Merge pull request #13 from clouddrove/fix/identos_204

fix: fixed private endpoint dns issue

Author: d4kverma

main.tf

@@ -136,8 +136,12 @@ resource "azurerm_private_endpoint" "pep1" {
   location            = var.location
   resource_group_name = var.resource_group_name
   subnet_id           = join("", var.subnet_id)
+  private_dns_zone_group {
+    name                 = format("%s-%s-acr", var.container_registry_config.name, "dns-zone-group")
+    private_dns_zone_ids = var.existing_private_dns_zone == null ? [azurerm_private_dns_zone.dnszone1[0].id] : var.existing_private_dns_zone_id
+  }
   private_service_connection {
-    name                           = "containerregistryprivatelink"
+    name                           = format("%s-%s-acr", var.container_registry_config.name, "private-link")
     is_manual_connection           = false
     private_connection_resource_id = azurerm_container_registry.main[0].id
     subresource_names              = ["registry"]
@@ -241,43 +245,6 @@ resource "azurerm_private_dns_zone_virtual_network_link" "addon_vent_link" {
   tags                  = module.labels.tags
 }
 
-##----------------------------------------------------------------------------- 
-## Below resource will create a-record in private dns zone when private dns zone is in same subscription.   
-##-----------------------------------------------------------------------------
-resource "azurerm_private_dns_a_record" "arecord-same_sub" {
-  count               = var.enable && var.enable_private_endpoint && var.diff_sub == false ? 1 : 0
-  name                = join("", azurerm_container_registry.main.*.name)
-  zone_name           = local.private_dns_zone_name
-  resource_group_name = local.valid_rg_name
-  ttl                 = 3600
-  records             = [data.azurerm_private_endpoint_connection.private-ip.0.private_service_connection.0.private_ip_address]
-  tags                = module.labels.tags
-  lifecycle {
-    ignore_changes = [
-      tags,
-    ]
-  }
-}
-
-##----------------------------------------------------------------------------- 
-## Below resource will create a-record in private dns zone when private dns zone is in different subscription.   
-##-----------------------------------------------------------------------------
-resource "azurerm_private_dns_a_record" "arecord_diff-sub" {
-  count               = var.enable && var.enable_private_endpoint && var.diff_sub == true ? 1 : 0
-  provider            = azurerm.peer
-  name                = join("", azurerm_container_registry.main.*.name)
-  zone_name           = local.private_dns_zone_name
-  resource_group_name = local.valid_rg_name
-  ttl                 = 3600
-  records             = [data.azurerm_private_endpoint_connection.private-ip.0.private_service_connection.0.private_ip_address]
-  tags                = module.labels.tags
-  lifecycle {
-    ignore_changes = [
-      tags,
-    ]
-  }
-}
-
 ##----------------------------------------------------------------------------- 
 ## Below resource will create diagnostic setting for ACR.   
 ##-----------------------------------------------------------------------------

output.tf

@@ -63,3 +63,8 @@ output "container_registry_private_endpoint_fqdn" {
   description = "Azure Container Registry private endpoint FQDN Addresses"
   value       = var.enable_private_endpoint ? flatten(azurerm_private_endpoint.pep1.0.custom_dns_configs.*.fqdn) : null
 }
+
+output "private_dns_zone_id" {
+  description = "ID of private dns zone. To be used when there is existing dns zone and id is to be passed in private endpoint dns configuration group."
+  value       = tolist(azurerm_private_dns_zone.dnszone1.*.id)
+}

variables.tf

@@ -249,4 +249,10 @@ variable "same_vnet" {
   type        = bool
   default     = false
   description = "Variable to be set when multiple acr having common DNS in same vnet."
+}
+
+variable "existing_private_dns_zone_id" {
+  type        = list(any)
+  default     = null
+  description = "ID of existing private dns zone. To be used in dns configuration group in private endpoint."
 }