Bug Report - Deploy-Private-DNS-Zones does not deploy DNS records for `database.windows.net`

[andrewdmay]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Versions

terraform: 1.6.1

azure provider: 3.81.0

module: 5.0.2

Description

Describe the bug

Similar to Azure/Enterprise-Scale#1479 and Azure/Enterprise-Scale#1502, the Deploy-Private-DNS-Zones policy initiative does not include a policy for Azure SQL private endpoints. I'm not sure if this is because there is no predefined policy for this as far as I can tell (based upon https://learn.microsoft.com/en-us/azure/networking/policy-reference).

Steps to Reproduce

1. Deploy CAF module, with Corp Archetype
2. Create Azure SQL database to subscription under Corp Management group. Add Private Endpoint.
3. No record created in the privatelink.database.windows.net private DNS Zone in the connectivity subscription