Network Manager IP Address Management Overview
We kicked off the Christchurch Azure Meetup recently, and I presented on the new IPAM features of Virtual Network Manager. The recording of the session is available on YouTube.
2025
High Scale Private Endpoints
Today one of my colleagues asked an excellent question which had me stumped.
He was looking at the Virtual Network Terraform Resource and found the private_endpoint_vnet_policies property,
but couldn’t find any documentation explaining the purpose. So I tried my own Google-fu and similarly failed to find any information.
I did manage to find the privateEndpointVNetPolicies property of the Microsoft.Network/virtualNetworks api,
but as normal the API documentation expects you to understand the settings, it doesn’t explain them to you.
Easier, Better, Faster, Stronger Development with Azure Deployment Environments
I recently had the privilege of presenting an overview of Azure Deployment Environments as part of the Global Azure Bootcamp 2025. The recording of the session is available on YouTube.
Use a Parameter to Assign User Assigned Managed Identities to Resources with Bicep
Isn’t that title a mouthful.
Coming from Terraform, there are somethings that seem strange in Bicep.
One of those is the way that the Resource Manager API handles assigning User Assigned Managed Identities (UAMIs).
If you look at the API documentation for a resource
(in this case we are going to use an Event Hub Namespace, but this applies to all resources that can have a UAMI assigned)
you will see that the userAssignedIdentities value of the identity property looks lkie this:
2024
Automatic Virtual Network CIDR Assignments with Azure IPAM and Bicep
Recently Microsoft announced a public preview of native IP Address Management in Azure, powered by Virtual Network Manager. Being new technology, and with a new landing zone to build, I decided to test and see if we could use it to make IP management simpler.
The starting point was to completely miss the documentation and try and work it out myself. Sadly, the API documentation has yet to be updated to cover the new properties, and tracing the portal requests didn’t help either, since it uses a slightly different flow (sigh!).
Deploy a Flex Consumption Function App with Terraform
Update
As of v4.21.0 of the AzureRM provider, there is now a native
azurerm_function_app_flex_consumption resource for deploying Flex Consumption Function Apps.
Azure Virtual WAN Route Maps and Reflected Routes
Microsoft have make controlling routing within a Virtual WAN much easier thanks to a combination of Routing Intent and Route Maps (in preview at time of writing). Route Maps work in the same manner (at least theoretically) to route map configuratons network administrators are used to in on-premises equipment.
In testing tehm out for a customer, I ran straight into a problem. I like to keep things tidy, and when I looked at the output of the outbound route map configuration for a site to site VPN with AWS, I didn’t like that it showed all my AWS routes being published back out to the VPN. So I configured a route map rule to drop reflected routes.