Login/Register
How to deploy Front Door with Rules Engine within single ARM template
Asked Answered
azureazure-resource-managerazure-front-door
A

3

6

I want to deploy an Azure Front Door with custom RuleEngine associated to one of the RoutingRules.

The whole problem is that RulesEngine has to be associated with RoutingRule, RoutingRule can be created only when creating Front Door, but RulesEngine also needs Front Door in order to be created.

https://learn.microsoft.com/en-us/azure/templates/microsoft.network/2020-05-01/frontdoors

I've tried to create a standalone resource of type Microsoft.Network/frontDoors/routingRules afterwards but I've got an error that resource type is invalid.

Am I missing something or this is impossible to achieve in single ARM deployment?

Azedarach answered 2/9, 2020 at 14:26 Comment(1)
There is an issue on github discussing this situation.Claustral
S
1

Another solution would be to run imperative script after deployment to associate routingRule with RulesEngine.

As of today it would be:

az extension add -n front-door

az network front-door routing-rule update --front-door-name <fd-name> --name <routing-rule-nam> -g <resource-group-name> --rules-engine <rules-engine-name>

Sandarac answered 26/11, 2020 at 17:26 Comment(0)
A
0

This is less than optimal but I've got a solution.

Basically what I needed to do was to create the Front Door, then RulesEngine (dependsOn Front Door) and then use nested deployment template (dependsOn RulesEngine) which has to recreate whole Front Door configuration but now it can reference RulesEngine resource.

Azedarach answered 2/9, 2020 at 18:58 Comment(2)
This is not possible. We cannot define the same frontdoor object multiple times inside the same ARm templateCorrosion
Correct, you cannot define the same object multiple times inside the same ARM template. But you can create a nested template object inside main template and it will work (or at least it was working). But anyway, this is a very hacky solution because I think when you redeploy such template there will be a short period of time when Rules Engine will get disconnected from Front Door and then connected again.Azedarach
M
0

I was able to make a working single ARM template with rules engine and frontdoor.

Place the rule engine resource first with no dependsOn setting, then add the frontdoor resource with the dependsOn setting having the rules engine resource ID.

With some testing, it looks like the rules engine resource did not depend on front door to be created.

Here's an example of the snippet of the ARM template of the 2 resources:

 {
"type": "Microsoft.Network/frontdoors/rulesengines",
"apiVersion": "2021-06-01",
"name": "[concat(parameters('frontDoorName'), '/ruleEngineName')]",
"properties": {
    "resourceState": "Enabled",
    "rules": [
        {
            "name": "ruleName",
            "priority": 0,
            "action": {...},
            "matchConditions": [...],
            "matchProcessingBehavior": "Continue"
        }
    ]
}
},
{
"type": "Microsoft.Network/frontdoors",
"apiVersion": "2021-06-01",
"name": "[parameters('frontDoorName')]",
"location": "Global",
"dependsOn": [
  "[resourceId('Microsoft.Network/frontdoors/rulesengines', parameters('frontDoorName'), 'ruleEngineName')]"
],
"properties": {
  "routingRules": [
    {
      "id": "[concat(resourceId('Microsoft.Network/frontdoors', parameters('frontDoorName')), '/RoutingRules/routeRuleName')]",
      "name": "routeRuleName",
      "properties": {
        "routeConfiguration": {
          ...
        },
        "rulesEngine": {
            "id": "[resourceId('Microsoft.Network/frontdoors/rulesengines', parameters('frontDoorName'), 'ruleEngineName')]"
        },
        "resourceState": "Enabled",
        "frontendEndpoints": [
          ...
        ],
        "acceptedProtocols": [
          ...
        ],
        "patternsToMatch": [
          ...
        ],
        "enabledState": "Enabled"
      }
    }
  ],
  "resourceState": "Enabled",
  "loadBalancingSettings": [...],
  "backendPools": [...],
  "frontendEndpoints": [...],
  "backendPoolsSettings": {...},
  "enabledState": "Enabled",
  "friendlyName": "[parameters('frontDoorName')]"
}

}

Mertz answered 9/5 at 17:47 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.