Reputation: 191
How to deploy Front Door with Rules Engine within single ARM template
I want to deploy an Azure Front Door with custom RuleEngine associated to one of the RoutingRules.
The whole problem is that RulesEngine has to be associated with RoutingRule, RoutingRule can be created only when creating Front Door, but RulesEngine also needs Front Door in order to be created.
https://learn.microsoft.com/en-us/azure/templates/microsoft.network/2020-05-01/frontdoors
I've tried to create a standalone resource of type Microsoft.Network/frontDoors/routingRules afterwards but I've got an error that resource type is invalid.
Am I missing something or this is impossible to achieve in single ARM deployment?
Upvotes: 6
Views: 1573
Answers (3)
Reputation: 71
I was able to make a working single ARM template with rules engine and frontdoor.
Place the rule engine resource first with no dependsOn setting, then add the frontdoor resource with the dependsOn setting having the rules engine resource ID.
With some testing, it looks like the rules engine resource did not depend on front door to be created.
Here's an example of the snippet of the ARM template of the 2 resources:
{
"type": "Microsoft.Network/frontdoors/rulesengines",
"apiVersion": "2021-06-01",
"name": "[concat(parameters('frontDoorName'), '/ruleEngineName')]",
"properties": {
"resourceState": "Enabled",
"rules": [
{
"name": "ruleName",
"priority": 0,
"action": {...},
"matchConditions": [...],
"matchProcessingBehavior": "Continue"
}
]
}
},
{
"type": "Microsoft.Network/frontdoors",
"apiVersion": "2021-06-01",
"name": "[parameters('frontDoorName')]",
"location": "Global",
"dependsOn": [
"[resourceId('Microsoft.Network/frontdoors/rulesengines', parameters('frontDoorName'), 'ruleEngineName')]"
],
"properties": {
"routingRules": [
{
"id": "[concat(resourceId('Microsoft.Network/frontdoors', parameters('frontDoorName')), '/RoutingRules/routeRuleName')]",
"name": "routeRuleName",
"properties": {
"routeConfiguration": {
...
},
"rulesEngine": {
"id": "[resourceId('Microsoft.Network/frontdoors/rulesengines', parameters('frontDoorName'), 'ruleEngineName')]"
},
"resourceState": "Enabled",
"frontendEndpoints": [
...
],
"acceptedProtocols": [
...
],
"patternsToMatch": [
...
],
"enabledState": "Enabled"
}
}
],
"resourceState": "Enabled",
"loadBalancingSettings": [...],
"backendPools": [...],
"frontendEndpoints": [...],
"backendPoolsSettings": {...},
"enabledState": "Enabled",
"friendlyName": "[parameters('frontDoorName')]"
}
}
Upvotes: 0
Reputation: 11
Another solution would be to run imperative script after deployment to associate routingRule with RulesEngine.
As of today it would be:
az extension add -n front-door
az network front-door routing-rule update --front-door-name <fd-name> --name <routing-rule-nam> -g <resource-group-name> --rules-engine <rules-engine-name>
Upvotes: 1
Reputation: 191
This is less than optimal but I've got a solution.
Basically what I needed to do was to create the Front Door, then RulesEngine (dependsOn Front Door) and then use nested deployment template (dependsOn RulesEngine) which has to recreate whole Front Door configuration but now it can reference RulesEngine resource.
Upvotes: 0
Related Questions
- Deploying access policies in Azure
- How to create Azure Front Door Standard/Premium with custom domain using Bicep?
- ARM template : Multiple rules(filters) with in an subscription
- Deploy resources using ARM template
- Include Front Door ID in ARM template IPRestriction
- Can an Azure ARM nested template be deployed with a mode of Complete?
- Azure FrontDoor: how to set up backendPool with multiple instance inside?
- Add Url Rule to Azure Application Gateway from a different ARM template
- Set IAM rule in ARM template
- How to deploy the specific changes of ARM template code into specific azure resources?