github Azure/ALZ-Bicep v0.23.1
on GitHub

23 hours ago

What's Changed

  • refactor: Add gateway udt, add allowed values, and mgmt ip for firewall by @oZakari in #947
  • chore: removed old reference to parameter parPrivateDnsZoneAutoMergeAzureBackupZone by @picccard in #1075
  • feat: adding switch for internet fallback on Private DNS zones by @picccard in #1020
  • chore: remove old reference to parameter parAzFirewallAvailabilityZones by @picccard in #1076
  • fix: use correct parameter for vwan hub default routetable name by @picccard in #1077
  • fix: use new parameter parVirtualNetworkResourceIdsToLinkTo by @picccard in #1078
  • feat: General networking fixes and improvements by @oZakari in #1092

Breaking Changes

1. Gateway Configuration Refactor

PR: #947Add gateway UDTs, allowed values, and management IP for firewall

As part of the migration to user-defined types (UDTs) for properties within the parVpnGatewayConfig and parExpressRouteGatewayConfig parameters, the following changes apply:

  • Supported SKUs limited to Availability Zones
    Only gateway SKUs with zone support are now allowed, aligning with Azure’s Gateway SKU Consolidation and Migration Guide.

  • Property name alignment
    The generation property in parVpnGatewayConfig has been renamed to vpnGatewayGeneration to align with parExpressRouteGatewayConfig.

  • Case sensitivity correction
    The property bgpsettings is now case-sensitive and must be written as bgpSettings.

  • Subproperty type enforcement
    The asn and peerweight subproperties within bgpSettings now require integer values instead of strings.

2. Private DNS Zone Internet Fallback

PR: #1020Add switch for internet fallback on Private DNS zones

  • Default behavior remains unchanged.
  • ⚠️ If the parameter parPrivateDnsZones includes any non-privatelink zones (for example, contoso.internal), virtual network links for those zones will fail because the resolutionPolicy property is only valid for privatelink zones.

Example: 

parPrivateDnsZones:
  - 'privatelink.postgres.database.azure.com'
  - 'privatelink.mysql.database.azure.com'
  - 'contoso.internal' # Will fail – not a privatelink zone

Full Changelog: v0.23.0...v0.23.1

Check out latest releases or
releases around Azure/ALZ-Bicep v0.23.1

Don't miss a new ALZ-Bicep release

NewReleases is sending notifications on new releases.

Get notifications