Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature Request - Deploy-Private-DNS-Zones is missing policy for App Service Slots #1786

Open
MikaelJcSoderberg opened this issue Oct 4, 2024 · 2 comments
Labels
Area: Policy 📝 Issues / PR's related to Policy

Comments

@MikaelJcSoderberg
Copy link

Describe the solution you'd like

I cant find a policy for you to include as part of
Deploy-Private-DNS-Zones

that would add the feature, so either the product team will need to add it or Enterprise Scale would have a Custom Policy that does the same. Is there a similiar issue with Function App slots?

@Springstone
Copy link
Member

@MikaelJcSoderberg we have included a generic Private DNS Zone policy that allows you to configure Private DNS Zones for those services that don't yet have a built-in policy for the same. Have you looked at implementing this?

https://github.com/Azure/Enterprise-Scale/blob/main/src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Private-DNS-Generic.json

@Springstone Springstone added this to the policy-refresh-fy25-q2 milestone Oct 10, 2024
@Springstone Springstone added the Area: Policy 📝 Issues / PR's related to Policy label Oct 10, 2024
@MikaelJcSoderberg
Copy link
Author

MikaelJcSoderberg commented Oct 10, 2024

The generic would work if the group ID is static, but for app service slots it is dynamic values starting with "sites-*"

When I wrote my custom policy that works for me I have to use like instead of equals

Image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Area: Policy 📝 Issues / PR's related to Policy
Projects
None yet
Development

No branches or pull requests

2 participants