Add vnet and subnet support

Azure-Samples · Aug 8, 2024 · 862f4ef · 862f4ef
1 parent c1f34c4
commit 862f4ef
Show file tree

Hide file tree

Showing 5 changed files with 78 additions and 1 deletion.
diff --git a/infra/app/app-env.bicep b/infra/app/app-env.bicep
@@ -6,6 +6,8 @@ param serviceBusName string
 param applicationInsightsName string = ''
 param daprEnabled bool = false
 param managedIdentityClientId string
+param vnetInernal bool
+param vnetName string
 
 // Container apps host (including container registry)
 module containerApps '../core/host/container-apps.bicep' = {
@@ -18,6 +20,8 @@ module containerApps '../core/host/container-apps.bicep' = {
     logAnalyticsWorkspaceName: logAnalyticsWorkspaceName
     applicationInsightsName: applicationInsightsName
     daprEnabled: daprEnabled
+    vnetName: vnetName
+    vnetInternal: vnetInernal
   }
 }
 

diff --git a/infra/core/host/container-apps-environment.bicep b/infra/core/host/container-apps-environment.bicep
@@ -12,6 +12,10 @@ param daprEnabled bool = false
 @description('Name of the Log Analytics workspace')
 param logAnalyticsWorkspaceName string
 
+param vnetInternal bool = true
+@description('Name of the Vnet')
+param vnetName string
+
 resource containerAppsEnvironment 'Microsoft.App/managedEnvironments@2023-05-01' = {
   name: name
   location: location
@@ -25,9 +29,17 @@ resource containerAppsEnvironment 'Microsoft.App/managedEnvironments@2023-05-01'
       }
     }
     daprAIInstrumentationKey: daprEnabled && !empty(applicationInsightsName) ? applicationInsights.properties.InstrumentationKey : ''
+    vnetConfiguration: {
+      infrastructureSubnetId: vnet.properties.subnets[0].id
+      internal: vnetInternal
+    }
   }
 }
 
+resource vnet 'Microsoft.Network/virtualNetworks@2021-05-01' existing = {
+  name: vnetName
+}
+
 resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' existing = {
   name: logAnalyticsWorkspaceName
 }

diff --git a/infra/core/host/container-apps.bicep b/infra/core/host/container-apps.bicep
@@ -10,6 +10,8 @@ param containerRegistryAdminUserEnabled bool = false
 param logAnalyticsWorkspaceName string
 param applicationInsightsName string = ''
 param daprEnabled bool = false
+param vnetName string
+param vnetInternal bool = true
 
 module containerAppsEnvironment 'container-apps-environment.bicep' = {
   name: '${name}-container-apps-environment'
@@ -20,6 +22,8 @@ module containerAppsEnvironment 'container-apps-environment.bicep' = {
     logAnalyticsWorkspaceName: logAnalyticsWorkspaceName
     applicationInsightsName: applicationInsightsName
     daprEnabled: daprEnabled
+    vnetName: vnetName
+    vnetInternal: vnetInternal
   }
 }
 

diff --git a/infra/core/networking/vnet.bicep b/infra/core/networking/vnet.bicep
@@ -0,0 +1,30 @@
+param location string 
+param vnetName string 
+param vnetPrefix string 
+param subnets array
+
+resource vnet 'Microsoft.Network/virtualNetworks@2021-05-01' = {
+  name: vnetName
+  location: location
+  properties: {
+    addressSpace: {
+      addressPrefixes: [
+        vnetPrefix
+      ]
+    }
+    subnets: subnets
+  }
+}
+
+@batchSize(1)
+resource vnetSubnets 'Microsoft.Network/virtualNetworks/subnets@2020-08-01' = [ for subnet in subnets: {
+  parent: vnet
+  name: '${subnet.name}'
+  properties: {
+    addressPrefix: subnet.properties.addressPrefix
+    privateEndpointNetworkPolicies: 'Disabled'
+    privateLinkServiceNetworkPolicies: 'Enabled'
+  }
+}]
+
+output vnetName string = vnet.name
diff --git a/infra/main.bicep b/infra/main.bicep
@@ -33,6 +33,9 @@ param resourceGroupName string = ''
 // "resourceGroupName": {
 //      "value": "myGroupName"
 // }
+param vnetName string = 'vnet-ca'
+param vnetInternal bool = true
+param vnetPrefix string = '10.0.0.0/16'
 
 var abbrs = loadJsonContent('./abbreviations.json')
 var resourceToken = toLower(uniqueString(subscription().id, environmentName, location))
@@ -80,7 +83,6 @@ module serviceBusAccess './app/access.bicep' = {
   }
 }
 
-
 // Shared App Env with Dapr configuration for db
 module appEnv './app/app-env.bicep' = {
   name: 'app-env'
@@ -94,6 +96,31 @@ module appEnv './app/app-env.bicep' = {
     applicationInsightsName: monitoring.outputs.applicationInsightsName
     daprEnabled: true
     managedIdentityClientId: serviceBusAccess.outputs.managedIdentityClientlId
+    vnetName: vnet.outputs.vnetName
+    vnetInernal: vnetInternal 
+  }
+}
+
+var containerAppsSubnet = {
+  name: 'ContainerAppsSubnet'
+  properties: {
+    addressPrefix: '10.0.0.0/23'
+  }
+}
+
+var subnets = [
+  containerAppsSubnet
+]
+
+// Deploy an Azure Virtual Network 
+module vnet 'core/networking/vnet.bicep' = {
+  name: '${deployment().name}--vnet'
+  scope: rg
+  params: {
+    location: location
+    vnetName: vnetName
+    vnetPrefix: vnetPrefix
+    subnets: subnets
   }
 }