adding queue networking config

mattchenderson · mattchenderson · commit 9116b84e46e4 · 2025-04-09T15:14:02.000-07:00
diff --git a/infra/app/storage-PrivateEndpoint.bicep b/infra/app/storage-PrivateEndpoint.bicep
@@ -23,7 +23,10 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' existing
 }
 
 var blobPrivateDNSZoneName = format('privatelink.blob.{0}', environment().suffixes.storage)
-var blobPrivateDnsZoneVirtualNetworkLinkName = format('{0}-link-{1}', resourceName, take(toLower(uniqueString(resourceName, virtualNetworkName)), 4))
+var blobPrivateDnsZoneVirtualNetworkLinkName = format('{0}-blob-link-{1}', resourceName, take(toLower(uniqueString(resourceName, virtualNetworkName)), 4))
+
+var queuePrivateDNSZoneName = format('privatelink.queue.{0}', environment().suffixes.storage)
+var queuePrivateDnsZoneVirtualNetworkLinkName = format('{0}-queue-link-{1}', resourceName, take(toLower(uniqueString(resourceName, virtualNetworkName)), 4))
 
 // Private DNS Zones
 resource blobPrivateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
@@ -36,6 +39,16 @@ resource blobPrivateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
   ]
 }
 
+resource queuePrivateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
+  name: queuePrivateDNSZoneName
+  location: 'global'
+  tags: tags
+  properties: {}
+  dependsOn: [
+    vnet
+  ]
+}
+
 // Virtual Network Links
 resource blobPrivateDnsZoneVirtualNetworkLink 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2020-06-01' = {
   parent: blobPrivateDnsZone
@@ -50,6 +63,19 @@ resource blobPrivateDnsZoneVirtualNetworkLink 'Microsoft.Network/privateDnsZones
   }
 }
 
+resource queuePrivateDnsZoneVirtualNetworkLink 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2020-06-01' = {
+  parent: queuePrivateDnsZone
+  name: queuePrivateDnsZoneVirtualNetworkLinkName
+  location: 'global'
+  tags: tags
+  properties: {
+    registrationEnabled: false
+    virtualNetwork: {
+      id: vnet.id
+    }
+  }
+}
+
 // Private Endpoints
 resource blobPrivateEndpoint 'Microsoft.Network/privateEndpoints@2021-08-01' = {
   name: 'blob-private-endpoint'
@@ -87,3 +113,40 @@ resource blobPrivateDnsZoneGroupName 'Microsoft.Network/privateEndpoints/private
     ]
   }
 }
+
+resource queuePrivateEndpoint 'Microsoft.Network/privateEndpoints@2021-08-01' = {
+  name: 'queue-private-endpoint'
+  location: location
+  tags: tags
+  properties: {
+    privateLinkServiceConnections: [
+      {
+        name: 'queuePrivateLinkConnection'
+        properties: {
+          privateLinkServiceId: storageAccount.id
+          groupIds: [
+            'queue'
+          ]
+        }
+      }
+    ]
+    subnet: {
+      id: '${vnet.id}/subnets/${subnetName}'
+    }
+  }
+}
+
+resource queuePrivateDnsZoneGroupName 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2022-01-01' = {
+  parent: queuePrivateEndpoint
+  name: 'queuePrivateDnsZoneGroup'
+  properties: {
+    privateDnsZoneConfigs: [
+      {
+        name: 'storageQueueARecord'
+        properties: {
+          privateDnsZoneId: queuePrivateDnsZone.id
+        }
+      }
+    ]
+  }
+}
