From 2bd9fbd04086345959caa959e7a7713f3f6a0f55 Mon Sep 17 00:00:00 2001 From: Jan-Hendrik Boll Date: Tue, 5 Nov 2024 10:28:29 +0100 Subject: [PATCH] Refactor private endpoint module, add static endpointconfig, to reduce need for copy and paste of DNS Zone names --- .../modules/private-endpoint.bicep | 32 ++++++++++++++----- .../templates/mgmt-cluster.bicep | 5 ++- .../templates/svc-cluster.bicep | 5 ++- 3 files changed, 28 insertions(+), 14 deletions(-) diff --git a/dev-infrastructure/modules/private-endpoint.bicep b/dev-infrastructure/modules/private-endpoint.bicep index c64a6f0d70..84acff45e1 100644 --- a/dev-infrastructure/modules/private-endpoint.bicep +++ b/dev-infrastructure/modules/private-endpoint.bicep @@ -1,23 +1,39 @@ param location string +@description('The service type the private endpoint is created for') +@allowed([ + 'eventgrid' +]) param serviceType string -param subnetIds array -param privateLinkServiceId string +@description('The group id of the private endpoint service') +@allowed([ + 'topicspace' +]) +param groupId string -param groupIds array +@description('The private link service id') +param privateLinkServiceId string -param privateEndpointDnsZoneName string +@description('The subnet ids to create the private endpoint in') +param subnetIds array +@description('The vnet id to link the private endpoint to') param vnetId string +var endpointConfig = { + eventgrid: { + topicspace: 'privatelink.ts.eventgrid.azure.net' + } +} + resource eventGridPrivateEndpointDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = { - name: privateEndpointDnsZoneName + name: endpointConfig[serviceType][groupId] location: 'global' properties: {} } -resource eventGridPrivatEndpoint 'Microsoft.Network/privateEndpoints@2023-09-01' = [ +resource privatEndpoint 'Microsoft.Network/privateEndpoints@2023-09-01' = [ for aksNodeSubnetId in subnetIds: { name: '${serviceType}-${uniqueString(aksNodeSubnetId)}' location: location @@ -27,7 +43,7 @@ resource eventGridPrivatEndpoint 'Microsoft.Network/privateEndpoints@2023-09-01' name: '${serviceType}-private-endpoint' properties: { privateLinkServiceId: privateLinkServiceId - groupIds: groupIds + groupIds: [groupId] } } ] @@ -41,7 +57,7 @@ resource eventGridPrivatEndpoint 'Microsoft.Network/privateEndpoints@2023-09-01' resource privateEndpointDnsGroup 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2023-09-01' = [ for index in range(0, length(subnetIds)): { name: '${serviceType}-${uniqueString(subnetIds[index])}' - parent: eventGridPrivatEndpoint[index] + parent: privatEndpoint[index] properties: { privateDnsZoneConfigs: [ { diff --git a/dev-infrastructure/templates/mgmt-cluster.bicep b/dev-infrastructure/templates/mgmt-cluster.bicep index 5a44e69b63..b25b936af0 100644 --- a/dev-infrastructure/templates/mgmt-cluster.bicep +++ b/dev-infrastructure/templates/mgmt-cluster.bicep @@ -186,11 +186,10 @@ module eventGrindPrivateEndpoint '../modules/private-endpoint.bicep' = { name: 'eventGridPrivateEndpoint' params: { location: location - serviceType: 'eventgrid' subnetIds: [mgmtCluster.outputs.aksNodeSubnetId] privateLinkServiceId: eventGridNamespace.id - groupIds: ['topicspace'] - privateEndpointDnsZoneName: 'privatelink.ts.eventgrid.azure.net' vnetId: mgmtCluster.outputs.aksVnetId + serviceType: 'eventgrid' + groupId: 'topicspace' } } diff --git a/dev-infrastructure/templates/svc-cluster.bicep b/dev-infrastructure/templates/svc-cluster.bicep index d73fa4f192..7f34a0f51b 100644 --- a/dev-infrastructure/templates/svc-cluster.bicep +++ b/dev-infrastructure/templates/svc-cluster.bicep @@ -408,11 +408,10 @@ module eventGrindPrivateEndpoint '../modules/private-endpoint.bicep' = { name: 'eventGridPrivateEndpoint' params: { location: location - serviceType: 'eventgrid' subnetIds: [svcCluster.outputs.aksNodeSubnetId] privateLinkServiceId: eventGridNamespace.id - groupIds: ['topicspace'] - privateEndpointDnsZoneName: 'privatelink.ts.eventgrid.azure.net' + serviceType: 'eventgrid' + groupId: 'topicspace' vnetId: svcCluster.outputs.aksVnetId } }