farmer
farmer copied to clipboard
CompositionalIT
VNet Peering enhancements
This PR closes #1073
The changes in this PR are as follows:
- VNet Peering enhancements.
- Vnet enforcement for VM encryption (work in progress)
I have read the contributing guidelines and have completed the following:
- [x] Tested my code end-to-end against a live Azure subscription.
- [ ] Updated the documentation in the docs folder for the affected changes.
- [x] Written unit tests against the modified code that I have made.
- [ ] Updated the release notes with a new entry for this PR.
- [ ] Checked the coding standards outlined in the contributions guide and ensured my code adheres to them.
If I haven't completed any of the tasks above, I include the reasons why here: Work in progress
Below is a minimal example configuration that includes the new features, which can be used to deploy to Azure:
let vnet1 =
vnet {
name "vnet1"
add_address_spaces [ "10.100.50.0/24"; "10.100.255.0/24" ]
add_subnets
[
subnet {
name "net1-1"
prefix "10.100.50.0/28"
}
subnet {
name "GatewaySubnet"
prefix "10.100.255.0/24"
}
]
}
let vnetGateway =
gateway {
name "vnet1-gw"
vnet vnet1
}
let vnet2 =
vnet {
name "vnet2"
add_peering (
vnetPeering {
remote_vnet vnet1
direction OneWayToRemote
access AccessOnly
transit UseRemoteGateway
do_not_verify_remote_gateways true
peering_state PeeringState.Initiated
peering_sync_level PeeringSyncLevel.RemoteNotInSync
add_remote_address_space_prefixes [ "192.168.50.0/24" ]
add_remote_vnet_address_space_prefixes [ "10.100.200.0/24" ]
depends_on vnetGateway
}
)
add_address_spaces [ "172.16.120.0/24" ]
add_subnets
[
subnet {
name "net2-1"
prefix "172.16.120.0/28"
}
]
}
arm {
location Location.EastUS
add_resources [ vnet1; vnetGateway; vnet2 ]
}
I converted this to a draft since it looks like it may not really be necessary.