Fix Bastion subnet and refine VNet setup

kennethcarnes · Feb 18, 2024 · 234a0c1 · 234a0c1
1 parent f051395
commit 234a0c1
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 2 deletions.
diff --git a/bicep/management.bicep b/bicep/management.bicep
@@ -1,5 +1,5 @@
 param location string
-param hubVnetName string
+param hubVnetName string = 'hubVnet'
 param bastionPublicIpName string = '${hubVnetName}-bastion-pip'
 
 resource bastionPublicIp 'Microsoft.Network/publicIPAddresses@2020-06-01' = {
@@ -22,6 +22,7 @@ resource bastionHost 'Microsoft.Network/bastionHosts@2020-11-01' = {
         name: '${hubVnetName}-bastion-config'
         properties: {
           subnet: {
+            // Make sure the subnet reference is correct and points to an existing AzureBastionSubnet in the hubVnet
             id: resourceId('Microsoft.Network/virtualNetworks/subnets', hubVnetName, 'AzureBastionSubnet')
           }
           publicIPAddress: {

diff --git a/bicep/vnets.bicep b/bicep/vnets.bicep
@@ -1,10 +1,11 @@
 param location string
-param hubVnetName string
+param hubVnetName string = 'hubVnet'
 param hubSubnet1Prefix string = '10.0.1.0/24'
 param hubSubnet2Prefix string = '10.0.2.0/24'
 param spokeVnetDetails array
 param AzureFirewallSubnet string = '10.0.0.0/24'
 param AzureFirewallManagementSubnet string = '10.0.3.0/24'
+param AzureBastionSubnetPrefix string = '10.0.4.0/27' // Ensure this prefix doesn't overlap with other subnet ranges
 
 resource hubVnet 'Microsoft.Network/virtualNetworks@2021-02-01' = {
   name: hubVnetName
@@ -38,6 +39,13 @@ resource hubVnet 'Microsoft.Network/virtualNetworks@2021-02-01' = {
           addressPrefix: hubSubnet2Prefix
         }
       }
+      // Define the AzureBastionSubnet required for the Bastion Host
+      {
+        name: 'AzureBastionSubnet'
+        properties: {
+          addressPrefix: AzureBastionSubnetPrefix
+        }
+      }
     ]
   }
 }