Deploy within an environment that strictly disallows public network access

[DuboisABB]

This issue is for a: (mark with an x)

- [ ] bug report -> please search issues before submitting
- [x] feature request
- [ ] documentation issue or request
- [ ] regression (a behavior that used to work and stopped in a new release)

Minimal steps to reproduce

Trying to deploy with azd env set AZURE_USE_PRIVATE_ENDPOINT true azd env set AZURE_PUBLIC_NETWORK_ACCESS Disabled azd up

Any log messages given by the failure

Our Azure environment does not allow public network access at all, and the above fails with:

(✓) Done: Resource group: ISWEACEDEV01-RG-01 (✓) Done: App Service plan: plan-xzr2h4erskcqg (✓) Done: Azure OpenAI: cog-xzr2h4erskcqg (✓) Done: Virtual Network: vnet-xzr2h4erskcqg (✓) Done: Document Intelligence: cog-di-xzr2h4erskcqg (✓) Done: Search service: gptkb-xzr2h4erskcqg | =| Creating/Updating resources ERROR: error executing step command 'provision': deployment failed: error deploying infrastructure: deploying to subscription:

Deployment Error Details: InvalidTemplateDeployment: The template deployment failed because of policy violation. Please see details for more information. RequestDisallowedByPolicy: Resource 'userstxzr2h4erskcqg' was disallowed by policy. Reasons: 'Public network access must be disabled for PaaS services.'. See error details for policy resource IDs.

TraceID: 0742395aac02059fd2be8eaad2c546fd

Expected/desired behavior

Successful provisionning

OS and Version?

Windows 11

azd version?

azd version 1.9.3 (commit e1624330dcc7dde440ecc1eda06aac40e68aa0a3)

Versions

Forked from 905b62e349e1ade9828326f02778f48f0952cf8d (2024-06-17)