Azure DDoS protection #107#114
Conversation
…tection plan in azuredepoy.json Add a ddosWitch member in the moodleCommon object. Add a nested template network-vnet-ddos.json that manages the creation of ddos protection plan and the update of the vnet. Call network-vnet-ddos.json from the network.json template if ddosSwith is true In the .gitignore file, exlude .vs to ignore Visual Studio stuff.
There was a problem hiding this comment.
Really great! Just a really minor change requested and one small reconfirmation requested as well.
I think it'll be also great if you can add a documentation (like docs/ddos.md) that explains how to add/configure a DDoS protection plan when a cluster was deployed without the DDoS feature turned on, but I'd say that's purely optional and up to you. Thanks much again!
| "[resourceId('Microsoft.Network/ddosProtectionPlans', parameters('moodleCommon').ddosPlanName)]" | ||
| ], | ||
| "location": "[resourceGroup().location]", | ||
| "name": "[parameters('vnetName')]", |
There was a problem hiding this comment.
This is great. So you did confirm that this works regardless of whether this vnet already exists or is to be created, right?
There was a problem hiding this comment.
Yes, I've ran 4 tests
- existing vNet and ddosSwitch equal to true
- existing vNet and ddosSwitch equal to false
- no existing vNet and ddosSwitch equal to true
- no existing vNet and ddosSwitch equal to false
Each one of these 4 deployment succeed and I can browse the homepage.
There was a problem hiding this comment.
I have added documentation in the Parameters.md file and the Manage.md file.
There was a problem hiding this comment.
Thank you so much for your quick follow-up. This is super! I'm merging this PR right after. Thanks again!
There was a problem hiding this comment.
You're welcome. Thanks for the great work you're doing !
There was a problem hiding this comment.
Is DDoS protection included with all deployments automatically?
| }, | ||
| "enableDdosProtection": "[parameters('moodleCommon').ddosSwitch]" | ||
| }, | ||
| "type": "Microsoft.Network/virtualNetworks" |
There was a problem hiding this comment.
This is really minor, but ARM team prefers properties like this (type) to be at the top, so please move this to before properties property.
Add documentation about managing Azure DDoS Protection in Manage.md.
…plan after the deployment.
Azure DDoS protection (fixes #107)
Azure DDoS protection (fixes Azure#107)
3 participants
Pull request for the issue #107
Add ddosSwitch parameter to enable the deployment of a Azure DDoS protection plan in azuredepoy.json
Add a ddosWitch member in the moodleCommon object.
Add a nested template network-vnet-ddos.json that manages the creation
of ddos protection plan and the update of the vnet.
Call network-vnet-ddos.json from the network.json template if ddosSwith is true
In the .gitignore file, exlude .vs to ignore Visual Studio stuff.