From 2a752398455930c936ab0f90c735eaebfa07ee33 Mon Sep 17 00:00:00 2001 From: Sacha Narinx Date: Wed, 20 Nov 2024 12:34:47 +0400 Subject: [PATCH] Fix NVA VPN Regional (#1830) --- docs/wiki/Whats-new.md | 2 ++ .../nvahubspoke-connectivity.json | 21 +++++++++++-------- 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/docs/wiki/Whats-new.md b/docs/wiki/Whats-new.md index d814b93c37..6344773e14 100644 --- a/docs/wiki/Whats-new.md +++ b/docs/wiki/Whats-new.md @@ -1,6 +1,7 @@ ## In this Section - [Updates](#updates) + - [🔃 Policy Refresh Q2 FY25](#-policy-refresh-q2-fy25) - [November 2024](#november-2024) - [🔃 Policy Refresh Q1 FY25](#-policy-refresh-q1-fy25) - [October 2024](#october-2024) @@ -61,6 +62,7 @@ Here's what's changed in Enterprise Scale/Azure Landing Zones: #### Tooling +- Fixed a bug in the Portal Accelerator that caused the deployment to fail when deploying a hub & spoke with NVA topology and regional VPN gateway (basic sku for Public IP not supported). - A bug was resolved in the Portal Accelerator that caused deployment validation to fail with the error message "The 'location' property must be specified for 'amba-id-amba-prod-001'". This event happened when a Log Analytics Workspace was not deployed, but Azure Monitor Baseline Alerts were enabled. This issue occurred because Azure Monitor Baseline Alerts depend on the management subscription, which is not provided if the Log Analytics Workspace is not deployed. To address this scenario, an additional section was implemented in the Baseline alerts and monitoring tab allowing the selection of a Management subscription when not deploying a Log Analytics Workspace. - Updated the ***Baseline alerts and monitoring*** integration section in the portal accelerator to deploy the latest release of AMBA (2024-11-01). To read more on the changes, see the [What's new](https://aka.ms/amba/alz/whatsnew) page in the AMBA documentation. diff --git a/eslzArm/subscriptionTemplates/nvahubspoke-connectivity.json b/eslzArm/subscriptionTemplates/nvahubspoke-connectivity.json index 631f20d388..33936e612b 100644 --- a/eslzArm/subscriptionTemplates/nvahubspoke-connectivity.json +++ b/eslzArm/subscriptionTemplates/nvahubspoke-connectivity.json @@ -132,6 +132,7 @@ "azErGwIpName": "[concat(variables('erGwName'), '-pip')]", "azVpnGwPipId": "[concat('/subscriptions/', parameters('connectivitySubscriptionId'), '/resourceGroups/', variables('rgName'), '/providers/Microsoft.Network/publicIPAddresses/', variables('azVpnGwIpName'))]", "azVpnGwAAPipId": "[concat('/subscriptions/', parameters('connectivitySubscriptionId'), '/resourceGroups/', variables('rgName'), '/providers/Microsoft.Network/publicIPAddresses/', variables('azVpnGwAAIpName'))]", + "azVpnPIPZones": "[split('1,2,3', ',')]", "azErGwSubnetId": "[concat('/subscriptions/', parameters('connectivitySubscriptionId'), '/resourceGroups/', variables('rgName'),'/providers/Microsoft.Network/virtualNetworks/', variables('hubname'), '/subnets/GatewaySubnet')]", "azErGwPipId": "[concat('/subscriptions/', parameters('connectivitySubscriptionId'), '/resourceGroups/', variables('rgName'), '/providers/Microsoft.Network/publicIPAddresses/', variables('azErGwIpName'))]", "resourceDeploymentName": "[take(concat(deployment().name, '-hubspoke', parameters('location')), 64)]", @@ -219,33 +220,35 @@ }, { "condition": "[and(equals(parameters('enableVpnGw'), 'Yes'), not(empty(parameters('subnetMaskForGw'))))]", - "apiVersion": "2020-05-01", + "apiVersion": "2023-11-01", "type": "Microsoft.Network/publicIpAddresses", "location": "[parameters('location')]", "name": "[variables('azVpnGwIpName')]", + "zones": "[if(equals(parameters('gwRegionalOrAz'), 'Zone'), variables('azVpnPIPZones'), json('null'))]", "sku": { - "name": "[if(equals(parameters('gwRegionalOrAz'), 'Zone'), 'Standard', 'Basic')]" + "name": "Standard" }, "properties": { - "publicIPAllocationMethod": "[if(equals(parameters('gwRegionalOrAz'), 'Zone'), 'Static', 'Dynamic')]" + "publicIPAllocationMethod": "Static" } }, { "condition": "[and(equals(parameters('enableVpnGw'), 'Yes'), equals(parameters('enableVpnActiveActive'),'Yes'), not(empty(parameters('subnetMaskForGw'))))]", - "apiVersion": "2020-05-01", + "apiVersion": "2023-11-01", "type": "Microsoft.Network/publicIpAddresses", "location": "[parameters('location')]", "name": "[variables('azVpnGwAAIpName')]", + "zones": "[if(equals(parameters('gwRegionalOrAz'), 'Zone'), variables('azVpnPIPZones'), json('null'))]", "sku": { - "name": "[if(equals(parameters('gwRegionalOrAz'), 'Zone'), 'Standard', 'Basic')]" + "name": "Standard" }, "properties": { - "publicIPAllocationMethod": "[if(equals(parameters('gwRegionalOrAz'), 'Zone'), 'Static', 'Dynamic')]" + "publicIPAllocationMethod": "Static" } }, { "condition": "[and(equals(parameters('enableVpnGw'), 'Yes'), equals(parameters('enableVpnActiveActive'),'No'), not(empty(parameters('subnetMaskForGw'))))]", - "apiVersion": "2020-05-01", + "apiVersion": "2023-11-01", "name": "[variables('vpngwname')]", "type": "Microsoft.Network/virtualNetworkGateways", "location": "[parameters('location')]", @@ -365,10 +368,10 @@ "location": "[parameters('location')]", "name": "[variables('azErGwIpName')]", "sku": { - "name": "[if(equals(parameters('erRegionalOrAz'), 'Zone'), 'Standard', 'Basic')]" + "name": "Standard" }, "properties": { - "publicIPAllocationMethod": "[if(equals(parameters('erRegionalOrAz'), 'Zone'), 'Static', 'Dynamic')]" + "publicIPAllocationMethod": "Static" } }, {