fix: Resolve bug with declaring Public IP Prefix use on managementIP (A…

…zure#1939) ## Description Resolved issue when specifying a public IP prefix for the management IP address. Updated to use latest PublicIPAddress AVM module. Updated API version of Microsoft.Network/publicIPAddresses used in tests. Updated formatting of zone param default values. Also added new e2e tests for Public IP Prefix usage. Fixes Azure#1867 Closes Azure#1867 ## Pipeline Reference | Pipeline | | -------- | | [![avm.res.network.azure-firewall](https://github.com/hundredacres/bicep-registry-modules/actions/workflows/avm.res.network.azure-firewall.yml/badge.svg?branch=fix%2Fissue%2F1867)](https://github.com/hundredacres/bicep-registry-modules/actions/workflows/avm.res.network.azure-firewall.yml) | ## Type of Change  - [ ] Update to CI Environment or utlities (Non-module effecting changes) - [X] Azure Verified Module updates: - [ ] Bugfix containing backwards compatible bug fixes, and I have NOT bumped the MAJOR or MINOR version in `version.json`: - [X] Someone has opened a bug report issue, and I have included "Closes #{bug_report_issue_number}" in the PR description. - [ ] The bug was found by the module author, and no one has opened an issue to report it yet. - [X] Feature update backwards compatible feature updates, and I have bumped the MINOR version in `version.json`. - [ ] Breaking changes and I have bumped the MAJOR version in `version.json`. - [X] Update to documentation ## Checklist - [X] I'm sure there are no other open Pull Requests for the same update/change - [X] I have run `Set-AVMModule` locally to generate the supporting module files. - [X] My corresponding pipelines / checks run clean and green without any errors or warnings --------- Co-authored-by: Máté Barabás <[email protected]> Co-authored-by: Rainer Halanek <[email protected]> Co-authored-by: JFolberth <[email protected]>
hundredacres · Jun 19, 2024 · fc4fd06 · fc4fd06
1 parent f5d0f38
commit fc4fd06
Show file tree

Hide file tree

Showing 6 changed files with 596 additions and 179 deletions.
diff --git a/avm/res/network/azure-firewall/README.md b/avm/res/network/azure-firewall/README.md
@@ -19,7 +19,7 @@ This module deploys an Azure Firewall.
 | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) |
 | `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) |
 | `Microsoft.Network/azureFirewalls` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/azureFirewalls) |
-| `Microsoft.Network/publicIPAddresses` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/publicIPAddresses) |
+| `Microsoft.Network/publicIPAddresses` | [2023-09-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-09-01/publicIPAddresses) |
 
 ## Usage examples
 
@@ -29,15 +29,113 @@ The following section provides usage examples for the module, which were used to
 
 >**Note**: To reference the module, please use the following syntax `br/public:avm/res/network/azure-firewall:<version>`.
 
-- [Add-PIP](#example-1-add-pip)
-- [Custom-PIP](#example-2-custom-pip)
-- [Using only defaults](#example-3-using-only-defaults)
-- [Hub-commom](#example-4-hub-commom)
-- [Hub-min](#example-5-hub-min)
-- [Using large parameter set](#example-6-using-large-parameter-set)
-- [WAF-aligned](#example-7-waf-aligned)
+- [Issue-1867](#example-1-issue-1867)
+- [Add-PIP](#example-2-add-pip)
+- [Custom-PIP](#example-3-custom-pip)
+- [Using only defaults](#example-4-using-only-defaults)
+- [Hub-commom](#example-5-hub-commom)
+- [Hub-min](#example-6-hub-min)
+- [Using large parameter set](#example-7-using-large-parameter-set)
+- [Public-IP-Prefix](#example-8-public-ip-prefix)
+- [WAF-aligned](#example-9-waf-aligned)
 
-### Example 1: _Add-PIP_
+### Example 1: _Issue-1867_
+
+Validating reported bug 1867
+
+
+<details>
+
+<summary>via Bicep module</summary>
+
+```bicep
+module azureFirewall 'br/public:avm/res/network/azure-firewall:<version>' = {
+  name: 'azureFirewallDeployment'
+  params: {
+    // Required parameters
+    name: 'nafcustom001'
+    // Non-required parameters
+    azureSkuTier: 'Basic'
+    firewallPolicyId: '<firewallPolicyId>'
+    location: '<location>'
+    managementIPAddressObject: {
+      managementIPAllocationMethod: 'Static'
+      managementIPPrefixResourceId: '<managementIPPrefixResourceId>'
+      name: 'managementIP01'
+      skuName: 'Standard'
+      skuTier: 'Regional'
+    }
+    publicIPAddressObject: {
+      name: 'publicIP01'
+      publicIPAllocationMethod: 'Static'
+      publicIPPrefixResourceId: '<publicIPPrefixResourceId>'
+      skuName: 'Standard'
+      skuTier: 'Regional'
+    }
+    virtualNetworkResourceId: '<virtualNetworkResourceId>'
+    zones: []
+  }
+}
+```
+
+</details>
+<p>
+
+<details>
+
+<summary>via JSON Parameter file</summary>
+
+```json
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    // Required parameters
+    "name": {
+      "value": "nafcustom001"
+    },
+    // Non-required parameters
+    "azureSkuTier": {
+      "value": "Basic"
+    },
+    "firewallPolicyId": {
+      "value": "<firewallPolicyId>"
+    },
+    "location": {
+      "value": "<location>"
+    },
+    "managementIPAddressObject": {
+      "value": {
+        "managementIPAllocationMethod": "Static",
+        "managementIPPrefixResourceId": "<managementIPPrefixResourceId>",
+        "name": "managementIP01",
+        "skuName": "Standard",
+        "skuTier": "Regional"
+      }
+    },
+    "publicIPAddressObject": {
+      "value": {
+        "name": "publicIP01",
+        "publicIPAllocationMethod": "Static",
+        "publicIPPrefixResourceId": "<publicIPPrefixResourceId>",
+        "skuName": "Standard",
+        "skuTier": "Regional"
+      }
+    },
+    "virtualNetworkResourceId": {
+      "value": "<virtualNetworkResourceId>"
+    },
+    "zones": {
+      "value": []
+    }
+  }
+}
+```
+
+</details>
+<p>
+
+### Example 2: _Add-PIP_
 
 This instance deploys the module and attaches an existing public IP address.
 
@@ -129,7 +227,7 @@ module azureFirewall 'br/public:avm/res/network/azure-firewall:<version>' = {
 </details>
 <p>
 
-### Example 2: _Custom-PIP_
+### Example 3: _Custom-PIP_
 
 This instance deploys the module and will create a public IP address.
 
@@ -239,7 +337,7 @@ module azureFirewall 'br/public:avm/res/network/azure-firewall:<version>' = {
 </details>
 <p>
 
-### Example 3: _Using only defaults_
+### Example 4: _Using only defaults_
 
 This instance deploys the module with the minimum set of required parameters.
 
@@ -291,7 +389,7 @@ module azureFirewall 'br/public:avm/res/network/azure-firewall:<version>' = {
 </details>
 <p>
 
-### Example 4: _Hub-commom_
+### Example 5: _Hub-commom_
 
 This instance deploys the module a vWAN in a typical hub setting.
 
@@ -359,7 +457,7 @@ module azureFirewall 'br/public:avm/res/network/azure-firewall:<version>' = {
 </details>
 <p>
 
-### Example 5: _Hub-min_
+### Example 6: _Hub-min_
 
 This instance deploys the module a vWAN minimum hub setting.
 
@@ -423,7 +521,7 @@ module azureFirewall 'br/public:avm/res/network/azure-firewall:<version>' = {
 </details>
 <p>
 
-### Example 6: _Using large parameter set_
+### Example 7: _Using large parameter set_
 
 This instance deploys the module with most of its features enabled.
 
@@ -777,7 +875,99 @@ module azureFirewall 'br/public:avm/res/network/azure-firewall:<version>' = {
 </details>
 <p>
 
-### Example 7: _WAF-aligned_
+### Example 8: _Public-IP-Prefix_
+
+This instance deploys the module and will use a public IP prefix.
+
+
+<details>
+
+<summary>via Bicep module</summary>
+
+```bicep
+module azureFirewall 'br/public:avm/res/network/azure-firewall:<version>' = {
+  name: 'azureFirewallDeployment'
+  params: {
+    // Required parameters
+    name: 'nafpip001'
+    // Non-required parameters
+    azureSkuTier: 'Basic'
+    location: '<location>'
+    managementIPAddressObject: {
+      managementIPAllocationMethod: 'Static'
+      managementIPPrefixResourceId: '<managementIPPrefixResourceId>'
+      name: 'managementIP01'
+      skuName: 'Standard'
+      skuTier: 'Regional'
+    }
+    publicIPAddressObject: {
+      name: 'publicIP01'
+      publicIPAllocationMethod: 'Static'
+      publicIPPrefixResourceId: '<publicIPPrefixResourceId>'
+      skuName: 'Standard'
+      skuTier: 'Regional'
+    }
+    virtualNetworkResourceId: '<virtualNetworkResourceId>'
+    zones: []
+  }
+}
+```
+
+</details>
+<p>
+
+<details>
+
+<summary>via JSON Parameter file</summary>
+
+```json
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    // Required parameters
+    "name": {
+      "value": "nafpip001"
+    },
+    // Non-required parameters
+    "azureSkuTier": {
+      "value": "Basic"
+    },
+    "location": {
+      "value": "<location>"
+    },
+    "managementIPAddressObject": {
+      "value": {
+        "managementIPAllocationMethod": "Static",
+        "managementIPPrefixResourceId": "<managementIPPrefixResourceId>",
+        "name": "managementIP01",
+        "skuName": "Standard",
+        "skuTier": "Regional"
+      }
+    },
+    "publicIPAddressObject": {
+      "value": {
+        "name": "publicIP01",
+        "publicIPAllocationMethod": "Static",
+        "publicIPPrefixResourceId": "<publicIPPrefixResourceId>",
+        "skuName": "Standard",
+        "skuTier": "Regional"
+      }
+    },
+    "virtualNetworkResourceId": {
+      "value": "<virtualNetworkResourceId>"
+    },
+    "zones": {
+      "value": []
+    }
+  }
+}
+```
+
+</details>
+<p>
+
+### Example 9: _WAF-aligned_
 
 This instance deploys the module in alignment with the best-practices of the Azure Well-Architected Framework.
 
@@ -2033,9 +2223,9 @@ Zone numbers e.g. 1,2,3.
 - Default:
   ```Bicep
   [
-    '1'
-    '2'
-    '3'
+    1
+    2
+    3
   ]
   ```
 
@@ -2060,7 +2250,7 @@ This section gives you an overview of all local-referenced module files (i.e., o
 
 | Reference | Type |
 | :-- | :-- |
-| `br/public:avm/res/network/public-ip-address:0.2.1` | Remote reference |
+| `br/public:avm/res/network/public-ip-address:0.4.0` | Remote reference |
 
 ## Data Collection