From 0fa5730708727da14679d7e248d6b3a44ec801d3 Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Mon, 21 Feb 2022 15:52:50 +0100 Subject: [PATCH 1/6] sb topics --- .../namespaces/.bicep/nested_rbac.bicep | 2 +- .../namespaces/.parameters/parameters.json | 32 ++++ .../authorizationRules/deploy.bicep | 2 +- .../namespaces/deploy.bicep | 36 ++++- .../disasterRecoveryConfigs/deploy.bicep | 2 +- .../namespaces/ipFilterRules/deploy.bicep | 2 +- .../migrationConfigurations/deploy.bicep | 2 +- .../queues/.bicep/nested_rbac.bicep | 2 +- .../queues/authorizationRules/deploy.bicep | 4 +- .../namespaces/queues/deploy.bicep | 4 +- .../namespaces/queues/readme.md | 4 +- arm/Microsoft.ServiceBus/namespaces/readme.md | 13 +- .../topics/.bicep/nested_cuaId.bicep | 1 + .../topics/.bicep/nested_rbac.bicep | 35 +++++ .../.bicep/nested_cuaId.bicep | 1 + .../topics/authorizationRules/deploy.bicep | 49 ++++++ .../topics/authorizationRules/readme.md | 31 ++++ .../topics/authorizationRules/version.json | 4 + .../namespaces/topics/deploy.bicep | 147 ++++++++++++++++++ .../namespaces/topics/readme.md | 76 +++++++++ .../namespaces/topics/version.json | 4 + .../virtualNetworkRules/deploy.bicep | 2 +- 22 files changed, 437 insertions(+), 18 deletions(-) create mode 100644 arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_cuaId.bicep create mode 100644 arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_rbac.bicep create mode 100644 arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/.bicep/nested_cuaId.bicep create mode 100644 arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep create mode 100644 arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md create mode 100644 arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/version.json create mode 100644 arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep create mode 100644 arm/Microsoft.ServiceBus/namespaces/topics/readme.md create mode 100644 arm/Microsoft.ServiceBus/namespaces/topics/version.json diff --git a/arm/Microsoft.ServiceBus/namespaces/.bicep/nested_rbac.bicep b/arm/Microsoft.ServiceBus/namespaces/.bicep/nested_rbac.bicep index be578a3643..245d998cf9 100644 --- a/arm/Microsoft.ServiceBus/namespaces/.bicep/nested_rbac.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/.bicep/nested_rbac.bicep @@ -21,7 +21,7 @@ var builtInRoleNames = { 'User Access Administrator': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '18d7d88d-d35e-4fb5-a5c3-7773c20a72d9') } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { name: last(split(resourceId, '/')) } diff --git a/arm/Microsoft.ServiceBus/namespaces/.parameters/parameters.json b/arm/Microsoft.ServiceBus/namespaces/.parameters/parameters.json index 1796828576..6a1694eee9 100644 --- a/arm/Microsoft.ServiceBus/namespaces/.parameters/parameters.json +++ b/arm/Microsoft.ServiceBus/namespaces/.parameters/parameters.json @@ -97,6 +97,38 @@ } ] }, + "topics": { + "value": [ + { + "name": "<>-az-sbt-x-001", + "roleAssignments": [ + { + "roleDefinitionIdOrName": "Reader", + "principalIds": [ + "<>" + ] + } + ], + "authorizationRules": [ + { + "name": "RootManageSharedAccessKey", + "rights": [ + "Listen", + "Manage", + "Send" + ] + }, + { + "name": "AnotherKey", + "rights": [ + "Listen", + "Send" + ] + } + ] + } + ] + }, "diagnosticLogsRetentionInDays": { "value": 7 }, diff --git a/arm/Microsoft.ServiceBus/namespaces/authorizationRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/authorizationRules/deploy.bicep index 7df7ce3311..446c7eaf15 100644 --- a/arm/Microsoft.ServiceBus/namespaces/authorizationRules/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/authorizationRules/deploy.bicep @@ -22,7 +22,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { name: namespaceName } diff --git a/arm/Microsoft.ServiceBus/namespaces/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/deploy.bicep index 5d934a093a..24b9dd3863 100644 --- a/arm/Microsoft.ServiceBus/namespaces/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/deploy.bicep @@ -89,6 +89,9 @@ param baseTime string = utcNow('u') @description('Optional. The queues to create in the service bus namespace') param queues array = [] +@description('Optional. The topics to create in the service bus namespace') +param topics array = [] + @description('Optional. The name of logs that will be streamed.') @allowed([ 'OperationalLogs' @@ -140,7 +143,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource serviceBusNamespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' = { +resource serviceBusNamespace 'Microsoft.ServiceBus/namespaces@2021-11-01' = { name: !empty(name) ? name : uniqueServiceBusNamespaceName location: location tags: empty(tags) ? null : tags @@ -234,6 +237,37 @@ module serviceBusNamespace_queues 'queues/deploy.bicep' = [for (queue, index) in } }] +module serviceBusNamespace_topics 'topics/deploy.bicep' = [for (topic, index) in topics: { + name: '${uniqueString(deployment().name, location)}-Topic-${index}' + params: { + namespaceName: serviceBusNamespace.name + name: topic.name + authorizationRules: contains(topic, 'authorizationRules') ? topic.authorizationRules : [ + { + name: 'RootManageSharedAccessKey' + rights: [ + 'Listen' + 'Manage' + 'Send' + ] + } + ] + autoDeleteOnIdle: contains(topic, 'autoDeleteOnIdle') ? topic.autoDeleteOnIdle : 'PT5M' + defaultMessageTimeToLive: contains(topic, 'defaultMessageTimeToLive') ? topic.defaultMessageTimeToLive : 'P14D' + duplicateDetectionHistoryTimeWindow: contains(topic, 'duplicateDetectionHistoryTimeWindow') ? topic.duplicateDetectionHistoryTimeWindow : 'PT10M' + enableBatchedOperations: contains(topic, 'enableBatchedOperations') ? topic.enableBatchedOperations : true + enableExpress: contains(topic, 'enableExpress') ? topic.enableExpress : false + enablePartitioning: contains(topic, 'enablePartitioning') ? topic.enablePartitioning : false + lock: contains(topic, 'lock') ? topic.lock : 'NotSpecified' + maxMessageSizeInKilobytes: contains(topic, 'maxMessageSizeInKilobytes') ? topic.maxMessageSizeInKilobytes : 1024 + maxSizeInMegabytes: contains(topic, 'maxSizeInMegabytes') ? topic.maxSizeInMegabytes : 1024 + requiresDuplicateDetection: contains(topic, 'requiresDuplicateDetection') ? topic.requiresDuplicateDetection : false + roleAssignments: contains(topic, 'roleAssignments') ? topic.roleAssignments : [] + status: contains(topic, 'status') ? topic.status : 'Active' + supportOrdering: contains(topic, 'supportOrdering') ? topic.supportOrdering : false + } +}] + resource serviceBusNamespace_lock 'Microsoft.Authorization/locks@2017-04-01' = if (lock != 'NotSpecified') { name: '${serviceBusNamespace.name}-${lock}-lock' properties: { diff --git a/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/deploy.bicep index bc8478a0a3..caabfeb1b1 100644 --- a/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/deploy.bicep @@ -20,7 +20,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { name: namespaceName } diff --git a/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/deploy.bicep index 9acb32dada..5a07373515 100644 --- a/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/deploy.bicep @@ -27,7 +27,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { name: namespaceName } diff --git a/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/deploy.bicep index e17e03e700..066fea4f4a 100644 --- a/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/deploy.bicep @@ -20,7 +20,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { name: namespaceName } diff --git a/arm/Microsoft.ServiceBus/namespaces/queues/.bicep/nested_rbac.bicep b/arm/Microsoft.ServiceBus/namespaces/queues/.bicep/nested_rbac.bicep index e527921f3e..b953a0fdd1 100644 --- a/arm/Microsoft.ServiceBus/namespaces/queues/.bicep/nested_rbac.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/queues/.bicep/nested_rbac.bicep @@ -21,7 +21,7 @@ var builtInRoleNames = { 'User Access Administrator': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '18d7d88d-d35e-4fb5-a5c3-7773c20a72d9') } -resource queue 'Microsoft.ServiceBus/namespaces/queues@2021-06-01-preview' existing = { +resource queue 'Microsoft.ServiceBus/namespaces/queues@2021-11-01' existing = { name: '${split(resourceId, '/')[8]}/${split(resourceId, '/')[10]}' } diff --git a/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/deploy.bicep index 2b7831e8b3..37e0edf198 100644 --- a/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/deploy.bicep @@ -23,10 +23,10 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { name: namespaceName - resource queue 'queues@2021-06-01-preview' existing = { + resource queue 'queues@2021-11-01' existing = { name: queueName } } diff --git a/arm/Microsoft.ServiceBus/namespaces/queues/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/queues/deploy.bicep index e7c66ed6c3..9a39a7ebae 100644 --- a/arm/Microsoft.ServiceBus/namespaces/queues/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/queues/deploy.bicep @@ -88,11 +88,11 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { name: namespaceName } -resource queue 'Microsoft.ServiceBus/namespaces/queues@2021-06-01-preview' = { +resource queue 'Microsoft.ServiceBus/namespaces/queues@2021-11-01' = { name: name parent: namespace properties: { diff --git a/arm/Microsoft.ServiceBus/namespaces/queues/readme.md b/arm/Microsoft.ServiceBus/namespaces/queues/readme.md index 18bc66a75c..70796be28a 100644 --- a/arm/Microsoft.ServiceBus/namespaces/queues/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/queues/readme.md @@ -8,7 +8,7 @@ This module deploys a queue for a service bus namespace. | :-- | :-- | | `Microsoft.Authorization/locks` | 2017-04-01 | | `Microsoft.Authorization/roleAssignments` | 2021-04-01-preview | -| `Microsoft.ServiceBus/namespaces/queues` | 2021-06-01-preview | +| `Microsoft.ServiceBus/namespaces/queues` | 2021-11-01 | | `Microsoft.ServiceBus/namespaces/queues/authorizationRules` | 2017-04-01 | ## Parameters @@ -67,6 +67,6 @@ This module deploys a queue for a service bus namespace. ## Template references - [Locks](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) -- [Namespaces/Queues](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-06-01-preview/namespaces/queues) +- [Namespaces/Queues](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces/queues) - [Namespaces/Queues/Authorizationrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2017-04-01/namespaces/queues/authorizationRules) - [Roleassignments](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/roleAssignments) diff --git a/arm/Microsoft.ServiceBus/namespaces/readme.md b/arm/Microsoft.ServiceBus/namespaces/readme.md index 8f1af8d1ce..f511189afd 100644 --- a/arm/Microsoft.ServiceBus/namespaces/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/readme.md @@ -11,13 +11,15 @@ This module deploys a service bus namespace resource. | `Microsoft.Insights/diagnosticSettings` | 2021-05-01-preview | | `Microsoft.Network/privateEndpoints` | 2021-05-01 | | `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | 2021-05-01 | -| `Microsoft.ServiceBus/namespaces` | 2021-06-01-preview | +| `Microsoft.ServiceBus/namespaces` | 2021-11-01 | | `Microsoft.ServiceBus/namespaces/AuthorizationRules` | 2017-04-01 | | `Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs` | 2017-04-01 | | `Microsoft.ServiceBus/namespaces/ipfilterrules` | 2018-01-01-preview | | `Microsoft.ServiceBus/namespaces/migrationConfigurations` | 2017-04-01 | -| `Microsoft.ServiceBus/namespaces/queues` | 2021-06-01-preview | +| `Microsoft.ServiceBus/namespaces/queues` | 2021-11-01 | | `Microsoft.ServiceBus/namespaces/queues/authorizationRules` | 2017-04-01 | +| `Microsoft.ServiceBus/namespaces/topics` | 2021-11-01 | +| `Microsoft.ServiceBus/namespaces/topics/authorizationRules` | 2021-11-01 | | `Microsoft.ServiceBus/namespaces/virtualnetworkrules` | 2018-01-01-preview | ## Parameters @@ -46,6 +48,7 @@ This module deploys a service bus namespace resource. | `skuName` | string | `Basic` | `[Basic, Standard, Premium]` | Required. Name of this SKU. - Basic, Standard, Premium | | `systemAssignedIdentity` | bool | | | Optional. Enables system assigned managed identity on the resource. | | `tags` | object | `{object}` | | Optional. Tags of the resource. | +| `topics` | _[topics](topics/readme.md)_ array | `[]` | | Optional. The topics to create in the service bus namespace | | `userAssignedIdentities` | object | `{object}` | | Optional. The ID(s) to assign to the resource. | | `virtualNetworkRules` | _[virtualNetworkRules](virtualNetworkRules/readme.md)_ array | `[]` | | Optional. vNet Rules SubnetIds for the Service Bus namespace. | | `zoneRedundant` | bool | | | Optional. Enabling this property creates a Premium Service Bus Namespace in regions supported availability zones. | @@ -151,13 +154,15 @@ You can specify multiple user assigned identities to a resource by providing add - [Diagnosticsettings](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) - [Locks](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) -- [Namespaces](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-06-01-preview/namespaces) +- [Namespaces](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces) - [Namespaces/Authorizationrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2017-04-01/namespaces/AuthorizationRules) - [Namespaces/Disasterrecoveryconfigs](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2017-04-01/namespaces/disasterRecoveryConfigs) - [Namespaces/Ipfilterrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2018-01-01-preview/namespaces/ipfilterrules) - [Namespaces/Migrationconfigurations](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2017-04-01/namespaces/migrationConfigurations) -- [Namespaces/Queues](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-06-01-preview/namespaces/queues) +- [Namespaces/Queues](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces/queues) - [Namespaces/Queues/Authorizationrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2017-04-01/namespaces/queues/authorizationRules) +- [Namespaces/Topics](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces/topics) +- [Namespaces/Topics/Authorizationrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces/topics/authorizationRules) - [Namespaces/Virtualnetworkrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2018-01-01-preview/namespaces/virtualnetworkrules) - [Privateendpoints](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/privateEndpoints) - [Privateendpoints/Privatednszonegroups](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/privateEndpoints/privateDnsZoneGroups) diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_cuaId.bicep b/arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_cuaId.bicep new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_cuaId.bicep @@ -0,0 +1 @@ + diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_rbac.bicep b/arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_rbac.bicep new file mode 100644 index 0000000000..b953a0fdd1 --- /dev/null +++ b/arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_rbac.bicep @@ -0,0 +1,35 @@ +param principalIds array +param roleDefinitionIdOrName string +param resourceId string + +var builtInRoleNames = { + 'Owner': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635') + 'Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c') + 'Reader': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'acdd72a7-3385-48ef-bd42-f606fba81ae7') + 'Azure Service Bus Data Owner': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '090c5cfd-751d-490a-894a-3ce6f1109419') + 'Azure Service Bus Data Receiver': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0') + 'Azure Service Bus Data Sender': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '69a216fc-b8fb-44d8-bc22-1f3c2cd27a39') + 'Log Analytics Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '92aaf0da-9dab-42b6-94a3-d43ce8d16293') + 'Log Analytics Reader': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '73c42c96-874c-492b-b04d-ab87d138a893') + 'Managed Application Contributor Role': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '641177b8-a67a-45b9-a033-47bc880bb21e') + 'Managed Application Operator Role': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'c7393b34-138c-406f-901b-d8cf2b17e6ae') + 'Managed Applications Reader': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b9331d33-8a36-4f8c-b097-4f54124fdb44') + 'Monitoring Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '749f88d5-cbae-40b8-bcfc-e573ddc772fa') + 'Monitoring Metrics Publisher': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '3913510d-42f4-4e42-8a64-420c390055eb') + 'Monitoring Reader': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '43d0d8ad-25c7-4714-9337-8ba259a9fe05') + 'Resource Policy Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '36243c78-bf99-498c-9df9-86d9f8d28608') + 'User Access Administrator': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '18d7d88d-d35e-4fb5-a5c3-7773c20a72d9') +} + +resource queue 'Microsoft.ServiceBus/namespaces/queues@2021-11-01' existing = { + name: '${split(resourceId, '/')[8]}/${split(resourceId, '/')[10]}' +} + +resource roleAssigment 'Microsoft.Authorization/roleAssignments@2021-04-01-preview' = [for principalId in principalIds: { + name: guid(queue.name, principalId, roleDefinitionIdOrName) + properties: { + roleDefinitionId: contains(builtInRoleNames, roleDefinitionIdOrName) ? builtInRoleNames[roleDefinitionIdOrName] : roleDefinitionIdOrName + principalId: principalId + } + scope: queue +}] diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/.bicep/nested_cuaId.bicep b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/.bicep/nested_cuaId.bicep new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/.bicep/nested_cuaId.bicep @@ -0,0 +1 @@ + diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep new file mode 100644 index 0000000000..ff91eb64db --- /dev/null +++ b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep @@ -0,0 +1,49 @@ +@description('Required. The name of the service bus namepace topic') +param name string + +@description('Required. The name of the parent service bus namespace') +param namespaceName string + +@description('Required. The name of the parent service bus namespace topic') +param topicName string + +@description('Optional. The rights associated with the rule.') +@allowed([ + 'Listen' + 'Manage' + 'Send' +]) +param rights array = [] + +@description('Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered') +param cuaId string = '' + +module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { + name: 'pid-${cuaId}' + params: {} +} + +resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { + name: namespaceName + + resource topic 'topics@2021-11-01' existing = { + name: topicName + } +} + +resource authorizationRule 'Microsoft.ServiceBus/namespaces/topics/authorizationRules@2021-11-01' = { + name: name + parent: namespace::topic + properties: { + rights: rights + } +} + +@description('The name of the authorization rule.') +output name string = authorizationRule.name + +@description('The Resource ID of the authorization rule.') +output resourceId string = authorizationRule.id + +@description('The name of the Resource Group the authorization rule was created in.') +output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md new file mode 100644 index 0000000000..748f0fcc5b --- /dev/null +++ b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md @@ -0,0 +1,31 @@ +# ServiceBus Namespace Topic Authorization Rules `[Microsoft.ServiceBus/namespaces/topics/authorizationRules]` + +This module deploys an authorization rule for a service bus namespace queue. + +## Resource Types + +| Resource Type | API Version | +| :-- | :-- | +| `Microsoft.ServiceBus/namespaces/topics/authorizationRules` | 2021-11-01 | + +## Parameters + +| Parameter Name | Type | Default Value | Possible Values | Description | +| :-- | :-- | :-- | :-- | :-- | +| `cuaId` | string | | | Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered | +| `name` | string | | | Required. The name of the service bus namepace topic | +| `namespaceName` | string | | | Required. The name of the parent service bus namespace | +| `rights` | array | `[]` | `[Listen, Manage, Send]` | Optional. The rights associated with the rule. | +| `topicName` | string | | | Required. The name of the parent service bus namespace topic | + +## Outputs + +| Output Name | Type | Description | +| :-- | :-- | :-- | +| `name` | string | The name of the authorization rule. | +| `resourceGroupName` | string | The name of the Resource Group the authorization rule was created in. | +| `resourceId` | string | The Resource ID of the authorization rule. | + +## Template references + +- [Namespaces/Topics/Authorizationrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces/topics/authorizationRules) diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/version.json b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/version.json new file mode 100644 index 0000000000..56f8d9ca40 --- /dev/null +++ b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/version.json @@ -0,0 +1,4 @@ +{ + "$schema": "https://raw.githubusercontent.com/dotnet/Nerdbank.GitVersioning/master/src/NerdBank.GitVersioning/version.schema.json", + "version": "0.4" +} diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep new file mode 100644 index 0000000000..efcf7b7bc6 --- /dev/null +++ b/arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep @@ -0,0 +1,147 @@ + + +@description('Required. Name of the parent Service Bus Namespace for the Service Bus Topic.') +@minLength(6) +@maxLength(50) +param namespaceName string + +@description('Required. Name of the Service Bus Topic.') +@minLength(6) +@maxLength(50) +param name string + +@description('Optional. The maximum size of the topic in megabytes, which is the size of memory allocated for the topic. Default is 1024.') +param maxSizeInMegabytes int = 1024 + +@description('Optional. A value indicating if this topic requires duplicate detection.') +param requiresDuplicateDetection bool = false + +@description('Optional. ISO 8601 default message timespan to live value. This is the duration after which the message expires, starting from when the message is sent to Service Bus. This is the default value used when TimeToLive is not set on a message itself.') +param defaultMessageTimeToLive string = 'P14D' + +@description('Optional. Value that indicates whether server-side batched operations are enabled.') +param enableBatchedOperations bool = true + +@description('Optional. ISO 8601 timeSpan structure that defines the duration of the duplicate detection history. The default value is 10 minutes.') +param duplicateDetectionHistoryTimeWindow string = 'PT10M' + +@description('Optional. Maximum size (in KB) of the message payload that can be accepted by the topic. This property is only used in Premium today and default is 1024.') +param maxMessageSizeInKilobytes int = 1024 + +@description('Optional. Value that indicates whether the topic supports ordering.') +param supportOrdering bool = false + +@description('Optional. ISO 8601 timespan idle interval after which the topic is automatically deleted. The minimum duration is 5 minutes.') +param autoDeleteOnIdle string = 'PT5M' + +@description('Optional. Enumerates the possible values for the status of a messaging entity. - Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown') +@allowed([ + 'Active' + 'Disabled' + 'Restoring' + 'SendDisabled' + 'ReceiveDisabled' + 'Creating' + 'Deleting' + 'Renaming' + 'Unknown' +]) +param status string = 'Active' + +@description('Optional. A value that indicates whether the topic is to be partitioned across multiple message brokers.') +param enablePartitioning bool = false + +@description('Optional. A value that indicates whether Express Entities are enabled. An express topic holds a message in memory temporarily before writing it to persistent storage.') +param enableExpress bool = false + +@description('Optional. Authorization Rules for the Service Bus Topic') +param authorizationRules array = [ + { + name: 'RootManageSharedAccessKey' + properties: { + rights: [ + 'Listen' + 'Manage' + 'Send' + ] + } + } +] + +@allowed([ + 'CanNotDelete' + 'NotSpecified' + 'ReadOnly' +]) +@description('Optional. Specify the type of lock.') +param lock string = 'NotSpecified' + +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +param roleAssignments array = [] + +@description('Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered') +param cuaId string = '' + +module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { + name: 'pid-${cuaId}' + params: {} +} + +resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { + name: namespaceName +} + +resource topic 'Microsoft.ServiceBus/namespaces/topics@2021-11-01' = { + name: name + parent: namespace + properties: { + autoDeleteOnIdle: autoDeleteOnIdle + defaultMessageTimeToLive: defaultMessageTimeToLive + duplicateDetectionHistoryTimeWindow: duplicateDetectionHistoryTimeWindow + enableBatchedOperations: enableBatchedOperations + enableExpress: enableExpress + enablePartitioning: enablePartitioning + maxMessageSizeInKilobytes: maxMessageSizeInKilobytes + maxSizeInMegabytes: maxSizeInMegabytes + requiresDuplicateDetection: requiresDuplicateDetection + status: status + supportOrdering: supportOrdering + } +} + +module topic_authorizationRules 'authorizationRules/deploy.bicep' = [for (authorizationRule, index) in authorizationRules: { + name: '${deployment().name}-AuthRule-${index}' + params: { + namespaceName: namespaceName + topicName: topic.name + name: authorizationRule.name + rights: contains(authorizationRule, 'rights') ? authorizationRule.rights : [] + } +}] + +resource topic_lock 'Microsoft.Authorization/locks@2017-04-01' = if (lock != 'NotSpecified') { + name: '${topic.name}-${lock}-lock' + properties: { + level: lock + notes: lock == 'CanNotDelete' ? 'Cannot delete resource or child resources.' : 'Cannot modify the resource or child resources.' + } + scope: topic +} + +module topic_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in roleAssignments: { + name: '${deployment().name}-rbac-${index}' + params: { + principalIds: roleAssignment.principalIds + roleDefinitionIdOrName: roleAssignment.roleDefinitionIdOrName + resourceId: topic.id + } +}] + +@description('The name of the deployed topic') +output name string = topic.name + +@description('The resource ID of the deployed topic') +output resourceId string = topic.id + +@description('The resource group of the deployed topic') +output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/readme.md b/arm/Microsoft.ServiceBus/namespaces/topics/readme.md new file mode 100644 index 0000000000..d154bdf28e --- /dev/null +++ b/arm/Microsoft.ServiceBus/namespaces/topics/readme.md @@ -0,0 +1,76 @@ +# `[]` + +This module deploys . +// TODO: Replace Resource and fill in description + +## Resource Types + +| Resource Type | API Version | +| :-- | :-- | +| `Microsoft.Authorization/locks` | 2017-04-01 | +| `Microsoft.Authorization/roleAssignments` | 2021-04-01-preview | +| `Microsoft.ServiceBus/namespaces/topics` | 2021-11-01 | +| `Microsoft.ServiceBus/namespaces/topics/authorizationRules` | 2021-11-01 | + +## Parameters + +| Parameter Name | Type | Default Value | Possible Values | Description | +| :-- | :-- | :-- | :-- | :-- | +| `authorizationRules` | _[authorizationRules](authorizationRules/readme.md)_ array | `[System.Collections.Hashtable]` | | Optional. Authorization Rules for the Service Bus Topic | +| `autoDeleteOnIdle` | string | `PT5M` | | Optional. ISO 8601 timespan idle interval after which the topic is automatically deleted. The minimum duration is 5 minutes. | +| `cuaId` | string | | | Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered | +| `defaultMessageTimeToLive` | string | `P14D` | | Optional. ISO 8601 default message timespan to live value. This is the duration after which the message expires, starting from when the message is sent to Service Bus. This is the default value used when TimeToLive is not set on a message itself. | +| `duplicateDetectionHistoryTimeWindow` | string | `PT10M` | | Optional. ISO 8601 timeSpan structure that defines the duration of the duplicate detection history. The default value is 10 minutes. | +| `enableBatchedOperations` | bool | `True` | | Optional. Value that indicates whether server-side batched operations are enabled. | +| `enableExpress` | bool | | | Optional. A value that indicates whether Express Entities are enabled. An express topic holds a message in memory temporarily before writing it to persistent storage. | +| `enablePartitioning` | bool | | | Optional. A value that indicates whether the topic is to be partitioned across multiple message brokers. | +| `lock` | string | `NotSpecified` | `[CanNotDelete, NotSpecified, ReadOnly]` | Optional. Specify the type of lock. | +| `maxMessageSizeInKilobytes` | int | `1024` | | Optional. Maximum size (in KB) of the message payload that can be accepted by the topic. This property is only used in Premium today and default is 1024. | +| `maxSizeInMegabytes` | int | `1024` | | Optional. The maximum size of the topic in megabytes, which is the size of memory allocated for the topic. Default is 1024. | +| `name` | string | | | Required. Name of the Service Bus Topic. | +| `namespaceName` | string | | | Required. Name of the parent Service Bus Namespace for the Service Bus Topic. | +| `requiresDuplicateDetection` | bool | | | Optional. A value indicating if this topic requires duplicate detection. | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `status` | string | `Active` | `[Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown]` | Optional. Enumerates the possible values for the status of a messaging entity. - Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown | +| `supportOrdering` | bool | | | Optional. Value that indicates whether the topic supports ordering. | + +### Parameter Usage: `` + +// TODO: Fill in Parameter usage + +### Parameter Usage: `roleAssignments` + +```json +"roleAssignments": { + "value": [ + { + "roleDefinitionIdOrName": "Reader", + "principalIds": [ + "12345678-1234-1234-1234-123456789012", // object 1 + "78945612-1234-1234-1234-123456789012" // object 2 + ] + }, + { + "roleDefinitionIdOrName": "/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11", + "principalIds": [ + "12345678-1234-1234-1234-123456789012" // object 1 + ] + } + ] +} +``` + +## Outputs + +| Output Name | Type | Description | +| :-- | :-- | :-- | +| `name` | string | The name of the deployed topic | +| `resourceGroupName` | string | The resource group of the deployed topic | +| `resourceId` | string | The resource ID of the deployed topic | + +## Template references + +- [Locks](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) +- [Namespaces/Topics](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces/topics) +- [Namespaces/Topics/Authorizationrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces/topics/authorizationRules) +- [Roleassignments](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/roleAssignments) diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/version.json b/arm/Microsoft.ServiceBus/namespaces/topics/version.json new file mode 100644 index 0000000000..56f8d9ca40 --- /dev/null +++ b/arm/Microsoft.ServiceBus/namespaces/topics/version.json @@ -0,0 +1,4 @@ +{ + "$schema": "https://raw.githubusercontent.com/dotnet/Nerdbank.GitVersioning/master/src/NerdBank.GitVersioning/version.schema.json", + "version": "0.4" +} diff --git a/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/deploy.bicep index 1d45c326da..4bda5bd211 100644 --- a/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/deploy.bicep @@ -17,7 +17,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { name: namespaceName } From 7a2f821e2a5477413355a8e862637fe1daf268ff Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Mon, 21 Feb 2022 16:10:49 +0100 Subject: [PATCH 2/6] revert api --- .../namespaces/.bicep/nested_rbac.bicep | 2 +- .../namespaces/authorizationRules/deploy.bicep | 2 +- arm/Microsoft.ServiceBus/namespaces/deploy.bicep | 2 +- .../disasterRecoveryConfigs/deploy.bicep | 2 +- .../namespaces/ipFilterRules/deploy.bicep | 2 +- .../migrationConfigurations/deploy.bicep | 2 +- .../namespaces/queues/.bicep/nested_rbac.bicep | 2 +- .../queues/authorizationRules/deploy.bicep | 4 ++-- .../namespaces/queues/deploy.bicep | 4 ++-- .../namespaces/queues/readme.md | 4 ++-- arm/Microsoft.ServiceBus/namespaces/readme.md | 16 ++++++++-------- .../namespaces/topics/.bicep/nested_rbac.bicep | 2 +- .../topics/authorizationRules/deploy.bicep | 6 +++--- .../topics/authorizationRules/readme.md | 4 ++-- .../namespaces/topics/deploy.bicep | 4 ++-- .../namespaces/topics/readme.md | 8 ++++---- .../namespaces/virtualNetworkRules/deploy.bicep | 2 +- 17 files changed, 34 insertions(+), 34 deletions(-) diff --git a/arm/Microsoft.ServiceBus/namespaces/.bicep/nested_rbac.bicep b/arm/Microsoft.ServiceBus/namespaces/.bicep/nested_rbac.bicep index 245d998cf9..be578a3643 100644 --- a/arm/Microsoft.ServiceBus/namespaces/.bicep/nested_rbac.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/.bicep/nested_rbac.bicep @@ -21,7 +21,7 @@ var builtInRoleNames = { 'User Access Administrator': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '18d7d88d-d35e-4fb5-a5c3-7773c20a72d9') } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { name: last(split(resourceId, '/')) } diff --git a/arm/Microsoft.ServiceBus/namespaces/authorizationRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/authorizationRules/deploy.bicep index 446c7eaf15..7df7ce3311 100644 --- a/arm/Microsoft.ServiceBus/namespaces/authorizationRules/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/authorizationRules/deploy.bicep @@ -22,7 +22,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { name: namespaceName } diff --git a/arm/Microsoft.ServiceBus/namespaces/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/deploy.bicep index 24b9dd3863..85d095fc1f 100644 --- a/arm/Microsoft.ServiceBus/namespaces/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/deploy.bicep @@ -143,7 +143,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource serviceBusNamespace 'Microsoft.ServiceBus/namespaces@2021-11-01' = { +resource serviceBusNamespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' = { name: !empty(name) ? name : uniqueServiceBusNamespaceName location: location tags: empty(tags) ? null : tags diff --git a/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/deploy.bicep index caabfeb1b1..bc8478a0a3 100644 --- a/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/deploy.bicep @@ -20,7 +20,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { name: namespaceName } diff --git a/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/deploy.bicep index 5a07373515..9acb32dada 100644 --- a/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/deploy.bicep @@ -27,7 +27,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { name: namespaceName } diff --git a/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/deploy.bicep index 066fea4f4a..e17e03e700 100644 --- a/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/deploy.bicep @@ -20,7 +20,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { name: namespaceName } diff --git a/arm/Microsoft.ServiceBus/namespaces/queues/.bicep/nested_rbac.bicep b/arm/Microsoft.ServiceBus/namespaces/queues/.bicep/nested_rbac.bicep index b953a0fdd1..e527921f3e 100644 --- a/arm/Microsoft.ServiceBus/namespaces/queues/.bicep/nested_rbac.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/queues/.bicep/nested_rbac.bicep @@ -21,7 +21,7 @@ var builtInRoleNames = { 'User Access Administrator': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '18d7d88d-d35e-4fb5-a5c3-7773c20a72d9') } -resource queue 'Microsoft.ServiceBus/namespaces/queues@2021-11-01' existing = { +resource queue 'Microsoft.ServiceBus/namespaces/queues@2021-06-01-preview' existing = { name: '${split(resourceId, '/')[8]}/${split(resourceId, '/')[10]}' } diff --git a/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/deploy.bicep index 37e0edf198..2b7831e8b3 100644 --- a/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/deploy.bicep @@ -23,10 +23,10 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { name: namespaceName - resource queue 'queues@2021-11-01' existing = { + resource queue 'queues@2021-06-01-preview' existing = { name: queueName } } diff --git a/arm/Microsoft.ServiceBus/namespaces/queues/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/queues/deploy.bicep index 9a39a7ebae..e7c66ed6c3 100644 --- a/arm/Microsoft.ServiceBus/namespaces/queues/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/queues/deploy.bicep @@ -88,11 +88,11 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { name: namespaceName } -resource queue 'Microsoft.ServiceBus/namespaces/queues@2021-11-01' = { +resource queue 'Microsoft.ServiceBus/namespaces/queues@2021-06-01-preview' = { name: name parent: namespace properties: { diff --git a/arm/Microsoft.ServiceBus/namespaces/queues/readme.md b/arm/Microsoft.ServiceBus/namespaces/queues/readme.md index 70796be28a..18bc66a75c 100644 --- a/arm/Microsoft.ServiceBus/namespaces/queues/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/queues/readme.md @@ -8,7 +8,7 @@ This module deploys a queue for a service bus namespace. | :-- | :-- | | `Microsoft.Authorization/locks` | 2017-04-01 | | `Microsoft.Authorization/roleAssignments` | 2021-04-01-preview | -| `Microsoft.ServiceBus/namespaces/queues` | 2021-11-01 | +| `Microsoft.ServiceBus/namespaces/queues` | 2021-06-01-preview | | `Microsoft.ServiceBus/namespaces/queues/authorizationRules` | 2017-04-01 | ## Parameters @@ -67,6 +67,6 @@ This module deploys a queue for a service bus namespace. ## Template references - [Locks](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) -- [Namespaces/Queues](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces/queues) +- [Namespaces/Queues](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-06-01-preview/namespaces/queues) - [Namespaces/Queues/Authorizationrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2017-04-01/namespaces/queues/authorizationRules) - [Roleassignments](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/roleAssignments) diff --git a/arm/Microsoft.ServiceBus/namespaces/readme.md b/arm/Microsoft.ServiceBus/namespaces/readme.md index f511189afd..db74d5b38c 100644 --- a/arm/Microsoft.ServiceBus/namespaces/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/readme.md @@ -11,15 +11,15 @@ This module deploys a service bus namespace resource. | `Microsoft.Insights/diagnosticSettings` | 2021-05-01-preview | | `Microsoft.Network/privateEndpoints` | 2021-05-01 | | `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | 2021-05-01 | -| `Microsoft.ServiceBus/namespaces` | 2021-11-01 | +| `Microsoft.ServiceBus/namespaces` | 2021-06-01-preview | | `Microsoft.ServiceBus/namespaces/AuthorizationRules` | 2017-04-01 | | `Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs` | 2017-04-01 | | `Microsoft.ServiceBus/namespaces/ipfilterrules` | 2018-01-01-preview | | `Microsoft.ServiceBus/namespaces/migrationConfigurations` | 2017-04-01 | -| `Microsoft.ServiceBus/namespaces/queues` | 2021-11-01 | +| `Microsoft.ServiceBus/namespaces/queues` | 2021-06-01-preview | | `Microsoft.ServiceBus/namespaces/queues/authorizationRules` | 2017-04-01 | -| `Microsoft.ServiceBus/namespaces/topics` | 2021-11-01 | -| `Microsoft.ServiceBus/namespaces/topics/authorizationRules` | 2021-11-01 | +| `Microsoft.ServiceBus/namespaces/topics` | 2021-06-01-preview | +| `Microsoft.ServiceBus/namespaces/topics/authorizationRules` | 2021-06-01-preview | | `Microsoft.ServiceBus/namespaces/virtualnetworkrules` | 2018-01-01-preview | ## Parameters @@ -154,15 +154,15 @@ You can specify multiple user assigned identities to a resource by providing add - [Diagnosticsettings](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) - [Locks](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) -- [Namespaces](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces) +- [Namespaces](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-06-01-preview/namespaces) - [Namespaces/Authorizationrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2017-04-01/namespaces/AuthorizationRules) - [Namespaces/Disasterrecoveryconfigs](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2017-04-01/namespaces/disasterRecoveryConfigs) - [Namespaces/Ipfilterrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2018-01-01-preview/namespaces/ipfilterrules) - [Namespaces/Migrationconfigurations](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2017-04-01/namespaces/migrationConfigurations) -- [Namespaces/Queues](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces/queues) +- [Namespaces/Queues](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-06-01-preview/namespaces/queues) - [Namespaces/Queues/Authorizationrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2017-04-01/namespaces/queues/authorizationRules) -- [Namespaces/Topics](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces/topics) -- [Namespaces/Topics/Authorizationrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces/topics/authorizationRules) +- [Namespaces/Topics](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-06-01-preview/namespaces/topics) +- [Namespaces/Topics/Authorizationrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-06-01-preview/namespaces/topics/authorizationRules) - [Namespaces/Virtualnetworkrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2018-01-01-preview/namespaces/virtualnetworkrules) - [Privateendpoints](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/privateEndpoints) - [Privateendpoints/Privatednszonegroups](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/privateEndpoints/privateDnsZoneGroups) diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_rbac.bicep b/arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_rbac.bicep index b953a0fdd1..e527921f3e 100644 --- a/arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_rbac.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_rbac.bicep @@ -21,7 +21,7 @@ var builtInRoleNames = { 'User Access Administrator': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '18d7d88d-d35e-4fb5-a5c3-7773c20a72d9') } -resource queue 'Microsoft.ServiceBus/namespaces/queues@2021-11-01' existing = { +resource queue 'Microsoft.ServiceBus/namespaces/queues@2021-06-01-preview' existing = { name: '${split(resourceId, '/')[8]}/${split(resourceId, '/')[10]}' } diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep index ff91eb64db..14466fad81 100644 --- a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep @@ -23,15 +23,15 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { name: namespaceName - resource topic 'topics@2021-11-01' existing = { + resource topic 'topics@2021-06-01-preview' existing = { name: topicName } } -resource authorizationRule 'Microsoft.ServiceBus/namespaces/topics/authorizationRules@2021-11-01' = { +resource authorizationRule 'Microsoft.ServiceBus/namespaces/topics/authorizationRules@2021-06-01-preview' = { name: name parent: namespace::topic properties: { diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md index 748f0fcc5b..34482fdba5 100644 --- a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md @@ -6,7 +6,7 @@ This module deploys an authorization rule for a service bus namespace queue. | Resource Type | API Version | | :-- | :-- | -| `Microsoft.ServiceBus/namespaces/topics/authorizationRules` | 2021-11-01 | +| `Microsoft.ServiceBus/namespaces/topics/authorizationRules` | 2021-06-01-preview | ## Parameters @@ -28,4 +28,4 @@ This module deploys an authorization rule for a service bus namespace queue. ## Template references -- [Namespaces/Topics/Authorizationrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces/topics/authorizationRules) +- [Namespaces/Topics/Authorizationrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-06-01-preview/namespaces/topics/authorizationRules) diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep index efcf7b7bc6..d4ac1d71de 100644 --- a/arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep @@ -87,11 +87,11 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { name: namespaceName } -resource topic 'Microsoft.ServiceBus/namespaces/topics@2021-11-01' = { +resource topic 'Microsoft.ServiceBus/namespaces/topics@2021-06-01-preview' = { name: name parent: namespace properties: { diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/readme.md b/arm/Microsoft.ServiceBus/namespaces/topics/readme.md index d154bdf28e..3851312abf 100644 --- a/arm/Microsoft.ServiceBus/namespaces/topics/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/topics/readme.md @@ -9,8 +9,8 @@ This module deploys . | :-- | :-- | | `Microsoft.Authorization/locks` | 2017-04-01 | | `Microsoft.Authorization/roleAssignments` | 2021-04-01-preview | -| `Microsoft.ServiceBus/namespaces/topics` | 2021-11-01 | -| `Microsoft.ServiceBus/namespaces/topics/authorizationRules` | 2021-11-01 | +| `Microsoft.ServiceBus/namespaces/topics` | 2021-06-01-preview | +| `Microsoft.ServiceBus/namespaces/topics/authorizationRules` | 2021-06-01-preview | ## Parameters @@ -71,6 +71,6 @@ This module deploys . ## Template references - [Locks](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) -- [Namespaces/Topics](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces/topics) -- [Namespaces/Topics/Authorizationrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-11-01/namespaces/topics/authorizationRules) +- [Namespaces/Topics](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-06-01-preview/namespaces/topics) +- [Namespaces/Topics/Authorizationrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ServiceBus/2021-06-01-preview/namespaces/topics/authorizationRules) - [Roleassignments](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/roleAssignments) diff --git a/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/deploy.bicep index 4bda5bd211..1d45c326da 100644 --- a/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/deploy.bicep @@ -17,7 +17,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource namespace 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { +resource namespace 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' existing = { name: namespaceName } From 40c01eb2585a1e2048fdb0b84121b8613aaad646 Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Mon, 21 Feb 2022 17:17:38 +0100 Subject: [PATCH 3/6] topic rbac --- .../namespaces/topics/.bicep/nested_rbac.bicep | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_rbac.bicep b/arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_rbac.bicep index e527921f3e..d022a5864c 100644 --- a/arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_rbac.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/topics/.bicep/nested_rbac.bicep @@ -21,15 +21,15 @@ var builtInRoleNames = { 'User Access Administrator': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '18d7d88d-d35e-4fb5-a5c3-7773c20a72d9') } -resource queue 'Microsoft.ServiceBus/namespaces/queues@2021-06-01-preview' existing = { +resource topic 'Microsoft.ServiceBus/namespaces/topics@2021-06-01-preview' existing = { name: '${split(resourceId, '/')[8]}/${split(resourceId, '/')[10]}' } resource roleAssigment 'Microsoft.Authorization/roleAssignments@2021-04-01-preview' = [for principalId in principalIds: { - name: guid(queue.name, principalId, roleDefinitionIdOrName) + name: guid(topic.name, principalId, roleDefinitionIdOrName) properties: { roleDefinitionId: contains(builtInRoleNames, roleDefinitionIdOrName) ? builtInRoleNames[roleDefinitionIdOrName] : roleDefinitionIdOrName principalId: principalId } - scope: queue + scope: topic }] From 7fd6dfba93689cf5cc7d0d70bd55bf257dbdc389 Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Mon, 21 Feb 2022 19:25:39 +0100 Subject: [PATCH 4/6] topic readme --- .../namespaces/topics/authorizationRules/deploy.bicep | 2 +- .../namespaces/topics/authorizationRules/readme.md | 4 ++-- arm/Microsoft.ServiceBus/namespaces/topics/readme.md | 9 ++------- 3 files changed, 5 insertions(+), 10 deletions(-) diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep index 14466fad81..1c018d575e 100644 --- a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. The name of the service bus namepace topic') +@description('Required. The name of the service bus namespace topic') param name string @description('Required. The name of the parent service bus namespace') diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md index 34482fdba5..d949fb6505 100644 --- a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md @@ -1,6 +1,6 @@ # ServiceBus Namespace Topic Authorization Rules `[Microsoft.ServiceBus/namespaces/topics/authorizationRules]` -This module deploys an authorization rule for a service bus namespace queue. +This module deploys an authorization rule for a service bus namespace topic. ## Resource Types @@ -13,7 +13,7 @@ This module deploys an authorization rule for a service bus namespace queue. | Parameter Name | Type | Default Value | Possible Values | Description | | :-- | :-- | :-- | :-- | :-- | | `cuaId` | string | | | Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered | -| `name` | string | | | Required. The name of the service bus namepace topic | +| `name` | string | | | Required. The name of the service bus namespace topic | | `namespaceName` | string | | | Required. The name of the parent service bus namespace | | `rights` | array | `[]` | `[Listen, Manage, Send]` | Optional. The rights associated with the rule. | | `topicName` | string | | | Required. The name of the parent service bus namespace topic | diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/readme.md b/arm/Microsoft.ServiceBus/namespaces/topics/readme.md index 3851312abf..4034a43c65 100644 --- a/arm/Microsoft.ServiceBus/namespaces/topics/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/topics/readme.md @@ -1,7 +1,6 @@ -# `[]` +# ServiceBus Namespace Topic `[Microsoft.ServiceBus/namespaces/topics]` -This module deploys . -// TODO: Replace Resource and fill in description +This module deploys a topic for a service bus namespace. ## Resource Types @@ -34,10 +33,6 @@ This module deploys . | `status` | string | `Active` | `[Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown]` | Optional. Enumerates the possible values for the status of a messaging entity. - Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown | | `supportOrdering` | bool | | | Optional. Value that indicates whether the topic supports ordering. | -### Parameter Usage: `` - -// TODO: Fill in Parameter usage - ### Parameter Usage: `roleAssignments` ```json From 962e56be2651459ebc9d0759b644280c8b2ab2f3 Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Mon, 21 Feb 2022 19:26:30 +0100 Subject: [PATCH 5/6] topic remove empty lines --- arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep | 2 -- 1 file changed, 2 deletions(-) diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep index d4ac1d71de..e16fbc08cd 100644 --- a/arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep @@ -1,5 +1,3 @@ - - @description('Required. Name of the parent Service Bus Namespace for the Service Bus Topic.') @minLength(6) @maxLength(50) From 585cc036bdc83e3801cda61c82c4b3d196b735ca Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Tue, 22 Feb 2022 09:38:21 +0100 Subject: [PATCH 6/6] queue readme title --- arm/Microsoft.ServiceBus/namespaces/queues/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.ServiceBus/namespaces/queues/readme.md b/arm/Microsoft.ServiceBus/namespaces/queues/readme.md index 18bc66a75c..9ed183384b 100644 --- a/arm/Microsoft.ServiceBus/namespaces/queues/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/queues/readme.md @@ -1,4 +1,4 @@ -# ServiceBus Queue `[Microsoft.ServiceBus/namespaces/queues]` +# ServiceBus Namespace Queue `[Microsoft.ServiceBus/namespaces/queues]` This module deploys a queue for a service bus namespace.