@@ -18,14 +18,20 @@ Format of the array of objects
1818 {
1919 privateLinkServiceNamespace: 'Microsoft.AzureCosmosDB/databaseAccounts'
2020 zone: 'privatelink.documents.azure.com'
21- filterLocationLike: "*" // when Private DNS Zone is not scoped to a region
21+ filterLocationLike: '*' // when Private DNS Zone is not scoped to a region
2222 groupId: 'SQL'
23+ privateDnsZoneConfigs: [
24+ 'privatelink.documents.azure.com'
25+ ]
2326 }
2427 {
2528 privateLinkServiceNamespace: 'Microsoft.ContainerService/managedCluster'
2629 zone: 'privatelink.canadacentral.azmk8s.io'
27- filterLocationLike: " canadacentral" // when Private DNS Zone is scoped to a region
30+ filterLocationLike: ' canadacentral' // when Private DNS Zone is scoped to a region
2831 groupId: 'management'
32+ privateDnsZoneConfigs: [
33+ 'privatelink.canadacentral.azmk8s.io'
34+ ]
2935 }
3036]
3137*/
@@ -57,6 +63,15 @@ var policySetDefinitionsPrivateDNSZonesDINE = [for (privateDNSZone, i) in privat
5763 filterLocationLike : {
5864 value : privateDNSZone .filterLocationLike
5965 }
66+ privateDnsZoneSubscriptionId : {
67+ value : '[[parameters(\' privateDNSZoneSubscriptionId\' )]'
68+ }
69+ privateDnsZoneResourceGroupName : {
70+ value : '[[parameters(\' privateDNSZoneResourceGroupName\' )]'
71+ }
72+ privateDnsZoneConfigs : {
73+ value : privateDNSZone .privateDnsZoneConfigs
74+ }
6075 }
6176}]
6277
@@ -82,6 +97,7 @@ resource policy 'Microsoft.Authorization/policyDefinitions@2020-09-01' = [for pr
8297 zone : privateDNSZone .zone
8398 groupId : privateDNSZone .groupId
8499 filterLocationLike : privateDNSZone .filterLocationLike
100+ privateDnsZoneConfigs : privateDNSZone .privateDnsZoneConfigs
85101 }
86102 displayName : '${customPolicyDefinition .properties .displayName } - ${privateDNSZone .zone } - ${privateDNSZone .privateLinkServiceNamespace } - ${privateDNSZone .groupId }'
87103 mode : customPolicyDefinition .properties .mode
0 commit comments