diff --git a/docs/wiki/Whats-new.md b/docs/wiki/Whats-new.md index 8bfbbfbfe..8359b6f3a 100644 --- a/docs/wiki/Whats-new.md +++ b/docs/wiki/Whats-new.md @@ -68,6 +68,7 @@ Here's what's changed in Enterprise Scale/Azure Landing Zones: - Implemented default [Cloud Adoption Framework (CAF) naming standards](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/resource-naming) across all resources. In addition, you now have the flexibility to apply custom naming conventions to suit your unique organizational requirements. - The portal accelerator now deploys all SKUs of Azure Firewall with the [management NIC](https://learn.microsoft.com/azure/firewall/management-nic) to route its management traffic via the `AzureFirewallManagementSubnet`. +- Updated the ALZ portal accelerator to remove the option to select regional VPN gateways as these are being deprecated. All regions that support VPN gateways now deploy zone redundant VPN gateways by default. - **NEW** ALZ Portal Accelerator: - Added support for Bastion and Private DNS Resolver in the portal experience. These can be selected in the networking section of the portal experience. - For Private DNS Resolver, last mile configuration is required. This requires configuring forwarding rules to your own domain. By default peered networks are not configured to use the Private DNS Resolver. Please see [Private DNS Resolver documentation](https://learn.microsoft.com/azure/dns/resolver/overview) for more information, these need to be updated once Private DNS Resolver is fully configured. diff --git a/eslzArm/eslz-portal.json b/eslzArm/eslz-portal.json index 561ab216c..0bfcbd905 100644 --- a/eslzArm/eslz-portal.json +++ b/eslzArm/eslz-portal.json @@ -2628,7 +2628,7 @@ "type": "Microsoft.Common.OptionsGroup", "label": "Deploy zone redundant or regional VPN Gateway", "defaultValue": "Zone redundant (recommended)", - "visible": "[and(and(equals(steps('connectivity').enableVpnGw,'Yes'), not(equals(steps('connectivity').enableHub, 'vwan'))), equals(steps('connectivity').enableVpnGw,'Yes'),contains(split('brazilsouth,canadacentral,centralus,eastus,eastus2,southcentralus,westus2,westus3,mexicocentral,francecentral,italynorth,germanywestcentral,norwayeast,northeurope,uksouth,westeurope,swedencentral,switzerlandnorth,polandcentral,spaincentral,qatarcentral,uaenorth,israelcentral,southafricanorth,australiaeast,centralindia,japaneast,japanwest,southeastasia,eastasia,koreacentral,newzealandnorth,taiwannorth', ','), steps('connectivity').connectivityLocation))]", + "visible": false, "toolTip": "If 'Yes' is selected when also adding a subscription for connectivity, ARM will deploy Virtual Gateway to the selected region and availability zones.", "constraints": { "allowedValues": [ @@ -2708,7 +2708,7 @@ "selectAll": false, "filter": false, "multiLine": true, - "visible": "[and(and(equals(steps('connectivity').enableVpnGw, 'Yes'), not(equals(steps('connectivity').enableHub, 'vwan'))), equals(steps('connectivity').enableVpnGw,'Yes'), equals(steps('connectivity').gwRegionalOrAz, 'Zone') ,contains(split('brazilsouth,canadacentral,centralus,eastus,eastus2,southcentralus,westus2,westus3,mexicocentral,francecentral,italynorth,germanywestcentral,norwayeast,northeurope,uksouth,westeurope,swedencentral,switzerlandnorth,polandcentral,spaincentral,qatarcentral,uaenorth,israelcentral,southafricanorth,australiaeast,centralindia,japaneast,japanwest,southeastasia,eastasia,koreacentral,newzealandnorth,taiwannorth', ','), steps('connectivity').connectivityLocation))]", + "visible": "[and(and(equals(steps('connectivity').enableVpnGw, 'Yes'), not(equals(steps('connectivity').enableHub, 'vwan'))), equals(steps('connectivity').enableVpnGw,'Yes'), contains(split('brazilsouth,canadacentral,centralus,eastus,eastus2,southcentralus,westus2,westus3,mexicocentral,francecentral,italynorth,germanywestcentral,norwayeast,northeurope,uksouth,westeurope,swedencentral,switzerlandnorth,polandcentral,spaincentral,qatarcentral,uaenorth,israelcentral,southafricanorth,australiaeast,centralindia,japaneast,japanwest,southeastasia,eastasia,koreacentral,newzealandnorth,taiwannorth', ','), steps('connectivity').connectivityLocation))]", "toolTip": "Select the required SKU for the VPN gateway.", "constraints": { "allowedValues": [ @@ -2735,42 +2735,6 @@ ] } }, - { - "name": "gwRegionalSku", - "type": "Microsoft.Common.DropDown", - "label": "Select the VPN Gateway SKU", - "defaultValue": "", - "multiselect": false, - "selectAll": false, - "filter": false, - "multiLine": true, - "visible": "[and(and(equals(steps('connectivity').enableVpnGw, 'Yes'), not(equals(steps('connectivity').enableHub, 'vwan'))), equals(steps('connectivity').enableVpnGw,'Yes'), equals(steps('connectivity').gwRegionalOrAz, 'Regional'))]", - "toolTip": "Select the required SKU for the VPN gateway.", - "constraints": { - "allowedValues": [ - { - "label": "VpnGw2", - "description": "Supports BGP, max 30 S2S/VNet-VNet tunnels, max 128 P2S SSTP connections, max 500 IKEv2/OpenVPN connections, aggregate throughput is 1.25 Gbps", - "value": "VpnGw2" - }, - { - "label": "VpnGw3", - "description": "Supports BGP, max 30 S2S/VNet-VNet tunnels, max 128 P2S SSTP connections, max 1000 IKEv2/OpenVPN connections, aggregate throughput is 2.5 Gbps", - "value": "VpnGw3" - }, - { - "label": "VpnGw4", - "description": "Supports BGP, max 30 S2S/VNet-VNet tunnels, max 128 P2S SSTP connections, max 5000 IKEv2/OpenVPN connections, aggregate throughput is 5 Gbps", - "value": "VpnGw4" - }, - { - "label": "VpnGw5", - "description": "Supports BGP, max 30 S2S/VNet-VNet tunnels, max 128 P2S SSTP connections, max 10000 IKEv2/OpenVPN connections, aggregate throughput is 10 Gbps", - "value": "VpnGw5" - } - ] - } - }, { "name": "vpnGateWayScaleUnit", "type": "Microsoft.Common.DropDown", @@ -4087,7 +4051,7 @@ "type": "Microsoft.Common.OptionsGroup", "label": "Deploy zone redundant or regional VPN Gateway in your second region", "defaultValue": "Zone redundant (recommended)", - "visible": "[and(and(equals(steps('connectivity').esNetworkSecondarySubSection.enableVpnGwSecondary,'Yes'), not(equals(steps('connectivity').enableHub, 'vwan'))), equals(steps('connectivity').esNetworkSecondarySubSection.enableVpnGwSecondary,'Yes'),contains(split('brazilsouth,canadacentral,centralus,eastus,eastus2,southcentralus,westus2,westus3,mexicocentral,francecentral,italynorth,germanywestcentral,norwayeast,northeurope,uksouth,westeurope,swedencentral,switzerlandnorth,polandcentral,spaincentral,qatarcentral,uaenorth,israelcentral,southafricanorth,australiaeast,centralindia,japaneast,japanwest,southeastasia,eastasia,koreacentral,newzealandnorth,taiwannorth', ','), steps('connectivity').esNetworkSecondarySubSection.connectivityLocationSecondary))]", + "visible": false, "toolTip": "If 'Yes' is selected when also adding a subscription for connectivity, ARM will deploy Virtual Gateway to the selected region and availability zones.", "constraints": { "allowedValues": [ @@ -4167,7 +4131,7 @@ "selectAll": false, "filter": false, "multiLine": true, - "visible": "[and(and(equals(steps('connectivity').esNetworkSecondarySubSection.enableVpnGwSecondary, 'Yes'), not(equals(steps('connectivity').enableHub, 'vwan'))), equals(steps('connectivity').esNetworkSecondarySubSection.enableVpnGwSecondary,'Yes'), equals(steps('connectivity').esNetworkSecondarySubSection.gwRegionalOrAzSecondary, 'Zone') ,contains(split('brazilsouth,canadacentral,centralus,eastus,eastus2,southcentralus,westus2,westus3,mexicocentral,francecentral,italynorth,germanywestcentral,norwayeast,northeurope,uksouth,westeurope,swedencentral,switzerlandnorth,polandcentral,spaincentral,qatarcentral,uaenorth,israelcentral,southafricanorth,australiaeast,centralindia,japaneast,japanwest,southeastasia,eastasia,koreacentral,newzealandnorth,taiwannorth', ','), steps('connectivity').esNetworkSecondarySubSection.connectivityLocationSecondary))]", + "visible": "[and(and(equals(steps('connectivity').esNetworkSecondarySubSection.enableVpnGwSecondary, 'Yes'), not(equals(steps('connectivity').enableHub, 'vwan'))), equals(steps('connectivity').esNetworkSecondarySubSection.enableVpnGwSecondary,'Yes'), contains(split('brazilsouth,canadacentral,centralus,eastus,eastus2,southcentralus,westus2,westus3,mexicocentral,francecentral,italynorth,germanywestcentral,norwayeast,northeurope,uksouth,westeurope,swedencentral,switzerlandnorth,polandcentral,spaincentral,qatarcentral,uaenorth,israelcentral,southafricanorth,australiaeast,centralindia,japaneast,japanwest,southeastasia,eastasia,koreacentral,newzealandnorth,taiwannorth', ','), steps('connectivity').esNetworkSecondarySubSection.connectivityLocationSecondary))]", "toolTip": "Select the required SKU for the VPN gateway.", "constraints": { "allowedValues": [ @@ -4194,42 +4158,6 @@ ] } }, - { - "name": "gwRegionalSkuSecondary", - "type": "Microsoft.Common.DropDown", - "label": "Select the VPN Gateway SKU for your second region", - "defaultValue": "", - "multiselect": false, - "selectAll": false, - "filter": false, - "multiLine": true, - "visible": "[and(and(equals(steps('connectivity').esNetworkSecondarySubSection.enableVpnGwSecondary, 'Yes'), not(equals(steps('connectivity').enableHub, 'vwan'))), equals(steps('connectivity').esNetworkSecondarySubSection.enableVpnGwSecondary,'Yes'), equals(steps('connectivity').esNetworkSecondarySubSection.gwRegionalOrAzSecondary, 'Regional'))]", - "toolTip": "Select the required SKU for the VPN gateway.", - "constraints": { - "allowedValues": [ - { - "label": "VpnGw2", - "description": "Supports BGP, max 30 S2S/VNet-VNet tunnels, max 128 P2S SSTP connections, max 500 IKEv2/OpenVPN connections, aggregate throughput is 1.25 Gbps", - "value": "VpnGw2" - }, - { - "label": "VpnGw3", - "description": "Supports BGP, max 30 S2S/VNet-VNet tunnels, max 128 P2S SSTP connections, max 1000 IKEv2/OpenVPN connections, aggregate throughput is 2.5 Gbps", - "value": "VpnGw3" - }, - { - "label": "VpnGw4", - "description": "Supports BGP, max 30 S2S/VNet-VNet tunnels, max 128 P2S SSTP connections, max 5000 IKEv2/OpenVPN connections, aggregate throughput is 5 Gbps", - "value": "VpnGw4" - }, - { - "label": "VpnGw5", - "description": "Supports BGP, max 30 S2S/VNet-VNet tunnels, max 128 P2S SSTP connections, max 10000 IKEv2/OpenVPN connections, aggregate throughput is 10 Gbps", - "value": "VpnGw5" - } - ] - } - }, { "name": "vpnGateWayScaleUnitSecondary", "type": "Microsoft.Common.DropDown", @@ -10974,9 +10902,8 @@ "enablePrivateDnsZones": "[steps('connectivity').enablePrivateDnsZones]", "privateDnsZonesToDeploy": "[steps('connectivity').privateDnsZones]", "enableVpnGw": "[steps('connectivity').enableVpnGw]", - "gwRegionalOrAz": "[steps('connectivity').gwRegionalOrAz]", + "gwRegionalOrAz": "Zone", "enableVpnActiveActive": "[steps('connectivity').enableVpnActiveActive]", - "gwRegionalSku": "[coalesce(steps('connectivity').gwRegionalSku, steps('connectivity').esGwNoAzSku)]", "gwAzSku": "[steps('connectivity').gwAzSku]", "vpnGateWayScaleUnit": "[steps('connectivity').vpnGateWayScaleUnit]", "subnetMaskForGw": "[steps('connectivity').subnetMaskForGw]", @@ -11019,9 +10946,8 @@ "enablePrivateDnsZonesSecondary": "No", "privateDnsZonesToDeploySecondary": null, "enableVpnGwSecondary": "[steps('connectivity').esNetworkSecondarySubSection.enableVpnGwSecondary]", - "gwRegionalOrAzSecondary": "[steps('connectivity').esNetworkSecondarySubSection.gwRegionalOrAzSecondary]", + "gwRegionalOrAzSecondary": "Zone", "enableVpnActiveActiveSecondary": "[steps('connectivity').esNetworkSecondarySubSection.enableVpnActiveActiveSecondary]", - "gwRegionalSkuSecondary": "[coalesce(steps('connectivity').esNetworkSecondarySubSection.gwRegionalSkuSecondary, steps('connectivity').esNetworkSecondarySubSection.esGwNoAzSkuSecondary)]", "gwAzSkuSecondary": "[steps('connectivity').esNetworkSecondarySubSection.gwAzSkuSecondary]", "vpnGateWayScaleUnitSecondary": "[steps('connectivity').esNetworkSecondarySubSection.vpnGateWayScaleUnitSecondary]", "subnetMaskForGwSecondary": "[steps('connectivity').esNetworkSecondarySubSection.subnetMaskForGwSecondary]", diff --git a/eslzArm/eslzArm.json b/eslzArm/eslzArm.json index 694b71045..3c876f7aa 100644 --- a/eslzArm/eslzArm.json +++ b/eslzArm/eslzArm.json @@ -522,7 +522,7 @@ }, "gwRegionalOrAz": { "type": "string", - "defaultValue": "" + "defaultValue": "Zone" }, "gwRegionalSku": { "type": "string", @@ -685,7 +685,7 @@ }, "gwRegionalOrAzSecondary": { "type": "string", - "defaultValue": "" + "defaultValue": "Zone" }, "gwRegionalSkuSecondary": { "type": "string",