-
Notifications
You must be signed in to change notification settings - Fork 479
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement AMPLS into Landing Zone #720
Comments
Hi @awood86, thanks for bringing this up! As for incorporating AMPLS, it is something that will need to happen on ALZ all-up before we integrate it within ALZ-Bicep. There are some current limitations within AMPLS which that product team is working on, and we have it added to the backlog as something to incorporate potentially in the future. As a temporary fix for unlinking the DNS Zones, within both connectivity (Hub Networking and VWAN) modules, there is a parameter called |
Thanks for the response @oZakari, totally appreciate it's not a simple change so understand! I'll have a go in my test environment with decoupling the privatelink.monitor.azure.com, I feel there could be more DNS zones as monitor, log analytics and others have dependencies. I'll reply on this thread as a reference should there be any more that are troublesome |
Describe the feature end to end, including deployment scenario details under which the feature would occur.
Recently we deployed a landing zone which had all the private dns zones linked.
After this we deployed some Applications with Application Insights enabled, but found none of these working. After investigation, it appears that the application couldn't resolve the monitor DNS endpoint, to resolve this we had to unlink privatelink.monitor.azure.com.
After this was unlinked Application Insights started working and resolving correctly,
A future project will be to implement AMPLS into our landing zone, but as the ALZ-Bicep was deploying private endpoint policies, I thought it may be a good place to put it as an optional component
Why is this feature important. Describe why this would be important for your organization and others. Would this impact similar orgs in the same way?
Provides private endpoints for all the monitoring solutions such as Log Analytics, Application Insights, Azure Monitor.
For those that want a private solution this would be a nice to have
Please provide the correlation id associated with your error or bug.
N/A
Can you describe any alternatives that you have taken since this feature does not exist?
Had to unlink the privatelink.monitor.azure.com DNS zone whilst I work on implementing AMPLS into our environment
Feature Implementation
Check previous GitHub issues
Code of Conduct
The text was updated successfully, but these errors were encountered: