added app02 vnet

app01/bicep/nsg-app01.bicep

@@ -2,7 +2,7 @@
 param nsgName string = 'app01-prod-nsg'
 param location string = resourceGroup().location
 
-resource app03nsg 'Microsoft.Network/networkSecurityGroups@2022-07-01' = {
+resource app01nsg 'Microsoft.Network/networkSecurityGroups@2022-07-01' = {
     name: nsgName
     location: location
     properties: {
@@ -29,8 +29,8 @@ resource app03nsg 'Microsoft.Network/networkSecurityGroups@2022-07-01' = {
 module sharedInboundRules '../../shared/bicep/nsg-shared-inbound-rules.bicep' = {
   name: 'in-rules-deploy'
   params: { 
-    nsgName: app03nsg.name
+    nsgName: app01nsg.name
   }
 }
 
-output id string = app03nsg.id
+output id string = app01nsg.id

app02/bicep/infra-app02.bicep

@@ -2,10 +2,22 @@
 param prefix string = 'app02'
 param location string = resourceGroup().location
 
-module app01nsg './nsg-app02.bicep' = {
+// The error in the app02nsg happens because there is a file generated at deployment time
+module app02nsg './nsg-app02.bicep' = {
   name: 'app02-nsg'
   params: {
     nsgName: '${prefix}-nsg'
     location: location
   }
 }
+
+module app02vnet './vnet-app02.bicep' = {
+  name: '${prefix}-vnet'
+  params: {
+    vnetName: '${prefix}-vnet'
+    location: location
+    vnetAddressPrefix: '10.10.10.0/24'
+    // All subnets share the same NSG
+    nsgId: app02nsg.outputs.id
+  }
+}

app02/bicep/nsg-app02.bicep

@@ -2,18 +2,23 @@
 param nsgName string = 'app01-prod-nsg'
 param location string = resourceGroup().location
 
+// VScode will mark the next line as error, because the file is created at build/deploy time
 var securityRules = loadJsonContent('./nsg-rules-app02.json')
 
-resource app03nsg 'Microsoft.Network/networkSecurityGroups@2022-07-01' = {
+resource app02nsg 'Microsoft.Network/networkSecurityGroups@2022-07-01' = {
     name: nsgName
     location: location
+    // VScode will mark the next line as error, because the file is created at build/deploy time
     properties: securityRules
 }
 
 // Deploy shared NSG rules
 module sharedInboundRules '../../shared/bicep/nsg-shared-inbound-rules.bicep' = {
   name: 'in-rules-deploy'
   params: { 
-    nsgName: app03nsg.name
+    nsgName: app02nsg.name
   }
 }
+
+output id string = app02nsg.id
+

app02/bicep/vnet-app02.bicep

@@ -0,0 +1,40 @@
+param vnetName string = 'vnet2'
+param vnetAddressPrefix string = '10.12.12.0/24'
+param nsgId string
+param subnets array = [
+  {
+    name: 'subnet1'
+    subnetPrefix: '10.12.12.0/26'
+  }
+]
+param location string = resourceGroup().location
+
+resource vnet 'Microsoft.Network/virtualNetworks@2022-11-01' = {
+  name: vnetName
+  location: location
+  properties: {
+    addressSpace: {
+      addressPrefixes: [
+        vnetAddressPrefix
+      ]
+    }
+    subnets: []
+    enableDdosProtection: false
+  }
+}
+
+resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-11-01' = [for subnet in subnets: {
+  parent: vnet
+  name: subnet.name
+  properties: {
+    addressPrefix: subnet.subnetPrefix
+    serviceEndpoints: []
+    delegations: []
+    privateEndpointNetworkPolicies: 'Disabled'
+    privateLinkServiceNetworkPolicies: 'Enabled'
+    networkSecurityGroup: {
+      id: nsgId
+    }
+  } 
+}]
+

shared/bicep/vwan/vwan_cx_vnets.yml

@@ -1,2 +1,4 @@
-- name: vnet1
+- name: app01-vnet
+  rg: segmentation-iac
+- name: app02-vnet
   rg: segmentation-iac