Search code examples
azureazure-resource-managerazure-bicep

Trying to get the IP address of an Azure DNS inbound endpoint through bicep

I'm currently working on an Azure deployment and running into a inconvenience. I need to get the IP address of an dns Inboud Endpoint. This resource already exists. I can reference the resource like this:

param dnsInboundEndpointName string
resource dnsInboundEndpoint 'Microsoft.Network/dnsResolvers/inboundEndpoints@2022-07-01' existing = {
  name: dnsInboundEndpointName
}

I want to use this while creating a firewall policy like this (somewhat simplified):

resource firewallPolicy 'Microsoft.Network/firewallPolicies@2022-09-01' = {
  name: azureFirewallPolicyName
  location: location
  properties: {
    dnsSettings: {
        enableProxy: true
        servers: [dnsInboundEndpoint.properties.ipConfigurations[0].privateIpAddress]
    }
    sku: {
      tier: azureFirewallPolicySku
    }
  }
}

Now when I try to to deploy this I get the following error:

'The template resource 'xxx' at line '1' and column '1359' is not valid: The language expression property array index '1' is out of bounds.

I've tried creating a param like this:

param test string = dnsInboundEndpoint.properties.ipConfigurations[0].privateIpAddress

and a var like this:

var dnsInboundEndpointIP = {
  ip: dnsInboundEndpoint.properties.ipConfigurations[0].privateIpAddress
}

but I keep getting this error.

I would like to know how I can reference the IP address of the DNS Inbound endpoint.

Solution

  • You are missing the name of the dnsResolver resource. InboundEndpoints are subresources and the parent resource needs to be specified:

    param dnsResolverName string
param dnsInboundEndpointName string
...

// Get a reference to the dns resolver resource 
resource dnsResolver 'Microsoft.Network/dnsResolvers@2022-07-01' existing = {
  name: dnsResolverName
}

// Get a reference to the inbound rule
resource dnsInboundEndpoint 'Microsoft.Network/dnsResolvers/inboundEndpoints@2022-07-01' existing = {
  name: dnsInboundEndpointName
  parent: dnsResolver
}

// Create firewall policy
resource firewallPolicy 'Microsoft.Network/firewallPolicies@2022-09-01' = {
  ...
  properties: {
    dnsSettings: {
      enableProxy: true
      servers: [
        dnsInboundEndpoint.properties.ipConfigurations[0].privateIpAddress
      ]
    }
    ...
  }
}