Support of Private Networking via Bicep / AZD #617
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sync with Development
sync with Development branch
…etailed logging and error handling
… cosmos fw script, minor cleanup of unused values
…ment configuration
…ess for webapp if private network is enabled
…owed IP addresses for ACR.
Collaborator
|
Excellent work Steve! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Primary focus of this pull request is to support Private Networking for the Simple Chat application via AZD up or Bicep processes.
This pull request introduces significant improvements to the Azure deployment process and documentation, focusing on enhanced deployment automation, error handling, and clarity for users deploying to both Azure Commercial and Azure Government. It adds robust, step-by-step scripting for all deployment phases, new private networking automation, and expands documentation with clearer prerequisites, USGov guidance, and post-deployment instructions. Additionally, it introduces new application roles for finer-grained access control.
Deployment Automation and Error Handling
deployers/azure.yamlto include detailed, stepwise logging, explicit error handling, and clearer output for each deployment phase (postprovision, predeploy, postup). This ensures failures are caught early, troubleshooting is easier, and users are better informed during deployments. [1] [2]postuphook to automate disabling public network access for resources when private networking is enabled, further strengthening security posture.Documentation Enhancements
deployers/bicep/README.mdwith a comprehensive prerequisites section, corrected and improved the table of contents, and added detailed Azure Government (USGov) considerations, including service limitations, model configuration overrides, and regional availability notes. [1] [2]OneClickDeploy.mdto point to the correct branch for both commercial and government clouds.Access Control Improvements
appRegistrationRoles.json: "Control Center Admin" (full admin access) and "Control Center Dashboard Reader" (read-only dashboard access), enabling more granular permission management for the application.