From f85ce0431211d00fd3292ed4dc84c2e1217eb1ac Mon Sep 17 00:00:00 2001 From: Marvin Buss Date: Tue, 11 Jul 2023 12:20:25 +0200 Subject: [PATCH 1/2] Sample for multi subscription prereqs --- docs/prerequisites/main.bicep | 44 ++++++++-------------- docs/prerequisites/modules/spokeRoot.bicep | 35 +++++++++++++++++ docs/prerequisites/params.json | 6 +++ 3 files changed, 57 insertions(+), 28 deletions(-) create mode 100644 docs/prerequisites/modules/spokeRoot.bicep diff --git a/docs/prerequisites/main.bicep b/docs/prerequisites/main.bicep index 4cb9135d..eeda44b6 100644 --- a/docs/prerequisites/main.bicep +++ b/docs/prerequisites/main.bicep @@ -23,6 +23,10 @@ param administratorUsername string = 'VmMainUser' @secure() @description('Specifies the administrator password of the virtual machine.') param administratorPassword string +@description('Specifies the subscription ID of the data management zone.') +param dataManagementZoneSubscription string +@description('Specifies the subscription ID of the data landing zone.') +param dataLandingZone01Subscription string // Variables var name = toLower('${prefix}-${environment}') @@ -30,8 +34,6 @@ var bastionResourceGroupName = '${name}-bastion-rg' var cicdResourceGroupName = '${name}-cicd-rg' var networkResourceGroupName = '${name}-network-rg' var globalDnsResourceGroupName = '${name}-global-dns-rg' -var dataManagementZoneNetworkResourceGroupName = '${name}-dmgmt-network-rg' -var dataLandingZone01NetworkResourceGroupName = '${name}-dlz01-network-rg' // CICD resources resource cicdResourceGroup 'Microsoft.Resources/resourceGroups@2021-01-01' = { @@ -108,8 +110,8 @@ module networkConfiguration 'modules/networkConfiguration.bicep' = { hubVirtualNetworkId: networkServices.outputs.vnetId virtualNetworkManagerId: networkServices.outputs.virtualNetworkManagerId spokeVirtualNetworkIds: [ - dataManagementZoneNetworkResources.outputs.vnetId - dataLandingZone01NetworkResources.outputs.vnetId + dataManagementZoneSpokeNetwork.outputs.vnetId + dataLandingZone01SpokeNetwork.outputs.vnetId ] } } @@ -131,37 +133,23 @@ module globalDnsZones 'modules/privatednszones.bicep' = { } } -// Data Management Zone Virtual Network -resource dataManagementZoneNetworkResourceGroup 'Microsoft.Resources/resourceGroups@2021-01-01' = { - name: dataManagementZoneNetworkResourceGroupName - location: location - tags: tags - properties: {} -} - -module dataManagementZoneNetworkResources 'modules/networkSpoke.bicep' = { - name: 'dataManagementZoneNetworkResources' - scope: dataManagementZoneNetworkResourceGroup +// Data Management Zone Spoke Network +module dataManagementZoneSpokeNetwork 'modules/spokeRoot.bicep' = { + name: 'dataManagementZoneSpokeNetwork' + scope: subscription(dataManagementZoneSubscription) params: { location: location - prefix: '${name}-dmgmt' + prefix: '${name}-dmz01' tags: tags firewallPrivateIp: networkServices.outputs.firewallPrivateIp - vnetAddressPrefix: '10.0.16.0/24' + vnetAddressPrefix: '10.0.32.0/20' } } -// Data Landing Zone Virtual Network -resource dataLandingZone01NetworkResourceGroup 'Microsoft.Resources/resourceGroups@2021-01-01' = { - name: dataLandingZone01NetworkResourceGroupName - location: location - tags: tags - properties: {} -} - -module dataLandingZone01NetworkResources 'modules/networkSpoke.bicep' = { - name: 'dataLandingZone01NetworkResources' - scope: dataLandingZone01NetworkResourceGroup +// Data Landing Zone 01 Spoke Network +module dataLandingZone01SpokeNetwork 'modules/spokeRoot.bicep' = { + name: 'dataLandingZone01SpokeNetwork' + scope: subscription(dataLandingZone01Subscription) params: { location: location prefix: '${name}-dlz01' diff --git a/docs/prerequisites/modules/spokeRoot.bicep b/docs/prerequisites/modules/spokeRoot.bicep new file mode 100644 index 00000000..e3da1a4b --- /dev/null +++ b/docs/prerequisites/modules/spokeRoot.bicep @@ -0,0 +1,35 @@ +targetScope = 'subscription' + +// Parameters +param location string +param prefix string +param tags object + +param firewallPrivateIp string +param vnetAddressPrefix string + +// Variables +var networkResourceGroupName = '${prefix}-network-rg' + +// Resources +resource networkResourceGroup 'Microsoft.Resources/resourceGroups@2021-01-01' = { + name: networkResourceGroupName + location: location + tags: tags + properties: {} +} + +module networkResources 'networkSpoke.bicep' = { + name: 'networkResources' + scope: networkResourceGroup + params: { + location: location + prefix: prefix + tags: tags + firewallPrivateIp: firewallPrivateIp + vnetAddressPrefix: vnetAddressPrefix + } +} + +// Outputs +output vnetId string = networkResources.outputs.vnetId diff --git a/docs/prerequisites/params.json b/docs/prerequisites/params.json index 7eb0039c..3e2103a5 100644 --- a/docs/prerequisites/params.json +++ b/docs/prerequisites/params.json @@ -19,6 +19,12 @@ }, "administratorPassword": { "value": "" + }, + "dataManagementZoneSubscription": { + "value": "" + }, + "dataLandingZone01Subscription": { + "value": "" } } } From 4f15d3f6ed9bfb5ac6f6dc84a83279af7f23c13d Mon Sep 17 00:00:00 2001 From: Marvin Buss Date: Tue, 11 Jul 2023 12:28:22 +0200 Subject: [PATCH 2/2] Update cidr and prefix for dmz spoke --- docs/prerequisites/main.bicep | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/prerequisites/main.bicep b/docs/prerequisites/main.bicep index eeda44b6..b2a4e850 100644 --- a/docs/prerequisites/main.bicep +++ b/docs/prerequisites/main.bicep @@ -139,10 +139,10 @@ module dataManagementZoneSpokeNetwork 'modules/spokeRoot.bicep' = { scope: subscription(dataManagementZoneSubscription) params: { location: location - prefix: '${name}-dmz01' + prefix: '${name}-dmgmt' tags: tags firewallPrivateIp: networkServices.outputs.firewallPrivateIp - vnetAddressPrefix: '10.0.32.0/20' + vnetAddressPrefix: '10.0.16.0/24' } }