Skip to content

Commit

Permalink
Network security group support for private endpoints subnet (Azure#333)
Browse files Browse the repository at this point in the history
  • Loading branch information
SenthuranSivananthan authored Aug 17, 2022
1 parent e069a4b commit 2a6042d
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 2 deletions.
13 changes: 12 additions & 1 deletion landingzones/lz-healthcare/networking.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -209,6 +209,14 @@ resource nsg 'Microsoft.Network/networkSecurityGroups@2021-02-01' = [for subnet
}
}]

module nsgPrivateEndpoints '../../azresources/network/nsg/nsg-empty.bicep' = {
name: 'deploy-nsg-private-endpoints'
params: {
name: '${network.subnets.privateEndpoints.name}Nsg'
location: location
}
}

module nsgDatabricks '../../azresources/network/nsg/nsg-databricks.bicep' = {
name: 'deploy-nsg-databricks'
params: {
Expand Down Expand Up @@ -273,7 +281,10 @@ var requiredSubnets = [
name: network.subnets.privateEndpoints.name
properties: {
addressPrefix: network.subnets.privateEndpoints.addressPrefix
privateEndpointNetworkPolicies: 'Disabled'
privateEndpointNetworkPolicies: 'Enabled'
networkSecurityGroup: {
id: nsgPrivateEndpoints.outputs.nsgId
}
serviceEndpoints: [
{
service: 'Microsoft.Storage'
Expand Down
13 changes: 12 additions & 1 deletion landingzones/lz-machinelearning/networking.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -230,6 +230,14 @@ resource nsg 'Microsoft.Network/networkSecurityGroups@2021-02-01' = [for subnet
}
}]

module nsgPrivateEndpoints '../../azresources/network/nsg/nsg-empty.bicep' = {
name: 'deploy-nsg-private-endpoints'
params: {
name: '${network.subnets.privateEndpoints.name}Nsg'
location: location
}
}

module nsgDatabricks '../../azresources/network/nsg/nsg-databricks.bicep' = {
name: 'deploy-nsg-databricks'
params: {
Expand Down Expand Up @@ -310,7 +318,10 @@ var requiredSubnets = [
name: network.subnets.privateEndpoints.name
properties: {
addressPrefix: network.subnets.privateEndpoints.addressPrefix
privateEndpointNetworkPolicies: 'Disabled'
privateEndpointNetworkPolicies: 'Enabled'
networkSecurityGroup: {
id: nsgPrivateEndpoints.outputs.nsgId
}
}
}
{
Expand Down

0 comments on commit 2a6042d

Please sign in to comment.