diff --git a/eslzArm/eslzArm.json b/eslzArm/eslzArm.json index 0ef1e434d9..5df89c9e5b 100644 --- a/eslzArm/eslzArm.json +++ b/eslzArm/eslzArm.json @@ -539,7 +539,11 @@ }, "subnetMaskForGw": { "type": "string", - "defaultValue": "" + "defaultValue": "", + "metadata": { + "description": "Assign 10.100.1.0/24 IP Address for ExpressRoute Gateway", + "designArea": "Network topology and connectivity" + } }, "enableErGw": { "type": "string", @@ -547,23 +551,48 @@ "allowedValues": [ "Yes", "No" - ] + ], + "metadata": { + "description": "If 'Yes' is selected, an ExpressRoute Gateway is deployed", + "designArea": "Network topology and connectivity", + "designRecommendation": "Use ExpressRoute as the primary connectivity between on-premises network and Azure" + } }, "erAzSku": { "type": "string", - "defaultValue": "" + "defaultValue": "", + "metadata": { + "description": "Provide the Stock Keeping Unit to use for the required resource", + "designArea": "Network topology and connectivity", + "designRecommendation": "Select the correct SKU for the Availability Zone" + } }, "erRegionalSku": { "type": "string", - "defaultValue": "" + "defaultValue": "", + "metadata": { + "description": "Provide the Stock Keeping Unit to use for the required Azure Region", + "designArea": "Network topology and connectivity", + "designRecommendation": "Select the correct SKU for the Region" + } }, "erRegionalOrAz": { "type": "string", - "defaultValue": "" + "defaultValue": "", + "metadata": { + "description": "Deploy zone redundant or regional ExpressRoute Gateway", + "designArea": "Network topology and connectivity", + "designRecommendation": "Select zone redundant SKU" + } }, "expressRouteScaleUnit": { "type": "string", - "defaultValue": "1" + "defaultValue": "1", + "metadata": { + "description": "Select the ExpressRoute scale unit", + "designArea": "Network topology and connectivity", + "designRecommendation": "Select the correct scale unit" + } }, "enableHub": { "type": "string", @@ -573,7 +602,12 @@ "nva", "No" ], - "defaultValue": "No" + "defaultValue": "No", + "metadata": { + "description": "Select either Hub and spoke with Azure Firewall, Hub and spoke with your own third-party NVA or Virtual WAN (microsoft managed)", + "designArea": "Network topology and connectivity", + "designRecommendation": "Select the appropriate Hub and spoke" + } }, "enableAzFw": { "type": "string", @@ -581,7 +615,12 @@ "Yes", "No" ], - "defaultValue": "No" + "defaultValue": "No", + "metadata": { + "description": "if yes deploy Azure Firewall", + "designArea": "Network topology and connectivity", + "designRecommendation": "Select the appropriate Hub and spoke" + } }, "enableAzFwDnsProxy": { "type": "string", @@ -589,7 +628,12 @@ "Yes", "No" ], - "defaultValue": "No" + "defaultValue": "No", + "metadata": { + "description": "if yes enable Azure Firewall as Proxy", + "designArea": "Network topology and connectivity", + "designRecommendation": "Select this option if need it" + } }, "firewallSku": { "type": "string", @@ -598,15 +642,30 @@ "Standard", "Premium" ], - "defaultValue": "Standard" + "defaultValue": "Standard", + "metadata": { + "description": "Deploy Azure Firewall", + "designArea": "Network topology and connectivity", + "designRecommendation": "Select this appropriate SKU,the default is Premium" + } }, "firewallZones": { "type": "array", - "defaultValue": [] + "defaultValue": [], + "metadata": { + "description": "Select Availability Zones for Azure Firewall", + "designArea": "Network topology and connectivity", + "designRecommendation": "Select 3" + } }, "subnetMaskForAzFw": { "type": "string", - "defaultValue": "" + "defaultValue": "", + "metadata": { + "description": "Deploy Subnet for Azure Firewall", + "designArea": "Network topology and connectivity", + "designRecommendation": "deploy 10.100.0.0/24" + } }, "subnetMaskForAzFwMgmt": { "type": "string", @@ -618,43 +677,59 @@ "Yes", "No" ], - "defaultValue": "No" + "defaultValue": "No", + "metadata": { + "description": "Select yes if you want to enable secure VNet traffic", + "designArea": "Network topology and connectivity" + } }, "internetTrafficRoutingPolicy": { "type": "bool", "defaultValue": false, "metadata": { - "description": "Enable vWAN Routing Intent and Policy for Internet Traffic" + "description": "Enable vWAN Routing Intent and Policy for Internet Traffic", + "designArea": "Network topology and connectivity" } }, "privateTrafficRoutingPolicy": { "type": "bool", "defaultValue": false, "metadata": { - "description": "Enable vWAN Routing Intent and Policy for Private Traffic" + "description": "Enable vWAN Routing Intent and Policy for Private Traffic", + "designArea": "Network topology and connectivity" } }, "vWANHubRoutingPreference": { "type": "string", "defaultValue": "ExpressRoute", "metadata": { - "description": "vWAN Hub Routing Preference" + "description": "vWAN Hub Routing Preference", + "designArea": "Network topology and connectivity" } }, "vWANHubCapacity": { "type": "string", "defaultValue": "2", "metadata": { - "description": "vWAN Hub Capacity" + "description": "vWAN Hub Capacity", + "designArea": "Network topology and connectivity" } }, "addressPrefixSecondary": { "type": "string", - "defaultValue": "" + "defaultValue": "", + "metadata": { + "description": "Address space for your second virtual hub", + "designArea": "Network topology and connectivity" + } }, "connectivityLocationSecondary": { "type": "string", - "defaultValue": "[deployment().location]" + "defaultValue": "[deployment().location]", + "metadata": { + "description": "location for your second virtual hub", + "designArea": "Network topology and connectivity" + } }, "enablePrivateDnsZonesSecondary": { "type": "string", @@ -662,11 +737,19 @@ "allowedValues": [ "Yes", "No" - ] + ], + "metadata": { + "description": "if yes enable Private DNSZone for your second virtual hub", + "designArea": "Network topology and connectivity" + } }, "privateDnsZonesToDeploySecondary": { "type": "array", - "defaultValue": [] + "defaultValue": [], + "metadata": { + "description": "if yes enable Private DNSZone for your second virtual hub", + "designArea": "Network topology and connectivity" + } }, "enableVpnGwSecondary": { "type": "string", @@ -674,7 +757,11 @@ "allowedValues": [ "Yes", "No" - ] + ], + "metadata": { + "description": "if yes enable VPN Gateway on the secondary region", + "designArea": "Network topology and connectivity" + } }, "enableVpnActiveActiveSecondary": { "type": "string", @@ -682,27 +769,51 @@ "allowedValues": [ "Yes", "No" - ] + ], + "metadata": { + "description": "if yes enable VPN ActiveActive in your second region", + "designArea": "Network topology and connectivity" + } }, "gwRegionalOrAzSecondary": { "type": "string", - "defaultValue": "" + "defaultValue": "", + "metadata": { + "description": "if yes enable VPN zonal or AZ your second region", + "designArea": "Network topology and connectivity" + } }, "gwRegionalSkuSecondary": { "type": "string", - "defaultValue": "" + "defaultValue": "", + "metadata": { + "description": "if yes enable VPN regional SKU in your second region", + "designArea": "Network topology and connectivity" + } }, "gwAzSkuSecondary": { "type": "string", - "defaultValue": "" + "defaultValue": "", + "metadata": { + "description": "if yes enable VPN regional SKU in your second region", + "designArea": "Network topology and connectivity" + } }, "vpnGateWayScaleUnitSecondary": { "type": "string", - "defaultValue": "1" + "defaultValue": "1", + "metadata": { + "description": "enable scale unit to 1 SKU in secondary region", + "designArea": "Network topology and connectivity" + } }, "subnetMaskForGwSecondary": { "type": "string", - "defaultValue": "" + "defaultValue": "", + "metadata": { + "description": "assign 10.200.1.0/24 in secondary region", + "designArea": "Network topology and connectivity" + } }, "enableErGwSecondary": { "type": "string", @@ -710,23 +821,43 @@ "allowedValues": [ "Yes", "No" - ] + ], + "metadata": { + "description": "Deploy ExpressRoute Gateway in secondary region", + "designArea": "Network topology and connectivity" + } }, "erAzSkuSecondary": { "type": "string", - "defaultValue": "" + "defaultValue": "", + "metadata": { + "description": "Deploy ExpressRoute Gateway SKU in secondary region", + "designArea": "Network topology and connectivity" + } }, "erRegionalSkuSecondary": { "type": "string", - "defaultValue": "" + "defaultValue": "", + "metadata": { + "description": "Deploy ExpressRoute regional SKU in secondary region", + "designArea": "Network topology and connectivity" + } }, "erRegionalOrAzSecondary": { "type": "string", - "defaultValue": "" + "defaultValue": "", + "metadata": { + "description": "Deploy ExpressRoute Regional SKU or AZ SKU in secondary region", + "designArea": "Network topology and connectivity" + } }, "expressRouteScaleUnitSecondary": { "type": "string", - "defaultValue": "1" + "defaultValue": "1", + "metadata": { + "description": "Deploy ExpressRoute scale unit in secondary region", + "designArea": "Network topology and connectivity" + } }, "enableSecondaryRegion": { "type": "string", @@ -734,7 +865,11 @@ "Yes", "No" ], - "defaultValue": "Yes" + "defaultValue": "Yes", + "metadata": { + "description": "if yes enable secondary region", + "designArea": "Network topology and connectivity" + } }, "enableHubSecondary": { "type": "string", @@ -744,7 +879,12 @@ "nva", "No" ], - "defaultValue": "No" + "defaultValue": "No", + "metadata": { + "description": "Select either Hub and spoke with Azure Firewall, Hub and spoke with your own third-party NVA or Virtual WAN (microsoft managed)in secondary region", + "designArea": "Network topology and connectivity", + "designRecommendation": "Select the appropriate Hub and spoke" + } }, "enableAzFwSecondary": { "type": "string", @@ -752,7 +892,11 @@ "Yes", "No" ], - "defaultValue": "No" + "defaultValue": "No", + "metadata": { + "description": "if yes enable Azure Firewall in secondary region", + "designArea": "Network topology and connectivity" + } }, "enableAzFwDnsProxySecondary": { "type": "string", @@ -760,7 +904,11 @@ "Yes", "No" ], - "defaultValue": "No" + "defaultValue": "No", + "metadata": { + "description": "if yes enable Azure Firewall DNS proxy in secondary region", + "designArea": "Network topology and connectivity" + } }, "firewallSkuSecondary": { "type": "string", @@ -769,15 +917,27 @@ "Standard", "Premium" ], - "defaultValue": "Standard" + "defaultValue": "Standard", + "metadata": { + "description": "enable standard SKU secondary region", + "designArea": "Network topology and connectivity" + } }, "firewallZonesSecondary": { "type": "array", - "defaultValue": [] + "defaultValue": [], + "metadata": { + "description": "enable Azure FIrewall zone redundant in secondary region", + "designArea": "Network topology and connectivity" + } }, "subnetMaskForAzFwSecondary": { "type": "string", - "defaultValue": "" + "defaultValue": "", + "metadata": { + "description": "deploy 10.200.0.0/24 IP address for secondary region", + "designArea": "Network topology and connectivity" + } }, "subnetMaskForAzFwMgmtSecondary": { "type": "string",