diff --git a/.github/workflows/ms.network.vpngateways.yml b/.github/workflows/ms.network.vpngateways.yml index 8159605d09..067b7314d9 100644 --- a/.github/workflows/ms.network.vpngateways.yml +++ b/.github/workflows/ms.network.vpngateways.yml @@ -106,8 +106,7 @@ jobs: - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]' uses: ./.github/actions/templates/validateModuleDeployment with: - templateFilePath: '${{ env.modulePath }}/deploy.bicep' - parameterFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}' + templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}' location: '${{ env.location }}' resourceGroupName: '${{ env.resourceGroupName }}' subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}' diff --git a/modules/Microsoft.Network/vpnGateways/.test/common/dependencies.bicep b/modules/Microsoft.Network/vpnGateways/.test/common/dependencies.bicep new file mode 100644 index 0000000000..cc25cd12d5 --- /dev/null +++ b/modules/Microsoft.Network/vpnGateways/.test/common/dependencies.bicep @@ -0,0 +1,49 @@ +@description('Optional. The location to deploy resources to.') +param location string = resourceGroup().location + +@description('Optional. The name of the Virtual Hub to create.') +param virtualHubName string + +@description('Optional. The name of the VPN Site to create.') +param vpnSiteName string + +@description('Required. The name of the virtual WAN to create.') +param virtualWANName string + +resource virtualWan 'Microsoft.Network/virtualWans@2021-05-01' = { + name: virtualWANName + location: location +} + +resource virtualHub 'Microsoft.Network/virtualHubs@2022-01-01' = { + name: virtualHubName + location: location + properties: { + virtualWan: { + id: virtualWan.id + } + addressPrefix: '10.0.0.0/24' + } +} + +resource vpnSite 'Microsoft.Network/vpnSites@2022-01-01' = { + name: vpnSiteName + location: location + properties: { + virtualWan: { + id: virtualWan.id + } + addressSpace: { + addressPrefixes: [ + '10.1.0.0/16' + ] + } + ipAddress: '10.1.0.0' + } +} + +@description('The resource ID of the created Virtual Hub.') +output virtualHubResourceId string = virtualHub.id + +@description('The resource ID of the created VPN site.') +output vpnSiteResourceId string = vpnSite.id diff --git a/modules/Microsoft.Network/vpnGateways/.test/common/deploy.test.bicep b/modules/Microsoft.Network/vpnGateways/.test/common/deploy.test.bicep new file mode 100644 index 0000000000..9a68f8acec --- /dev/null +++ b/modules/Microsoft.Network/vpnGateways/.test/common/deploy.test.bicep @@ -0,0 +1,83 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'ms.network.vpngateways-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'nvgcom' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +module resourceGroupResources 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-paramNested' + params: { + virtualHubName: 'dep-<>-vh-${serviceShort}' + virtualWANName: 'dep-<>-vw-${serviceShort}' + vpnSiteName: 'dep-<>-vs-${serviceShort}' + } +} + +// ============== // +// Test Execution // +// ============== // +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + name: '<>${serviceShort}001' + virtualHubResourceId: resourceGroupResources.outputs.virtualHubResourceId + bgpSettings: { + asn: 65515 + peerWeight: 0 + } + connections: [ + { + connectionBandwidth: 100 + enableBgp: false + name: 'Connection-${last(split(resourceGroupResources.outputs.vpnSiteResourceId, '/'))}' + remoteVpnSiteResourceId: resourceGroupResources.outputs.vpnSiteResourceId + enableInternetSecurity: true + vpnConnectionProtocolType: 'IKEv2' + enableRateLimiting: false + useLocalAzureIpAddress: false + usePolicyBasedTrafficSelectors: false + routingWeight: 0 + } + ] + lock: 'CanNotDelete' + natRules: [ + { + externalMappings: [ + { + addressSpace: '192.168.21.0/24' + } + ] + internalMappings: [ + { + addressSpace: '10.4.0.0/24' + } + ] + mode: 'EgressSnat' + name: 'natRule1' + type: 'Static' + } + ] + } +} diff --git a/modules/Microsoft.Network/vpnGateways/.test/min.parameters.json b/modules/Microsoft.Network/vpnGateways/.test/min.parameters.json deleted file mode 100644 index 4ed3a736e6..0000000000 --- a/modules/Microsoft.Network/vpnGateways/.test/min.parameters.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-vpngw-min-001" - }, - "virtualHubResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-min-001" - } - } -} diff --git a/modules/Microsoft.Network/vpnGateways/.test/min/dependencies.bicep b/modules/Microsoft.Network/vpnGateways/.test/min/dependencies.bicep new file mode 100644 index 0000000000..e8e34ac823 --- /dev/null +++ b/modules/Microsoft.Network/vpnGateways/.test/min/dependencies.bicep @@ -0,0 +1,27 @@ +@description('Optional. The location to deploy resources to.') +param location string = resourceGroup().location + +@description('Optional. The name of the Virtual Hub to create.') +param virtualHubName string + +@description('Required. The name of the virtual WAN to create.') +param virtualWANName string + +resource virtualWan 'Microsoft.Network/virtualWans@2021-05-01' = { + name: virtualWANName + location: location +} + +resource virtualHub 'Microsoft.Network/virtualHubs@2022-01-01' = { + name: virtualHubName + location: location + properties: { + virtualWan: { + id: virtualWan.id + } + addressPrefix: '10.1.0.0/16' + } +} + +@description('The resource ID of the created Virtual Hub.') +output virtualHubResourceId string = virtualHub.id diff --git a/modules/Microsoft.Network/vpnGateways/.test/min/deploy.test.bicep b/modules/Microsoft.Network/vpnGateways/.test/min/deploy.test.bicep new file mode 100644 index 0000000000..b88a24dad4 --- /dev/null +++ b/modules/Microsoft.Network/vpnGateways/.test/min/deploy.test.bicep @@ -0,0 +1,47 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'ms.network.vpngateways-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'nvgmin' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +module resourceGroupResources 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-paramNested' + params: { + virtualHubName: 'dep-<>-vh-${serviceShort}' + virtualWANName: 'dep-<>-vw-${serviceShort}' + } +} + +// ============== // +// Test Execution // +// ============== // + +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + name: '<>${serviceShort}001' + virtualHubResourceId: resourceGroupResources.outputs.virtualHubResourceId + } +} diff --git a/modules/Microsoft.Network/vpnGateways/.test/parameters.json b/modules/Microsoft.Network/vpnGateways/.test/parameters.json deleted file mode 100644 index 620e1c6ff7..0000000000 --- a/modules/Microsoft.Network/vpnGateways/.test/parameters.json +++ /dev/null @@ -1,68 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-vpngw-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "virtualHubResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001" - }, - "bgpSettings": { - "value": { - "asn": 65515, - "peerWeight": 0 - } - }, - "connections": { - "value": [ - { - "name": "Connection-<>-az-vsite-x-001", - "connectionBandwidth": 10, - "enableBgp": true, - "routingConfiguration": { - "associatedRouteTable": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable" - }, - "propagatedRouteTables": { - "labels": [ - "default" - ], - "ids": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable" - } - ] - }, - "vnetRoutes": { - "staticRoutes": [] - } - }, - "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/<>-az-vsite-x-001" - } - ] - }, - "natRules": { - "value": [ - { - "name": "natRule1", - "internalMappings": [ - { - "addressSpace": "10.4.0.0/24" - } - ], - "externalMappings": [ - { - "addressSpace": "192.168.21.0/24" - } - ], - "type": "Static", - "mode": "EgressSnat" - } - ] - } - } -} diff --git a/modules/Microsoft.Network/vpnGateways/readme.md b/modules/Microsoft.Network/vpnGateways/readme.md index 0e2968839a..eb69e3be17 100644 --- a/modules/Microsoft.Network/vpnGateways/readme.md +++ b/modules/Microsoft.Network/vpnGateways/readme.md @@ -182,7 +182,7 @@ The following module usage examples are retrieved from the content of the files >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -

Example 1: Min

+

Example 1: Common

@@ -190,54 +190,11 @@ The following module usage examples are retrieved from the content of the files ```bicep module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-VpnGateways' + name: '${uniqueString(deployment().name)}-test-nvgcom' params: { // Required parameters - name: '<>-az-vpngw-min-001' - virtualHubResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-min-001' - } -} -``` - -
-

- -

- -via JSON Parameter file - -```json -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - // Required parameters - "name": { - "value": "<>-az-vpngw-min-001" - }, - "virtualHubResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-min-001" - } - } -} -``` - -
-

- -

Example 2: Parameters

- -
- -via Bicep module - -```bicep -module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-VpnGateways' - params: { - // Required parameters - name: '<>-az-vpngw-x-001' - virtualHubResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001' + name: '<>nvgcom001' + virtualHubResourceId: '' // Non-required parameters bgpSettings: { asn: 65515 @@ -245,28 +202,16 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { } connections: [ { - connectionBandwidth: 10 - enableBgp: true - name: 'Connection-<>-az-vsite-x-001' - remoteVpnSiteResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/<>-az-vsite-x-001' - routingConfiguration: { - associatedRouteTable: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable' - } - propagatedRouteTables: { - ids: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable' - } - ] - labels: [ - 'default' - ] - } - vnetRoutes: { - staticRoutes: [] - } - } + connectionBandwidth: 100 + enableBgp: false + enableInternetSecurity: true + enableRateLimiting: false + name: '' + remoteVpnSiteResourceId: '' + routingWeight: 0 + useLocalAzureIpAddress: false + usePolicyBasedTrafficSelectors: false + vpnConnectionProtocolType: 'IKEv2' } ] lock: 'CanNotDelete' @@ -305,10 +250,10 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { "parameters": { // Required parameters "name": { - "value": "<>-az-vpngw-x-001" + "value": "<>nvgcom001" }, "virtualHubResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001" + "value": "" }, // Non-required parameters "bgpSettings": { @@ -320,28 +265,16 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { "connections": { "value": [ { - "connectionBandwidth": 10, - "enableBgp": true, - "name": "Connection-<>-az-vsite-x-001", - "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/<>-az-vsite-x-001", - "routingConfiguration": { - "associatedRouteTable": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable" - }, - "propagatedRouteTables": { - "ids": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable" - } - ], - "labels": [ - "default" - ] - }, - "vnetRoutes": { - "staticRoutes": [] - } - } + "connectionBandwidth": 100, + "enableBgp": false, + "enableInternetSecurity": true, + "enableRateLimiting": false, + "name": "", + "remoteVpnSiteResourceId": "", + "routingWeight": 0, + "useLocalAzureIpAddress": false, + "usePolicyBasedTrafficSelectors": false, + "vpnConnectionProtocolType": "IKEv2" } ] }, @@ -373,3 +306,46 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = {

+ +

Example 2: Min

+ +
+ +via Bicep module + +```bicep +module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-test-nvgmin' + params: { + // Required parameters + name: '<>nvgmin001' + virtualHubResourceId: '' + } +} +``` + +
+

+ +

+ +via JSON Parameter file + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + // Required parameters + "name": { + "value": "<>nvgmin001" + }, + "virtualHubResourceId": { + "value": "" + } + } +} +``` + +
+