From cb6d0291ff7e9bb0e16ff2c9324947ae9c34d2ae Mon Sep 17 00:00:00 2001
From: Are Almaas <arealmaas@gmail.com>
Date: Tue, 19 Nov 2024 15:27:36 +0100
Subject: [PATCH 1/3] fix(azure): enable public access for azure monitor

---
 .azure/modules/monitor-workspace/main.bicep | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.azure/modules/monitor-workspace/main.bicep b/.azure/modules/monitor-workspace/main.bicep
index b042a1f89..3f34047c1 100644
--- a/.azure/modules/monitor-workspace/main.bicep
+++ b/.azure/modules/monitor-workspace/main.bicep
@@ -17,7 +17,8 @@ resource monitorWorkspace 'Microsoft.Monitor/accounts@2023-04-03' = {
   name: '${namePrefix}-monitor'
   location: location
   properties: {
-    publicNetworkAccess: 'Disabled'
+    // todo: enable once we have a use case for it https://github.com/digdir/dialogporten/issues/1462
+    publicNetworkAccess: 'Enabled'
   }
   tags: tags
 }

From 6004343447142a7392ad52b4cee97f1ce0fd5ae5 Mon Sep 17 00:00:00 2001
From: Are Almaas <arealmaas@gmail.com>
Date: Tue, 19 Nov 2024 15:32:38 +0100
Subject: [PATCH 2/3] cleanup

---
 .azure/modules/monitor-workspace/main.bicep | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.azure/modules/monitor-workspace/main.bicep b/.azure/modules/monitor-workspace/main.bicep
index 3f34047c1..095270eeb 100644
--- a/.azure/modules/monitor-workspace/main.bicep
+++ b/.azure/modules/monitor-workspace/main.bicep
@@ -17,7 +17,7 @@ resource monitorWorkspace 'Microsoft.Monitor/accounts@2023-04-03' = {
   name: '${namePrefix}-monitor'
   location: location
   properties: {
-    // todo: enable once we have a use case for it https://github.com/digdir/dialogporten/issues/1462
+    // todo: enable once we have ensured a connection to this monitor workspace https://github.com/digdir/dialogporten/issues/1462
     publicNetworkAccess: 'Enabled'
   }
   tags: tags

From 6d6ead61d30061e477602e19d559d6041009000e Mon Sep 17 00:00:00 2001
From: Are Almaas <arealmaas@gmail.com>
Date: Tue, 19 Nov 2024 15:59:19 +0100
Subject: [PATCH 3/3] remove private endpointt

---
 .azure/infrastructure/main.bicep            |  2 -
 .azure/modules/monitor-workspace/main.bicep | 55 ---------------------
 2 files changed, 57 deletions(-)

diff --git a/.azure/infrastructure/main.bicep b/.azure/infrastructure/main.bicep
index 06d7b9230..37c93f97a 100644
--- a/.azure/infrastructure/main.bicep
+++ b/.azure/infrastructure/main.bicep
@@ -131,8 +131,6 @@ module monitorWorkspace '../modules/monitor-workspace/main.bicep' = {
   params: {
     namePrefix: namePrefix
     location: location
-    subnetId: vnet.outputs.monitorSubnetId
-    vnetId: vnet.outputs.virtualNetworkId
     tags: tags
   }
 }
diff --git a/.azure/modules/monitor-workspace/main.bicep b/.azure/modules/monitor-workspace/main.bicep
index 095270eeb..bb763a54e 100644
--- a/.azure/modules/monitor-workspace/main.bicep
+++ b/.azure/modules/monitor-workspace/main.bicep
@@ -4,15 +4,9 @@ param namePrefix string
 @description('The location where the resources will be deployed')
 param location string
 
-@description('The ID of the subnet for the Private Link')
-param subnetId string
-
 @description('Tags to apply to resources')
 param tags object
 
-@description('The ID of the virtual network for the private DNS zone')
-param vnetId string
-
 resource monitorWorkspace 'Microsoft.Monitor/accounts@2023-04-03' = {
   name: '${namePrefix}-monitor'
   location: location
@@ -23,54 +17,5 @@ resource monitorWorkspace 'Microsoft.Monitor/accounts@2023-04-03' = {
   tags: tags
 }
 
-// private endpoint name max characters is 80
-var monitorPrivateEndpointName = '${namePrefix}-monitor-pe'
-
-resource monitorPrivateEndpoint 'Microsoft.Network/privateEndpoints@2024-03-01' = {
-  name: monitorPrivateEndpointName
-  location: location
-  properties: {
-    privateLinkServiceConnections: [
-      {
-        name: monitorPrivateEndpointName
-        properties: {
-          privateLinkServiceId: monitorWorkspace.id
-          groupIds: [
-            'prometheusMetrics'
-          ]
-        }
-      }
-    ]
-    customNetworkInterfaceName: '${namePrefix}-monitor-pe-nic'
-    subnet: {
-      id: subnetId
-    }
-  }
-  tags: tags
-}
-
-module privateDnsZone '../privateDnsZone/main.bicep' = {
-  name: '${namePrefix}-monitor-pdz'
-  params: {
-    namePrefix: namePrefix
-    defaultDomain: 'privatelink.${location}.prometheus.monitor.azure.com'
-    vnetId: vnetId
-    tags: tags
-  }
-}
-
-module privateDnsZoneGroup '../privateDnsZoneGroup/main.bicep' = {
-  name: '${namePrefix}-monitor-privateDnsZoneGroup'
-  dependsOn: [
-    privateDnsZone
-  ]
-  params: {
-    name: 'default'
-    dnsZoneGroupName: 'privatelink-${location}-prometheus-monitor-azure-com'
-    dnsZoneId: privateDnsZone.outputs.id
-    privateEndpointName: monitorPrivateEndpoint.name
-  }
-}
-
 output monitorWorkspaceId string = monitorWorkspace.id
 output monitorWorkspaceName string = monitorWorkspace.name