@@ -371,7 +371,7 @@ module userAssignedIdentity 'br/public:avm/res/managed-identity/user-assigned-id
371371// ========== Virtual Network and Networking Components ========== //
372372
373373// Virtual Network with NSGs and Subnets
374- module virtualNetwork 'modules/network/ virtualNetwork.bicep' = if (enablePrivateNetworking ) {
374+ module virtualNetwork 'modules/virtualNetwork.bicep' = if (enablePrivateNetworking ) {
375375 name : take ('module.virtualNetwork.${solutionSuffix }' , 64 )
376376 params : {
377377 name : 'vnet-${solutionSuffix }'
@@ -386,32 +386,90 @@ module virtualNetwork 'modules/network/virtualNetwork.bicep' = if (enablePrivate
386386
387387// Azure Bastion Host
388388var bastionHostName = 'bas-${solutionSuffix }'
389- module bastionHost 'modules/ network/bastionHost.bicep ' = if (enablePrivateNetworking ) {
390- name : take ('module.bastionHost .${bastionHostName }' , 64 )
389+ module bastionHost 'br/public:avm/res/ network/bastion-host:0.6.1 ' = if (enablePrivateNetworking ) {
390+ name : take ('avm.res.network.bastion-host .${bastionHostName }' , 64 )
391391 params : {
392392 name : bastionHostName
393- vnetId : virtualNetwork !. outputs . resourceId
393+ skuName : 'Standard'
394394 location : solutionLocation
395- logAnalyticsWorkspaceId : logAnalyticsWorkspaceResourceId
395+ virtualNetworkResourceId : virtualNetwork !.outputs .resourceId
396+ diagnosticSettings : [
397+ {
398+ name : 'bastionDiagnostics'
399+ workspaceResourceId : logAnalyticsWorkspaceResourceId
400+ logCategoriesAndGroups : [
401+ {
402+ categoryGroup : 'allLogs'
403+ enabled : true
404+ }
405+ ]
406+ }
407+ ]
396408 tags : tags
397409 enableTelemetry : enableTelemetry
410+ publicIPAddressObject : {
411+ name : 'pip-${bastionHostName }'
412+ zones : []
413+ }
398414 }
399415}
400416
401417// Jumpbox Virtual Machine
402- var jumpboxVMName = 'vm-jumpbox-${solutionSuffix }'
403- module jumpbox 'modules/network/jumpbox.bicep 'if (enablePrivateNetworking ) {
404- name : take ('module.jumpbox.${ jumpboxVMName }' , 64 )
418+ var jumpboxVmName = take ( 'vm-jumpbox-${solutionSuffix }' , 15 )
419+ module jumpboxVM 'br/public:avm/res/compute/virtual-machine:0.15.0 'if (enablePrivateNetworking ) {
420+ name : take ('avm.res.compute.virtual-machine.${ jumpboxVmName }' , 64 )
405421 params : {
406- name : jumpboxVMName
407- size : vmSize ?? 'Standard_DS2_v2'
408- subnetResourceId : virtualNetwork !.outputs .jumpboxSubnetResourceId
422+ name : take (jumpboxVmName , 15 ) // Shorten VM name to 15 characters to avoid Azure limits
423+ vmSize : vmSize ?? 'Standard_DS2_v2'
409424 location : solutionLocation
410- username : vmAdminUsername ?? 'JumpboxAdminUser'
411- password : vmAdminPassword ?? 'JumpboxAdminP@ssw0rd1234!'
412- logAnalyticsWorkspaceId : logAnalyticsWorkspaceResourceId
413- enableTelemetry : enableTelemetry
425+ adminUsername : vmAdminUsername ?? 'JumpboxAdminUser'
426+ adminPassword : vmAdminPassword ?? 'JumpboxAdminP@ssw0rd1234!'
414427 tags : tags
428+ zone : 0
429+ imageReference : {
430+ offer : 'WindowsServer'
431+ publisher : 'MicrosoftWindowsServer'
432+ sku : '2019-datacenter'
433+ version : 'latest'
434+ }
435+ osType : 'Windows'
436+ osDisk : {
437+ name : 'osdisk-${jumpboxVmName }'
438+ managedDisk : {
439+ storageAccountType : 'Standard_LRS'
440+ }
441+ }
442+ encryptionAtHost : false // Some Azure subscriptions do not support encryption at host
443+ nicConfigurations : [
444+ {
445+ name : 'nic-${jumpboxVmName }'
446+ ipConfigurations : [
447+ {
448+ name : 'ipconfig1'
449+ subnetResourceId : virtualNetwork !.outputs .jumpboxSubnetResourceId
450+ }
451+ ]
452+ diagnosticSettings : [
453+ {
454+ name : 'jumpboxDiagnostics'
455+ workspaceResourceId : logAnalyticsWorkspaceResourceId
456+ logCategoriesAndGroups : [
457+ {
458+ categoryGroup : 'allLogs'
459+ enabled : true
460+ }
461+ ]
462+ metricCategories : [
463+ {
464+ category : 'AllMetrics'
465+ enabled : true
466+ }
467+ ]
468+ }
469+ ]
470+ }
471+ ]
472+ enableTelemetry : enableTelemetry
415473 }
416474}
417475
0 commit comments