Service Catalog

gen-paas-application-landing-zone

Latest: v4.14.5
Category
Management
Total Versions
19
Last Updated
12/15/2025

Release History

v4.14.5 Latest

Changes:

  • Release notes not available

v4.14.4

Changes:

  • Add customer short to recovery service vault storage account to prevent duplicated storage account names.
  • Merged PR 15011: add customer short to storage name to prevent dubs

v4.14.3

Changes:

  • Add the possibility to set lzinstance in defaults.yml. lzinstance is added to the tenant id for the getipspace function. This way multiple IP ranges can be reserved for the landing zones.
  • Merged PR 14982: Add lzinstance variable for landing zone identification in network and subnet...

v4.14.2

Changes:

  • Release notes not available

v4.14.1

Changes:

  • Changed check for missing description in nsg rules from location.yml Remove old subnet delegations code. Add code to remove null values from subnet properties Change AllowSubnetInbound to use the prefix in stead of prefixes upgrade subnets api version form 2023-11-01 to 2024-10-01 AddedprivateLinkServiceNetworkPoliciesto the ignore_changes block for subnets.
  • Merged PR 14689: Some small patches

v4.14.0

Changes:

  • Release notes not available

v4.13.1

Changes:

  • Changed the max length of the backup policies to 64 chars. By adding the environment in a previous update it could be come 70 chars which is not supported by Azure.
  • Merged PR 14448: Refactor backup policy assignment names and descriptions for clarity and cons...
  • Allow AzureLoadBalancer as Service Tag on the Source of Network Security Group Rules.

v4.13.0

Changes:

  • Release notes not available
  • In the README.md of the module Git Leaks detects 2 faults positives. Added#gitleaks:allowto the line.
  • Merged PR 14153: update to version 4.13.0
  • Update the locations.md in the doc directory

v4.12.5

Changes:

  • Added environment and location to the Azure back-up policy name. Creating unique policy names, make it more clear.
  • Merged PR 13054: Update policy assignment names to include environment and location short codes

v4.12.4

Changes:

  • added feature for ipm publish
  • Merged PR 12801: ipmhubtrue

v4.12.3

Changes:

  • The data resource "azapi_resource_list" "maintenance_configurations"returned a lot of 429 errors.This is data resource is now removed from the code.
  • The data resource did a get request of all "maintenance_configurations" in the resource group specified by the "update_manager_resource_group_id" in locations.yml.
  • This parameter is replaced by "maintenance_configurations_ids".
  • Now the data resource is not needed any more because the Maintenance Configurations IDs are loaded from locations.yml
  • Merged PR 12710: Fixed it by removing the problem API Get List call.

v4.12.1

Changes:

  • Themaintenance configurations where read per environment. Now themaintenance configurations are read 1 time per application.
  • This is changed to solve the 429 error.
  • Merged PR 12672: Reduced the times the reads maintenance configurations
  • Release notes not available
  • Added Retry code to the get request for themaintenanceconfigurations
  • Merged PR 12384: IPMhub and AZAPI update

v4.12.0

Changes:

  • New standard for NSG rules priority:
  • 100 - 199 Default rules 100AllowSubnetInbound 101AllowIcmpInbound 200 - 299 Customer rules 600 - 699 Application rules 1000DenyAllInbound
  • Merged PR 12107: Update priority values for security rules in locations.yml and data.tf

v4.11.1

Changes:

  • The registration of the Microsoft.Monitor provider.
  • Merged PR 11873: Add registration for Microsoft Monitor resource provider
  • When run_mode is set to skip. No actions are preformed for the landing zone.

v4.11.0

Changes:

  • Added a storage account that can be used as a staging storage account for Azure backup
  • Merged PR 11522: Add staging storage account

v4.10.0

Changes:

  • To back-up vms we need a snapshot resource group.
  • the resource group
  • AzureBackupRG_westeurope_1 if the
  • recovery_services_vault_enabled is true.
  • Merged PR 11417: Add resource group for recovery services vault snapshots

v4.9.2

Changes:

  • With multiple environments in a landing-zone only on one of the subscriptions the security contacts where set on the first terraform apply. For the security contacts on other subscriptions you had to wait until defender created the security contact resource for the subscription. This can take up to 24 hours. And then run terraform apply again. Now the security contact recource is created for all subscriptions in a landing-zone
  • Merged PR 11206: Fix Security Contacts

v4.9.1

Changes:

  • The Actions are for some delegation services readonly. Not setting the default action["Microsoft.Network/virtualNetworks/subnets/action"]anymore.
  • Merged PR 11095: Fix delegation change by MS.

v2.5.0

Changes:

  • Azapi version 2.6.0 and above have reintroduced error 429 in Get List for maintenance.configurations.
  • Setting the version of AZAPI fixed to 2.5.0 till it is solved.
  • Merged PR 12391: Fix AZAPI to v2.5.0 and remove tried but not working retry parameters.
Back to Modules