ALZ-Bicep icon indicating copy to clipboard operation
ALZ-Bicep copied to clipboard

Published 20 hours ago verified publisher icon Azure

❓👂 Question/Feedback - How to consume hubPeeredSpoke module ?

Open stalejohnsen opened this issue 3 years ago • 0 comments

Question/Feedback

I'm trying to deploy hubPeeredSpoke module for Identity vnet, peering and udr, that works fine but how should it be consumed at the next stage to deploy subnet, nsg and attach nsg/udr to the subnet for that pre-existing vnet from hubPeeredSpoke module? ARM doesn't really like to have subnets as a seperate child resource and you get into conflicts like this: https://github.com/Azure/bicep/issues/4653

The identity scenario here is solvable with some customization but it would be very valuable with some additional guidance / examples in the wiki on how the platform team deployed spoke vnet can be consumed by app teams to create child resources in seperate IaC definition.I see similarity with subscription vending machine here?

Possible Answers/Solutions?

I could modify the hubPeeredSpoke module to create a custom Identity module with all the required platform identity resources and then avoid conflicts for that specific use case since i'm working with platform resources.

stalejohnsen avatar Oct 07 '22 07:10 stalejohnsen