azure-ai-foundry · karpikpl · Jul 15, 2025 · Jul 17, 2025 · Jul 31, 2025 · Sep 24, 2025
diff --git a/samples/microsoft/infrastructure-setup/15-private-network-standard-agent-setup/main.bicep b/samples/microsoft/infrastructure-setup/15-private-network-standard-agent-setup/main.bicep
@@ -249,6 +249,7 @@ resource cosmosDB 'Microsoft.DocumentDB/databaseAccounts@2024-11-15' existing =
 module privateEndpointAndDNS 'modules-network-secured/private-endpoint-and-dns.bicep' = {
     name: '${uniqueSuffix}-private-endpoint'
     params: {
+      location: vnet.outputs.virtualNetworkLocation
       aiAccountName: aiAccount.outputs.accountName    // AI Services to secure
       aiSearchName: aiDependencies.outputs.aiSearchName       // AI Search to secure
       storageName: aiDependencies.outputs.azureStorageName        // Storage to secure

diff --git a/...setup/15-private-network-standard-agent-setup/modules-network-secured/existing-vnet.bicep b/...setup/15-private-network-standard-agent-setup/modules-network-secured/existing-vnet.bicep
@@ -84,6 +84,7 @@ output agentSubnetName string = agentSubnetName
 output agentSubnetId string = '${existingVNet.id}/subnets/${agentSubnetName}'
 output peSubnetId string = '${existingVNet.id}/subnets/${peSubnetName}'
 output virtualNetworkName string = existingVNet.name
+output virtualNetworkLocation string = existingVNet.location
 output virtualNetworkId string = existingVNet.id
 output virtualNetworkResourceGroup string = vnetResourceGroupName
 output virtualNetworkSubscriptionId string = vnetSubscriptionId
diff --git a/.../15-private-network-standard-agent-setup/modules-network-secured/network-agent-vnet.bicep b/.../15-private-network-standard-agent-setup/modules-network-secured/network-agent-vnet.bicep
@@ -58,6 +58,7 @@ module existingVNet 'existing-vnet.bicep' = if (useExistingVnet) {
 
 // Provide unified outputs regardless of which module was used
 output virtualNetworkName string = useExistingVnet ? existingVNet.outputs.virtualNetworkName : newVNet.outputs.virtualNetworkName
+output virtualNetworkLocation string = useExistingVnet ? existingVNet.outputs.virtualNetworkLocation : newVNet.outputs.virtualNetworkLocation
 output virtualNetworkId string = useExistingVnet ? existingVNet.outputs.virtualNetworkId : newVNet.outputs.virtualNetworkId
 output virtualNetworkSubscriptionId string = useExistingVnet ? existingVNet.outputs.virtualNetworkSubscriptionId : newVNet.outputs.virtualNetworkSubscriptionId
 output virtualNetworkResourceGroup string = useExistingVnet ? existingVNet.outputs.virtualNetworkResourceGroup : newVNet.outputs.virtualNetworkResourceGroup

diff --git a/...ivate-network-standard-agent-setup/modules-network-secured/private-endpoint-and-dns.bicep b/...ivate-network-standard-agent-setup/modules-network-secured/private-endpoint-and-dns.bicep
@@ -37,6 +37,9 @@ param vnetName string
 param peSubnetName string
 @description('Suffix for unique resource names')
 param suffix string
+@description('Azure region for the deployment')
+param location string
+
 
 @description('Resource Group name for existing Virtual Network (if different from current resource group)')
 param vnetResourceGroupName string = resourceGroup().name
@@ -110,7 +113,7 @@ resource peSubnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' existin
 // - Establishes private connection to AI Services account
 resource aiAccountPrivateEndpoint 'Microsoft.Network/privateEndpoints@2024-05-01' = {
   name: '${aiAccountName}-private-endpoint'
-  location: resourceGroup().location
+  location: location
   properties: {
     subnet: { id: peSubnet.id } // Deploy in customer hub subnet
     privateLinkServiceConnections: [
@@ -132,7 +135,7 @@ resource aiAccountPrivateEndpoint 'Microsoft.Network/privateEndpoints@2024-05-01
 // - Establishes private connection to AI Search service
 resource aiSearchPrivateEndpoint 'Microsoft.Network/privateEndpoints@2024-05-01' = {
   name: '${aiSearchName}-private-endpoint'
-  location: resourceGroup().location
+  location: location
   properties: {
     subnet: { id: peSubnet.id } // Deploy in customer hub subnet
     privateLinkServiceConnections: [
@@ -154,7 +157,7 @@ resource aiSearchPrivateEndpoint 'Microsoft.Network/privateEndpoints@2024-05-01'
 // - Establishes private connection to blob storage
 resource storagePrivateEndpoint 'Microsoft.Network/privateEndpoints@2024-05-01' = {
   name: '${storageName}-private-endpoint'
-  location: resourceGroup().location
+  location: location
   properties: {
     subnet: { id: peSubnet.id } // Deploy in customer hub subnet
     privateLinkServiceConnections: [
@@ -173,7 +176,7 @@ resource storagePrivateEndpoint 'Microsoft.Network/privateEndpoints@2024-05-01'
 
 resource cosmosDBPrivateEndpoint 'Microsoft.Network/privateEndpoints@2024-05-01' = {
   name: '${cosmosDBName}-private-endpoint'
-  location: resourceGroup().location
+  location: location
   properties: {
     subnet: { id: peSubnet.id } // Deploy in customer hub subnet
     privateLinkServiceConnections: [

diff --git a/...tructure-setup/15-private-network-standard-agent-setup/modules-network-secured/vnet.bicep b/...tructure-setup/15-private-network-standard-agent-setup/modules-network-secured/vnet.bicep
@@ -78,6 +78,7 @@ output agentSubnetName string = agentSubnetName
 output agentSubnetId string = '${virtualNetwork.id}/subnets/${agentSubnetName}'
 output peSubnetId string = '${virtualNetwork.id}/subnets/${peSubnetName}'
 output virtualNetworkName string = virtualNetwork.name
+output virtualNetworkLocation string = virtualNetwork.location
 output virtualNetworkId string = virtualNetwork.id
 output virtualNetworkResourceGroup string = resourceGroup().name
 output virtualNetworkSubscriptionId string = subscription().subscriptionId