UDR route not applied when selecting existing vnet
Wazza22 opened this issue · 2 comments
UDR is only applied when the VNET is created as part of the deployment due to the condition statement "condition": "[equals(parameters('vnetNewOrExisting'), 'new')]" - when selecting existing vnet created earlier, the UDR is never associated to the subnet. Any chance to correct via additional logic please?
Hi @Wazza22,
Thanks for contacting Fortinet. In case of an Existing VNET and Subnet we currently indeed don't update this. If you are in a migration phase and this backend subnet contains servers the change in UDR will block all traffic to/from these servers as there are no rules/configuration on the FortiGate for it. To avoid such issues we have currently chosen to no update the UDR.
We also don't have access to the subnet configuration in the ARM template. There are ways around it we have noticed recently. We will consider updating this in the future. Can you explain in what context where you want to have this updated in the template?
Below a snippet of ARM template on how to update the UDR of a subnet after the deployment.
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-06-01",
"name": "UDRUpdate",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Network/virtualNetworks/subnets",
"apiVersion": "2019-09-01",
"name": "[concat(variables('vnetName'),'/',parameters('subnet1Name'))]",
"properties": {
"addressPrefix": "[reference(resourceId(resourceGroup().name, 'Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), parameters('subnet1Name')), '2020-04-01').addressPrefix]",
"routeTable": {
"id": "[variables('routeTableId')]"
}
}
}
]
}
}
Regards,
Joeri
Closing the issue for now. Feel free to reopen or create a new one in case you need more information.