From 44337ff3a2e65095f0ab5c2071b5ecaad6c582b8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micka=C3=ABl=20Mottet?= Date: Mon, 11 Jan 2021 11:53:00 +0100 Subject: [PATCH] Add private-endpoint-webapp example --- .../101/private-endpoint-webapp/main.bicep | 128 +++++++++++ .../101/private-endpoint-webapp/main.json | 213 ++++++++++++++++++ docs/examples/index.json | 4 + 3 files changed, 345 insertions(+) create mode 100644 docs/examples/101/private-endpoint-webapp/main.bicep create mode 100644 docs/examples/101/private-endpoint-webapp/main.json diff --git a/docs/examples/101/private-endpoint-webapp/main.bicep b/docs/examples/101/private-endpoint-webapp/main.bicep new file mode 100644 index 00000000000..a9561950f53 --- /dev/null +++ b/docs/examples/101/private-endpoint-webapp/main.bicep @@ -0,0 +1,128 @@ +param location string = resourceGroup().location +param virtualNetworkName string = 'vnet-01' +param virtualNetworkCIDR string = '10.200.0.0/16' +param subnetName string = 'subnet-01' +param subnetCIDR string = '10.200.1.0/24' +param serverFarmName string = 'ServerFarm1' +param websiteName string = 'website${uniqueString(resourceGroup().name)}' +param skuName string = 'P1v2' +param skuTier string = 'PremiumV2' +param skuSize string = 'P1v2' +param skuFamily string = 'P1v2' +param privateEndpointName string = 'privateEndpoint${uniqueString(resourceGroup().name)}' +param privateLinkConnectionName string = 'privateLink${uniqueString(resourceGroup().name)}' +param privateDNSZoneName string = 'privatelink.azurewebsites.net' +param websiteDNSName string = '.azurewebsites.net' + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2020-06-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + virtualNetworkCIDR + ] + } + } +} +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2020-06-01' = { + name: '${virtualNetwork.name}/${subnetName}' + properties: { + addressPrefix: subnetCIDR + privateEndpointNetworkPolicies: 'Disabled' + } +} + +resource serverFarm 'Microsoft.Web/serverfarms@2020-06-01' = { + name: serverFarmName + location: location + sku: { + name: skuName + tier: skuTier + size: skuSize + family: skuFamily + capacity: 1 + } + kind: 'app' +} + +resource website 'Microsoft.Web/sites@2020-06-01' = { + name: websiteName + location: location + kind: 'app' + properties: { + enabled: true + hostNameSslStates: [ + { + name: '${websiteName}${websiteDNSName}' + sslState: 'Disabled' + hostType: 'Standard' + } + { + name: '${websiteName}.scm${websiteDNSName}' + sslState: 'Disabled' + hostType: 'Repository' + } + ] + serverFarmId: serverFarm.id + } +} + +resource hostnameBinding 'Microsoft.Web/sites/hostNameBindings@2020-06-01' = { + name: '${website.name}/${website.name}${websiteDNSName}' + properties: { + siteName: website.name + hostNameType: 'Verified' + } +} + +resource privateEndpoint 'Microsoft.Network/privateEndpoints@2020-06-01' = { + name: privateEndpointName + location: location + properties: { + subnet: { + id: subnet.id + } + privateLinkServiceConnections: [ + { + name: privateLinkConnectionName + properties: { + privateLinkServiceId: website.id + groupIds: [ + 'sites' + ] + } + } + ] + } +} + +resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = { + name: privateDNSZoneName + location: 'global' +} + +resource virtualNetworkLink 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2020-06-01' = { + name: '${privateDNSZone.name}/${privateDNSZone.name}-link' + location: 'global' + properties: { + registrationEnabled: false + virtualNetwork: { + id: virtualNetwork.id + } + } +} + +resource privateDNSZoneGroup 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2020-06-01' = { + name: '${privateEndpoint.name}/dnsgroupname' + properties: { + privateDnsZoneConfigs: [ + { + name: 'config1' + properties: { + privateDnsZoneId: privateDNSZone.id + } + } + ] + } +} diff --git a/docs/examples/101/private-endpoint-webapp/main.json b/docs/examples/101/private-endpoint-webapp/main.json new file mode 100644 index 00000000000..c008b49f64e --- /dev/null +++ b/docs/examples/101/private-endpoint-webapp/main.json @@ -0,0 +1,213 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]" + }, + "virtualNetworkName": { + "type": "string", + "defaultValue": "vnet-01" + }, + "virtualNetworkCIDR": { + "type": "string", + "defaultValue": "10.200.0.0/16" + }, + "subnetName": { + "type": "string", + "defaultValue": "subnet-01" + }, + "subnetCIDR": { + "type": "string", + "defaultValue": "10.200.1.0/24" + }, + "serverFarmName": { + "type": "string", + "defaultValue": "ServerFarm1" + }, + "websiteName": { + "type": "string", + "defaultValue": "[format('website{0}', uniqueString(resourceGroup().name))]" + }, + "skuName": { + "type": "string", + "defaultValue": "P1v2" + }, + "skuTier": { + "type": "string", + "defaultValue": "PremiumV2" + }, + "skuSize": { + "type": "string", + "defaultValue": "P1v2" + }, + "skuFamily": { + "type": "string", + "defaultValue": "P1v2" + }, + "privateEndpointName": { + "type": "string", + "defaultValue": "[format('privateEndpoint{0}', uniqueString(resourceGroup().name))]" + }, + "privateLinkConnectionName": { + "type": "string", + "defaultValue": "[format('privateLink{0}', uniqueString(resourceGroup().name))]" + }, + "privateDNSZoneName": { + "type": "string", + "defaultValue": "privatelink.azurewebsites.net" + }, + "websiteDNSName": { + "type": "string", + "defaultValue": ".azurewebsites.net" + } + }, + "functions": [], + "resources": [ + { + "type": "Microsoft.Network/virtualNetworks", + "apiVersion": "2020-06-01", + "name": "[parameters('virtualNetworkName')]", + "location": "[parameters('location')]", + "properties": { + "addressSpace": { + "addressPrefixes": [ + "[parameters('virtualNetworkCIDR')]" + ] + } + } + }, + { + "type": "Microsoft.Network/virtualNetworks/subnets", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', parameters('virtualNetworkName'), parameters('subnetName'))]", + "properties": { + "addressPrefix": "[parameters('subnetCIDR')]", + "privateEndpointNetworkPolicies": "Disabled" + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworkName'))]" + ] + }, + { + "type": "Microsoft.Web/serverfarms", + "apiVersion": "2020-06-01", + "name": "[parameters('serverFarmName')]", + "location": "[parameters('location')]", + "sku": { + "name": "[parameters('skuName')]", + "tier": "[parameters('skuTier')]", + "size": "[parameters('skuSize')]", + "family": "[parameters('skuFamily')]", + "capacity": 1 + }, + "kind": "app" + }, + { + "type": "Microsoft.Web/sites", + "apiVersion": "2020-06-01", + "name": "[parameters('websiteName')]", + "location": "[parameters('location')]", + "kind": "app", + "properties": { + "enabled": true, + "hostNameSslStates": [ + { + "name": "[format('{0}{1}', parameters('websiteName'), parameters('websiteDNSName'))]", + "sslState": "Disabled", + "hostType": "Standard" + }, + { + "name": "[format('{0}.scm{1}', parameters('websiteName'), parameters('websiteDNSName'))]", + "sslState": "Disabled", + "hostType": "Repository" + } + ], + "serverFarmId": "[resourceId('Microsoft.Web/serverfarms', parameters('serverFarmName'))]" + }, + "dependsOn": [ + "[resourceId('Microsoft.Web/serverfarms', parameters('serverFarmName'))]" + ] + }, + { + "type": "Microsoft.Web/sites/hostNameBindings", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}{2}', parameters('websiteName'), parameters('websiteName'), parameters('websiteDNSName'))]", + "properties": { + "siteName": "[parameters('websiteName')]", + "hostNameType": "Verified" + }, + "dependsOn": [ + "[resourceId('Microsoft.Web/sites', parameters('websiteName'))]" + ] + }, + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2020-06-01", + "name": "[parameters('privateEndpointName')]", + "location": "[parameters('location')]", + "properties": { + "subnet": { + "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', split(format('{0}/{1}', parameters('virtualNetworkName'), parameters('subnetName')), '/')[0], split(format('{0}/{1}', parameters('virtualNetworkName'), parameters('subnetName')), '/')[1])]" + }, + "privateLinkServiceConnections": [ + { + "name": "[parameters('privateLinkConnectionName')]", + "properties": { + "privateLinkServiceId": "[resourceId('Microsoft.Web/sites', parameters('websiteName'))]", + "groupIds": [ + "sites" + ] + } + } + ] + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/virtualNetworks/subnets', split(format('{0}/{1}', parameters('virtualNetworkName'), parameters('subnetName')), '/')[0], split(format('{0}/{1}', parameters('virtualNetworkName'), parameters('subnetName')), '/')[1])]", + "[resourceId('Microsoft.Web/sites', parameters('websiteName'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[parameters('privateDNSZoneName')]", + "location": "global" + }, + { + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}-link', parameters('privateDNSZoneName'), parameters('privateDNSZoneName'))]", + "location": "global", + "properties": { + "registrationEnabled": false, + "virtualNetwork": { + "id": "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworkName'))]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDNSZoneName'))]", + "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworkName'))]" + ] + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2020-06-01", + "name": "[format('{0}/dnsgroupname', parameters('privateEndpointName'))]", + "properties": { + "privateDnsZoneConfigs": [ + { + "name": "config1", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDNSZoneName'))]" + } + } + ] + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDNSZoneName'))]", + "[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpointName'))]" + ] + } + ] +} \ No newline at end of file diff --git a/docs/examples/index.json b/docs/examples/index.json index 245f53983a3..9cdd6b223de 100644 --- a/docs/examples/index.json +++ b/docs/examples/index.json @@ -191,6 +191,10 @@ "filePath": "101/private-dns-zone/main.bicep", "description": "101/private-dns-zone" }, + { + "filePath": "101/private-endpoint-webapp/main.bicep", + "description": "101/private-endpoint-webapp" + }, { "filePath": "101/redis-cache/main.bicep", "description": "101/redis-cache"