0

I don't think this is possible. but I'll ask anyway.

I have a network deployment that creates vnet, subnets, and NSGs. I then have a separate deployment that creates an application, the app needs to update an NSG so that traffic is allowed.

But if i re-run the vnet deployment the application-specific changes are removed as they dont exist within the vnet bicep.main.

I know I can write some code that take the NSG values and re-apply after the vnet deployment, but this will create downtime.

I'm pretty sure their isn't a way persist the changes, but thought i'd ask how others do this?

JacksWastedLife
  • 254
  • 2
  • 15
  • could you ask a littl bit more details ? what type of app are we talking about: app service ? hosted on VM ? What type of change are you doing on the NSG ? could you share revelant part of your bicep files ? – Thomas Jul 14 '22 at 19:34
  • Hi Thomas, it’s not really about the app infra, it’s about the NSG. If I make changes to the nsg outside of the vnet main.bicep. Then the changes are removed if the vnet main is rerun. – JacksWastedLife Jul 14 '22 at 19:54
  • You could always fetch the existing NSG configuration and Update it so it stay in sync. you would need to have your NSG in a seperate module and it should work. This post explain the same thing for app settings: https://stackoverflow.com/questions/72940236/is-there-a-workaround-to-keep-app-settings-which-not-defined-in-bicep-template. maybe useful for you. – Thomas Jul 14 '22 at 20:07

0 Answers0