Skip to content

Commit 94a5a72

Browse files
Akhileswara-MicrosoftAkhileswara-Microsoft
committed
fix: Update dailyQuotaGb and availabilityZone settings for WAF compliance and flexibility
1 parent 7571c30 commit 94a5a72

2 files changed

Lines changed: 4 additions & 4 deletions

File tree

infra/main.bicep

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -236,7 +236,7 @@ module logAnalyticsWorkspace 'br/public:avm/res/operational-insights/workspace:0
236236
enableTelemetry: enableTelemetry
237237
features: { enableLogAccessUsingOnlyResourcePermissions: true }
238238
// WAF aligned configuration for Redundancy
239-
dailyQuotaGb: enableRedundancy ? '10' : null //WAF recommendation: 10 GB per day is a good starting point for most workloads
239+
dailyQuotaGb: enableRedundancy ? '10' : '-1' //WAF recommendation: 10 GB per day is a good starting point for most workloads
240240
replication: enableRedundancy
241241
? {
242242
enabled: true
@@ -362,7 +362,7 @@ module jumpboxVM 'br/public:avm/res/compute/virtual-machine:0.22.0' = if (enable
362362
adminUsername: vmAdminUsername ?? 'JumpboxAdminUser'
363363
adminPassword: vmAdminPassword ?? 'JumpboxAdminP@ssw0rd1234!'
364364
tags: allTags
365-
availabilityZone: 1
365+
availabilityZone: -1
366366
imageReference: {
367367
offer: 'WindowsServer'
368368
publisher: 'MicrosoftWindowsServer'

infra/main_custom.bicep

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -214,7 +214,7 @@ module logAnalyticsWorkspace 'br/public:avm/res/operational-insights/workspace:0
214214
enableTelemetry: enableTelemetry
215215
features: { enableLogAccessUsingOnlyResourcePermissions: true }
216216
// WAF aligned configuration for Redundancy
217-
dailyQuotaGb: enableRedundancy ? '10' : null //WAF recommendation: 10 GB per day is a good starting point for most workloads
217+
dailyQuotaGb: enableRedundancy ? '10' : '-1' //WAF recommendation: 10 GB per day is a good starting point for most workloads
218218
replication: enableRedundancy
219219
? {
220220
enabled: true
@@ -340,7 +340,7 @@ module jumpboxVM 'br/public:avm/res/compute/virtual-machine:0.22.0' = if (enable
340340
adminUsername: vmAdminUsername ?? 'JumpboxAdminUser'
341341
adminPassword: vmAdminPassword ?? 'JumpboxAdminP@ssw0rd1234!'
342342
tags: allTags
343-
availabilityZone: 1
343+
availabilityZone: -1 // Jumpbox is not AZ dependent, and setting to -1 allows it to be deployed in any region without hitting AZ capacity issues. This is the recommended setting for jumpboxes by Azure WAF.
344344
imageReference: {
345345
offer: 'WindowsServer'
346346
publisher: 'MicrosoftWindowsServer'

0 commit comments

Comments
 (0)