Feature Request: Update Policy Definition Deploy-Private-DNS-Generic to expose location as parameter
#1699
Assignees
Labels
Milestone
Comments
jtracey93
added
Area: Private Link/DNS
Area: Policy 📝
7 tasks
|
This has been merged, and is live. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As requested in https://github.com/MicrosoftDocs/cloud-adoption-framework/issues/1103 (no longer accessible due to issues in the repo being disabled)
"
If using RSV for Azure Backup in multiple regions, there is no check to ensure that the DNS records is created in the correct Private DNS zone. If two or more policies are assigned using the same SubResource/GroupId then DNS records will be created randomly in the different private DNS zones, e.g. in privatelink.we.backup.windowsazure.com and in privatelink.sdc.backup.windowsazure.com.
If an additional check is added on location for the private endpoint itself in the policy, then it works. See example here:
https://github.com/norregaard/Azure/blob/main/Policy/Auto-create-DNS-record-private-DNS-zone.jsonnow https://github.com/norregaard/Azure/blob/main/Policy/Auto-create-DNS-record-private-DNS-zone-w-location.json"
We should update the Policy Definition
Deploy-Private-DNS-Genericto expose location as parameter that customers can use to help control this scenario.cc: @Springstone
The text was updated successfully, but these errors were encountered: