 3 - ] - vpnType: 'RouteBased' - enablePrivateIpAddress: true - gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId - disableIPSecReplayProtection: true - allowRemoteVnetTraffic: true - enableBgpRouteTranslationForNat: true - } - dependsOn: [ - nestedDependencies - ] - } -] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/dependencies.bicep deleted file mode 100644 index c3aebf111c..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/dependencies.bicep +++ /dev/null @@ -1,49 +0,0 @@ -@description('Optional. The location to deploy resources to.') -param location string = resourceGroup().location - -@description('Required. The name of the Virtual Network to create.') -param virtualNetworkName string - -@description('Required. The name of the Local Network Gateway to create.') -param localNetworkGatewayName string - -var addressPrefix = '10.0.0.0/16' - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { - name: virtualNetworkName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - addressPrefix - ] - } - subnets: [ - { - name: 'GatewaySubnet' - properties: { - addressPrefix: cidrSubnet(addressPrefix, 16, 0) - } - } - ] - } -} - -resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { - name: localNetworkGatewayName - location: location - properties: { - gatewayIpAddress: '100.100.100.100' - localNetworkAddressSpace: { - addressPrefixes: [ - '192.168.0.0/24' - ] - } - } -} - -@description('The resource ID of the created Virtual Network.') -output vnetResourceId string = virtualNetwork.id - -@description('The resource ID of the created Local Network Gateway.') -output localNetworkGatewayResourceId string = localNetworkGateway.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/main.test.bicep deleted file mode 100644 index 1aa9da7c34..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/main.test.bicep +++ /dev/null @@ -1,85 +0,0 @@ -targetScope = 'subscription' - -metadata name = 'VPN Active Passive with BGP settings' -metadata description = 'This instance deploys the module with the VPN Active Passive with APIPA BGP settings.' - -// ========== // -// Parameters // -// ========== // - -@description('Optional. The name of the resource group to deploy for testing purposes.') -@maxLength(90) -param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' - -@description('Optional. The location to deploy resources to.') -param resourceLocation string = deployment().location - -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') -param serviceShort string = 'nvgapb' - -@description('Optional. A token to inject into the name of each resource.') -param namePrefix string = '#_namePrefix_#' - -// ============ // -// Dependencies // -// ============ // - -// General resources -// ================= -resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { - name: resourceGroupName - location: resourceLocation -} - -module nestedDependencies 'dependencies.bicep' = { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' - params: { - location: resourceLocation - virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' - localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' - } -} - -// ============== // -// Test Execution // -// ============== // - -@batchSize(1) -module testDeployment '../../../main.bicep' = [ - for iteration in ['init', 'idem']: { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' - params: { - location: resourceLocation - name: '${namePrefix}${serviceShort}001' - vpnGatewayGeneration: 'Generation2' - skuName: 'VpnGw2AZ' - gatewayType: 'Vpn' - vNetResourceId: nestedDependencies.outputs.vnetResourceId - clusterSettings: { - clusterMode:'activePassiveBgp' - customBgpIpAddresses: ['169.254.21.4','169.254.21.5'] - asn: 65815 - } - - domainNameLabel: [ - '${namePrefix}-dm-${serviceShort}' - ] - publicIpZones: [ - 1 - 2 - 3 - ] - vpnType: 'RouteBased' - enablePrivateIpAddress: true - gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId - disableIPSecReplayProtection: true - allowRemoteVnetTraffic: true - enableBgpRouteTranslationForNat: true - } - dependsOn: [ - nestedDependencies - ] - } -] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/dependencies.bicep deleted file mode 100644 index 61e10ff9da..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/dependencies.bicep +++ /dev/null @@ -1,74 +0,0 @@ -@description('Optional. The location to deploy resources to.') -param location string = resourceGroup().location - -@description('Required. The name of the Virtual Network to create.') -param virtualNetworkName string - -@description('Required. The name of the Local Network Gateway to create.') -param localNetworkGatewayName string - -@description('Required. The name of the Public IP to create.') -param existingFirstPipName string - -var addressPrefix = '10.0.0.0/16' - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { - name: virtualNetworkName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - addressPrefix - ] - } - subnets: [ - { - name: 'GatewaySubnet' - properties: { - addressPrefix: cidrSubnet(addressPrefix, 16, 0) - } - } - ] - } -} - -resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { - name: localNetworkGatewayName - location: location - properties: { - gatewayIpAddress: '100.100.100.100' - localNetworkAddressSpace: { - addressPrefixes: [ - '192.168.0.0/24' - ] - } - } -} - - -resource existingFirstPip 'Microsoft.Network/publicIPAddresses@2023-04-01' = { - name: existingFirstPipName - location: location - sku: { - name: 'Standard' - tier: 'Regional' - } - properties: { - publicIPAllocationMethod: 'Static' - } - zones: [ - '1' - '2' - '3' - ] -} - -@description('The resource ID of the created Virtual Network.') -output vnetResourceId string = virtualNetwork.id - -@description('The resource ID of the created Local Network Gateway.') -output localNetworkGatewayResourceId string = localNetworkGateway.id - -@description('The resource ID of the existing Public IP.') -output existingFirstPipResourceId string = existingFirstPip.id - diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/main.test.bicep deleted file mode 100644 index 27c179eef4..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/main.test.bicep +++ /dev/null @@ -1,87 +0,0 @@ -targetScope = 'subscription' - -metadata name = 'VPN Active Passive with BGP settings using existing Public IP' -metadata description = 'This instance deploys the module with the VPN Active Passive with APIPA BGP settings and existing primary public IP.' - -// ========== // -// Parameters // -// ========== // - -@description('Optional. The name of the resource group to deploy for testing purposes.') -@maxLength(90) -param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' - -@description('Optional. The location to deploy resources to.') -param resourceLocation string = deployment().location - -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') -param serviceShort string = 'nvgapep' - -@description('Optional. A token to inject into the name of each resource.') -param namePrefix string = '#_namePrefix_#' - -// ============ // -// Dependencies // -// ============ // - -// General resources -// ================= -resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { - name: resourceGroupName - location: resourceLocation -} - -module nestedDependencies 'dependencies.bicep' = { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' - params: { - location: resourceLocation - virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' - localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' - existingFirstPipName: 'dep-${namePrefix}-pip-${serviceShort}-existing1' - } -} - -// ============== // -// Test Execution // -// ============== // - -@batchSize(1) -module testDeployment '../../../main.bicep' = [ - for iteration in ['init', 'idem']: { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' - params: { - location: resourceLocation - name: '${namePrefix}${serviceShort}001' - vpnGatewayGeneration: 'Generation2' - skuName: 'VpnGw2AZ' - gatewayType: 'Vpn' - vNetResourceId: nestedDependencies.outputs.vnetResourceId - existingFirstPipResourceId: nestedDependencies.outputs.existingFirstPipResourceId - clusterSettings: { - clusterMode:'activePassiveBgp' - customBgpIpAddresses: ['169.254.21.4','169.254.21.5'] - asn: 65815 - } - - domainNameLabel: [ - '${namePrefix}-dm-${serviceShort}' - ] - publicIpZones: [ - 1 - 2 - 3 - ] - vpnType: 'RouteBased' - enablePrivateIpAddress: true - gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId - disableIPSecReplayProtection: true - allowRemoteVnetTraffic: true - enableBgpRouteTranslationForNat: true - } - dependsOn: [ - nestedDependencies - ] - } -] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/dependencies.bicep deleted file mode 100644 index c3aebf111c..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/dependencies.bicep +++ /dev/null @@ -1,49 +0,0 @@ -@description('Optional. The location to deploy resources to.') -param location string = resourceGroup().location - -@description('Required. The name of the Virtual Network to create.') -param virtualNetworkName string - -@description('Required. The name of the Local Network Gateway to create.') -param localNetworkGatewayName string - -var addressPrefix = '10.0.0.0/16' - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { - name: virtualNetworkName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - addressPrefix - ] - } - subnets: [ - { - name: 'GatewaySubnet' - properties: { - addressPrefix: cidrSubnet(addressPrefix, 16, 0) - } - } - ] - } -} - -resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { - name: localNetworkGatewayName - location: location - properties: { - gatewayIpAddress: '100.100.100.100' - localNetworkAddressSpace: { - addressPrefixes: [ - '192.168.0.0/24' - ] - } - } -} - -@description('The resource ID of the created Virtual Network.') -output vnetResourceId string = virtualNetwork.id - -@description('The resource ID of the created Local Network Gateway.') -output localNetworkGatewayResourceId string = localNetworkGateway.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/main.test.bicep deleted file mode 100644 index ee3904f4b8..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/main.test.bicep +++ /dev/null @@ -1,83 +0,0 @@ -targetScope = 'subscription' - -metadata name = 'VPN Active Passive without BGP settings' -metadata description = 'This instance deploys the module with the VPN Active Passive without BGP settings.' - -// ========== // -// Parameters // -// ========== // - -@description('Optional. The name of the resource group to deploy for testing purposes.') -@maxLength(90) -param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' - -@description('Optional. The location to deploy resources to.') -param resourceLocation string = deployment().location - -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') -param serviceShort string = 'nvgap' - -@description('Optional. A token to inject into the name of each resource.') -param namePrefix string = '#_namePrefix_#' - -// ============ // -// Dependencies // -// ============ // - -// General resources -// ================= -resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { - name: resourceGroupName - location: resourceLocation -} - -module nestedDependencies 'dependencies.bicep' = { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' - params: { - location: resourceLocation - virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' - localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' - } -} - -// ============== // -// Test Execution // -// ============== // - -@batchSize(1) -module testDeployment '../../../main.bicep' = [ - for iteration in ['init', 'idem']: { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' - params: { - location: resourceLocation - name: '${namePrefix}${serviceShort}001' - vpnGatewayGeneration: 'Generation2' - skuName: 'VpnGw2AZ' - gatewayType: 'Vpn' - vNetResourceId: nestedDependencies.outputs.vnetResourceId - clusterSettings: { - clusterMode:'activePassiveNoBgp' - } - - domainNameLabel: [ - '${namePrefix}-dm-${serviceShort}' - ] - publicIpZones: [ - 1 - 2 - 3 - ] - vpnType: 'RouteBased' - enablePrivateIpAddress: true - gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId - disableIPSecReplayProtection: true - allowRemoteVnetTraffic: true - enableBgpRouteTranslationForNat: true - } - dependsOn: [ - nestedDependencies - ] - } -] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/dependencies.bicep deleted file mode 100644 index 223faddfbd..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/dependencies.bicep +++ /dev/null @@ -1,30 +0,0 @@ -@description('Optional. The location to deploy resources to.') -param location string = resourceGroup().location - -@description('Required. The name of the Virtual Network to create.') -param virtualNetworkName string - -var addressPrefix = '10.0.0.0/16' - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { - name: virtualNetworkName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - addressPrefix - ] - } - subnets: [ - { - name: 'GatewaySubnet' - properties: { - addressPrefix: cidrSubnet(addressPrefix, 16, 0) - } - } - ] - } -} - -@description('The resource ID of the created Virtual Network.') -output vnetResourceId string = virtualNetwork.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/main.test.bicep deleted file mode 100644 index 1e1790c927..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/main.test.bicep +++ /dev/null @@ -1,75 +0,0 @@ -targetScope = 'subscription' - -metadata name = 'ExpressRoute' -metadata description = 'This instance deploys the module with the ExpressRoute set of required parameters.' - -// ========== // -// Parameters // -// ========== // - -@description('Optional. The name of the resource group to deploy for testing purposes.') -@maxLength(90) -param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' - -@description('Optional. The location to deploy resources to.') -param resourceLocation string = deployment().location - -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') -param serviceShort string = 'nvger' - -@description('Optional. A token to inject into the name of each resource.') -param namePrefix string = '#_namePrefix_#' - -// ============ // -// Dependencies // -// ============ // - -// General resources -// ================= -resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { - name: resourceGroupName - location: resourceLocation -} - -module nestedDependencies 'dependencies.bicep' = { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' - params: { - location: resourceLocation - virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' - } -} - -// ============== // -// Test Execution // -// ============== // - -@batchSize(1) -module testDeployment '../../../main.bicep' = [ - for iteration in ['init', 'idem']: { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' - params: { - location: resourceLocation - name: '${namePrefix}${serviceShort}001' - skuName: 'ErGw1AZ' - gatewayType: 'ExpressRoute' - vNetResourceId: nestedDependencies.outputs.vnetResourceId - clusterSettings:{ - clusterMode: 'activePassiveBgp' - } - domainNameLabel: [ - '${namePrefix}-dm-${serviceShort}' - ] - firstPipName: '${namePrefix}-pip-${serviceShort}' - publicIpZones: [ - 1 - 2 - 3 - ] - } - dependsOn: [ - nestedDependencies - ] - } -] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/dependencies.bicep deleted file mode 100644 index c3aebf111c..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/dependencies.bicep +++ /dev/null @@ -1,49 +0,0 @@ -@description('Optional. The location to deploy resources to.') -param location string = resourceGroup().location - -@description('Required. The name of the Virtual Network to create.') -param virtualNetworkName string - -@description('Required. The name of the Local Network Gateway to create.') -param localNetworkGatewayName string - -var addressPrefix = '10.0.0.0/16' - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { - name: virtualNetworkName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - addressPrefix - ] - } - subnets: [ - { - name: 'GatewaySubnet' - properties: { - addressPrefix: cidrSubnet(addressPrefix, 16, 0) - } - } - ] - } -} - -resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { - name: localNetworkGatewayName - location: location - properties: { - gatewayIpAddress: '100.100.100.100' - localNetworkAddressSpace: { - addressPrefixes: [ - '192.168.0.0/24' - ] - } - } -} - -@description('The resource ID of the created Virtual Network.') -output vnetResourceId string = virtualNetwork.id - -@description('The resource ID of the created Local Network Gateway.') -output localNetworkGatewayResourceId string = localNetworkGateway.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/main.test.bicep deleted file mode 100644 index fc3410af52..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/main.test.bicep +++ /dev/null @@ -1,69 +0,0 @@ -targetScope = 'subscription' - -metadata name = 'Using SKU without Availability Zones' -metadata description = 'This instance deploys the module with a SKU that does not support Availability Zones.' - -// ========== // -// Parameters // -// ========== // - -@description('Optional. The name of the resource group to deploy for testing purposes.') -@maxLength(90) -param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' - -@description('Optional. The location to deploy resources to.') -param resourceLocation string = deployment().location - -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') -param serviceShort string = 'nvgnaz' - -@description('Optional. A token to inject into the name of each resource.') -param namePrefix string = '#_namePrefix_#' - -// ============ // -// Dependencies // -// ============ // - -// General resources -// ================= - -resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { - name: resourceGroupName - location: resourceLocation -} - -module nestedDependencies 'dependencies.bicep' = { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' - params: { - location: resourceLocation - virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' - localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' - } -} - -// ============== // -// Test Execution // -// ============== // - -@batchSize(1) -module testDeployment '../../../main.bicep' = [ - for iteration in ['init', 'idem']: { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' - params: { - location: resourceLocation - name: '${namePrefix}${serviceShort}001' - skuName: 'VpnGw1' - gatewayType: 'Vpn' - publicIpZones: [] - vNetResourceId: nestedDependencies.outputs.vnetResourceId - clusterSettings: { - clusterMode: 'activePassiveNoBgp' - } - } - dependsOn: [ - nestedDependencies - ] - } -] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/vpn/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/vpn/dependencies.bicep deleted file mode 100644 index c3aebf111c..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/vpn/dependencies.bicep +++ /dev/null @@ -1,49 +0,0 @@ -@description('Optional. The location to deploy resources to.') -param location string = resourceGroup().location - -@description('Required. The name of the Virtual Network to create.') -param virtualNetworkName string - -@description('Required. The name of the Local Network Gateway to create.') -param localNetworkGatewayName string - -var addressPrefix = '10.0.0.0/16' - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { - name: virtualNetworkName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - addressPrefix - ] - } - subnets: [ - { - name: 'GatewaySubnet' - properties: { - addressPrefix: cidrSubnet(addressPrefix, 16, 0) - } - } - ] - } -} - -resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { - name: localNetworkGatewayName - location: location - properties: { - gatewayIpAddress: '100.100.100.100' - localNetworkAddressSpace: { - addressPrefixes: [ - '192.168.0.0/24' - ] - } - } -} - -@description('The resource ID of the created Virtual Network.') -output vnetResourceId string = virtualNetwork.id - -@description('The resource ID of the created Local Network Gateway.') -output localNetworkGatewayResourceId string = localNetworkGateway.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/vpn/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/vpn/main.test.bicep deleted file mode 100644 index 4258c36c8a..0000000000 --- a/avm/res/network/virtual-network-gateway/tests/e2e/vpn/main.test.bicep +++ /dev/null @@ -1,82 +0,0 @@ -targetScope = 'subscription' - -metadata name = 'VPN' -metadata description = 'This instance deploys the module with the VPN set of required parameters.' - -// ========== // -// Parameters // -// ========== // - -@description('Optional. The name of the resource group to deploy for testing purposes.') -@maxLength(90) -param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' - -@description('Optional. The location to deploy resources to.') -param resourceLocation string = deployment().location - -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') -param serviceShort string = 'nvgvpn' - -@description('Optional. A token to inject into the name of each resource.') -param namePrefix string = '#_namePrefix_#' - -// ============ // -// Dependencies // -// ============ // - -// General resources -// ================= -resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { - name: resourceGroupName - location: resourceLocation -} - -module nestedDependencies 'dependencies.bicep' = { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' - params: { - location: resourceLocation - virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' - localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' - } -} - -// ============== // -// Test Execution // -// ============== // - -@batchSize(1) -module testDeployment '../../../main.bicep' = [ - for iteration in ['init', 'idem']: { - scope: resourceGroup - name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' - params: { - location: resourceLocation - name: '${namePrefix}${serviceShort}001' - vpnGatewayGeneration: 'Generation2' - skuName: 'VpnGw2AZ' - gatewayType: 'Vpn' - vNetResourceId: nestedDependencies.outputs.vnetResourceId - clusterSettings:{ - clusterMode: 'activeActiveNoBgp' - } - domainNameLabel: [ - '${namePrefix}-dm-${serviceShort}' - ] - publicIpZones: [ - 1 - 2 - 3 - ] - vpnType: 'RouteBased' - enablePrivateIpAddress: true - gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId - disableIPSecReplayProtection: true - allowRemoteVnetTraffic: true - enableBgpRouteTranslationForNat: true - } - dependsOn: [ - nestedDependencies - ] - } -] From 43c80377027ac1bfbe605b1c401f15b1174b8c02 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Fri, 25 Oct 2024 13:14:52 +0200 Subject: [PATCH 07/18] test2 --- .../virtual-network-gateway/main.bicep | 6 +- .../activeActiveBgpAPIPA/dependencies.bicep | 49 +++++++++++ .../e2e/activeActiveBgpAPIPA/main.test.bicep | 85 +++++++++++++++++++ 3 files changed, 137 insertions(+), 3 deletions(-) create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/dependencies.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/main.test.bicep diff --git a/avm/res/network/virtual-network-gateway/main.bicep b/avm/res/network/virtual-network-gateway/main.bicep index bf9ec140ec..3231fcaf2b 100644 --- a/avm/res/network/virtual-network-gateway/main.bicep +++ b/avm/res/network/virtual-network-gateway/main.bicep @@ -502,14 +502,14 @@ output publicIpAddress string = !empty(existingFirstPipResourceId) ? reference(e @description('The custom Azure APIPA BGP IP address.') //output customBgpIpAddress string = clusterSettings.?customBgpIpAddresses -output defaultBgpIpAddresses string = isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].defaultBgpIpAddresses, ','): 'Not applicable (No Bgp)' +output defaultBgpIpAddresses string = isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].defaultBgpIpAddresses, ','): '' //'Not applicable (No Bgp)' @description('The second public IP address of the virtual network gateway (Active-Active mode).') -output secondPublicIpAddress string = isActiveActive ? !empty(existingSecondPipResourceIdVar) ? reference(existingSecondPipResourceIdVar,'2023-04-01').properties.ipAddress: publicIPAddress[1].outputs.ipAddress: 'Not applicable (Active-Passive mode)' +output secondPublicIpAddress string = isActiveActive ? !empty(existingSecondPipResourceIdVar) ? reference(existingSecondPipResourceIdVar,'2023-04-01').properties.ipAddress: publicIPAddress[1].outputs.ipAddress: '' // 'Not applicable (Active-Passive mode)' @description('The second custom Azure APIPA BGP IP address (Active-Active mode).') //output secondCustomBgpIpAddress string = isActiveActive ? clusterSettings.?secondCustomBgpIpAddresses : 'Not applicable (Active-Passive mode)' -output secondCustomBgpIpAddress string = isActiveActive && isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].defaultBgpIpAddresses, ','): 'Not applicable (Active-Passive mode)' +output secondCustomBgpIpAddress string = isActiveActive && isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].defaultBgpIpAddresses, ','): '' //'Not applicable (Active-Passive mode)' // =============== // diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/dependencies.bicep new file mode 100644 index 0000000000..c3aebf111c --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/dependencies.bicep @@ -0,0 +1,49 @@ +@description('Optional. The location to deploy resources to.') +param location string = resourceGroup().location + +@description('Required. The name of the Virtual Network to create.') +param virtualNetworkName string + +@description('Required. The name of the Local Network Gateway to create.') +param localNetworkGatewayName string + +var addressPrefix = '10.0.0.0/16' + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + addressPrefix + ] + } + subnets: [ + { + name: 'GatewaySubnet' + properties: { + addressPrefix: cidrSubnet(addressPrefix, 16, 0) + } + } + ] + } +} + +resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { + name: localNetworkGatewayName + location: location + properties: { + gatewayIpAddress: '100.100.100.100' + localNetworkAddressSpace: { + addressPrefixes: [ + '192.168.0.0/24' + ] + } + } +} + +@description('The resource ID of the created Virtual Network.') +output vnetResourceId string = virtualNetwork.id + +@description('The resource ID of the created Local Network Gateway.') +output localNetworkGatewayResourceId string = localNetworkGateway.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/main.test.bicep new file mode 100644 index 0000000000..16fe844184 --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBgpAPIPA/main.test.bicep @@ -0,0 +1,85 @@ +targetScope = 'subscription' + +metadata name = 'VPN Active Active with BGP settings' +metadata description = 'This instance deploys the module with the VPN Active Active with APIPA BGP settings.' + +// ========== // +// Parameters // +// ========== // + +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param resourceLocation string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'nvgaaa' + +@description('Optional. A token to inject into the name of each resource.') +param namePrefix string = '#_namePrefix_#' + +// ============ // +// Dependencies // +// ============ // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: resourceLocation +} + +module nestedDependencies 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' + params: { + location: resourceLocation + virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' + localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' + } +} + +// ============== // +// Test Execution // +// ============== // + +@batchSize(1) +module testDeployment '../../../main.bicep' = [ + for iteration in ['init', 'idem']: { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' + params: { + location: resourceLocation + name: '${namePrefix}${serviceShort}001' + vpnGatewayGeneration: 'Generation2' + skuName: 'VpnGw2AZ' + gatewayType: 'Vpn' + vNetResourceId: nestedDependencies.outputs.vnetResourceId + clusterSettings: { + clusterMode: 'activeActiveBgp' + customBgpIpAddresses: ['169.254.21.4','169.254.21.5'] + secondCustomBgpIpAddresses: ['169.254.22.4','169.254.22.5'] + } + + domainNameLabel: [ + '${namePrefix}-dm-${serviceShort}' + ] + publicIpZones: [ + 1 + 2 + 3 + ] + vpnType: 'RouteBased' + enablePrivateIpAddress: true + gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId + disableIPSecReplayProtection: true + allowRemoteVnetTraffic: true + enableBgpRouteTranslationForNat: true + } + dependsOn: [ + nestedDependencies + ] + } +] From 45a0428a0c1b793e980a6dcee9c1775a28e92395 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Fri, 25 Oct 2024 14:59:18 +0200 Subject: [PATCH 08/18] test 3 --- .../network/virtual-network-gateway/main.bicep | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/avm/res/network/virtual-network-gateway/main.bicep b/avm/res/network/virtual-network-gateway/main.bicep index 3231fcaf2b..1ebc0f93b3 100644 --- a/avm/res/network/virtual-network-gateway/main.bicep +++ b/avm/res/network/virtual-network-gateway/main.bicep @@ -497,19 +497,31 @@ output location string = virtualNetworkGateway.location @description('The ASN (Autonomous System Number) of the virtual network gateway.') output asn int = virtualNetworkGateway.properties.bgpSettings.asn +// Public IP Address @description('The public IP address of the virtual network gateway.') output publicIpAddress string = !empty(existingFirstPipResourceId) ? reference(existingFirstPipResourceId,'2023-04-01').properties.ipAddress: publicIPAddress[0].outputs.ipAddress +// Default Azure BGP peer IP address +@description(' The default Azure BGP peer IP address.') +output defaultBgpIpAddresses string = isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].defaultBgpIpAddresses, ','): '' //'Not applicable (No Bgp)' + +//Custom Azure APIPA BGP IP address @description('The custom Azure APIPA BGP IP address.') //output customBgpIpAddress string = clusterSettings.?customBgpIpAddresses -output defaultBgpIpAddresses string = isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].defaultBgpIpAddresses, ','): '' //'Not applicable (No Bgp)' +output customBgpIpAddresses string = isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].customBgpIpAddresses, ','): '' //'Not applicable (No Bgp)' +// Second Public IP Address @description('The second public IP address of the virtual network gateway (Active-Active mode).') output secondPublicIpAddress string = isActiveActive ? !empty(existingSecondPipResourceIdVar) ? reference(existingSecondPipResourceIdVar,'2023-04-01').properties.ipAddress: publicIPAddress[1].outputs.ipAddress: '' // 'Not applicable (Active-Passive mode)' +// Second Default Azure BGP peer IP address +@description('The second default Azure BGP peer IP address (Active-Active mode).') +//output secondCustomBgpIpAddress string = isActiveActive ? clusterSettings.?secondCustomBgpIpAddresses : 'Not applicable (Active-Passive mode)' +output secondBgpIpAddress string = isActiveActive && isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].defaultBgpIpAddresses, ','): '' //'Not applicable (Active-Passive mode)' + @description('The second custom Azure APIPA BGP IP address (Active-Active mode).') //output secondCustomBgpIpAddress string = isActiveActive ? clusterSettings.?secondCustomBgpIpAddresses : 'Not applicable (Active-Passive mode)' -output secondCustomBgpIpAddress string = isActiveActive && isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].defaultBgpIpAddresses, ','): '' //'Not applicable (Active-Passive mode)' +output secondCustomBgpIpAddress string = isActiveActive && isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].customBgpIpAddresses, ','): '' //'Not applicable (Active-Passive mode)' // =============== // From baa4bfad3d8d7edb429c039ee969cddd7bc43a29 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Fri, 25 Oct 2024 15:42:56 +0200 Subject: [PATCH 09/18] updated outputs --- .../network/virtual-network-gateway/README.md | 7 ++ .../virtual-network-gateway/main.bicep | 8 -- .../network/virtual-network-gateway/main.json | 51 +++++++++- .../e2e/activeActiveBGP/dependencies.bicep | 49 ++++++++++ .../tests/e2e/activeActiveBGP/main.test.bicep | 83 ++++++++++++++++ .../dependencies.bicep | 96 +++++++++++++++++++ .../activeActiveExistingPip/main.test.bicep | 88 +++++++++++++++++ .../e2e/activeActiveNoBGP/dependencies.bicep | 49 ++++++++++ .../e2e/activeActiveNoBGP/main.test.bicep | 83 ++++++++++++++++ .../e2e/activePassiveBGP/dependencies.bicep | 49 ++++++++++ .../e2e/activePassiveBGP/main.test.bicep | 85 ++++++++++++++++ .../dependencies.bicep | 74 ++++++++++++++ .../activePassiveExistingPip/main.test.bicep | 87 +++++++++++++++++ .../e2e/activePassiveNoBGP/dependencies.bicep | 49 ++++++++++ .../e2e/activePassiveNoBGP/main.test.bicep | 83 ++++++++++++++++ .../tests/e2e/expressRoute/dependencies.bicep | 30 ++++++ .../tests/e2e/expressRoute/main.test.bicep | 75 +++++++++++++++ .../tests/e2e/vpn-no-az/dependencies.bicep | 49 ++++++++++ .../tests/e2e/vpn-no-az/main.test.bicep | 69 +++++++++++++ .../tests/e2e/vpn/dependencies.bicep | 49 ++++++++++ .../tests/e2e/vpn/main.test.bicep | 82 ++++++++++++++++ 21 files changed, 1286 insertions(+), 9 deletions(-) create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/dependencies.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/main.test.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/dependencies.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/main.test.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/dependencies.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/main.test.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/dependencies.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/main.test.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/dependencies.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/main.test.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/dependencies.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/main.test.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/dependencies.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/main.test.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/dependencies.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/main.test.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/vpn/dependencies.bicep create mode 100644 avm/res/network/virtual-network-gateway/tests/e2e/vpn/main.test.bicep diff --git a/avm/res/network/virtual-network-gateway/README.md b/avm/res/network/virtual-network-gateway/README.md index 4d876db399..ba20ed29f1 100644 --- a/avm/res/network/virtual-network-gateway/README.md +++ b/avm/res/network/virtual-network-gateway/README.md @@ -3179,10 +3179,17 @@ Specifies the VPN type. | Output | Type | Description | | :-- | :-- | :-- | | `activeActive` | bool | Shows if the virtual network gateway is configured in Active-Active mode. | +| `asn` | int | The ASN (Autonomous System Number) of the virtual network gateway. | +| `customBgpIpAddresses` | string | The custom Azure APIPA BGP IP address. | +| `defaultBgpIpAddresses` | string | The default Azure BGP peer IP address. | | `location` | string | The location the resource was deployed into. | | `name` | string | The name of the virtual network gateway. | +| `publicIpAddress` | string | The public IP address of the virtual network gateway. | | `resourceGroupName` | string | The resource group the virtual network gateway was deployed. | | `resourceId` | string | The resource ID of the virtual network gateway. | +| `secondBgpIpAddress` | string | The second default Azure BGP peer IP address (Active-Active mode). | +| `secondCustomBgpIpAddress` | string | The second custom Azure APIPA BGP IP address (Active-Active mode). | +| `secondPublicIpAddress` | string | The second public IP address of the virtual network gateway (Active-Active mode). | ## Cross-referenced modules diff --git a/avm/res/network/virtual-network-gateway/main.bicep b/avm/res/network/virtual-network-gateway/main.bicep index 1ebc0f93b3..6ccca879b9 100644 --- a/avm/res/network/virtual-network-gateway/main.bicep +++ b/avm/res/network/virtual-network-gateway/main.bicep @@ -497,30 +497,22 @@ output location string = virtualNetworkGateway.location @description('The ASN (Autonomous System Number) of the virtual network gateway.') output asn int = virtualNetworkGateway.properties.bgpSettings.asn -// Public IP Address @description('The public IP address of the virtual network gateway.') output publicIpAddress string = !empty(existingFirstPipResourceId) ? reference(existingFirstPipResourceId,'2023-04-01').properties.ipAddress: publicIPAddress[0].outputs.ipAddress -// Default Azure BGP peer IP address @description(' The default Azure BGP peer IP address.') output defaultBgpIpAddresses string = isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].defaultBgpIpAddresses, ','): '' //'Not applicable (No Bgp)' -//Custom Azure APIPA BGP IP address @description('The custom Azure APIPA BGP IP address.') -//output customBgpIpAddress string = clusterSettings.?customBgpIpAddresses output customBgpIpAddresses string = isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].customBgpIpAddresses, ','): '' //'Not applicable (No Bgp)' -// Second Public IP Address @description('The second public IP address of the virtual network gateway (Active-Active mode).') output secondPublicIpAddress string = isActiveActive ? !empty(existingSecondPipResourceIdVar) ? reference(existingSecondPipResourceIdVar,'2023-04-01').properties.ipAddress: publicIPAddress[1].outputs.ipAddress: '' // 'Not applicable (Active-Passive mode)' -// Second Default Azure BGP peer IP address @description('The second default Azure BGP peer IP address (Active-Active mode).') -//output secondCustomBgpIpAddress string = isActiveActive ? clusterSettings.?secondCustomBgpIpAddresses : 'Not applicable (Active-Passive mode)' output secondBgpIpAddress string = isActiveActive && isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].defaultBgpIpAddresses, ','): '' //'Not applicable (Active-Passive mode)' @description('The second custom Azure APIPA BGP IP address (Active-Active mode).') -//output secondCustomBgpIpAddress string = isActiveActive ? clusterSettings.?secondCustomBgpIpAddresses : 'Not applicable (Active-Passive mode)' output secondCustomBgpIpAddress string = isActiveActive && isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].customBgpIpAddresses, ','): '' //'Not applicable (Active-Passive mode)' diff --git a/avm/res/network/virtual-network-gateway/main.json b/avm/res/network/virtual-network-gateway/main.json index 24ec2a7c45..da3eb9a654 100644 --- a/avm/res/network/virtual-network-gateway/main.json +++ b/avm/res/network/virtual-network-gateway/main.json @@ -6,7 +6,7 @@ "_generator": { "name": "bicep", "version": "0.30.23.60470", - "templateHash": "1499507825797406827" + "templateHash": "583126277202468137" }, "name": "Virtual Network Gateways", "description": "This module deploys a Virtual Network Gateway.", @@ -1627,6 +1627,55 @@ "description": "The location the resource was deployed into." }, "value": "[reference('virtualNetworkGateway', '2023-04-01', 'full').location]" + }, + "asn": { + "type": "int", + "metadata": { + "description": "The ASN (Autonomous System Number) of the virtual network gateway." + }, + "value": "[reference('virtualNetworkGateway').bgpSettings.asn]" + }, + "publicIpAddress": { + "type": "string", + "metadata": { + "description": "The public IP address of the virtual network gateway." + }, + "value": "[if(not(empty(parameters('existingFirstPipResourceId'))), reference(parameters('existingFirstPipResourceId'), '2023-04-01').properties.ipAddress, reference(format('publicIPAddress[{0}]', 0)).outputs.ipAddress.value)]" + }, + "defaultBgpIpAddresses": { + "type": "string", + "metadata": { + "description": " The default Azure BGP peer IP address." + }, + "value": "[if(variables('isBgp'), join(reference('virtualNetworkGateway').bgpSettings.bgpPeeringAddresses[0].defaultBgpIpAddresses, ','), '')]" + }, + "customBgpIpAddresses": { + "type": "string", + "metadata": { + "description": "The custom Azure APIPA BGP IP address." + }, + "value": "[if(variables('isBgp'), join(reference('virtualNetworkGateway').bgpSettings.bgpPeeringAddresses[0].customBgpIpAddresses, ','), '')]" + }, + "secondPublicIpAddress": { + "type": "string", + "metadata": { + "description": "The second public IP address of the virtual network gateway (Active-Active mode)." + }, + "value": "[if(variables('isActiveActive'), if(not(empty(variables('existingSecondPipResourceIdVar'))), reference(variables('existingSecondPipResourceIdVar'), '2023-04-01').properties.ipAddress, reference(format('publicIPAddress[{0}]', 1)).outputs.ipAddress.value), '')]" + }, + "secondBgpIpAddress": { + "type": "string", + "metadata": { + "description": "The second default Azure BGP peer IP address (Active-Active mode)." + }, + "value": "[if(and(variables('isActiveActive'), variables('isBgp')), join(reference('virtualNetworkGateway').bgpSettings.bgpPeeringAddresses[1].defaultBgpIpAddresses, ','), '')]" + }, + "secondCustomBgpIpAddress": { + "type": "string", + "metadata": { + "description": "The second custom Azure APIPA BGP IP address (Active-Active mode)." + }, + "value": "[if(and(variables('isActiveActive'), variables('isBgp')), join(reference('virtualNetworkGateway').bgpSettings.bgpPeeringAddresses[1].customBgpIpAddresses, ','), '')]" } } } \ No newline at end of file diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/dependencies.bicep new file mode 100644 index 0000000000..c3aebf111c --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/dependencies.bicep @@ -0,0 +1,49 @@ +@description('Optional. The location to deploy resources to.') +param location string = resourceGroup().location + +@description('Required. The name of the Virtual Network to create.') +param virtualNetworkName string + +@description('Required. The name of the Local Network Gateway to create.') +param localNetworkGatewayName string + +var addressPrefix = '10.0.0.0/16' + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + addressPrefix + ] + } + subnets: [ + { + name: 'GatewaySubnet' + properties: { + addressPrefix: cidrSubnet(addressPrefix, 16, 0) + } + } + ] + } +} + +resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { + name: localNetworkGatewayName + location: location + properties: { + gatewayIpAddress: '100.100.100.100' + localNetworkAddressSpace: { + addressPrefixes: [ + '192.168.0.0/24' + ] + } + } +} + +@description('The resource ID of the created Virtual Network.') +output vnetResourceId string = virtualNetwork.id + +@description('The resource ID of the created Local Network Gateway.') +output localNetworkGatewayResourceId string = localNetworkGateway.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/main.test.bicep new file mode 100644 index 0000000000..6270baf598 --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveBGP/main.test.bicep @@ -0,0 +1,83 @@ +targetScope = 'subscription' + +metadata name = 'VPN Active Active with BGP settings' +metadata description = 'This instance deploys the module with the VPN Active Active with BGP settings.' + +// ========== // +// Parameters // +// ========== // + +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param resourceLocation string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'nvgaab' + +@description('Optional. A token to inject into the name of each resource.') +param namePrefix string = '#_namePrefix_#' + +// ============ // +// Dependencies // +// ============ // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: resourceLocation +} + +module nestedDependencies 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' + params: { + location: resourceLocation + virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' + localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' + } +} + +// ============== // +// Test Execution // +// ============== // + +@batchSize(1) +module testDeployment '../../../main.bicep' = [ + for iteration in ['init', 'idem']: { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' + params: { + location: resourceLocation + name: '${namePrefix}${serviceShort}001' + vpnGatewayGeneration: 'Generation2' + skuName: 'VpnGw2AZ' + gatewayType: 'Vpn' + vNetResourceId: nestedDependencies.outputs.vnetResourceId + clusterSettings: { + clusterMode: 'activeActiveBgp' + } + + domainNameLabel: [ + '${namePrefix}-dm-${serviceShort}' + ] + publicIpZones: [ + 1 + 2 + 3 + ] + vpnType: 'RouteBased' + enablePrivateIpAddress: true + gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId + disableIPSecReplayProtection: true + allowRemoteVnetTraffic: true + enableBgpRouteTranslationForNat: true + } + dependsOn: [ + nestedDependencies + ] + } +] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/dependencies.bicep new file mode 100644 index 0000000000..8c33f30087 --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/dependencies.bicep @@ -0,0 +1,96 @@ +@description('Optional. The location to deploy resources to.') +param location string = resourceGroup().location + +@description('Required. The name of the Virtual Network to create.') +param virtualNetworkName string + +@description('Required. The name of the Local Network Gateway to create.') +param localNetworkGatewayName string + +@description('Required. The name of the Public IP to create.') +param existingFirstPipName string + +@description('Required. The name of the secondary Public IP to create in the active-active configuration.') +param existingSecondPipName string + +var addressPrefix = '10.0.0.0/16' + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + addressPrefix + ] + } + subnets: [ + { + name: 'GatewaySubnet' + properties: { + addressPrefix: cidrSubnet(addressPrefix, 16, 0) + } + } + ] + } +} + +resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { + name: localNetworkGatewayName + location: location + properties: { + gatewayIpAddress: '100.100.100.100' + localNetworkAddressSpace: { + addressPrefixes: [ + '192.168.0.0/24' + ] + } + } +} + +resource existingFirstPip 'Microsoft.Network/publicIPAddresses@2023-04-01' = { + name: existingFirstPipName + location: location + sku: { + name: 'Standard' + tier: 'Regional' + } + properties: { + publicIPAllocationMethod: 'Static' + } + zones: [ + '1' + '2' + '3' + ] +} + +resource existingSecondPip 'Microsoft.Network/publicIPAddresses@2023-04-01' = { + name: existingSecondPipName + location: location + sku: { + name: 'Standard' + tier: 'Regional' + } + properties: { + publicIPAllocationMethod: 'Static' + } + zones: [ + '1' + '2' + '3' + ] +} + + +@description('The resource ID of the created Virtual Network.') +output vnetResourceId string = virtualNetwork.id + +@description('The resource ID of the created Local Network Gateway.') +output localNetworkGatewayResourceId string = localNetworkGateway.id + +@description('The resource ID of the existing Public IP.') +output existingFirstPipResourceId string = existingFirstPip.id + +@description('The resource ID of the existing secondary Public IP.') +output existingSecondPipResourceId string = existingSecondPip.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/main.test.bicep new file mode 100644 index 0000000000..5a0f74ba0b --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveExistingPip/main.test.bicep @@ -0,0 +1,88 @@ +targetScope = 'subscription' + +metadata name = 'VPN Active Active without BGP settings using two existent Public IPs' +metadata description = 'This instance deploys the module with the VPN Active Active without BGP settings.' + +// ========== // +// Parameters // +// ========== // + +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param resourceLocation string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'nvgaaep' + +@description('Optional. A token to inject into the name of each resource.') +param namePrefix string = '#_namePrefix_#' + +// ============ // +// Dependencies // +// ============ // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: resourceLocation +} + +module nestedDependencies 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' + params: { + location: resourceLocation + virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' + localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' + existingFirstPipName: 'dep-${namePrefix}-pip-${serviceShort}-existing1' + existingSecondPipName: 'dep-${namePrefix}-pip-${serviceShort}-existing2' + } +} + +// ============== // +// Test Execution // +// ============== // + +@batchSize(1) +module testDeployment '../../../main.bicep' = [ + for iteration in ['init', 'idem']: { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' + params: { + location: resourceLocation + name: '${namePrefix}${serviceShort}001' + vpnGatewayGeneration: 'Generation2' + skuName: 'VpnGw2AZ' + gatewayType: 'Vpn' + vNetResourceId: nestedDependencies.outputs.vnetResourceId + existingFirstPipResourceId: nestedDependencies.outputs.existingFirstPipResourceId + + clusterSettings: { + clusterMode: 'activeActiveNoBgp' + existingSecondPipResourceId: nestedDependencies.outputs.existingSecondPipResourceId + } + + domainNameLabel: [ + '${namePrefix}-dm-${serviceShort}' + ] + publicIpZones: [ + 1 + 2 + 3 + ] + vpnType: 'RouteBased' + enablePrivateIpAddress: true + gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId + disableIPSecReplayProtection: true + allowRemoteVnetTraffic: true + enableBgpRouteTranslationForNat: true + } + dependsOn: [ + nestedDependencies + ] + } +] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/dependencies.bicep new file mode 100644 index 0000000000..c3aebf111c --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/dependencies.bicep @@ -0,0 +1,49 @@ +@description('Optional. The location to deploy resources to.') +param location string = resourceGroup().location + +@description('Required. The name of the Virtual Network to create.') +param virtualNetworkName string + +@description('Required. The name of the Local Network Gateway to create.') +param localNetworkGatewayName string + +var addressPrefix = '10.0.0.0/16' + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + addressPrefix + ] + } + subnets: [ + { + name: 'GatewaySubnet' + properties: { + addressPrefix: cidrSubnet(addressPrefix, 16, 0) + } + } + ] + } +} + +resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { + name: localNetworkGatewayName + location: location + properties: { + gatewayIpAddress: '100.100.100.100' + localNetworkAddressSpace: { + addressPrefixes: [ + '192.168.0.0/24' + ] + } + } +} + +@description('The resource ID of the created Virtual Network.') +output vnetResourceId string = virtualNetwork.id + +@description('The resource ID of the created Local Network Gateway.') +output localNetworkGatewayResourceId string = localNetworkGateway.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/main.test.bicep new file mode 100644 index 0000000000..7d799c5c2c --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/activeActiveNoBGP/main.test.bicep @@ -0,0 +1,83 @@ +targetScope = 'subscription' + +metadata name = 'VPN Active Active without BGP settings' +metadata description = 'This instance deploys the module with the VPN Active Active without BGP settings.' + +// ========== // +// Parameters // +// ========== // + +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param resourceLocation string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'nvgaa' + +@description('Optional. A token to inject into the name of each resource.') +param namePrefix string = '#_namePrefix_#' + +// ============ // +// Dependencies // +// ============ // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: resourceLocation +} + +module nestedDependencies 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' + params: { + location: resourceLocation + virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' + localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' + } +} + +// ============== // +// Test Execution // +// ============== // + +@batchSize(1) +module testDeployment '../../../main.bicep' = [ + for iteration in ['init', 'idem']: { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' + params: { + location: resourceLocation + name: '${namePrefix}${serviceShort}001' + vpnGatewayGeneration: 'Generation2' + skuName: 'VpnGw2AZ' + gatewayType: 'Vpn' + vNetResourceId: nestedDependencies.outputs.vnetResourceId + clusterSettings: { + clusterMode: 'activeActiveNoBgp' + } + + domainNameLabel: [ + '${namePrefix}-dm-${serviceShort}' + ] + publicIpZones: [ + 1 + 2 + 3 + ] + vpnType: 'RouteBased' + enablePrivateIpAddress: true + gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId + disableIPSecReplayProtection: true + allowRemoteVnetTraffic: true + enableBgpRouteTranslationForNat: true + } + dependsOn: [ + nestedDependencies + ] + } +] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/dependencies.bicep new file mode 100644 index 0000000000..c3aebf111c --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/dependencies.bicep @@ -0,0 +1,49 @@ +@description('Optional. The location to deploy resources to.') +param location string = resourceGroup().location + +@description('Required. The name of the Virtual Network to create.') +param virtualNetworkName string + +@description('Required. The name of the Local Network Gateway to create.') +param localNetworkGatewayName string + +var addressPrefix = '10.0.0.0/16' + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + addressPrefix + ] + } + subnets: [ + { + name: 'GatewaySubnet' + properties: { + addressPrefix: cidrSubnet(addressPrefix, 16, 0) + } + } + ] + } +} + +resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { + name: localNetworkGatewayName + location: location + properties: { + gatewayIpAddress: '100.100.100.100' + localNetworkAddressSpace: { + addressPrefixes: [ + '192.168.0.0/24' + ] + } + } +} + +@description('The resource ID of the created Virtual Network.') +output vnetResourceId string = virtualNetwork.id + +@description('The resource ID of the created Local Network Gateway.') +output localNetworkGatewayResourceId string = localNetworkGateway.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/main.test.bicep new file mode 100644 index 0000000000..1aa9da7c34 --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveBGP/main.test.bicep @@ -0,0 +1,85 @@ +targetScope = 'subscription' + +metadata name = 'VPN Active Passive with BGP settings' +metadata description = 'This instance deploys the module with the VPN Active Passive with APIPA BGP settings.' + +// ========== // +// Parameters // +// ========== // + +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param resourceLocation string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'nvgapb' + +@description('Optional. A token to inject into the name of each resource.') +param namePrefix string = '#_namePrefix_#' + +// ============ // +// Dependencies // +// ============ // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: resourceLocation +} + +module nestedDependencies 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' + params: { + location: resourceLocation + virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' + localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' + } +} + +// ============== // +// Test Execution // +// ============== // + +@batchSize(1) +module testDeployment '../../../main.bicep' = [ + for iteration in ['init', 'idem']: { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' + params: { + location: resourceLocation + name: '${namePrefix}${serviceShort}001' + vpnGatewayGeneration: 'Generation2' + skuName: 'VpnGw2AZ' + gatewayType: 'Vpn' + vNetResourceId: nestedDependencies.outputs.vnetResourceId + clusterSettings: { + clusterMode:'activePassiveBgp' + customBgpIpAddresses: ['169.254.21.4','169.254.21.5'] + asn: 65815 + } + + domainNameLabel: [ + '${namePrefix}-dm-${serviceShort}' + ] + publicIpZones: [ + 1 + 2 + 3 + ] + vpnType: 'RouteBased' + enablePrivateIpAddress: true + gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId + disableIPSecReplayProtection: true + allowRemoteVnetTraffic: true + enableBgpRouteTranslationForNat: true + } + dependsOn: [ + nestedDependencies + ] + } +] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/dependencies.bicep new file mode 100644 index 0000000000..61e10ff9da --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/dependencies.bicep @@ -0,0 +1,74 @@ +@description('Optional. The location to deploy resources to.') +param location string = resourceGroup().location + +@description('Required. The name of the Virtual Network to create.') +param virtualNetworkName string + +@description('Required. The name of the Local Network Gateway to create.') +param localNetworkGatewayName string + +@description('Required. The name of the Public IP to create.') +param existingFirstPipName string + +var addressPrefix = '10.0.0.0/16' + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + addressPrefix + ] + } + subnets: [ + { + name: 'GatewaySubnet' + properties: { + addressPrefix: cidrSubnet(addressPrefix, 16, 0) + } + } + ] + } +} + +resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { + name: localNetworkGatewayName + location: location + properties: { + gatewayIpAddress: '100.100.100.100' + localNetworkAddressSpace: { + addressPrefixes: [ + '192.168.0.0/24' + ] + } + } +} + + +resource existingFirstPip 'Microsoft.Network/publicIPAddresses@2023-04-01' = { + name: existingFirstPipName + location: location + sku: { + name: 'Standard' + tier: 'Regional' + } + properties: { + publicIPAllocationMethod: 'Static' + } + zones: [ + '1' + '2' + '3' + ] +} + +@description('The resource ID of the created Virtual Network.') +output vnetResourceId string = virtualNetwork.id + +@description('The resource ID of the created Local Network Gateway.') +output localNetworkGatewayResourceId string = localNetworkGateway.id + +@description('The resource ID of the existing Public IP.') +output existingFirstPipResourceId string = existingFirstPip.id + diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/main.test.bicep new file mode 100644 index 0000000000..27c179eef4 --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveExistingPip/main.test.bicep @@ -0,0 +1,87 @@ +targetScope = 'subscription' + +metadata name = 'VPN Active Passive with BGP settings using existing Public IP' +metadata description = 'This instance deploys the module with the VPN Active Passive with APIPA BGP settings and existing primary public IP.' + +// ========== // +// Parameters // +// ========== // + +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param resourceLocation string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'nvgapep' + +@description('Optional. A token to inject into the name of each resource.') +param namePrefix string = '#_namePrefix_#' + +// ============ // +// Dependencies // +// ============ // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: resourceLocation +} + +module nestedDependencies 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' + params: { + location: resourceLocation + virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' + localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' + existingFirstPipName: 'dep-${namePrefix}-pip-${serviceShort}-existing1' + } +} + +// ============== // +// Test Execution // +// ============== // + +@batchSize(1) +module testDeployment '../../../main.bicep' = [ + for iteration in ['init', 'idem']: { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' + params: { + location: resourceLocation + name: '${namePrefix}${serviceShort}001' + vpnGatewayGeneration: 'Generation2' + skuName: 'VpnGw2AZ' + gatewayType: 'Vpn' + vNetResourceId: nestedDependencies.outputs.vnetResourceId + existingFirstPipResourceId: nestedDependencies.outputs.existingFirstPipResourceId + clusterSettings: { + clusterMode:'activePassiveBgp' + customBgpIpAddresses: ['169.254.21.4','169.254.21.5'] + asn: 65815 + } + + domainNameLabel: [ + '${namePrefix}-dm-${serviceShort}' + ] + publicIpZones: [ + 1 + 2 + 3 + ] + vpnType: 'RouteBased' + enablePrivateIpAddress: true + gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId + disableIPSecReplayProtection: true + allowRemoteVnetTraffic: true + enableBgpRouteTranslationForNat: true + } + dependsOn: [ + nestedDependencies + ] + } +] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/dependencies.bicep new file mode 100644 index 0000000000..c3aebf111c --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/dependencies.bicep @@ -0,0 +1,49 @@ +@description('Optional. The location to deploy resources to.') +param location string = resourceGroup().location + +@description('Required. The name of the Virtual Network to create.') +param virtualNetworkName string + +@description('Required. The name of the Local Network Gateway to create.') +param localNetworkGatewayName string + +var addressPrefix = '10.0.0.0/16' + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + addressPrefix + ] + } + subnets: [ + { + name: 'GatewaySubnet' + properties: { + addressPrefix: cidrSubnet(addressPrefix, 16, 0) + } + } + ] + } +} + +resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { + name: localNetworkGatewayName + location: location + properties: { + gatewayIpAddress: '100.100.100.100' + localNetworkAddressSpace: { + addressPrefixes: [ + '192.168.0.0/24' + ] + } + } +} + +@description('The resource ID of the created Virtual Network.') +output vnetResourceId string = virtualNetwork.id + +@description('The resource ID of the created Local Network Gateway.') +output localNetworkGatewayResourceId string = localNetworkGateway.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/main.test.bicep new file mode 100644 index 0000000000..ee3904f4b8 --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/activePassiveNoBGP/main.test.bicep @@ -0,0 +1,83 @@ +targetScope = 'subscription' + +metadata name = 'VPN Active Passive without BGP settings' +metadata description = 'This instance deploys the module with the VPN Active Passive without BGP settings.' + +// ========== // +// Parameters // +// ========== // + +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param resourceLocation string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'nvgap' + +@description('Optional. A token to inject into the name of each resource.') +param namePrefix string = '#_namePrefix_#' + +// ============ // +// Dependencies // +// ============ // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: resourceLocation +} + +module nestedDependencies 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' + params: { + location: resourceLocation + virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' + localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' + } +} + +// ============== // +// Test Execution // +// ============== // + +@batchSize(1) +module testDeployment '../../../main.bicep' = [ + for iteration in ['init', 'idem']: { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' + params: { + location: resourceLocation + name: '${namePrefix}${serviceShort}001' + vpnGatewayGeneration: 'Generation2' + skuName: 'VpnGw2AZ' + gatewayType: 'Vpn' + vNetResourceId: nestedDependencies.outputs.vnetResourceId + clusterSettings: { + clusterMode:'activePassiveNoBgp' + } + + domainNameLabel: [ + '${namePrefix}-dm-${serviceShort}' + ] + publicIpZones: [ + 1 + 2 + 3 + ] + vpnType: 'RouteBased' + enablePrivateIpAddress: true + gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId + disableIPSecReplayProtection: true + allowRemoteVnetTraffic: true + enableBgpRouteTranslationForNat: true + } + dependsOn: [ + nestedDependencies + ] + } +] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/dependencies.bicep new file mode 100644 index 0000000000..223faddfbd --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/dependencies.bicep @@ -0,0 +1,30 @@ +@description('Optional. The location to deploy resources to.') +param location string = resourceGroup().location + +@description('Required. The name of the Virtual Network to create.') +param virtualNetworkName string + +var addressPrefix = '10.0.0.0/16' + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + addressPrefix + ] + } + subnets: [ + { + name: 'GatewaySubnet' + properties: { + addressPrefix: cidrSubnet(addressPrefix, 16, 0) + } + } + ] + } +} + +@description('The resource ID of the created Virtual Network.') +output vnetResourceId string = virtualNetwork.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/main.test.bicep new file mode 100644 index 0000000000..1e1790c927 --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/expressRoute/main.test.bicep @@ -0,0 +1,75 @@ +targetScope = 'subscription' + +metadata name = 'ExpressRoute' +metadata description = 'This instance deploys the module with the ExpressRoute set of required parameters.' + +// ========== // +// Parameters // +// ========== // + +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param resourceLocation string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'nvger' + +@description('Optional. A token to inject into the name of each resource.') +param namePrefix string = '#_namePrefix_#' + +// ============ // +// Dependencies // +// ============ // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: resourceLocation +} + +module nestedDependencies 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' + params: { + location: resourceLocation + virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' + } +} + +// ============== // +// Test Execution // +// ============== // + +@batchSize(1) +module testDeployment '../../../main.bicep' = [ + for iteration in ['init', 'idem']: { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' + params: { + location: resourceLocation + name: '${namePrefix}${serviceShort}001' + skuName: 'ErGw1AZ' + gatewayType: 'ExpressRoute' + vNetResourceId: nestedDependencies.outputs.vnetResourceId + clusterSettings:{ + clusterMode: 'activePassiveBgp' + } + domainNameLabel: [ + '${namePrefix}-dm-${serviceShort}' + ] + firstPipName: '${namePrefix}-pip-${serviceShort}' + publicIpZones: [ + 1 + 2 + 3 + ] + } + dependsOn: [ + nestedDependencies + ] + } +] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/dependencies.bicep new file mode 100644 index 0000000000..c3aebf111c --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/dependencies.bicep @@ -0,0 +1,49 @@ +@description('Optional. The location to deploy resources to.') +param location string = resourceGroup().location + +@description('Required. The name of the Virtual Network to create.') +param virtualNetworkName string + +@description('Required. The name of the Local Network Gateway to create.') +param localNetworkGatewayName string + +var addressPrefix = '10.0.0.0/16' + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + addressPrefix + ] + } + subnets: [ + { + name: 'GatewaySubnet' + properties: { + addressPrefix: cidrSubnet(addressPrefix, 16, 0) + } + } + ] + } +} + +resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { + name: localNetworkGatewayName + location: location + properties: { + gatewayIpAddress: '100.100.100.100' + localNetworkAddressSpace: { + addressPrefixes: [ + '192.168.0.0/24' + ] + } + } +} + +@description('The resource ID of the created Virtual Network.') +output vnetResourceId string = virtualNetwork.id + +@description('The resource ID of the created Local Network Gateway.') +output localNetworkGatewayResourceId string = localNetworkGateway.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/main.test.bicep new file mode 100644 index 0000000000..fc3410af52 --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/vpn-no-az/main.test.bicep @@ -0,0 +1,69 @@ +targetScope = 'subscription' + +metadata name = 'Using SKU without Availability Zones' +metadata description = 'This instance deploys the module with a SKU that does not support Availability Zones.' + +// ========== // +// Parameters // +// ========== // + +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param resourceLocation string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'nvgnaz' + +@description('Optional. A token to inject into the name of each resource.') +param namePrefix string = '#_namePrefix_#' + +// ============ // +// Dependencies // +// ============ // + +// General resources +// ================= + +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: resourceLocation +} + +module nestedDependencies 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' + params: { + location: resourceLocation + virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' + localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' + } +} + +// ============== // +// Test Execution // +// ============== // + +@batchSize(1) +module testDeployment '../../../main.bicep' = [ + for iteration in ['init', 'idem']: { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' + params: { + location: resourceLocation + name: '${namePrefix}${serviceShort}001' + skuName: 'VpnGw1' + gatewayType: 'Vpn' + publicIpZones: [] + vNetResourceId: nestedDependencies.outputs.vnetResourceId + clusterSettings: { + clusterMode: 'activePassiveNoBgp' + } + } + dependsOn: [ + nestedDependencies + ] + } +] diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/vpn/dependencies.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/vpn/dependencies.bicep new file mode 100644 index 0000000000..c3aebf111c --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/vpn/dependencies.bicep @@ -0,0 +1,49 @@ +@description('Optional. The location to deploy resources to.') +param location string = resourceGroup().location + +@description('Required. The name of the Virtual Network to create.') +param virtualNetworkName string + +@description('Required. The name of the Local Network Gateway to create.') +param localNetworkGatewayName string + +var addressPrefix = '10.0.0.0/16' + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + addressPrefix + ] + } + subnets: [ + { + name: 'GatewaySubnet' + properties: { + addressPrefix: cidrSubnet(addressPrefix, 16, 0) + } + } + ] + } +} + +resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2023-04-01' = { + name: localNetworkGatewayName + location: location + properties: { + gatewayIpAddress: '100.100.100.100' + localNetworkAddressSpace: { + addressPrefixes: [ + '192.168.0.0/24' + ] + } + } +} + +@description('The resource ID of the created Virtual Network.') +output vnetResourceId string = virtualNetwork.id + +@description('The resource ID of the created Local Network Gateway.') +output localNetworkGatewayResourceId string = localNetworkGateway.id diff --git a/avm/res/network/virtual-network-gateway/tests/e2e/vpn/main.test.bicep b/avm/res/network/virtual-network-gateway/tests/e2e/vpn/main.test.bicep new file mode 100644 index 0000000000..4258c36c8a --- /dev/null +++ b/avm/res/network/virtual-network-gateway/tests/e2e/vpn/main.test.bicep @@ -0,0 +1,82 @@ +targetScope = 'subscription' + +metadata name = 'VPN' +metadata description = 'This instance deploys the module with the VPN set of required parameters.' + +// ========== // +// Parameters // +// ========== // + +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'dep-${namePrefix}-network.virtualnetworkgateways-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param resourceLocation string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'nvgvpn' + +@description('Optional. A token to inject into the name of each resource.') +param namePrefix string = '#_namePrefix_#' + +// ============ // +// Dependencies // +// ============ // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: resourceLocation +} + +module nestedDependencies 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-nestedDependencies' + params: { + location: resourceLocation + virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}' + localNetworkGatewayName: 'dep-${namePrefix}-lng-${serviceShort}' + } +} + +// ============== // +// Test Execution // +// ============== // + +@batchSize(1) +module testDeployment '../../../main.bicep' = [ + for iteration in ['init', 'idem']: { + scope: resourceGroup + name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}' + params: { + location: resourceLocation + name: '${namePrefix}${serviceShort}001' + vpnGatewayGeneration: 'Generation2' + skuName: 'VpnGw2AZ' + gatewayType: 'Vpn' + vNetResourceId: nestedDependencies.outputs.vnetResourceId + clusterSettings:{ + clusterMode: 'activeActiveNoBgp' + } + domainNameLabel: [ + '${namePrefix}-dm-${serviceShort}' + ] + publicIpZones: [ + 1 + 2 + 3 + ] + vpnType: 'RouteBased' + enablePrivateIpAddress: true + gatewayDefaultSiteLocalNetworkGatewayId: nestedDependencies.outputs.localNetworkGatewayResourceId + disableIPSecReplayProtection: true + allowRemoteVnetTraffic: true + enableBgpRouteTranslationForNat: true + } + dependsOn: [ + nestedDependencies + ] + } +] From b692a78e4e0a8b30ea5e1c16af65455d9d5c180c Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Fri, 25 Oct 2024 15:49:51 +0200 Subject: [PATCH 10/18] updated output description --- avm/res/network/virtual-network-gateway/README.md | 2 +- avm/res/network/virtual-network-gateway/main.bicep | 2 +- avm/res/network/virtual-network-gateway/main.json | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/avm/res/network/virtual-network-gateway/README.md b/avm/res/network/virtual-network-gateway/README.md index ba20ed29f1..7453b2fb9f 100644 --- a/avm/res/network/virtual-network-gateway/README.md +++ b/avm/res/network/virtual-network-gateway/README.md @@ -3181,7 +3181,7 @@ Specifies the VPN type. | `activeActive` | bool | Shows if the virtual network gateway is configured in Active-Active mode. | | `asn` | int | The ASN (Autonomous System Number) of the virtual network gateway. | | `customBgpIpAddresses` | string | The custom Azure APIPA BGP IP address. | -| `defaultBgpIpAddresses` | string | The default Azure BGP peer IP address. | +| `defaultBgpIpAddresses` | string | The default Azure BGP peer IP address. | | `location` | string | The location the resource was deployed into. | | `name` | string | The name of the virtual network gateway. | | `publicIpAddress` | string | The public IP address of the virtual network gateway. | diff --git a/avm/res/network/virtual-network-gateway/main.bicep b/avm/res/network/virtual-network-gateway/main.bicep index 6ccca879b9..995b984304 100644 --- a/avm/res/network/virtual-network-gateway/main.bicep +++ b/avm/res/network/virtual-network-gateway/main.bicep @@ -500,7 +500,7 @@ output asn int = virtualNetworkGateway.properties.bgpSettings.asn @description('The public IP address of the virtual network gateway.') output publicIpAddress string = !empty(existingFirstPipResourceId) ? reference(existingFirstPipResourceId,'2023-04-01').properties.ipAddress: publicIPAddress[0].outputs.ipAddress -@description(' The default Azure BGP peer IP address.') +@description('The default Azure BGP peer IP address.') output defaultBgpIpAddresses string = isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].defaultBgpIpAddresses, ','): '' //'Not applicable (No Bgp)' @description('The custom Azure APIPA BGP IP address.') diff --git a/avm/res/network/virtual-network-gateway/main.json b/avm/res/network/virtual-network-gateway/main.json index da3eb9a654..18736254ef 100644 --- a/avm/res/network/virtual-network-gateway/main.json +++ b/avm/res/network/virtual-network-gateway/main.json @@ -6,7 +6,7 @@ "_generator": { "name": "bicep", "version": "0.30.23.60470", - "templateHash": "583126277202468137" + "templateHash": "14112536574076076539" }, "name": "Virtual Network Gateways", "description": "This module deploys a Virtual Network Gateway.", @@ -1645,7 +1645,7 @@ "defaultBgpIpAddresses": { "type": "string", "metadata": { - "description": " The default Azure BGP peer IP address." + "description": "The default Azure BGP peer IP address." }, "value": "[if(variables('isBgp'), join(reference('virtualNetworkGateway').bgpSettings.bgpPeeringAddresses[0].defaultBgpIpAddresses, ','), '')]" }, From e42fe7dd074840137b64f400b4c6faa47537663e Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Fri, 25 Oct 2024 17:36:06 +0200 Subject: [PATCH 11/18] updated asn output --- avm/res/network/virtual-network-gateway/main.bicep | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/avm/res/network/virtual-network-gateway/main.bicep b/avm/res/network/virtual-network-gateway/main.bicep index 995b984304..11c82fdbb6 100644 --- a/avm/res/network/virtual-network-gateway/main.bicep +++ b/avm/res/network/virtual-network-gateway/main.bicep @@ -495,25 +495,25 @@ output activeActive bool = virtualNetworkGateway.properties.activeActive output location string = virtualNetworkGateway.location @description('The ASN (Autonomous System Number) of the virtual network gateway.') -output asn int = virtualNetworkGateway.properties.bgpSettings.asn +output asn int? = isBgp ? virtualNetworkGateway.properties.bgpSettings.asn : null //'Not applicable (No Bgp)' @description('The public IP address of the virtual network gateway.') -output publicIpAddress string = !empty(existingFirstPipResourceId) ? reference(existingFirstPipResourceId,'2023-04-01').properties.ipAddress: publicIPAddress[0].outputs.ipAddress +output publicIpAddress string = !empty(existingFirstPipResourceId) ? reference(existingFirstPipResourceId,'2023-04-01').ipAddress: publicIPAddress[0].outputs.ipAddress @description('The default Azure BGP peer IP address.') -output defaultBgpIpAddresses string = isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].defaultBgpIpAddresses, ','): '' //'Not applicable (No Bgp)' +output defaultBgpIpAddresses string? = isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].defaultBgpIpAddresses, ','): null //'Not applicable (No Bgp)' @description('The custom Azure APIPA BGP IP address.') -output customBgpIpAddresses string = isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].customBgpIpAddresses, ','): '' //'Not applicable (No Bgp)' +output customBgpIpAddresses string? = isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[0].customBgpIpAddresses, ','): null //'Not applicable (No Bgp)' @description('The second public IP address of the virtual network gateway (Active-Active mode).') -output secondPublicIpAddress string = isActiveActive ? !empty(existingSecondPipResourceIdVar) ? reference(existingSecondPipResourceIdVar,'2023-04-01').properties.ipAddress: publicIPAddress[1].outputs.ipAddress: '' // 'Not applicable (Active-Passive mode)' +output secondPublicIpAddress string? = isActiveActive ? !empty(existingSecondPipResourceIdVar) ? reference(existingSecondPipResourceIdVar,'2023-04-01').ipAddress: publicIPAddress[1].outputs.ipAddress: null // 'Not applicable (Active-Passive mode)' @description('The second default Azure BGP peer IP address (Active-Active mode).') -output secondBgpIpAddress string = isActiveActive && isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].defaultBgpIpAddresses, ','): '' //'Not applicable (Active-Passive mode)' +output secondBgpIpAddress string? = isActiveActive && isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].defaultBgpIpAddresses, ','): null //'Not applicable (Active-Passive mode)' @description('The second custom Azure APIPA BGP IP address (Active-Active mode).') -output secondCustomBgpIpAddress string = isActiveActive && isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].customBgpIpAddresses, ','): '' //'Not applicable (Active-Passive mode)' +output secondCustomBgpIpAddress string? = isActiveActive && isBgp ? join(virtualNetworkGateway.properties.bgpSettings.bgpPeeringAddresses[1].customBgpIpAddresses, ','): null //'Not applicable (Active-Passive mode)' // =============== // From 04b0263bbda2ea19006463797254ea239b07b992 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Fri, 25 Oct 2024 17:40:48 +0200 Subject: [PATCH 12/18] updtated readme file --- .../network/virtual-network-gateway/main.json | 22 ++++++++++++------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/avm/res/network/virtual-network-gateway/main.json b/avm/res/network/virtual-network-gateway/main.json index 18736254ef..0073c3ce57 100644 --- a/avm/res/network/virtual-network-gateway/main.json +++ b/avm/res/network/virtual-network-gateway/main.json @@ -6,7 +6,7 @@ "_generator": { "name": "bicep", "version": "0.30.23.60470", - "templateHash": "14112536574076076539" + "templateHash": "8620447722364642222" }, "name": "Virtual Network Gateways", "description": "This module deploys a Virtual Network Gateway.", @@ -1630,52 +1630,58 @@ }, "asn": { "type": "int", + "nullable": true, "metadata": { "description": "The ASN (Autonomous System Number) of the virtual network gateway." }, - "value": "[reference('virtualNetworkGateway').bgpSettings.asn]" + "value": "[if(variables('isBgp'), reference('virtualNetworkGateway').bgpSettings.asn, null())]" }, "publicIpAddress": { "type": "string", "metadata": { "description": "The public IP address of the virtual network gateway." }, - "value": "[if(not(empty(parameters('existingFirstPipResourceId'))), reference(parameters('existingFirstPipResourceId'), '2023-04-01').properties.ipAddress, reference(format('publicIPAddress[{0}]', 0)).outputs.ipAddress.value)]" + "value": "[if(not(empty(parameters('existingFirstPipResourceId'))), reference(parameters('existingFirstPipResourceId'), '2023-04-01').ipAddress, reference(format('publicIPAddress[{0}]', 0)).outputs.ipAddress.value)]" }, "defaultBgpIpAddresses": { "type": "string", + "nullable": true, "metadata": { "description": "The default Azure BGP peer IP address." }, - "value": "[if(variables('isBgp'), join(reference('virtualNetworkGateway').bgpSettings.bgpPeeringAddresses[0].defaultBgpIpAddresses, ','), '')]" + "value": "[if(variables('isBgp'), join(reference('virtualNetworkGateway').bgpSettings.bgpPeeringAddresses[0].defaultBgpIpAddresses, ','), null())]" }, "customBgpIpAddresses": { "type": "string", + "nullable": true, "metadata": { "description": "The custom Azure APIPA BGP IP address." }, - "value": "[if(variables('isBgp'), join(reference('virtualNetworkGateway').bgpSettings.bgpPeeringAddresses[0].customBgpIpAddresses, ','), '')]" + "value": "[if(variables('isBgp'), join(reference('virtualNetworkGateway').bgpSettings.bgpPeeringAddresses[0].customBgpIpAddresses, ','), null())]" }, "secondPublicIpAddress": { "type": "string", + "nullable": true, "metadata": { "description": "The second public IP address of the virtual network gateway (Active-Active mode)." }, - "value": "[if(variables('isActiveActive'), if(not(empty(variables('existingSecondPipResourceIdVar'))), reference(variables('existingSecondPipResourceIdVar'), '2023-04-01').properties.ipAddress, reference(format('publicIPAddress[{0}]', 1)).outputs.ipAddress.value), '')]" + "value": "[if(variables('isActiveActive'), if(not(empty(variables('existingSecondPipResourceIdVar'))), reference(variables('existingSecondPipResourceIdVar'), '2023-04-01').ipAddress, reference(format('publicIPAddress[{0}]', 1)).outputs.ipAddress.value), null())]" }, "secondBgpIpAddress": { "type": "string", + "nullable": true, "metadata": { "description": "The second default Azure BGP peer IP address (Active-Active mode)." }, - "value": "[if(and(variables('isActiveActive'), variables('isBgp')), join(reference('virtualNetworkGateway').bgpSettings.bgpPeeringAddresses[1].defaultBgpIpAddresses, ','), '')]" + "value": "[if(and(variables('isActiveActive'), variables('isBgp')), join(reference('virtualNetworkGateway').bgpSettings.bgpPeeringAddresses[1].defaultBgpIpAddresses, ','), null())]" }, "secondCustomBgpIpAddress": { "type": "string", + "nullable": true, "metadata": { "description": "The second custom Azure APIPA BGP IP address (Active-Active mode)." }, - "value": "[if(and(variables('isActiveActive'), variables('isBgp')), join(reference('virtualNetworkGateway').bgpSettings.bgpPeeringAddresses[1].customBgpIpAddresses, ','), '')]" + "value": "[if(and(variables('isActiveActive'), variables('isBgp')), join(reference('virtualNetworkGateway').bgpSettings.bgpPeeringAddresses[1].customBgpIpAddresses, ','), null())]" } } } \ No newline at end of file From 2ace889e97a189c2b9452e17aba48dd61a5b2ca3 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Wed, 30 Oct 2024 08:41:53 +0100 Subject: [PATCH 13/18] test first review --- avm/res/network/virtual-network-gateway/README.md | 1 + avm/res/network/virtual-network-gateway/main.bicep | 5 ++++- avm/res/network/virtual-network-gateway/main.json | 12 ++++++++++-- 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/avm/res/network/virtual-network-gateway/README.md b/avm/res/network/virtual-network-gateway/README.md index 7453b2fb9f..1b794f869e 100644 --- a/avm/res/network/virtual-network-gateway/README.md +++ b/avm/res/network/virtual-network-gateway/README.md @@ -3182,6 +3182,7 @@ Specifies the VPN type. | `asn` | int | The ASN (Autonomous System Number) of the virtual network gateway. | | `customBgpIpAddresses` | string | The custom Azure APIPA BGP IP address. | | `defaultBgpIpAddresses` | string | The default Azure BGP peer IP address. | +| `ipConfigurations` | array | The IPconfigurations object of the Virtual Network Gateway. | | `location` | string | The location the resource was deployed into. | | `name` | string | The name of the virtual network gateway. | | `publicIpAddress` | string | The public IP address of the virtual network gateway. | diff --git a/avm/res/network/virtual-network-gateway/main.bicep b/avm/res/network/virtual-network-gateway/main.bicep index 11c82fdbb6..7ed781865a 100644 --- a/avm/res/network/virtual-network-gateway/main.bicep +++ b/avm/res/network/virtual-network-gateway/main.bicep @@ -495,7 +495,10 @@ output activeActive bool = virtualNetworkGateway.properties.activeActive output location string = virtualNetworkGateway.location @description('The ASN (Autonomous System Number) of the virtual network gateway.') -output asn int? = isBgp ? virtualNetworkGateway.properties.bgpSettings.asn : null //'Not applicable (No Bgp)' +output asn int? = virtualNetworkGateway.properties.bgpSettings.asn + +@description('The IPconfigurations object of the Virtual Network Gateway.') +output ipConfigurations array? = virtualNetworkGateway.properties.ipConfigurations @description('The public IP address of the virtual network gateway.') output publicIpAddress string = !empty(existingFirstPipResourceId) ? reference(existingFirstPipResourceId,'2023-04-01').ipAddress: publicIPAddress[0].outputs.ipAddress diff --git a/avm/res/network/virtual-network-gateway/main.json b/avm/res/network/virtual-network-gateway/main.json index 0073c3ce57..11c007cf30 100644 --- a/avm/res/network/virtual-network-gateway/main.json +++ b/avm/res/network/virtual-network-gateway/main.json @@ -6,7 +6,7 @@ "_generator": { "name": "bicep", "version": "0.30.23.60470", - "templateHash": "8620447722364642222" + "templateHash": "13981694724189921501" }, "name": "Virtual Network Gateways", "description": "This module deploys a Virtual Network Gateway.", @@ -1634,7 +1634,15 @@ "metadata": { "description": "The ASN (Autonomous System Number) of the virtual network gateway." }, - "value": "[if(variables('isBgp'), reference('virtualNetworkGateway').bgpSettings.asn, null())]" + "value": "[reference('virtualNetworkGateway').bgpSettings.asn]" + }, + "ipConfigurations": { + "type": "array", + "nullable": true, + "metadata": { + "description": "The IPconfigurations object of the Virtual Network Gateway." + }, + "value": "[reference('virtualNetworkGateway').ipConfigurations]" }, "publicIpAddress": { "type": "string", From 0d1a8486f59f1619e159db1d4b62543cd7476796 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Thu, 31 Oct 2024 08:04:11 +0100 Subject: [PATCH 14/18] upd skuname --- .../network/virtual-network-gateway/README.md | 62 +++++++++---------- .../virtual-network-gateway/main.bicep | 2 +- .../network/virtual-network-gateway/main.json | 4 +- 3 files changed, 34 insertions(+), 34 deletions(-) diff --git a/avm/res/network/virtual-network-gateway/README.md b/avm/res/network/virtual-network-gateway/README.md index 1b794f869e..52f47b8409 100644 --- a/avm/res/network/virtual-network-gateway/README.md +++ b/avm/res/network/virtual-network-gateway/README.md @@ -2446,7 +2446,6 @@ param vpnType = 'RouteBased' | [`clusterSettings`](#parameter-clustersettings) | object | Specifies one of the following four configurations: Active-Active with (clusterMode = activeActiveBgp) or without (clusterMode = activeActiveNoBgp) BGP, Active-Passive with (clusterMode = activePassiveBgp) or without (clusterMode = activePassiveNoBgp) BGP. | | [`gatewayType`](#parameter-gatewaytype) | string | Specifies the gateway type. E.g. VPN, ExpressRoute. | | [`name`](#parameter-name) | string | Specifies the Virtual Network Gateway name. | -| [`skuName`](#parameter-skuname) | string | The SKU of the Gateway. | | [`vNetResourceId`](#parameter-vnetresourceid) | string | Virtual Network resource ID. | **Optional parameters** @@ -2474,6 +2473,7 @@ param vpnType = 'RouteBased' | [`publicIPPrefixResourceId`](#parameter-publicipprefixresourceid) | string | Resource ID of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix. | | [`publicIpZones`](#parameter-publicipzones) | array | Specifies the zones of the Public IP address. Basic IP SKU does not support Availability Zones. | | [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignments to create. | +| [`skuName`](#parameter-skuname) | string | The SKU of the Gateway. | | [`tags`](#parameter-tags) | object | Tags of the resource. | | [`vpnClientAadConfiguration`](#parameter-vpnclientaadconfiguration) | object | Configuration for AAD Authentication for P2S Tunnel Type, Cannot be configured if clientRootCertData is provided. | | [`vpnClientAddressPoolPrefix`](#parameter-vpnclientaddresspoolprefix) | string | The IP address range from which VPN clients will receive an IP address when connected. Range specified must not overlap with on-premise network. | @@ -2508,36 +2508,6 @@ Specifies the Virtual Network Gateway name. - Required: Yes - Type: string -### Parameter: `skuName` - -The SKU of the Gateway. - -- Required: No -- Type: string -- Default: `[if(equals(parameters('gatewayType'), 'VPN'), 'VpnGw1AZ', 'ErGw1AZ')]` -- Allowed: - ```Bicep - [ - 'Basic' - 'ErGw1AZ' - 'ErGw2AZ' - 'ErGw3AZ' - 'HighPerformance' - 'Standard' - 'UltraPerformance' - 'VpnGw1' - 'VpnGw1AZ' - 'VpnGw2' - 'VpnGw2AZ' - 'VpnGw3' - 'VpnGw3AZ' - 'VpnGw4' - 'VpnGw4AZ' - 'VpnGw5' - 'VpnGw5AZ' - ] - ``` - ### Parameter: `vNetResourceId` Virtual Network resource ID. @@ -3120,6 +3090,36 @@ The principal type of the assigned principal ID. ] ``` +### Parameter: `skuName` + +The SKU of the Gateway. + +- Required: No +- Type: string +- Default: `[if(equals(parameters('gatewayType'), 'VPN'), 'VpnGw1AZ', 'ErGw1AZ')]` +- Allowed: + ```Bicep + [ + 'Basic' + 'ErGw1AZ' + 'ErGw2AZ' + 'ErGw3AZ' + 'HighPerformance' + 'Standard' + 'UltraPerformance' + 'VpnGw1' + 'VpnGw1AZ' + 'VpnGw2' + 'VpnGw2AZ' + 'VpnGw3' + 'VpnGw3AZ' + 'VpnGw4' + 'VpnGw4AZ' + 'VpnGw5' + 'VpnGw5AZ' + ] + ``` + ### Parameter: `tags` Tags of the resource. diff --git a/avm/res/network/virtual-network-gateway/main.bicep b/avm/res/network/virtual-network-gateway/main.bicep index 7ed781865a..30d8c66c07 100644 --- a/avm/res/network/virtual-network-gateway/main.bicep +++ b/avm/res/network/virtual-network-gateway/main.bicep @@ -42,7 +42,7 @@ param gatewayType string ]) param vpnGatewayGeneration string = 'None' -@description('Required. The SKU of the Gateway.') +@description('Optional. The SKU of the Gateway.') @allowed([ 'Basic' 'VpnGw1' diff --git a/avm/res/network/virtual-network-gateway/main.json b/avm/res/network/virtual-network-gateway/main.json index 11c007cf30..72b493f9e4 100644 --- a/avm/res/network/virtual-network-gateway/main.json +++ b/avm/res/network/virtual-network-gateway/main.json @@ -6,7 +6,7 @@ "_generator": { "name": "bicep", "version": "0.30.23.60470", - "templateHash": "13981694724189921501" + "templateHash": "1342947748750879125" }, "name": "Virtual Network Gateways", "description": "This module deploys a Virtual Network Gateway.", @@ -470,7 +470,7 @@ "ErGw3AZ" ], "metadata": { - "description": "Required. The SKU of the Gateway." + "description": "Optional. The SKU of the Gateway." } }, "vpnType": { From ed8d4cdf1b9f53a345ba66fc531ced87f780ae65 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Sat, 2 Nov 2024 17:40:43 +0100 Subject: [PATCH 15/18] restored output ASN --- avm/res/network/virtual-network-gateway/main.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/avm/res/network/virtual-network-gateway/main.bicep b/avm/res/network/virtual-network-gateway/main.bicep index 30d8c66c07..46fdc6f6e2 100644 --- a/avm/res/network/virtual-network-gateway/main.bicep +++ b/avm/res/network/virtual-network-gateway/main.bicep @@ -495,7 +495,7 @@ output activeActive bool = virtualNetworkGateway.properties.activeActive output location string = virtualNetworkGateway.location @description('The ASN (Autonomous System Number) of the virtual network gateway.') -output asn int? = virtualNetworkGateway.properties.bgpSettings.asn +output asn int? = isBgp ? virtualNetworkGateway.properties.bgpSettings.asn : null @description('The IPconfigurations object of the Virtual Network Gateway.') output ipConfigurations array? = virtualNetworkGateway.properties.ipConfigurations From fe3544f57094e3a2b57ba42f3c7ba7c8c48f569a Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Sat, 2 Nov 2024 18:26:37 +0100 Subject: [PATCH 16/18] upd --- avm/res/network/virtual-network-gateway/main.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/avm/res/network/virtual-network-gateway/main.json b/avm/res/network/virtual-network-gateway/main.json index 72b493f9e4..c6ea06075a 100644 --- a/avm/res/network/virtual-network-gateway/main.json +++ b/avm/res/network/virtual-network-gateway/main.json @@ -6,7 +6,7 @@ "_generator": { "name": "bicep", "version": "0.30.23.60470", - "templateHash": "1342947748750879125" + "templateHash": "11389051901396545781" }, "name": "Virtual Network Gateways", "description": "This module deploys a Virtual Network Gateway.", @@ -1634,7 +1634,7 @@ "metadata": { "description": "The ASN (Autonomous System Number) of the virtual network gateway." }, - "value": "[reference('virtualNetworkGateway').bgpSettings.asn]" + "value": "[if(variables('isBgp'), reference('virtualNetworkGateway').bgpSettings.asn, null())]" }, "ipConfigurations": { "type": "array", From e2a3e00ba080ebbec160c1bbaec79c89ed9dfe21 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Fri, 15 Nov 2024 14:08:48 +0100 Subject: [PATCH 17/18] updated waf psrules --- avm/res/network/virtual-network-gateway/main.json | 8 ++++---- .../network/virtual-network-gateway/nat-rule/main.json | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/avm/res/network/virtual-network-gateway/main.json b/avm/res/network/virtual-network-gateway/main.json index c6ea06075a..9515271bc2 100644 --- a/avm/res/network/virtual-network-gateway/main.json +++ b/avm/res/network/virtual-network-gateway/main.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.30.23.60470", - "templateHash": "11389051901396545781" + "version": "0.31.34.60546", + "templateHash": "1933873793791064080" }, "name": "Virtual Network Gateways", "description": "This module deploys a Virtual Network Gateway.", @@ -1482,8 +1482,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.30.23.60470", - "templateHash": "15500017864202979057" + "version": "0.31.34.60546", + "templateHash": "15264069091631467685" }, "name": "VPN Gateway NAT Rules", "description": "This module deploys a Virtual Network Gateway NAT Rule.", diff --git a/avm/res/network/virtual-network-gateway/nat-rule/main.json b/avm/res/network/virtual-network-gateway/nat-rule/main.json index bbbe1187e9..9a7a067bb5 100644 --- a/avm/res/network/virtual-network-gateway/nat-rule/main.json +++ b/avm/res/network/virtual-network-gateway/nat-rule/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.30.23.60470", - "templateHash": "15500017864202979057" + "version": "0.31.34.60546", + "templateHash": "15264069091631467685" }, "name": "VPN Gateway NAT Rules", "description": "This module deploys a Virtual Network Gateway NAT Rule.", From 540a6ee5c2d16976142511ebb910b160a43b48ca Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Mon, 18 Nov 2024 08:13:10 +0100 Subject: [PATCH 18/18] updated with last bicep version --- avm/res/network/virtual-network-gateway/main.json | 8 ++++---- .../network/virtual-network-gateway/nat-rule/main.json | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/avm/res/network/virtual-network-gateway/main.json b/avm/res/network/virtual-network-gateway/main.json index 9515271bc2..5187bdf52a 100644 --- a/avm/res/network/virtual-network-gateway/main.json +++ b/avm/res/network/virtual-network-gateway/main.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.31.34.60546", - "templateHash": "1933873793791064080" + "version": "0.31.92.45157", + "templateHash": "8965259248587057357" }, "name": "Virtual Network Gateways", "description": "This module deploys a Virtual Network Gateway.", @@ -1482,8 +1482,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.31.34.60546", - "templateHash": "15264069091631467685" + "version": "0.31.92.45157", + "templateHash": "3043525653708370011" }, "name": "VPN Gateway NAT Rules", "description": "This module deploys a Virtual Network Gateway NAT Rule.", diff --git a/avm/res/network/virtual-network-gateway/nat-rule/main.json b/avm/res/network/virtual-network-gateway/nat-rule/main.json index 9a7a067bb5..a6b1b52244 100644 --- a/avm/res/network/virtual-network-gateway/nat-rule/main.json +++ b/avm/res/network/virtual-network-gateway/nat-rule/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.31.34.60546", - "templateHash": "15264069091631467685" + "version": "0.31.92.45157", + "templateHash": "3043525653708370011" }, "name": "VPN Gateway NAT Rules", "description": "This module deploys a Virtual Network Gateway NAT Rule.",