From e90cae11b7e84ec9364b3fcd951c514915673d75 Mon Sep 17 00:00:00 2001 From: Matthew Alan Gray Date: Wed, 31 Jul 2024 08:54:21 -0500 Subject: [PATCH 1/3] Updating Standard Hub deployment to add regional private DNS zones for AKS and ACR --- deploy/standard-hub/config/vpn/.gitkeep | 0 .../config/vpn/AzureVPN/azurevpnconfig.xml | 41 ++++++++++++++++++ .../config/vpn/Generic/VpnServerRoot.cer_0 | Bin 0 -> 914 bytes .../config/vpn/Generic/VpnSettings.xml | 23 ++++++++++ .../config/vpn/VpnClientConfiguration.zip | Bin 0 -> 3594 bytes deploy/standard-hub/infra/main.bicep | 38 ++++++++++++++-- 6 files changed, 98 insertions(+), 4 deletions(-) create mode 100644 deploy/standard-hub/config/vpn/.gitkeep create mode 100644 deploy/standard-hub/config/vpn/AzureVPN/azurevpnconfig.xml create mode 100644 deploy/standard-hub/config/vpn/Generic/VpnServerRoot.cer_0 create mode 100644 deploy/standard-hub/config/vpn/Generic/VpnSettings.xml create mode 100644 deploy/standard-hub/config/vpn/VpnClientConfiguration.zip diff --git a/deploy/standard-hub/config/vpn/.gitkeep b/deploy/standard-hub/config/vpn/.gitkeep new file mode 100644 index 0000000000..e69de29bb2 diff --git a/deploy/standard-hub/config/vpn/AzureVPN/azurevpnconfig.xml b/deploy/standard-hub/config/vpn/AzureVPN/azurevpnconfig.xml new file mode 100644 index 0000000000..2a13c76c20 --- /dev/null +++ b/deploy/standard-hub/config/vpn/AzureVPN/azurevpnconfig.xml @@ -0,0 +1,41 @@ + + + + + 41b23e61-6c1e-4545-b367-cd054e0ed4b4 + true + false + https://sts.windows.net/d280491c-b27a-41bf-9623-21b60cf430b3/ + https://login.microsoftonline.com/d280491c-b27a-41bf-9623-21b60cf430b3 + + + aad + + + vnet-fllmhub-eastus2-net-080 + + + tcp + + + + + + azuregateway-32ae0078-8c73-46db-8927-5daf043740dc-25e6ab397e9d.vpn.azure.com + + + + + DF3C24F9BFD666761B268073FE06D1CC8D4F82A4 + + + cc587c35ab3569aba499684d29f24acce3f82c23a1c7d8e4a2cbf7b6e216f7fee48a53ad1c110d348a5102943c1a5496ad79604244573931bf8fcd8e5dda3938738025e275e44514eb8902de6d5d01967e595d3d6ebd77b06ddb0db2c22f23a2beb8f9594e9a188c0dcd7e5d60d82888c8086c85d2bf9a6a552dc83ce788987bc8105d8b88c097db4b3a71e932efa61198d132f7c0bf0f5f8f7c374b3790ae746e8ce2807ba9f9ff22f1a8773e8914b87d3a0dc4df99681926c9dace5a93bb25e12ff9a734899f5e73cdeaada2ac0725221f255328fea1a50910e9a266b345ab5811c494f28541a6d492d79c8409128dab4993b8f741f451f335156e724af455 + cert + + 1 + + + 192.168.100.36 + + + \ No newline at end of file diff --git a/deploy/standard-hub/config/vpn/Generic/VpnServerRoot.cer_0 b/deploy/standard-hub/config/vpn/Generic/VpnServerRoot.cer_0 new file mode 100644 index 0000000000000000000000000000000000000000..1e927a7afe06c270670d6bc25c4d465db2e0a7e8 GIT binary patch literal 914 zcmXqLV(v3&Vk%p}%*4pVB*1L-@!4|0l?!%jq->Ps{Pom;myJ`a&7m8Ce;an;7{S44N3Zn3@aHzbQTHIERDpF(!1g)GQaJ{9Zplk- zye@a|@AU_#r!O{6V{hxNd-12ggQTEo);V)vP&-Tc!p2{-S^Rub$w8x&gcgr9D_VnJeCX{_;|J2P} zlz02&x_&wBDQX2hucLu6-|8C^Skma^IW)V_ne~}jhi)FnV1keK@Hao#ijU%z$=y=4>cw?qzQ zVDbWnG9yDmy2g}zK9A(rhIe13OI+=&wK>}DRsV9|ZEf-U8{&)0wTy%<8`GUyls~zq zo4)DT|D%6HB9Fdi`2qHg8zibR_3{p5LfoBYYm zyzW}IGxc}J?B04s;o;2qU^mg*8M8lpHn?hM_^7vK-s7%Yx2D;d3NMZS@UtMGz}-N8^%tYFG2u-sL@JUi+4LlJwK^__B94 Uy+>lhq8Hsv%iC;f{?uq20B`eLrT_o{ literal 0 HcmV?d00001 diff --git a/deploy/standard-hub/config/vpn/Generic/VpnSettings.xml b/deploy/standard-hub/config/vpn/Generic/VpnSettings.xml new file mode 100644 index 0000000000..1b07ff1b4f --- /dev/null +++ b/deploy/standard-hub/config/vpn/Generic/VpnSettings.xml @@ -0,0 +1,23 @@ + + + azuregateway-32ae0078-8c73-46db-8927-5daf043740dc-25e6ab397e9d.vpn.azure.com + OpenVPN + + MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQq2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5WztCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQvIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NGFdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ918rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTepLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTflMrY= + + 192.168.100.0/24,10.220.128.0/21 + EAPTLS + vnet-fllmhub-eastus2-net-080 + 32ae0078-8c73-46db-8927-5daf043740dc + + DigiCert Global Root G2 + + + DigiCert Global Root G2 + + 192.168.101.0/28 + https://sts.windows.net/d280491c-b27a-41bf-9623-21b60cf430b3/ + https://login.microsoftonline.com/d280491c-b27a-41bf-9623-21b60cf430b3 + 41b23e61-6c1e-4545-b367-cd054e0ed4b4 + + \ No newline at end of file diff --git a/deploy/standard-hub/config/vpn/VpnClientConfiguration.zip b/deploy/standard-hub/config/vpn/VpnClientConfiguration.zip new file mode 100644 index 0000000000000000000000000000000000000000..00196b0c3701b6a50748f6d13e0543198972a66a GIT binary patch literal 3594 zcmaJ^c{CJk`<}AzQB1P)S|SvR@lgqd$-XlPS;jIZCQA&35!teDV~Ch6*@iH(Z&@Qd z8OGSN#n@whz32DG_r0C-eb0UF^W4vKo^$0UBdN71IC! zv-AJ}@b~Q_Czz8r)DdC^hZ#E|5Kx$lkBq;kM}b*SV!jqfWBk-Fbt_w+zsxGDors#-fHV%kt~^T>mNVx$5)XfKE*kdM=5XL5`oJ;FwD%jbwRgZOOouu96f^5T+KF2 z%+*$4c0Ll$Q^|R<7Rj=5=nl$}SXMI)5)Rot*K)j9HtZc3tK)~&KZiQ*?(z$av7lpy z!*#P$e;OHI5$f~jPqt-NMp0EdynMF>tZn%mpwgK7G1w`2w2f97Xb0;NO_^d{dU-)q z5FX{+5~mm!>VCCqvZzcxvaAa#*TS2iuP~6j_sxf_A`v?|Eh{(h8DXSIRCM^tF2r7q z6?eX8KP@tNCzA$ms$x%F$)@QgV9W9y8Lm>h>vTtTt6}o`7;PWr+4EH-T?A|4{@TSpD{ZSB|Z}qcJ)<~+rl1tiL~KL7hg$0C!Se>4KF_F zqYAsAe@~#iyM}(6So-6Ie&FMuJ0?w)y;Kh4rfuCtgPHYvO0|q}9@b(FMZg9um!d>p zC(?XR<9Vbk(8otNI+0**va6;eR`^mCamNt8QEo6o=QRdY9Uo!mz>vDzI1q0lq)g^G z=;(*9d6si|*B?W1o~0wtefo=xjj1wfSRTryJQ_q5I()ei6{+r#fA z8aTr}muh6Ncu9FBUBY^?fCF`uLb0ax(Cs|;Pm^pc%>|y^N$J^sD08g4Z~8KS!?#|l zmD197Vnxl+dG+$b>*dv57$;DGqee10*O|oDT_-hze(hXO$fk{wx4@B6?`usu@9g6p zMeUJBQj~{j(@hgvo0(S~YnfY2KYZi9IH`L2N$xf)nmYm4x@s+SO)!VzC4mrrjc^p{ z3QTw^h_0Z$u2V^zELxX}GKR2*qi# zeu31R4K%>D<=iY#ChWYGj)Pm(XI+vBKN?@vbOa;l9*B=;IC#YyK}{ZZLB1Qs^Y`*; z`x$WEMtat~Il6SZthb&JP9i?CA3aQAFgjL28<-ZW3giwF2)OX(^WQh5Y?OVq#4r^J+x3q6A>YuW=C#lwh#M2CY?X%GxYq>mWU#)c9yatE z;uP(^|8qus*QQ@ATRoTyua9%fqL=Aj1wFjw!>qX?5t>A49RkJW`!Ks;?i@q~(dnt> zdL|ao`yONtCNLve4&`o)7%WqI8X&F!|TJ8eMHF36Lp1hc1Fv9XFUrCV{#etXHqAh9zv zBYuPs)A4IBrU32`;dmEC>ymgMd6E0{P?H=s5vNn`(d54;sn-{fK>M7g#K$-#z)Fwm zK)@-TBgo}f0-&0Bq^nlVs}2{=tKjB*G8_YW8=awVK)yjgOvC-oQ0rt-V~6wSwJ~X4 zuL6TM^8g~xZcv?INE0MA1YqzFdAHUE8gNnp0Exew=TCX}_I2_$^72B+I68UT-IRBA z*!ta))-C-VUpoG3@!0=4<=vXX+4BYEl9{^-lJSmTm`{LO#Kiijvmg{kEU)m{+i z@sVK4x@qiM@$SQ`o009J{iMVU%o^ItByT<=%|ikz$jY(I#U&vtI|06+BT7|3PTcch z;bdOCZ`9wm0O#8R9cxE{7}buC?|({og;pwmSNRI{>fO793zsya_O68~6&lE>qK7&@ zgl{~1Xhyp%_Ar<>R|#l*Swy5Awuck*E5_-=debY$OUTVLGMX}Rgz`io@esf7=byKd zOjk6rid{;k-dBAsA4alw7cEptLCt1sI;Gb6!;>W|$`~f^id#x{&ksrm^u$gqZJjlq z&y$m#_nvz#W}j`D{eVoD)S6IwdimTxmi0rbboZAwJR-ui87OC*s-jI;eT(cbcd(R^ zvNUU3J-J@O3Fwz*DS3*2YRuTO@I~;QvFw9M`9s(-X%0iM9uKc7-^jrSMDN0KAQNnJ zX0S}RiluUW*Lb{notEy%cU)(ZOmslyPck)RBaQT3ylE$6p{RL4pXNY8c1bz0?B_=d zjgIk;8}J4#Y+ls%i(qq%6Nbre6XS!(e};3Gx-2h3MRE|QqN56aqSebNFL&-@fBOlo z5p9s*h2XaUrkk2I++RYEf^In65DwN6V&pK+Q5_8IqWqZ9dspkRaF*)Y6U}|4j$!SZ z@$Ruoq8$$bnIiM71~2-%dG4CM12mv-Jh$xFU!zKsEuY3-(_KCVZXAGJwkWWIY=R=l zChfa*m7`gQ&DwPCF*0G0FBZI9WHVqFn0A;RuxY)l{Y}4*)JK>i^GC5n+alzpy>Lax z#`&Iqu<1go>O}2tCPC=_pG|5no_jl)8R$Xm{~mndFh?(#Gt}kp4^ynEuGfsxrAFXt z2)%b&=XU)4+e2alP@siiOWuSKs2Y_bYMxBOHwQn8+k9#)JCvn_K0I0;c6)*q?o0!ouzeWa2w^4_bH)5TnaK%J>AVfgbvu<)6Zm;R4T|G4S9$F9V&=(?bj*z$veye;vM0Dfzoq-1^5@ zsgRB4$0{>)C$Cg8wmr}^UF_u%l4=dJza`ZZTAFpz;ccJ2+7gVf@NF;N1ZLfdQ|I1Q zAluB4gjuuZ7QEIk&-M^c#umgDlx*DlONkYoq6Hj5=gOKc%`YbBxpeBMhfi$4`qG7K zUpChz9SW`QCRv+q;Rjv-CBx-5-+WlU>Qh=2f4zHgQ|YlfFCN&0D>lOKb)C(`*2l1) zRPlAKp)1e}sct8tLB1=>=EioQdLentvyEx*TZd~`k9Ew6JH%y{^aU61r`jkw4r1!q?L--X=j21Cbsad z5vK2jYz*UB`H}IhuR}G6>>1+4Ml5&0Sbap5?Om1Lz<2y-Y29>=F}Ht3-;A?7K1#`; z3l7=lAI-mqm;*_(-(tWU&iuYh5+8oVL{&X=nMe%K^;$wz_>J-~=(%vAB1U&}V z%~C{6440Wm0UXsDAjXmT{xXSRF={KG!5s0_^NCnNi;+66nHbYMr*hyavZen5g8|+4M~4TD9jC|?i&Wb;$~hUh{|YwNaLgSJ|{q4OG2DxOLzIs_>bl!>H1O&_o zxAY!7EgkMne~Y2LbSZ<=iXMX+H>!)dpDOp2J4G^v!N_o;nxrCGUIn*$c2he*E%gyr z!nlt5)iuc;krIEgFkEt`dsr$S?2g2YjVOIa<}TB13@|+(3{vbIV8#GH7k$kUxTml` z)4aB8X8^u%@e1I-$D`jC`XB4Rgrz@0{xso#Bh39yUjG33rzQUh^r!y(8%UY~0Qetj VWB{h2{rfT1@0$3%^RfJW`ahyw$S42+ literal 0 HcmV?d00001 diff --git a/deploy/standard-hub/infra/main.bicep b/deploy/standard-hub/infra/main.bicep index 767bc9185c..fcff3998d7 100644 --- a/deploy/standard-hub/infra/main.bicep +++ b/deploy/standard-hub/infra/main.bicep @@ -11,14 +11,44 @@ param timestamp string = utcNow() var abbrs = loadJsonContent('./abbreviations.json') var resourceGroup = namer(abbrs.resourcesResourceGroups, environmentName, location, 'net', project) -var privateDnsZones = { +param privateDnsLocations array = [ + 'australiaeast' + 'canadaeast' + 'eastus' + 'eastus2' + 'francecentral' + 'japaneast' + 'northcentralus' + 'norwayeast' + 'southcentralus' + 'swedencentral' + 'switzerlandnorth' + 'southindia' + 'uksouth' + 'westeurope' + 'westus' + 'westus3' +] + +var regionalZones = [for zoneLocation in privateDnsLocations: { + 'aks_${zoneLocation}': 'privatelink.${zoneLocation}.azmk8s.io' + 'cr_${zoneLocation}': '${zoneLocation}.privatelink.azurecr.io' + } +] + +var regionalPrivateDnsZones = reduce(regionalZones, + {}, + (curr, acc) => union(curr, acc) +) + +var privateDnsZones = union({ agentsvc: 'privatelink.agentsvc.azure-automation.net' - aks: 'privatelink.${location}.azmk8s.io' + // aks: 'privatelink.${location}.azmk8s.io' blob: 'privatelink.blob.${environment().suffixes.storage}' cognitiveservices: 'privatelink.cognitiveservices.azure.com' configuration_stores: 'privatelink.azconfig.io' cosmosdb: 'privatelink.documents.azure.com' - cr_region: '${location}.privatelink.azurecr.io' + // cr_region: '${location}.privatelink.azurecr.io' cr: 'privatelink.azurecr.io' dfs: 'privatelink.dfs.${environment().suffixes.storage}' eventgrid: 'privatelink.eventgrid.azure.net' @@ -33,7 +63,7 @@ var privateDnsZones = { sql_server: 'privatelink${environment().suffixes.sqlServerHostname}' table: 'privatelink.table.${environment().suffixes.storage}' vault: 'privatelink.vaultcore.azure.net' -} +}, regionalPrivateDnsZones) var tags = { 'azd-env-name': environmentName From 86f682cd8c4e57011c0c738a0b4a8b5d9d3d4fa5 Mon Sep 17 00:00:00 2001 From: Matthew Alan Gray Date: Wed, 31 Jul 2024 08:55:32 -0500 Subject: [PATCH 2/3] Removing generated files --- deploy/standard-hub/config/.gitignore | 1 + deploy/standard-hub/config/vpn/.gitkeep | 0 .../config/vpn/AzureVPN/azurevpnconfig.xml | 41 ------------------ .../config/vpn/Generic/VpnServerRoot.cer_0 | Bin 914 -> 0 bytes .../config/vpn/Generic/VpnSettings.xml | 23 ---------- .../config/vpn/VpnClientConfiguration.zip | Bin 3594 -> 0 bytes 6 files changed, 1 insertion(+), 64 deletions(-) create mode 100644 deploy/standard-hub/config/.gitignore delete mode 100644 deploy/standard-hub/config/vpn/.gitkeep delete mode 100644 deploy/standard-hub/config/vpn/AzureVPN/azurevpnconfig.xml delete mode 100644 deploy/standard-hub/config/vpn/Generic/VpnServerRoot.cer_0 delete mode 100644 deploy/standard-hub/config/vpn/Generic/VpnSettings.xml delete mode 100644 deploy/standard-hub/config/vpn/VpnClientConfiguration.zip diff --git a/deploy/standard-hub/config/.gitignore b/deploy/standard-hub/config/.gitignore new file mode 100644 index 0000000000..d935ebb7d8 --- /dev/null +++ b/deploy/standard-hub/config/.gitignore @@ -0,0 +1 @@ +vpn \ No newline at end of file diff --git a/deploy/standard-hub/config/vpn/.gitkeep b/deploy/standard-hub/config/vpn/.gitkeep deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/deploy/standard-hub/config/vpn/AzureVPN/azurevpnconfig.xml b/deploy/standard-hub/config/vpn/AzureVPN/azurevpnconfig.xml deleted file mode 100644 index 2a13c76c20..0000000000 --- a/deploy/standard-hub/config/vpn/AzureVPN/azurevpnconfig.xml +++ /dev/null @@ -1,41 +0,0 @@ - - - - - 41b23e61-6c1e-4545-b367-cd054e0ed4b4 - true - false - https://sts.windows.net/d280491c-b27a-41bf-9623-21b60cf430b3/ - https://login.microsoftonline.com/d280491c-b27a-41bf-9623-21b60cf430b3 - - - aad - - - vnet-fllmhub-eastus2-net-080 - - - tcp - - - - - - azuregateway-32ae0078-8c73-46db-8927-5daf043740dc-25e6ab397e9d.vpn.azure.com - - - - - DF3C24F9BFD666761B268073FE06D1CC8D4F82A4 - - - cc587c35ab3569aba499684d29f24acce3f82c23a1c7d8e4a2cbf7b6e216f7fee48a53ad1c110d348a5102943c1a5496ad79604244573931bf8fcd8e5dda3938738025e275e44514eb8902de6d5d01967e595d3d6ebd77b06ddb0db2c22f23a2beb8f9594e9a188c0dcd7e5d60d82888c8086c85d2bf9a6a552dc83ce788987bc8105d8b88c097db4b3a71e932efa61198d132f7c0bf0f5f8f7c374b3790ae746e8ce2807ba9f9ff22f1a8773e8914b87d3a0dc4df99681926c9dace5a93bb25e12ff9a734899f5e73cdeaada2ac0725221f255328fea1a50910e9a266b345ab5811c494f28541a6d492d79c8409128dab4993b8f741f451f335156e724af455 - cert - - 1 - - - 192.168.100.36 - - - \ No newline at end of file diff --git a/deploy/standard-hub/config/vpn/Generic/VpnServerRoot.cer_0 b/deploy/standard-hub/config/vpn/Generic/VpnServerRoot.cer_0 deleted file mode 100644 index 1e927a7afe06c270670d6bc25c4d465db2e0a7e8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 914 zcmXqLV(v3&Vk%p}%*4pVB*1L-@!4|0l?!%jq->Ps{Pom;myJ`a&7m8Ce;an;7{S44N3Zn3@aHzbQTHIERDpF(!1g)GQaJ{9Zplk- zye@a|@AU_#r!O{6V{hxNd-12ggQTEo);V)vP&-Tc!p2{-S^Rub$w8x&gcgr9D_VnJeCX{_;|J2P} zlz02&x_&wBDQX2hucLu6-|8C^Skma^IW)V_ne~}jhi)FnV1keK@Hao#ijU%z$=y=4>cw?qzQ zVDbWnG9yDmy2g}zK9A(rhIe13OI+=&wK>}DRsV9|ZEf-U8{&)0wTy%<8`GUyls~zq zo4)DT|D%6HB9Fdi`2qHg8zibR_3{p5LfoBYYm zyzW}IGxc}J?B04s;o;2qU^mg*8M8lpHn?hM_^7vK-s7%Yx2D;d3NMZS@UtMGz}-N8^%tYFG2u-sL@JUi+4LlJwK^__B94 Uy+>lhq8Hsv%iC;f{?uq20B`eLrT_o{ diff --git a/deploy/standard-hub/config/vpn/Generic/VpnSettings.xml b/deploy/standard-hub/config/vpn/Generic/VpnSettings.xml deleted file mode 100644 index 1b07ff1b4f..0000000000 --- a/deploy/standard-hub/config/vpn/Generic/VpnSettings.xml +++ /dev/null @@ -1,23 +0,0 @@ - - - azuregateway-32ae0078-8c73-46db-8927-5daf043740dc-25e6ab397e9d.vpn.azure.com - OpenVPN - - MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQq2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5WztCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQvIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NGFdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ918rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTepLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTflMrY= - - 192.168.100.0/24,10.220.128.0/21 - EAPTLS - vnet-fllmhub-eastus2-net-080 - 32ae0078-8c73-46db-8927-5daf043740dc - - DigiCert Global Root G2 - - - DigiCert Global Root G2 - - 192.168.101.0/28 - https://sts.windows.net/d280491c-b27a-41bf-9623-21b60cf430b3/ - https://login.microsoftonline.com/d280491c-b27a-41bf-9623-21b60cf430b3 - 41b23e61-6c1e-4545-b367-cd054e0ed4b4 - - \ No newline at end of file diff --git a/deploy/standard-hub/config/vpn/VpnClientConfiguration.zip b/deploy/standard-hub/config/vpn/VpnClientConfiguration.zip deleted file mode 100644 index 00196b0c3701b6a50748f6d13e0543198972a66a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3594 zcmaJ^c{CJk`<}AzQB1P)S|SvR@lgqd$-XlPS;jIZCQA&35!teDV~Ch6*@iH(Z&@Qd z8OGSN#n@whz32DG_r0C-eb0UF^W4vKo^$0UBdN71IC! zv-AJ}@b~Q_Czz8r)DdC^hZ#E|5Kx$lkBq;kM}b*SV!jqfWBk-Fbt_w+zsxGDors#-fHV%kt~^T>mNVx$5)XfKE*kdM=5XL5`oJ;FwD%jbwRgZOOouu96f^5T+KF2 z%+*$4c0Ll$Q^|R<7Rj=5=nl$}SXMI)5)Rot*K)j9HtZc3tK)~&KZiQ*?(z$av7lpy z!*#P$e;OHI5$f~jPqt-NMp0EdynMF>tZn%mpwgK7G1w`2w2f97Xb0;NO_^d{dU-)q z5FX{+5~mm!>VCCqvZzcxvaAa#*TS2iuP~6j_sxf_A`v?|Eh{(h8DXSIRCM^tF2r7q z6?eX8KP@tNCzA$ms$x%F$)@QgV9W9y8Lm>h>vTtTt6}o`7;PWr+4EH-T?A|4{@TSpD{ZSB|Z}qcJ)<~+rl1tiL~KL7hg$0C!Se>4KF_F zqYAsAe@~#iyM}(6So-6Ie&FMuJ0?w)y;Kh4rfuCtgPHYvO0|q}9@b(FMZg9um!d>p zC(?XR<9Vbk(8otNI+0**va6;eR`^mCamNt8QEo6o=QRdY9Uo!mz>vDzI1q0lq)g^G z=;(*9d6si|*B?W1o~0wtefo=xjj1wfSRTryJQ_q5I()ei6{+r#fA z8aTr}muh6Ncu9FBUBY^?fCF`uLb0ax(Cs|;Pm^pc%>|y^N$J^sD08g4Z~8KS!?#|l zmD197Vnxl+dG+$b>*dv57$;DGqee10*O|oDT_-hze(hXO$fk{wx4@B6?`usu@9g6p zMeUJBQj~{j(@hgvo0(S~YnfY2KYZi9IH`L2N$xf)nmYm4x@s+SO)!VzC4mrrjc^p{ z3QTw^h_0Z$u2V^zELxX}GKR2*qi# zeu31R4K%>D<=iY#ChWYGj)Pm(XI+vBKN?@vbOa;l9*B=;IC#YyK}{ZZLB1Qs^Y`*; z`x$WEMtat~Il6SZthb&JP9i?CA3aQAFgjL28<-ZW3giwF2)OX(^WQh5Y?OVq#4r^J+x3q6A>YuW=C#lwh#M2CY?X%GxYq>mWU#)c9yatE z;uP(^|8qus*QQ@ATRoTyua9%fqL=Aj1wFjw!>qX?5t>A49RkJW`!Ks;?i@q~(dnt> zdL|ao`yONtCNLve4&`o)7%WqI8X&F!|TJ8eMHF36Lp1hc1Fv9XFUrCV{#etXHqAh9zv zBYuPs)A4IBrU32`;dmEC>ymgMd6E0{P?H=s5vNn`(d54;sn-{fK>M7g#K$-#z)Fwm zK)@-TBgo}f0-&0Bq^nlVs}2{=tKjB*G8_YW8=awVK)yjgOvC-oQ0rt-V~6wSwJ~X4 zuL6TM^8g~xZcv?INE0MA1YqzFdAHUE8gNnp0Exew=TCX}_I2_$^72B+I68UT-IRBA z*!ta))-C-VUpoG3@!0=4<=vXX+4BYEl9{^-lJSmTm`{LO#Kiijvmg{kEU)m{+i z@sVK4x@qiM@$SQ`o009J{iMVU%o^ItByT<=%|ikz$jY(I#U&vtI|06+BT7|3PTcch z;bdOCZ`9wm0O#8R9cxE{7}buC?|({og;pwmSNRI{>fO793zsya_O68~6&lE>qK7&@ zgl{~1Xhyp%_Ar<>R|#l*Swy5Awuck*E5_-=debY$OUTVLGMX}Rgz`io@esf7=byKd zOjk6rid{;k-dBAsA4alw7cEptLCt1sI;Gb6!;>W|$`~f^id#x{&ksrm^u$gqZJjlq z&y$m#_nvz#W}j`D{eVoD)S6IwdimTxmi0rbboZAwJR-ui87OC*s-jI;eT(cbcd(R^ zvNUU3J-J@O3Fwz*DS3*2YRuTO@I~;QvFw9M`9s(-X%0iM9uKc7-^jrSMDN0KAQNnJ zX0S}RiluUW*Lb{notEy%cU)(ZOmslyPck)RBaQT3ylE$6p{RL4pXNY8c1bz0?B_=d zjgIk;8}J4#Y+ls%i(qq%6Nbre6XS!(e};3Gx-2h3MRE|QqN56aqSebNFL&-@fBOlo z5p9s*h2XaUrkk2I++RYEf^In65DwN6V&pK+Q5_8IqWqZ9dspkRaF*)Y6U}|4j$!SZ z@$Ruoq8$$bnIiM71~2-%dG4CM12mv-Jh$xFU!zKsEuY3-(_KCVZXAGJwkWWIY=R=l zChfa*m7`gQ&DwPCF*0G0FBZI9WHVqFn0A;RuxY)l{Y}4*)JK>i^GC5n+alzpy>Lax z#`&Iqu<1go>O}2tCPC=_pG|5no_jl)8R$Xm{~mndFh?(#Gt}kp4^ynEuGfsxrAFXt z2)%b&=XU)4+e2alP@siiOWuSKs2Y_bYMxBOHwQn8+k9#)JCvn_K0I0;c6)*q?o0!ouzeWa2w^4_bH)5TnaK%J>AVfgbvu<)6Zm;R4T|G4S9$F9V&=(?bj*z$veye;vM0Dfzoq-1^5@ zsgRB4$0{>)C$Cg8wmr}^UF_u%l4=dJza`ZZTAFpz;ccJ2+7gVf@NF;N1ZLfdQ|I1Q zAluB4gjuuZ7QEIk&-M^c#umgDlx*DlONkYoq6Hj5=gOKc%`YbBxpeBMhfi$4`qG7K zUpChz9SW`QCRv+q;Rjv-CBx-5-+WlU>Qh=2f4zHgQ|YlfFCN&0D>lOKb)C(`*2l1) zRPlAKp)1e}sct8tLB1=>=EioQdLentvyEx*TZd~`k9Ew6JH%y{^aU61r`jkw4r1!q?L--X=j21Cbsad z5vK2jYz*UB`H}IhuR}G6>>1+4Ml5&0Sbap5?Om1Lz<2y-Y29>=F}Ht3-;A?7K1#`; z3l7=lAI-mqm;*_(-(tWU&iuYh5+8oVL{&X=nMe%K^;$wz_>J-~=(%vAB1U&}V z%~C{6440Wm0UXsDAjXmT{xXSRF={KG!5s0_^NCnNi;+66nHbYMr*hyavZen5g8|+4M~4TD9jC|?i&Wb;$~hUh{|YwNaLgSJ|{q4OG2DxOLzIs_>bl!>H1O&_o zxAY!7EgkMne~Y2LbSZ<=iXMX+H>!)dpDOp2J4G^v!N_o;nxrCGUIn*$c2he*E%gyr z!nlt5)iuc;krIEgFkEt`dsr$S?2g2YjVOIa<}TB13@|+(3{vbIV8#GH7k$kUxTml` z)4aB8X8^u%@e1I-$D`jC`XB4Rgrz@0{xso#Bh39yUjG33rzQUh^r!y(8%UY~0Qetj VWB{h2{rfT1@0$3%^RfJW`ahyw$S42+ From a4ce2c5e7189f2a01ddcd9f29a5b137382e82a41 Mon Sep 17 00:00:00 2001 From: Matthew Alan Gray Date: Wed, 31 Jul 2024 09:39:28 -0500 Subject: [PATCH 3/3] Removed comments from main.bicep --- deploy/standard-hub/infra/main.bicep | 2 -- 1 file changed, 2 deletions(-) diff --git a/deploy/standard-hub/infra/main.bicep b/deploy/standard-hub/infra/main.bicep index fcff3998d7..6fc864f630 100644 --- a/deploy/standard-hub/infra/main.bicep +++ b/deploy/standard-hub/infra/main.bicep @@ -43,12 +43,10 @@ var regionalPrivateDnsZones = reduce(regionalZones, var privateDnsZones = union({ agentsvc: 'privatelink.agentsvc.azure-automation.net' - // aks: 'privatelink.${location}.azmk8s.io' blob: 'privatelink.blob.${environment().suffixes.storage}' cognitiveservices: 'privatelink.cognitiveservices.azure.com' configuration_stores: 'privatelink.azconfig.io' cosmosdb: 'privatelink.documents.azure.com' - // cr_region: '${location}.privatelink.azurecr.io' cr: 'privatelink.azurecr.io' dfs: 'privatelink.dfs.${environment().suffixes.storage}' eventgrid: 'privatelink.eventgrid.azure.net'