Skip to content

fix: merging dev to main branch#491

Merged
Prajwal-Microsoft merged 7 commits intomainfrom
dev
Nov 3, 2025
Merged

fix: merging dev to main branch#491
Prajwal-Microsoft merged 7 commits intomainfrom
dev

Conversation

@Roopan-Microsoft
Copy link
Copy Markdown
Contributor

@Roopan-Microsoft Roopan-Microsoft commented Nov 3, 2025
edited
Loading

Purpose

  • This pull request refactors the network and private endpoint architecture in the Bicep infrastructure code. The main change is the replacement of the monolithic network module with a more modular approach using a dedicated virtualNetwork module, and direct AVM modules for Bastion Host and Jumpbox VM. As a result, all references to subnets and resource IDs are now sourced from the outputs of the new virtualNetwork module, and the legacy network.bicep and bastionHost.bicep modules are removed. This improves maintainability, clarity, and aligns the codebase with Azure best practices for modular infrastructure.

Network architecture refactor:

  • Replaced the network module with a new virtualNetwork module in infra/main.bicep, updating all subnet and resource ID references to use outputs from virtualNetwork instead of network.
  • Removed infra/modules/network.bicep and infra/modules/network/bastionHost.bicep, eliminating legacy network and Bastion host logic. [1] [2]

Private endpoint subnet references update:

  • Updated all private endpoint configurations (CosmosDB, AppConfig, Storage Account, Search Service, OpenAI, Document Intelligence) to use virtualNetwork!.outputs.pepsSubnetResourceId instead of network!.outputs.subnetPrivateEndpointsResourceId. [1] [2] [3] [4] [5] [6] [7]

AKS subnet reference update:

  • Changed AKS cluster subnet configuration to use virtualNetwork!.outputs.webSubnetResourceId instead of network!.outputs.subnetWebResourceId, ensuring dedicated subnet usage and avoiding delegation conflicts.

Private DNS zone and output fixes:

  • Updated private DNS zone linkage to use virtualNetwork!.outputs.resourceId for virtualNetworkResourceId references.
  • Fixed AKS Managed Identity output to default to an empty string if not present, improving robustness.

Does this introduce a breaking change?

  • Yes
  • No

Golden Path Validation

  • I have tested the primary workflows (the "golden path") to ensure they function correctly without errors.

Deployment Validation

  • I have validated the deployment process successfully and all services are running as expected with this change.

What to Check

Verify that the following are valid

  • ...

Other Information

@Prajwal-Microsoft Prajwal-Microsoft merged commit 4620f5d into main Nov 3, 2025
13 checks passed
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Nov 3, 2025

🎉 This PR is included in version 1.2.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Prajwal-Microsoft Prajwal-Microsoft Prajwal-Microsoft approved these changes

@Avijit-Microsoft Avijit-Microsoft Awaiting requested review from Avijit-Microsoft Avijit-Microsoft is a code owner

@Dongbumlee Dongbumlee Awaiting requested review from Dongbumlee Dongbumlee is a code owner

@Vinay-Microsoft Vinay-Microsoft Awaiting requested review from Vinay-Microsoft Vinay-Microsoft is a code owner

@aniaroramsft aniaroramsft Awaiting requested review from aniaroramsft aniaroramsft is a code owner

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Roopan-Microsoft @Prajwal-Microsoft @Prekshith-Microsoft @Harmanpreet-Microsoft