diff --git a/arm/Microsoft.AAD/DomainServices/deploy.bicep b/arm/Microsoft.AAD/DomainServices/deploy.bicep index 7a3cf0fbb7..08c3dc662b 100644 --- a/arm/Microsoft.AAD/DomainServices/deploy.bicep +++ b/arm/Microsoft.AAD/DomainServices/deploy.bicep @@ -12,10 +12,10 @@ param domainName string ]) param sku string = 'Standard' -@description('Optional. The location to deploy the Azure ADDS Services') +@description('Optional. The location to deploy the Azure ADDS Services.') param location string = resourceGroup().location -@description('Optional. Additional replica set for the managed domain') +@description('Optional. Additional replica set for the managed domain.') param replicaSets array = [] @description('Conditional. Required if secure LDAP is enabled and must be valid more than 30 days. The certificate required to configure Secure LDAP. Should be a base64encoded representation of the certificate PFX file.') @@ -25,10 +25,10 @@ param pfxCertificate string = '' @secure() param pfxCertificatePassword string = '' -@description('Optional. The email recipient value to receive alerts') +@description('Optional. The email recipient value to receive alerts.') param additionalRecipients array = [] -@description('Optional. The value is to provide domain configuration type') +@description('Optional. The value is to provide domain configuration type.') @allowed([ 'FullySynced' 'ResourceTrusting' @@ -80,7 +80,7 @@ param kerberosRc4Encryption string = 'Enabled' ]) param kerberosArmoring string = 'Enabled' -@description('Optional. The value is to notify the DC Admins. ') +@description('Optional. The value is to notify the DC Admins.') @allowed([ 'Enabled' 'Disabled' @@ -94,7 +94,7 @@ param notifyDcAdmins string = 'Enabled' ]) param notifyGlobalAdmins string = 'Enabled' -@description('Optional. The value is to enable the Secure LDAP for external services of Azure ADDS Services') +@description('Optional. The value is to enable the Secure LDAP for external services of Azure ADDS Services.') @allowed([ 'Enabled' 'Disabled' @@ -136,7 +136,7 @@ param diagnosticLogsRetentionInDays int = 365 @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. The name of logs that will be streamed.') @@ -236,11 +236,11 @@ module domainService_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, ind } }] -@description('The domain name of the Azure Active Directory Domain Services(Azure ADDS)') +@description('The domain name of the Azure Active Directory Domain Services(Azure ADDS).') output name string = domainService.name @description('The name of the resource group the Azure Active Directory Domain Services(Azure ADDS) was created in.') output resourceGroupName string = resourceGroup().name -@description('The resource ID of the Azure Active Directory Domain Services(Azure ADDS)') +@description('The resource ID of the Azure Active Directory Domain Services(Azure ADDS).') output resourceId string = domainService.id diff --git a/arm/Microsoft.AAD/DomainServices/readme.md b/arm/Microsoft.AAD/DomainServices/readme.md index c710dec217..3cec6e0d79 100644 --- a/arm/Microsoft.AAD/DomainServices/readme.md +++ b/arm/Microsoft.AAD/DomainServices/readme.md @@ -34,27 +34,27 @@ This template deploys Azure Active Directory Domain Services (AADDS). **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `additionalRecipients` | array | `[]` | | The email recipient value to receive alerts | +| `additionalRecipients` | array | `[]` | | The email recipient value to receive alerts. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | -| `domainConfigurationType` | string | `'FullySynced'` | `[FullySynced, ResourceTrusting]` | The value is to provide domain configuration type | -| `externalAccess` | string | `'Enabled'` | `[Enabled, Disabled]` | The value is to enable the Secure LDAP for external services of Azure ADDS Services | +| `domainConfigurationType` | string | `'FullySynced'` | `[FullySynced, ResourceTrusting]` | The value is to provide domain configuration type. | +| `externalAccess` | string | `'Enabled'` | `[Enabled, Disabled]` | The value is to enable the Secure LDAP for external services of Azure ADDS Services. | | `filteredSync` | string | `'Enabled'` | | The value is to synchronise scoped users and groups. | | `kerberosArmoring` | string | `'Enabled'` | `[Enabled, Disabled]` | The value is to enable to provide a protected channel between the Kerberos client and the KDC. | | `kerberosRc4Encryption` | string | `'Enabled'` | `[Enabled, Disabled]` | The value is to enable Kerberos requests that use RC4 encryption. | | `ldaps` | string | `'Enabled'` | `[Enabled, Disabled]` | A flag to determine whether or not Secure LDAP is enabled or disabled. | -| `location` | string | `[resourceGroup().location]` | | The location to deploy the Azure ADDS Services | +| `location` | string | `[resourceGroup().location]` | | The location to deploy the Azure ADDS Services. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `logsToEnable` | array | `[SystemSecurity, AccountManagement, LogonLogoff, ObjectAccess, PolicyChange, PrivilegeUse, DetailTracking, DirectoryServiceAccess, AccountLogon]` | `[SystemSecurity, AccountManagement, LogonLogoff, ObjectAccess, PolicyChange, PrivilegeUse, DetailTracking, DirectoryServiceAccess, AccountLogon]` | The name of logs that will be streamed. | | `name` | string | `[parameters('domainName')]` | | The name of the AADDS resource. Defaults to the domain name specific to the Azure ADDS service. | -| `notifyDcAdmins` | string | `'Enabled'` | `[Enabled, Disabled]` | The value is to notify the DC Admins. | +| `notifyDcAdmins` | string | `'Enabled'` | `[Enabled, Disabled]` | The value is to notify the DC Admins. | | `notifyGlobalAdmins` | string | `'Enabled'` | `[Enabled, Disabled]` | The value is to notify the Global Admins. | | `ntlmV1` | string | `'Enabled'` | `[Enabled, Disabled]` | The value is to enable clients making request using NTLM v1. | -| `replicaSets` | array | `[]` | | Additional replica set for the managed domain | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `replicaSets` | array | `[]` | | Additional replica set for the managed domain. | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `sku` | string | `'Standard'` | `[Standard, Enterprise, Premium]` | The name of the SKU specific to Azure ADDS Services. | | `syncNtlmPasswords` | string | `'Enabled'` | `[Enabled, Disabled]` | The value is to enable synchronized users to use NTLM authentication. | | `syncOnPremPasswords` | string | `'Enabled'` | `[Enabled, Disabled]` | The value is to enable on-premises users to authenticate against managed domain. | @@ -141,6 +141,6 @@ $pfxCertificate = [System.Convert]::ToBase64String($rawCertByteStream) | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The domain name of the Azure Active Directory Domain Services(Azure ADDS) | +| `name` | string | The domain name of the Azure Active Directory Domain Services(Azure ADDS). | | `resourceGroupName` | string | The name of the resource group the Azure Active Directory Domain Services(Azure ADDS) was created in. | -| `resourceId` | string | The resource ID of the Azure Active Directory Domain Services(Azure ADDS) | +| `resourceId` | string | The resource ID of the Azure Active Directory Domain Services(Azure ADDS). | diff --git a/arm/Microsoft.AnalysisServices/servers/deploy.bicep b/arm/Microsoft.AnalysisServices/servers/deploy.bicep index 11d60c7154..acbff28084 100644 --- a/arm/Microsoft.AnalysisServices/servers/deploy.bicep +++ b/arm/Microsoft.AnalysisServices/servers/deploy.bicep @@ -47,7 +47,7 @@ param diagnosticEventHubName string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -154,11 +154,11 @@ module server_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in } }] -@description('The name of the analysis service') +@description('The name of the analysis service.') output name string = server.name -@description('The resource ID of the analysis service') +@description('The resource ID of the analysis service.') output resourceId string = server.id -@description('The resource group the analysis service was deployed into') +@description('The resource group the analysis service was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.AnalysisServices/servers/readme.md b/arm/Microsoft.AnalysisServices/servers/readme.md index cab72e06de..8c6daf8413 100644 --- a/arm/Microsoft.AnalysisServices/servers/readme.md +++ b/arm/Microsoft.AnalysisServices/servers/readme.md @@ -39,7 +39,7 @@ This module deploys an Analysis Services Server. | `firewallSettings` | object | `{object}` | | The inbound firewall rules to define on the server. If not specified, firewall is disabled. | | `location` | string | `[resourceGroup().location]` | | Location for all Resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `skuCapacity` | int | `1` | | The total number of query replica scale-out instances. | | `skuName` | string | `'S0'` | | The SKU name of the Azure Analysis Services server to create. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -92,6 +92,6 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the analysis service | -| `resourceGroupName` | string | The resource group the analysis service was deployed into | -| `resourceId` | string | The resource ID of the analysis service | +| `name` | string | The name of the analysis service. | +| `resourceGroupName` | string | The resource group the analysis service was deployed into. | +| `resourceId` | string | The resource ID of the analysis service. | diff --git a/arm/Microsoft.ApiManagement/service/.bicep/nested_authorizationServers.bicep b/arm/Microsoft.ApiManagement/service/.bicep/nested_authorizationServers.bicep index 8bbf638029..f75d368cc2 100644 --- a/arm/Microsoft.ApiManagement/service/.bicep/nested_authorizationServers.bicep +++ b/arm/Microsoft.ApiManagement/service/.bicep/nested_authorizationServers.bicep @@ -1,7 +1,7 @@ @description('Required. Identifier of the authorization server.') param name string -@description('Required. The name of the of the API Management service.') +@description('Required. The name of the API Management service.') param apiManagementServiceName string @description('Required. OAuth authorization endpoint. See .') diff --git a/arm/Microsoft.ApiManagement/service/apiVersionSets/deploy.bicep b/arm/Microsoft.ApiManagement/service/apiVersionSets/deploy.bicep index 038302e853..bec9d25a36 100644 --- a/arm/Microsoft.ApiManagement/service/apiVersionSets/deploy.bicep +++ b/arm/Microsoft.ApiManagement/service/apiVersionSets/deploy.bicep @@ -1,13 +1,13 @@ -@description('Required. The name of the of the API Management service.') +@description('Conditional. The name of the parent API Management service. Required if the template is used in a standalone deployment.') param apiManagementServiceName string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. API Version set name') +@description('Optional. API Version set name.') param name string = 'default' -@description('Optional. API Version set properties') +@description('Optional. API Version set properties.') param properties object = {} resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { @@ -32,11 +32,11 @@ resource apiVersionSet 'Microsoft.ApiManagement/service/apiVersionSets@2021-08-0 properties: properties } -@description('The resource ID of the API Version set') +@description('The resource ID of the API Version set.') output resourceId string = apiVersionSet.id -@description('The name of the API Version set') +@description('The name of the API Version set.') output name string = apiVersionSet.name -@description('The resource group the API Version set was deployed into') +@description('The resource group the API Version set was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ApiManagement/service/apiVersionSets/readme.md b/arm/Microsoft.ApiManagement/service/apiVersionSets/readme.md index 8ac3878ac2..f58179bd5b 100644 --- a/arm/Microsoft.ApiManagement/service/apiVersionSets/readme.md +++ b/arm/Microsoft.ApiManagement/service/apiVersionSets/readme.md @@ -16,23 +16,23 @@ This module deploys API Management Service APIs Version Set. ## Parameters -**Required parameters** +**Conditional parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `apiManagementServiceName` | string | The name of the of the API Management service. | +| `apiManagementServiceName` | string | The name of the parent API Management service. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `'default'` | API Version set name | -| `properties` | object | `{object}` | API Version set properties | +| `name` | string | `'default'` | API Version set name. | +| `properties` | object | `{object}` | API Version set properties. | ## Outputs | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the API Version set | -| `resourceGroupName` | string | The resource group the API Version set was deployed into | -| `resourceId` | string | The resource ID of the API Version set | +| `name` | string | The name of the API Version set. | +| `resourceGroupName` | string | The resource group the API Version set was deployed into. | +| `resourceId` | string | The resource ID of the API Version set. | diff --git a/arm/Microsoft.ApiManagement/service/apis/deploy.bicep b/arm/Microsoft.ApiManagement/service/apis/deploy.bicep index 1c1fe467fa..127df5c70b 100644 --- a/arm/Microsoft.ApiManagement/service/apis/deploy.bicep +++ b/arm/Microsoft.ApiManagement/service/apis/deploy.bicep @@ -4,10 +4,10 @@ param name string @description('Optional. Array of Policies to apply to the Service API.') param policies array = [] -@description('Required. The name of the of the API Management service.') +@description('Conditional. The name of the parent API Management service. Required if the template is used in a standalone deployment.') param apiManagementServiceName string -@description('Optional. Describes the Revision of the API. If no value is provided, default revision 1 is created') +@description('Optional. Describes the Revision of the API. If no value is provided, default revision 1 is created.') param apiRevision string = '' @description('Optional. Description of the API Revision.') @@ -20,10 +20,10 @@ param apiRevisionDescription string = '' ]) param apiType string = 'http' -@description('Optional. Indicates the Version identifier of the API if the API is versioned') +@description('Optional. Indicates the Version identifier of the API if the API is versioned.') param apiVersion string = '' -@description('Optional. Indicates the Version identifier of the API version set') +@description('Optional. Indicates the Version identifier of the API version set.') param apiVersionSetId string = '' @description('Optional. Description of the API Version.') @@ -63,7 +63,7 @@ param isCurrent bool = true @description('Required. Relative URL uniquely identifying this API and all of its resource paths within the API Management service instance. It is appended to the API endpoint base URL specified during the service instance creation to form a public URL for this API.') param path string -@description('Optional. Describes on which protocols the operations in this API can be invoked. - HTTP or HTTPS') +@description('Optional. Describes on which protocols the operations in this API can be invoked. - HTTP or HTTPS.') param protocols array = [ 'https' ] @@ -148,11 +148,11 @@ module policy 'policies/deploy.bicep' = [for (policy, index) in policies: { } }] -@description('The name of the API management service API') +@description('The name of the API management service API.') output name string = api.name -@description('The resource ID of the API management service API') +@description('The resource ID of the API management service API.') output resourceId string = api.id -@description('The resource group the API management service API was deployed to') +@description('The resource group the API management service API was deployed to.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ApiManagement/service/apis/policies/deploy.bicep b/arm/Microsoft.ApiManagement/service/apis/policies/deploy.bicep index dd8161aed8..88efbdf854 100644 --- a/arm/Microsoft.ApiManagement/service/apis/policies/deploy.bicep +++ b/arm/Microsoft.ApiManagement/service/apis/policies/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. The name of the of the API Management service.') +@description('Conditional. The name of the parent API Management service. Required if the template is used in a standalone deployment.') param apiManagementServiceName string -@description('Required. The name of the of the API.') +@description('Conditional. The name of the parent API. Required if the template is used in a standalone deployment.') param apiName string -@description('Optional. The name of the policy') +@description('Optional. The name of the policy.') param name string = 'policy' @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -51,11 +51,11 @@ resource policy 'Microsoft.ApiManagement/service/apis/policies@2021-08-01' = { } } -@description('The resource ID of the API policy') +@description('The resource ID of the API policy.') output resourceId string = policy.id -@description('The name of the API policy') +@description('The name of the API policy.') output name string = policy.name -@description('The resource group the API policy was deployed into') +@description('The resource group the API policy was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ApiManagement/service/apis/policies/readme.md b/arm/Microsoft.ApiManagement/service/apis/policies/readme.md index 1824c482f5..1747204e51 100644 --- a/arm/Microsoft.ApiManagement/service/apis/policies/readme.md +++ b/arm/Microsoft.ApiManagement/service/apis/policies/readme.md @@ -19,22 +19,26 @@ This module deploys API Management Service APIs policies. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `apiManagementServiceName` | string | The name of the of the API Management service. | -| `apiName` | string | The name of the of the API. | | `value` | string | Contents of the Policy as defined by the format. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `apiManagementServiceName` | string | The name of the parent API Management service. Required if the template is used in a standalone deployment. | +| `apiName` | string | The name of the parent API. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `format` | string | `'xml'` | `[rawxml, rawxml-link, xml, xml-link]` | Format of the policyContent. | -| `name` | string | `'policy'` | | The name of the policy | +| `name` | string | `'policy'` | | The name of the policy. | ## Outputs | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the API policy | -| `resourceGroupName` | string | The resource group the API policy was deployed into | -| `resourceId` | string | The resource ID of the API policy | +| `name` | string | The name of the API policy. | +| `resourceGroupName` | string | The resource group the API policy was deployed into. | +| `resourceId` | string | The resource ID of the API policy. | diff --git a/arm/Microsoft.ApiManagement/service/apis/readme.md b/arm/Microsoft.ApiManagement/service/apis/readme.md index ba65318d7b..4fe8d278fd 100644 --- a/arm/Microsoft.ApiManagement/service/apis/readme.md +++ b/arm/Microsoft.ApiManagement/service/apis/readme.md @@ -26,27 +26,31 @@ The following resources are required to be able to deploy this resource. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `apiManagementServiceName` | string | The name of the of the API Management service. | | `displayName` | string | API name. Must be 1 to 300 characters long. | | `name` | string | API revision identifier. Must be unique in the current API Management service instance. Non-current revision has ;rev=n as a suffix where n is the revision number. | | `path` | string | Relative URL uniquely identifying this API and all of its resource paths within the API Management service instance. It is appended to the API endpoint base URL specified during the service instance creation to form a public URL for this API. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `apiManagementServiceName` | string | The name of the parent API Management service. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `apiDescription` | string | `''` | | Description of the API. May include HTML formatting tags. | -| `apiRevision` | string | `''` | | Describes the Revision of the API. If no value is provided, default revision 1 is created | +| `apiRevision` | string | `''` | | Describes the Revision of the API. If no value is provided, default revision 1 is created. | | `apiRevisionDescription` | string | `''` | | Description of the API Revision. | | `apiType` | string | `'http'` | `[http, soap]` | Type of API to create. * http creates a SOAP to REST API * soap creates a SOAP pass-through API. | -| `apiVersion` | string | `''` | | Indicates the Version identifier of the API if the API is versioned | +| `apiVersion` | string | `''` | | Indicates the Version identifier of the API if the API is versioned. | | `apiVersionDescription` | string | `''` | | Description of the API Version. | -| `apiVersionSetId` | string | `''` | | Indicates the Version identifier of the API version set | +| `apiVersionSetId` | string | `''` | | Indicates the Version identifier of the API version set. | | `authenticationSettings` | object | `{object}` | | Collection of authentication settings included into this API. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `format` | string | `'openapi'` | `[wadl-xml, wadl-link-json, swagger-json, swagger-link-json, wsdl, wsdl-link, openapi, openapi+json, openapi-link, openapi+json-link]` | Format of the Content in which the API is getting imported. | | `isCurrent` | bool | `True` | | Indicates if API revision is current API revision. | | `policies` | _[policies](policies/readme.md)_ array | `[]` | | Array of Policies to apply to the Service API. | -| `protocols` | array | `[https]` | | Describes on which protocols the operations in this API can be invoked. - HTTP or HTTPS | +| `protocols` | array | `[https]` | | Describes on which protocols the operations in this API can be invoked. - HTTP or HTTPS. | | `serviceUrl` | string | `''` | | Absolute URL of the backend service implementing this API. Cannot be more than 2000 characters long. | | `sourceApiId` | string | `''` | | API identifier of the source API. | | `subscriptionKeyParameterNames` | object | `{object}` | | Protocols over which API is made available. | @@ -77,6 +81,6 @@ The following resources are required to be able to deploy this resource. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the API management service API | -| `resourceGroupName` | string | The resource group the API management service API was deployed to | -| `resourceId` | string | The resource ID of the API management service API | +| `name` | string | The name of the API management service API. | +| `resourceGroupName` | string | The resource group the API management service API was deployed to. | +| `resourceId` | string | The resource ID of the API management service API. | diff --git a/arm/Microsoft.ApiManagement/service/authorizationServers/deploy.bicep b/arm/Microsoft.ApiManagement/service/authorizationServers/deploy.bicep index fb6d247c33..f8b62e6080 100644 --- a/arm/Microsoft.ApiManagement/service/authorizationServers/deploy.bicep +++ b/arm/Microsoft.ApiManagement/service/authorizationServers/deploy.bicep @@ -1,23 +1,23 @@ @description('Required. Identifier of the authorization server.') param name string -@description('Required. The name of the of the API Management service.') +@description('Conditional. The name of the parent API Management service. Required if the template is used in a standalone deployment.') param apiManagementServiceName string @description('Required. OAuth authorization endpoint. See .') param authorizationEndpoint string -@description('Optional. HTTP verbs supported by the authorization endpoint. GET must be always present. POST is optional. - HEAD, OPTIONS, TRACE, GET, POST, PUT, PATCH, DELETE') +@description('Optional. HTTP verbs supported by the authorization endpoint. GET must be always present. POST is optional. - HEAD, OPTIONS, TRACE, GET, POST, PUT, PATCH, DELETE.') param authorizationMethods array = [ 'GET' ] -@description('Optional. Specifies the mechanism by which access token is passed to the API. - authorizationHeader or query') +@description('Optional. Specifies the mechanism by which access token is passed to the API. - authorizationHeader or query.') param bearerTokenSendingMethods array = [ 'authorizationHeader' ] -@description('Optional. Method of authentication supported by the token endpoint of this authorization server. Possible values are Basic and/or Body. When Body is specified, client credentials and other parameters are passed within the request body in the application/x-www-form-urlencoded format. - Basic or Body') +@description('Optional. Method of authentication supported by the token endpoint of this authorization server. Possible values are Basic and/or Body. When Body is specified, client credentials and other parameters are passed within the request body in the application/x-www-form-urlencoded format. - Basic or Body.') param clientAuthenticationMethod array = [ 'Basic' ] @@ -42,7 +42,7 @@ param defaultScope string = '' @description('Optional. Description of the authorization server. Can contain HTML formatting tags.') param serverDescription string = '' -@description('Required. Form of an authorization grant, which the client uses to request the access token. - authorizationCode, implicit, resourceOwnerPassword, clientCredentials') +@description('Required. Form of an authorization grant, which the client uses to request the access token. - authorizationCode, implicit, resourceOwnerPassword, clientCredentials.') param grantTypes array @description('Optional. Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner password.') @@ -54,7 +54,7 @@ param resourceOwnerUsername string = '' @description('Optional. If true, authorization server will include state parameter from the authorization request to its response. Client may use state parameter to raise protocol security.') param supportState bool = false -@description('Optional. Additional parameters required by the token endpoint of this authorization server represented as an array of JSON objects with name and value string properties, i.e. {"name" : "name value", "value": "a value"}. - TokenBodyParameterContract object') +@description('Optional. Additional parameters required by the token endpoint of this authorization server represented as an array of JSON objects with name and value string properties, i.e. {"name" : "name value", "value": "a value"}. - TokenBodyParameterContract object.') param tokenBodyParameters array = [] @description('Optional. OAuth token endpoint. Contains absolute URI to entity being referenced.') @@ -104,11 +104,11 @@ resource authorizationServer 'Microsoft.ApiManagement/service/authorizationServe } } -@description('The name of the API management service authorization server') +@description('The name of the API management service authorization server.') output name string = authorizationServer.name -@description('The resource ID of the API management service authorization server') +@description('The resource ID of the API management service authorization server.') output resourceId string = authorizationServer.id -@description('The resource group the API management service authorization server was deployed into') +@description('The resource group the API management service authorization server was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ApiManagement/service/authorizationServers/readme.md b/arm/Microsoft.ApiManagement/service/authorizationServers/readme.md index aaa8f1d911..f50f271f21 100644 --- a/arm/Microsoft.ApiManagement/service/authorizationServers/readme.md +++ b/arm/Microsoft.ApiManagement/service/authorizationServers/readme.md @@ -25,19 +25,23 @@ The following resources are required to be able to deploy this resource. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `apiManagementServiceName` | string | The name of the of the API Management service. | | `authorizationEndpoint` | string | OAuth authorization endpoint. See . | | `clientId` | secureString | Client or app ID registered with this authorization server. | | `clientSecret` | secureString | Client or app secret registered with this authorization server. This property will not be filled on 'GET' operations! Use '/listSecrets' POST request to get the value. | -| `grantTypes` | array | Form of an authorization grant, which the client uses to request the access token. - authorizationCode, implicit, resourceOwnerPassword, clientCredentials | +| `grantTypes` | array | Form of an authorization grant, which the client uses to request the access token. - authorizationCode, implicit, resourceOwnerPassword, clientCredentials. | | `name` | string | Identifier of the authorization server. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `apiManagementServiceName` | string | The name of the parent API Management service. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | -| `authorizationMethods` | array | `[GET]` | HTTP verbs supported by the authorization endpoint. GET must be always present. POST is optional. - HEAD, OPTIONS, TRACE, GET, POST, PUT, PATCH, DELETE | -| `bearerTokenSendingMethods` | array | `[authorizationHeader]` | Specifies the mechanism by which access token is passed to the API. - authorizationHeader or query | -| `clientAuthenticationMethod` | array | `[Basic]` | Method of authentication supported by the token endpoint of this authorization server. Possible values are Basic and/or Body. When Body is specified, client credentials and other parameters are passed within the request body in the application/x-www-form-urlencoded format. - Basic or Body | +| `authorizationMethods` | array | `[GET]` | HTTP verbs supported by the authorization endpoint. GET must be always present. POST is optional. - HEAD, OPTIONS, TRACE, GET, POST, PUT, PATCH, DELETE. | +| `bearerTokenSendingMethods` | array | `[authorizationHeader]` | Specifies the mechanism by which access token is passed to the API. - authorizationHeader or query. | +| `clientAuthenticationMethod` | array | `[Basic]` | Method of authentication supported by the token endpoint of this authorization server. Possible values are Basic and/or Body. When Body is specified, client credentials and other parameters are passed within the request body in the application/x-www-form-urlencoded format. - Basic or Body. | | `clientRegistrationEndpoint` | string | `''` | Optional reference to a page where client or app registration for this authorization server is performed. Contains absolute URL to entity being referenced. | | `defaultScope` | string | `''` | Access token scope that is going to be requested by default. Can be overridden at the API level. Should be provided in the form of a string containing space-delimited values. | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | @@ -45,7 +49,7 @@ The following resources are required to be able to deploy this resource. | `resourceOwnerUsername` | string | `''` | Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner username. | | `serverDescription` | string | `''` | Description of the authorization server. Can contain HTML formatting tags. | | `supportState` | bool | `False` | If true, authorization server will include state parameter from the authorization request to its response. Client may use state parameter to raise protocol security. | -| `tokenBodyParameters` | array | `[]` | Additional parameters required by the token endpoint of this authorization server represented as an array of JSON objects with name and value string properties, i.e. {"name" : "name value", "value": "a value"}. - TokenBodyParameterContract object | +| `tokenBodyParameters` | array | `[]` | Additional parameters required by the token endpoint of this authorization server represented as an array of JSON objects with name and value string properties, i.e. {"name" : "name value", "value": "a value"}. - TokenBodyParameterContract object. | | `tokenEndpoint` | string | `''` | OAuth token endpoint. Contains absolute URI to entity being referenced. | @@ -53,6 +57,6 @@ The following resources are required to be able to deploy this resource. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the API management service authorization server | -| `resourceGroupName` | string | The resource group the API management service authorization server was deployed into | -| `resourceId` | string | The resource ID of the API management service authorization server | +| `name` | string | The name of the API management service authorization server. | +| `resourceGroupName` | string | The resource group the API management service authorization server was deployed into. | +| `resourceId` | string | The resource ID of the API management service authorization server. | diff --git a/arm/Microsoft.ApiManagement/service/backends/deploy.bicep b/arm/Microsoft.ApiManagement/service/backends/deploy.bicep index 0a4884aa34..e5b0c40119 100644 --- a/arm/Microsoft.ApiManagement/service/backends/deploy.bicep +++ b/arm/Microsoft.ApiManagement/service/backends/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. The name of the of the API Management service.') +@description('Conditional. The name of the parent API Management service. Required if the template is used in a standalone deployment.') param apiManagementServiceName string @description('Required. Backend Name.') @@ -13,10 +13,10 @@ param enableDefaultTelemetry bool = true @description('Optional. Backend Description.') param backendDescription string = '' -@description('Optional. Backend communication protocol. - http or soap') +@description('Optional. Backend communication protocol. - http or soap.') param protocol string = 'http' -@description('Optional. Backend Proxy Contract Properties') +@description('Optional. Backend Proxy Contract Properties.') param proxy object = {} @description('Optional. Management Uri of the Resource in External System. This URL can be the Arm Resource ID of Logic Apps, Function Apps or API Apps.') @@ -28,7 +28,7 @@ param serviceFabricCluster object = {} @description('Optional. Backend Title.') param title string = '' -@description('Optional. Backend TLS Properties') +@description('Optional. Backend TLS Properties.') param tls object = { validateCertificateChain: false validateCertificateName: false @@ -71,11 +71,11 @@ resource backend 'Microsoft.ApiManagement/service/backends@2021-08-01' = { } } -@description('The resource ID of the API management service backend') +@description('The resource ID of the API management service backend.') output resourceId string = backend.id -@description('The name of the API management service backend') +@description('The name of the API management service backend.') output name string = backend.name -@description('The resource group the API management service backend was deployed into') +@description('The resource group the API management service backend was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ApiManagement/service/backends/readme.md b/arm/Microsoft.ApiManagement/service/backends/readme.md index 48fa0621f2..93095dd9c2 100644 --- a/arm/Microsoft.ApiManagement/service/backends/readme.md +++ b/arm/Microsoft.ApiManagement/service/backends/readme.md @@ -25,22 +25,26 @@ The following resources are required to be able to deploy this resource. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `apiManagementServiceName` | string | The name of the of the API Management service. | | `name` | string | Backend Name. | | `url` | string | Runtime URL of the Backend. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `apiManagementServiceName` | string | The name of the parent API Management service. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `backendDescription` | string | `''` | Backend Description. | | `credentials` | object | `{object}` | Backend Credentials Contract Properties. | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `protocol` | string | `'http'` | Backend communication protocol. - http or soap | -| `proxy` | object | `{object}` | Backend Proxy Contract Properties | +| `protocol` | string | `'http'` | Backend communication protocol. - http or soap. | +| `proxy` | object | `{object}` | Backend Proxy Contract Properties. | | `resourceId` | string | `''` | Management Uri of the Resource in External System. This URL can be the Arm Resource ID of Logic Apps, Function Apps or API Apps. | | `serviceFabricCluster` | object | `{object}` | Backend Service Fabric Cluster Properties. | | `title` | string | `''` | Backend Title. | -| `tls` | object | `{object}` | Backend TLS Properties | +| `tls` | object | `{object}` | Backend TLS Properties. | ### Parameters - credentials @@ -134,6 +138,6 @@ The following resources are required to be able to deploy this resource. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the API management service backend | -| `resourceGroupName` | string | The resource group the API management service backend was deployed into | -| `resourceId` | string | The resource ID of the API management service backend | +| `name` | string | The name of the API management service backend. | +| `resourceGroupName` | string | The resource group the API management service backend was deployed into. | +| `resourceId` | string | The resource ID of the API management service backend. | diff --git a/arm/Microsoft.ApiManagement/service/caches/deploy.bicep b/arm/Microsoft.ApiManagement/service/caches/deploy.bicep index e0ae35cbdb..2cb7c6b57f 100644 --- a/arm/Microsoft.ApiManagement/service/caches/deploy.bicep +++ b/arm/Microsoft.ApiManagement/service/caches/deploy.bicep @@ -1,22 +1,22 @@ -@description('Required. The name of the of the API Management service.') +@description('Conditional. The name of the parent API Management service. Required if the template is used in a standalone deployment.') param apiManagementServiceName string @description('Required. Identifier of the Cache entity. Cache identifier (should be either \'default\' or valid Azure region identifier).') param name string -@description('Required. Runtime connection string to cache. Can be referenced by a named value like so, {{}}') +@description('Required. Runtime connection string to cache. Can be referenced by a named value like so, {{}}.') param connectionString string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. Cache description') +@description('Optional. Cache description.') param cacheDescription string = '' @description('Optional. Original uri of entity in external system cache points to.') param resourceId string = '' -@description('Required. Location identifier to use cache from (should be either \'default\' or valid Azure region identifier)') +@description('Required. Location identifier to use cache from (should be either \'default\' or valid Azure region identifier).') param useFromLocation string resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { @@ -46,11 +46,11 @@ resource cache 'Microsoft.ApiManagement/service/caches@2021-08-01' = { } } -@description('The resource ID of the API management service cache') +@description('The resource ID of the API management service cache.') output resourceId string = cache.id -@description('The name of the API management service cache') +@description('The name of the API management service cache.') output name string = cache.name -@description('The resource group the API management service cache was deployed into') +@description('The resource group the API management service cache was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ApiManagement/service/caches/readme.md b/arm/Microsoft.ApiManagement/service/caches/readme.md index 51daa01639..67c2ddcb3c 100644 --- a/arm/Microsoft.ApiManagement/service/caches/readme.md +++ b/arm/Microsoft.ApiManagement/service/caches/readme.md @@ -25,15 +25,19 @@ The following resources are required to be able to deploy this resource. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `apiManagementServiceName` | string | The name of the of the API Management service. | -| `connectionString` | string | Runtime connection string to cache. Can be referenced by a named value like so, {{}} | +| `connectionString` | string | Runtime connection string to cache. Can be referenced by a named value like so, {{}}. | | `name` | string | Identifier of the Cache entity. Cache identifier (should be either 'default' or valid Azure region identifier). | -| `useFromLocation` | string | Location identifier to use cache from (should be either 'default' or valid Azure region identifier) | +| `useFromLocation` | string | Location identifier to use cache from (should be either 'default' or valid Azure region identifier). | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `apiManagementServiceName` | string | The name of the parent API Management service. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | -| `cacheDescription` | string | `''` | Cache description | +| `cacheDescription` | string | `''` | Cache description. | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `resourceId` | string | `''` | Original uri of entity in external system cache points to. | @@ -42,6 +46,6 @@ The following resources are required to be able to deploy this resource. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the API management service cache | -| `resourceGroupName` | string | The resource group the API management service cache was deployed into | -| `resourceId` | string | The resource ID of the API management service cache | +| `name` | string | The name of the API management service cache. | +| `resourceGroupName` | string | The resource group the API management service cache was deployed into. | +| `resourceId` | string | The resource ID of the API management service cache. | diff --git a/arm/Microsoft.ApiManagement/service/deploy.bicep b/arm/Microsoft.ApiManagement/service/deploy.bicep index 04fb0a52fd..21b92ff642 100644 --- a/arm/Microsoft.ApiManagement/service/deploy.bicep +++ b/arm/Microsoft.ApiManagement/service/deploy.bicep @@ -1,7 +1,7 @@ @description('Optional. Additional datacenter locations of the API Management service.') param additionalLocations array = [] -@description('Required. The name of the of the API Management service.') +@description('Required. The name of the API Management service.') param name string @description('Optional. List of Certificates that need to be installed in the API Management service. Max supported certificates that can be installed is 10.') @@ -69,7 +69,7 @@ param publisherName string @description('Optional. Undelete API Management Service if it was previously soft-deleted. If this flag is specified and set to True all other properties will be ignored.') param restore bool = false -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. The pricing tier of this API Management service.') @@ -450,13 +450,13 @@ module apiManagementService_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignme } }] -@description('The name of the API management service') +@description('The name of the API management service.') output name string = apiManagementService.name -@description('The resource ID of the API management service') +@description('The resource ID of the API management service.') output resourceId string = apiManagementService.id -@description('The resource group the API management service was deployed into') +@description('The resource group the API management service was deployed into.') output resourceGroupName string = resourceGroup().name @description('The principal ID of the system assigned identity.') diff --git a/arm/Microsoft.ApiManagement/service/identityProviders/deploy.bicep b/arm/Microsoft.ApiManagement/service/identityProviders/deploy.bicep index ea5b58d04b..615c0c5595 100644 --- a/arm/Microsoft.ApiManagement/service/identityProviders/deploy.bicep +++ b/arm/Microsoft.ApiManagement/service/identityProviders/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. The name of the of the API Management service.') +@description('Conditional. The name of the parent API Management service. Required if the template is used in a standalone deployment.') param apiManagementServiceName string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -7,7 +7,7 @@ param enableDefaultTelemetry bool = true @description('Optional. Used to enable the deployment of the identityProviders child resource.') param enableIdentityProviders bool = false -@description('Optional. List of Allowed Tenants when configuring Azure Active Directory login. - string') +@description('Optional. List of Allowed Tenants when configuring Azure Active Directory login. - string.') param identityProviderAllowedTenants array = [] @description('Optional. OpenID Connect discovery endpoint hostname for AAD or AAD B2C.') @@ -29,7 +29,7 @@ param identityProviderProfileEditingPolicyName string = '' @description('Optional. Signin Policy Name. Only applies to AAD B2C Identity Provider.') param identityProviderSignInPolicyName string = '' -@description('Optional. The TenantId to use instead of Common when logging into Active Directory') +@description('Optional. The TenantId to use instead of Common when logging into Active Directory.') param identityProviderSignInTenant string = '' @description('Optional. Signup Policy Name. Only applies to AAD B2C Identity Provider.') @@ -46,7 +46,7 @@ param identityProviderSignUpPolicyName string = '' ]) param identityProviderType string = 'aad' -@description('Required. Identity provider name') +@description('Required. Identity provider name.') param name string var isAadB2C = (identityProviderType == 'aadB2C') @@ -84,11 +84,11 @@ resource identityProvider 'Microsoft.ApiManagement/service/identityProviders@202 } } -@description('The resource ID of the API management service identity provider') +@description('The resource ID of the API management service identity provider.') output resourceId string = identityProvider.id -@description('The name of the API management service identity provider') +@description('The name of the API management service identity provider.') output name string = identityProvider.name -@description('The resource group the API management service identity provider was deployed into') +@description('The resource group the API management service identity provider was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ApiManagement/service/identityProviders/readme.md b/arm/Microsoft.ApiManagement/service/identityProviders/readme.md index 5420b688cd..b766571387 100644 --- a/arm/Microsoft.ApiManagement/service/identityProviders/readme.md +++ b/arm/Microsoft.ApiManagement/service/identityProviders/readme.md @@ -19,22 +19,26 @@ This module deploys API Management Service Identity Provider. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `apiManagementServiceName` | string | The name of the of the API Management service. | -| `name` | string | Identity provider name | +| `name` | string | Identity provider name. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `apiManagementServiceName` | string | The name of the parent API Management service. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `enableIdentityProviders` | bool | `False` | | Used to enable the deployment of the identityProviders child resource. | -| `identityProviderAllowedTenants` | array | `[]` | | List of Allowed Tenants when configuring Azure Active Directory login. - string | +| `identityProviderAllowedTenants` | array | `[]` | | List of Allowed Tenants when configuring Azure Active Directory login. - string. | | `identityProviderAuthority` | string | `''` | | OpenID Connect discovery endpoint hostname for AAD or AAD B2C. | | `identityProviderClientId` | string | `''` | | Client ID of the Application in the external Identity Provider. Required if identity provider is used. | | `identityProviderClientSecret` | secureString | `''` | | Client secret of the Application in external Identity Provider, used to authenticate login request. Required if identity provider is used. | | `identityProviderPasswordResetPolicyName` | string | `''` | | Password Reset Policy Name. Only applies to AAD B2C Identity Provider. | | `identityProviderProfileEditingPolicyName` | string | `''` | | Profile Editing Policy Name. Only applies to AAD B2C Identity Provider. | | `identityProviderSignInPolicyName` | string | `''` | | Signin Policy Name. Only applies to AAD B2C Identity Provider. | -| `identityProviderSignInTenant` | string | `''` | | The TenantId to use instead of Common when logging into Active Directory | +| `identityProviderSignInTenant` | string | `''` | | The TenantId to use instead of Common when logging into Active Directory. | | `identityProviderSignUpPolicyName` | string | `''` | | Signup Policy Name. Only applies to AAD B2C Identity Provider. | | `identityProviderType` | string | `'aad'` | `[aad, aadB2C, facebook, google, microsoft, twitter]` | Identity Provider Type identifier. | @@ -43,6 +47,6 @@ This module deploys API Management Service Identity Provider. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the API management service identity provider | -| `resourceGroupName` | string | The resource group the API management service identity provider was deployed into | -| `resourceId` | string | The resource ID of the API management service identity provider | +| `name` | string | The name of the API management service identity provider. | +| `resourceGroupName` | string | The resource group the API management service identity provider was deployed into. | +| `resourceId` | string | The resource ID of the API management service identity provider. | diff --git a/arm/Microsoft.ApiManagement/service/namedValues/deploy.bicep b/arm/Microsoft.ApiManagement/service/namedValues/deploy.bicep index 831aba17df..ae752cb224 100644 --- a/arm/Microsoft.ApiManagement/service/namedValues/deploy.bicep +++ b/arm/Microsoft.ApiManagement/service/namedValues/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. The name of the of the API Management service.') +@description('Conditional. The name of the parent API Management service. Required if the template is used in a standalone deployment.') param apiManagementServiceName string = '' @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -7,13 +7,13 @@ param enableDefaultTelemetry bool = true @description('Required. Unique name of NamedValue. It may contain only letters, digits, period, dash, and underscore characters.') param displayName string -@description('Optional. KeyVault location details of the namedValue. ') +@description('Optional. KeyVault location details of the namedValue.') param keyVault object = {} @description('Required. Named value Name.') param name string -@description('Optional. Tags that when provided can be used to filter the NamedValue list. - string') +@description('Optional. Tags that when provided can be used to filter the NamedValue list. - string.') param namedValueTags array = [] @description('Optional. Determines whether the value is a secret and should be encrypted or not. Default value is false.') @@ -52,11 +52,11 @@ resource namedValue 'Microsoft.ApiManagement/service/namedValues@2021-08-01' = { } } -@description('The resource ID of the named value') +@description('The resource ID of the named value.') output resourceId string = namedValue.id -@description('The name of the named value') +@description('The name of the named value.') output name string = namedValue.name -@description('The resource group the named value was deployed into') +@description('The resource group the named value was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ApiManagement/service/namedValues/readme.md b/arm/Microsoft.ApiManagement/service/namedValues/readme.md index f1b18f496c..c9c4d6ff38 100644 --- a/arm/Microsoft.ApiManagement/service/namedValues/readme.md +++ b/arm/Microsoft.ApiManagement/service/namedValues/readme.md @@ -23,18 +23,22 @@ The following resources are required to be able to deploy this resource. ## Parameters **Required parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `displayName` | string | Unique name of NamedValue. It may contain only letters, digits, period, dash, and underscore characters. | +| `name` | string | Named value Name. | + +**Conditional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | -| `apiManagementServiceName` | string | `''` | The name of the of the API Management service. | -| `displayName` | string | | Unique name of NamedValue. It may contain only letters, digits, period, dash, and underscore characters. | -| `name` | string | | Named value Name. | +| `apiManagementServiceName` | string | `''` | The name of the parent API Management service. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `keyVault` | object | `{object}` | KeyVault location details of the namedValue. | -| `namedValueTags` | array | `[]` | Tags that when provided can be used to filter the NamedValue list. - string | +| `keyVault` | object | `{object}` | KeyVault location details of the namedValue. | +| `namedValueTags` | array | `[]` | Tags that when provided can be used to filter the NamedValue list. - string. | | `secret` | bool | `False` | Determines whether the value is a secret and should be encrypted or not. Default value is false. | | `value` | string | `[newGuid()]` | Value of the NamedValue. Can contain policy expressions. It may not be empty or consist only of whitespace. This property will not be filled on 'GET' operations! Use '/listSecrets' POST request to get the value. | @@ -54,6 +58,6 @@ The following resources are required to be able to deploy this resource. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the named value | -| `resourceGroupName` | string | The resource group the named value was deployed into | -| `resourceId` | string | The resource ID of the named value | +| `name` | string | The name of the named value. | +| `resourceGroupName` | string | The resource group the named value was deployed into. | +| `resourceId` | string | The resource ID of the named value. | diff --git a/arm/Microsoft.ApiManagement/service/policies/deploy.bicep b/arm/Microsoft.ApiManagement/service/policies/deploy.bicep index 3d537ef780..92ffa2ef9e 100644 --- a/arm/Microsoft.ApiManagement/service/policies/deploy.bicep +++ b/arm/Microsoft.ApiManagement/service/policies/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. The name of the of the API Management service.') +@description('Conditional. The name of the parent API Management service. Required if the template is used in a standalone deployment.') param apiManagementServiceName string -@description('Optional. The name of the policy') +@description('Optional. The name of the policy.') param name string = 'policy' @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -44,11 +44,11 @@ resource policy 'Microsoft.ApiManagement/service/policies@2021-08-01' = { } } -@description('The resource ID of the API management service policy') +@description('The resource ID of the API management service policy.') output resourceId string = policy.id -@description('The name of the API management service policy') +@description('The name of the API management service policy.') output name string = policy.name -@description('The resource group the API management service policy was deployed into') +@description('The resource group the API management service policy was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ApiManagement/service/policies/readme.md b/arm/Microsoft.ApiManagement/service/policies/readme.md index cdba55af0b..33b6f49c14 100644 --- a/arm/Microsoft.ApiManagement/service/policies/readme.md +++ b/arm/Microsoft.ApiManagement/service/policies/readme.md @@ -19,21 +19,25 @@ This module deploys API Management Service Policy. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `apiManagementServiceName` | string | The name of the of the API Management service. | | `value` | string | Contents of the Policy as defined by the format. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `apiManagementServiceName` | string | The name of the parent API Management service. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `format` | string | `'xml'` | `[rawxml, rawxml-link, xml, xml-link]` | Format of the policyContent. | -| `name` | string | `'policy'` | | The name of the policy | +| `name` | string | `'policy'` | | The name of the policy. | ## Outputs | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the API management service policy | -| `resourceGroupName` | string | The resource group the API management service policy was deployed into | -| `resourceId` | string | The resource ID of the API management service policy | +| `name` | string | The name of the API management service policy. | +| `resourceGroupName` | string | The resource group the API management service policy was deployed into. | +| `resourceId` | string | The resource ID of the API management service policy. | diff --git a/arm/Microsoft.ApiManagement/service/portalsettings/deploy.bicep b/arm/Microsoft.ApiManagement/service/portalsettings/deploy.bicep index d6bf5a736e..2d3b46b433 100644 --- a/arm/Microsoft.ApiManagement/service/portalsettings/deploy.bicep +++ b/arm/Microsoft.ApiManagement/service/portalsettings/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. The name of the of the API Management service.') +@description('Conditional. The name of the parent API Management service. Required if the template is used in a standalone deployment.') param apiManagementServiceName string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') param enableDefaultTelemetry bool = true -@description('Required. Portal setting name') +@description('Required. Portal setting name.') @allowed([ 'delegation' 'signin' @@ -37,11 +37,11 @@ resource portalSetting 'Microsoft.ApiManagement/service/portalsettings@2021-08-0 properties: properties } -@description('The resource ID of the API management service portal setting') +@description('The resource ID of the API management service portal setting.') output resourceId string = portalSetting.id -@description('The name of the API management service portal setting') +@description('The name of the API management service portal setting.') output name string = portalSetting.name -@description('The resource group the API management service portal setting was deployed into') +@description('The resource group the API management service portal setting was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ApiManagement/service/portalsettings/readme.md b/arm/Microsoft.ApiManagement/service/portalsettings/readme.md index 0c86bd8c49..64d512dea9 100644 --- a/arm/Microsoft.ApiManagement/service/portalsettings/readme.md +++ b/arm/Microsoft.ApiManagement/service/portalsettings/readme.md @@ -19,8 +19,12 @@ This module deploys API Management Service Portal Setting. **Required parameters** | Parameter Name | Type | Allowed Values | Description | | :-- | :-- | :-- | :-- | -| `apiManagementServiceName` | string | | The name of the of the API Management service. | -| `name` | string | `[delegation, signin, signup]` | Portal setting name | +| `name` | string | `[delegation, signin, signup]` | Portal setting name. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `apiManagementServiceName` | string | The name of the parent API Management service. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -33,6 +37,6 @@ This module deploys API Management Service Portal Setting. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the API management service portal setting | -| `resourceGroupName` | string | The resource group the API management service portal setting was deployed into | -| `resourceId` | string | The resource ID of the API management service portal setting | +| `name` | string | The name of the API management service portal setting. | +| `resourceGroupName` | string | The resource group the API management service portal setting was deployed into. | +| `resourceId` | string | The resource ID of the API management service portal setting. | diff --git a/arm/Microsoft.ApiManagement/service/products/apis/deploy.bicep b/arm/Microsoft.ApiManagement/service/products/apis/deploy.bicep index 2d5482ae3d..0180dcd197 100644 --- a/arm/Microsoft.ApiManagement/service/products/apis/deploy.bicep +++ b/arm/Microsoft.ApiManagement/service/products/apis/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. The name of the of the API Management service.') +@description('Conditional. The name of the parent API Management service. Required if the template is used in a standalone deployment.') param apiManagementServiceName string -@description('Required. The name of the of the Product.') +@description('Conditional. The name of the parent Product. Required if the template is used in a standalone deployment.') param productName string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -35,11 +35,11 @@ resource api 'Microsoft.ApiManagement/service/products/apis@2021-08-01' = { parent: service::product } -@description('The resource ID of the product API') +@description('The resource ID of the product API.') output resourceId string = api.id -@description('The name of the product API') +@description('The name of the product API.') output name string = api.name -@description('The resource group the product API was deployed into') +@description('The resource group the product API was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ApiManagement/service/products/apis/readme.md b/arm/Microsoft.ApiManagement/service/products/apis/readme.md index faca3ea52c..38ece595ba 100644 --- a/arm/Microsoft.ApiManagement/service/products/apis/readme.md +++ b/arm/Microsoft.ApiManagement/service/products/apis/readme.md @@ -19,9 +19,13 @@ This module deploys API Management Service Product APIs. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `apiManagementServiceName` | string | The name of the of the API Management service. | | `name` | string | Name of the product API. | -| `productName` | string | The name of the of the Product. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `apiManagementServiceName` | string | The name of the parent API Management service. Required if the template is used in a standalone deployment. | +| `productName` | string | The name of the parent Product. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -33,6 +37,6 @@ This module deploys API Management Service Product APIs. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the product API | -| `resourceGroupName` | string | The resource group the product API was deployed into | -| `resourceId` | string | The resource ID of the product API | +| `name` | string | The name of the product API. | +| `resourceGroupName` | string | The resource group the product API was deployed into. | +| `resourceId` | string | The resource ID of the product API. | diff --git a/arm/Microsoft.ApiManagement/service/products/deploy.bicep b/arm/Microsoft.ApiManagement/service/products/deploy.bicep index 59a9b7e3fd..e3205da7e3 100644 --- a/arm/Microsoft.ApiManagement/service/products/deploy.bicep +++ b/arm/Microsoft.ApiManagement/service/products/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. The name of the of the API Management service.') +@description('Conditional. The name of the parent API Management service. Required if the template is used in a standalone deployment.') param apiManagementServiceName string @description('Optional. Whether subscription approval is required. If false, new subscriptions will be approved automatically enabling developers to call the products APIs immediately after subscribing. If true, administrators must manually approve the subscription before the developer can any of the products APIs. Can be present only if subscriptionRequired property is present and has a value of false.') @@ -19,7 +19,7 @@ param groups array = [] @description('Required. Product Name.') param name string -@description('Optional. whether product is published or not. Published products are discoverable by users of developer portal. Non published products are visible only to administrators. Default state of Product is notPublished. - notPublished or published') +@description('Optional. whether product is published or not. Published products are discoverable by users of developer portal. Non published products are visible only to administrators. Default state of Product is notPublished. - notPublished or published.') param state string = 'published' @description('Optional. Whether a product subscription is required for accessing APIs included in this product. If true, the product is referred to as "protected" and a valid subscription key is required for a request to an API included in the product to succeed. If false, the product is referred to as "open" and requests to an API included in the product can be made without a subscription key. If property is omitted when creating a new product it\'s value is assumed to be true.') @@ -81,17 +81,17 @@ module product_groups 'groups/deploy.bicep' = [for (group, index) in groups: { } }] -@description('The resource ID of the API management service product') +@description('The resource ID of the API management service product.') output resourceId string = product.id -@description('The name of the API management service product') +@description('The name of the API management service product.') output name string = product.name -@description('The resource group the API management service product was deployed into') +@description('The resource group the API management service product was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The Resources IDs of the API management service product APIs') +@description('The Resources IDs of the API management service product APIs.') output apiResourceIds array = [for index in range(0, length(apis)): product_apis[index].outputs.resourceId] -@description('The Resources IDs of the API management service product groups') +@description('The Resources IDs of the API management service product groups.') output groupResourceIds array = [for index in range(0, length(groups)): product_groups[index].outputs.resourceId] diff --git a/arm/Microsoft.ApiManagement/service/products/groups/deploy.bicep b/arm/Microsoft.ApiManagement/service/products/groups/deploy.bicep index 410e7122d3..729680bb6f 100644 --- a/arm/Microsoft.ApiManagement/service/products/groups/deploy.bicep +++ b/arm/Microsoft.ApiManagement/service/products/groups/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. The name of the of the API Management service.') +@description('Conditional. The name of the parent API Management service. Required if the template is used in a standalone deployment.') param apiManagementServiceName string -@description('Required. The name of the of the Product.') +@description('Conditional. The name of the parent Product. Required if the template is used in a standalone deployment.') param productName string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -35,11 +35,11 @@ resource group 'Microsoft.ApiManagement/service/products/groups@2021-08-01' = { parent: service::product } -@description('The resource ID of the product group') +@description('The resource ID of the product group.') output resourceId string = group.id -@description('The name of the product group') +@description('The name of the product group.') output name string = group.name -@description('The resource group the product group was deployed into') +@description('The resource group the product group was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ApiManagement/service/products/groups/readme.md b/arm/Microsoft.ApiManagement/service/products/groups/readme.md index 664fcbd1be..366a5433b7 100644 --- a/arm/Microsoft.ApiManagement/service/products/groups/readme.md +++ b/arm/Microsoft.ApiManagement/service/products/groups/readme.md @@ -19,9 +19,13 @@ This module deploys API Management Service Product Groups. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `apiManagementServiceName` | string | The name of the of the API Management service. | | `name` | string | Name of the product group. | -| `productName` | string | The name of the of the Product. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `apiManagementServiceName` | string | The name of the parent API Management service. Required if the template is used in a standalone deployment. | +| `productName` | string | The name of the parent Product. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -33,6 +37,6 @@ This module deploys API Management Service Product Groups. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the product group | -| `resourceGroupName` | string | The resource group the product group was deployed into | -| `resourceId` | string | The resource ID of the product group | +| `name` | string | The name of the product group. | +| `resourceGroupName` | string | The resource group the product group was deployed into. | +| `resourceId` | string | The resource ID of the product group. | diff --git a/arm/Microsoft.ApiManagement/service/products/readme.md b/arm/Microsoft.ApiManagement/service/products/readme.md index 50557d7d4f..f65f9b355b 100644 --- a/arm/Microsoft.ApiManagement/service/products/readme.md +++ b/arm/Microsoft.ApiManagement/service/products/readme.md @@ -27,9 +27,13 @@ The following resources are required to be able to deploy this resource. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `apiManagementServiceName` | string | The name of the of the API Management service. | | `name` | string | Product Name. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `apiManagementServiceName` | string | The name of the parent API Management service. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | @@ -38,7 +42,7 @@ The following resources are required to be able to deploy this resource. | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `groups` | _[groups](groups/readme.md)_ array | `[]` | Array of Product Groups. | | `productDescription` | string | `''` | Product description. May include HTML formatting tags. | -| `state` | string | `'published'` | whether product is published or not. Published products are discoverable by users of developer portal. Non published products are visible only to administrators. Default state of Product is notPublished. - notPublished or published | +| `state` | string | `'published'` | whether product is published or not. Published products are discoverable by users of developer portal. Non published products are visible only to administrators. Default state of Product is notPublished. - notPublished or published. | | `subscriptionRequired` | bool | `False` | Whether a product subscription is required for accessing APIs included in this product. If true, the product is referred to as "protected" and a valid subscription key is required for a request to an API included in the product to succeed. If false, the product is referred to as "open" and requests to an API included in the product can be made without a subscription key. If property is omitted when creating a new product it's value is assumed to be true. | | `subscriptionsLimit` | int | `1` | Whether the number of subscriptions a user can have to this product at the same time. Set to null or omit to allow unlimited per user subscriptions. Can be present only if subscriptionRequired property is present and has a value of false. | | `terms` | string | `''` | Product terms of use. Developers trying to subscribe to the product will be presented and required to accept these terms before they can complete the subscription process. | @@ -48,8 +52,8 @@ The following resources are required to be able to deploy this resource. | Output Name | Type | Description | | :-- | :-- | :-- | -| `apiResourceIds` | array | The Resources IDs of the API management service product APIs | -| `groupResourceIds` | array | The Resources IDs of the API management service product groups | -| `name` | string | The name of the API management service product | -| `resourceGroupName` | string | The resource group the API management service product was deployed into | -| `resourceId` | string | The resource ID of the API management service product | +| `apiResourceIds` | array | The Resources IDs of the API management service product APIs. | +| `groupResourceIds` | array | The Resources IDs of the API management service product groups. | +| `name` | string | The name of the API management service product. | +| `resourceGroupName` | string | The resource group the API management service product was deployed into. | +| `resourceId` | string | The resource ID of the API management service product. | diff --git a/arm/Microsoft.ApiManagement/service/readme.md b/arm/Microsoft.ApiManagement/service/readme.md index a4fdd42db1..17950ae8b6 100644 --- a/arm/Microsoft.ApiManagement/service/readme.md +++ b/arm/Microsoft.ApiManagement/service/readme.md @@ -7,6 +7,7 @@ This module deploys an API management service. - [Resource types](#Resource-types) - [Parameters](#Parameters) - [Outputs](#Outputs) +- [Considerations](#Considerations) ## Resource types @@ -36,7 +37,7 @@ This module deploys an API management service. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the of the API Management service. | +| `name` | string | The name of the API Management service. | | `publisherEmail` | string | The email address of the owner of the service. | | `publisherName` | string | The name of the owner of the service. | @@ -74,7 +75,7 @@ This module deploys an API management service. | `portalSettings` | _[portalSettings](portalSettings/readme.md)_ array | `[]` | | Portal settings. | | `products` | _[products](products/readme.md)_ array | `[]` | | Products. | | `restore` | bool | `False` | | Undelete API Management Service if it was previously soft-deleted. If this flag is specified and set to True all other properties will be ignored. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `sku` | string | `'Developer'` | `[Consumption, Developer, Basic, Standard, Premium]` | The pricing tier of this API Management service. | | `skuCount` | int | `1` | `[1, 2]` | The instance size of this API Management service. | | `subnetResourceId` | string | `''` | | The full resource ID of a subnet in a virtual network to deploy the API Management service in. | @@ -157,7 +158,14 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the API management service | -| `resourceGroupName` | string | The resource group the API management service was deployed into | -| `resourceId` | string | The resource ID of the API management service | +| `name` | string | The name of the API management service. | +| `resourceGroupName` | string | The resource group the API management service was deployed into. | +| `resourceId` | string | The resource ID of the API management service. | | `systemAssignedPrincipalId` | string | The principal ID of the system assigned identity. | + + +## Considerations + +- *None* + +======= diff --git a/arm/Microsoft.ApiManagement/service/subscriptions/deploy.bicep b/arm/Microsoft.ApiManagement/service/subscriptions/deploy.bicep index 477bde8cd0..44b4dd5647 100644 --- a/arm/Microsoft.ApiManagement/service/subscriptions/deploy.bicep +++ b/arm/Microsoft.ApiManagement/service/subscriptions/deploy.bicep @@ -1,13 +1,13 @@ @description('Optional. Determines whether tracing can be enabled.') param allowTracing bool = true -@description('Required. The name of the of the API Management service.') +@description('Conditional. The name of the parent API Management service. Required if the template is used in a standalone deployment.') param apiManagementServiceName string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. User (user ID path) for whom subscription is being created in form /users/{userId}') +@description('Optional. User (user ID path) for whom subscription is being created in form /users/{userId}.') param ownerId string = '' @description('Optional. Primary subscription key. If not specified during request key will be generated automatically.') @@ -19,7 +19,7 @@ param scope string = '/apis' @description('Optional. Secondary subscription key. If not specified during request key will be generated automatically.') param secondaryKey string = '' -@description('Optional. Initial subscription state. If no value is specified, subscription is created with Submitted state. Possible states are "*" active "?" the subscription is active, "*" suspended "?" the subscription is blocked, and the subscriber cannot call any APIs of the product, * submitted ? the subscription request has been made by the developer, but has not yet been approved or rejected, * rejected ? the subscription request has been denied by an administrator, * cancelled ? the subscription has been cancelled by the developer or administrator, * expired ? the subscription reached its expiration date and was deactivated. - suspended, active, expired, submitted, rejected, cancelled') +@description('Optional. Initial subscription state. If no value is specified, subscription is created with Submitted state. Possible states are "*" active "?" the subscription is active, "*" suspended "?" the subscription is blocked, and the subscriber cannot call any APIs of the product, * submitted ? the subscription request has been made by the developer, but has not yet been approved or rejected, * rejected ? the subscription request has been denied by an administrator, * cancelled ? the subscription has been cancelled by the developer or administrator, * expired ? the subscription reached its expiration date and was deactivated. - suspended, active, expired, submitted, rejected, cancelled.') param state string = '' @description('Required. Subscription name.') @@ -55,11 +55,11 @@ resource subscription 'Microsoft.ApiManagement/service/subscriptions@2021-08-01' } } -@description('The resource ID of the API management service subscription') +@description('The resource ID of the API management service subscription.') output resourceId string = subscription.id -@description('The name of the API management service subscription') +@description('The name of the API management service subscription.') output name string = subscription.name -@description('The resource group the API management service subscription was deployed into') +@description('The resource group the API management service subscription was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ApiManagement/service/subscriptions/readme.md b/arm/Microsoft.ApiManagement/service/subscriptions/readme.md index a49a87aaa4..6016921fa9 100644 --- a/arm/Microsoft.ApiManagement/service/subscriptions/readme.md +++ b/arm/Microsoft.ApiManagement/service/subscriptions/readme.md @@ -25,25 +25,29 @@ The following resources are required to be able to deploy this resource. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `apiManagementServiceName` | string | The name of the of the API Management service. | | `name` | string | Subscription name. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `apiManagementServiceName` | string | The name of the parent API Management service. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `allowTracing` | bool | `True` | Determines whether tracing can be enabled. | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `ownerId` | string | `''` | User (user ID path) for whom subscription is being created in form /users/{userId} | +| `ownerId` | string | `''` | User (user ID path) for whom subscription is being created in form /users/{userId}. | | `primaryKey` | string | `''` | Primary subscription key. If not specified during request key will be generated automatically. | | `scope` | string | `'/apis'` | Scope type to choose between a product, "allAPIs" or a specific API. Scope like "/products/{productId}" or "/apis" or "/apis/{apiId}". | | `secondaryKey` | string | `''` | Secondary subscription key. If not specified during request key will be generated automatically. | -| `state` | string | `''` | Initial subscription state. If no value is specified, subscription is created with Submitted state. Possible states are "*" active "?" the subscription is active, "*" suspended "?" the subscription is blocked, and the subscriber cannot call any APIs of the product, * submitted ? the subscription request has been made by the developer, but has not yet been approved or rejected, * rejected ? the subscription request has been denied by an administrator, * cancelled ? the subscription has been cancelled by the developer or administrator, * expired ? the subscription reached its expiration date and was deactivated. - suspended, active, expired, submitted, rejected, cancelled | +| `state` | string | `''` | Initial subscription state. If no value is specified, subscription is created with Submitted state. Possible states are "*" active "?" the subscription is active, "*" suspended "?" the subscription is blocked, and the subscriber cannot call any APIs of the product, * submitted ? the subscription request has been made by the developer, but has not yet been approved or rejected, * rejected ? the subscription request has been denied by an administrator, * cancelled ? the subscription has been cancelled by the developer or administrator, * expired ? the subscription reached its expiration date and was deactivated. - suspended, active, expired, submitted, rejected, cancelled. | ## Outputs | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the API management service subscription | -| `resourceGroupName` | string | The resource group the API management service subscription was deployed into | -| `resourceId` | string | The resource ID of the API management service subscription | +| `name` | string | The name of the API management service subscription. | +| `resourceGroupName` | string | The resource group the API management service subscription was deployed into. | +| `resourceId` | string | The resource ID of the API management service subscription. | diff --git a/arm/Microsoft.Automation/automationAccounts/deploy.bicep b/arm/Microsoft.Automation/automationAccounts/deploy.bicep index 0302bb3f62..e2be4b7325 100644 --- a/arm/Microsoft.Automation/automationAccounts/deploy.bicep +++ b/arm/Microsoft.Automation/automationAccounts/deploy.bicep @@ -48,10 +48,10 @@ param variables array = [] @description('Optional. ID of the log analytics workspace to be linked to the deployed automation account.') param linkedWorkspaceId string = '' -@description('Optional. List of gallerySolutions to be created in the linked log analytics workspace') +@description('Optional. List of gallerySolutions to be created in the linked log analytics workspace.') param gallerySolutions array = [] -@description('Optional. List of softwareUpdateConfigurations to be created in the automation account') +@description('Optional. List of softwareUpdateConfigurations to be created in the automation account.') param softwareUpdateConfigurations array = [] @description('Optional. Configuration Details for private endpoints.') @@ -371,13 +371,13 @@ module automationAccount_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, } }] -@description('The name of the deployed automation account') +@description('The name of the deployed automation account.') output name string = automationAccount.name -@description('The resource ID of the deployed automation account') +@description('The resource ID of the deployed automation account.') output resourceId string = automationAccount.id -@description('The resource group of the deployed automation account') +@description('The resource group of the deployed automation account.') output resourceGroupName string = resourceGroup().name @description('The principal ID of the system assigned identity.') diff --git a/arm/Microsoft.Automation/automationAccounts/jobSchedules/deploy.bicep b/arm/Microsoft.Automation/automationAccounts/jobSchedules/deploy.bicep index 221b1747ad..16d926aef4 100644 --- a/arm/Microsoft.Automation/automationAccounts/jobSchedules/deploy.bicep +++ b/arm/Microsoft.Automation/automationAccounts/jobSchedules/deploy.bicep @@ -1,7 +1,7 @@ @description('Optional. Name of the Automation Account job schedule. Must be a GUID. If not provided, a new GUID is generated.') param name string = newGuid() -@description('Required. Name of the parent Automation Account.') +@description('Conditional. Name of the parent Automation Account. Required if the template is used in a standalone deployment.') param automationAccountName string @description('Required. The runbook property associated with the entity.') @@ -50,11 +50,11 @@ resource jobSchedule 'Microsoft.Automation/automationAccounts/jobSchedules@2020- } } -@description('The name of the deployed job schedule') +@description('The name of the deployed job schedule.') output name string = jobSchedule.name -@description('The resource ID of the deployed job schedule') +@description('The resource ID of the deployed job schedule.') output resourceId string = jobSchedule.id -@description('The resource group of the deployed job schedule') +@description('The resource group of the deployed job schedule.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Automation/automationAccounts/jobSchedules/readme.md b/arm/Microsoft.Automation/automationAccounts/jobSchedules/readme.md index c0e558a792..142509a5f2 100644 --- a/arm/Microsoft.Automation/automationAccounts/jobSchedules/readme.md +++ b/arm/Microsoft.Automation/automationAccounts/jobSchedules/readme.md @@ -19,10 +19,14 @@ This module deploys an Azure Automation Account Job Schedule. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `automationAccountName` | string | Name of the parent Automation Account. | | `runbookName` | string | The runbook property associated with the entity. | | `scheduleName` | string | The schedule property associated with the entity. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `automationAccountName` | string | Name of the parent Automation Account. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | @@ -36,6 +40,6 @@ This module deploys an Azure Automation Account Job Schedule. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed job schedule | -| `resourceGroupName` | string | The resource group of the deployed job schedule | -| `resourceId` | string | The resource ID of the deployed job schedule | +| `name` | string | The name of the deployed job schedule. | +| `resourceGroupName` | string | The resource group of the deployed job schedule. | +| `resourceId` | string | The resource ID of the deployed job schedule. | diff --git a/arm/Microsoft.Automation/automationAccounts/modules/deploy.bicep b/arm/Microsoft.Automation/automationAccounts/modules/deploy.bicep index 3613074482..72425995ee 100644 --- a/arm/Microsoft.Automation/automationAccounts/modules/deploy.bicep +++ b/arm/Microsoft.Automation/automationAccounts/modules/deploy.bicep @@ -1,7 +1,7 @@ @description('Required. Name of the Automation Account module.') param name string -@description('Required. Name of the parent Automation Account.') +@description('Conditional. Name of the parent Automation Account. Required if the template is used in a standalone deployment.') param automationAccountName string @description('Required. Module package uri, e.g. https://www.powershellgallery.com/api/v2/package.') @@ -48,11 +48,11 @@ resource module 'Microsoft.Automation/automationAccounts/modules@2020-01-13-prev } } -@description('The name of the deployed module') +@description('The name of the deployed module.') output name string = module.name -@description('The resource ID of the deployed module') +@description('The resource ID of the deployed module.') output resourceId string = module.id -@description('The resource group of the deployed module') +@description('The resource group of the deployed module.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Automation/automationAccounts/modules/readme.md b/arm/Microsoft.Automation/automationAccounts/modules/readme.md index 73f411e926..b4eea34fdf 100644 --- a/arm/Microsoft.Automation/automationAccounts/modules/readme.md +++ b/arm/Microsoft.Automation/automationAccounts/modules/readme.md @@ -19,10 +19,14 @@ This module deploys an Azure Automation Account Module. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `automationAccountName` | string | Name of the parent Automation Account. | | `name` | string | Name of the Automation Account module. | | `uri` | string | Module package uri, e.g. https://www.powershellgallery.com/api/v2/package. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `automationAccountName` | string | Name of the parent Automation Account. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | @@ -53,6 +57,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed module | -| `resourceGroupName` | string | The resource group of the deployed module | -| `resourceId` | string | The resource ID of the deployed module | +| `name` | string | The name of the deployed module. | +| `resourceGroupName` | string | The resource group of the deployed module. | +| `resourceId` | string | The resource ID of the deployed module. | diff --git a/arm/Microsoft.Automation/automationAccounts/readme.md b/arm/Microsoft.Automation/automationAccounts/readme.md index 997ea76bd7..3237cb1f58 100644 --- a/arm/Microsoft.Automation/automationAccounts/readme.md +++ b/arm/Microsoft.Automation/automationAccounts/readme.md @@ -48,7 +48,7 @@ This module deploys an Azure Automation Account. | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `encryptionKeySource` | string | `'Microsoft.Automation'` | `[Microsoft.Automation, Microsoft.Keyvault]` | Encryption Key Source. For security reasons it is recommended to use Microsoft.Keyvault if custom keys are available. | | `encryptionUserAssignedIdentity` | string | `''` | | User identity used for CMK. If you set encryptionKeySource as Microsoft.Keyvault encryptionUserAssignedIdentity is required. | -| `gallerySolutions` | array | `[]` | | List of gallerySolutions to be created in the linked log analytics workspace | +| `gallerySolutions` | array | `[]` | | List of gallerySolutions to be created in the linked log analytics workspace. | | `jobSchedules` | _[jobSchedules](jobSchedules/readme.md)_ array | `[]` | | List of jobSchedules to be created in the automation account. | | `keyName` | string | `''` | | The name of key used to encrypt data. This parameter is needed only if you enable Microsoft.Keyvault as encryptionKeySource. | | `keyvaultUri` | string | `''` | | The URI of the key vault key used to encrypt data. This parameter is needed only if you enable Microsoft.Keyvault as encryptionKeySource. | @@ -62,7 +62,7 @@ This module deploys an Azure Automation Account. | `runbooks` | _[runbooks](runbooks/readme.md)_ array | `[]` | | List of runbooks to be created in the automation account. | | `schedules` | _[schedules](schedules/readme.md)_ array | `[]` | | List of schedules to be created in the automation account. | | `skuName` | string | `'Basic'` | `[Free, Basic]` | SKU name of the account. | -| `softwareUpdateConfigurations` | _[softwareUpdateConfigurations](softwareUpdateConfigurations/readme.md)_ array | `[]` | | List of softwareUpdateConfigurations to be created in the automation account | +| `softwareUpdateConfigurations` | _[softwareUpdateConfigurations](softwareUpdateConfigurations/readme.md)_ array | `[]` | | List of softwareUpdateConfigurations to be created in the automation account. | | `systemAssignedIdentity` | bool | `False` | | Enables system assigned managed identity on the resource. | | `tags` | object | `{object}` | | Tags of the Automation Account resource. | | `userAssignedIdentities` | object | `{object}` | | The ID(s) to assign to the resource. | @@ -196,7 +196,7 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed automation account | -| `resourceGroupName` | string | The resource group of the deployed automation account | -| `resourceId` | string | The resource ID of the deployed automation account | +| `name` | string | The name of the deployed automation account. | +| `resourceGroupName` | string | The resource group of the deployed automation account. | +| `resourceId` | string | The resource ID of the deployed automation account. | | `systemAssignedPrincipalId` | string | The principal ID of the system assigned identity. | diff --git a/arm/Microsoft.Automation/automationAccounts/runbooks/deploy.bicep b/arm/Microsoft.Automation/automationAccounts/runbooks/deploy.bicep index e506586e52..712ad6f8f5 100644 --- a/arm/Microsoft.Automation/automationAccounts/runbooks/deploy.bicep +++ b/arm/Microsoft.Automation/automationAccounts/runbooks/deploy.bicep @@ -1,7 +1,7 @@ @description('Required. Name of the Automation Account runbook.') param name string -@description('Required. Name of the parent Automation Account.') +@description('Conditional. Name of the parent Automation Account. Required if the template is used in a standalone deployment.') param automationAccountName string @allowed([ @@ -87,11 +87,11 @@ resource runbook 'Microsoft.Automation/automationAccounts/runbooks@2019-06-01' = } } -@description('The name of the deployed runbook') +@description('The name of the deployed runbook.') output name string = runbook.name -@description('The resource ID of the deployed runbook') +@description('The resource ID of the deployed runbook.') output resourceId string = runbook.id -@description('The resource group of the deployed runbook') +@description('The resource group of the deployed runbook.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Automation/automationAccounts/runbooks/readme.md b/arm/Microsoft.Automation/automationAccounts/runbooks/readme.md index bcf3391a03..5e820dceb7 100644 --- a/arm/Microsoft.Automation/automationAccounts/runbooks/readme.md +++ b/arm/Microsoft.Automation/automationAccounts/runbooks/readme.md @@ -19,10 +19,14 @@ This module deploys an Azure Automation Account Runbook. **Required parameters** | Parameter Name | Type | Allowed Values | Description | | :-- | :-- | :-- | :-- | -| `automationAccountName` | string | | Name of the parent Automation Account. | | `name` | string | | Name of the Automation Account runbook. | | `runbookType` | string | `[Graph, GraphPowerShell, GraphPowerShellWorkflow, PowerShell, PowerShellWorkflow]` | The type of the runbook. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `automationAccountName` | string | Name of the parent Automation Account. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | @@ -62,6 +66,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed runbook | -| `resourceGroupName` | string | The resource group of the deployed runbook | -| `resourceId` | string | The resource ID of the deployed runbook | +| `name` | string | The name of the deployed runbook. | +| `resourceGroupName` | string | The resource group of the deployed runbook. | +| `resourceId` | string | The resource ID of the deployed runbook. | diff --git a/arm/Microsoft.Automation/automationAccounts/schedules/deploy.bicep b/arm/Microsoft.Automation/automationAccounts/schedules/deploy.bicep index aa89f7cce3..8bdd4cbc70 100644 --- a/arm/Microsoft.Automation/automationAccounts/schedules/deploy.bicep +++ b/arm/Microsoft.Automation/automationAccounts/schedules/deploy.bicep @@ -1,7 +1,7 @@ @description('Required. Name of the Automation Account schedule.') param name string -@description('Required. Name of the parent Automation Account.') +@description('Conditional. Name of the parent Automation Account. Required if the template is used in a standalone deployment.') param automationAccountName string @description('Optional. The properties of the create Advanced Schedule.') @@ -29,7 +29,7 @@ param expiryTime string = '' @description('Optional. The frequency of the schedule.') param frequency string = 'OneTime' -@description('Optional. Anything') +@description('Optional. Anything.') param interval int = 0 @description('Optional. The start time of the schedule.') @@ -74,11 +74,11 @@ resource schedule 'Microsoft.Automation/automationAccounts/schedules@2020-01-13- } } -@description('The name of the deployed schedule') +@description('The name of the deployed schedule.') output name string = schedule.name -@description('The resource ID of the deployed schedule') +@description('The resource ID of the deployed schedule.') output resourceId string = schedule.id -@description('The resource group of the deployed schedule') +@description('The resource group of the deployed schedule.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Automation/automationAccounts/schedules/readme.md b/arm/Microsoft.Automation/automationAccounts/schedules/readme.md index 929f3d1385..7543e55038 100644 --- a/arm/Microsoft.Automation/automationAccounts/schedules/readme.md +++ b/arm/Microsoft.Automation/automationAccounts/schedules/readme.md @@ -19,9 +19,13 @@ This module deploys an Azure Automation Account Schedule. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `automationAccountName` | string | Name of the parent Automation Account. | | `name` | string | Name of the Automation Account schedule. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `automationAccountName` | string | Name of the parent Automation Account. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | @@ -29,7 +33,7 @@ This module deploys an Azure Automation Account Schedule. | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `expiryTime` | string | `''` | | The end time of the schedule. | | `frequency` | string | `'OneTime'` | `[Day, Hour, Minute, Month, OneTime, Week]` | The frequency of the schedule. | -| `interval` | int | `0` | | Anything | +| `interval` | int | `0` | | Anything. | | `scheduleDescription` | string | `''` | | The description of the schedule. | | `startTime` | string | `''` | | The start time of the schedule. | | `timeZone` | string | `''` | | The time zone of the schedule. | @@ -44,6 +48,6 @@ This module deploys an Azure Automation Account Schedule. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed schedule | -| `resourceGroupName` | string | The resource group of the deployed schedule | -| `resourceId` | string | The resource ID of the deployed schedule | +| `name` | string | The name of the deployed schedule. | +| `resourceGroupName` | string | The resource group of the deployed schedule. | +| `resourceId` | string | The resource ID of the deployed schedule. | diff --git a/arm/Microsoft.Automation/automationAccounts/softwareUpdateConfigurations/deploy.bicep b/arm/Microsoft.Automation/automationAccounts/softwareUpdateConfigurations/deploy.bicep index 8536be21b2..9bb754b499 100644 --- a/arm/Microsoft.Automation/automationAccounts/softwareUpdateConfigurations/deploy.bicep +++ b/arm/Microsoft.Automation/automationAccounts/softwareUpdateConfigurations/deploy.bicep @@ -1,7 +1,7 @@ @description('Required. The name of the Deployment schedule.') param name string -@description('Required. Name of the parent Automation Account') +@description('Conditional. Name of the parent Automation Account. Required if the template is used in a standalone deployment.') param automationAccountName string @description('Required. The operating system to be configured by the deployment schedule.') @@ -30,7 +30,7 @@ param rebootSetting string ]) param frequency string -@description('Optional. Maximum time allowed for the deployment schedule to run. Duration needs to be specified using the format PT[n]H[n]M[n]S as per ISO8601') +@description('Optional. Maximum time allowed for the deployment schedule to run. Duration needs to be specified using the format PT[n]H[n]M[n]S as per ISO8601.') param maintenanceWindow string = 'PT2H' @description('Optional. Update classification included in the deployment schedule.') @@ -159,13 +159,13 @@ param monthlyOccurrences array = [] @description('Optional. The start time of the deployment schedule in ISO 8601 format. To specify a specific time use YYYY-MM-DDTHH:MM:SS, 2021-12-31T23:00:00. For schedules where we want to start the deployment as soon as possible, specify the time segment only in 24 hour format, HH:MM, 22:00.') param startTime string = '' -@description('Optional. The end time of the deployment schedule in ISO 8601 format. YYYY-MM-DDTHH:MM:SS, 2021-12-31T23:00:00') +@description('Optional. The end time of the deployment schedule in ISO 8601 format. YYYY-MM-DDTHH:MM:SS, 2021-12-31T23:00:00.') param expiryTime string = '' @description('Optional. The expiry time\'s offset in minutes.') param expiryTimeOffsetMinutes int = 0 -@description('Optional. The next time the deployment schedule runs in ISO 8601 format. YYYY-MM-DDTHH:MM:SS, 2021-12-31T23:00:00') +@description('Optional. The next time the deployment schedule runs in ISO 8601 format. YYYY-MM-DDTHH:MM:SS, 2021-12-31T23:00:00.') param nextRun string = '' @description('Optional. The next run\'s offset in minutes.') @@ -263,11 +263,11 @@ resource softwareUpdateConfiguration 'Microsoft.Automation/automationAccounts/so } } -@description('The name of the deployed softwareUpdateConfiguration') +@description('The name of the deployed softwareUpdateConfiguration.') output name string = softwareUpdateConfiguration.name -@description('The resource ID of the deployed softwareUpdateConfiguration') +@description('The resource ID of the deployed softwareUpdateConfiguration.') output resourceId string = softwareUpdateConfiguration.id -@description('The resource group of the deployed softwareUpdateConfiguration') +@description('The resource group of the deployed softwareUpdateConfiguration.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Automation/automationAccounts/softwareUpdateConfigurations/readme.md b/arm/Microsoft.Automation/automationAccounts/softwareUpdateConfigurations/readme.md index 5795a03cc6..80d9034ba9 100644 --- a/arm/Microsoft.Automation/automationAccounts/softwareUpdateConfigurations/readme.md +++ b/arm/Microsoft.Automation/automationAccounts/softwareUpdateConfigurations/readme.md @@ -19,27 +19,31 @@ This module deploys an Azure Automation Account Software update Configuration. **Required parameters** | Parameter Name | Type | Allowed Values | Description | | :-- | :-- | :-- | :-- | -| `automationAccountName` | string | | Name of the parent Automation Account | | `frequency` | string | `[OneTime, Hour, Day, Week, Month]` | The frequency of the deployment schedule. When using 'Hour', 'Day', 'Week' or 'Month', an interval needs to be provided. | | `name` | string | | The name of the Deployment schedule. | | `operatingSystem` | string | `[Windows, Linux]` | The operating system to be configured by the deployment schedule. | | `rebootSetting` | string | `[IfRequired, Never, RebootOnly, Always]` | Reboot setting for the deployment schedule. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `automationAccountName` | string | Name of the parent Automation Account. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `azureVirtualMachines` | array | `[]` | | List of azure resource IDs for azure virtual machines in scope for the deployment schedule. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `excludeUpdates` | array | `[]` | | KB numbers or Linux packages excluded in the deployment schedule. | -| `expiryTime` | string | `''` | | The end time of the deployment schedule in ISO 8601 format. YYYY-MM-DDTHH:MM:SS, 2021-12-31T23:00:00 | +| `expiryTime` | string | `''` | | The end time of the deployment schedule in ISO 8601 format. YYYY-MM-DDTHH:MM:SS, 2021-12-31T23:00:00. | | `expiryTimeOffsetMinutes` | int | `0` | | The expiry time's offset in minutes. | | `includeUpdates` | array | `[]` | | KB numbers or Linux packages included in the deployment schedule. | | `interval` | int | `1` | | The interval of the frequency for the deployment schedule. 1 Hour is every hour, 2 Day is every second day, etc. | | `isEnabled` | bool | `True` | | Enables the deployment schedule. | -| `maintenanceWindow` | string | `'PT2H'` | | Maximum time allowed for the deployment schedule to run. Duration needs to be specified using the format PT[n]H[n]M[n]S as per ISO8601 | +| `maintenanceWindow` | string | `'PT2H'` | | Maximum time allowed for the deployment schedule to run. Duration needs to be specified using the format PT[n]H[n]M[n]S as per ISO8601. | | `monthDays` | array | `[]` | `[1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31]` | Can be used with frequency 'Month'. Provides the specific days of the month to run the deployment schedule. | | `monthlyOccurrences` | array | `[]` | | Can be used with frequency 'Month'. Provides the pattern/cadence for running the deployment schedule in a month. Takes objects formed like this {occurance(int),day(string)}. Day is the name of the day to run the deployment schedule, the occurance specifies which occurance of that day to run the deployment schedule. | -| `nextRun` | string | `''` | | The next time the deployment schedule runs in ISO 8601 format. YYYY-MM-DDTHH:MM:SS, 2021-12-31T23:00:00 | +| `nextRun` | string | `''` | | The next time the deployment schedule runs in ISO 8601 format. YYYY-MM-DDTHH:MM:SS, 2021-12-31T23:00:00. | | `nextRunOffsetMinutes` | int | `0` | | The next run's offset in minutes. | | `nonAzureComputerNames` | array | `[]` | | List of names of non-azure machines in scope for the deployment schedule. | | `nonAzureQueries` | array | `[]` | | Array of functions from a Log Analytics workspace, used to scope the deployment schedule. | @@ -112,6 +116,6 @@ Occurrences of days within a month. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed softwareUpdateConfiguration | -| `resourceGroupName` | string | The resource group of the deployed softwareUpdateConfiguration | -| `resourceId` | string | The resource ID of the deployed softwareUpdateConfiguration | +| `name` | string | The name of the deployed softwareUpdateConfiguration. | +| `resourceGroupName` | string | The resource group of the deployed softwareUpdateConfiguration. | +| `resourceId` | string | The resource ID of the deployed softwareUpdateConfiguration. | diff --git a/arm/Microsoft.Automation/automationAccounts/variables/deploy.bicep b/arm/Microsoft.Automation/automationAccounts/variables/deploy.bicep index a5a3db191d..625426e439 100644 --- a/arm/Microsoft.Automation/automationAccounts/variables/deploy.bicep +++ b/arm/Microsoft.Automation/automationAccounts/variables/deploy.bicep @@ -1,4 +1,4 @@ -@sys.description('Required. Name of the parent Automation Account') +@sys.description('Conditional. Name of the parent Automation Account. Required if the template is used in a standalone deployment.') param automationAccountName string @sys.description('Required. The name of the variable.') diff --git a/arm/Microsoft.Automation/automationAccounts/variables/readme.md b/arm/Microsoft.Automation/automationAccounts/variables/readme.md index a419cf01d7..4865b16ec3 100644 --- a/arm/Microsoft.Automation/automationAccounts/variables/readme.md +++ b/arm/Microsoft.Automation/automationAccounts/variables/readme.md @@ -19,10 +19,14 @@ This module deploys a variable to an Azure Automation Account. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `automationAccountName` | string | Name of the parent Automation Account | | `name` | string | The name of the variable. | | `value` | string | The value of the variable. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `automationAccountName` | string | Name of the parent Automation Account. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | diff --git a/arm/Microsoft.Batch/batchAccounts/deploy.bicep b/arm/Microsoft.Batch/batchAccounts/deploy.bicep index 37e47a1397..420ed3aee1 100644 --- a/arm/Microsoft.Batch/batchAccounts/deploy.bicep +++ b/arm/Microsoft.Batch/batchAccounts/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Name of the Azure Batch') +@description('Required. Name of the Azure Batch.') param name string @description('Optional. Location for all Resources.') @@ -204,11 +204,11 @@ resource batchAccount_diagnosticSettings 'Microsoft.Insights/diagnosticsettings@ scope: batchAccount } -@description('The name of the batch account') +@description('The name of the batch account.') output name string = batchAccount.name -@description('The resource ID of the batch account') +@description('The resource ID of the batch account.') output resourceId string = batchAccount.id -@description('The resource group the batch account was deployed into') +@description('The resource group the batch account was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Batch/batchAccounts/readme.md b/arm/Microsoft.Batch/batchAccounts/readme.md index 12cfeec6c4..8c860c96f5 100644 --- a/arm/Microsoft.Batch/batchAccounts/readme.md +++ b/arm/Microsoft.Batch/batchAccounts/readme.md @@ -19,7 +19,7 @@ **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the Azure Batch | +| `name` | string | Name of the Azure Batch. | | `storageAccountId` | string | The resource ID of the storage account to be used for auto-storage account. | **Conditional parameters** @@ -88,6 +88,6 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the batch account | -| `resourceGroupName` | string | The resource group the batch account was deployed into | -| `resourceId` | string | The resource ID of the batch account | +| `name` | string | The name of the batch account. | +| `resourceGroupName` | string | The resource group the batch account was deployed into. | +| `resourceId` | string | The resource ID of the batch account. | diff --git a/arm/Microsoft.CognitiveServices/accounts/deploy.bicep b/arm/Microsoft.CognitiveServices/accounts/deploy.bicep index fe7cb1e2f1..86ea5dca02 100644 --- a/arm/Microsoft.CognitiveServices/accounts/deploy.bicep +++ b/arm/Microsoft.CognitiveServices/accounts/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. The name of Cognitive Services account') +@description('Required. The name of Cognitive Services account.') param name string @description('Required. Kind of the Cognitive Services. Use \'Get-AzCognitiveServicesAccountSku\' to determine a valid combinations of \'kind\' and \'sku\' for your Azure region.') @@ -80,7 +80,7 @@ param customSubDomainName string = '' ]) param publicNetworkAccess string = 'Enabled' -@description('Optional. Service endpoint object information') +@description('Optional. Service endpoint object information.') param networkAcls object = {} @description('Optional. Enables system assigned managed identity on the resource.') @@ -100,7 +100,7 @@ param lock string = 'NotSpecified' @description('Optional. Configuration Details for private endpoints.') param privateEndpoints array = [] -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -115,7 +115,7 @@ param apiProperties object = {} @description('Optional. Allow only Azure AD authentication.') param disableLocalAuth bool = false -@description('Optional. Properties to configure encryption') +@description('Optional. Properties to configure encryption.') param encryption object = {} @description('Optional. Resource migration token.') @@ -265,16 +265,16 @@ module cognitiveServices_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, } }] -@description('The name of the cognitive services account') +@description('The name of the cognitive services account.') output name string = cognitiveServices.name -@description('The resource ID of the cognitive services account') +@description('The resource ID of the cognitive services account.') output resourceId string = cognitiveServices.id -@description('The resource group the cognitive services account was deployed into') +@description('The resource group the cognitive services account was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The service endpoint of the cognitive services account') +@description('The service endpoint of the cognitive services account.') output endpoint string = cognitiveServices.properties.endpoint @description('The principal ID of the system assigned identity.') diff --git a/arm/Microsoft.CognitiveServices/accounts/readme.md b/arm/Microsoft.CognitiveServices/accounts/readme.md index 6a2d1992e3..338d7e1c8d 100644 --- a/arm/Microsoft.CognitiveServices/accounts/readme.md +++ b/arm/Microsoft.CognitiveServices/accounts/readme.md @@ -26,7 +26,7 @@ This module deploys different kinds of cognitive services resources | Parameter Name | Type | Allowed Values | Description | | :-- | :-- | :-- | :-- | | `kind` | string | `[AnomalyDetector, Bing.Autosuggest.v7, Bing.CustomSearch, Bing.EntitySearch, Bing.Search.v7, Bing.SpellCheck.v7, CognitiveServices, ComputerVision, ContentModerator, CustomVision.Prediction, CustomVision.Training, Face, FormRecognizer, ImmersiveReader, Internal.AllInOne, LUIS, LUIS.Authoring, Personalizer, QnAMaker, SpeechServices, TextAnalytics, TextTranslation]` | Kind of the Cognitive Services. Use 'Get-AzCognitiveServicesAccountSku' to determine a valid combinations of 'kind' and 'sku' for your Azure region. | -| `name` | string | | The name of Cognitive Services account | +| `name` | string | | The name of Cognitive Services account. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -44,16 +44,16 @@ This module deploys different kinds of cognitive services resources | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | | `disableLocalAuth` | bool | `False` | | Allow only Azure AD authentication. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `encryption` | object | `{object}` | | Properties to configure encryption | +| `encryption` | object | `{object}` | | Properties to configure encryption. | | `location` | string | `[resourceGroup().location]` | | Location for all Resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `migrationToken` | string | `''` | | Resource migration token. | -| `networkAcls` | object | `{object}` | | Service endpoint object information | +| `networkAcls` | object | `{object}` | | Service endpoint object information. | | `privateEndpoints` | array | `[]` | | Configuration Details for private endpoints. | | `publicNetworkAccess` | string | `'Enabled'` | `[Enabled, Disabled]` | Subdomain name used for token-based authentication. Must be set if 'networkAcls' are set. | | `restore` | bool | `False` | | Restore a soft-deleted cognitive service at deployment time. Will fail if no such soft-deleted resource exists. | | `restrictOutboundNetworkAccess` | bool | `True` | | Restrict outbound network access. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `sku` | string | `'S0'` | `[C2, C3, C4, F0, F1, S, S0, S1, S10, S2, S3, S4, S5, S6, S7, S8, S9]` | SKU of the Cognitive Services resource. Use 'Get-AzCognitiveServicesAccountSku' to determine a valid combinations of 'kind' and 'sku' for your Azure region. | | `systemAssignedIdentity` | bool | `False` | | Enables system assigned managed identity on the resource. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -181,10 +181,10 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `endpoint` | string | The service endpoint of the cognitive services account | -| `name` | string | The name of the cognitive services account | -| `resourceGroupName` | string | The resource group the cognitive services account was deployed into | -| `resourceId` | string | The resource ID of the cognitive services account | +| `endpoint` | string | The service endpoint of the cognitive services account. | +| `name` | string | The name of the cognitive services account. | +| `resourceGroupName` | string | The resource group the cognitive services account was deployed into. | +| `resourceId` | string | The resource ID of the cognitive services account. | | `systemAssignedPrincipalId` | string | The principal ID of the system assigned identity. | ## Considerations diff --git a/arm/Microsoft.Compute/availabilitySets/deploy.bicep b/arm/Microsoft.Compute/availabilitySets/deploy.bicep index 89ee09731e..ca4bd3df15 100644 --- a/arm/Microsoft.Compute/availabilitySets/deploy.bicep +++ b/arm/Microsoft.Compute/availabilitySets/deploy.bicep @@ -27,7 +27,7 @@ param location string = resourceGroup().location @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the availability set resource.') @@ -84,11 +84,11 @@ module availabilitySet_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, i } }] -@description('The name of the availability set') +@description('The name of the availability set.') output name string = availabilitySet.name -@description('The resource ID of the availability set') +@description('The resource ID of the availability set.') output resourceId string = availabilitySet.id -@description('The resource group the availability set was deployed into') +@description('The resource group the availability set was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Compute/availabilitySets/readme.md b/arm/Microsoft.Compute/availabilitySets/readme.md index 96c86f6836..98fc1b105e 100644 --- a/arm/Microsoft.Compute/availabilitySets/readme.md +++ b/arm/Microsoft.Compute/availabilitySets/readme.md @@ -33,7 +33,7 @@ This template deploys an availability set | `location` | string | `[resourceGroup().location]` | | Resource location. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `proximityPlacementGroupId` | string | `''` | | Resource ID of a proximity placement group. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the availability set resource. | @@ -84,6 +84,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the availability set | -| `resourceGroupName` | string | The resource group the availability set was deployed into | -| `resourceId` | string | The resource ID of the availability set | +| `name` | string | The name of the availability set. | +| `resourceGroupName` | string | The resource group the availability set was deployed into. | +| `resourceId` | string | The resource ID of the availability set. | diff --git a/arm/Microsoft.Compute/diskEncryptionSets/deploy.bicep b/arm/Microsoft.Compute/diskEncryptionSets/deploy.bicep index 6be6e19722..c88d8ede42 100644 --- a/arm/Microsoft.Compute/diskEncryptionSets/deploy.bicep +++ b/arm/Microsoft.Compute/diskEncryptionSets/deploy.bicep @@ -10,7 +10,7 @@ param keyVaultId string @description('Required. Key URL (with version) pointing to a key or secret in KeyVault.') param keyUrl string -@description('Optional. The type of key used to encrypt the data of the disk. For security reasons, it is recommended to set encryptionType to EncryptionAtRestWithPlatformAndCustomerKeys') +@description('Optional. The type of key used to encrypt the data of the disk. For security reasons, it is recommended to set encryptionType to EncryptionAtRestWithPlatformAndCustomerKeys.') @allowed([ 'EncryptionAtRestWithCustomerKey' 'EncryptionAtRestWithPlatformAndCustomerKeys' @@ -20,7 +20,7 @@ param encryptionType string = 'EncryptionAtRestWithPlatformAndCustomerKeys' @description('Optional. Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.') param rotationToLatestKeyVersionEnabled bool = false -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the disk encryption resource.') @@ -95,17 +95,17 @@ module diskEncryptionSet_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, } }] -@description('The resource ID of the disk encryption set') +@description('The resource ID of the disk encryption set.') output resourceId string = diskEncryptionSet.id -@description('The name of the disk encryption set') +@description('The name of the disk encryption set.') output name string = diskEncryptionSet.name -@description('The resource group the disk encryption set was deployed into') +@description('The resource group the disk encryption set was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The principal ID of the disk encryption set') +@description('The principal ID of the disk encryption set.') output systemAssignedPrincipalId string = diskEncryptionSet.identity.principalId -@description('The name of the key vault with the disk encryption key') +@description('The name of the key vault with the disk encryption key.') output keyVaultName string = last(split(keyVaultId, '/')) diff --git a/arm/Microsoft.Compute/diskEncryptionSets/readme.md b/arm/Microsoft.Compute/diskEncryptionSets/readme.md index b96330d835..dbc3879679 100644 --- a/arm/Microsoft.Compute/diskEncryptionSets/readme.md +++ b/arm/Microsoft.Compute/diskEncryptionSets/readme.md @@ -29,9 +29,9 @@ This template deploys a disk encryption set. | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `encryptionType` | string | `'EncryptionAtRestWithPlatformAndCustomerKeys'` | `[EncryptionAtRestWithCustomerKey, EncryptionAtRestWithPlatformAndCustomerKeys]` | The type of key used to encrypt the data of the disk. For security reasons, it is recommended to set encryptionType to EncryptionAtRestWithPlatformAndCustomerKeys | +| `encryptionType` | string | `'EncryptionAtRestWithPlatformAndCustomerKeys'` | `[EncryptionAtRestWithCustomerKey, EncryptionAtRestWithPlatformAndCustomerKeys]` | The type of key used to encrypt the data of the disk. For security reasons, it is recommended to set encryptionType to EncryptionAtRestWithPlatformAndCustomerKeys. | | `location` | string | `[resourceGroup().location]` | | Resource location. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `rotationToLatestKeyVersionEnabled` | bool | `False` | | Set this flag to true to enable auto-updating of this disk encryption set to the latest key version. | | `tags` | object | `{object}` | | Tags of the disk encryption resource. | @@ -83,8 +83,8 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `keyVaultName` | string | The name of the key vault with the disk encryption key | -| `name` | string | The name of the disk encryption set | -| `resourceGroupName` | string | The resource group the disk encryption set was deployed into | -| `resourceId` | string | The resource ID of the disk encryption set | -| `systemAssignedPrincipalId` | string | The principal ID of the disk encryption set | +| `keyVaultName` | string | The name of the key vault with the disk encryption key. | +| `name` | string | The name of the disk encryption set. | +| `resourceGroupName` | string | The resource group the disk encryption set was deployed into. | +| `resourceId` | string | The resource ID of the disk encryption set. | +| `systemAssignedPrincipalId` | string | The principal ID of the disk encryption set. | diff --git a/arm/Microsoft.Compute/disks/deploy.bicep b/arm/Microsoft.Compute/disks/deploy.bicep index 463e0069d6..09526184b9 100644 --- a/arm/Microsoft.Compute/disks/deploy.bicep +++ b/arm/Microsoft.Compute/disks/deploy.bicep @@ -51,7 +51,7 @@ param sourceResourceId string = '' @description('Optional. If create option is Import, this is the URI of a blob to be imported into a managed disk.') param sourceUri string = '' -@description('Optional. Required if create option is Import. The Azure Resource Manager identifier of the storage account containing the blob to import as a disk') +@description('Optional. Required if create option is Import. The Azure Resource Manager identifier of the storage account containing the blob to import as a disk.') param storageAccountId string = '' @description('Optional. If create option is Upload, this is the size of the contents of the upload including the VHD footer.') @@ -110,7 +110,7 @@ param acceleratedNetwork bool = false @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the availability set resource.') @@ -187,11 +187,11 @@ module disk_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in ro } }] -@description('The resource group the disk was deployed into') +@description('The resource group the disk was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The resource ID of the disk') +@description('The resource ID of the disk.') output resourceId string = disk.id -@description('The name of the disk') +@description('The name of the disk.') output name string = disk.name diff --git a/arm/Microsoft.Compute/disks/readme.md b/arm/Microsoft.Compute/disks/readme.md index 3ef3fd5b61..db82282178 100644 --- a/arm/Microsoft.Compute/disks/readme.md +++ b/arm/Microsoft.Compute/disks/readme.md @@ -44,11 +44,11 @@ This template deploys a disk | `networkAccessPolicy` | string | `'DenyAll'` | `[AllowAll, AllowPrivate, DenyAll]` | Policy for accessing the disk via network. | | `osType` | string | `''` | `[Windows, Linux, ]` | Sources of a disk creation. | | `publicNetworkAccess` | string | `'Disabled'` | `[Disabled, Enabled]` | Policy for controlling export on the disk. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `securityDataUri` | string | `''` | | If create option is ImportSecure, this is the URI of a blob to be imported into VM guest state. | | `sourceResourceId` | string | `''` | | If create option is Copy, this is the ARM id of the source snapshot or disk. | | `sourceUri` | string | `''` | | If create option is Import, this is the URI of a blob to be imported into a managed disk. | -| `storageAccountId` | string | `''` | | Required if create option is Import. The Azure Resource Manager identifier of the storage account containing the blob to import as a disk | +| `storageAccountId` | string | `''` | | Required if create option is Import. The Azure Resource Manager identifier of the storage account containing the blob to import as a disk. | | `tags` | object | `{object}` | | Tags of the availability set resource. | | `uploadSizeBytes` | int | `20972032` | | If create option is Upload, this is the size of the contents of the upload including the VHD footer. | @@ -100,6 +100,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the disk | -| `resourceGroupName` | string | The resource group the disk was deployed into | -| `resourceId` | string | The resource ID of the disk | +| `name` | string | The name of the disk. | +| `resourceGroupName` | string | The resource group the disk was deployed into. | +| `resourceId` | string | The resource ID of the disk. | diff --git a/arm/Microsoft.Compute/galleries/deploy.bicep b/arm/Microsoft.Compute/galleries/deploy.bicep index 621c3f9bac..4b509b20f1 100644 --- a/arm/Microsoft.Compute/galleries/deploy.bicep +++ b/arm/Microsoft.Compute/galleries/deploy.bicep @@ -1,14 +1,14 @@ @minLength(1) -@description('Required. Name of the Azure Shared Image Gallery') +@description('Required. Name of the Azure Shared Image Gallery.') param name string @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Description of the Azure Shared Image Gallery') +@description('Optional. Description of the Azure Shared Image Gallery.') param galleryDescription string = '' -@description('Optional. Images to create') +@description('Optional. Images to create.') param images array = [] @allowed([ @@ -19,7 +19,7 @@ param images array = [] @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags for all resources.') @@ -101,11 +101,11 @@ module galleries_images 'images/deploy.bicep' = [for (image, index) in images: { } }] -@description('The resource ID of the deployed image gallery') +@description('The resource ID of the deployed image gallery.') output resourceId string = gallery.id -@description('The resource group of the deployed image gallery') +@description('The resource group of the deployed image gallery.') output resourceGroupName string = resourceGroup().name -@description('The name of the deployed image gallery') +@description('The name of the deployed image gallery.') output name string = gallery.name diff --git a/arm/Microsoft.Compute/galleries/images/deploy.bicep b/arm/Microsoft.Compute/galleries/images/deploy.bicep index 2de2cd544e..cf216554c9 100644 --- a/arm/Microsoft.Compute/galleries/images/deploy.bicep +++ b/arm/Microsoft.Compute/galleries/images/deploy.bicep @@ -7,7 +7,7 @@ param enableDefaultTelemetry bool = true @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Required. Name of the Azure Shared Image Gallery') +@description('Conditional. Name of the Azure Shared Image Gallery. Required if the template is used in a standalone deployment.') @minLength(1) param galleryName string @@ -54,7 +54,7 @@ param minRecommendedMemory int = 4 @maxValue(4000) param maxRecommendedMemory int = 16 -@description('Optional. The hypervisor generation of the Virtual Machine. Applicable to OS disks only. - V1 or V2') +@description('Optional. The hypervisor generation of the Virtual Machine. Applicable to OS disks only. - V1 or V2.') @allowed([ 'V1' 'V2' @@ -82,13 +82,13 @@ param planName string = '' @description('Optional. The publisher ID.') param planPublisherName string = '' -@description('Optional. The end of life date of the gallery Image Definition. This property can be used for decommissioning purposes. This property is updatable. Allowed format: 2020-01-10T23:00:00.000Z') +@description('Optional. The end of life date of the gallery Image Definition. This property can be used for decommissioning purposes. This property is updatable. Allowed format: 2020-01-10T23:00:00.000Z.') param endOfLife string = '' -@description('Optional. List of the excluded disk types. E.g. Standard_LRS') +@description('Optional. List of the excluded disk types. E.g. Standard_LRS.') param excludedDiskTypes array = [] -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags for all resources.') @@ -161,11 +161,11 @@ module galleryImage_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, inde } }] -@description('The resource group the image was deployed into') +@description('The resource group the image was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The resource ID of the image') +@description('The resource ID of the image.') output resourceId string = image.id -@description('The name of the image') +@description('The name of the image.') output name string = image.name diff --git a/arm/Microsoft.Compute/galleries/images/readme.md b/arm/Microsoft.Compute/galleries/images/readme.md index fab3c217f3..f00f7ee5b4 100644 --- a/arm/Microsoft.Compute/galleries/images/readme.md +++ b/arm/Microsoft.Compute/galleries/images/readme.md @@ -20,17 +20,21 @@ This module deploys an Image Definition in a Shared Image Gallery. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `galleryName` | string | Name of the Azure Shared Image Gallery | | `name` | string | Name of the image definition. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `galleryName` | string | Name of the Azure Shared Image Gallery. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `endOfLife` | string | `''` | | The end of life date of the gallery Image Definition. This property can be used for decommissioning purposes. This property is updatable. Allowed format: 2020-01-10T23:00:00.000Z | +| `endOfLife` | string | `''` | | The end of life date of the gallery Image Definition. This property can be used for decommissioning purposes. This property is updatable. Allowed format: 2020-01-10T23:00:00.000Z. | | `eula` | string | `''` | | The Eula agreement for the gallery Image Definition. Has to be a valid URL. | -| `excludedDiskTypes` | array | `[]` | | List of the excluded disk types. E.g. Standard_LRS | -| `hyperVGeneration` | string | `'V1'` | `[V1, V2]` | The hypervisor generation of the Virtual Machine. Applicable to OS disks only. - V1 or V2 | +| `excludedDiskTypes` | array | `[]` | | List of the excluded disk types. E.g. Standard_LRS. | +| `hyperVGeneration` | string | `'V1'` | `[V1, V2]` | The hypervisor generation of the Virtual Machine. Applicable to OS disks only. - V1 or V2. | | `imageDefinitionDescription` | string | `''` | | The description of this gallery Image Definition resource. This property is updatable. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `maxRecommendedMemory` | int | `16` | | The maximum amount of RAM in GB recommended for this image. | @@ -46,7 +50,7 @@ This module deploys an Image Definition in a Shared Image Gallery. | `productName` | string | `''` | | The product ID. | | `publisher` | string | `'MicrosoftWindowsServer'` | | The name of the gallery Image Definition publisher. | | `releaseNoteUri` | string | `''` | | The release note uri. Has to be a valid URL. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `sku` | string | `'2019-Datacenter'` | | The name of the gallery Image Definition SKU. | | `tags` | object | `{object}` | | Tags for all resources. | @@ -98,6 +102,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the image | -| `resourceGroupName` | string | The resource group the image was deployed into | -| `resourceId` | string | The resource ID of the image | +| `name` | string | The name of the image. | +| `resourceGroupName` | string | The resource group the image was deployed into. | +| `resourceId` | string | The resource ID of the image. | diff --git a/arm/Microsoft.Compute/galleries/readme.md b/arm/Microsoft.Compute/galleries/readme.md index e6c8d8f207..fa12ca213f 100644 --- a/arm/Microsoft.Compute/galleries/readme.md +++ b/arm/Microsoft.Compute/galleries/readme.md @@ -22,17 +22,17 @@ This module deploys an Azure compute gallery (formerly known as shared image gal **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the Azure Shared Image Gallery | +| `name` | string | Name of the Azure Shared Image Gallery. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `galleryDescription` | string | `''` | | Description of the Azure Shared Image Gallery | -| `images` | _[images](images/readme.md)_ array | `[]` | | Images to create | +| `galleryDescription` | string | `''` | | Description of the Azure Shared Image Gallery. | +| `images` | _[images](images/readme.md)_ array | `[]` | | Images to create. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags for all resources. | @@ -83,6 +83,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed image gallery | -| `resourceGroupName` | string | The resource group of the deployed image gallery | -| `resourceId` | string | The resource ID of the deployed image gallery | +| `name` | string | The name of the deployed image gallery. | +| `resourceGroupName` | string | The resource group of the deployed image gallery. | +| `resourceId` | string | The resource ID of the deployed image gallery. | diff --git a/arm/Microsoft.Compute/images/deploy.bicep b/arm/Microsoft.Compute/images/deploy.bicep index 988bbda557..8fb138e738 100644 --- a/arm/Microsoft.Compute/images/deploy.bicep +++ b/arm/Microsoft.Compute/images/deploy.bicep @@ -7,22 +7,22 @@ param location string = resourceGroup().location @description('Required. The Virtual Hard Disk.') param osDiskBlobUri string -@description('Required. This property allows you to specify the type of the OS that is included in the disk if creating a VM from a custom image. - Windows or Linux') +@description('Required. This property allows you to specify the type of the OS that is included in the disk if creating a VM from a custom image. - Windows or Linux.') param osType string -@description('Optional. Specifies the caching requirements. Default: None for Standard storage. ReadOnly for Premium storage. - None, ReadOnly, ReadWrite') +@description('Optional. Specifies the caching requirements. Default: None for Standard storage. ReadOnly for Premium storage. - None, ReadOnly, ReadWrite.') param osDiskCaching string -@description('Optional. Specifies the storage account type for the managed disk. NOTE: UltraSSD_LRS can only be used with data disks, it cannot be used with OS Disk. - Standard_LRS, Premium_LRS, StandardSSD_LRS, UltraSSD_LRS') +@description('Optional. Specifies the storage account type for the managed disk. NOTE: UltraSSD_LRS can only be used with data disks, it cannot be used with OS Disk. - Standard_LRS, Premium_LRS, StandardSSD_LRS, UltraSSD_LRS.') param osAccountType string @description('Optional. Default is false. Specifies whether an image is zone resilient or not. Zone resilient images can be created only in regions that provide Zone Redundant Storage (ZRS).') param zoneResilient bool = false -@description('Optional. Gets the HyperVGenerationType of the VirtualMachine created from the image. - V1 or V2') +@description('Optional. Gets the HyperVGenerationType of the VirtualMachine created from the image. - V1 or V2.') param hyperVGeneration string = 'V1' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -73,11 +73,11 @@ module image_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in r } }] -@description('The resource ID of the image') +@description('The resource ID of the image.') output resourceId string = image.id -@description('The resource group the image was deployed into') +@description('The resource group the image was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the image') +@description('The name of the image.') output name string = image.name diff --git a/arm/Microsoft.Compute/images/readme.md b/arm/Microsoft.Compute/images/readme.md index 3fc8bb62fc..9d408f2964 100644 --- a/arm/Microsoft.Compute/images/readme.md +++ b/arm/Microsoft.Compute/images/readme.md @@ -22,17 +22,17 @@ This module deploys a compute image. | :-- | :-- | :-- | | `name` | string | The name of the image. | | `osDiskBlobUri` | string | The Virtual Hard Disk. | -| `osType` | string | This property allows you to specify the type of the OS that is included in the disk if creating a VM from a custom image. - Windows or Linux | +| `osType` | string | This property allows you to specify the type of the OS that is included in the disk if creating a VM from a custom image. - Windows or Linux. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `hyperVGeneration` | string | `'V1'` | Gets the HyperVGenerationType of the VirtualMachine created from the image. - V1 or V2 | +| `hyperVGeneration` | string | `'V1'` | Gets the HyperVGenerationType of the VirtualMachine created from the image. - V1 or V2. | | `location` | string | `[resourceGroup().location]` | Location for all resources. | -| `osAccountType` | string | | Specifies the storage account type for the managed disk. NOTE: UltraSSD_LRS can only be used with data disks, it cannot be used with OS Disk. - Standard_LRS, Premium_LRS, StandardSSD_LRS, UltraSSD_LRS | -| `osDiskCaching` | string | | Specifies the caching requirements. Default: None for Standard storage. ReadOnly for Premium storage. - None, ReadOnly, ReadWrite | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `osAccountType` | string | | Specifies the storage account type for the managed disk. NOTE: UltraSSD_LRS can only be used with data disks, it cannot be used with OS Disk. - Standard_LRS, Premium_LRS, StandardSSD_LRS, UltraSSD_LRS. | +| `osDiskCaching` | string | | Specifies the caching requirements. Default: None for Standard storage. ReadOnly for Premium storage. - None, ReadOnly, ReadWrite. | +| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | Tags of the resource. | | `zoneResilient` | bool | `False` | Default is false. Specifies whether an image is zone resilient or not. Zone resilient images can be created only in regions that provide Zone Redundant Storage (ZRS). | @@ -84,6 +84,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the image | -| `resourceGroupName` | string | The resource group the image was deployed into | -| `resourceId` | string | The resource ID of the image | +| `name` | string | The name of the image. | +| `resourceGroupName` | string | The resource group the image was deployed into. | +| `resourceId` | string | The resource ID of the image. | diff --git a/arm/Microsoft.Compute/proximityPlacementGroups/deploy.bicep b/arm/Microsoft.Compute/proximityPlacementGroups/deploy.bicep index e67aa77400..d82af3f674 100644 --- a/arm/Microsoft.Compute/proximityPlacementGroups/deploy.bicep +++ b/arm/Microsoft.Compute/proximityPlacementGroups/deploy.bicep @@ -19,7 +19,7 @@ param location string = resourceGroup().location @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the proximity placement group resource.') @@ -69,11 +69,11 @@ module proximityPlacementGroup_rbac '.bicep/nested_rbac.bicep' = [for (roleAssig } }] -@description('The name of the proximity placement group') +@description('The name of the proximity placement group.') output name string = proximityPlacementGroup.name -@description('The resourceId the proximity placement group') +@description('The resourceId the proximity placement group.') output resourceId string = proximityPlacementGroup.id -@description('The resource group the proximity placement group was deployed into') +@description('The resource group the proximity placement group was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Compute/proximityPlacementGroups/readme.md b/arm/Microsoft.Compute/proximityPlacementGroups/readme.md index 6eea471964..0b600d32ff 100644 --- a/arm/Microsoft.Compute/proximityPlacementGroups/readme.md +++ b/arm/Microsoft.Compute/proximityPlacementGroups/readme.md @@ -30,7 +30,7 @@ This template deploys a proximity placement group. | `location` | string | `[resourceGroup().location]` | | Resource location. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `proximityPlacementGroupType` | string | `'Standard'` | `[Standard, Ultra]` | Specifies the type of the proximity placement group. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the proximity placement group resource. | @@ -81,6 +81,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the proximity placement group | -| `resourceGroupName` | string | The resource group the proximity placement group was deployed into | -| `resourceId` | string | The resourceId the proximity placement group | +| `name` | string | The name of the proximity placement group. | +| `resourceGroupName` | string | The resource group the proximity placement group was deployed into. | +| `resourceId` | string | The resourceId the proximity placement group. | diff --git a/arm/Microsoft.Compute/virtualMachineScaleSets/deploy.bicep b/arm/Microsoft.Compute/virtualMachineScaleSets/deploy.bicep index 7930c128f4..f346e20a79 100644 --- a/arm/Microsoft.Compute/virtualMachineScaleSets/deploy.bicep +++ b/arm/Microsoft.Compute/virtualMachineScaleSets/deploy.bicep @@ -31,18 +31,18 @@ param dataDisks array = [] @description('Optional. The flag that enables or disables a capability to have one or more managed data disks with UltraSSD_LRS storage account type on the VM or VMSS. Managed disks with storage account type UltraSSD_LRS can be added to a virtual machine or virtual machine scale set only if this property is enabled.') param ultraSSDEnabled bool = false -@description('Required. Administrator username') +@description('Required. Administrator username.') @secure() param adminUsername string -@description('Optional. When specifying a Windows Virtual Machine, this value should be passed') +@description('Optional. When specifying a Windows Virtual Machine, this value should be passed.') @secure() param adminPassword string = '' @description('Optional. Custom data associated to the VM, this value will be automatically converted into base64 to account for the expected VM format.') param customData string = '' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Fault Domain count for each placement group.') @@ -86,21 +86,21 @@ param licenseType string = '' @description('Optional. Specifies if Windows VM disks should be encrypted with Server-side encryption + Customer managed Key.') param enableServerSideEncryption bool = false -@description('Optional. Required if domainName is specified. Password of the user specified in domainJoinUser parameter') +@description('Optional. Required if domainName is specified. Password of the user specified in domainJoinUser parameter.') @secure() param extensionDomainJoinPassword string = '' -@description('Optional. The configuration for the [Domain Join] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Domain Join] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionDomainJoinConfig object = { enabled: false } -@description('Optional. The configuration for the [Anti Malware] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Anti Malware] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionAntiMalwareConfig object = { enabled: false } -@description('Optional. The configuration for the [Monitoring Agent] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Monitoring Agent] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionMonitoringAgentConfig object = { enabled: false } @@ -108,27 +108,27 @@ param extensionMonitoringAgentConfig object = { @description('Optional. Resource ID of the monitoring log analytics workspace.') param monitoringWorkspaceId string = '' -@description('Optional. The configuration for the [Dependency Agent] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Dependency Agent] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionDependencyAgentConfig object = { enabled: false } -@description('Optional. The configuration for the [Network Watcher Agent] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Network Watcher Agent] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionNetworkWatcherAgentConfig object = { enabled: false } -@description('Optional. The configuration for the [Disk Encryption] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Disk Encryption] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionDiskEncryptionConfig object = { enabled: false } -@description('Optional. The configuration for the [Desired State Configuration] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Desired State Configuration] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionDSCConfig object = { enabled: false } -@description('Optional. The configuration for the [Custom Script] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Custom Script] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionCustomScriptConfig object = { enabled: false fileData: [] @@ -165,7 +165,7 @@ param diagnosticEventHubName string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Specifies the mode of an upgrade to virtual machines in the scale set.\' Manual - You control the application of updates to virtual machines in the scale set. You do this by using the manualUpgrade action. ; Automatic - All virtual machines in the scale set are automatically updated at the same time. - Automatic, Manual, Rolling') +@description('Optional. Specifies the mode of an upgrade to virtual machines in the scale set.\' Manual - You control the application of updates to virtual machines in the scale set. You do this by using the manualUpgrade action. ; Automatic - All virtual machines in the scale set are automatically updated at the same time. - Automatic, Manual, Rolling.') @allowed([ 'Manual' 'Automatic' @@ -176,13 +176,13 @@ param upgradePolicyMode string = 'Manual' @description('Optional. The maximum percent of total virtual machine instances that will be upgraded simultaneously by the rolling upgrade in one batch. As this is a maximum, unhealthy instances in previous or future batches can cause the percentage of instances in a batch to decrease to ensure higher reliability.') param maxBatchInstancePercent int = 20 -@description('Optional. The maximum percentage of the total virtual machine instances in the scale set that can be simultaneously unhealthy, either as a result of being upgraded, or by being found in an unhealthy state by the virtual machine health checks before the rolling upgrade aborts. This constraint will be checked prior to starting any batch') +@description('Optional. The maximum percentage of the total virtual machine instances in the scale set that can be simultaneously unhealthy, either as a result of being upgraded, or by being found in an unhealthy state by the virtual machine health checks before the rolling upgrade aborts. This constraint will be checked prior to starting any batch.') param maxUnhealthyInstancePercent int = 20 @description('Optional. The maximum percentage of the total virtual machine instances in the scale set that can be simultaneously unhealthy, either as a result of being upgraded, or by being found in an unhealthy state by the virtual machine health checks before the rolling upgrade aborts. This constraint will be checked prior to starting any batch.') param maxUnhealthyUpgradedInstancePercent int = 20 -@description('Optional. The wait time between completing the update for all virtual machines in one batch and starting the next batch. The time duration should be specified in ISO 8601 format') +@description('Optional. The wait time between completing the update for all virtual machines in one batch and starting the next batch. The time duration should be specified in ISO 8601 format.') param pauseTimeBetweenBatches string = 'PT0S' @description('Optional. Indicates whether OS upgrades should automatically be applied to scale set instances in a rolling fashion when a newer version of the OS image becomes available. Default value is false. If this is set to true for Windows based scale sets, enableAutomaticUpdates is automatically set to false and cannot be set to true.') @@ -211,7 +211,7 @@ param enableAutomaticUpdates bool = true @description('Optional. Specifies the time zone of the virtual machine. e.g. \'Pacific Standard Time\'. Possible values can be TimeZoneInfo.id value from time zones returned by TimeZoneInfo.GetSystemTimeZones.') param timeZone string = '' -@description('Optional. Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. - AdditionalUnattendContent object') +@description('Optional. Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. - AdditionalUnattendContent object.') param additionalUnattendContent array = [] @description('Optional. Specifies the Windows Remote Management listeners. This enables remote Windows PowerShell. - WinRMConfiguration object.') @@ -220,13 +220,13 @@ param winRM object = {} @description('Optional. Specifies whether password authentication should be disabled.') param disablePasswordAuthentication bool = false -@description('Optional. The list of SSH public keys used to authenticate with linux based VMs') +@description('Optional. The list of SSH public keys used to authenticate with linux based VMs.') param publicKeys array = [] @description('Optional. Specifies set of certificates that should be installed onto the virtual machines in the scale set.') param secrets array = [] -@description('Optional. Specifies Scheduled Event related configurations') +@description('Optional. Specifies Scheduled Event related configurations.') param scheduledEventsProfile object = {} @description('Optional. Specifies whether the Virtual Machine Scale Set should be overprovisioned.') @@ -241,7 +241,7 @@ param zoneBalance bool = false @description('Optional. When true this limits the scale set to a single placement group, of max size 100 virtual machines. NOTE: If singlePlacementGroup is true, it may be modified to false. However, if singlePlacementGroup is false, it may not be modified to true.') param singlePlacementGroup bool = true -@description('Optional. Specifies the scale-in policy that decides which virtual machines are chosen for removal when a Virtual Machine Scale Set is scaled-in') +@description('Optional. Specifies the scale-in policy that decides which virtual machines are chosen for removal when a Virtual Machine Scale Set is scaled-in.') param scaleInPolicy object = { rules: [ 'Default' @@ -263,7 +263,7 @@ param tags object = {} @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') param enableDefaultTelemetry bool = true -@description('Required. The chosen OS type') +@description('Required. The chosen OS type.') @allowed([ 'Windows' 'Linux' @@ -656,13 +656,13 @@ module vmss_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in ro } }] -@description('The resource ID of the virtual machine scale set') +@description('The resource ID of the virtual machine scale set.') output resourceId string = vmss.id -@description('The resource group of the virtual machine scale set') +@description('The resource group of the virtual machine scale set.') output resourceGroupName string = resourceGroup().name -@description('The name of the virtual machine scale set') +@description('The name of the virtual machine scale set.') output name string = vmss.name @description('The principal ID of the system assigned identity.') diff --git a/arm/Microsoft.Compute/virtualMachineScaleSets/extensions/deploy.bicep b/arm/Microsoft.Compute/virtualMachineScaleSets/extensions/deploy.bicep index c3401b32a4..812188bcdf 100644 --- a/arm/Microsoft.Compute/virtualMachineScaleSets/extensions/deploy.bicep +++ b/arm/Microsoft.Compute/virtualMachineScaleSets/extensions/deploy.bicep @@ -1,35 +1,35 @@ -@description('Required. The name of the virtual machine scale set that extension is provisioned for') +@description('Conditional. The name of the parent virtual machine scale set that extension is provisioned for. Required if the template is used in a standalone deployment.') param virtualMachineScaleSetName string -@description('Required. The name of the virtual machine scale set extension') +@description('Required. The name of the virtual machine scale set extension.') param name string -@description('Required. The name of the extension handler publisher') +@description('Required. The name of the extension handler publisher.') param publisher string -@description('Required. Specifies the type of the extension; an example is "CustomScriptExtension"') +@description('Required. Specifies the type of the extension; an example is "CustomScriptExtension".') param type string -@description('Required. Specifies the version of the script handler') +@description('Required. Specifies the version of the script handler.') param typeHandlerVersion string -@description('Required. Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true') +@description('Required. Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true.') param autoUpgradeMinorVersion bool -@description('Optional. How the extension handler should be forced to update even if the extension configuration has not changed') +@description('Optional. How the extension handler should be forced to update even if the extension configuration has not changed.') param forceUpdateTag string = '' -@description('Optional. Any object that contains the extension specific settings') +@description('Optional. Any object that contains the extension specific settings.') param settings object = {} -@description('Optional. Any object that contains the extension specific protected settings') +@description('Optional. Any object that contains the extension specific protected settings.') @secure() param protectedSettings object = {} -@description('Optional. Indicates whether failures stemming from the extension will be suppressed (Operational failures such as not connecting to the VM will not be suppressed regardless of this value). The default is false') +@description('Optional. Indicates whether failures stemming from the extension will be suppressed (Operational failures such as not connecting to the VM will not be suppressed regardless of this value). The default is false.') param supressFailures bool = false -@description('Required. Indicates whether the extension should be automatically upgraded by the platform if there is a newer version of the extension available') +@description('Required. Indicates whether the extension should be automatically upgraded by the platform if there is a newer version of the extension available.') param enableAutomaticUpgrade bool @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -67,10 +67,10 @@ resource extension 'Microsoft.Compute/virtualMachineScaleSets/extensions@2021-07 } } -@description('The name of the extension') +@description('The name of the extension.') output name string = extension.name -@description('The ResourceId of the extension') +@description('The ResourceId of the extension.') output resourceId string = extension.id @description('The name of the Resource Group the extension was created in.') diff --git a/arm/Microsoft.Compute/virtualMachineScaleSets/extensions/readme.md b/arm/Microsoft.Compute/virtualMachineScaleSets/extensions/readme.md index 0c8bff809e..bda4064346 100644 --- a/arm/Microsoft.Compute/virtualMachineScaleSets/extensions/readme.md +++ b/arm/Microsoft.Compute/virtualMachineScaleSets/extensions/readme.md @@ -19,28 +19,32 @@ This module deploys a virtual machine scale set extension. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `autoUpgradeMinorVersion` | bool | Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true | -| `enableAutomaticUpgrade` | bool | Indicates whether the extension should be automatically upgraded by the platform if there is a newer version of the extension available | -| `name` | string | The name of the virtual machine scale set extension | -| `publisher` | string | The name of the extension handler publisher | -| `type` | string | Specifies the type of the extension; an example is "CustomScriptExtension" | -| `typeHandlerVersion` | string | Specifies the version of the script handler | -| `virtualMachineScaleSetName` | string | The name of the virtual machine scale set that extension is provisioned for | +| `autoUpgradeMinorVersion` | bool | Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true. | +| `enableAutomaticUpgrade` | bool | Indicates whether the extension should be automatically upgraded by the platform if there is a newer version of the extension available. | +| `name` | string | The name of the virtual machine scale set extension. | +| `publisher` | string | The name of the extension handler publisher. | +| `type` | string | Specifies the type of the extension; an example is "CustomScriptExtension". | +| `typeHandlerVersion` | string | Specifies the version of the script handler. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `virtualMachineScaleSetName` | string | The name of the parent virtual machine scale set that extension is provisioned for. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `forceUpdateTag` | string | `''` | How the extension handler should be forced to update even if the extension configuration has not changed | -| `protectedSettings` | secureObject | `{object}` | Any object that contains the extension specific protected settings | -| `settings` | object | `{object}` | Any object that contains the extension specific settings | -| `supressFailures` | bool | `False` | Indicates whether failures stemming from the extension will be suppressed (Operational failures such as not connecting to the VM will not be suppressed regardless of this value). The default is false | +| `forceUpdateTag` | string | `''` | How the extension handler should be forced to update even if the extension configuration has not changed. | +| `protectedSettings` | secureObject | `{object}` | Any object that contains the extension specific protected settings. | +| `settings` | object | `{object}` | Any object that contains the extension specific settings. | +| `supressFailures` | bool | `False` | Indicates whether failures stemming from the extension will be suppressed (Operational failures such as not connecting to the VM will not be suppressed regardless of this value). The default is false. | ## Outputs | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the extension | +| `name` | string | The name of the extension. | | `resourceGroupName` | string | The name of the Resource Group the extension was created in. | -| `resourceId` | string | The ResourceId of the extension | +| `resourceId` | string | The ResourceId of the extension. | diff --git a/arm/Microsoft.Compute/virtualMachineScaleSets/readme.md b/arm/Microsoft.Compute/virtualMachineScaleSets/readme.md index e15215a658..e1957773e8 100644 --- a/arm/Microsoft.Compute/virtualMachineScaleSets/readme.md +++ b/arm/Microsoft.Compute/virtualMachineScaleSets/readme.md @@ -30,19 +30,19 @@ The following resources are required to be able to deploy this resource. **Required parameters** | Parameter Name | Type | Allowed Values | Description | | :-- | :-- | :-- | :-- | -| `adminUsername` | secureString | | Administrator username | +| `adminUsername` | secureString | | Administrator username. | | `imageReference` | object | | OS image reference. In case of marketplace images, it's the combination of the publisher, offer, sku, version attributes. In case of custom images it's the resource ID of the custom image. | | `name` | string | | Name of the VMSS. | | `nicConfigurations` | array | | Configures NICs and PIPs. | | `osDisk` | object | | Specifies the OS disk. For security reasons, it is recommended to specify DiskEncryptionSet into the osDisk object. Restrictions: DiskEncryptionSet cannot be enabled if Azure Disk Encryption (guest-VM encryption using bitlocker/DM-Crypt) is enabled on your VM Scale sets. | -| `osType` | string | `[Windows, Linux]` | The chosen OS type | +| `osType` | string | `[Windows, Linux]` | The chosen OS type. | | `skuName` | string | | The SKU size of the VMs. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `additionalUnattendContent` | array | `[]` | | Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. - AdditionalUnattendContent object | -| `adminPassword` | secureString | `''` | | When specifying a Windows Virtual Machine, this value should be passed | +| `additionalUnattendContent` | array | `[]` | | Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. - AdditionalUnattendContent object. | +| `adminPassword` | secureString | `''` | | When specifying a Windows Virtual Machine, this value should be passed. | | `automaticRepairsPolicyEnabled` | bool | `False` | | Specifies whether automatic repairs should be enabled on the virtual machine scale set. | | `availabilityZones` | array | `[]` | | The virtual machine scale set zones. NOTE: Availability zones can only be set when you create the scale set. | | `bootDiagnosticStorageAccountName` | string | `''` | | Storage account used to store boot diagnostic information. Boot diagnostics will be disabled if no value is provided. | @@ -64,37 +64,37 @@ The following resources are required to be able to deploy this resource. | `enableEvictionPolicy` | bool | `False` | | Specifies the eviction policy for the low priority virtual machine. Will result in 'Deallocate' eviction policy. | | `enableServerSideEncryption` | bool | `False` | | Specifies if Windows VM disks should be encrypted with Server-side encryption + Customer managed Key. | | `encryptionAtHost` | bool | `True` | | This property can be used by user in the request to enable or disable the Host Encryption for the virtual machine. This will enable the encryption for all the disks including Resource/Temp disk at host itself. For security reasons, it is recommended to set encryptionAtHost to True. Restrictions: Cannot be enabled if Azure Disk Encryption (guest-VM encryption using bitlocker/DM-Crypt) is enabled on your virtual machine scale sets. | -| `extensionAntiMalwareConfig` | object | `{object}` | | The configuration for the [Anti Malware] extension. Must at least contain the ["enabled": true] property to be executed | -| `extensionCustomScriptConfig` | object | `{object}` | | The configuration for the [Custom Script] extension. Must at least contain the ["enabled": true] property to be executed | -| `extensionDependencyAgentConfig` | object | `{object}` | | The configuration for the [Dependency Agent] extension. Must at least contain the ["enabled": true] property to be executed | -| `extensionDiskEncryptionConfig` | object | `{object}` | | The configuration for the [Disk Encryption] extension. Must at least contain the ["enabled": true] property to be executed | -| `extensionDomainJoinConfig` | object | `{object}` | | The configuration for the [Domain Join] extension. Must at least contain the ["enabled": true] property to be executed | -| `extensionDomainJoinPassword` | secureString | `''` | | Required if domainName is specified. Password of the user specified in domainJoinUser parameter | -| `extensionDSCConfig` | object | `{object}` | | The configuration for the [Desired State Configuration] extension. Must at least contain the ["enabled": true] property to be executed | -| `extensionMonitoringAgentConfig` | object | `{object}` | | The configuration for the [Monitoring Agent] extension. Must at least contain the ["enabled": true] property to be executed | -| `extensionNetworkWatcherAgentConfig` | object | `{object}` | | The configuration for the [Network Watcher Agent] extension. Must at least contain the ["enabled": true] property to be executed | +| `extensionAntiMalwareConfig` | object | `{object}` | | The configuration for the [Anti Malware] extension. Must at least contain the ["enabled": true] property to be executed. | +| `extensionCustomScriptConfig` | object | `{object}` | | The configuration for the [Custom Script] extension. Must at least contain the ["enabled": true] property to be executed. | +| `extensionDependencyAgentConfig` | object | `{object}` | | The configuration for the [Dependency Agent] extension. Must at least contain the ["enabled": true] property to be executed. | +| `extensionDiskEncryptionConfig` | object | `{object}` | | The configuration for the [Disk Encryption] extension. Must at least contain the ["enabled": true] property to be executed. | +| `extensionDomainJoinConfig` | object | `{object}` | | The configuration for the [Domain Join] extension. Must at least contain the ["enabled": true] property to be executed. | +| `extensionDomainJoinPassword` | secureString | `''` | | Required if domainName is specified. Password of the user specified in domainJoinUser parameter. | +| `extensionDSCConfig` | object | `{object}` | | The configuration for the [Desired State Configuration] extension. Must at least contain the ["enabled": true] property to be executed. | +| `extensionMonitoringAgentConfig` | object | `{object}` | | The configuration for the [Monitoring Agent] extension. Must at least contain the ["enabled": true] property to be executed. | +| `extensionNetworkWatcherAgentConfig` | object | `{object}` | | The configuration for the [Network Watcher Agent] extension. Must at least contain the ["enabled": true] property to be executed. | | `gracePeriod` | string | `'PT30M'` | | The amount of time for which automatic repairs are suspended due to a state change on VM. The grace time starts after the state change has completed. This helps avoid premature or accidental repairs. The time duration should be specified in ISO 8601 format. The minimum allowed grace period is 30 minutes (PT30M). The maximum allowed grace period is 90 minutes (PT90M). | | `licenseType` | string | `''` | `[Windows_Client, Windows_Server, ]` | Specifies that the image or disk that is being used was licensed on-premises. This element is only used for images that contain the Windows Server operating system. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `maxBatchInstancePercent` | int | `20` | | The maximum percent of total virtual machine instances that will be upgraded simultaneously by the rolling upgrade in one batch. As this is a maximum, unhealthy instances in previous or future batches can cause the percentage of instances in a batch to decrease to ensure higher reliability. | | `maxPriceForLowPriorityVm` | string | `''` | | Specifies the maximum price you are willing to pay for a low priority VM/VMSS. This price is in US Dollars. | -| `maxUnhealthyInstancePercent` | int | `20` | | The maximum percentage of the total virtual machine instances in the scale set that can be simultaneously unhealthy, either as a result of being upgraded, or by being found in an unhealthy state by the virtual machine health checks before the rolling upgrade aborts. This constraint will be checked prior to starting any batch | +| `maxUnhealthyInstancePercent` | int | `20` | | The maximum percentage of the total virtual machine instances in the scale set that can be simultaneously unhealthy, either as a result of being upgraded, or by being found in an unhealthy state by the virtual machine health checks before the rolling upgrade aborts. This constraint will be checked prior to starting any batch. | | `maxUnhealthyUpgradedInstancePercent` | int | `20` | | The maximum percentage of the total virtual machine instances in the scale set that can be simultaneously unhealthy, either as a result of being upgraded, or by being found in an unhealthy state by the virtual machine health checks before the rolling upgrade aborts. This constraint will be checked prior to starting any batch. | | `monitoringWorkspaceId` | string | `''` | | Resource ID of the monitoring log analytics workspace. | | `overprovision` | bool | `False` | | Specifies whether the Virtual Machine Scale Set should be overprovisioned. | -| `pauseTimeBetweenBatches` | string | `'PT0S'` | | The wait time between completing the update for all virtual machines in one batch and starting the next batch. The time duration should be specified in ISO 8601 format | +| `pauseTimeBetweenBatches` | string | `'PT0S'` | | The wait time between completing the update for all virtual machines in one batch and starting the next batch. The time duration should be specified in ISO 8601 format. | | `plan` | object | `{object}` | | Specifies information about the marketplace image used to create the virtual machine. This element is only used for marketplace images. Before you can use a marketplace image from an API, you must enable the image for programmatic use. | | `provisionVMAgent` | bool | `True` | | Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later. | | `proximityPlacementGroupName` | string | `''` | | Creates an proximity placement group and adds the VMs to it. | | `proximityPlacementGroupType` | string | `'Standard'` | `[Standard, Ultra]` | Specifies the type of the proximity placement group. | | `publicIpDiagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | -| `publicKeys` | array | `[]` | | The list of SSH public keys used to authenticate with linux based VMs | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `publicKeys` | array | `[]` | | The list of SSH public keys used to authenticate with linux based VMs. | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `sasTokenValidityLength` | string | `'PT8H'` | | SAS token validity length to use to download files from storage accounts. Usage: 'PT8H' - valid for 8 hours; 'P5D' - valid for 5 days; 'P1Y' - valid for 1 year. When not provided, the SAS token will be valid for 8 hours. | -| `scaleInPolicy` | object | `{object}` | | Specifies the scale-in policy that decides which virtual machines are chosen for removal when a Virtual Machine Scale Set is scaled-in | +| `scaleInPolicy` | object | `{object}` | | Specifies the scale-in policy that decides which virtual machines are chosen for removal when a Virtual Machine Scale Set is scaled-in. | | `scaleSetFaultDomain` | int | `2` | | Fault Domain count for each placement group. | -| `scheduledEventsProfile` | object | `{object}` | | Specifies Scheduled Event related configurations | +| `scheduledEventsProfile` | object | `{object}` | | Specifies Scheduled Event related configurations. | | `secrets` | array | `[]` | | Specifies set of certificates that should be installed onto the virtual machines in the scale set. | | `secureBootEnabled` | bool | `False` | | Specifies whether secure boot should be enabled on the virtual machine scale set. This parameter is part of the UefiSettings. SecurityType should be set to TrustedLaunch to enable UefiSettings. | | `securityType` | string | `''` | | Specifies the SecurityType of the virtual machine scale set. It is set as TrustedLaunch to enable UefiSettings. | @@ -104,7 +104,7 @@ The following resources are required to be able to deploy this resource. | `tags` | object | `{object}` | | Tags of the resource. | | `timeZone` | string | `''` | | Specifies the time zone of the virtual machine. e.g. 'Pacific Standard Time'. Possible values can be TimeZoneInfo.id value from time zones returned by TimeZoneInfo.GetSystemTimeZones. | | `ultraSSDEnabled` | bool | `False` | | The flag that enables or disables a capability to have one or more managed data disks with UltraSSD_LRS storage account type on the VM or VMSS. Managed disks with storage account type UltraSSD_LRS can be added to a virtual machine or virtual machine scale set only if this property is enabled. | -| `upgradePolicyMode` | string | `'Manual'` | `[Manual, Automatic, Rolling]` | Specifies the mode of an upgrade to virtual machines in the scale set.' Manual - You control the application of updates to virtual machines in the scale set. You do this by using the manualUpgrade action. ; Automatic - All virtual machines in the scale set are automatically updated at the same time. - Automatic, Manual, Rolling | +| `upgradePolicyMode` | string | `'Manual'` | `[Manual, Automatic, Rolling]` | Specifies the mode of an upgrade to virtual machines in the scale set.' Manual - You control the application of updates to virtual machines in the scale set. You do this by using the manualUpgrade action. ; Automatic - All virtual machines in the scale set are automatically updated at the same time. - Automatic, Manual, Rolling. | | `userAssignedIdentities` | object | `{object}` | | The ID(s) to assign to the resource. | | `vmNamePrefix` | string | `'vmssvm'` | | Specifies the computer name prefix for all of the virtual machines in the scale set. | | `vmPriority` | string | `'Regular'` | `[Regular, Low, Spot]` | Specifies the priority for the virtual machine. | @@ -427,7 +427,7 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the virtual machine scale set | -| `resourceGroupName` | string | The resource group of the virtual machine scale set | -| `resourceId` | string | The resource ID of the virtual machine scale set | +| `name` | string | The name of the virtual machine scale set. | +| `resourceGroupName` | string | The resource group of the virtual machine scale set. | +| `resourceId` | string | The resource ID of the virtual machine scale set. | | `systemAssignedPrincipalId` | string | The principal ID of the system assigned identity. | diff --git a/arm/Microsoft.Compute/virtualMachines/deploy.bicep b/arm/Microsoft.Compute/virtualMachines/deploy.bicep index e6269f9976..59b79226b4 100644 --- a/arm/Microsoft.Compute/virtualMachines/deploy.bicep +++ b/arm/Microsoft.Compute/virtualMachines/deploy.bicep @@ -5,7 +5,7 @@ param name string = take(toLower(uniqueString(resourceGroup().name)), 10) @description('Optional. Specifies whether the computer names should be transformed. The transformation is performed on all computer names. Available transformations are \'none\' (Default), \'uppercase\' and \'lowercase\'.') param vmComputerNamesTransformation string = 'none' -@description('Required. Specifies the size for the VMs') +@description('Required. Specifies the size for the VMs.') param vmSize string @description('Optional. This property can be used by user in the request to enable or disable the Host Encryption for the virtual machine. This will enable the encryption for all the disks including Resource/Temp disk at host itself. For security reasons, it is recommended to set encryptionAtHost to True. Restrictions: Cannot be enabled if Azure Disk Encryption (guest-VM encryption using bitlocker/DM-Crypt) is enabled on your VMs.') @@ -35,11 +35,11 @@ param dataDisks array = [] @description('Optional. The flag that enables or disables a capability to have one or more managed data disks with UltraSSD_LRS storage account type on the VM or VMSS. Managed disks with storage account type UltraSSD_LRS can be added to a virtual machine or virtual machine scale set only if this property is enabled.') param ultraSSDEnabled bool = false -@description('Required. Administrator username') +@description('Required. Administrator username.') @secure() param adminUsername string -@description('Optional. When specifying a Windows Virtual Machine, this value should be passed') +@description('Optional. When specifying a Windows Virtual Machine, this value should be passed.') @secure() param adminPassword string = '' @@ -74,7 +74,7 @@ param dedicatedHostId string = '' ]) param licenseType string = '' -@description('Optional. The list of SSH public keys used to authenticate with linux based VMs') +@description('Optional. The list of SSH public keys used to authenticate with linux based VMs.') param publicKeys array = [] @description('Optional. Enables system assigned managed identity on the resource.') @@ -158,21 +158,21 @@ param enableServerSideEncryption bool = false @description('Optional. Specifies whether extension operations should be allowed on the virtual machine. This may only be set to False when no extensions are present on the virtual machine.') param allowExtensionOperations bool = true -@description('Optional. Required if domainName is specified. Password of the user specified in domainJoinUser parameter') +@description('Optional. Required if domainName is specified. Password of the user specified in domainJoinUser parameter.') @secure() param extensionDomainJoinPassword string = '' -@description('Optional. The configuration for the [Domain Join] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Domain Join] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionDomainJoinConfig object = { enabled: false } -@description('Optional. The configuration for the [Anti Malware] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Anti Malware] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionAntiMalwareConfig object = { enabled: false } -@description('Optional. The configuration for the [Monitoring Agent] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Monitoring Agent] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionMonitoringAgentConfig object = { enabled: false } @@ -180,33 +180,33 @@ param extensionMonitoringAgentConfig object = { @description('Optional. Resource ID of the monitoring log analytics workspace. Must be set when extensionMonitoringAgentConfig is set to true.') param monitoringWorkspaceId string = '' -@description('Optional. The configuration for the [Dependency Agent] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Dependency Agent] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionDependencyAgentConfig object = { enabled: false } -@description('Optional. The configuration for the [Network Watcher Agent] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Network Watcher Agent] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionNetworkWatcherAgentConfig object = { enabled: false } -@description('Optional. The configuration for the [Disk Encryption] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Disk Encryption] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionDiskEncryptionConfig object = { enabled: false } -@description('Optional. The configuration for the [Desired State Configuration] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Desired State Configuration] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionDSCConfig object = { enabled: false } -@description('Optional. The configuration for the [Custom Script] extension. Must at least contain the ["enabled": true] property to be executed') +@description('Optional. The configuration for the [Custom Script] extension. Must at least contain the ["enabled": true] property to be executed.') param extensionCustomScriptConfig object = { enabled: false fileData: [] } -@description('Optional. Any object that contains the extension specific protected settings') +@description('Optional. Any object that contains the extension specific protected settings.') @secure() param extensionCustomScriptProtectedSetting object = {} @@ -239,7 +239,7 @@ param diagnosticEventHubName string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -254,7 +254,7 @@ param baseTime string = utcNow('u') @description('Optional. SAS token validity length to use to download files from storage accounts. Usage: \'PT8H\' - valid for 8 hours; \'P5D\' - valid for 5 days; \'P1Y\' - valid for 1 year. When not provided, the SAS token will be valid for 8 hours.') param sasTokenValidityLength string = 'PT8H' -@description('Required. The chosen OS type') +@description('Required. The chosen OS type.') @allowed([ 'Windows' 'Linux' @@ -273,13 +273,13 @@ param enableAutomaticUpdates bool = true @description('Optional. Specifies the time zone of the virtual machine. e.g. \'Pacific Standard Time\'. Possible values can be TimeZoneInfo.id value from time zones returned by TimeZoneInfo.GetSystemTimeZones.') param timeZone string = '' -@description('Optional. Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. - AdditionalUnattendContent object') +@description('Optional. Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. - AdditionalUnattendContent object.') param additionalUnattendContent array = [] @description('Optional. Specifies the Windows Remote Management listeners. This enables remote Windows PowerShell. - WinRMConfiguration object.') param winRM object = {} -@description('Optional. Any VM configuration profile assignments') +@description('Optional. Any VM configuration profile assignments.') param configurationProfileAssignments array = [] var vmComputerNameTransformed = vmComputerNamesTransformation == 'uppercase' ? toUpper(name) : (vmComputerNamesTransformation == 'lowercase' ? toLower(name) : name) diff --git a/arm/Microsoft.Compute/virtualMachines/extensions/deploy.bicep b/arm/Microsoft.Compute/virtualMachines/extensions/deploy.bicep index b0ec0ffb45..14b6bfaac1 100644 --- a/arm/Microsoft.Compute/virtualMachines/extensions/deploy.bicep +++ b/arm/Microsoft.Compute/virtualMachines/extensions/deploy.bicep @@ -1,38 +1,38 @@ -@description('Required. The name of the virtual machine that extension is provisioned for') +@description('Conditional. The name of the parent virtual machine that extension is provisioned for. Required if the template is used in a standalone deployment.') param virtualMachineName string -@description('Required. The name of the virtual machine extension') +@description('Required. The name of the virtual machine extension.') param name string -@description('Optional. The location the extension is deployed to') +@description('Optional. The location the extension is deployed to.') param location string = resourceGroup().location -@description('Required. The name of the extension handler publisher') +@description('Required. The name of the extension handler publisher.') param publisher string -@description('Required. Specifies the type of the extension; an example is "CustomScriptExtension"') +@description('Required. Specifies the type of the extension; an example is "CustomScriptExtension".') param type string -@description('Required. Specifies the version of the script handler') +@description('Required. Specifies the version of the script handler.') param typeHandlerVersion string -@description('Required. Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true') +@description('Required. Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true.') param autoUpgradeMinorVersion bool -@description('Optional. How the extension handler should be forced to update even if the extension configuration has not changed') +@description('Optional. How the extension handler should be forced to update even if the extension configuration has not changed.') param forceUpdateTag string = '' -@description('Optional. Any object that contains the extension specific settings') +@description('Optional. Any object that contains the extension specific settings.') param settings object = {} -@description('Optional. Any object that contains the extension specific protected settings') +@description('Optional. Any object that contains the extension specific protected settings.') @secure() param protectedSettings object = {} -@description('Optional. Indicates whether failures stemming from the extension will be suppressed (Operational failures such as not connecting to the VM will not be suppressed regardless of this value). The default is false') +@description('Optional. Indicates whether failures stemming from the extension will be suppressed (Operational failures such as not connecting to the VM will not be suppressed regardless of this value). The default is false.') param supressFailures bool = false -@description('Required. Indicates whether the extension should be automatically upgraded by the platform if there is a newer version of the extension available') +@description('Required. Indicates whether the extension should be automatically upgraded by the platform if there is a newer version of the extension available.') param enableAutomaticUpgrade bool @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -71,10 +71,10 @@ resource extension 'Microsoft.Compute/virtualMachines/extensions@2021-07-01' = { } } -@description('The name of the extension') +@description('The name of the extension.') output name string = extension.name -@description('The resource ID of the extension') +@description('The resource ID of the extension.') output resourceId string = extension.id @description('The name of the Resource Group the extension was created in.') diff --git a/arm/Microsoft.Compute/virtualMachines/extensions/readme.md b/arm/Microsoft.Compute/virtualMachines/extensions/readme.md index f5c3af9fd7..1e387f965a 100644 --- a/arm/Microsoft.Compute/virtualMachines/extensions/readme.md +++ b/arm/Microsoft.Compute/virtualMachines/extensions/readme.md @@ -19,29 +19,33 @@ This module deploys a virtual machine extension. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `autoUpgradeMinorVersion` | bool | Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true | -| `enableAutomaticUpgrade` | bool | Indicates whether the extension should be automatically upgraded by the platform if there is a newer version of the extension available | -| `name` | string | The name of the virtual machine extension | -| `publisher` | string | The name of the extension handler publisher | -| `type` | string | Specifies the type of the extension; an example is "CustomScriptExtension" | -| `typeHandlerVersion` | string | Specifies the version of the script handler | -| `virtualMachineName` | string | The name of the virtual machine that extension is provisioned for | +| `autoUpgradeMinorVersion` | bool | Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true. | +| `enableAutomaticUpgrade` | bool | Indicates whether the extension should be automatically upgraded by the platform if there is a newer version of the extension available. | +| `name` | string | The name of the virtual machine extension. | +| `publisher` | string | The name of the extension handler publisher. | +| `type` | string | Specifies the type of the extension; an example is "CustomScriptExtension". | +| `typeHandlerVersion` | string | Specifies the version of the script handler. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `virtualMachineName` | string | The name of the parent virtual machine that extension is provisioned for. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `forceUpdateTag` | string | `''` | How the extension handler should be forced to update even if the extension configuration has not changed | -| `location` | string | `[resourceGroup().location]` | The location the extension is deployed to | -| `protectedSettings` | secureObject | `{object}` | Any object that contains the extension specific protected settings | -| `settings` | object | `{object}` | Any object that contains the extension specific settings | -| `supressFailures` | bool | `False` | Indicates whether failures stemming from the extension will be suppressed (Operational failures such as not connecting to the VM will not be suppressed regardless of this value). The default is false | +| `forceUpdateTag` | string | `''` | How the extension handler should be forced to update even if the extension configuration has not changed. | +| `location` | string | `[resourceGroup().location]` | The location the extension is deployed to. | +| `protectedSettings` | secureObject | `{object}` | Any object that contains the extension specific protected settings. | +| `settings` | object | `{object}` | Any object that contains the extension specific settings. | +| `supressFailures` | bool | `False` | Indicates whether failures stemming from the extension will be suppressed (Operational failures such as not connecting to the VM will not be suppressed regardless of this value). The default is false. | ## Outputs | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the extension | +| `name` | string | The name of the extension. | | `resourceGroupName` | string | The name of the Resource Group the extension was created in. | -| `resourceId` | string | The resource ID of the extension | +| `resourceId` | string | The resource ID of the extension. | diff --git a/arm/Microsoft.Compute/virtualMachines/readme.md b/arm/Microsoft.Compute/virtualMachines/readme.md index ac25bd60c8..8282bc127c 100644 --- a/arm/Microsoft.Compute/virtualMachines/readme.md +++ b/arm/Microsoft.Compute/virtualMachines/readme.md @@ -27,18 +27,18 @@ This module deploys one Virtual Machine with one or multiple nics and optionally **Required parameters** | Parameter Name | Type | Allowed Values | Description | | :-- | :-- | :-- | :-- | -| `adminUsername` | secureString | | Administrator username | +| `adminUsername` | secureString | | Administrator username. | | `imageReference` | object | | OS image reference. In case of marketplace images, it's the combination of the publisher, offer, sku, version attributes. In case of custom images it's the resource ID of the custom image. | | `nicConfigurations` | array | | Configures NICs and PIPs. | | `osDisk` | object | | Specifies the OS disk. For security reasons, it is recommended to specify DiskEncryptionSet into the osDisk object. Restrictions: DiskEncryptionSet cannot be enabled if Azure Disk Encryption (guest-VM encryption using bitlocker/DM-Crypt) is enabled on your VMs. | -| `osType` | string | `[Windows, Linux]` | The chosen OS type | -| `vmSize` | string | | Specifies the size for the VMs | +| `osType` | string | `[Windows, Linux]` | The chosen OS type. | +| `vmSize` | string | | Specifies the size for the VMs. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `additionalUnattendContent` | array | `[]` | | Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. - AdditionalUnattendContent object | -| `adminPassword` | secureString | `''` | | When specifying a Windows Virtual Machine, this value should be passed | +| `additionalUnattendContent` | array | `[]` | | Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup. - AdditionalUnattendContent object. | +| `adminPassword` | secureString | `''` | | When specifying a Windows Virtual Machine, this value should be passed. | | `allowExtensionOperations` | bool | `True` | | Specifies whether extension operations should be allowed on the virtual machine. This may only be set to False when no extensions are present on the virtual machine. | | `availabilitySetName` | string | `''` | | Resource name of an availability set. Cannot be used in combination with availability zone nor scale set. | | `availabilityZone` | int | `0` | `[0, 1, 2, 3]` | If set to 1, 2 or 3, the availability zone for all VMs is hardcoded to that value. If zero, then availability zones is not used. Cannot be used in combination with availability set nor scale set. | @@ -48,7 +48,7 @@ This module deploys one Virtual Machine with one or multiple nics and optionally | `bootDiagnosticStorageAccountName` | string | `''` | | Storage account used to store boot diagnostic information. Boot diagnostics will be disabled if no value is provided. | | `bootDiagnosticStorageAccountUri` | string | `[format('.blob.{0}/', environment().suffixes.storage)]` | | Storage account boot diagnostic base URI. | | `certificatesToBeInstalled` | array | `[]` | | Specifies set of certificates that should be installed onto the virtual machine. | -| `configurationProfileAssignments` | array | `[]` | | Any VM configuration profile assignments | +| `configurationProfileAssignments` | array | `[]` | | Any VM configuration profile assignments. | | `customData` | string | `''` | | Custom data associated to the VM, this value will be automatically converted into base64 to account for the expected VM format. | | `dataDisks` | array | `[]` | | Specifies the data disks. For security reasons, it is recommended to specify DiskEncryptionSet into the dataDisk object. Restrictions: DiskEncryptionSet cannot be enabled if Azure Disk Encryption (guest-VM encryption using bitlocker/DM-Crypt) is enabled on your VMs. | | `dedicatedHostId` | string | `''` | | Specifies resource ID about the dedicated host that the virtual machine resides in. | @@ -63,16 +63,16 @@ This module deploys one Virtual Machine with one or multiple nics and optionally | `enableEvictionPolicy` | bool | `False` | | Specifies the eviction policy for the low priority virtual machine. Will result in 'Deallocate' eviction policy. | | `enableServerSideEncryption` | bool | `False` | | Specifies if Windows VM disks should be encrypted with Server-side encryption + Customer managed Key. | | `encryptionAtHost` | bool | `True` | | This property can be used by user in the request to enable or disable the Host Encryption for the virtual machine. This will enable the encryption for all the disks including Resource/Temp disk at host itself. For security reasons, it is recommended to set encryptionAtHost to True. Restrictions: Cannot be enabled if Azure Disk Encryption (guest-VM encryption using bitlocker/DM-Crypt) is enabled on your VMs. | -| `extensionAntiMalwareConfig` | object | `{object}` | | The configuration for the [Anti Malware] extension. Must at least contain the ["enabled": true] property to be executed | -| `extensionCustomScriptConfig` | object | `{object}` | | The configuration for the [Custom Script] extension. Must at least contain the ["enabled": true] property to be executed | -| `extensionCustomScriptProtectedSetting` | secureObject | `{object}` | | Any object that contains the extension specific protected settings | -| `extensionDependencyAgentConfig` | object | `{object}` | | The configuration for the [Dependency Agent] extension. Must at least contain the ["enabled": true] property to be executed | -| `extensionDiskEncryptionConfig` | object | `{object}` | | The configuration for the [Disk Encryption] extension. Must at least contain the ["enabled": true] property to be executed | -| `extensionDomainJoinConfig` | object | `{object}` | | The configuration for the [Domain Join] extension. Must at least contain the ["enabled": true] property to be executed | -| `extensionDomainJoinPassword` | secureString | `''` | | Required if domainName is specified. Password of the user specified in domainJoinUser parameter | -| `extensionDSCConfig` | object | `{object}` | | The configuration for the [Desired State Configuration] extension. Must at least contain the ["enabled": true] property to be executed | -| `extensionMonitoringAgentConfig` | object | `{object}` | | The configuration for the [Monitoring Agent] extension. Must at least contain the ["enabled": true] property to be executed | -| `extensionNetworkWatcherAgentConfig` | object | `{object}` | | The configuration for the [Network Watcher Agent] extension. Must at least contain the ["enabled": true] property to be executed | +| `extensionAntiMalwareConfig` | object | `{object}` | | The configuration for the [Anti Malware] extension. Must at least contain the ["enabled": true] property to be executed. | +| `extensionCustomScriptConfig` | object | `{object}` | | The configuration for the [Custom Script] extension. Must at least contain the ["enabled": true] property to be executed. | +| `extensionCustomScriptProtectedSetting` | secureObject | `{object}` | | Any object that contains the extension specific protected settings. | +| `extensionDependencyAgentConfig` | object | `{object}` | | The configuration for the [Dependency Agent] extension. Must at least contain the ["enabled": true] property to be executed. | +| `extensionDiskEncryptionConfig` | object | `{object}` | | The configuration for the [Disk Encryption] extension. Must at least contain the ["enabled": true] property to be executed. | +| `extensionDomainJoinConfig` | object | `{object}` | | The configuration for the [Domain Join] extension. Must at least contain the ["enabled": true] property to be executed. | +| `extensionDomainJoinPassword` | secureString | `''` | | Required if domainName is specified. Password of the user specified in domainJoinUser parameter. | +| `extensionDSCConfig` | object | `{object}` | | The configuration for the [Desired State Configuration] extension. Must at least contain the ["enabled": true] property to be executed. | +| `extensionMonitoringAgentConfig` | object | `{object}` | | The configuration for the [Monitoring Agent] extension. Must at least contain the ["enabled": true] property to be executed. | +| `extensionNetworkWatcherAgentConfig` | object | `{object}` | | The configuration for the [Network Watcher Agent] extension. Must at least contain the ["enabled": true] property to be executed. | | `licenseType` | string | `''` | `[Windows_Client, Windows_Server, ]` | Specifies that the image or disk that is being used was licensed on-premises. This element is only used for images that contain the Windows Server operating system. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | @@ -87,8 +87,8 @@ This module deploys one Virtual Machine with one or multiple nics and optionally | `plan` | object | `{object}` | | Specifies information about the marketplace image used to create the virtual machine. This element is only used for marketplace images. Before you can use a marketplace image from an API, you must enable the image for programmatic use. | | `provisionVMAgent` | bool | `True` | | Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later. | | `proximityPlacementGroupName` | string | `''` | | Resource name of a proximity placement group. | -| `publicKeys` | array | `[]` | | The list of SSH public keys used to authenticate with linux based VMs | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `publicKeys` | array | `[]` | | The list of SSH public keys used to authenticate with linux based VMs. | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `sasTokenValidityLength` | string | `'PT8H'` | | SAS token validity length to use to download files from storage accounts. Usage: 'PT8H' - valid for 8 hours; 'P5D' - valid for 5 days; 'P1Y' - valid for 1 year. When not provided, the SAS token will be valid for 8 hours. | | `secureBootEnabled` | bool | `False` | | Specifies whether secure boot should be enabled on the virtual machine. This parameter is part of the UefiSettings. SecurityType should be set to TrustedLaunch to enable UefiSettings. | | `securityType` | string | `''` | | Specifies the SecurityType of the virtual machine. It is set as TrustedLaunch to enable UefiSettings. | diff --git a/arm/Microsoft.Consumption/budgets/deploy.bicep b/arm/Microsoft.Consumption/budgets/deploy.bicep index 83d1b40ed2..61c1b0517c 100644 --- a/arm/Microsoft.Consumption/budgets/deploy.bicep +++ b/arm/Microsoft.Consumption/budgets/deploy.bicep @@ -98,11 +98,11 @@ resource budget 'Microsoft.Consumption/budgets@2019-05-01' = { } } -@description('The name of the budget') +@description('The name of the budget.') output name string = budget.name -@description('The resource ID of the budget') +@description('The resource ID of the budget.') output resourceId string = budget.id -@description('The subscription the budget was deployed into') +@description('The subscription the budget was deployed into.') output subscriptionName string = subscription().displayName diff --git a/arm/Microsoft.Consumption/budgets/readme.md b/arm/Microsoft.Consumption/budgets/readme.md index f336d2b627..1642bcbf61 100644 --- a/arm/Microsoft.Consumption/budgets/readme.md +++ b/arm/Microsoft.Consumption/budgets/readme.md @@ -41,6 +41,6 @@ This module deploys budgets for subscriptions. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the budget | -| `resourceId` | string | The resource ID of the budget | -| `subscriptionName` | string | The subscription the budget was deployed into | +| `name` | string | The name of the budget. | +| `resourceId` | string | The resource ID of the budget. | +| `subscriptionName` | string | The subscription the budget was deployed into. | diff --git a/arm/Microsoft.ContainerInstance/containerGroups/deploy.bicep b/arm/Microsoft.ContainerInstance/containerGroups/deploy.bicep index 2948d859bb..b28bc80765 100644 --- a/arm/Microsoft.ContainerInstance/containerGroups/deploy.bicep +++ b/arm/Microsoft.ContainerInstance/containerGroups/deploy.bicep @@ -24,16 +24,16 @@ param memoryInGB int = 2 @description('Optional. The operating system type required by the containers in the container group. - Windows or Linux.') param osType string = 'Linux' -@description('Optional. Restart policy for all containers within the container group. - Always: Always restart. OnFailure: Restart on failure. Never: Never restart. - Always, OnFailure, Never') +@description('Optional. Restart policy for all containers within the container group. - Always: Always restart. OnFailure: Restart on failure. Never: Never restart. - Always, OnFailure, Never.') param restartPolicy string = 'Always' -@description('Optional. Specifies if the IP is exposed to the public internet or private VNET. - Public or Private') +@description('Optional. Specifies if the IP is exposed to the public internet or private VNET. - Public or Private.') param ipAddressType string = 'Public' @description('Optional. The image registry credentials by which the container group is created from.') param imageRegistryCredentials array = [] -@description('Optional. Envrionment variables of the container group.') +@description('Optional. Environment variables of the container group.') param environmentVariables array = [] @description('Optional. Location for all Resources.') @@ -120,16 +120,16 @@ resource containergroup_lock 'Microsoft.Authorization/locks@2017-04-01' = if (lo scope: containergroup } -@description('The name of the container group') +@description('The name of the container group.') output name string = containergroup.name -@description('The resource ID of the container group') +@description('The resource ID of the container group.') output resourceId string = containergroup.id -@description('The resource group the container group was deployed into') +@description('The resource group the container group was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The IPv4 address of the container group') +@description('The IPv4 address of the container group.') output iPv4Address string = containergroup.properties.ipAddress.ip @description('The principal ID of the system assigned identity.') diff --git a/arm/Microsoft.ContainerInstance/containerGroups/readme.md b/arm/Microsoft.ContainerInstance/containerGroups/readme.md index 29aa7f1198..375aa7d1b4 100644 --- a/arm/Microsoft.ContainerInstance/containerGroups/readme.md +++ b/arm/Microsoft.ContainerInstance/containerGroups/readme.md @@ -31,15 +31,15 @@ The top-level resource in Azure Container Instances is the container group. A co | :-- | :-- | :-- | :-- | :-- | | `cpuCores` | int | `2` | | The number of CPU cores to allocate to the container. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `environmentVariables` | array | `[]` | | Envrionment variables of the container group. | +| `environmentVariables` | array | `[]` | | Environment variables of the container group. | | `imageRegistryCredentials` | array | `[]` | | The image registry credentials by which the container group is created from. | -| `ipAddressType` | string | `'Public'` | | Specifies if the IP is exposed to the public internet or private VNET. - Public or Private | +| `ipAddressType` | string | `'Public'` | | Specifies if the IP is exposed to the public internet or private VNET. - Public or Private. | | `location` | string | `[resourceGroup().location]` | | Location for all Resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `memoryInGB` | int | `2` | | The amount of memory to allocate to the container in gigabytes. | | `osType` | string | `'Linux'` | | The operating system type required by the containers in the container group. - Windows or Linux. | | `ports` | array | `[System.Collections.Hashtable]` | | Port to open on the container and the public IP address. | -| `restartPolicy` | string | `'Always'` | | Restart policy for all containers within the container group. - Always: Always restart. OnFailure: Restart on failure. Never: Never restart. - Always, OnFailure, Never | +| `restartPolicy` | string | `'Always'` | | Restart policy for all containers within the container group. - Always: Always restart. OnFailure: Restart on failure. Never: Never restart. - Always, OnFailure, Never. | | `systemAssignedIdentity` | bool | `False` | | Enables system assigned managed identity on the resource. | | `tags` | object | `{object}` | | Tags of the resource. | | `userAssignedIdentities` | object | `{object}` | | The ID(s) to assign to the resource. | @@ -94,8 +94,8 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `iPv4Address` | string | The IPv4 address of the container group | -| `name` | string | The name of the container group | -| `resourceGroupName` | string | The resource group the container group was deployed into | -| `resourceId` | string | The resource ID of the container group | +| `iPv4Address` | string | The IPv4 address of the container group. | +| `name` | string | The name of the container group. | +| `resourceGroupName` | string | The resource group the container group was deployed into. | +| `resourceId` | string | The resource ID of the container group. | | `systemAssignedPrincipalId` | string | The principal ID of the system assigned identity. | diff --git a/arm/Microsoft.ContainerRegistry/registries/deploy.bicep b/arm/Microsoft.ContainerRegistry/registries/deploy.bicep index 2272104227..8f1eaf19cf 100644 --- a/arm/Microsoft.ContainerRegistry/registries/deploy.bicep +++ b/arm/Microsoft.ContainerRegistry/registries/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Name of your Azure container registry') +@description('Required. Name of your Azure container registry.') @minLength(5) @maxLength(50) param name string @@ -9,7 +9,7 @@ param acrAdminUserEnabled bool = false @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Configuration Details for private endpoints.') @@ -71,10 +71,10 @@ param dataEndpointEnabled bool = false 'Disabled' 'Enabled' ]) -@description('Optional. Whether or not public network access is allowed for the container registry. - Enabled or Disabled') +@description('Optional. Whether or not public network access is allowed for the container registry. - Enabled or Disabled.') param publicNetworkAccess string = 'Enabled' -@description('Optional. Whether to allow trusted Azure services to access a network restricted registry. Not relevant in case of public access. - AzureServices or None') +@description('Optional. Whether to allow trusted Azure services to access a network restricted registry. Not relevant in case of public access. - AzureServices or None.') param networkRuleBypassOptions string = 'AzureServices' @allowed([ @@ -91,10 +91,10 @@ param networkRuleSetIpRules array = [] 'Disabled' 'Enabled' ]) -@description('Optional. Whether or not zone redundancy is enabled for this container registry') +@description('Optional. Whether or not zone redundancy is enabled for this container registry.') param zoneRedundancy string = 'Disabled' -@description('Optional. All replications to create') +@description('Optional. All replications to create.') param replications array = [] @allowed([ diff --git a/arm/Microsoft.ContainerRegistry/registries/readme.md b/arm/Microsoft.ContainerRegistry/registries/readme.md index b9ff23c7d8..f7702e7a4f 100644 --- a/arm/Microsoft.ContainerRegistry/registries/readme.md +++ b/arm/Microsoft.ContainerRegistry/registries/readme.md @@ -25,7 +25,7 @@ Azure Container Registry is a managed, private Docker registry service based on **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of your Azure container registry | +| `name` | string | Name of your Azure container registry. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -47,21 +47,21 @@ Azure Container Registry is a managed, private Docker registry service based on | `keyVaultProperties` | object | `{object}` | | Identity which will be used to access key vault and Key vault uri to access the encryption key. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `networkRuleBypassOptions` | string | `'AzureServices'` | | Whether to allow trusted Azure services to access a network restricted registry. Not relevant in case of public access. - AzureServices or None | +| `networkRuleBypassOptions` | string | `'AzureServices'` | | Whether to allow trusted Azure services to access a network restricted registry. Not relevant in case of public access. - AzureServices or None. | | `networkRuleSetDefaultAction` | string | `'Deny'` | `[Allow, Deny]` | The default action of allow or deny when no other rules match. | | `networkRuleSetIpRules` | array | `[]` | | The IP ACL rules. | | `privateEndpoints` | array | `[]` | | Configuration Details for private endpoints. | -| `publicNetworkAccess` | string | `'Enabled'` | `[Disabled, Enabled]` | Whether or not public network access is allowed for the container registry. - Enabled or Disabled | +| `publicNetworkAccess` | string | `'Enabled'` | `[Disabled, Enabled]` | Whether or not public network access is allowed for the container registry. - Enabled or Disabled. | | `quarantinePolicyStatus` | string | `'disabled'` | `[disabled, enabled]` | The value that indicates whether the quarantine policy is enabled or not. | -| `replications` | _[replications](replications/readme.md)_ array | `[]` | | All replications to create | +| `replications` | _[replications](replications/readme.md)_ array | `[]` | | All replications to create. | | `retentionPolicyDays` | int | `15` | | The number of days to retain an untagged manifest after which it gets purged. | | `retentionPolicyStatus` | string | `'enabled'` | `[disabled, enabled]` | The value that indicates whether the retention policy is enabled or not. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `systemAssignedIdentity` | bool | `False` | | Enables system assigned managed identity on the resource. | | `tags` | object | `{object}` | | Tags of the resource. | | `trustPolicyStatus` | string | `'disabled'` | `[disabled, enabled]` | The value that indicates whether the trust policy is enabled or not. | | `userAssignedIdentities` | object | `{object}` | | The ID(s) to assign to the resource. | -| `zoneRedundancy` | string | `'Disabled'` | `[Disabled, Enabled]` | Whether or not zone redundancy is enabled for this container registry | +| `zoneRedundancy` | string | `'Disabled'` | `[Disabled, Enabled]` | Whether or not zone redundancy is enabled for this container registry. | ### Parameter Usage: `keyVaultProperties` diff --git a/arm/Microsoft.ContainerRegistry/registries/replications/deploy.bicep b/arm/Microsoft.ContainerRegistry/registries/replications/deploy.bicep index 341b6e44b3..43be6e20c6 100644 --- a/arm/Microsoft.ContainerRegistry/registries/replications/deploy.bicep +++ b/arm/Microsoft.ContainerRegistry/registries/replications/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. The name of the registry.') +@description('Conditional. The name of the parent registry. Required if the template is used in a standalone deployment.') param registryName string @description('Required. The name of the replication.') @@ -17,7 +17,7 @@ param regionEndpointEnabled bool = true 'Disabled' 'Enabled' ]) -@description('Optional. Whether or not zone redundancy is enabled for this container registry') +@description('Optional. Whether or not zone redundancy is enabled for this container registry.') param zoneRedundancy string = 'Disabled' @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') diff --git a/arm/Microsoft.ContainerRegistry/registries/replications/readme.md b/arm/Microsoft.ContainerRegistry/registries/replications/readme.md index 6e1e0f1a8c..f13afdc431 100644 --- a/arm/Microsoft.ContainerRegistry/registries/replications/readme.md +++ b/arm/Microsoft.ContainerRegistry/registries/replications/readme.md @@ -20,7 +20,11 @@ This module deploys ContainerRegistry Registries Replications. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the replication. | -| `registryName` | string | The name of the registry. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `registryName` | string | The name of the parent registry. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -29,7 +33,7 @@ This module deploys ContainerRegistry Registries Replications. | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `regionEndpointEnabled` | bool | `True` | | Specifies whether the replication regional endpoint is enabled. Requests will not be routed to a replication whose regional endpoint is disabled, however its data will continue to be synced with other replications. | | `tags` | object | `{object}` | | Tags of the resource. | -| `zoneRedundancy` | string | `'Disabled'` | `[Disabled, Enabled]` | Whether or not zone redundancy is enabled for this container registry | +| `zoneRedundancy` | string | `'Disabled'` | `[Disabled, Enabled]` | Whether or not zone redundancy is enabled for this container registry. | ### Parameter Usage: `tags` diff --git a/arm/Microsoft.ContainerService/managedClusters/agentPools/deploy.bicep b/arm/Microsoft.ContainerService/managedClusters/agentPools/deploy.bicep index b57a756c96..2131906aa6 100644 --- a/arm/Microsoft.ContainerService/managedClusters/agentPools/deploy.bicep +++ b/arm/Microsoft.ContainerService/managedClusters/agentPools/deploy.bicep @@ -1,11 +1,11 @@ -@description('Required. Name of the managed cluster') +@description('Conditional. Name of the managed cluster. Required if the template is used in a standalone deployment.') @minLength(1) param managedClusterName string -@description('Required. Name of the agent pool') +@description('Required. Name of the agent pool.') param name string -@description('Optional. The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is "VirtualMachineScaleSets". ') +@description('Optional. The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is "VirtualMachineScaleSets". .') param availabilityZones array = [] @description('Optional. Desired Number of agents (VMs) specified to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.') @@ -16,14 +16,14 @@ param count int = 1 @description('Optional. This is the ARM ID of the source object to be used to create the target object.') param sourceResourceId string = '' -@description('Optional. Whether to enable auto-scaler') +@description('Optional. Whether to enable auto-scaler.') @allowed([ true false ]) param enableAutoScaling bool = false -@description('Optional. This is only supported on certain VM sizes and in certain Azure regions. For more information, see: /azure/aks/enable-host-encryption ') +@description('Optional. This is only supported on certain VM sizes and in certain Azure regions. For more information, see: /azure/aks/enable-host-encryption .') @allowed([ true false @@ -44,7 +44,7 @@ param enableFIPS bool = false ]) param enableNodePublicIP bool = false -@description('Optional. Whether to enable UltraSSD') +@description('Optional. Whether to enable UltraSSD.') @allowed([ true false @@ -65,25 +65,25 @@ param gpuInstanceProfile string = '' @description('Optional. Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.') param kubeletDiskType string = '' -@description('Optional. The maximum number of nodes for auto-scaling') +@description('Optional. The maximum number of nodes for auto-scaling.') param maxCount int = -1 @description('Optional. The maximum number of pods that can run on a node.') param maxPods int = -1 -@description('Optional. The minimum number of nodes for auto-scaling') +@description('Optional. The minimum number of nodes for auto-scaling.') param minCount int = -1 -@description('Optional. A cluster must have at least one "System" Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: /azure/aks/use-system-pools') +@description('Optional. A cluster must have at least one "System" Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: /azure/aks/use-system-pools.') param mode string = '' @description('Optional. The node labels to be persisted across all nodes in agent pool.') param nodeLabels object = {} -@description('Optional. ResourceId of the node PublicIPPrefix') +@description('Optional. ResourceId of the node PublicIPPrefix.') param nodePublicIpPrefixId string = '' -@description('Optional. The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule. ') +@description('Optional. The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule. .') param nodeTaints array = [] @description('Optional. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool (https://docs.microsoft.com/en-us/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).') @@ -115,7 +115,7 @@ param osSku string = '' ]) param osType string = 'Linux' -@description('Optional. Subnet ID for the pod IPs. If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} ') +@description('Optional. Subnet ID for the pod IPs. If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} .') param podSubnetId string = '' @description('Optional. The ID for the Proximity Placement Group.') @@ -128,7 +128,7 @@ param proximityPlacementGroupId string = '' ]) param scaleDownMode string = 'Delete' -@description('Optional. The eviction policy specifies what to do with the VM when it is evicted. The default is Delete. For more information about eviction see spot VMs ') +@description('Optional. The eviction policy specifies what to do with the VM when it is evicted. The default is Delete. For more information about eviction see spot VMs .') @allowed([ 'Deallocate' 'Delete' @@ -143,7 +143,7 @@ param scaleSetEvictionPolicy string = 'Delete' ]) param scaleSetPriority string = '' -@description('Optional. Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing (https://docs.microsoft.com/en-us/azure/virtual-machines/spot-vms#pricing)') +@description('Optional. Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing (https://docs.microsoft.com/en-us/azure/virtual-machines/spot-vms#pricing).') param spotMaxPrice int = -1 @description('Optional. Tags of the resource.') @@ -152,13 +152,13 @@ param tags object = {} @description('Optional. The type of Agent Pool.') param type string = '' -@description('Optional. This can either be set to an integer (e.g. "5") or a percentage (e.g. "50%"). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: /azure/aks/upgrade-cluster#customize-node-surge-upgrade') +@description('Optional. This can either be set to an integer (e.g. "5") or a percentage (e.g. "50%"). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: /azure/aks/upgrade-cluster#customize-node-surge-upgrade.') param maxSurge string = '' -@description('Optional. VM size. VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: /azure/aks/quotas-skus-regions') +@description('Optional. VM size. VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: /azure/aks/quotas-skus-regions.') param vmSize string = 'Standard_D2s_v3' -@description('Optional. Node Subnet ID. If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} ') +@description('Optional. Node Subnet ID. If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} .') param vnetSubnetId string = '' @description('Optional. Determines the type of workload a node can run.') @@ -232,10 +232,10 @@ resource agentPool 'Microsoft.ContainerService/managedClusters/agentPools@2021-0 } } -@description('The name of the agent pool') +@description('The name of the agent pool.') output name string = agentPool.name -@description('The resource ID of the agent pool') +@description('The resource ID of the agent pool.') output resourceId string = agentPool.id @description('The resource group the agent pool was deployed into.') diff --git a/arm/Microsoft.ContainerService/managedClusters/agentPools/readme.md b/arm/Microsoft.ContainerService/managedClusters/agentPools/readme.md index 820093a82a..fe982351e8 100644 --- a/arm/Microsoft.ContainerService/managedClusters/agentPools/readme.md +++ b/arm/Microsoft.ContainerService/managedClusters/agentPools/readme.md @@ -19,46 +19,50 @@ This module deploys an Agent Pool for a Container Service Managed Cluster **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `managedClusterName` | string | Name of the managed cluster | -| `name` | string | Name of the agent pool | +| `name` | string | Name of the agent pool. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `managedClusterName` | string | Name of the managed cluster. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `availabilityZones` | array | `[]` | | The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is "VirtualMachineScaleSets". | +| `availabilityZones` | array | `[]` | | The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is "VirtualMachineScaleSets". . | | `count` | int | `1` | | Desired Number of agents (VMs) specified to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. | -| `enableAutoScaling` | bool | `False` | `[True, False]` | Whether to enable auto-scaler | +| `enableAutoScaling` | bool | `False` | `[True, False]` | Whether to enable auto-scaler. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `enableEncryptionAtHost` | bool | `False` | `[True, False]` | This is only supported on certain VM sizes and in certain Azure regions. For more information, see: /azure/aks/enable-host-encryption | +| `enableEncryptionAtHost` | bool | `False` | `[True, False]` | This is only supported on certain VM sizes and in certain Azure regions. For more information, see: /azure/aks/enable-host-encryption . | | `enableFIPS` | bool | `False` | `[True, False]` | See Add a FIPS-enabled node pool (https://docs.microsoft.com/en-us/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details. | | `enableNodePublicIP` | bool | `False` | `[True, False]` | Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node (https://docs.microsoft.com/en-us/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false. | -| `enableUltraSSD` | bool | `False` | `[True, False]` | Whether to enable UltraSSD | +| `enableUltraSSD` | bool | `False` | `[True, False]` | Whether to enable UltraSSD. | | `gpuInstanceProfile` | string | `''` | `[MIG1g, MIG2g, MIG3g, MIG4g, MIG7g, ]` | GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU. | | `kubeletDiskType` | string | `''` | | Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. | -| `maxCount` | int | `-1` | | The maximum number of nodes for auto-scaling | +| `maxCount` | int | `-1` | | The maximum number of nodes for auto-scaling. | | `maxPods` | int | `-1` | | The maximum number of pods that can run on a node. | -| `maxSurge` | string | `''` | | This can either be set to an integer (e.g. "5") or a percentage (e.g. "50%"). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: /azure/aks/upgrade-cluster#customize-node-surge-upgrade | -| `minCount` | int | `-1` | | The minimum number of nodes for auto-scaling | -| `mode` | string | `''` | | A cluster must have at least one "System" Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: /azure/aks/use-system-pools | +| `maxSurge` | string | `''` | | This can either be set to an integer (e.g. "5") or a percentage (e.g. "50%"). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: /azure/aks/upgrade-cluster#customize-node-surge-upgrade. | +| `minCount` | int | `-1` | | The minimum number of nodes for auto-scaling. | +| `mode` | string | `''` | | A cluster must have at least one "System" Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: /azure/aks/use-system-pools. | | `nodeLabels` | object | `{object}` | | The node labels to be persisted across all nodes in agent pool. | -| `nodePublicIpPrefixId` | string | `''` | | ResourceId of the node PublicIPPrefix | -| `nodeTaints` | array | `[]` | | The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule. | +| `nodePublicIpPrefixId` | string | `''` | | ResourceId of the node PublicIPPrefix. | +| `nodeTaints` | array | `[]` | | The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule. . | | `orchestratorVersion` | string | `''` | | As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool (https://docs.microsoft.com/en-us/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). | | `osDiskSizeGB` | int | `0` | | OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified. | | `osDiskType` | string | `''` | `[Ephemeral, Managed, ]` | The default is "Ephemeral" if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to "Managed". May not be changed after creation. For more information see Ephemeral OS (https://docs.microsoft.com/en-us/azure/aks/cluster-configuration#ephemeral-os). | | `osSku` | string | `''` | `[CBLMariner, Ubuntu, ]` | Specifies an OS SKU. This value must not be specified if OSType is Windows. | | `osType` | string | `'Linux'` | `[Linux, Windows]` | The operating system type. The default is Linux. | -| `podSubnetId` | string | `''` | | Subnet ID for the pod IPs. If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | +| `podSubnetId` | string | `''` | | Subnet ID for the pod IPs. If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} . | | `proximityPlacementGroupId` | string | `''` | | The ID for the Proximity Placement Group. | | `scaleDownMode` | string | `'Delete'` | `[Deallocate, Delete]` | Describes how VMs are added to or removed from Agent Pools. See billing states (https://docs.microsoft.com/en-us/azure/virtual-machines/states-billing). | -| `scaleSetEvictionPolicy` | string | `'Delete'` | `[Deallocate, Delete]` | The eviction policy specifies what to do with the VM when it is evicted. The default is Delete. For more information about eviction see spot VMs | +| `scaleSetEvictionPolicy` | string | `'Delete'` | `[Deallocate, Delete]` | The eviction policy specifies what to do with the VM when it is evicted. The default is Delete. For more information about eviction see spot VMs . | | `scaleSetPriority` | string | `''` | `[Regular, Spot, ]` | The Virtual Machine Scale Set priority. | | `sourceResourceId` | string | `''` | | This is the ARM ID of the source object to be used to create the target object. | -| `spotMaxPrice` | int | `-1` | | Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing (https://docs.microsoft.com/en-us/azure/virtual-machines/spot-vms#pricing) | +| `spotMaxPrice` | int | `-1` | | Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing (https://docs.microsoft.com/en-us/azure/virtual-machines/spot-vms#pricing). | | `tags` | object | `{object}` | | Tags of the resource. | | `type` | string | `''` | | The type of Agent Pool. | -| `vmSize` | string | `'Standard_D2s_v3'` | | VM size. VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: /azure/aks/quotas-skus-regions | -| `vnetSubnetId` | string | `''` | | Node Subnet ID. If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | +| `vmSize` | string | `'Standard_D2s_v3'` | | VM size. VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: /azure/aks/quotas-skus-regions. | +| `vnetSubnetId` | string | `''` | | Node Subnet ID. If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} . | | `workloadRuntime` | string | `''` | | Determines the type of workload a node can run. | @@ -83,6 +87,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the agent pool | +| `name` | string | The name of the agent pool. | | `resourceGroupName` | string | The resource group the agent pool was deployed into. | -| `resourceId` | string | The resource ID of the agent pool | +| `resourceId` | string | The resource ID of the agent pool. | diff --git a/arm/Microsoft.ContainerService/managedClusters/deploy.bicep b/arm/Microsoft.ContainerService/managedClusters/deploy.bicep index 9c446189a5..a0adcf38b6 100644 --- a/arm/Microsoft.ContainerService/managedClusters/deploy.bicep +++ b/arm/Microsoft.ContainerService/managedClusters/deploy.bicep @@ -21,7 +21,7 @@ param userAssignedIdentities object = {} ]) param aksClusterNetworkPlugin string = '' -@description('Optional. Specifies the network policy used for building Kubernetes network. - calico or azure') +@description('Optional. Specifies the network policy used for building Kubernetes network. - calico or azure.') @allowed([ '' 'azure' @@ -58,7 +58,7 @@ param managedOutboundIPCount int = 0 ]) param aksClusterOutboundType string = 'loadBalancer' -@description('Optional. Tier of a managed cluster SKU. - Free or Paid') +@description('Optional. Tier of a managed cluster SKU. - Free or Paid.') @allowed([ 'Free' 'Paid' @@ -122,7 +122,7 @@ param usePrivateDNSZone bool = false @description('Required. Properties of the primary agent pool.') param primaryAgentPoolProfile array -@description('Optional. Define one or more secondary/additional agent pools') +@description('Optional. Define one or more secondary/additional agent pools.') param agentPools array = [] @description('Optional. Specifies whether the httpApplicationRouting add-on is enabled or not.') @@ -272,7 +272,7 @@ param diagnosticLogsRetentionInDays int = 365 @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @allowed([ @@ -564,16 +564,16 @@ module managedCluster_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, in } }] -@description('The resource ID of the managed cluster') +@description('The resource ID of the managed cluster.') output resourceId string = managedCluster.id -@description('The resource group the managed cluster was deployed into') +@description('The resource group the managed cluster was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the managed cluster') +@description('The name of the managed cluster.') output name string = managedCluster.name -@description('The control plane FQDN of the managed cluster') +@description('The control plane FQDN of the managed cluster.') output controlPlaneFQDN string = enablePrivateCluster ? managedCluster.properties.privateFQDN : managedCluster.properties.fqdn @description('The principal ID of the system assigned identity.') diff --git a/arm/Microsoft.ContainerService/managedClusters/readme.md b/arm/Microsoft.ContainerService/managedClusters/readme.md index 8a9f9cc5cd..f40c55548f 100644 --- a/arm/Microsoft.ContainerService/managedClusters/readme.md +++ b/arm/Microsoft.ContainerService/managedClusters/readme.md @@ -42,7 +42,7 @@ This module deploys Azure Kubernetes Cluster (AKS). | `aadProfileServerAppSecret` | string | `''` | | The server AAD application secret. | | `aadProfileTenantId` | string | `[subscription().tenantId]` | | Specifies the tenant ID of the Azure Active Directory used by the AKS cluster for authentication. | | `aciConnectorLinuxEnabled` | bool | `False` | | Specifies whether the aciConnectorLinux add-on is enabled or not. | -| `agentPools` | _[agentPools](agentPools/readme.md)_ array | `[]` | | Define one or more secondary/additional agent pools | +| `agentPools` | _[agentPools](agentPools/readme.md)_ array | `[]` | | Define one or more secondary/additional agent pools. | | `aksClusterAdminUsername` | string | `'azureuser'` | | Specifies the administrator username of Linux virtual machines. | | `aksClusterDnsPrefix` | string | `[parameters('name')]` | | Specifies the DNS prefix specified when creating the managed cluster. | | `aksClusterDnsServiceIP` | string | `''` | | Specifies the IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr. | @@ -50,11 +50,11 @@ This module deploys Azure Kubernetes Cluster (AKS). | `aksClusterKubernetesVersion` | string | `''` | | Version of Kubernetes specified when creating the managed cluster. | | `aksClusterLoadBalancerSku` | string | `'standard'` | `[basic, standard]` | Specifies the sku of the load balancer used by the virtual machine scale sets used by nodepools. | | `aksClusterNetworkPlugin` | string | `''` | `[, azure, kubenet]` | Specifies the network plugin used for building Kubernetes network. - azure or kubenet. | -| `aksClusterNetworkPolicy` | string | `''` | `[, azure, calico]` | Specifies the network policy used for building Kubernetes network. - calico or azure | +| `aksClusterNetworkPolicy` | string | `''` | `[, azure, calico]` | Specifies the network policy used for building Kubernetes network. - calico or azure. | | `aksClusterOutboundType` | string | `'loadBalancer'` | `[loadBalancer, userDefinedRouting]` | Specifies outbound (egress) routing method. - loadBalancer or userDefinedRouting. | | `aksClusterPodCidr` | string | `''` | | Specifies the CIDR notation IP range from which to assign pod IPs when kubenet is used. | | `aksClusterServiceCidr` | string | `''` | | A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges. | -| `aksClusterSkuTier` | string | `'Free'` | `[Free, Paid]` | Tier of a managed cluster SKU. - Free or Paid | +| `aksClusterSkuTier` | string | `'Free'` | `[Free, Paid]` | Tier of a managed cluster SKU. - Free or Paid. | | `aksClusterSshPublicKey` | string | `''` | | Specifies the SSH RSA public key string for the Linux nodes. | | `aksServicePrincipalProfile` | object | `{object}` | | Information about a service principal identity for the cluster to use for manipulating Azure APIs. | | `authorizedIPRanges` | array | `[]` | | IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. | @@ -108,7 +108,7 @@ This module deploys Azure Kubernetes Cluster (AKS). | `podIdentityProfileEnable` | bool | `False` | | Whether the pod identity addon is enabled. | | `podIdentityProfileUserAssignedIdentities` | array | `[]` | | The pod identities to use in the cluster. | | `podIdentityProfileUserAssignedIdentityExceptions` | array | `[]` | | The pod identity exceptions to allow. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `systemAssignedIdentity` | bool | `False` | | Enables system assigned managed identity on the resource. | | `tags` | object | `{object}` | | Tags of the resource. | | `usePrivateDNSZone` | bool | `False` | | If AKS will create a Private DNS Zone in the Node Resource Group. | @@ -245,10 +245,10 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `controlPlaneFQDN` | string | The control plane FQDN of the managed cluster | +| `controlPlaneFQDN` | string | The control plane FQDN of the managed cluster. | | `kubeletidentityObjectId` | string | The Object ID of the AKS identity. | -| `name` | string | The name of the managed cluster | +| `name` | string | The name of the managed cluster. | | `omsagentIdentityObjectId` | string | The Object ID of the OMS agent identity. | -| `resourceGroupName` | string | The resource group the managed cluster was deployed into | -| `resourceId` | string | The resource ID of the managed cluster | +| `resourceGroupName` | string | The resource group the managed cluster was deployed into. | +| `resourceId` | string | The resource ID of the managed cluster. | | `systemAssignedPrincipalId` | string | The principal ID of the system assigned identity. | diff --git a/arm/Microsoft.DataFactory/factories/deploy.bicep b/arm/Microsoft.DataFactory/factories/deploy.bicep index c17f3ccbca..df9bf68066 100644 --- a/arm/Microsoft.DataFactory/factories/deploy.bicep +++ b/arm/Microsoft.DataFactory/factories/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. The name of the Azure Factory to create') +@description('Required. The name of the Azure Factory to create.') param name string -@description('Optional. The name of the Managed Virtual Network') +@description('Optional. The name of the Managed Virtual Network.') param managedVirtualNetworkName string = '' -@description('Optional. The object for the configuration of a Integration Runtime') +@description('Optional. The object for the configuration of a Integration Runtime.') param integrationRuntime object = {} @description('Optional. Location for all Resources.') diff --git a/arm/Microsoft.DataFactory/factories/integrationRuntime/deploy.bicep b/arm/Microsoft.DataFactory/factories/integrationRuntime/deploy.bicep index 8be80fda90..213e310864 100644 --- a/arm/Microsoft.DataFactory/factories/integrationRuntime/deploy.bicep +++ b/arm/Microsoft.DataFactory/factories/integrationRuntime/deploy.bicep @@ -1,17 +1,17 @@ -@description('Required. The name of the Azure Data Factory') +@description('Conditional. The name of the parent Azure Data Factory. Required if the template is used in a standalone deployment.') param dataFactoryName string -@description('Required. The name of the Integration Runtime') +@description('Required. The name of the Integration Runtime.') param name string @allowed([ 'Managed' 'SelfHosted' ]) -@description('Required. The type of Integration Runtime') +@description('Required. The type of Integration Runtime.') param type string -@description('Optional. The name of the Managed Virtual Network if using type "Managed" ') +@description('Optional. The name of the Managed Virtual Network if using type "Managed" .') param managedVirtualNetworkName string = '' @description('Required. Integration Runtime type properties.') diff --git a/arm/Microsoft.DataFactory/factories/integrationRuntime/readme.md b/arm/Microsoft.DataFactory/factories/integrationRuntime/readme.md index f5101dd3df..4e729503a2 100644 --- a/arm/Microsoft.DataFactory/factories/integrationRuntime/readme.md +++ b/arm/Microsoft.DataFactory/factories/integrationRuntime/readme.md @@ -19,16 +19,20 @@ This module deploys a Managed or Self-Hosted Integration Runtime for an Azure Da **Required parameters** | Parameter Name | Type | Allowed Values | Description | | :-- | :-- | :-- | :-- | -| `dataFactoryName` | string | | The name of the Azure Data Factory | -| `name` | string | | The name of the Integration Runtime | -| `type` | string | `[Managed, SelfHosted]` | The type of Integration Runtime | +| `name` | string | | The name of the Integration Runtime. | +| `type` | string | `[Managed, SelfHosted]` | The type of Integration Runtime. | | `typeProperties` | object | | Integration Runtime type properties. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `dataFactoryName` | string | The name of the parent Azure Data Factory. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `managedVirtualNetworkName` | string | `''` | The name of the Managed Virtual Network if using type "Managed" | +| `managedVirtualNetworkName` | string | `''` | The name of the Managed Virtual Network if using type "Managed" . | ### Parameter Usage: [`typeProperties`](https://docs.microsoft.com/en-us/azure/templates/microsoft.datafactory/factories/integrationruntimes?tabs=bicep#integrationruntime-objects) diff --git a/arm/Microsoft.DataFactory/factories/managedVirtualNetwork/deploy.bicep b/arm/Microsoft.DataFactory/factories/managedVirtualNetwork/deploy.bicep index d7bd389171..5542692daf 100644 --- a/arm/Microsoft.DataFactory/factories/managedVirtualNetwork/deploy.bicep +++ b/arm/Microsoft.DataFactory/factories/managedVirtualNetwork/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. The name of the Azure Data Factory') +@description('Conditional. The name of the parent Azure Data Factory. Required if the template is used in a standalone deployment.') param dataFactoryName string -@description('Required. The name of the Managed Virtual Network') +@description('Required. The name of the Managed Virtual Network.') param name string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') diff --git a/arm/Microsoft.DataFactory/factories/managedVirtualNetwork/readme.md b/arm/Microsoft.DataFactory/factories/managedVirtualNetwork/readme.md index 13d6d2c197..9744293605 100644 --- a/arm/Microsoft.DataFactory/factories/managedVirtualNetwork/readme.md +++ b/arm/Microsoft.DataFactory/factories/managedVirtualNetwork/readme.md @@ -19,8 +19,12 @@ This module deploys a Managed Virtual Network for an Azure Data Factory **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `dataFactoryName` | string | The name of the Azure Data Factory | -| `name` | string | The name of the Managed Virtual Network | +| `name` | string | The name of the Managed Virtual Network. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `dataFactoryName` | string | The name of the parent Azure Data Factory. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | diff --git a/arm/Microsoft.DataFactory/factories/readme.md b/arm/Microsoft.DataFactory/factories/readme.md index 2d6abf55af..8f95c87e42 100644 --- a/arm/Microsoft.DataFactory/factories/readme.md +++ b/arm/Microsoft.DataFactory/factories/readme.md @@ -22,7 +22,7 @@ **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the Azure Factory to create | +| `name` | string | The name of the Azure Factory to create. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -43,10 +43,10 @@ | `gitRepositoryName` | string | `''` | | The repository name. | | `gitRepoType` | string | `'FactoryVSTSConfiguration'` | | Repository type - can be 'FactoryVSTSConfiguration' or 'FactoryGitHubConfiguration'. Default is 'FactoryVSTSConfiguration'. | | `gitRootFolder` | string | `'/'` | | The root folder path name. Default is '/'. | -| `integrationRuntime` | _[integrationRuntime](integrationRuntime/readme.md)_ object | `{object}` | | The object for the configuration of a Integration Runtime | +| `integrationRuntime` | _[integrationRuntime](integrationRuntime/readme.md)_ object | `{object}` | | The object for the configuration of a Integration Runtime. | | `location` | string | `[resourceGroup().location]` | | Location for all Resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `managedVirtualNetworkName` | string | `''` | | The name of the Managed Virtual Network | +| `managedVirtualNetworkName` | string | `''` | | The name of the Managed Virtual Network. | | `publicNetworkAccess` | bool | `True` | | Enable or disable public network access. | | `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `systemAssignedIdentity` | bool | `False` | | Enables system assigned managed identity on the resource. | diff --git a/arm/Microsoft.Databricks/workspaces/deploy.bicep b/arm/Microsoft.Databricks/workspaces/deploy.bicep index c71acd9037..f13a35fd33 100644 --- a/arm/Microsoft.Databricks/workspaces/deploy.bicep +++ b/arm/Microsoft.Databricks/workspaces/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. The name of the Azure Databricks workspace to create') +@description('Required. The name of the Azure Databricks workspace to create.') param name string -@description('Optional. The managed resource group ID') +@description('Optional. The managed resource group ID.') param managedResourceGroupId string = '' -@description('Optional. The pricing tier of workspace') +@description('Optional. The pricing tier of workspace.') @allowed([ 'trial' 'standard' @@ -151,11 +151,11 @@ module workspace_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) } }] -@description('The name of the deployed databricks workspace') +@description('The name of the deployed databricks workspace.') output name string = workspace.name -@description('The resource ID of the deployed databricks workspace') +@description('The resource ID of the deployed databricks workspace.') output resourceId string = workspace.id -@description('The resource group of the deployed databricks workspace') +@description('The resource group of the deployed databricks workspace.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Databricks/workspaces/readme.md b/arm/Microsoft.Databricks/workspaces/readme.md index cd897670b6..93a72e679c 100644 --- a/arm/Microsoft.Databricks/workspaces/readme.md +++ b/arm/Microsoft.Databricks/workspaces/readme.md @@ -20,7 +20,7 @@ **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the Azure Databricks workspace to create | +| `name` | string | The name of the Azure Databricks workspace to create. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -35,8 +35,8 @@ | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[resourceGroup().location]` | | Location for all Resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `managedResourceGroupId` | string | `''` | | The managed resource group ID | -| `pricingTier` | string | `'premium'` | `[trial, standard, premium]` | The pricing tier of workspace | +| `managedResourceGroupId` | string | `''` | | The managed resource group ID. | +| `pricingTier` | string | `'premium'` | `[trial, standard, premium]` | The pricing tier of workspace. | | `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the resource. | | `workspaceParameters` | object | `{object}` | | The workspace's custom parameters. | @@ -122,6 +122,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed databricks workspace | -| `resourceGroupName` | string | The resource group of the deployed databricks workspace | -| `resourceId` | string | The resource ID of the deployed databricks workspace | +| `name` | string | The name of the deployed databricks workspace. | +| `resourceGroupName` | string | The resource group of the deployed databricks workspace. | +| `resourceId` | string | The resource ID of the deployed databricks workspace. | diff --git a/arm/Microsoft.DesktopVirtualization/applicationgroups/applications/deploy.bicep b/arm/Microsoft.DesktopVirtualization/applicationgroups/applications/deploy.bicep index d63d266671..779487e686 100644 --- a/arm/Microsoft.DesktopVirtualization/applicationgroups/applications/deploy.bicep +++ b/arm/Microsoft.DesktopVirtualization/applicationgroups/applications/deploy.bicep @@ -1,4 +1,4 @@ -@sys.description('Required. Name of the Application Group to create the application(s) in.') +@sys.description('Conditional. Name of the Application Group to create the application(s) in. Required if the template is used in a standalone deployment.') param appGroupName string @sys.description('Required. Name of the Application to be created in the Application Group.') diff --git a/arm/Microsoft.DesktopVirtualization/applicationgroups/applications/readme.md b/arm/Microsoft.DesktopVirtualization/applicationgroups/applications/readme.md index 5f8ae546c8..a61af3b19b 100644 --- a/arm/Microsoft.DesktopVirtualization/applicationgroups/applications/readme.md +++ b/arm/Microsoft.DesktopVirtualization/applicationgroups/applications/readme.md @@ -19,11 +19,15 @@ This module deploys AVD Applications. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `appGroupName` | string | Name of the Application Group to create the application(s) in. | | `filePath` | string | Specifies a path for the executable file for the application. | | `friendlyName` | string | Friendly name of Application.. | | `name` | string | Name of the Application to be created in the Application Group. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `appGroupName` | string | Name of the Application Group to create the application(s) in. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | diff --git a/arm/Microsoft.DesktopVirtualization/hostpools/deploy.bicep b/arm/Microsoft.DesktopVirtualization/hostpools/deploy.bicep index 792a73db48..13ba9d93c3 100644 --- a/arm/Microsoft.DesktopVirtualization/hostpools/deploy.bicep +++ b/arm/Microsoft.DesktopVirtualization/hostpools/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Name of the Host Pool') +@description('Required. Name of the Host Pool.') @minLength(1) param name string @@ -18,7 +18,7 @@ param hostpoolDescription string = '' ]) param hostpoolType string = 'Pooled' -@description('Optional. Set the type of assignment for a Personal Host Pool type') +@description('Optional. Set the type of assignment for a Personal Host Pool type.') @allowed([ 'Automatic' 'Direct' @@ -37,7 +37,7 @@ param loadBalancerType string = 'BreadthFirst' @description('Optional. Maximum number of sessions.') param maxSessionLimit int = 99999 -@description('Optional. Host Pool RDP properties') +@description('Optional. Host Pool RDP properties.') param customRdpProperty string = 'audiocapturemode:i:1;audiomode:i:0;drivestoredirect:s:;redirectclipboard:i:1;redirectcomports:i:1;redirectprinters:i:1;redirectsmartcards:i:1;screen mode id:i:2;' @description('Optional. Whether to use validation enviroment. When set to true, the Host Pool will be deployed in a validation \'ring\' (environment) that receives all the new features (might be less stable). Ddefaults to false that stands for the stable, production-ready environment.') @@ -83,7 +83,7 @@ param tags object = {} @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The type of preferred application group type, default to Desktop Application Group') +@description('Optional. The type of preferred application group type, default to Desktop Application Group.') @allowed([ 'Desktop' 'None' @@ -97,7 +97,7 @@ param startVMOnConnect bool = false @description('Optional. Validation host pool allows you to test service changes before they are deployed to production.') param validationEnvironment bool = false -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. The name of logs that will be streamed.') @@ -201,14 +201,14 @@ module hostPool_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) i } }] -@description('The resource ID of the AVD host pool') +@description('The resource ID of the AVD host pool.') output resourceId string = hostPool.id -@description('The resource group the AVD host pool was deployed into') +@description('The resource group the AVD host pool was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the AVD host pool') +@description('The name of the AVD host pool.') output name string = hostPool.name -@description('The expiration time for the registration token') +@description('The expiration time for the registration token.') output tokenExpirationTime string = dateTimeAdd(baseTime, tokenValidityLength) diff --git a/arm/Microsoft.DesktopVirtualization/hostpools/readme.md b/arm/Microsoft.DesktopVirtualization/hostpools/readme.md index 6008e718aa..0261ef7e56 100644 --- a/arm/Microsoft.DesktopVirtualization/hostpools/readme.md +++ b/arm/Microsoft.DesktopVirtualization/hostpools/readme.md @@ -22,12 +22,12 @@ This module deploys an Azure virtual desktop host pool. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the Host Pool | +| `name` | string | Name of the Host Pool. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `customRdpProperty` | string | `'audiocapturemode:i:1;audiomode:i:0;drivestoredirect:s:;redirectclipboard:i:1;redirectcomports:i:1;redirectprinters:i:1;redirectsmartcards:i:1;screen mode id:i:2;'` | | Host Pool RDP properties | +| `customRdpProperty` | string | `'audiocapturemode:i:1;audiomode:i:0;drivestoredirect:s:;redirectclipboard:i:1;redirectcomports:i:1;redirectprinters:i:1;redirectsmartcards:i:1;screen mode id:i:2;'` | | Host Pool RDP properties. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[Checkpoint, Error, Management, Connection, HostRegistration, AgentHealthStatus]` | `[Checkpoint, Error, Management, Connection, HostRegistration, AgentHealthStatus]` | The name of logs that will be streamed. | @@ -43,9 +43,9 @@ This module deploys an Azure virtual desktop host pool. | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `maxSessionLimit` | int | `99999` | | Maximum number of sessions. | -| `personalDesktopAssignmentType` | string | `''` | `[Automatic, Direct, ]` | Set the type of assignment for a Personal Host Pool type | -| `preferredAppGroupType` | string | `'Desktop'` | `[Desktop, None, RailApplications]` | The type of preferred application group type, default to Desktop Application Group | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `personalDesktopAssignmentType` | string | `''` | `[Automatic, Direct, ]` | Set the type of assignment for a Personal Host Pool type. | +| `preferredAppGroupType` | string | `'Desktop'` | `[Desktop, None, RailApplications]` | The type of preferred application group type, default to Desktop Application Group. | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `startVMOnConnect` | bool | `False` | | Enable Start VM on connect to allow users to start the virtual machine from a deallocated state. Important: Custom RBAC role required to power manage VMs. | | `tags` | object | `{object}` | | Tags of the resource. | | `tokenValidityLength` | string | `'PT8H'` | | Host Pool token validity length. Usage: 'PT8H' - valid for 8 hours; 'P5D' - valid for 5 days; 'P1Y' - valid for 1 year. When not provided, the token will be valid for 8 hours. | @@ -140,7 +140,7 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the AVD host pool | -| `resourceGroupName` | string | The resource group the AVD host pool was deployed into | -| `resourceId` | string | The resource ID of the AVD host pool | -| `tokenExpirationTime` | string | The expiration time for the registration token | +| `name` | string | The name of the AVD host pool. | +| `resourceGroupName` | string | The resource group the AVD host pool was deployed into. | +| `resourceId` | string | The resource ID of the AVD host pool. | +| `tokenExpirationTime` | string | The expiration time for the registration token. | diff --git a/arm/Microsoft.DesktopVirtualization/scalingplans/deploy.bicep b/arm/Microsoft.DesktopVirtualization/scalingplans/deploy.bicep index 3c6a161dff..f56f0ce13d 100644 --- a/arm/Microsoft.DesktopVirtualization/scalingplans/deploy.bicep +++ b/arm/Microsoft.DesktopVirtualization/scalingplans/deploy.bicep @@ -1,11 +1,11 @@ -@description('Required. Name of the scaling plan') +@description('Required. Name of the scaling plan.') @minLength(1) param name string @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Friendly Name of the scaling plan') +@description('Optional. Friendly Name of the scaling plan.') param friendlyName string = name @description('Optional. Description of the scaling plan.') @@ -88,7 +88,7 @@ param diagnosticEventHubAuthorizationRuleId string = '' @description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category.') param diagnosticEventHubName string = '' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. The name of logs that will be streamed.') @@ -146,11 +146,11 @@ module scalingplan_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index } }] -@description('The resource ID of the AVD scaling plan') +@description('The resource ID of the AVD scaling plan.') output resourceId string = scalingPlan.id -@description('The resource group the AVD scaling plan was deployed into') +@description('The resource group the AVD scaling plan was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the AVD scaling plan') +@description('The name of the AVD scaling plan.') output name string = scalingPlan.name diff --git a/arm/Microsoft.DesktopVirtualization/scalingplans/readme.md b/arm/Microsoft.DesktopVirtualization/scalingplans/readme.md index 57ef18b9a4..f3f651d25e 100644 --- a/arm/Microsoft.DesktopVirtualization/scalingplans/readme.md +++ b/arm/Microsoft.DesktopVirtualization/scalingplans/readme.md @@ -21,7 +21,7 @@ This module deploys an AVD Scaling Plan. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the scaling plan | +| `name` | string | Name of the scaling plan. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -32,12 +32,12 @@ This module deploys an AVD Scaling Plan. | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | | `exclusionTag` | string | `''` | | Provide a tag to be used for hosts that should not be affected by the scaling plan. | -| `friendlyName` | string | `[parameters('name')]` | | Friendly Name of the scaling plan | +| `friendlyName` | string | `[parameters('name')]` | | Friendly Name of the scaling plan. | | `hostPoolReferences` | array | `[]` | | An array of references to hostpools. | | `hostPoolType` | string | `'Pooled'` | `[Pooled]` | The type of hostpool where this scaling plan should be applied. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `logsToEnable` | array | `[Autoscale]` | `[Autoscale]` | The name of logs that will be streamed. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `scalingplanDescription` | string | `[parameters('name')]` | | Description of the scaling plan. | | `schedules` | array | `[System.Collections.Hashtable]` | | The schedules related to this scaling plan. If no value is provided a default schedule will be provided. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -139,6 +139,6 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the AVD scaling plan | -| `resourceGroupName` | string | The resource group the AVD scaling plan was deployed into | -| `resourceId` | string | The resource ID of the AVD scaling plan | +| `name` | string | The name of the AVD scaling plan. | +| `resourceGroupName` | string | The resource group the AVD scaling plan was deployed into. | +| `resourceId` | string | The resource ID of the AVD scaling plan. | diff --git a/arm/Microsoft.DesktopVirtualization/workspaces/deploy.bicep b/arm/Microsoft.DesktopVirtualization/workspaces/deploy.bicep index 9d6f2c1218..10be7a651b 100644 --- a/arm/Microsoft.DesktopVirtualization/workspaces/deploy.bicep +++ b/arm/Microsoft.DesktopVirtualization/workspaces/deploy.bicep @@ -44,7 +44,7 @@ param tags object = {} @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. The name of logs that will be streamed.') @@ -128,11 +128,11 @@ module workspace_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) } }] -@description('The resource ID of the AVD workspace') +@description('The resource ID of the AVD workspace.') output resourceId string = workspace.id -@description('The resource group the AVD workspace was deployed into') +@description('The resource group the AVD workspace was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the AVD workspace') +@description('The name of the AVD workspace.') output name string = workspace.name diff --git a/arm/Microsoft.DesktopVirtualization/workspaces/readme.md b/arm/Microsoft.DesktopVirtualization/workspaces/readme.md index b61d4f3577..9558f077d6 100644 --- a/arm/Microsoft.DesktopVirtualization/workspaces/readme.md +++ b/arm/Microsoft.DesktopVirtualization/workspaces/readme.md @@ -38,7 +38,7 @@ This module deploys an Azure virtual desktop workspace. | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the resource. | | `workspaceDescription` | string | `''` | | The description of the Workspace to be created. | | `workspaceFriendlyName` | string | `''` | | The friendly name of the Workspace to be created. | @@ -91,6 +91,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the AVD workspace | -| `resourceGroupName` | string | The resource group the AVD workspace was deployed into | -| `resourceId` | string | The resource ID of the AVD workspace | +| `name` | string | The name of the AVD workspace. | +| `resourceGroupName` | string | The resource group the AVD workspace was deployed into. | +| `resourceId` | string | The resource ID of the AVD workspace. | diff --git a/arm/Microsoft.DocumentDB/databaseAccounts/deploy.bicep b/arm/Microsoft.DocumentDB/databaseAccounts/deploy.bicep index 62b4113a34..af09fdb043 100644 --- a/arm/Microsoft.DocumentDB/databaseAccounts/deploy.bicep +++ b/arm/Microsoft.DocumentDB/databaseAccounts/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Name of the Database Account') +@description('Required. Name of the Database Account.') param name string @description('Optional. Location for all resources.') @@ -32,7 +32,7 @@ param locations array @description('Optional. The default consistency level of the Cosmos DB account.') param defaultConsistencyLevel string = 'Session' -@description('Optional. Enable automatic failover for regions') +@description('Optional. Enable automatic failover for regions.') param automaticFailover bool = true @minValue(10) @@ -53,10 +53,10 @@ param maxIntervalInSeconds int = 300 ]) param serverVersion string = '4.0' -@description('Optional. SQL Databases configurations') +@description('Optional. SQL Databases configurations.') param sqlDatabases array = [] -@description('Optional. MongoDB Databases configurations') +@description('Optional. MongoDB Databases configurations.') param mongodbDatabases array = [] @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -70,7 +70,7 @@ param enableDefaultTelemetry bool = true @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') diff --git a/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/collections/deploy.bicep b/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/collections/deploy.bicep index 77283b9098..46b1c39ffd 100644 --- a/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/collections/deploy.bicep +++ b/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/collections/deploy.bicep @@ -1,19 +1,19 @@ -@description('Required. Name of the Cosmos DB database account.') +@description('Conditional. Name of the Cosmos DB database account. Required if the template is used in a standalone deployment.') param databaseAccountName string -@description('Required. Name of the mongodb database') +@description('Conditional. Name of the mongodb database. Required if the template is used in a standalone deployment.') param mongodbDatabaseName string -@description('Required. Name of the collection') +@description('Required. Name of the collection.') param name string -@description('Optional. Name of the mongodb database') +@description('Optional. Name of the mongodb database.') param throughput int = 400 -@description('Required. Indexes for the collection') +@description('Required. Indexes for the collection.') param indexes array -@description('Required. ShardKey for the collection') +@description('Required. ShardKey for the collection.') param shardKey object @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') diff --git a/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/collections/readme.md b/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/collections/readme.md index 167d7fa576..a106b93d92 100644 --- a/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/collections/readme.md +++ b/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/collections/readme.md @@ -19,17 +19,21 @@ This module deploys a collection within a MongoDB. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `databaseAccountName` | string | Name of the Cosmos DB database account. | -| `indexes` | array | Indexes for the collection | -| `mongodbDatabaseName` | string | Name of the mongodb database | -| `name` | string | Name of the collection | -| `shardKey` | object | ShardKey for the collection | +| `indexes` | array | Indexes for the collection. | +| `name` | string | Name of the collection. | +| `shardKey` | object | ShardKey for the collection. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `databaseAccountName` | string | Name of the Cosmos DB database account. Required if the template is used in a standalone deployment. | +| `mongodbDatabaseName` | string | Name of the mongodb database. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `throughput` | int | `400` | Name of the mongodb database | +| `throughput` | int | `400` | Name of the mongodb database. | ### Parameter Usage: `indexes` diff --git a/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/deploy.bicep b/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/deploy.bicep index ebb1e4e98d..92532e34e2 100644 --- a/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/deploy.bicep +++ b/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/deploy.bicep @@ -1,13 +1,13 @@ -@description('Required. Name of the Cosmos DB database account.') +@description('Conditional. Name of the Cosmos DB database account. Required if the template is used in a standalone deployment.') param databaseAccountName string -@description('Required. Name of the mongodb database') +@description('Required. Name of the mongodb database.') param name string -@description('Optional. Name of the mongodb database') +@description('Optional. Name of the mongodb database.') param throughput int = 400 -@description('Optional. Collections in the mongodb database') +@description('Optional. Collections in the mongodb database.') param collections array = [] @description('Optional. Tags of the resource.') diff --git a/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/readme.md b/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/readme.md index d49266cbf3..3496f5e8c2 100644 --- a/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/readme.md +++ b/arm/Microsoft.DocumentDB/databaseAccounts/mongodbDatabases/readme.md @@ -20,16 +20,20 @@ This module deploys a MongoDB within a CosmosDB account. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `databaseAccountName` | string | Name of the Cosmos DB database account. | -| `name` | string | Name of the mongodb database | +| `name` | string | Name of the mongodb database. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `databaseAccountName` | string | Name of the Cosmos DB database account. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | -| `collections` | _[collections](collections/readme.md)_ array | `[]` | Collections in the mongodb database | +| `collections` | _[collections](collections/readme.md)_ array | `[]` | Collections in the mongodb database. | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `tags` | object | `{object}` | Tags of the resource. | -| `throughput` | int | `400` | Name of the mongodb database | +| `throughput` | int | `400` | Name of the mongodb database. | ### Parameter Usage: `tags` diff --git a/arm/Microsoft.DocumentDB/databaseAccounts/readme.md b/arm/Microsoft.DocumentDB/databaseAccounts/readme.md index 7798f89471..1965fe9034 100644 --- a/arm/Microsoft.DocumentDB/databaseAccounts/readme.md +++ b/arm/Microsoft.DocumentDB/databaseAccounts/readme.md @@ -27,12 +27,12 @@ This module deploys a DocumentDB database account and its child resources. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `locations` | array | Locations enabled for the Cosmos DB account. | -| `name` | string | Name of the Database Account | +| `name` | string | Name of the Database Account. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `automaticFailover` | bool | `True` | | Enable automatic failover for regions | +| `automaticFailover` | bool | `True` | | Enable automatic failover for regions. | | `databaseAccountOfferType` | string | `'Standard'` | `[Standard]` | The offer type for the Cosmos DB database account. | | `defaultConsistencyLevel` | string | `'Session'` | `[Eventual, ConsistentPrefix, Session, BoundedStaleness, Strong]` | The default consistency level of the Cosmos DB account. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | @@ -48,10 +48,10 @@ This module deploys a DocumentDB database account and its child resources. | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `maxIntervalInSeconds` | int | `300` | | Max lag time (minutes). Required for BoundedStaleness. Valid ranges, Single Region: 5 to 84600. Multi Region: 300 to 86400. | | `maxStalenessPrefix` | int | `100000` | | Max stale requests. Required for BoundedStaleness. Valid ranges, Single Region: 10 to 1000000. Multi Region: 100000 to 1000000. | -| `mongodbDatabases` | _[mongodbDatabases](mongodbDatabases/readme.md)_ array | `[]` | | MongoDB Databases configurations | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `mongodbDatabases` | _[mongodbDatabases](mongodbDatabases/readme.md)_ array | `[]` | | MongoDB Databases configurations. | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `serverVersion` | string | `'4.0'` | `[3.2, 3.6, 4.0]` | Specifies the MongoDB server version to use. | -| `sqlDatabases` | _[sqlDatabases](sqlDatabases/readme.md)_ array | `[]` | | SQL Databases configurations | +| `sqlDatabases` | _[sqlDatabases](sqlDatabases/readme.md)_ array | `[]` | | SQL Databases configurations. | | `systemAssignedIdentity` | bool | `False` | | Enables system assigned managed identity on the resource. | | `tags` | object | `{object}` | | Tags of the Database Account resource. | | `userAssignedIdentities` | object | `{object}` | | The ID(s) to assign to the resource. | diff --git a/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/deploy.bicep b/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/deploy.bicep index e2b05d0f15..8b2ee2117a 100644 --- a/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/deploy.bicep +++ b/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/deploy.bicep @@ -1,22 +1,22 @@ -@description('Required. Name of the Database Account') +@description('Conditional. Name of the Database Account. Required if the template is used in a standalone deployment.') param databaseAccountName string -@description('Required. Name of the SQL Database ') +@description('Conditional. Name of the SQL Database. Required if the template is used in a standalone deployment.') param sqlDatabaseName string @description('Required. Name of the container.') param name string -@description('Optional. Request Units per second') +@description('Optional. Request Units per second.') param throughput int = 400 @description('Optional. Tags of the SQL Database resource.') param tags object = {} -@description('Optional. List of paths using which data within the container can be partitioned') +@description('Optional. List of paths using which data within the container can be partitioned.') param paths array = [] -@description('Optional. Indicates the kind of algorithm used for partitioning') +@description('Optional. Indicates the kind of algorithm used for partitioning.') @allowed([ 'Hash' 'MultiHash' diff --git a/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/readme.md b/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/readme.md index 3011dd6e23..ae5ee16130 100644 --- a/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/readme.md +++ b/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/readme.md @@ -17,18 +17,22 @@ **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `databaseAccountName` | string | Name of the Database Account | | `name` | string | Name of the container. | -| `sqlDatabaseName` | string | Name of the SQL Database | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `databaseAccountName` | string | Name of the Database Account. Required if the template is used in a standalone deployment. | +| `sqlDatabaseName` | string | Name of the SQL Database. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `kind` | string | `'Hash'` | `[Hash, MultiHash, Range]` | Indicates the kind of algorithm used for partitioning | -| `paths` | array | `[]` | | List of paths using which data within the container can be partitioned | +| `kind` | string | `'Hash'` | `[Hash, MultiHash, Range]` | Indicates the kind of algorithm used for partitioning. | +| `paths` | array | `[]` | | List of paths using which data within the container can be partitioned. | | `tags` | object | `{object}` | | Tags of the SQL Database resource. | -| `throughput` | int | `400` | | Request Units per second | +| `throughput` | int | `400` | | Request Units per second. | ### Parameter Usage: `tags` diff --git a/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/deploy.bicep b/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/deploy.bicep index d52952e65e..c15474f302 100644 --- a/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/deploy.bicep +++ b/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/deploy.bicep @@ -1,13 +1,13 @@ -@description('Required. ID of the Cosmos DB database account.') +@description('Conditional. ID of the Cosmos DB database account. Required if the template is used in a standalone deployment.') param databaseAccountName string -@description('Required. Name of the SQL database ') +@description('Required. Name of the SQL database .') param name string @description('Optional. Array of containers to deploy in the SQL database.') param containers array = [] -@description('Optional. Request units per second') +@description('Optional. Request units per second.') param throughput int = 400 @description('Optional. Tags of the SQL database resource.') diff --git a/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/readme.md b/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/readme.md index 31fbad9605..ed10b1feab 100644 --- a/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/readme.md +++ b/arm/Microsoft.DocumentDB/databaseAccounts/sqlDatabases/readme.md @@ -18,8 +18,12 @@ **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `databaseAccountName` | string | ID of the Cosmos DB database account. | -| `name` | string | Name of the SQL database | +| `name` | string | Name of the SQL database . | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `databaseAccountName` | string | ID of the Cosmos DB database account. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -27,7 +31,7 @@ | `containers` | _[containers](containers/readme.md)_ array | `[]` | Array of containers to deploy in the SQL database. | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `tags` | object | `{object}` | Tags of the SQL database resource. | -| `throughput` | int | `400` | Request units per second | +| `throughput` | int | `400` | Request units per second. | ### Parameter Usage: `tags` diff --git a/arm/Microsoft.EventGrid/systemTopics/deploy.bicep b/arm/Microsoft.EventGrid/systemTopics/deploy.bicep index ce60faf001..a7cb0c9c81 100644 --- a/arm/Microsoft.EventGrid/systemTopics/deploy.bicep +++ b/arm/Microsoft.EventGrid/systemTopics/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. The name of the Event Grid Topic') +@description('Required. The name of the Event Grid Topic.') param name string @description('Optional. Location for all Resources.') @@ -30,7 +30,7 @@ param diagnosticEventHubName string = '' @description('Optional. Configuration Details for private endpoints.') param privateEndpoints array = [] -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @allowed([ @@ -164,13 +164,13 @@ module systemTopic_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index } }] -@description('The name of the event grid system topic') +@description('The name of the event grid system topic.') output name string = systemTopic.name -@description('The resource ID of the event grid system topic') +@description('The resource ID of the event grid system topic.') output resourceId string = systemTopic.id -@description('The name of the resource group the event grid system topic was deployed into') +@description('The name of the resource group the event grid system topic was deployed into.') output resourceGroupName string = resourceGroup().name @description('The principal ID of the system assigned identity.') diff --git a/arm/Microsoft.EventGrid/systemTopics/readme.md b/arm/Microsoft.EventGrid/systemTopics/readme.md index 6695de6364..8bdab4d97c 100644 --- a/arm/Microsoft.EventGrid/systemTopics/readme.md +++ b/arm/Microsoft.EventGrid/systemTopics/readme.md @@ -24,7 +24,7 @@ This module deploys an Event Grid System Topic. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the Event Grid Topic | +| `name` | string | The name of the Event Grid Topic. | | `source` | string | Source for the system topic. | | `topicType` | string | TopicType for the system topic. | @@ -43,7 +43,7 @@ This module deploys an Event Grid System Topic. | `location` | string | `[resourceGroup().location]` | | Location for all Resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `privateEndpoints` | array | `[]` | | Configuration Details for private endpoints. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `systemAssignedIdentity` | bool | `False` | | Enables system assigned managed identity on the resource. | | `tags` | object | `{object}` | | Tags of the resource. | | `userAssignedIdentities` | object | `{object}` | | The ID(s) to assign to the resource. | @@ -145,7 +145,7 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the event grid system topic | -| `resourceGroupName` | string | The name of the resource group the event grid system topic was deployed into | -| `resourceId` | string | The resource ID of the event grid system topic | +| `name` | string | The name of the event grid system topic. | +| `resourceGroupName` | string | The name of the resource group the event grid system topic was deployed into. | +| `resourceId` | string | The resource ID of the event grid system topic. | | `systemAssignedPrincipalId` | string | The principal ID of the system assigned identity. | diff --git a/arm/Microsoft.EventGrid/topics/deploy.bicep b/arm/Microsoft.EventGrid/topics/deploy.bicep index 516839abbe..ce07cdf85c 100644 --- a/arm/Microsoft.EventGrid/topics/deploy.bicep +++ b/arm/Microsoft.EventGrid/topics/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. The name of the Event Grid Topic') +@description('Required. The name of the Event Grid Topic.') param name string @description('Optional. Location for all Resources.') @@ -30,7 +30,7 @@ param diagnosticEventHubName string = '' @description('Optional. Configuration Details for private endpoints.') param privateEndpoints array = [] -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @allowed([ @@ -152,11 +152,11 @@ module eventGrid_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) } }] -@description('The name of the event grid topic') +@description('The name of the event grid topic.') output name string = eventGrid.name -@description('The resource ID of the event grid') +@description('The resource ID of the event grid.') output resourceId string = eventGrid.id -@description('The name of the resource group the event grid was deployed into') +@description('The name of the resource group the event grid was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.EventGrid/topics/readme.md b/arm/Microsoft.EventGrid/topics/readme.md index f11924a0c0..a329338dd8 100644 --- a/arm/Microsoft.EventGrid/topics/readme.md +++ b/arm/Microsoft.EventGrid/topics/readme.md @@ -24,7 +24,7 @@ This module deploys an event grid topic. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the Event Grid Topic | +| `name` | string | The name of the Event Grid Topic. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -43,7 +43,7 @@ This module deploys an event grid topic. | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `privateEndpoints` | array | `[]` | | Configuration Details for private endpoints. | | `publicNetworkAccess` | string | `'Enabled'` | | Determines if traffic is allowed over public network. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -130,6 +130,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the event grid topic | -| `resourceGroupName` | string | The name of the resource group the event grid was deployed into | -| `resourceId` | string | The resource ID of the event grid | +| `name` | string | The name of the event grid topic. | +| `resourceGroupName` | string | The name of the resource group the event grid was deployed into. | +| `resourceId` | string | The resource ID of the event grid. | diff --git a/arm/Microsoft.EventHub/namespaces/authorizationRules/deploy.bicep b/arm/Microsoft.EventHub/namespaces/authorizationRules/deploy.bicep index a375bfefcd..743ba22f23 100644 --- a/arm/Microsoft.EventHub/namespaces/authorizationRules/deploy.bicep +++ b/arm/Microsoft.EventHub/namespaces/authorizationRules/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. The name of the event hub namespace') +@description('Conditional. The name of the parent event hub namespace. Required if the template is used in a standalone deployment.') param namespaceName string -@description('Required. The name of the authorization rule') +@description('Required. The name of the authorization rule.') param name string @description('Optional. The rights associated with the rule.') diff --git a/arm/Microsoft.EventHub/namespaces/authorizationRules/readme.md b/arm/Microsoft.EventHub/namespaces/authorizationRules/readme.md index d0ed4d61e8..67d6117b3a 100644 --- a/arm/Microsoft.EventHub/namespaces/authorizationRules/readme.md +++ b/arm/Microsoft.EventHub/namespaces/authorizationRules/readme.md @@ -19,8 +19,12 @@ This module deploys an EventHub Namespace Authorization Rule **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the authorization rule | -| `namespaceName` | string | The name of the event hub namespace | +| `name` | string | The name of the authorization rule. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `namespaceName` | string | The name of the parent event hub namespace. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | diff --git a/arm/Microsoft.EventHub/namespaces/deploy.bicep b/arm/Microsoft.EventHub/namespaces/deploy.bicep index 84515f7611..a8d1e22a39 100644 --- a/arm/Microsoft.EventHub/namespaces/deploy.bicep +++ b/arm/Microsoft.EventHub/namespaces/deploy.bicep @@ -5,14 +5,14 @@ param name string = '' @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. event hub plan SKU name') +@description('Optional. event hub plan SKU name.') @allowed([ 'Basic' 'Standard' ]) param skuName string = 'Standard' -@description('Optional. Event Hub plan scale-out capacity of the resource') +@description('Optional. Event Hub plan scale-out capacity of the resource.') @minValue(1) @maxValue(20) param skuCapacity int = 1 @@ -28,7 +28,7 @@ param isAutoInflateEnabled bool = false @maxValue(20) param maximumThroughputUnits int = 1 -@description('Optional. Authorization Rules for the Event Hub namespace') +@description('Optional. Authorization Rules for the Event Hub namespace.') param authorizationRules array = [ { name: 'RootManageSharedAccessKey' @@ -43,7 +43,7 @@ param authorizationRules array = [ @description('Optional. Configuration Details for private endpoints.For security reasons, it is recommended to use private endpoints whenever possible.') param privateEndpoints array = [] -@description('Optional. Networks ACLs, this value contains IPs to whitelist and/or Subnet information. For security reasons, it is recommended to set the DefaultAction Deny') +@description('Optional. Networks ACLs, this value contains IPs to whitelist and/or Subnet information. For security reasons, it is recommended to set the DefaultAction Deny.') param networkAcls object = {} @description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') @@ -77,7 +77,7 @@ param systemAssignedIdentity bool = false @description('Optional. The ID(s) to assign to the resource.') param userAssignedIdentities object = {} -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -86,10 +86,10 @@ param tags object = {} @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The event hubs to deploy into this namespace') +@description('Optional. The event hubs to deploy into this namespace.') param eventHubs array = [] -@description('Optional. The disaster recovery config for this namespace') +@description('Optional. The disaster recovery config for this namespace.') param disasterRecoveryConfig object = {} @description('Optional. The name of logs that will be streamed.') diff --git a/arm/Microsoft.EventHub/namespaces/disasterRecoveryConfigs/deploy.bicep b/arm/Microsoft.EventHub/namespaces/disasterRecoveryConfigs/deploy.bicep index 309056cba1..c8cb528758 100644 --- a/arm/Microsoft.EventHub/namespaces/disasterRecoveryConfigs/deploy.bicep +++ b/arm/Microsoft.EventHub/namespaces/disasterRecoveryConfigs/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. The name of the event hub namespace') +@description('Conditional. The name of the parent event hub namespace. Required if the template is used in a standalone deployment.') param namespaceName string -@description('Required. The name of the disaster recovery config') +@description('Required. The name of the disaster recovery config.') param name string -@description('Optional. Resource ID of the Primary/Secondary event hub namespace name, which is part of GEO DR pairing') +@description('Optional. Resource ID of the Primary/Secondary event hub namespace name, which is part of GEO DR pairing.') param partnerNamespaceId string = '' @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') diff --git a/arm/Microsoft.EventHub/namespaces/disasterRecoveryConfigs/readme.md b/arm/Microsoft.EventHub/namespaces/disasterRecoveryConfigs/readme.md index 199d52500d..83c1445822 100644 --- a/arm/Microsoft.EventHub/namespaces/disasterRecoveryConfigs/readme.md +++ b/arm/Microsoft.EventHub/namespaces/disasterRecoveryConfigs/readme.md @@ -19,14 +19,18 @@ This module deploys an EventHub Namespace Disaster Recovery Config **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the disaster recovery config | -| `namespaceName` | string | The name of the event hub namespace | +| `name` | string | The name of the disaster recovery config. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `namespaceName` | string | The name of the parent event hub namespace. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `partnerNamespaceId` | string | `''` | Resource ID of the Primary/Secondary event hub namespace name, which is part of GEO DR pairing | +| `partnerNamespaceId` | string | `''` | Resource ID of the Primary/Secondary event hub namespace name, which is part of GEO DR pairing. | ## Outputs diff --git a/arm/Microsoft.EventHub/namespaces/eventhubs/authorizationRules/deploy.bicep b/arm/Microsoft.EventHub/namespaces/eventhubs/authorizationRules/deploy.bicep index 6c6de03ab3..8690cf47ed 100644 --- a/arm/Microsoft.EventHub/namespaces/eventhubs/authorizationRules/deploy.bicep +++ b/arm/Microsoft.EventHub/namespaces/eventhubs/authorizationRules/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. The name of the event hub namespace') +@description('Conditional. The name of the parent event hub namespace. Required if the template is used in a standalone deployment.') param namespaceName string -@description('Required. The name of the event hub namespace event hub') +@description('Conditional. The name of the parent event hub namespace event hub. Required if the template is used in a standalone deployment.') param eventHubName string -@description('Required. The name of the authorization rule') +@description('Required. The name of the authorization rule.') param name string @description('Optional. The rights associated with the rule.') diff --git a/arm/Microsoft.EventHub/namespaces/eventhubs/authorizationRules/readme.md b/arm/Microsoft.EventHub/namespaces/eventhubs/authorizationRules/readme.md index 655df3f09b..f33c1c6fd7 100644 --- a/arm/Microsoft.EventHub/namespaces/eventhubs/authorizationRules/readme.md +++ b/arm/Microsoft.EventHub/namespaces/eventhubs/authorizationRules/readme.md @@ -19,9 +19,13 @@ This module deploys an EventHub Namespace EventHubs Authorization Rule **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `eventHubName` | string | The name of the event hub namespace event hub | -| `name` | string | The name of the authorization rule | -| `namespaceName` | string | The name of the event hub namespace | +| `name` | string | The name of the authorization rule. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `eventHubName` | string | The name of the parent event hub namespace event hub. Required if the template is used in a standalone deployment. | +| `namespaceName` | string | The name of the parent event hub namespace. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | diff --git a/arm/Microsoft.EventHub/namespaces/eventhubs/consumergroups/deploy.bicep b/arm/Microsoft.EventHub/namespaces/eventhubs/consumergroups/deploy.bicep index 971bfd30ae..1b03bf2aa8 100644 --- a/arm/Microsoft.EventHub/namespaces/eventhubs/consumergroups/deploy.bicep +++ b/arm/Microsoft.EventHub/namespaces/eventhubs/consumergroups/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. The name of the event hub namespace') +@description('Conditional. The name of the parent event hub namespace. Required if the template is used in a standalone deployment.s.') param namespaceName string -@description('Required. The name of the event hub namespace event hub') +@description('Conditional. The name of the parent event hub namespace event hub. Required if the template is used in a standalone deployment.') param eventHubName string -@description('Required. The name of the consumer group') +@description('Required. The name of the consumer group.') param name string @description('Optional. User Metadata is a placeholder to store user-defined string data with maximum length 1024. e.g. it can be used to store descriptive data, such as list of teams and their contact information also user-defined configuration settings can be stored.') diff --git a/arm/Microsoft.EventHub/namespaces/eventhubs/consumergroups/readme.md b/arm/Microsoft.EventHub/namespaces/eventhubs/consumergroups/readme.md index c798085067..c643cd19de 100644 --- a/arm/Microsoft.EventHub/namespaces/eventhubs/consumergroups/readme.md +++ b/arm/Microsoft.EventHub/namespaces/eventhubs/consumergroups/readme.md @@ -19,9 +19,13 @@ This module deploys an EventHub Namespace EventHubs Consumer Group **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `eventHubName` | string | The name of the event hub namespace event hub | -| `name` | string | The name of the consumer group | -| `namespaceName` | string | The name of the event hub namespace | +| `name` | string | The name of the consumer group. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `eventHubName` | string | The name of the parent event hub namespace event hub. Required if the template is used in a standalone deployment. | +| `namespaceName` | string | The name of the parent event hub namespace. Required if the template is used in a standalone deployment.s. | **Optional parameters** | Parameter Name | Type | Default Value | Description | diff --git a/arm/Microsoft.EventHub/namespaces/eventhubs/deploy.bicep b/arm/Microsoft.EventHub/namespaces/eventhubs/deploy.bicep index 7090dc0386..50323cceca 100644 --- a/arm/Microsoft.EventHub/namespaces/eventhubs/deploy.bicep +++ b/arm/Microsoft.EventHub/namespaces/eventhubs/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. The name of the event hub namespace') +@description('Conditional. The name of the parent event hub namespace. Required if the template is used in a standalone deployment.') param namespaceName string -@description('Required. The name of the event hub') +@description('Required. The name of the event hub.') param name string -@description('Optional. Authorization Rules for the event hub') +@description('Optional. Authorization Rules for the event hub.') param authorizationRules array = [ { name: 'RootManageSharedAccessKey' @@ -16,7 +16,7 @@ param authorizationRules array = [ } ] -@description('Optional. Number of days to retain the events for this Event Hub, value should be 1 to 7 days') +@description('Optional. Number of days to retain the events for this Event Hub, value should be 1 to 7 days.') @minValue(1) @maxValue(7) param messageRetentionInDays int = 1 @@ -40,7 +40,7 @@ param partitionCount int = 2 ]) param status string = 'Active' -@description('Optional. The consumer groups to create in this event hub instance') +@description('Optional. The consumer groups to create in this event hub instance.') param consumerGroups array = [ { name: '$Default' @@ -55,42 +55,42 @@ param consumerGroups array = [ @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] -@description('Optional. Name for capture destination') +@description('Optional. Name for capture destination.') param captureDescriptionDestinationName string = 'EventHubArchive.AzureBlockBlob' -@description('Optional. Blob naming convention for archive, e.g. {Namespace}/{EventHub}/{PartitionId}/{Year}/{Month}/{Day}/{Hour}/{Minute}/{Second}. Here all the parameters (Namespace,EventHub .. etc) are mandatory irrespective of order') +@description('Optional. Blob naming convention for archive, e.g. {Namespace}/{EventHub}/{PartitionId}/{Year}/{Month}/{Day}/{Hour}/{Minute}/{Second}. Here all the parameters (Namespace,EventHub .. etc) are mandatory irrespective of order.') param captureDescriptionDestinationArchiveNameFormat string = '{Namespace}/{EventHub}/{PartitionId}/{Year}/{Month}/{Day}/{Hour}/{Minute}/{Second}' -@description('Optional. Blob container Name') +@description('Optional. Blob container Name.') param captureDescriptionDestinationBlobContainer string = '' -@description('Optional. Resource ID of the storage account to be used to create the blobs') +@description('Optional. Resource ID of the storage account to be used to create the blobs.') param captureDescriptionDestinationStorageAccountResourceId string = '' @description('Optional. A value that indicates whether capture description is enabled.') param captureDescriptionEnabled bool = false -@description('Optional. Enumerates the possible values for the encoding format of capture description. Note: "AvroDeflate" will be deprecated in New API Version') +@description('Optional. Enumerates the possible values for the encoding format of capture description. Note: "AvroDeflate" will be deprecated in New API Version.') @allowed([ 'Avro' 'AvroDeflate' ]) param captureDescriptionEncoding string = 'Avro' -@description('Optional. The time window allows you to set the frequency with which the capture to Azure Blobs will happen') +@description('Optional. The time window allows you to set the frequency with which the capture to Azure Blobs will happen.') @minValue(60) @maxValue(900) param captureDescriptionIntervalInSeconds int = 300 -@description('Optional. The size window defines the amount of data built up in your Event Hub before an capture operation') +@description('Optional. The size window defines the amount of data built up in your Event Hub before an capture operation.') @minValue(10485760) @maxValue(524288000) param captureDescriptionSizeLimitInBytes int = 314572800 -@description('Optional. A value that indicates whether to Skip Empty Archives') +@description('Optional. A value that indicates whether to Skip Empty Archives.') param captureDescriptionSkipEmptyArchives bool = false @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') diff --git a/arm/Microsoft.EventHub/namespaces/eventhubs/readme.md b/arm/Microsoft.EventHub/namespaces/eventhubs/readme.md index f3b18ceb29..d928b62dbe 100644 --- a/arm/Microsoft.EventHub/namespaces/eventhubs/readme.md +++ b/arm/Microsoft.EventHub/namespaces/eventhubs/readme.md @@ -23,28 +23,32 @@ This module deploys an Event Hub. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the event hub | -| `namespaceName` | string | The name of the event hub namespace | +| `name` | string | The name of the event hub. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `namespaceName` | string | The name of the parent event hub namespace. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `authorizationRules` | _[authorizationRules](authorizationRules/readme.md)_ array | `[System.Collections.Hashtable]` | | Authorization Rules for the event hub | -| `captureDescriptionDestinationArchiveNameFormat` | string | `'{Namespace}/{EventHub}/{PartitionId}/{Year}/{Month}/{Day}/{Hour}/{Minute}/{Second}'` | | Blob naming convention for archive, e.g. {Namespace}/{EventHub}/{PartitionId}/{Year}/{Month}/{Day}/{Hour}/{Minute}/{Second}. Here all the parameters (Namespace,EventHub .. etc) are mandatory irrespective of order | -| `captureDescriptionDestinationBlobContainer` | string | `''` | | Blob container Name | -| `captureDescriptionDestinationName` | string | `'EventHubArchive.AzureBlockBlob'` | | Name for capture destination | -| `captureDescriptionDestinationStorageAccountResourceId` | string | `''` | | Resource ID of the storage account to be used to create the blobs | +| `authorizationRules` | _[authorizationRules](authorizationRules/readme.md)_ array | `[System.Collections.Hashtable]` | | Authorization Rules for the event hub. | +| `captureDescriptionDestinationArchiveNameFormat` | string | `'{Namespace}/{EventHub}/{PartitionId}/{Year}/{Month}/{Day}/{Hour}/{Minute}/{Second}'` | | Blob naming convention for archive, e.g. {Namespace}/{EventHub}/{PartitionId}/{Year}/{Month}/{Day}/{Hour}/{Minute}/{Second}. Here all the parameters (Namespace,EventHub .. etc) are mandatory irrespective of order. | +| `captureDescriptionDestinationBlobContainer` | string | `''` | | Blob container Name. | +| `captureDescriptionDestinationName` | string | `'EventHubArchive.AzureBlockBlob'` | | Name for capture destination. | +| `captureDescriptionDestinationStorageAccountResourceId` | string | `''` | | Resource ID of the storage account to be used to create the blobs. | | `captureDescriptionEnabled` | bool | `False` | | A value that indicates whether capture description is enabled. | -| `captureDescriptionEncoding` | string | `'Avro'` | `[Avro, AvroDeflate]` | Enumerates the possible values for the encoding format of capture description. Note: "AvroDeflate" will be deprecated in New API Version | -| `captureDescriptionIntervalInSeconds` | int | `300` | | The time window allows you to set the frequency with which the capture to Azure Blobs will happen | -| `captureDescriptionSizeLimitInBytes` | int | `314572800` | | The size window defines the amount of data built up in your Event Hub before an capture operation | -| `captureDescriptionSkipEmptyArchives` | bool | `False` | | A value that indicates whether to Skip Empty Archives | -| `consumerGroups` | _[consumerGroups](consumerGroups/readme.md)_ array | `[System.Collections.Hashtable]` | | The consumer groups to create in this event hub instance | +| `captureDescriptionEncoding` | string | `'Avro'` | `[Avro, AvroDeflate]` | Enumerates the possible values for the encoding format of capture description. Note: "AvroDeflate" will be deprecated in New API Version. | +| `captureDescriptionIntervalInSeconds` | int | `300` | | The time window allows you to set the frequency with which the capture to Azure Blobs will happen. | +| `captureDescriptionSizeLimitInBytes` | int | `314572800` | | The size window defines the amount of data built up in your Event Hub before an capture operation. | +| `captureDescriptionSkipEmptyArchives` | bool | `False` | | A value that indicates whether to Skip Empty Archives. | +| `consumerGroups` | _[consumerGroups](consumerGroups/readme.md)_ array | `[System.Collections.Hashtable]` | | The consumer groups to create in this event hub instance. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `messageRetentionInDays` | int | `1` | | Number of days to retain the events for this Event Hub, value should be 1 to 7 days | +| `messageRetentionInDays` | int | `1` | | Number of days to retain the events for this Event Hub, value should be 1 to 7 days. | | `partitionCount` | int | `2` | | Number of partitions created for the Event Hub, allowed values are from 1 to 32 partitions. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `status` | string | `'Active'` | `[Active, Creating, Deleting, Disabled, ReceiveDisabled, Renaming, Restoring, SendDisabled, Unknown]` | Enumerates the possible values for the status of the Event Hub. | diff --git a/arm/Microsoft.EventHub/namespaces/readme.md b/arm/Microsoft.EventHub/namespaces/readme.md index b53d96e7cb..2f6ee74243 100644 --- a/arm/Microsoft.EventHub/namespaces/readme.md +++ b/arm/Microsoft.EventHub/namespaces/readme.md @@ -29,7 +29,7 @@ This module deploys an event hub namespace. **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `authorizationRules` | _[authorizationRules](authorizationRules/readme.md)_ array | `[System.Collections.Hashtable]` | | Authorization Rules for the Event Hub namespace | +| `authorizationRules` | _[authorizationRules](authorizationRules/readme.md)_ array | `[System.Collections.Hashtable]` | | Authorization Rules for the Event Hub namespace. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[ArchiveLogs, OperationalLogs, KafkaCoordinatorLogs, KafkaUserErrorLogs, EventHubVNetConnectionEvent, CustomerManagedKeyUserLogs, AutoScaleLogs]` | `[ArchiveLogs, OperationalLogs, KafkaCoordinatorLogs, KafkaUserErrorLogs, EventHubVNetConnectionEvent, CustomerManagedKeyUserLogs, AutoScaleLogs]` | The name of logs that will be streamed. | @@ -38,19 +38,19 @@ This module deploys an event hub namespace. | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | -| `disasterRecoveryConfig` | object | `{object}` | | The disaster recovery config for this namespace | +| `disasterRecoveryConfig` | object | `{object}` | | The disaster recovery config for this namespace. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `eventHubs` | _[eventHubs](eventHubs/readme.md)_ array | `[]` | | The event hubs to deploy into this namespace | +| `eventHubs` | _[eventHubs](eventHubs/readme.md)_ array | `[]` | | The event hubs to deploy into this namespace. | | `isAutoInflateEnabled` | bool | `False` | | Switch to enable the Auto Inflate feature of Event Hub. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `maximumThroughputUnits` | int | `1` | | Upper limit of throughput units when AutoInflate is enabled, value should be within 0 to 20 throughput units. | | `name` | string | `''` | | The name of the event hub namespace. If no name is provided, then unique name will be created. | -| `networkAcls` | object | `{object}` | | Networks ACLs, this value contains IPs to whitelist and/or Subnet information. For security reasons, it is recommended to set the DefaultAction Deny | +| `networkAcls` | object | `{object}` | | Networks ACLs, this value contains IPs to whitelist and/or Subnet information. For security reasons, it is recommended to set the DefaultAction Deny. | | `privateEndpoints` | array | `[]` | | Configuration Details for private endpoints.For security reasons, it is recommended to use private endpoints whenever possible. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | -| `skuCapacity` | int | `1` | | Event Hub plan scale-out capacity of the resource | -| `skuName` | string | `'Standard'` | `[Basic, Standard]` | event hub plan SKU name | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| `skuCapacity` | int | `1` | | Event Hub plan scale-out capacity of the resource. | +| `skuName` | string | `'Standard'` | `[Basic, Standard]` | event hub plan SKU name. | | `systemAssignedIdentity` | bool | `False` | | Enables system assigned managed identity on the resource. | | `tags` | object | `{object}` | | Tags of the resource. | | `userAssignedIdentities` | object | `{object}` | | The ID(s) to assign to the resource. | diff --git a/arm/Microsoft.HealthBot/healthBots/deploy.bicep b/arm/Microsoft.HealthBot/healthBots/deploy.bicep index cf434040bf..fe83df5a21 100644 --- a/arm/Microsoft.HealthBot/healthBots/deploy.bicep +++ b/arm/Microsoft.HealthBot/healthBots/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Name of the resource') +@description('Required. Name of the resource.') param name string @description('Optional. The resource model definition representing SKU.') @@ -15,7 +15,7 @@ param location string = resourceGroup().location @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -66,11 +66,11 @@ module healthBot_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) } }] -@description('The resource group the health bot was deployed into') +@description('The resource group the health bot was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the health bot') +@description('The name of the health bot.') output name string = azureHealthBot.name -@description('The resource ID of the health bot') +@description('The resource ID of the health bot.') output resourceId string = azureHealthBot.id diff --git a/arm/Microsoft.HealthBot/healthBots/readme.md b/arm/Microsoft.HealthBot/healthBots/readme.md index ca1a2c2aa7..186e174a6f 100644 --- a/arm/Microsoft.HealthBot/healthBots/readme.md +++ b/arm/Microsoft.HealthBot/healthBots/readme.md @@ -21,7 +21,7 @@ This module deploys an Azure Health Bot. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the resource | +| `name` | string | Name of the resource. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -29,7 +29,7 @@ This module deploys an Azure Health Bot. | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `sku` | string | `'F0'` | | The resource model definition representing SKU. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -81,6 +81,6 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the health bot | -| `resourceGroupName` | string | The resource group the health bot was deployed into | -| `resourceId` | string | The resource ID of the health bot | +| `name` | string | The name of the health bot. | +| `resourceGroupName` | string | The resource group the health bot was deployed into. | +| `resourceId` | string | The resource ID of the health bot. | diff --git a/arm/Microsoft.Insights/actionGroups/deploy.bicep b/arm/Microsoft.Insights/actionGroups/deploy.bicep index da1866b7e7..838f53b28b 100644 --- a/arm/Microsoft.Insights/actionGroups/deploy.bicep +++ b/arm/Microsoft.Insights/actionGroups/deploy.bicep @@ -7,7 +7,7 @@ param groupShortName string @description('Optional. Indicates whether this action group is enabled. If an action group is not enabled, then none of its receivers will receive communications.') param enabled bool = true -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. The list of email receivers that are part of this action group.') @@ -92,11 +92,11 @@ module actionGroup_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index } }] -@description('The resource group the action group was deployed into') +@description('The resource group the action group was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the action group ') +@description('The name of the action group .') output name string = actionGroup.name -@description('The resource ID of the action group ') +@description('The resource ID of the action group .') output resourceId string = actionGroup.id diff --git a/arm/Microsoft.Insights/actionGroups/readme.md b/arm/Microsoft.Insights/actionGroups/readme.md index bec557454e..2b2effca44 100644 --- a/arm/Microsoft.Insights/actionGroups/readme.md +++ b/arm/Microsoft.Insights/actionGroups/readme.md @@ -36,7 +36,7 @@ This module deploys an Action Group. | `itsmReceivers` | array | `[]` | The list of ITSM receivers that are part of this action group. | | `location` | string | `'global'` | Location for all resources. | | `logicAppReceivers` | array | `[]` | The list of logic app receivers that are part of this action group. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `smsReceivers` | array | `[]` | The list of SMS receivers that are part of this action group. | | `tags` | object | `{object}` | Tags of the resource. | | `voiceReceivers` | array | `[]` | The list of voice receivers that are part of this action group. | @@ -134,6 +134,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the action group | -| `resourceGroupName` | string | The resource group the action group was deployed into | -| `resourceId` | string | The resource ID of the action group | +| `name` | string | The name of the action group . | +| `resourceGroupName` | string | The resource group the action group was deployed into. | +| `resourceId` | string | The resource ID of the action group . | diff --git a/arm/Microsoft.Insights/activityLogAlerts/deploy.bicep b/arm/Microsoft.Insights/activityLogAlerts/deploy.bicep index 07efbf5a07..19347de195 100644 --- a/arm/Microsoft.Insights/activityLogAlerts/deploy.bicep +++ b/arm/Microsoft.Insights/activityLogAlerts/deploy.bicep @@ -18,10 +18,10 @@ param scopes array = [ @description('Optional. The list of actions to take when alert triggers.') param actions array = [] -@description('Required. The condition that will cause this alert to activate. Array of objects') +@description('Required. The condition that will cause this alert to activate. Array of objects.') param conditions array -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -75,11 +75,11 @@ module activityLogAlert_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, } }] -@description('The name of the activity log alert') +@description('The name of the activity log alert.') output name string = activityLogAlert.name -@description('The resource ID of the activity log alert') +@description('The resource ID of the activity log alert.') output resourceId string = activityLogAlert.id -@description('The resource group the activity log alert was deployed into') +@description('The resource group the activity log alert was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Insights/activityLogAlerts/readme.md b/arm/Microsoft.Insights/activityLogAlerts/readme.md index 8dc1a768f2..3ac50229ec 100644 --- a/arm/Microsoft.Insights/activityLogAlerts/readme.md +++ b/arm/Microsoft.Insights/activityLogAlerts/readme.md @@ -20,7 +20,7 @@ This module deploys an Alert based on Activity Log. **Required parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | -| `conditions` | array | | The condition that will cause this alert to activate. Array of objects | +| `conditions` | array | | The condition that will cause this alert to activate. Array of objects. | | `name` | string | | The name of the alert. | | `scopes` | array | `[[subscription().id]]` | the list of resource IDs that this metric alert is scoped to. | @@ -32,7 +32,7 @@ This module deploys an Alert based on Activity Log. | `enabled` | bool | `True` | Indicates whether this alert is enabled. | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `'global'` | Location for all resources. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | Tags of the resource. | @@ -188,6 +188,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the activity log alert | -| `resourceGroupName` | string | The resource group the activity log alert was deployed into | -| `resourceId` | string | The resource ID of the activity log alert | +| `name` | string | The name of the activity log alert. | +| `resourceGroupName` | string | The resource group the activity log alert was deployed into. | +| `resourceId` | string | The resource ID of the activity log alert. | diff --git a/arm/Microsoft.Insights/components/deploy.bicep b/arm/Microsoft.Insights/components/deploy.bicep index 69568f3504..c7d8edc728 100644 --- a/arm/Microsoft.Insights/components/deploy.bicep +++ b/arm/Microsoft.Insights/components/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. Name of the Application Insights') +@description('Required. Name of the Application Insights.') param name string -@description('Optional. Application type') +@description('Optional. Application type.') @allowed([ 'web' 'other' @@ -11,14 +11,14 @@ param appInsightsType string = 'web' @description('Required. Resource ID of the log analytics workspace which the data will be ingested to. This property is required to create an application with this API version. Applications from older versions will not have this property.') param workspaceResourceId string -@description('Optional. The network access type for accessing Application Insights ingestion. - Enabled or Disabled') +@description('Optional. The network access type for accessing Application Insights ingestion. - Enabled or Disabled.') @allowed([ 'Enabled' 'Disabled' ]) param publicNetworkAccessForIngestion string = 'Enabled' -@description('Optional. The network access type for accessing Application Insights query. - Enabled or Disabled') +@description('Optional. The network access type for accessing Application Insights query. - Enabled or Disabled.') @allowed([ 'Enabled' 'Disabled' @@ -47,7 +47,7 @@ param samplingPercentage int = 100 @description('Optional. The kind of application that this component refers to, used to customize UI. This value is a freeform string, values should typically be one of the following: web, ios, other, store, java, phone.') param kind string = '' -@description('Optional. Location for all Resources') +@description('Optional. Location for all Resources.') param location string = resourceGroup().location @description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') @@ -97,14 +97,14 @@ module appInsights_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index } }] -@description('The name of the application insights component') +@description('The name of the application insights component.') output name string = appInsights.name -@description('The resource ID of the application insights component') +@description('The resource ID of the application insights component.') output resourceId string = appInsights.id -@description('The resource group the application insights component was deployed into') +@description('The resource group the application insights component was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The application ID of the application insights component') +@description('The application ID of the application insights component.') output applicationId string = appInsights.properties.AppId diff --git a/arm/Microsoft.Insights/components/readme.md b/arm/Microsoft.Insights/components/readme.md index e36c0a3693..1043b9b0c3 100644 --- a/arm/Microsoft.Insights/components/readme.md +++ b/arm/Microsoft.Insights/components/readme.md @@ -18,18 +18,18 @@ **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the Application Insights | +| `name` | string | Name of the Application Insights. | | `workspaceResourceId` | string | Resource ID of the log analytics workspace which the data will be ingested to. This property is required to create an application with this API version. Applications from older versions will not have this property. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `appInsightsType` | string | `'web'` | `[web, other]` | Application type | +| `appInsightsType` | string | `'web'` | `[web, other]` | Application type. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `kind` | string | `''` | | The kind of application that this component refers to, used to customize UI. This value is a freeform string, values should typically be one of the following: web, ios, other, store, java, phone. | -| `location` | string | `[resourceGroup().location]` | | Location for all Resources | -| `publicNetworkAccessForIngestion` | string | `'Enabled'` | `[Enabled, Disabled]` | The network access type for accessing Application Insights ingestion. - Enabled or Disabled | -| `publicNetworkAccessForQuery` | string | `'Enabled'` | `[Enabled, Disabled]` | The network access type for accessing Application Insights query. - Enabled or Disabled | +| `location` | string | `[resourceGroup().location]` | | Location for all Resources. | +| `publicNetworkAccessForIngestion` | string | `'Enabled'` | `[Enabled, Disabled]` | The network access type for accessing Application Insights ingestion. - Enabled or Disabled. | +| `publicNetworkAccessForQuery` | string | `'Enabled'` | `[Enabled, Disabled]` | The network access type for accessing Application Insights query. - Enabled or Disabled. | | `retentionInDays` | int | `365` | `[30, 60, 90, 120, 180, 270, 365, 550, 730]` | Retention period in days. | | `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `samplingPercentage` | int | `100` | | Percentage of the data produced by the application being monitored that is being sampled for Application Insights telemetry. | @@ -83,7 +83,7 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `applicationId` | string | The application ID of the application insights component | -| `name` | string | The name of the application insights component | -| `resourceGroupName` | string | The resource group the application insights component was deployed into | -| `resourceId` | string | The resource ID of the application insights component | +| `applicationId` | string | The application ID of the application insights component. | +| `name` | string | The name of the application insights component. | +| `resourceGroupName` | string | The resource group the application insights component was deployed into. | +| `resourceId` | string | The resource ID of the application insights component. | diff --git a/arm/Microsoft.Insights/diagnosticSettings/deploy.bicep b/arm/Microsoft.Insights/diagnosticSettings/deploy.bicep index c07bc8058e..7e312945b2 100644 --- a/arm/Microsoft.Insights/diagnosticSettings/deploy.bicep +++ b/arm/Microsoft.Insights/diagnosticSettings/deploy.bicep @@ -83,11 +83,11 @@ resource diagnosticSetting 'Microsoft.Insights/diagnosticSettings@2021-05-01-pre } } -@description('The name of the diagnostic settings') +@description('The name of the diagnostic settings.') output name string = diagnosticSetting.name -@description('The resource ID of the diagnostic settings') +@description('The resource ID of the diagnostic settings.') output resourceId string = diagnosticSetting.id -@description('The name of the subscription to deploy into') +@description('The name of the subscription to deploy into.') output subscriptionName string = subscription().displayName diff --git a/arm/Microsoft.Insights/diagnosticSettings/readme.md b/arm/Microsoft.Insights/diagnosticSettings/readme.md index c4c9bf3d17..d3c44b7871 100644 --- a/arm/Microsoft.Insights/diagnosticSettings/readme.md +++ b/arm/Microsoft.Insights/diagnosticSettings/readme.md @@ -34,6 +34,6 @@ This module deploys a subscription wide export of the activity log. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the diagnostic settings | -| `resourceId` | string | The resource ID of the diagnostic settings | -| `subscriptionName` | string | The name of the subscription to deploy into | +| `name` | string | The name of the diagnostic settings. | +| `resourceId` | string | The resource ID of the diagnostic settings. | +| `subscriptionName` | string | The name of the subscription to deploy into. | diff --git a/arm/Microsoft.Insights/metricAlerts/deploy.bicep b/arm/Microsoft.Insights/metricAlerts/deploy.bicep index 2d3c8e1511..2813abca4f 100644 --- a/arm/Microsoft.Insights/metricAlerts/deploy.bicep +++ b/arm/Microsoft.Insights/metricAlerts/deploy.bicep @@ -68,10 +68,10 @@ param actions array = [] ]) param alertCriteriaType string = 'Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria' -@description('Required. Criterias to trigger the alert. Array of \'Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria\' or \'Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria\' objects') +@description('Required. Criterias to trigger the alert. Array of \'Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria\' or \'Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria\' objects.') param criterias array -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -130,11 +130,11 @@ module metricAlert_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index } }] -@description('The resource group the metric alert was deployed into') +@description('The resource group the metric alert was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the metric alert') +@description('The name of the metric alert.') output name string = metricAlert.name -@description('The resource ID of the metric alert') +@description('The resource ID of the metric alert.') output resourceId string = metricAlert.id diff --git a/arm/Microsoft.Insights/metricAlerts/readme.md b/arm/Microsoft.Insights/metricAlerts/readme.md index 3bbc249c7c..0597669fd9 100644 --- a/arm/Microsoft.Insights/metricAlerts/readme.md +++ b/arm/Microsoft.Insights/metricAlerts/readme.md @@ -20,7 +20,7 @@ This module deploys an alert based on metrics. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `criterias` | array | Criterias to trigger the alert. Array of 'Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria' or 'Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria' objects | +| `criterias` | array | Criterias to trigger the alert. Array of 'Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria' or 'Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria' objects. | | `name` | string | The name of the alert. | **Optional parameters** @@ -34,7 +34,7 @@ This module deploys an alert based on metrics. | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `evaluationFrequency` | string | `'PT5M'` | `[PT1M, PT5M, PT15M, PT30M, PT1H]` | how often the metric alert is evaluated represented in ISO 8601 duration format. | | `location` | string | `'global'` | | Location for all resources. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `scopes` | array | `[[subscription().id]]` | | the list of resource IDs that this metric alert is scoped to. | | `severity` | int | `3` | `[0, 1, 2, 3, 4]` | The severity of the alert. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -178,6 +178,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the metric alert | -| `resourceGroupName` | string | The resource group the metric alert was deployed into | -| `resourceId` | string | The resource ID of the metric alert | +| `name` | string | The name of the metric alert. | +| `resourceGroupName` | string | The resource group the metric alert was deployed into. | +| `resourceId` | string | The resource ID of the metric alert. | diff --git a/arm/Microsoft.Insights/privateLinkScopes/deploy.bicep b/arm/Microsoft.Insights/privateLinkScopes/deploy.bicep index c93b9cd05b..75dce2fc12 100644 --- a/arm/Microsoft.Insights/privateLinkScopes/deploy.bicep +++ b/arm/Microsoft.Insights/privateLinkScopes/deploy.bicep @@ -13,7 +13,7 @@ param location string = 'global' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Configuration Details for Azure Monitor Resources.') @@ -87,11 +87,11 @@ module privateLinkScope_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, } }] -@description('The name of the private link scope') +@description('The name of the private link scope.') output name string = privateLinkScope.name -@description('The resource ID of the private link scope') +@description('The resource ID of the private link scope.') output resourceId string = privateLinkScope.id -@description('The resource group the private link scope was deployed into') +@description('The resource group the private link scope was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Insights/privateLinkScopes/readme.md b/arm/Microsoft.Insights/privateLinkScopes/readme.md index 16e1452d30..48412bd92f 100644 --- a/arm/Microsoft.Insights/privateLinkScopes/readme.md +++ b/arm/Microsoft.Insights/privateLinkScopes/readme.md @@ -33,7 +33,7 @@ This module deploys an Azure Monitor Private Link Scope. | `location` | string | `'global'` | | The location of the private link scope. Should be global. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `privateEndpoints` | array | `[]` | | Configuration Details for private endpoints. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `scopedResources` | _[scopedResources](scopedResources/readme.md)_ array | `[]` | | Configuration Details for Azure Monitor Resources. | | `tags` | object | `{object}` | | Resource tags. | @@ -121,6 +121,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the private link scope | -| `resourceGroupName` | string | The resource group the private link scope was deployed into | -| `resourceId` | string | The resource ID of the private link scope | +| `name` | string | The name of the private link scope. | +| `resourceGroupName` | string | The resource group the private link scope was deployed into. | +| `resourceId` | string | The resource ID of the private link scope. | diff --git a/arm/Microsoft.Insights/privateLinkScopes/scopedResources/deploy.bicep b/arm/Microsoft.Insights/privateLinkScopes/scopedResources/deploy.bicep index 977b762b25..57062f1375 100644 --- a/arm/Microsoft.Insights/privateLinkScopes/scopedResources/deploy.bicep +++ b/arm/Microsoft.Insights/privateLinkScopes/scopedResources/deploy.bicep @@ -2,7 +2,7 @@ @minLength(1) param name string -@description('Required. Name of the parent private link scope.') +@description('Conditional. Name of the parent private link scope. Required if the template is used in a standalone deployment.') @minLength(1) param privateLinkScopeName string @@ -36,11 +36,11 @@ resource scopedResource 'Microsoft.Insights/privateLinkScopes/scopedResources@20 } } -@description('The name of the resource group where the resource has been deployed') +@description('The name of the resource group where the resource has been deployed.') output resourceGroupName string = resourceGroup().name -@description('The resource ID of the deployed scopedResource') +@description('The resource ID of the deployed scopedResource.') output resourceId string = scopedResource.id -@description('The full name of the deployed Scoped Resource') +@description('The full name of the deployed Scoped Resource.') output name string = scopedResource.name diff --git a/arm/Microsoft.Insights/privateLinkScopes/scopedResources/readme.md b/arm/Microsoft.Insights/privateLinkScopes/scopedResources/readme.md index e4ce63fa37..c0411a888c 100644 --- a/arm/Microsoft.Insights/privateLinkScopes/scopedResources/readme.md +++ b/arm/Microsoft.Insights/privateLinkScopes/scopedResources/readme.md @@ -21,7 +21,11 @@ This module deploys Insights PrivateLinkScopes ScopedResources. | :-- | :-- | :-- | | `linkedResourceId` | string | The resource ID of the scoped Azure monitor resource. | | `name` | string | Name of the private link scoped resource. | -| `privateLinkScopeName` | string | Name of the parent private link scope. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `privateLinkScopeName` | string | Name of the parent private link scope. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -33,6 +37,6 @@ This module deploys Insights PrivateLinkScopes ScopedResources. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The full name of the deployed Scoped Resource | -| `resourceGroupName` | string | The name of the resource group where the resource has been deployed | -| `resourceId` | string | The resource ID of the deployed scopedResource | +| `name` | string | The full name of the deployed Scoped Resource. | +| `resourceGroupName` | string | The name of the resource group where the resource has been deployed. | +| `resourceId` | string | The resource ID of the deployed scopedResource. | diff --git a/arm/Microsoft.Insights/scheduledQueryRules/deploy.bicep b/arm/Microsoft.Insights/scheduledQueryRules/deploy.bicep index f6c7969931..3212d3f128 100644 --- a/arm/Microsoft.Insights/scheduledQueryRules/deploy.bicep +++ b/arm/Microsoft.Insights/scheduledQueryRules/deploy.bicep @@ -26,10 +26,10 @@ param queryTimeRange string = '' @description('Optional. The flag which indicates whether the provided query should be validated or not. Relevant only for rules of the kind LogAlert.') param skipQueryValidation bool = false -@description('Optional. List of resource type of the target resource(s) on which the alert is created/updated. For example if the scope is a resource group and targetResourceTypes is Microsoft.Compute/virtualMachines, then a different alert will be fired for each virtual machine in the resource group which meet the alert criteria. Relevant only for rules of the kind LogAlert') +@description('Optional. List of resource type of the target resource(s) on which the alert is created/updated. For example if the scope is a resource group and targetResourceTypes is Microsoft.Compute/virtualMachines, then a different alert will be fired for each virtual machine in the resource group which meet the alert criteria. Relevant only for rules of the kind LogAlert.') param targetResourceTypes array = [] -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Required. The list of resource IDs that this scheduled query rule is scoped to.') diff --git a/arm/Microsoft.Insights/scheduledQueryRules/readme.md b/arm/Microsoft.Insights/scheduledQueryRules/readme.md index 53f8ba4b77..21cda099f4 100644 --- a/arm/Microsoft.Insights/scheduledQueryRules/readme.md +++ b/arm/Microsoft.Insights/scheduledQueryRules/readme.md @@ -36,12 +36,12 @@ This module deploys a scheduled query rule. | `kind` | string | `'LogAlert'` | `[LogAlert, LogToMetric]` | Indicates the type of scheduled query rule. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `queryTimeRange` | string | `''` | | If specified (in ISO 8601 duration format) then overrides the query time range. Relevant only for rules of the kind LogAlert. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `severity` | int | `3` | `[0, 1, 2, 3, 4]` | Severity of the alert. Should be an integer between [0-4]. Value of 0 is severest. Relevant and required only for rules of the kind LogAlert. | | `skipQueryValidation` | bool | `False` | | The flag which indicates whether the provided query should be validated or not. Relevant only for rules of the kind LogAlert. | | `suppressForMinutes` | string | `''` | | Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired. If set, autoMitigate must be disabled.Relevant only for rules of the kind LogAlert. | | `tags` | object | `{object}` | | Tags of the resource. | -| `targetResourceTypes` | array | `[]` | | List of resource type of the target resource(s) on which the alert is created/updated. For example if the scope is a resource group and targetResourceTypes is Microsoft.Compute/virtualMachines, then a different alert will be fired for each virtual machine in the resource group which meet the alert criteria. Relevant only for rules of the kind LogAlert | +| `targetResourceTypes` | array | `[]` | | List of resource type of the target resource(s) on which the alert is created/updated. For example if the scope is a resource group and targetResourceTypes is Microsoft.Compute/virtualMachines, then a different alert will be fired for each virtual machine in the resource group which meet the alert criteria. Relevant only for rules of the kind LogAlert. | | `windowSize` | string | `''` | | The period of time (in ISO 8601 duration format) on which the Alert query will be executed (bin size). Relevant and required only for rules of the kind LogAlert. | diff --git a/arm/Microsoft.KeyVault/vaults/accessPolicies/deploy.bicep b/arm/Microsoft.KeyVault/vaults/accessPolicies/deploy.bicep index 97654c373a..e161410ac7 100644 --- a/arm/Microsoft.KeyVault/vaults/accessPolicies/deploy.bicep +++ b/arm/Microsoft.KeyVault/vaults/accessPolicies/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. The name of the key vault') +@description('Conditional. The name of the parent key vault. Required if the template is used in a standalone deployment.') param keyVaultName string -@description('Optional. The access policy deployment') +@description('Optional. The access policy deployment.') param name string = 'add' @description('Optional. An array of 0 to 16 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault\'s tenant ID.') @@ -44,8 +44,8 @@ resource policies 'Microsoft.KeyVault/vaults/accessPolicies@2021-06-01-preview' @description('The name of the resource group the access policies assignment was created in.') output resourceGroupName string = resourceGroup().name -@description('The name of the access policies assignment') +@description('The name of the access policies assignment.') output name string = policies.name -@description('The resource ID of the access policies assignment') +@description('The resource ID of the access policies assignment.') output resourceId string = policies.id diff --git a/arm/Microsoft.KeyVault/vaults/accessPolicies/readme.md b/arm/Microsoft.KeyVault/vaults/accessPolicies/readme.md index b69bfad029..78df5350e7 100644 --- a/arm/Microsoft.KeyVault/vaults/accessPolicies/readme.md +++ b/arm/Microsoft.KeyVault/vaults/accessPolicies/readme.md @@ -16,17 +16,17 @@ This module deploys key vault access policies. ## Parameters -**Required parameters** +**Conditional parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `keyVaultName` | string | The name of the key vault | +| `keyVaultName` | string | The name of the parent key vault. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `accessPolicies` | array | `[]` | An array of 0 to 16 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `'add'` | The access policy deployment | +| `name` | string | `'add'` | The access policy deployment. | ### Parameter Usage: `accessPolicies` @@ -58,6 +58,6 @@ This module deploys key vault access policies. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the access policies assignment | +| `name` | string | The name of the access policies assignment. | | `resourceGroupName` | string | The name of the resource group the access policies assignment was created in. | -| `resourceId` | string | The resource ID of the access policies assignment | +| `resourceId` | string | The resource ID of the access policies assignment. | diff --git a/arm/Microsoft.KeyVault/vaults/deploy.bicep b/arm/Microsoft.KeyVault/vaults/deploy.bicep index 361f0c20d4..e952827a70 100644 --- a/arm/Microsoft.KeyVault/vaults/deploy.bicep +++ b/arm/Microsoft.KeyVault/vaults/deploy.bicep @@ -8,24 +8,24 @@ param name string = '' @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Array of access policies object') +@description('Optional. Array of access policies object.') param accessPolicies array = [] -@description('Optional. All secrets to create') +@description('Optional. All secrets to create.') @secure() param secrets object = {} -@description('Optional. All keys to create') +@description('Optional. All keys to create.') param keys array = [] -@description('Optional. Specifies if the vault is enabled for deployment by script or compute') +@description('Optional. Specifies if the vault is enabled for deployment by script or compute.') @allowed([ true false ]) param enableVaultForDeployment bool = true -@description('Optional. Specifies if the vault is enabled for a template deployment') +@description('Optional. Specifies if the vault is enabled for a template deployment.') @allowed([ true false @@ -54,14 +54,14 @@ param createMode string = 'default' @description('Optional. Provide \'true\' to enable Key Vault\'s purge protection feature.') param enablePurgeProtection bool = false -@description('Optional. Specifies the SKU for the vault') +@description('Optional. Specifies the SKU for the vault.') @allowed([ 'premium' 'standard' ]) param vaultSku string = 'premium' -@description('Optional. Service endpoint object information. For security reasons, it is recommended to set the DefaultAction Deny') +@description('Optional. Service endpoint object information. For security reasons, it is recommended to set the DefaultAction Deny.') param networkAcls object = {} @description('Optional. Property to specify whether the vault will accept traffic from public internet. If set to "disabled" all traffic except private endpoint traffic and that that originates from trusted services will be blocked. This will override the set firewall rules, meaning that even if the firewall rules are present we will not honor the rules.') @@ -76,16 +76,16 @@ param publicNetworkAccess string = 'enabled' @maxValue(365) param diagnosticLogsRetentionInDays int = 365 -@description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub') +@description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticStorageAccountId string = '' -@description('Optional. Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub') +@description('Optional. Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticWorkspaceId string = '' -@description('Optional. Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. ') +@description('Optional. Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to.') param diagnosticEventHubAuthorizationRuleId string = '' -@description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub') +@description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticEventHubName string = '' @allowed([ @@ -96,10 +96,10 @@ param diagnosticEventHubName string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] -@description('Optional. Configuration Details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible') +@description('Optional. Configuration Details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible.') param privateEndpoints array = [] @description('Optional. Resource tags.') diff --git a/arm/Microsoft.KeyVault/vaults/keys/deploy.bicep b/arm/Microsoft.KeyVault/vaults/keys/deploy.bicep index 6b64e910ad..de0962508b 100644 --- a/arm/Microsoft.KeyVault/vaults/keys/deploy.bicep +++ b/arm/Microsoft.KeyVault/vaults/keys/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. The name of the key vault') +@description('Conditional. The name of the parent key vault. Required if the template is used in a standalone deployment.') param keyVaultName string -@description('Required. The name of the key') +@description('Required. The name of the key.') param name string @description('Optional. Resource tags.') @@ -25,7 +25,7 @@ param attributesNbf int = -1 ]) param curveName string = 'P-256' -@description('Optional. Array of JsonWebKeyOperation') +@description('Optional. Array of JsonWebKeyOperation.') @allowed([ 'decrypt' 'encrypt' @@ -49,7 +49,7 @@ param keySize int = -1 ]) param kty string = 'EC' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') diff --git a/arm/Microsoft.KeyVault/vaults/keys/readme.md b/arm/Microsoft.KeyVault/vaults/keys/readme.md index 6cc51cd44c..e661582eff 100644 --- a/arm/Microsoft.KeyVault/vaults/keys/readme.md +++ b/arm/Microsoft.KeyVault/vaults/keys/readme.md @@ -20,8 +20,12 @@ This module deploys a key vault key. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `keyVaultName` | string | The name of the key vault | -| `name` | string | The name of the key | +| `name` | string | The name of the key. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `keyVaultName` | string | The name of the parent key vault. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -31,10 +35,10 @@ This module deploys a key vault key. | `attributesNbf` | int | `-1` | | Not before date in seconds since 1970-01-01T00:00:00Z. | | `curveName` | string | `'P-256'` | `[P-256, P-256K, P-384, P-521]` | The elliptic curve name. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `keyOps` | array | `[]` | `[decrypt, encrypt, import, sign, unwrapKey, verify, wrapKey]` | Array of JsonWebKeyOperation | +| `keyOps` | array | `[]` | `[decrypt, encrypt, import, sign, unwrapKey, verify, wrapKey]` | Array of JsonWebKeyOperation. | | `keySize` | int | `-1` | | The key size in bits. For example: 2048, 3072, or 4096 for RSA. | | `kty` | string | `'EC'` | `[EC, EC-HSM, RSA, RSA-HSM]` | The type of the key. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Resource tags. | diff --git a/arm/Microsoft.KeyVault/vaults/readme.md b/arm/Microsoft.KeyVault/vaults/readme.md index b63748eaaa..f6cc56a85e 100644 --- a/arm/Microsoft.KeyVault/vaults/readme.md +++ b/arm/Microsoft.KeyVault/vaults/readme.md @@ -27,35 +27,35 @@ This module deploys a key vault and its child resources. **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `accessPolicies` | _[accessPolicies](accessPolicies/readme.md)_ array | `[]` | | Array of access policies object | +| `accessPolicies` | _[accessPolicies](accessPolicies/readme.md)_ array | `[]` | | Array of access policies object. | | `createMode` | string | `'default'` | | The vault's create mode to indicate whether the vault need to be recovered or not. - recover or default. | -| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | -| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub | +| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | +| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `diagnosticLogCategoriesToEnable` | array | `[AuditEvent, AzurePolicyEvaluationDetails]` | `[AuditEvent, AzurePolicyEvaluationDetails]` | The name of logs that will be streamed. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | -| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub | -| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub | +| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | +| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `enablePurgeProtection` | bool | `False` | | Provide 'true' to enable Key Vault's purge protection feature. | | `enableRbacAuthorization` | bool | `False` | | Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored (warning: this is a preview feature). When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC. | | `enableSoftDelete` | bool | `True` | | Switch to enable/disable Key Vault's soft delete feature. | -| `enableVaultForDeployment` | bool | `True` | `[True, False]` | Specifies if the vault is enabled for deployment by script or compute | +| `enableVaultForDeployment` | bool | `True` | `[True, False]` | Specifies if the vault is enabled for deployment by script or compute. | | `enableVaultForDiskEncryption` | bool | `True` | `[True, False]` | Specifies if the azure platform has access to the vault for enabling disk encryption scenarios. | -| `enableVaultForTemplateDeployment` | bool | `True` | `[True, False]` | Specifies if the vault is enabled for a template deployment | -| `keys` | _[keys](keys/readme.md)_ array | `[]` | | All keys to create | +| `enableVaultForTemplateDeployment` | bool | `True` | `[True, False]` | Specifies if the vault is enabled for a template deployment. | +| `keys` | _[keys](keys/readme.md)_ array | `[]` | | All keys to create. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `name` | string | `''` | | Name of the Key Vault. If no name is provided, then unique name will be created. | -| `networkAcls` | object | `{object}` | | Service endpoint object information. For security reasons, it is recommended to set the DefaultAction Deny | -| `privateEndpoints` | array | `[]` | | Configuration Details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible | +| `networkAcls` | object | `{object}` | | Service endpoint object information. For security reasons, it is recommended to set the DefaultAction Deny. | +| `privateEndpoints` | array | `[]` | | Configuration Details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible. | | `publicNetworkAccess` | string | `'enabled'` | `[enabled, disabled]` | Property to specify whether the vault will accept traffic from public internet. If set to "disabled" all traffic except private endpoint traffic and that that originates from trusted services will be blocked. This will override the set firewall rules, meaning that even if the firewall rules are present we will not honor the rules. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | -| `secrets` | secureObject | `{object}` | | All secrets to create | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| `secrets` | secureObject | `{object}` | | All secrets to create. | | `softDeleteRetentionInDays` | int | `90` | | softDelete data retention days. It accepts >=7 and <=90. | | `tags` | object | `{object}` | | Resource tags. | -| `vaultSku` | string | `'premium'` | `[premium, standard]` | Specifies the SKU for the vault | +| `vaultSku` | string | `'premium'` | `[premium, standard]` | Specifies the SKU for the vault. | **Generated parameters** | Parameter Name | Type | Default Value | Description | diff --git a/arm/Microsoft.KeyVault/vaults/secrets/deploy.bicep b/arm/Microsoft.KeyVault/vaults/secrets/deploy.bicep index 1666885b37..1918cd7bc5 100644 --- a/arm/Microsoft.KeyVault/vaults/secrets/deploy.bicep +++ b/arm/Microsoft.KeyVault/vaults/secrets/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. The name of the key vault') +@description('Conditional. The name of the parent key vault. Required if the template is used in a standalone deployment.') param keyVaultName string -@description('Required. The name of the secret') +@description('Required. The name of the secret.') param name string @description('Optional. Resource tags.') @@ -27,7 +27,7 @@ param value string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { diff --git a/arm/Microsoft.KeyVault/vaults/secrets/readme.md b/arm/Microsoft.KeyVault/vaults/secrets/readme.md index f23eb1dcce..2b9e30eccb 100644 --- a/arm/Microsoft.KeyVault/vaults/secrets/readme.md +++ b/arm/Microsoft.KeyVault/vaults/secrets/readme.md @@ -20,10 +20,14 @@ This module deploys a key vault secret. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `keyVaultName` | string | The name of the key vault | -| `name` | string | The name of the secret | +| `name` | string | The name of the secret. | | `value` | secureString | The value of the secret. NOTE: "value" will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `keyVaultName` | string | The name of the parent key vault. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | @@ -32,7 +36,7 @@ This module deploys a key vault secret. | `attributesNbf` | int | `-1` | Not before date in seconds since 1970-01-01T00:00:00Z. | | `contentType` | secureString | `''` | The content type of the secret. | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | Resource tags. | diff --git a/arm/Microsoft.KubernetesConfiguration/extensions/deploy.bicep b/arm/Microsoft.KubernetesConfiguration/extensions/deploy.bicep index df267ffaac..b89751b8c8 100644 --- a/arm/Microsoft.KubernetesConfiguration/extensions/deploy.bicep +++ b/arm/Microsoft.KubernetesConfiguration/extensions/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. The name of the Flux Configuration') +@description('Required. The name of the Flux Configuration.') param name string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -22,10 +22,10 @@ param extensionType string @description('Optional. ReleaseTrain this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) - only if autoUpgradeMinorVersion is "true".') param releaseTrain string = 'Stable' -@description('Optional. Namespace where the extension Release must be placed, for a Cluster scoped extension. If this namespace does not exist, it will be created') +@description('Optional. Namespace where the extension Release must be placed, for a Cluster scoped extension. If this namespace does not exist, it will be created.') param releaseNamespace string = '' -@description('Optional. Namespace where the extension will be created for an Namespace scoped extension. If this namespace does not exist, it will be created') +@description('Optional. Namespace where the extension will be created for an Namespace scoped extension. If this namespace does not exist, it will be created.') param targetNamespace string = '' @description('Optional. Version of the extension for this extension, if it is "pinned" to a specific version.') @@ -68,11 +68,11 @@ resource extension 'Microsoft.KubernetesConfiguration/extensions@2022-03-01' = { } } -@description('The name of the extension') +@description('The name of the extension.') output name string = extension.name -@description('The resource ID of the extension') +@description('The resource ID of the extension.') output resourceId string = extension.id -@description('The name of the resource group the extension was deployed into') +@description('The name of the resource group the extension was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.KubernetesConfiguration/extensions/readme.md b/arm/Microsoft.KubernetesConfiguration/extensions/readme.md index 9f4a96c164..23da188672 100644 --- a/arm/Microsoft.KubernetesConfiguration/extensions/readme.md +++ b/arm/Microsoft.KubernetesConfiguration/extensions/readme.md @@ -39,7 +39,7 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc | :-- | :-- | :-- | | `clusterName` | string | The name of the AKS cluster that should be configured. | | `extensionType` | string | Type of the Extension, of which this resource is an instance of. It must be one of the Extension Types registered with Microsoft.KubernetesConfiguration by the Extension publisher. | -| `name` | string | The name of the Flux Configuration | +| `name` | string | The name of the Flux Configuration. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -48,9 +48,9 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc | `configurationSettings` | object | `{object}` | Configuration settings, as name-value pairs for configuring this extension. | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[resourceGroup().location]` | Location for all resources. | -| `releaseNamespace` | string | `''` | Namespace where the extension Release must be placed, for a Cluster scoped extension. If this namespace does not exist, it will be created | +| `releaseNamespace` | string | `''` | Namespace where the extension Release must be placed, for a Cluster scoped extension. If this namespace does not exist, it will be created. | | `releaseTrain` | string | `'Stable'` | ReleaseTrain this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) - only if autoUpgradeMinorVersion is "true". | -| `targetNamespace` | string | `''` | Namespace where the extension will be created for an Namespace scoped extension. If this namespace does not exist, it will be created | +| `targetNamespace` | string | `''` | Namespace where the extension will be created for an Namespace scoped extension. If this namespace does not exist, it will be created. | | `version` | string | `''` | Version of the extension for this extension, if it is "pinned" to a specific version. | @@ -58,6 +58,6 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the extension | -| `resourceGroupName` | string | The name of the resource group the extension was deployed into | -| `resourceId` | string | The resource ID of the extension | +| `name` | string | The name of the extension. | +| `resourceGroupName` | string | The name of the resource group the extension was deployed into. | +| `resourceId` | string | The resource ID of the extension. | diff --git a/arm/Microsoft.KubernetesConfiguration/fluxConfigurations/deploy.bicep b/arm/Microsoft.KubernetesConfiguration/fluxConfigurations/deploy.bicep index 3a1982cc78..00be519c07 100644 --- a/arm/Microsoft.KubernetesConfiguration/fluxConfigurations/deploy.bicep +++ b/arm/Microsoft.KubernetesConfiguration/fluxConfigurations/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. The name of the Flux Configuration') +@description('Required. The name of the Flux Configuration.') param name string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -13,7 +13,7 @@ param location string = resourceGroup().location @description('Optional. Parameters to reconcile to the GitRepository source kind type.') param bucket object = {} -@description('Optional. Key-value pairs of protected configuration settings for the configuration') +@description('Optional. Key-value pairs of protected configuration settings for the configuration.') param configurationProtectedSettings object = {} @description('Optional. Parameters to reconcile to the GitRepository source kind type.') @@ -73,11 +73,11 @@ resource fluxConfiguration 'Microsoft.KubernetesConfiguration/fluxConfigurations } } -@description('The name of the flux configuration') +@description('The name of the flux configuration.') output name string = fluxConfiguration.name -@description('The resource ID of the flux configuration') +@description('The resource ID of the flux configuration.') output resourceId string = fluxConfiguration.id -@description('The name of the resource group the flux configuration was deployed into') +@description('The name of the resource group the flux configuration was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md b/arm/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md index 75e2690cb8..04e05ffcb0 100644 --- a/arm/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md +++ b/arm/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md @@ -39,7 +39,7 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc | Parameter Name | Type | Allowed Values | Description | | :-- | :-- | :-- | :-- | | `clusterName` | string | | The name of the AKS cluster that should be configured. | -| `name` | string | | The name of the Flux Configuration | +| `name` | string | | The name of the Flux Configuration. | | `namespace` | string | | The namespace to which this configuration is installed to. Maximum of 253 lower case alphanumeric characters, hyphen and period only. | | `scope` | string | `[cluster, namespace]` | Scope at which the configuration will be installed. | | `sourceKind` | string | `[Bucket, GitRepository]` | Source Kind to pull the configuration data from. | @@ -48,7 +48,7 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `bucket` | object | `{object}` | Parameters to reconcile to the GitRepository source kind type. | -| `configurationProtectedSettings` | object | `{object}` | Key-value pairs of protected configuration settings for the configuration | +| `configurationProtectedSettings` | object | `{object}` | Key-value pairs of protected configuration settings for the configuration. | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `gitRepository` | object | `{object}` | Parameters to reconcile to the GitRepository source kind type. | | `kustomizations` | object | `{object}` | Array of kustomizations used to reconcile the artifact pulled by the source type on the cluster. | @@ -98,6 +98,6 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the flux configuration | -| `resourceGroupName` | string | The name of the resource group the flux configuration was deployed into | -| `resourceId` | string | The resource ID of the flux configuration | +| `name` | string | The name of the flux configuration. | +| `resourceGroupName` | string | The name of the resource group the flux configuration was deployed into. | +| `resourceId` | string | The resource ID of the flux configuration. | diff --git a/arm/Microsoft.Logic/workflows/deploy.bicep b/arm/Microsoft.Logic/workflows/deploy.bicep index 14407d7b5f..c77bc499b3 100644 --- a/arm/Microsoft.Logic/workflows/deploy.bicep +++ b/arm/Microsoft.Logic/workflows/deploy.bicep @@ -223,13 +223,13 @@ module logicApp_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) i } }] -@description('The name of the logic app') +@description('The name of the logic app.') output name string = logicApp.name -@description('The resource group the logic app was deployed into') +@description('The resource group the logic app was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The resource ID of the logic app') +@description('The resource ID of the logic app.') output resourceId string = logicApp.id @description('The principal ID of the system assigned identity.') diff --git a/arm/Microsoft.Logic/workflows/readme.md b/arm/Microsoft.Logic/workflows/readme.md index f734b53b1c..995599c431 100644 --- a/arm/Microsoft.Logic/workflows/readme.md +++ b/arm/Microsoft.Logic/workflows/readme.md @@ -172,7 +172,7 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the logic app | -| `resourceGroupName` | string | The resource group the logic app was deployed into | -| `resourceId` | string | The resource ID of the logic app | +| `name` | string | The name of the logic app. | +| `resourceGroupName` | string | The resource group the logic app was deployed into. | +| `resourceId` | string | The resource ID of the logic app. | | `systemAssignedPrincipalId` | string | The principal ID of the system assigned identity. | diff --git a/arm/Microsoft.MachineLearningServices/workspaces/computes/deploy.bicep b/arm/Microsoft.MachineLearningServices/workspaces/computes/deploy.bicep index de7d43f86c..fa3974d397 100644 --- a/arm/Microsoft.MachineLearningServices/workspaces/computes/deploy.bicep +++ b/arm/Microsoft.MachineLearningServices/workspaces/computes/deploy.bicep @@ -1,7 +1,7 @@ // ================ // // Parameters // // ================ // -@sys.description('Required. Name of the Machine Learning Workspace.') +@sys.description('Conditional. Name of the Machine Learning Workspace. Required if the template is used in a standalone deployment.') param machineLearningWorkspaceName string @sys.description('Required. Name of the compute.') diff --git a/arm/Microsoft.MachineLearningServices/workspaces/computes/readme.md b/arm/Microsoft.MachineLearningServices/workspaces/computes/readme.md index 95e104fae1..d43817a79b 100644 --- a/arm/Microsoft.MachineLearningServices/workspaces/computes/readme.md +++ b/arm/Microsoft.MachineLearningServices/workspaces/computes/readme.md @@ -21,9 +21,13 @@ Attaching a compute is not idempotent and will fail in case you try to redeploy | Parameter Name | Type | Allowed Values | Description | | :-- | :-- | :-- | :-- | | `computeType` | string | `[AKS, AmlCompute, ComputeInstance, Databricks, DataFactory, DataLakeAnalytics, HDInsight, Kubernetes, SynapseSpark, VirtualMachine]` | Set the object type. | -| `machineLearningWorkspaceName` | string | | Name of the Machine Learning Workspace. | | `name` | string | | Name of the compute. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `machineLearningWorkspaceName` | string | Name of the Machine Learning Workspace. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | diff --git a/arm/Microsoft.MachineLearningServices/workspaces/deploy.bicep b/arm/Microsoft.MachineLearningServices/workspaces/deploy.bicep index 210a03e794..be4ec84b51 100644 --- a/arm/Microsoft.MachineLearningServices/workspaces/deploy.bicep +++ b/arm/Microsoft.MachineLearningServices/workspaces/deploy.bicep @@ -279,6 +279,7 @@ module workspace_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) // ================// // Outputs // // ================// + @sys.description('The resource ID of the machine learning service') output resourceId string = workspace.id diff --git a/arm/Microsoft.ManagedIdentity/userAssignedIdentities/deploy.bicep b/arm/Microsoft.ManagedIdentity/userAssignedIdentities/deploy.bicep index 204da36b7d..16001af371 100644 --- a/arm/Microsoft.ManagedIdentity/userAssignedIdentities/deploy.bicep +++ b/arm/Microsoft.ManagedIdentity/userAssignedIdentities/deploy.bicep @@ -12,7 +12,7 @@ param location string = resourceGroup().location @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -59,14 +59,14 @@ module userMsi_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in } }] -@description('The name of the user assigned identity') +@description('The name of the user assigned identity.') output name string = userMsi.name -@description('The resource ID of the user assigned identity') +@description('The resource ID of the user assigned identity.') output resourceId string = userMsi.id -@description('The principal ID of the user assigned identity') +@description('The principal ID of the user assigned identity.') output principalId string = userMsi.properties.principalId -@description('The resource group the user assigned identity was deployed into') +@description('The resource group the user assigned identity was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md b/arm/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md index 54d6ccb601..ee1554bbc0 100644 --- a/arm/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md +++ b/arm/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md @@ -25,7 +25,7 @@ This module deploys a user assigned identity. | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `name` | string | `[guid(resourceGroup().id)]` | | Name of the User Assigned Identity. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -76,7 +76,7 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the user assigned identity | -| `principalId` | string | The principal ID of the user assigned identity | -| `resourceGroupName` | string | The resource group the user assigned identity was deployed into | -| `resourceId` | string | The resource ID of the user assigned identity | +| `name` | string | The name of the user assigned identity. | +| `principalId` | string | The principal ID of the user assigned identity. | +| `resourceGroupName` | string | The resource group the user assigned identity was deployed into. | +| `resourceId` | string | The resource ID of the user assigned identity. | diff --git a/arm/Microsoft.ManagedServices/registrationDefinitions/deploy.bicep b/arm/Microsoft.ManagedServices/registrationDefinitions/deploy.bicep index 6f8252e921..8dad5ff883 100644 --- a/arm/Microsoft.ManagedServices/registrationDefinitions/deploy.bicep +++ b/arm/Microsoft.ManagedServices/registrationDefinitions/deploy.bicep @@ -1,9 +1,9 @@ targetScope = 'subscription' -@description('Required. Specify a unique name for your offer/registration. i.e \' - - \'') +@description('Required. Specify a unique name for your offer/registration. i.e \' - - \'.') param name string -@description('Required. Description of the offer/registration. i.e. \'Managed by \'') +@description('Required. Description of the offer/registration. i.e. \'Managed by \'.') param registrationDescription string @description('Required. Specify the tenant ID of the tenant which homes the principals you are delegating permissions to.') @@ -62,14 +62,14 @@ module registrationAssignment_rg '.bicep/nested_registrationAssignment.bicep' = } } -@description('The name of the registration definition') +@description('The name of the registration definition.') output name string = registrationDefinition.name -@description('The resource ID of the registration definition') +@description('The resource ID of the registration definition.') output resourceId string = registrationDefinition.id -@description('The subscription the registration definition was deployed into') +@description('The subscription the registration definition was deployed into.') output subscriptionName string = subscription().displayName -@description('The registration assignment resource ID') +@description('The registration assignment resource ID.') output assignmentResourceId string = empty(resourceGroupName) ? registrationAssignment_sub.id : registrationAssignment_rg.outputs.resourceId diff --git a/arm/Microsoft.ManagedServices/registrationDefinitions/readme.md b/arm/Microsoft.ManagedServices/registrationDefinitions/readme.md index dff505c5fe..f37cd9b258 100644 --- a/arm/Microsoft.ManagedServices/registrationDefinitions/readme.md +++ b/arm/Microsoft.ManagedServices/registrationDefinitions/readme.md @@ -27,8 +27,8 @@ remote/managing tenant. | :-- | :-- | :-- | | `authorizations` | array | Specify an array of objects, containing object of Azure Active Directory principalId, a Azure roleDefinitionId, and an optional principalIdDisplayName. The roleDefinition specified is granted to the principalId in the provider's Active Directory and the principalIdDisplayName is visible to customers. | | `managedByTenantId` | string | Specify the tenant ID of the tenant which homes the principals you are delegating permissions to. | -| `name` | string | Specify a unique name for your offer/registration. i.e ' - - ' | -| `registrationDescription` | string | Description of the offer/registration. i.e. 'Managed by ' | +| `name` | string | Specify a unique name for your offer/registration. i.e ' - - '. | +| `registrationDescription` | string | Description of the offer/registration. i.e. 'Managed by '. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -74,10 +74,10 @@ remote/managing tenant. | Output Name | Type | Description | | :-- | :-- | :-- | -| `assignmentResourceId` | string | The registration assignment resource ID | -| `name` | string | The name of the registration definition | -| `resourceId` | string | The resource ID of the registration definition | -| `subscriptionName` | string | The subscription the registration definition was deployed into | +| `assignmentResourceId` | string | The registration assignment resource ID. | +| `name` | string | The name of the registration definition. | +| `resourceId` | string | The resource ID of the registration definition. | +| `subscriptionName` | string | The subscription the registration definition was deployed into. | ## Considerations @@ -95,7 +95,6 @@ If the subscription was created through the Cloud Solution Provider (CSP) progra **More info on this topic:** -- [Deploy the Azure Resource Manager templates - Onboard a customer to Azure Lighthouse | Microsoft Docs](https://docs.microsoft.com/en-us/azure/lighthouse/how-to/onboard-customer#deploy-the-azure-resource-manager-templates) ### Permissions required to remove delegations @@ -115,7 +114,6 @@ removed by a user in the customer's tenant. **More info on this topic:** -- [Service providers - Remove access to a delegation | Microsoft Docs](https://docs.microsoft.com/en-us/azure/lighthouse/how-to/remove-delegation#service-providers) ### Limitations with Lighthouse and resource delegation @@ -128,5 +126,8 @@ There are a couple of limitations that you should be aware of with Lighthouse: **More info on this topic:** + + +======= - [Current limitations - Cross-tenant management experiences | Microsoft Docs](https://docs.microsoft.com/en-us/azure/lighthouse/concepts/cross-tenant-management-experience#current-limitations) - [Troubleshooting - Onboard a customer to Azure Lighthouse | Microsoft Docs](https://docs.microsoft.com/en-us/azure/lighthouse/how-to/onboard-customer#troubleshooting) diff --git a/arm/Microsoft.Management/managementGroups/deploy.bicep b/arm/Microsoft.Management/managementGroups/deploy.bicep index 7e5a3ecc46..bef5e6561f 100644 --- a/arm/Microsoft.Management/managementGroups/deploy.bicep +++ b/arm/Microsoft.Management/managementGroups/deploy.bicep @@ -1,6 +1,6 @@ targetScope = 'managementGroup' -@description('Required. The group ID of the Management group') +@description('Required. The group ID of the Management group.') param name string @description('Optional. The friendly name of the management group. If no value is passed then this field will be set to the group ID.') @@ -56,8 +56,8 @@ module managementGroup_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, i scope: managementGroup }] -@description('The name of the management group') +@description('The name of the management group.') output name string = managementGroup.name -@description('The resource ID of the management group') +@description('The resource ID of the management group.') output resourceId string = managementGroup.id diff --git a/arm/Microsoft.Management/managementGroups/readme.md b/arm/Microsoft.Management/managementGroups/readme.md index 6b0fa0c499..f834e44e5a 100644 --- a/arm/Microsoft.Management/managementGroups/readme.md +++ b/arm/Microsoft.Management/managementGroups/readme.md @@ -26,7 +26,7 @@ This module has some known **limitations**: **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The group ID of the Management group | +| `name` | string | The group ID of the Management group. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -68,8 +68,8 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the management group | -| `resourceId` | string | The resource ID of the management group | +| `name` | string | The name of the management group. | +| `resourceId` | string | The resource ID of the management group. | ## Considerations diff --git a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/deploy.bicep b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/deploy.bicep index cef2a84608..2759d4fab2 100644 --- a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/deploy.bicep +++ b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. The name of the NetApp account.') +@description('Conditional. The name of the parent NetApp account. Required if the template is used in a standalone deployment.') param netAppAccountName string @description('Required. The name of the capacity pool.') @@ -35,7 +35,7 @@ param volumes array = [] @description('Optional. If enabled (true) the pool can contain cool Access enabled volumes.') param coolAccess bool = false -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') diff --git a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/readme.md b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/readme.md index 876de7db1c..eb6671de63 100644 --- a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/readme.md +++ b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/readme.md @@ -22,9 +22,13 @@ This template deploys capacity pools in an Azure NetApp Files. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the capacity pool. | -| `netAppAccountName` | string | The name of the NetApp account. | | `size` | int | Provisioned size of the pool (in bytes). Allowed values are in 4TiB chunks (value must be multiply of 4398046511104). | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `netAppAccountName` | string | The name of the parent NetApp account. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | @@ -32,7 +36,7 @@ This template deploys capacity pools in an Azure NetApp Files. | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[resourceGroup().location]` | | Location of the pool volume. | | `qosType` | string | `'Auto'` | `[Auto, Manual]` | The qos type of the pool. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `serviceLevel` | string | `'Standard'` | `[Premium, Standard, StandardZRS, Ultra]` | The pool service level. | | `tags` | object | `{object}` | | Tags for all resources. | | `volumes` | _[volumes](volumes/readme.md)_ array | `[]` | | List of volumnes to create in the capacity pool. | diff --git a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/deploy.bicep b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/deploy.bicep index 46e957e1d4..cfbc79aef7 100644 --- a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/deploy.bicep +++ b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. The name of the NetApp account.') +@description('Conditional. The name of the parent NetApp account. Required if the template is used in a standalone deployment.') param netAppAccountName string -@description('Required. The name of the capacity pool.') +@description('Conditional. The name of the parent capacity pool. Required if the template is used in a standalone deployment.') param capacityPoolName string @description('Required. The name of the pool volume.') @@ -34,7 +34,7 @@ param subnetResourceId string @description('Optional. Export policy rules.') param exportPolicyRules array = [] -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') diff --git a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/readme.md b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/readme.md index 6cd5de18fa..5443fcffa3 100644 --- a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/readme.md +++ b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/readme.md @@ -20,12 +20,16 @@ This template deploys volumes in a capacity pool of an Azure NetApp files. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `capacityPoolName` | string | The name of the capacity pool. | | `name` | string | The name of the pool volume. | -| `netAppAccountName` | string | The name of the NetApp account. | | `subnetResourceId` | string | The Azure Resource URI for a delegated subnet. Must have the delegation Microsoft.NetApp/volumes. | | `usageThreshold` | int | Maximum storage quota allowed for a file system in bytes. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `capacityPoolName` | string | The name of the parent capacity pool. Required if the template is used in a standalone deployment. | +| `netAppAccountName` | string | The name of the parent NetApp account. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | @@ -34,7 +38,7 @@ This template deploys volumes in a capacity pool of an Azure NetApp files. | `exportPolicyRules` | array | `[]` | | Export policy rules. | | `location` | string | `[resourceGroup().location]` | | Location of the pool volume. | | `protocolTypes` | array | `[]` | | Set of protocol types. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `serviceLevel` | string | `'Standard'` | `[Premium, Standard, StandardZRS, Ultra]` | The pool service level. Must match the one of the parent capacity pool. | diff --git a/arm/Microsoft.Network/applicationGateways/deploy.bicep b/arm/Microsoft.Network/applicationGateways/deploy.bicep index c94b24d398..c98cdf8ac5 100644 --- a/arm/Microsoft.Network/applicationGateways/deploy.bicep +++ b/arm/Microsoft.Network/applicationGateways/deploy.bicep @@ -68,7 +68,7 @@ param redirectConfigurations array = [] @description('Optional. Request routing rules of the application gateway resource.') param requestRoutingRules array = [] -@description('Optional. Rewrite rules for the application gateway resource. ') +@description('Optional. Rewrite rules for the application gateway resource. .') param rewriteRuleSets array = [] @description('Optional. The name of the SKU for the Application Gateway.') @@ -174,16 +174,16 @@ param zones array = [] @maxValue(365) param diagnosticLogsRetentionInDays int = 365 -@description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub') +@description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticStorageAccountId string = '' -@description('Optional. Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub') +@description('Optional. Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticWorkspaceId string = '' -@description('Optional. Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. ') +@description('Optional. Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to.') param diagnosticEventHubAuthorizationRuleId string = '' -@description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub') +@description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticEventHubName string = '' @description('Optional. The name of logs that will be streamed.') @@ -243,7 +243,7 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Resource tags.') @@ -353,11 +353,11 @@ module applicationGateway_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment } }] -@description('The name of the application gateway') +@description('The name of the application gateway.') output name string = applicationGateway.name -@description('The resource ID of the application gateway') +@description('The resource ID of the application gateway.') output resourceId string = applicationGateway.id -@description('The resource group the application gateway was deployed into') +@description('The resource group the application gateway was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/applicationGateways/readme.md b/arm/Microsoft.Network/applicationGateways/readme.md index 7e3507835b..9e9e443b17 100644 --- a/arm/Microsoft.Network/applicationGateways/readme.md +++ b/arm/Microsoft.Network/applicationGateways/readme.md @@ -34,14 +34,14 @@ This module deploys Network ApplicationGateways. | `backendHttpSettingsCollection` | array | `[]` | | Backend http settings of the application gateway resource. | | `capacity` | int | `2` | | The number of Application instances to be configured. | | `customErrorConfigurations` | array | `[]` | | Custom error configurations of the application gateway resource. | -| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | -| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub | +| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | +| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `diagnosticLogCategoriesToEnable` | array | `[ApplicationGatewayAccessLog, ApplicationGatewayPerformanceLog, ApplicationGatewayFirewallLog]` | `[ApplicationGatewayAccessLog, ApplicationGatewayPerformanceLog, ApplicationGatewayFirewallLog]` | The name of logs that will be streamed. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | -| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub | -| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub | +| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | +| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `enableFips` | bool | `False` | | Whether FIPS is enabled on the application gateway resource. | | `enableHttp2` | bool | `False` | | Whether HTTP2 is enabled on the application gateway resource. | @@ -59,8 +59,8 @@ This module deploys Network ApplicationGateways. | `probes` | array | `[]` | | Probes of the application gateway resource. | | `redirectConfigurations` | array | `[]` | | Redirect configurations of the application gateway resource. | | `requestRoutingRules` | array | `[]` | | Request routing rules of the application gateway resource. | -| `rewriteRuleSets` | array | `[]` | | Rewrite rules for the application gateway resource. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `rewriteRuleSets` | array | `[]` | | Rewrite rules for the application gateway resource. . | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `sku` | string | `'WAF_Medium'` | `[Standard_Small, Standard_Medium, Standard_Large, WAF_Medium, WAF_Large, Standard_v2, WAF_v2]` | The name of the SKU for the Application Gateway. | | `sslCertificates` | array | `[]` | | SSL certificates of the application gateway resource. | | `sslPolicyCipherSuites` | array | `[TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]` | `[TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384]` | Ssl cipher suites to be enabled in the specified order to application gateway. | @@ -674,6 +674,6 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the application gateway | -| `resourceGroupName` | string | The resource group the application gateway was deployed into | -| `resourceId` | string | The resource ID of the application gateway | +| `name` | string | The name of the application gateway. | +| `resourceGroupName` | string | The resource group the application gateway was deployed into. | +| `resourceId` | string | The resource ID of the application gateway. | diff --git a/arm/Microsoft.Network/applicationSecurityGroups/deploy.bicep b/arm/Microsoft.Network/applicationSecurityGroups/deploy.bicep index 924f02eb52..5c450cbdba 100644 --- a/arm/Microsoft.Network/applicationSecurityGroups/deploy.bicep +++ b/arm/Microsoft.Network/applicationSecurityGroups/deploy.bicep @@ -12,7 +12,7 @@ param location string = resourceGroup().location @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -60,11 +60,11 @@ module applicationSecurityGroup_rbac '.bicep/nested_rbac.bicep' = [for (roleAssi } }] -@description('The resource group the application security group was deployed into') +@description('The resource group the application security group was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The resource ID of the application security group') +@description('The resource ID of the application security group.') output resourceId string = applicationSecurityGroup.id -@description('The name of the application security group') +@description('The name of the application security group.') output name string = applicationSecurityGroup.name diff --git a/arm/Microsoft.Network/applicationSecurityGroups/readme.md b/arm/Microsoft.Network/applicationSecurityGroups/readme.md index db5fa47226..3350a4c0d9 100644 --- a/arm/Microsoft.Network/applicationSecurityGroups/readme.md +++ b/arm/Microsoft.Network/applicationSecurityGroups/readme.md @@ -29,7 +29,7 @@ This module deploys an application security group. | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -80,6 +80,6 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the application security group | -| `resourceGroupName` | string | The resource group the application security group was deployed into | -| `resourceId` | string | The resource ID of the application security group | +| `name` | string | The name of the application security group. | +| `resourceGroupName` | string | The resource group the application security group was deployed into. | +| `resourceId` | string | The resource ID of the application security group. | diff --git a/arm/Microsoft.Network/azureFirewalls/deploy.bicep b/arm/Microsoft.Network/azureFirewalls/deploy.bicep index b60a82504b..4e15e5fdec 100644 --- a/arm/Microsoft.Network/azureFirewalls/deploy.bicep +++ b/arm/Microsoft.Network/azureFirewalls/deploy.bicep @@ -45,10 +45,10 @@ param zones array = [ '3' ] -@description('Optional. Diagnostic Storage Account resource identifier') +@description('Optional. Diagnostic Storage Account resource identifier.') param diagnosticStorageAccountId string = '' -@description('Optional. Log Analytics workspace resource identifier') +@description('Optional. Log Analytics workspace resource identifier.') param diagnosticWorkspaceId string = '' @description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') @@ -73,7 +73,7 @@ param location string = resourceGroup().location @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the Azure Firewall resource.') @@ -202,23 +202,23 @@ module azureFirewall_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, ind } }] -@description('The resource ID of the Azure firewall') +@description('The resource ID of the Azure firewall.') output resourceId string = azureFirewall.id -@description('The name of the Azure firewall') +@description('The name of the Azure firewall.') output name string = azureFirewall.name -@description('The resource group the Azure firewall was deployed into') +@description('The resource group the Azure firewall was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The private IP of the Azure firewall') +@description('The private IP of the Azure firewall.') output privateIp string = azureFirewall.properties.ipConfigurations[0].properties.privateIPAddress -@description('List of Application Rule Collections') +@description('List of Application Rule Collections.') output applicationRuleCollections array = applicationRuleCollections -@description('List of Network Rule Collections') +@description('List of Network Rule Collections.') output networkRuleCollections array = networkRuleCollections -@description('Collection of NAT rule collections used by Azure Firewall') +@description('Collection of NAT rule collections used by Azure Firewall.') output natRuleCollections array = natRuleCollections diff --git a/arm/Microsoft.Network/azureFirewalls/readme.md b/arm/Microsoft.Network/azureFirewalls/readme.md index f455c021ef..d6e707ed4a 100644 --- a/arm/Microsoft.Network/azureFirewalls/readme.md +++ b/arm/Microsoft.Network/azureFirewalls/readme.md @@ -38,15 +38,15 @@ This module deploys a firewall. | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | -| `diagnosticStorageAccountId` | string | `''` | | Diagnostic Storage Account resource identifier | -| `diagnosticWorkspaceId` | string | `''` | | Log Analytics workspace resource identifier | +| `diagnosticStorageAccountId` | string | `''` | | Diagnostic Storage Account resource identifier. | +| `diagnosticWorkspaceId` | string | `''` | | Log Analytics workspace resource identifier. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `firewallPolicyId` | string | `''` | | Resource ID of the Firewall Policy that should be attached. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `natRuleCollections` | array | `[]` | | Collection of NAT rule collections used by Azure Firewall. | | `networkRuleCollections` | array | `[]` | | Collection of network rule collections used by Azure Firewall. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the Azure Firewall resource. | | `threatIntelMode` | string | `'Deny'` | `[Alert, Deny, Off]` | The operation mode for Threat Intel. | | `zones` | array | `[1, 2, 3]` | | Zone numbers e.g. 1,2,3. | @@ -99,13 +99,13 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `applicationRuleCollections` | array | List of Application Rule Collections | -| `name` | string | The name of the Azure firewall | -| `natRuleCollections` | array | Collection of NAT rule collections used by Azure Firewall | -| `networkRuleCollections` | array | List of Network Rule Collections | -| `privateIp` | string | The private IP of the Azure firewall | -| `resourceGroupName` | string | The resource group the Azure firewall was deployed into | -| `resourceId` | string | The resource ID of the Azure firewall | +| `applicationRuleCollections` | array | List of Application Rule Collections. | +| `name` | string | The name of the Azure firewall. | +| `natRuleCollections` | array | Collection of NAT rule collections used by Azure Firewall. | +| `networkRuleCollections` | array | List of Network Rule Collections. | +| `privateIp` | string | The private IP of the Azure firewall. | +| `resourceGroupName` | string | The resource group the Azure firewall was deployed into. | +| `resourceId` | string | The resource ID of the Azure firewall. | ## Considerations diff --git a/arm/Microsoft.Network/bastionHosts/deploy.bicep b/arm/Microsoft.Network/bastionHosts/deploy.bicep index 8a0d46168f..c6475ae0a1 100644 --- a/arm/Microsoft.Network/bastionHosts/deploy.bicep +++ b/arm/Microsoft.Network/bastionHosts/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. Name of the Azure Bastion resource') +@description('Required. Name of the Azure Bastion resource.') param name string @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Required. Shared services Virtual Network resource identifier') +@description('Required. Shared services Virtual Network resource identifier.') param vNetId string @description('Optional. Specifies the resource ID of the existing public IP to be leveraged by Azure Bastion.') @@ -48,7 +48,7 @@ param skuType string = 'Basic' @description('Optional. The scale units for the Bastion Host resource.') param scaleUnits int = 2 -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -187,11 +187,11 @@ module azureBastion_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, inde } }] -@description('The resource group the Azure Bastion was deployed into') +@description('The resource group the Azure Bastion was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name the Azure Bastion') +@description('The name the Azure Bastion.') output name string = azureBastion.name -@description('The resource ID the Azure Bastion') +@description('The resource ID the Azure Bastion.') output resourceId string = azureBastion.id diff --git a/arm/Microsoft.Network/bastionHosts/readme.md b/arm/Microsoft.Network/bastionHosts/readme.md index 65041a6120..62411b13da 100644 --- a/arm/Microsoft.Network/bastionHosts/readme.md +++ b/arm/Microsoft.Network/bastionHosts/readme.md @@ -23,8 +23,8 @@ This module deploys a bastion host. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the Azure Bastion resource | -| `vNetId` | string | Shared services Virtual Network resource identifier | +| `name` | string | Name of the Azure Bastion resource. | +| `vNetId` | string | Shared services Virtual Network resource identifier. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -41,7 +41,7 @@ This module deploys a bastion host. | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `publicIPAddressId` | string | `''` | | Specifies the resource ID of the existing public IP to be leveraged by Azure Bastion. | | `publicIPAddressObject` | object | `{object}` | | Specifies the properties of the public IP to create and be used by Azure Bastion. If it's not provided and publicIPAddressId is empty, a '-pip' suffix will be appended to the Bastion's name. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `scaleUnits` | int | `2` | | The scale units for the Bastion Host resource. | | `skuType` | string | `'Basic'` | `[Basic, Standard]` | The SKU of this Bastion Host. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -94,6 +94,6 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name the Azure Bastion | -| `resourceGroupName` | string | The resource group the Azure Bastion was deployed into | -| `resourceId` | string | The resource ID the Azure Bastion | +| `name` | string | The name the Azure Bastion. | +| `resourceGroupName` | string | The resource group the Azure Bastion was deployed into. | +| `resourceId` | string | The resource ID the Azure Bastion. | diff --git a/arm/Microsoft.Network/connections/deploy.bicep b/arm/Microsoft.Network/connections/deploy.bicep index cdf3fdaaa9..a014e74dfb 100644 --- a/arm/Microsoft.Network/connections/deploy.bicep +++ b/arm/Microsoft.Network/connections/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. Remote connection name') +@description('Required. Remote connection name.') param name string -@description('Optional. Specifies a VPN shared key. The same value has to be specified on both Virtual Network Gateways') +@description('Optional. Specifies a VPN shared key. The same value has to be specified on both Virtual Network Gateways.') param vpnSharedKey string = '' @description('Optional. Location for all resources.') @@ -16,13 +16,13 @@ param location string = resourceGroup().location ]) param virtualNetworkGatewayConnectionType string = 'IPsec' -@description('Optional. Value to specify if BGP is enabled or not') +@description('Optional. Value to specify if BGP is enabled or not.') param enableBgp bool = false -@description('Optional. Enable policy-based traffic selectors') +@description('Optional. Enable policy-based traffic selectors.') param usePolicyBasedTrafficSelectors bool = false -@description('Optional. The IPSec Policies to be considered by this connection') +@description('Optional. The IPSec Policies to be considered by this connection.') param customIPSecPolicy object = { saLifeTimeSeconds: 0 saDataSizeKilobytes: 0 @@ -54,13 +54,13 @@ param enableDefaultTelemetry bool = true @description('Required. The primary Virtual Network Gateway.') param virtualNetworkGateway1 object -@description('Optional. The remote Virtual Network Gateway. Used for connection type [Vnet2Vnet]') +@description('Optional. The remote Virtual Network Gateway. Used for connection type [Vnet2Vnet].') param virtualNetworkGateway2 object = {} -@description('Optional. The remote peer. Used for connection type [ExpressRoute]') +@description('Optional. The remote peer. Used for connection type [ExpressRoute].') param peer object = {} -@description('Optional. The local network gateway. Used for connection type [IPsec]') +@description('Optional. The local network gateway. Used for connection type [IPsec].') param localNetworkGateway2 object = {} var customIPSecPolicy_var = [ @@ -115,11 +115,11 @@ resource connection_lock 'Microsoft.Authorization/locks@2017-04-01' = if (lock ! scope: connection } -@description('The resource group the remote connection was deployed into') +@description('The resource group the remote connection was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the remote connection') +@description('The name of the remote connection.') output name string = connection.name -@description('The resource ID of the remote connection') +@description('The resource ID of the remote connection.') output resourceId string = connection.id diff --git a/arm/Microsoft.Network/connections/readme.md b/arm/Microsoft.Network/connections/readme.md index f6f1169c22..2697cab1ff 100644 --- a/arm/Microsoft.Network/connections/readme.md +++ b/arm/Microsoft.Network/connections/readme.md @@ -20,25 +20,25 @@ This template deploys a virtual network gateway connection. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Remote connection name | +| `name` | string | Remote connection name. | | `virtualNetworkGateway1` | object | The primary Virtual Network Gateway. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `customIPSecPolicy` | object | `{object}` | | The IPSec Policies to be considered by this connection | -| `enableBgp` | bool | `False` | | Value to specify if BGP is enabled or not | +| `customIPSecPolicy` | object | `{object}` | | The IPSec Policies to be considered by this connection. | +| `enableBgp` | bool | `False` | | Value to specify if BGP is enabled or not. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `localNetworkGateway2` | object | `{object}` | | The local network gateway. Used for connection type [IPsec] | +| `localNetworkGateway2` | object | `{object}` | | The local network gateway. Used for connection type [IPsec]. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `peer` | object | `{object}` | | The remote peer. Used for connection type [ExpressRoute] | +| `peer` | object | `{object}` | | The remote peer. Used for connection type [ExpressRoute]. | | `routingWeight` | int | `-1` | | The weight added to routes learned from this BGP speaker. | | `tags` | object | `{object}` | | Tags of the resource. | -| `usePolicyBasedTrafficSelectors` | bool | `False` | | Enable policy-based traffic selectors | -| `virtualNetworkGateway2` | object | `{object}` | | The remote Virtual Network Gateway. Used for connection type [Vnet2Vnet] | +| `usePolicyBasedTrafficSelectors` | bool | `False` | | Enable policy-based traffic selectors. | +| `virtualNetworkGateway2` | object | `{object}` | | The remote Virtual Network Gateway. Used for connection type [Vnet2Vnet]. | | `virtualNetworkGatewayConnectionType` | string | `'IPsec'` | `[IPsec, Vnet2Vnet, ExpressRoute, VPNClient]` | Gateway connection type. | -| `vpnSharedKey` | string | `''` | | Specifies a VPN shared key. The same value has to be specified on both Virtual Network Gateways | +| `vpnSharedKey` | string | `''` | | Specifies a VPN shared key. The same value has to be specified on both Virtual Network Gateways. | ### Parameter Usage: `virtualNetworkGateway1` @@ -138,6 +138,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the remote connection | -| `resourceGroupName` | string | The resource group the remote connection was deployed into | -| `resourceId` | string | The resource ID of the remote connection | +| `name` | string | The name of the remote connection. | +| `resourceGroupName` | string | The resource group the remote connection was deployed into. | +| `resourceId` | string | The resource ID of the remote connection. | diff --git a/arm/Microsoft.Network/ddosProtectionPlans/deploy.bicep b/arm/Microsoft.Network/ddosProtectionPlans/deploy.bicep index ecd0083f43..3c8dfc45dc 100644 --- a/arm/Microsoft.Network/ddosProtectionPlans/deploy.bicep +++ b/arm/Microsoft.Network/ddosProtectionPlans/deploy.bicep @@ -13,7 +13,7 @@ param location string = resourceGroup().location @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -61,11 +61,11 @@ module ddosProtectionPlan_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment } }] -@description('The resource group the DDOS protection plan was deployed into') +@description('The resource group the DDOS protection plan was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The resource ID of the DDOS protection plan') +@description('The resource ID of the DDOS protection plan.') output resourceId string = ddosProtectionPlan.id -@description('The name of the DDOS protection plan') +@description('The name of the DDOS protection plan.') output name string = ddosProtectionPlan.name diff --git a/arm/Microsoft.Network/ddosProtectionPlans/readme.md b/arm/Microsoft.Network/ddosProtectionPlans/readme.md index 6c58d3117f..09c3221b9d 100644 --- a/arm/Microsoft.Network/ddosProtectionPlans/readme.md +++ b/arm/Microsoft.Network/ddosProtectionPlans/readme.md @@ -29,7 +29,7 @@ This template deploys a DDoS protection plan. | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -80,6 +80,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the DDOS protection plan | -| `resourceGroupName` | string | The resource group the DDOS protection plan was deployed into | -| `resourceId` | string | The resource ID of the DDOS protection plan | +| `name` | string | The name of the DDOS protection plan. | +| `resourceGroupName` | string | The resource group the DDOS protection plan was deployed into. | +| `resourceId` | string | The resource ID of the DDOS protection plan. | diff --git a/arm/Microsoft.Network/expressRouteCircuits/deploy.bicep b/arm/Microsoft.Network/expressRouteCircuits/deploy.bicep index fb217b5d07..5443518381 100644 --- a/arm/Microsoft.Network/expressRouteCircuits/deploy.bicep +++ b/arm/Microsoft.Network/expressRouteCircuits/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. This is the name of the ExpressRoute circuit') +@description('Required. This is the name of the ExpressRoute circuit.') param name string @description('Required. This is the name of the ExpressRoute Service Provider. It must exactly match one of the Service Providers from List ExpressRoute Service Providers API call.') @@ -82,7 +82,7 @@ param diagnosticEventHubName string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -207,14 +207,14 @@ module expressRouteCircuits_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignme } }] -@description('The resource ID of express route curcuit') +@description('The resource ID of express route curcuit.') output resourceId string = expressRouteCircuits.id -@description('The resource group the express route curcuit was deployed into') +@description('The resource group the express route curcuit was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of express route curcuit') +@description('The name of express route curcuit.') output name string = expressRouteCircuits.name -@description('The service key of the express route circuit') +@description('The service key of the express route circuit.') output serviceKey string = reference(expressRouteCircuits.id, '2021-02-01').serviceKey diff --git a/arm/Microsoft.Network/expressRouteCircuits/readme.md b/arm/Microsoft.Network/expressRouteCircuits/readme.md index 8c7304f569..1138777533 100644 --- a/arm/Microsoft.Network/expressRouteCircuits/readme.md +++ b/arm/Microsoft.Network/expressRouteCircuits/readme.md @@ -23,7 +23,7 @@ This template deploys an express route circuit. | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `bandwidthInMbps` | int | | | This is the bandwidth in Mbps of the circuit being created. It must exactly match one of the available bandwidth offers List ExpressRoute Service Providers API call. | -| `name` | string | | | This is the name of the ExpressRoute circuit | +| `name` | string | | | This is the name of the ExpressRoute circuit. | | `peeringLocation` | string | | | This is the name of the peering location and not the ARM resource location. It must exactly match one of the available peering locations from List ExpressRoute Service Providers API call. | | `serviceProviderName` | string | | | This is the name of the ExpressRoute Service Provider. It must exactly match one of the Service Providers from List ExpressRoute Service Providers API call. | | `skuFamily` | string | `'MeteredData'` | `[MeteredData, UnlimitedData]` | Chosen SKU family of ExpressRoute circuit. Choose from MeteredData or UnlimitedData SKU families. | @@ -47,7 +47,7 @@ This template deploys an express route circuit. | `peering` | bool | `False` | `[True, False]` | Enabled BGP peering type for the Circuit. | | `peeringType` | string | `'AzurePrivatePeering'` | `[AzurePrivatePeering, MicrosoftPeering]` | BGP peering type for the Circuit. Choose from AzurePrivatePeering, AzurePublicPeering or MicrosoftPeering. | | `primaryPeerAddressPrefix` | string | `''` | | A /30 subnet used to configure IP addresses for interfaces on Link1. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `secondaryPeerAddressPrefix` | string | `''` | | A /30 subnet used to configure IP addresses for interfaces on Link2. | | `sharedKey` | string | `''` | | The shared key for peering configuration. Router does MD5 hash comparison to validate the packets sent by BGP connection. This parameter is optional and can be removed from peering configuration if not required. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -101,7 +101,7 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of express route curcuit | -| `resourceGroupName` | string | The resource group the express route curcuit was deployed into | -| `resourceId` | string | The resource ID of express route curcuit | -| `serviceKey` | string | The service key of the express route circuit | +| `name` | string | The name of express route curcuit. | +| `resourceGroupName` | string | The resource group the express route curcuit was deployed into. | +| `resourceId` | string | The resource ID of express route curcuit. | +| `serviceKey` | string | The service key of the express route circuit. | diff --git a/arm/Microsoft.Network/firewallPolicies/deploy.bicep b/arm/Microsoft.Network/firewallPolicies/deploy.bicep index 3188cb5cb5..ff2a84c493 100644 --- a/arm/Microsoft.Network/firewallPolicies/deploy.bicep +++ b/arm/Microsoft.Network/firewallPolicies/deploy.bicep @@ -72,7 +72,7 @@ param fqdns array = [] @description('Optional. List of IP addresses for the ThreatIntel Allowlist.') param ipAddresses array = [] -@description('Optional. Secret ID of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in KeyVault. ') +@description('Optional. Secret ID of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in KeyVault. .') param keyVaultSecretId string = '' @description('Optional. Name of the CA certificate.') @@ -169,11 +169,11 @@ module firewallPolicy_ruleCollectionGroups 'ruleCollectionGroups/deploy.bicep' = } }] -@description('The name of the deployed firewall policy') +@description('The name of the deployed firewall policy.') output name string = firewallPolicy.name -@description('The resource ID of the deployed firewall policy') +@description('The resource ID of the deployed firewall policy.') output resourceId string = firewallPolicy.id -@description('The resource group of the deployed firewall policy') +@description('The resource group of the deployed firewall policy.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/firewallPolicies/readme.md b/arm/Microsoft.Network/firewallPolicies/readme.md index 9cddae8114..526ec7f27c 100644 --- a/arm/Microsoft.Network/firewallPolicies/readme.md +++ b/arm/Microsoft.Network/firewallPolicies/readme.md @@ -34,7 +34,7 @@ This module deploys Firewall Policies. | `fqdns` | array | `[]` | | List of FQDNs for the ThreatIntel Allowlist. | | `insightsIsEnabled` | bool | `False` | | A flag to indicate if the insights are enabled on the policy. | | `ipAddresses` | array | `[]` | | List of IP addresses for the ThreatIntel Allowlist. | -| `keyVaultSecretId` | string | `''` | | Secret ID of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in KeyVault. | +| `keyVaultSecretId` | string | `''` | | Secret ID of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in KeyVault. . | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `mode` | string | `'Off'` | `[Alert, Deny, Off]` | The configuring of intrusion detection. | | `privateRanges` | array | `[]` | | List of private IP addresses/IP address ranges to not be SNAT. | @@ -84,6 +84,6 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed firewall policy | -| `resourceGroupName` | string | The resource group of the deployed firewall policy | -| `resourceId` | string | The resource ID of the deployed firewall policy | +| `name` | string | The name of the deployed firewall policy. | +| `resourceGroupName` | string | The resource group of the deployed firewall policy. | +| `resourceId` | string | The resource ID of the deployed firewall policy. | diff --git a/arm/Microsoft.Network/firewallPolicies/ruleCollectionGroups/deploy.bicep b/arm/Microsoft.Network/firewallPolicies/ruleCollectionGroups/deploy.bicep index bdf4650cc1..d5c159b648 100644 --- a/arm/Microsoft.Network/firewallPolicies/ruleCollectionGroups/deploy.bicep +++ b/arm/Microsoft.Network/firewallPolicies/ruleCollectionGroups/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. Name of the Firewall Policy.') +@description('Conditional. Name of the Firewall Policy. Required if the template is used in a standalone deployment.') param firewallPolicyName string -@description('Required. The name of the rule collection group to deploy') +@description('Required. The name of the rule collection group to deploy.') param name string @description('Required. Priority of the Firewall Policy Rule Collection Group resource.') @@ -38,11 +38,11 @@ resource ruleCollectionGroup 'Microsoft.Network/firewallPolicies/ruleCollectionG } } -@description('The name of the deployed rule collection group') +@description('The name of the deployed rule collection group.') output name string = ruleCollectionGroup.name -@description('The resource ID of the deployed rule collection group') +@description('The resource ID of the deployed rule collection group.') output resourceId string = ruleCollectionGroup.id -@description('The resource group of the deployed rule collection group') +@description('The resource group of the deployed rule collection group.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/firewallPolicies/ruleCollectionGroups/readme.md b/arm/Microsoft.Network/firewallPolicies/ruleCollectionGroups/readme.md index 2c148de059..391c294c39 100644 --- a/arm/Microsoft.Network/firewallPolicies/ruleCollectionGroups/readme.md +++ b/arm/Microsoft.Network/firewallPolicies/ruleCollectionGroups/readme.md @@ -19,10 +19,14 @@ This module deploys Network Firewall Policies Rule Collection Groups. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `firewallPolicyName` | string | Name of the Firewall Policy. | -| `name` | string | The name of the rule collection group to deploy | +| `name` | string | The name of the rule collection group to deploy. | | `priority` | int | Priority of the Firewall Policy Rule Collection Group resource. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `firewallPolicyName` | string | Name of the Firewall Policy. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | @@ -49,6 +53,6 @@ For remaining properties, see [FirewallPolicyRuleCollection objects](https://doc | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed rule collection group | -| `resourceGroupName` | string | The resource group of the deployed rule collection group | -| `resourceId` | string | The resource ID of the deployed rule collection group | +| `name` | string | The name of the deployed rule collection group. | +| `resourceGroupName` | string | The resource group of the deployed rule collection group. | +| `resourceId` | string | The resource ID of the deployed rule collection group. | diff --git a/arm/Microsoft.Network/frontDoors/deploy.bicep b/arm/Microsoft.Network/frontDoors/deploy.bicep index ed615578ae..1fd96fbb1b 100644 --- a/arm/Microsoft.Network/frontDoors/deploy.bicep +++ b/arm/Microsoft.Network/frontDoors/deploy.bicep @@ -14,7 +14,7 @@ param location string = resourceGroup().location @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Resource tags.') @@ -55,16 +55,16 @@ param routingRules array = [] @maxValue(365) param diagnosticLogsRetentionInDays int = 365 -@description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub') +@description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticStorageAccountId string = '' -@description('Optional. Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub') +@description('Optional. Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticWorkspaceId string = '' -@description('Optional. Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. ') +@description('Optional. Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to.') param diagnosticEventHubAuthorizationRuleId string = '' -@description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub') +@description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticEventHubName string = '' @description('Optional. The name of logs that will be streamed.') @@ -168,11 +168,11 @@ module frontDoor_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) } }] -@description('The name of the front door') +@description('The name of the front door.') output name string = frontDoor.name -@description('The resource ID of the front door') +@description('The resource ID of the front door.') output resourceId string = frontDoor.id -@description('The resource group the front door was deployed into') +@description('The resource group the front door was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/frontDoors/readme.md b/arm/Microsoft.Network/frontDoors/readme.md index 1817e056fd..827ead80d3 100644 --- a/arm/Microsoft.Network/frontDoors/readme.md +++ b/arm/Microsoft.Network/frontDoors/readme.md @@ -35,18 +35,18 @@ This module deploys Front Doors. **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | -| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub | +| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | +| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | -| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub | -| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub | +| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | +| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `enforceCertificateNameCheck` | string | `'Disabled'` | | Enforce certificate name check of the frontdoor resource. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `logsToEnable` | array | `[FrontdoorAccessLog, FrontdoorWebApplicationFirewallLog]` | `[FrontdoorAccessLog, FrontdoorWebApplicationFirewallLog]` | The name of logs that will be streamed. | | `metricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `sendRecvTimeoutSeconds` | int | `600` | | Certificate name check time of the frontdoor resource. | | `tags` | object | `{object}` | | Resource tags. | @@ -98,6 +98,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the front door | -| `resourceGroupName` | string | The resource group the front door was deployed into | -| `resourceId` | string | The resource ID of the front door | +| `name` | string | The name of the front door. | +| `resourceGroupName` | string | The resource group the front door was deployed into. | +| `resourceId` | string | The resource ID of the front door. | diff --git a/arm/Microsoft.Network/ipGroups/deploy.bicep b/arm/Microsoft.Network/ipGroups/deploy.bicep index ee21e30c1a..fd3a60457e 100644 --- a/arm/Microsoft.Network/ipGroups/deploy.bicep +++ b/arm/Microsoft.Network/ipGroups/deploy.bicep @@ -16,7 +16,7 @@ param ipAddresses array = [] @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Resource tags.') @@ -66,11 +66,11 @@ module ipGroup_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in } }] -@description('The resource ID of the IP group') +@description('The resource ID of the IP group.') output resourceId string = ipGroup.id -@description('The resource group of the IP group was deployed into') +@description('The resource group of the IP group was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the IP group') +@description('The name of the IP group.') output name string = ipGroup.name diff --git a/arm/Microsoft.Network/ipGroups/readme.md b/arm/Microsoft.Network/ipGroups/readme.md index 923051fc43..b5d1f77a58 100644 --- a/arm/Microsoft.Network/ipGroups/readme.md +++ b/arm/Microsoft.Network/ipGroups/readme.md @@ -30,7 +30,7 @@ This module deploys an IP group. | `ipAddresses` | array | `[]` | | IpAddresses/IpAddressPrefixes in the IpGroups resource. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Resource tags. | @@ -81,6 +81,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the IP group | -| `resourceGroupName` | string | The resource group of the IP group was deployed into | -| `resourceId` | string | The resource ID of the IP group | +| `name` | string | The name of the IP group. | +| `resourceGroupName` | string | The resource group of the IP group was deployed into. | +| `resourceId` | string | The resource ID of the IP group. | diff --git a/arm/Microsoft.Network/loadBalancers/backendAddressPools/deploy.bicep b/arm/Microsoft.Network/loadBalancers/backendAddressPools/deploy.bicep index fa6d17707f..1dfd69020b 100644 --- a/arm/Microsoft.Network/loadBalancers/backendAddressPools/deploy.bicep +++ b/arm/Microsoft.Network/loadBalancers/backendAddressPools/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. The name of the parent load balancer') +@description('Conditional. The name of the parent parent load balancer. Required if the template is used in a standalone deployment.') param loadBalancerName string -@description('Required. The name of the backend address pool') +@description('Required. The name of the backend address pool.') param name string @description('Optional. An array of backend addresses.') @@ -38,11 +38,11 @@ resource backendAddressPool 'Microsoft.Network/loadBalancers/backendAddressPools parent: loadBalancer } -@description('The name of the backend address pool') +@description('The name of the backend address pool.') output name string = backendAddressPool.name -@description('The resource ID of the backend address pool') +@description('The resource ID of the backend address pool.') output resourceId string = backendAddressPool.id -@description('The resource group the backend address pool was deployed into') +@description('The resource group the backend address pool was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/loadBalancers/backendAddressPools/readme.md b/arm/Microsoft.Network/loadBalancers/backendAddressPools/readme.md index 506849e6d5..4815d6a554 100644 --- a/arm/Microsoft.Network/loadBalancers/backendAddressPools/readme.md +++ b/arm/Microsoft.Network/loadBalancers/backendAddressPools/readme.md @@ -19,8 +19,12 @@ This module deploys load balancer backend address pools. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `loadBalancerName` | string | The name of the parent load balancer | -| `name` | string | The name of the backend address pool | +| `name` | string | The name of the backend address pool. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `loadBalancerName` | string | The name of the parent parent load balancer. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -34,6 +38,6 @@ This module deploys load balancer backend address pools. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the backend address pool | -| `resourceGroupName` | string | The resource group the backend address pool was deployed into | -| `resourceId` | string | The resource ID of the backend address pool | +| `name` | string | The name of the backend address pool. | +| `resourceGroupName` | string | The resource group the backend address pool was deployed into. | +| `resourceId` | string | The resource ID of the backend address pool. | diff --git a/arm/Microsoft.Network/loadBalancers/deploy.bicep b/arm/Microsoft.Network/loadBalancers/deploy.bicep index bb467080bf..c48b9be562 100644 --- a/arm/Microsoft.Network/loadBalancers/deploy.bicep +++ b/arm/Microsoft.Network/loadBalancers/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. The Proximity Placement Groups Name') +@description('Required. The Proximity Placement Groups Name.') param name string @description('Optional. Location for all resources.') @@ -11,17 +11,17 @@ param location string = resourceGroup().location ]) param loadBalancerSku string = 'Standard' -@description('Required. Array of objects containing all frontend IP configurations') +@description('Required. Array of objects containing all frontend IP configurations.') @minLength(1) param frontendIPConfigurations array @description('Optional. Collection of backend address pools used by a load balancer.') param backendAddressPools array = [] -@description('Optional. Array of objects containing all load balancing rules') +@description('Optional. Array of objects containing all load balancing rules.') param loadBalancingRules array = [] -@description('Optional. Array of objects containing all probes, these are references in the load balancing rules') +@description('Optional. Array of objects containing all probes, these are references in the load balancing rules.') param probes array = [] @description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') @@ -49,7 +49,7 @@ param diagnosticEventHubName string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -255,13 +255,13 @@ module loadBalancer_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, inde } }] -@description('The name of the load balancer') +@description('The name of the load balancer.') output name string = loadBalancer.name -@description('The resource ID of the load balancer') +@description('The resource ID of the load balancer.') output resourceId string = loadBalancer.id -@description('The resource group the load balancer was deployed into') +@description('The resource group the load balancer was deployed into.') output resourceGroupName string = resourceGroup().name @description('The backend address pools available in the load balancer.') diff --git a/arm/Microsoft.Network/loadBalancers/inboundNatRules/deploy.bicep b/arm/Microsoft.Network/loadBalancers/inboundNatRules/deploy.bicep index 1722a0f576..fc3b14d15e 100644 --- a/arm/Microsoft.Network/loadBalancers/inboundNatRules/deploy.bicep +++ b/arm/Microsoft.Network/loadBalancers/inboundNatRules/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. The name of the parent load balancer') +@description('Conditional. The name of the parent parent load balancer. Required if the template is used in a standalone deployment.') param loadBalancerName string -@description('Required. The name of the inbound NAT rule') +@description('Required. The name of the inbound NAT rule.') param name string -@description('Required. The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. ') +@description('Required. The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer.') @minValue(1) @maxValue(65534) param frontendPort int @@ -14,7 +14,7 @@ param frontendPort int @maxValue(65535) param backendPort int = frontendPort -@description('Optional. Name of the backend address pool') +@description('Optional. Name of the backend address pool.') param backendAddressPoolName string = '' @description('Optional. Configures a virtual machine\'s endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can\'t be changed after you create the endpoint.') @@ -23,7 +23,7 @@ param enableFloatingIP bool = false @description('Optional. Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP.') param enableTcpReset bool = false -@description('Required. The name of the frontend IP address to set for the inbound NAT rule') +@description('Required. The name of the frontend IP address to set for the inbound NAT rule.') param frontendIPConfigurationName string @description('Optional. The port range end for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeStart. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool.') @@ -87,11 +87,11 @@ resource inboundNatRule 'Microsoft.Network/loadBalancers/inboundNatRules@2021-05 parent: loadBalancer } -@description('The name of the inbound NAT rule') +@description('The name of the inbound NAT rule.') output name string = inboundNatRule.name -@description('The resource ID of the inbound NAT rule') +@description('The resource ID of the inbound NAT rule.') output resourceId string = inboundNatRule.id -@description('The resource group the inbound NAT rule was deployed into') +@description('The resource group the inbound NAT rule was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/loadBalancers/inboundNatRules/readme.md b/arm/Microsoft.Network/loadBalancers/inboundNatRules/readme.md index 561785af65..d003e4e94f 100644 --- a/arm/Microsoft.Network/loadBalancers/inboundNatRules/readme.md +++ b/arm/Microsoft.Network/loadBalancers/inboundNatRules/readme.md @@ -19,15 +19,19 @@ This module deploys load balancers inbound NAT rules. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `frontendIPConfigurationName` | string | The name of the frontend IP address to set for the inbound NAT rule | -| `frontendPort` | int | The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. | -| `loadBalancerName` | string | The name of the parent load balancer | -| `name` | string | The name of the inbound NAT rule | +| `frontendIPConfigurationName` | string | The name of the frontend IP address to set for the inbound NAT rule. | +| `frontendPort` | int | The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. | +| `name` | string | The name of the inbound NAT rule. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `loadBalancerName` | string | The name of the parent parent load balancer. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `backendAddressPoolName` | string | `''` | | Name of the backend address pool | +| `backendAddressPoolName` | string | `''` | | Name of the backend address pool. | | `backendPort` | int | `[parameters('frontendPort')]` | | The port used for the internal endpoint. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `enableFloatingIP` | bool | `False` | | Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint. | @@ -42,6 +46,6 @@ This module deploys load balancers inbound NAT rules. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the inbound NAT rule | -| `resourceGroupName` | string | The resource group the inbound NAT rule was deployed into | -| `resourceId` | string | The resource ID of the inbound NAT rule | +| `name` | string | The name of the inbound NAT rule. | +| `resourceGroupName` | string | The resource group the inbound NAT rule was deployed into. | +| `resourceId` | string | The resource ID of the inbound NAT rule. | diff --git a/arm/Microsoft.Network/loadBalancers/readme.md b/arm/Microsoft.Network/loadBalancers/readme.md index 93a7f6e56b..fbf82dd202 100644 --- a/arm/Microsoft.Network/loadBalancers/readme.md +++ b/arm/Microsoft.Network/loadBalancers/readme.md @@ -24,8 +24,8 @@ This module deploys a load balancer. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `frontendIPConfigurations` | array | Array of objects containing all frontend IP configurations | -| `name` | string | The Proximity Placement Groups Name | +| `frontendIPConfigurations` | array | Array of objects containing all frontend IP configurations. | +| `name` | string | The Proximity Placement Groups Name. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -41,12 +41,12 @@ This module deploys a load balancer. | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `inboundNatRules` | _[inboundNatRules](inboundNatRules/readme.md)_ array | `[]` | | Collection of inbound NAT Rules used by a load balancer. Defining inbound NAT rules on your load balancer is mutually exclusive with defining an inbound NAT pool. Inbound NAT pools are referenced from virtual machine scale sets. NICs that are associated with individual virtual machines cannot reference an Inbound NAT pool. They have to reference individual inbound NAT rules. | | `loadBalancerSku` | string | `'Standard'` | `[Basic, Standard]` | Name of a load balancer SKU. | -| `loadBalancingRules` | array | `[]` | | Array of objects containing all load balancing rules | +| `loadBalancingRules` | array | `[]` | | Array of objects containing all load balancing rules. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `outboundRules` | array | `[]` | | The outbound rules. | -| `probes` | array | `[]` | | Array of objects containing all probes, these are references in the load balancing rules | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `probes` | array | `[]` | | Array of objects containing all probes, these are references in the load balancing rules. | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -228,6 +228,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | | `backendpools` | array | The backend address pools available in the load balancer. | -| `name` | string | The name of the load balancer | -| `resourceGroupName` | string | The resource group the load balancer was deployed into | -| `resourceId` | string | The resource ID of the load balancer | +| `name` | string | The name of the load balancer. | +| `resourceGroupName` | string | The resource group the load balancer was deployed into. | +| `resourceId` | string | The resource ID of the load balancer. | diff --git a/arm/Microsoft.Network/localNetworkGateways/deploy.bicep b/arm/Microsoft.Network/localNetworkGateways/deploy.bicep index a8570e13ae..144e9b1082 100644 --- a/arm/Microsoft.Network/localNetworkGateways/deploy.bicep +++ b/arm/Microsoft.Network/localNetworkGateways/deploy.bicep @@ -1,14 +1,14 @@ -@description('Required. Name of the Local Network Gateway') +@description('Required. Name of the Local Network Gateway.') @minLength(1) param name string @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Required. List of the local (on-premises) IP address ranges') +@description('Required. List of the local (on-premises) IP address ranges.') param localAddressPrefixes array -@description('Required. Public IP of the local gateway') +@description('Required. Public IP of the local gateway.') param localGatewayPublicIpAddress string @description('Optional. The BGP speaker\'s ASN. Not providing this value will automatically disable BGP on this Local Network Gateway resource.') @@ -28,7 +28,7 @@ param localPeerWeight string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -92,11 +92,11 @@ module localNetworkGateway_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignmen } }] -@description('The resource ID of the local network gateway') +@description('The resource ID of the local network gateway.') output resourceId string = localNetworkGateway.id -@description('The resource group the local network gateway was deployed into') +@description('The resource group the local network gateway was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the local network gateway') +@description('The name of the local network gateway.') output name string = localNetworkGateway.name diff --git a/arm/Microsoft.Network/localNetworkGateways/readme.md b/arm/Microsoft.Network/localNetworkGateways/readme.md index 5adfdfe681..a716027f3f 100644 --- a/arm/Microsoft.Network/localNetworkGateways/readme.md +++ b/arm/Microsoft.Network/localNetworkGateways/readme.md @@ -21,9 +21,9 @@ This module deploys a local network gateway. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `localAddressPrefixes` | array | List of the local (on-premises) IP address ranges | -| `localGatewayPublicIpAddress` | string | Public IP of the local gateway | -| `name` | string | Name of the Local Network Gateway | +| `localAddressPrefixes` | array | List of the local (on-premises) IP address ranges. | +| `localGatewayPublicIpAddress` | string | Public IP of the local gateway. | +| `name` | string | Name of the Local Network Gateway. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -35,7 +35,7 @@ This module deploys a local network gateway. | `localPeerWeight` | string | `''` | | The weight added to routes learned from this BGP speaker. This will only take effect if both the localAsn and the localBgpPeeringAddress values are provided. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -86,6 +86,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the local network gateway | -| `resourceGroupName` | string | The resource group the local network gateway was deployed into | -| `resourceId` | string | The resource ID of the local network gateway | +| `name` | string | The name of the local network gateway. | +| `resourceGroupName` | string | The resource group the local network gateway was deployed into. | +| `resourceId` | string | The resource ID of the local network gateway. | diff --git a/arm/Microsoft.Network/natGateways/deploy.bicep b/arm/Microsoft.Network/natGateways/deploy.bicep index e13ac102ec..928bcecb7f 100644 --- a/arm/Microsoft.Network/natGateways/deploy.bicep +++ b/arm/Microsoft.Network/natGateways/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Name of the Azure Bastion resource') +@description('Required. Name of the Azure Bastion resource.') param name string @description('Optional. The idle timeout of the nat gateway.') @@ -13,7 +13,7 @@ param natGatewayPipName string = '' @description('Optional. Resource ID of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix.') param natGatewayPublicIPPrefixId string = '' -@description('Optional. DNS name of the Public IP resource. A region specific suffix will be appended to it, e.g.: your-DNS-name.westeurope.cloudapp.azure.com') +@description('Optional. DNS name of the Public IP resource. A region specific suffix will be appended to it, e.g.: your-DNS-name.westeurope.cloudapp.azure.com.') param natGatewayDomainNameLabel string = '' @description('Optional. Existing Public IP Address resource names to use for the NAT Gateway.') @@ -53,7 +53,7 @@ param diagnosticEventHubName string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags for the resource.') @@ -204,11 +204,11 @@ module natGateway_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) } }] -@description('The name of the NAT Gateway') +@description('The name of the NAT Gateway.') output name string = natGateway.name -@description('The resource ID of the NAT Gateway') +@description('The resource ID of the NAT Gateway.') output resourceId string = natGateway.id -@description('The resource group the NAT Gateway was deployed into') +@description('The resource group the NAT Gateway was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/natGateways/readme.md b/arm/Microsoft.Network/natGateways/readme.md index ee69855552..5ddf76b54b 100644 --- a/arm/Microsoft.Network/natGateways/readme.md +++ b/arm/Microsoft.Network/natGateways/readme.md @@ -23,7 +23,7 @@ This module deploys a NAT gateway. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the Azure Bastion resource | +| `name` | string | Name of the Azure Bastion resource. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -40,13 +40,13 @@ This module deploys a NAT gateway. | `idleTimeoutInMinutes` | int | `5` | | The idle timeout of the nat gateway. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `natGatewayDomainNameLabel` | string | `''` | | DNS name of the Public IP resource. A region specific suffix will be appended to it, e.g.: your-DNS-name.westeurope.cloudapp.azure.com | +| `natGatewayDomainNameLabel` | string | `''` | | DNS name of the Public IP resource. A region specific suffix will be appended to it, e.g.: your-DNS-name.westeurope.cloudapp.azure.com. | | `natGatewayPipName` | string | `''` | | Specifies the name of the Public IP used by the NAT Gateway. If it's not provided, a '-pip' suffix will be appended to the Bastion's name. | | `natGatewayPublicIpAddress` | bool | `False` | | Use to have a new Public IP Address created for the NAT Gateway. | | `natGatewayPublicIPPrefixId` | string | `''` | | Resource ID of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix. | | `publicIpAddresses` | array | `[]` | | Existing Public IP Address resource names to use for the NAT Gateway. | | `publicIpPrefixes` | array | `[]` | | Existing Public IP Prefixes resource names to use for the NAT Gateway. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags for the resource. | | `zones` | array | `[]` | | A list of availability zones denoting the zone in which Nat Gateway should be deployed. | @@ -98,6 +98,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the NAT Gateway | -| `resourceGroupName` | string | The resource group the NAT Gateway was deployed into | -| `resourceId` | string | The resource ID of the NAT Gateway | +| `name` | string | The name of the NAT Gateway. | +| `resourceGroupName` | string | The resource group the NAT Gateway was deployed into. | +| `resourceId` | string | The resource ID of the NAT Gateway. | diff --git a/arm/Microsoft.Network/networkSecurityGroups/deploy.bicep b/arm/Microsoft.Network/networkSecurityGroups/deploy.bicep index 5db5c2fce3..ffde34fb24 100644 --- a/arm/Microsoft.Network/networkSecurityGroups/deploy.bicep +++ b/arm/Microsoft.Network/networkSecurityGroups/deploy.bicep @@ -32,7 +32,7 @@ param diagnosticEventHubName string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the NSG resource.') @@ -159,11 +159,11 @@ module networkSecurityGroup_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignme } }] -@description('The resource group the network security group was deployed into') +@description('The resource group the network security group was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The resource ID of the network security group') +@description('The resource ID of the network security group.') output resourceId string = networkSecurityGroup.id -@description('The name of the network security group') +@description('The name of the network security group.') output name string = networkSecurityGroup.name diff --git a/arm/Microsoft.Network/networkSecurityGroups/readme.md b/arm/Microsoft.Network/networkSecurityGroups/readme.md index d9251dff8c..daeba8ff3f 100644 --- a/arm/Microsoft.Network/networkSecurityGroups/readme.md +++ b/arm/Microsoft.Network/networkSecurityGroups/readme.md @@ -38,7 +38,7 @@ This template deploys a network security group (NSG) with optional security rule | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `securityRules` | _[securityRules](securityRules/readme.md)_ array | `[]` | | Array of Security Rules to deploy to the Network Security Group. When not provided, an NSG including only the built-in roles will be deployed. | | `tags` | object | `{object}` | | Tags of the NSG resource. | @@ -90,6 +90,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the network security group | -| `resourceGroupName` | string | The resource group the network security group was deployed into | -| `resourceId` | string | The resource ID of the network security group | +| `name` | string | The name of the network security group. | +| `resourceGroupName` | string | The resource group the network security group was deployed into. | +| `resourceId` | string | The resource ID of the network security group. | diff --git a/arm/Microsoft.Network/networkSecurityGroups/securityRules/deploy.bicep b/arm/Microsoft.Network/networkSecurityGroups/securityRules/deploy.bicep index 62f7a6e7d4..af7e9f32c3 100644 --- a/arm/Microsoft.Network/networkSecurityGroups/securityRules/deploy.bicep +++ b/arm/Microsoft.Network/networkSecurityGroups/securityRules/deploy.bicep @@ -1,7 +1,7 @@ @sys.description('Required. The name of the security rule') param name string -@sys.description('Required. The name of the network security group to deploy the security rule into') +@sys.description('Conditional. The name of the parent network security group to deploy the security rule into. Required if the template is used in a standalone deployment.') param networkSecurityGroupName string @sys.description('Optional. Whether network traffic is allowed or denied.') @@ -11,7 +11,7 @@ param networkSecurityGroupName string ]) param access string = 'Deny' -@sys.description('Optional. A description for this rule') +@sys.description('Optional. A description for this rule.') @maxLength(140) param description string = '' diff --git a/arm/Microsoft.Network/networkSecurityGroups/securityRules/readme.md b/arm/Microsoft.Network/networkSecurityGroups/securityRules/readme.md index 3c0c93f490..222eee66e2 100644 --- a/arm/Microsoft.Network/networkSecurityGroups/securityRules/readme.md +++ b/arm/Microsoft.Network/networkSecurityGroups/securityRules/readme.md @@ -21,15 +21,19 @@ This module deploys Network Security Group Security Rules. | :-- | :-- | :-- | :-- | | `direction` | string | `[Inbound, Outbound]` | The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic. | | `name` | string | | The name of the security rule | -| `networkSecurityGroupName` | string | | The name of the network security group to deploy the security rule into | | `priority` | int | | The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | | `protocol` | string | `[*, Ah, Esp, Icmp, Tcp, Udp]` | Network protocol this rule applies to. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `networkSecurityGroupName` | string | The name of the parent network security group to deploy the security rule into. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `access` | string | `'Deny'` | `[Allow, Deny]` | Whether network traffic is allowed or denied. | -| `description` | string | `''` | | A description for this rule | +| `description` | string | `''` | | A description for this rule. | | `destinationAddressPrefix` | string | `''` | | The destination address prefix. CIDR or destination IP range. Asterisk "*" can also be used to match all source IPs. Default tags such as "VirtualNetwork", "AzureLoadBalancer" and "Internet" can also be used. | | `destinationAddressPrefixes` | array | `[]` | | The destination address prefixes. CIDR or destination IP ranges. | | `destinationApplicationSecurityGroups` | array | `[]` | | The application security group specified as destination. | diff --git a/arm/Microsoft.Network/networkWatchers/connectionMonitors/deploy.bicep b/arm/Microsoft.Network/networkWatchers/connectionMonitors/deploy.bicep index 492ee37c42..037fbe9af8 100644 --- a/arm/Microsoft.Network/networkWatchers/connectionMonitors/deploy.bicep +++ b/arm/Microsoft.Network/networkWatchers/connectionMonitors/deploy.bicep @@ -1,4 +1,4 @@ -@description('Optional. Name of the network watcher resource. Must be in the resource group where the Flow log will be created and same region as the NSG') +@description('Optional. Name of the network watcher resource. Must be in the resource group where the Flow log will be created and same region as the NSG.') param networkWatcherName string = 'NetworkWatcher_${resourceGroup().location}' @description('Optional. Name of the resource.') @@ -19,7 +19,7 @@ param testConfigurations array = [] @description('Optional. List of connection monitor test groups.') param testGroups array = [] -@description('Optional. Specify the Log Analytics Workspace Resource ID') +@description('Optional. Specify the Log Analytics Workspace Resource ID.') param workspaceResourceId string = '' @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -63,11 +63,11 @@ resource connectionMonitor 'Microsoft.Network/networkWatchers/connectionMonitors } } -@description('The name of the deployed connection monitor') +@description('The name of the deployed connection monitor.') output name string = connectionMonitor.name -@description('The resource ID of the deployed connection monitor') +@description('The resource ID of the deployed connection monitor.') output resourceId string = connectionMonitor.id -@description('The resource group the connection monitor was deployed into') +@description('The resource group the connection monitor was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/networkWatchers/connectionMonitors/readme.md b/arm/Microsoft.Network/networkWatchers/connectionMonitors/readme.md index 42ed73cd65..0029c14ea5 100644 --- a/arm/Microsoft.Network/networkWatchers/connectionMonitors/readme.md +++ b/arm/Microsoft.Network/networkWatchers/connectionMonitors/readme.md @@ -23,11 +23,11 @@ This template deploys Connection Monitors. | `endpoints` | array | `[]` | List of connection monitor endpoints. | | `location` | string | `[resourceGroup().location]` | Location for all resources. | | `name` | string | | Name of the resource. | -| `networkWatcherName` | string | `[format('NetworkWatcher_{0}', resourceGroup().location)]` | Name of the network watcher resource. Must be in the resource group where the Flow log will be created and same region as the NSG | +| `networkWatcherName` | string | `[format('NetworkWatcher_{0}', resourceGroup().location)]` | Name of the network watcher resource. Must be in the resource group where the Flow log will be created and same region as the NSG. | | `tags` | object | `{object}` | Tags of the resource. | | `testConfigurations` | array | `[]` | List of connection monitor test configurations. | | `testGroups` | array | `[]` | List of connection monitor test groups. | -| `workspaceResourceId` | string | `''` | Specify the Log Analytics Workspace Resource ID | +| `workspaceResourceId` | string | `''` | Specify the Log Analytics Workspace Resource ID. | ### Parameter Usage: `tags` @@ -51,6 +51,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed connection monitor | -| `resourceGroupName` | string | The resource group the connection monitor was deployed into | -| `resourceId` | string | The resource ID of the deployed connection monitor | +| `name` | string | The name of the deployed connection monitor. | +| `resourceGroupName` | string | The resource group the connection monitor was deployed into. | +| `resourceId` | string | The resource ID of the deployed connection monitor. | diff --git a/arm/Microsoft.Network/networkWatchers/deploy.bicep b/arm/Microsoft.Network/networkWatchers/deploy.bicep index 8eb5a8a83c..fc565b6247 100644 --- a/arm/Microsoft.Network/networkWatchers/deploy.bicep +++ b/arm/Microsoft.Network/networkWatchers/deploy.bicep @@ -1,14 +1,14 @@ -@description('Required. Name of the Network Watcher resource (hidden)') +@description('Required. Name of the Network Watcher resource (hidden).') @minLength(1) param name string = 'NetworkWatcher_${location}' @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Array that contains the Connection Monitors') +@description('Optional. Array that contains the Connection Monitors.') param connectionMonitors array = [] -@description('Optional. Array that contains the Flow Logs') +@description('Optional. Array that contains the Flow Logs.') param flowLogs array = [] @allowed([ @@ -19,7 +19,7 @@ param flowLogs array = [] @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -97,11 +97,11 @@ module networkWatcher_flowLogs 'flowLogs/deploy.bicep' = [for (flowLog, index) i } }] -@description('The name of the deployed network watcher') +@description('The name of the deployed network watcher.') output name string = networkWatcher.name -@description('The resource ID of the deployed network watcher') +@description('The resource ID of the deployed network watcher.') output resourceId string = networkWatcher.id -@description('The resource group the network watcher was deployed into') +@description('The resource group the network watcher was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/networkWatchers/flowLogs/deploy.bicep b/arm/Microsoft.Network/networkWatchers/flowLogs/deploy.bicep index f148fef06a..efb8073d7b 100644 --- a/arm/Microsoft.Network/networkWatchers/flowLogs/deploy.bicep +++ b/arm/Microsoft.Network/networkWatchers/flowLogs/deploy.bicep @@ -1,4 +1,4 @@ -@description('Optional. Name of the network watcher resource. Must be in the resource group where the Flow log will be created and same region as the NSG') +@description('Optional. Name of the network watcher resource. Must be in the resource group where the Flow log will be created and same region as the NSG.') param networkWatcherName string = 'NetworkWatcher_${resourceGroup().location}' @description('Optional. Name of the resource.') @@ -16,17 +16,17 @@ param targetResourceId string @description('Required. Resource ID of the diagnostic storage account.') param storageId string -@description('Optional. If the flow log should be enabled') +@description('Optional. If the flow log should be enabled.') param enabled bool = true -@description('Optional. The flow log format version') +@description('Optional. The flow log format version.') @allowed([ 1 2 ]) param formatVersion int = 2 -@description('Optional. Specify the Log Analytics Workspace Resource ID') +@description('Optional. Specify the Log Analytics Workspace Resource ID.') param workspaceResourceId string = '' @description('Optional. The interval in minutes which would decide how frequently TA service should do flow analytics.') @@ -92,11 +92,11 @@ resource flowLog 'Microsoft.Network/networkWatchers/flowLogs@2021-05-01' = { flowAnalyticsConfiguration: flowAnalyticsConfiguration } } -@description('The name of the flow log') +@description('The name of the flow log.') output name string = flowLog.name -@description('The resource ID of the flow log') +@description('The resource ID of the flow log.') output resourceId string = flowLog.id -@description('The resource group the flow log was deployed into') +@description('The resource group the flow log was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/networkWatchers/flowLogs/readme.md b/arm/Microsoft.Network/networkWatchers/flowLogs/readme.md index 9f2944edd4..d8a97d4217 100644 --- a/arm/Microsoft.Network/networkWatchers/flowLogs/readme.md +++ b/arm/Microsoft.Network/networkWatchers/flowLogs/readme.md @@ -26,16 +26,16 @@ This module controls the Network Security Group Flow Logs and analytics settings **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `enabled` | bool | `True` | | If the flow log should be enabled | +| `enabled` | bool | `True` | | If the flow log should be enabled. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `formatVersion` | int | `2` | `[1, 2]` | The flow log format version | +| `formatVersion` | int | `2` | `[1, 2]` | The flow log format version. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `name` | string | `[format('{0}-{1}-flowlog', last(split(parameters('targetResourceId'), '/')), split(parameters('targetResourceId'), '/')[4])]` | | Name of the resource. | -| `networkWatcherName` | string | `[format('NetworkWatcher_{0}', resourceGroup().location)]` | | Name of the network watcher resource. Must be in the resource group where the Flow log will be created and same region as the NSG | +| `networkWatcherName` | string | `[format('NetworkWatcher_{0}', resourceGroup().location)]` | | Name of the network watcher resource. Must be in the resource group where the Flow log will be created and same region as the NSG. | | `retentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `tags` | object | `{object}` | | Tags of the resource. | | `trafficAnalyticsInterval` | int | `60` | `[10, 60]` | The interval in minutes which would decide how frequently TA service should do flow analytics. | -| `workspaceResourceId` | string | `''` | | Specify the Log Analytics Workspace Resource ID | +| `workspaceResourceId` | string | `''` | | Specify the Log Analytics Workspace Resource ID. | ### Parameter Usage: `tags` @@ -59,6 +59,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the flow log | -| `resourceGroupName` | string | The resource group the flow log was deployed into | -| `resourceId` | string | The resource ID of the flow log | +| `name` | string | The name of the flow log. | +| `resourceGroupName` | string | The resource group the flow log was deployed into. | +| `resourceId` | string | The resource ID of the flow log. | diff --git a/arm/Microsoft.Network/networkWatchers/readme.md b/arm/Microsoft.Network/networkWatchers/readme.md index 69545e4cb7..07be75a583 100644 --- a/arm/Microsoft.Network/networkWatchers/readme.md +++ b/arm/Microsoft.Network/networkWatchers/readme.md @@ -23,17 +23,17 @@ This template deploys a network watcher. **Required parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | -| `name` | string | `[format('NetworkWatcher_{0}', parameters('location'))]` | Name of the Network Watcher resource (hidden) | +| `name` | string | `[format('NetworkWatcher_{0}', parameters('location'))]` | Name of the Network Watcher resource (hidden). | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `connectionMonitors` | _[connectionMonitors](connectionMonitors/readme.md)_ array | `[]` | | Array that contains the Connection Monitors | +| `connectionMonitors` | _[connectionMonitors](connectionMonitors/readme.md)_ array | `[]` | | Array that contains the Connection Monitors. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `flowLogs` | _[flowLogs](flowLogs/readme.md)_ array | `[]` | | Array that contains the Flow Logs | +| `flowLogs` | _[flowLogs](flowLogs/readme.md)_ array | `[]` | | Array that contains the Flow Logs. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -84,6 +84,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed network watcher | -| `resourceGroupName` | string | The resource group the network watcher was deployed into | -| `resourceId` | string | The resource ID of the deployed network watcher | +| `name` | string | The name of the deployed network watcher. | +| `resourceGroupName` | string | The resource group the network watcher was deployed into. | +| `resourceId` | string | The resource ID of the deployed network watcher. | diff --git a/arm/Microsoft.Network/privateDnsZones/A/deploy.bicep b/arm/Microsoft.Network/privateDnsZones/A/deploy.bicep index f30ede4c7e..4d3a718324 100644 --- a/arm/Microsoft.Network/privateDnsZones/A/deploy.bicep +++ b/arm/Microsoft.Network/privateDnsZones/A/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Private DNS zone name.') +@description('Conditional. Private DNS zone name. Required if the template is used in a standalone deployment.') param privateDnsZoneName string @description('Required. The name of the A record.') @@ -59,8 +59,8 @@ module A_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in roleA @description('The name of the deployed A record') output name string = A.name -@description('The resource ID of the deployed A record') +@description('The resource ID of the deployed A record.') output resourceId string = A.id -@description('The resource group of the deployed A record') +@description('The resource group of the deployed A record.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/privateDnsZones/A/readme.md b/arm/Microsoft.Network/privateDnsZones/A/readme.md index 8e51fcef47..9a0f3310c8 100644 --- a/arm/Microsoft.Network/privateDnsZones/A/readme.md +++ b/arm/Microsoft.Network/privateDnsZones/A/readme.md @@ -21,7 +21,11 @@ This module deploys a Private DNS Zone A record. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the A record. | -| `privateDnsZoneName` | string | Private DNS zone name. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `privateDnsZoneName` | string | Private DNS zone name. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -76,5 +80,5 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed A record | -| `resourceGroupName` | string | The resource group of the deployed A record | -| `resourceId` | string | The resource ID of the deployed A record | +| `resourceGroupName` | string | The resource group of the deployed A record. | +| `resourceId` | string | The resource ID of the deployed A record. | diff --git a/arm/Microsoft.Network/privateDnsZones/AAAA/deploy.bicep b/arm/Microsoft.Network/privateDnsZones/AAAA/deploy.bicep index 82c92b85b2..ade34f5505 100644 --- a/arm/Microsoft.Network/privateDnsZones/AAAA/deploy.bicep +++ b/arm/Microsoft.Network/privateDnsZones/AAAA/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Private DNS zone name.') +@description('Conditional. Private DNS zone name. Required if the template is used in a standalone deployment.') param privateDnsZoneName string @description('Required. The name of the AAAA record.') @@ -59,8 +59,8 @@ module AAAA_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in ro @description('The name of the deployed AAAA record') output name string = AAAA.name -@description('The resource ID of the deployed AAAA record') +@description('The resource ID of the deployed AAAA record.') output resourceId string = AAAA.id -@description('The resource group of the deployed AAAA record') +@description('The resource group of the deployed AAAA record.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/privateDnsZones/AAAA/readme.md b/arm/Microsoft.Network/privateDnsZones/AAAA/readme.md index c3ccae6e38..6ef40b1976 100644 --- a/arm/Microsoft.Network/privateDnsZones/AAAA/readme.md +++ b/arm/Microsoft.Network/privateDnsZones/AAAA/readme.md @@ -21,7 +21,11 @@ This module deploys a Private DNS Zone AAAA record. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the AAAA record. | -| `privateDnsZoneName` | string | Private DNS zone name. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `privateDnsZoneName` | string | Private DNS zone name. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -76,5 +80,5 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed AAAA record | -| `resourceGroupName` | string | The resource group of the deployed AAAA record | -| `resourceId` | string | The resource ID of the deployed AAAA record | +| `resourceGroupName` | string | The resource group of the deployed AAAA record. | +| `resourceId` | string | The resource ID of the deployed AAAA record. | diff --git a/arm/Microsoft.Network/privateDnsZones/CNAME/deploy.bicep b/arm/Microsoft.Network/privateDnsZones/CNAME/deploy.bicep index b216e98cf9..a58d3fdf9f 100644 --- a/arm/Microsoft.Network/privateDnsZones/CNAME/deploy.bicep +++ b/arm/Microsoft.Network/privateDnsZones/CNAME/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Private DNS zone name.') +@description('Conditional. Private DNS zone name. Required if the template is used in a standalone deployment.') param privateDnsZoneName string @description('Required. The name of the CNAME record.') @@ -59,8 +59,8 @@ module CNAME_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in r @description('The name of the deployed CNAME record') output name string = CNAME.name -@description('The resource ID of the deployed CNAME record') +@description('The resource ID of the deployed CNAME record.') output resourceId string = CNAME.id -@description('The resource group of the deployed CNAME record') +@description('The resource group of the deployed CNAME record.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/privateDnsZones/CNAME/readme.md b/arm/Microsoft.Network/privateDnsZones/CNAME/readme.md index 07ff1d6cf2..c69d1df551 100644 --- a/arm/Microsoft.Network/privateDnsZones/CNAME/readme.md +++ b/arm/Microsoft.Network/privateDnsZones/CNAME/readme.md @@ -21,7 +21,11 @@ This module deploys a Private DNS Zone CNAME record. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the CNAME record. | -| `privateDnsZoneName` | string | Private DNS zone name. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `privateDnsZoneName` | string | Private DNS zone name. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -64,5 +68,5 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed CNAME record | -| `resourceGroupName` | string | The resource group of the deployed CNAME record | -| `resourceId` | string | The resource ID of the deployed CNAME record | +| `resourceGroupName` | string | The resource group of the deployed CNAME record. | +| `resourceId` | string | The resource ID of the deployed CNAME record. | diff --git a/arm/Microsoft.Network/privateDnsZones/MX/deploy.bicep b/arm/Microsoft.Network/privateDnsZones/MX/deploy.bicep index 466c8ee27b..b92116c008 100644 --- a/arm/Microsoft.Network/privateDnsZones/MX/deploy.bicep +++ b/arm/Microsoft.Network/privateDnsZones/MX/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Private DNS zone name.') +@description('Conditional. Private DNS zone name. Required if the template is used in a standalone deployment.') param privateDnsZoneName string @description('Required. The name of the MX record.') @@ -59,8 +59,8 @@ module MX_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in role @description('The name of the deployed MX record') output name string = MX.name -@description('The resource ID of the deployed MX record') +@description('The resource ID of the deployed MX record.') output resourceId string = MX.id -@description('The resource group of the deployed MX record') +@description('The resource group of the deployed MX record.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/privateDnsZones/MX/readme.md b/arm/Microsoft.Network/privateDnsZones/MX/readme.md index 87dda50f6e..b9ec1d55ac 100644 --- a/arm/Microsoft.Network/privateDnsZones/MX/readme.md +++ b/arm/Microsoft.Network/privateDnsZones/MX/readme.md @@ -21,7 +21,11 @@ This module deploys a Private DNS Zone MX record. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the MX record. | -| `privateDnsZoneName` | string | Private DNS zone name. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `privateDnsZoneName` | string | Private DNS zone name. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -77,5 +81,5 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed MX record | -| `resourceGroupName` | string | The resource group of the deployed MX record | -| `resourceId` | string | The resource ID of the deployed MX record | +| `resourceGroupName` | string | The resource group of the deployed MX record. | +| `resourceId` | string | The resource ID of the deployed MX record. | diff --git a/arm/Microsoft.Network/privateDnsZones/PTR/deploy.bicep b/arm/Microsoft.Network/privateDnsZones/PTR/deploy.bicep index 74e5128657..32781e3590 100644 --- a/arm/Microsoft.Network/privateDnsZones/PTR/deploy.bicep +++ b/arm/Microsoft.Network/privateDnsZones/PTR/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Private DNS zone name.') +@description('Conditional. Private DNS zone name. Required if the template is used in a standalone deployment.') param privateDnsZoneName string @description('Required. The name of the PTR record.') @@ -56,11 +56,11 @@ resource PTR 'Microsoft.Network/privateDnsZones/PTR@2020-06-01' = { } } -@description('The name of the deployed PTR record') +@description('The name of the deployed PTR record.') output name string = PTR.name -@description('The resource ID of the deployed PTR record') +@description('The resource ID of the deployed PTR record.') output resourceId string = PTR.id -@description('The resource group of the deployed PTR record') +@description('The resource group of the deployed PTR record.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/privateDnsZones/PTR/readme.md b/arm/Microsoft.Network/privateDnsZones/PTR/readme.md index 7b743fef7b..e80e37eba1 100644 --- a/arm/Microsoft.Network/privateDnsZones/PTR/readme.md +++ b/arm/Microsoft.Network/privateDnsZones/PTR/readme.md @@ -21,7 +21,11 @@ This module deploys a Private DNS Zone PTR record. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the PTR record. | -| `privateDnsZoneName` | string | Private DNS zone name. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `privateDnsZoneName` | string | Private DNS zone name. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -75,6 +79,6 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed PTR record | -| `resourceGroupName` | string | The resource group of the deployed PTR record | -| `resourceId` | string | The resource ID of the deployed PTR record | +| `name` | string | The name of the deployed PTR record. | +| `resourceGroupName` | string | The resource group of the deployed PTR record. | +| `resourceId` | string | The resource ID of the deployed PTR record. | diff --git a/arm/Microsoft.Network/privateDnsZones/SOA/deploy.bicep b/arm/Microsoft.Network/privateDnsZones/SOA/deploy.bicep index 432c9d94df..935715d5af 100644 --- a/arm/Microsoft.Network/privateDnsZones/SOA/deploy.bicep +++ b/arm/Microsoft.Network/privateDnsZones/SOA/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Private DNS zone name.') +@description('Conditional. Private DNS zone name. Required if the template is used in a standalone deployment.') param privateDnsZoneName string @description('Required. The name of the SOA record.') @@ -59,8 +59,8 @@ module SOA_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in rol @description('The name of the deployed SOA record') output name string = SOA.name -@description('The resource ID of the deployed SOA record') +@description('The resource ID of the deployed SOA record.') output resourceId string = SOA.id -@description('The resource group of the deployed SOA record') +@description('The resource group of the deployed SOA record.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/privateDnsZones/SOA/readme.md b/arm/Microsoft.Network/privateDnsZones/SOA/readme.md index 12d59211a9..4fa6f3b8f3 100644 --- a/arm/Microsoft.Network/privateDnsZones/SOA/readme.md +++ b/arm/Microsoft.Network/privateDnsZones/SOA/readme.md @@ -21,7 +21,11 @@ This module deploys a Private DNS Zone SOA record. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the SOA record. | -| `privateDnsZoneName` | string | Private DNS zone name. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `privateDnsZoneName` | string | Private DNS zone name. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -80,5 +84,5 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed SOA record | -| `resourceGroupName` | string | The resource group of the deployed SOA record | -| `resourceId` | string | The resource ID of the deployed SOA record | +| `resourceGroupName` | string | The resource group of the deployed SOA record. | +| `resourceId` | string | The resource ID of the deployed SOA record. | diff --git a/arm/Microsoft.Network/privateDnsZones/SRV/deploy.bicep b/arm/Microsoft.Network/privateDnsZones/SRV/deploy.bicep index a82295cb4e..a2e70b482f 100644 --- a/arm/Microsoft.Network/privateDnsZones/SRV/deploy.bicep +++ b/arm/Microsoft.Network/privateDnsZones/SRV/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Private DNS zone name.') +@description('Conditional. Private DNS zone name. Required if the template is used in a standalone deployment.') param privateDnsZoneName string @description('Required. The name of the SRV record.') @@ -59,8 +59,8 @@ module SRV_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in rol @description('The name of the deployed SRV record') output name string = SRV.name -@description('The resource ID of the deployed SRV record') +@description('The resource ID of the deployed SRV record.') output resourceId string = SRV.id -@description('The resource group of the deployed SRV record') +@description('The resource group of the deployed SRV record.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/privateDnsZones/SRV/readme.md b/arm/Microsoft.Network/privateDnsZones/SRV/readme.md index 2563aee271..40a2d5404d 100644 --- a/arm/Microsoft.Network/privateDnsZones/SRV/readme.md +++ b/arm/Microsoft.Network/privateDnsZones/SRV/readme.md @@ -21,7 +21,11 @@ This module deploys a Private DNS Zone TXT record. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the SRV record. | -| `privateDnsZoneName` | string | Private DNS zone name. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `privateDnsZoneName` | string | Private DNS zone name. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -79,5 +83,5 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed SRV record | -| `resourceGroupName` | string | The resource group of the deployed SRV record | -| `resourceId` | string | The resource ID of the deployed SRV record | +| `resourceGroupName` | string | The resource group of the deployed SRV record. | +| `resourceId` | string | The resource ID of the deployed SRV record. | diff --git a/arm/Microsoft.Network/privateDnsZones/TXT/deploy.bicep b/arm/Microsoft.Network/privateDnsZones/TXT/deploy.bicep index ac39012a6e..a3589b15ab 100644 --- a/arm/Microsoft.Network/privateDnsZones/TXT/deploy.bicep +++ b/arm/Microsoft.Network/privateDnsZones/TXT/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Private DNS zone name.') +@description('Conditional. Private DNS zone name. Required if the template is used in a standalone deployment.') param privateDnsZoneName string @description('Required. The name of the TXT record.') @@ -59,8 +59,8 @@ module TXT_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in rol @description('The name of the deployed TXT record') output name string = TXT.name -@description('The resource ID of the deployed TXT record') +@description('The resource ID of the deployed TXT record.') output resourceId string = TXT.id -@description('The resource group of the deployed TXT record') +@description('The resource group of the deployed TXT record.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/privateDnsZones/TXT/readme.md b/arm/Microsoft.Network/privateDnsZones/TXT/readme.md index ed1d0c8bbe..2a3e448000 100644 --- a/arm/Microsoft.Network/privateDnsZones/TXT/readme.md +++ b/arm/Microsoft.Network/privateDnsZones/TXT/readme.md @@ -21,7 +21,11 @@ This module deploys a Private DNS Zone TXT record. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the TXT record. | -| `privateDnsZoneName` | string | Private DNS zone name. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `privateDnsZoneName` | string | Private DNS zone name. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -76,5 +80,5 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed TXT record | -| `resourceGroupName` | string | The resource group of the deployed TXT record | -| `resourceId` | string | The resource ID of the deployed TXT record | +| `resourceGroupName` | string | The resource group of the deployed TXT record. | +| `resourceId` | string | The resource ID of the deployed TXT record. | diff --git a/arm/Microsoft.Network/privateDnsZones/deploy.bicep b/arm/Microsoft.Network/privateDnsZones/deploy.bicep index fa7a207802..913013552d 100644 --- a/arm/Microsoft.Network/privateDnsZones/deploy.bicep +++ b/arm/Microsoft.Network/privateDnsZones/deploy.bicep @@ -31,7 +31,7 @@ param virtualNetworkLinks array = [] @description('Optional. The location of the PrivateDNSZone. Should be global.') param location string = 'global' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -203,11 +203,11 @@ module privateDnsZone_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, in } }] -@description('The resource group the private DNS zone was deployed into') +@description('The resource group the private DNS zone was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the private DNS zone') +@description('The name of the private DNS zone.') output name string = privateDnsZone.name -@description('The resource ID of the private DNS zone') +@description('The resource ID of the private DNS zone.') output resourceId string = privateDnsZone.id diff --git a/arm/Microsoft.Network/privateDnsZones/readme.md b/arm/Microsoft.Network/privateDnsZones/readme.md index 23cba9d62e..771f16fa95 100644 --- a/arm/Microsoft.Network/privateDnsZones/readme.md +++ b/arm/Microsoft.Network/privateDnsZones/readme.md @@ -43,7 +43,7 @@ This template deploys a private DNS zone. | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `mx` | _[mx](mx/readme.md)_ array | `[]` | | Array of MX records. | | `ptr` | _[ptr](ptr/readme.md)_ array | `[]` | | Array of PTR records. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `soa` | _[soa](soa/readme.md)_ array | `[]` | | Array of SOA records. | | `srv` | _[srv](srv/readme.md)_ array | `[]` | | Array of SRV records. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -98,6 +98,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the private DNS zone | -| `resourceGroupName` | string | The resource group the private DNS zone was deployed into | -| `resourceId` | string | The resource ID of the private DNS zone | +| `name` | string | The name of the private DNS zone. | +| `resourceGroupName` | string | The resource group the private DNS zone was deployed into. | +| `resourceId` | string | The resource ID of the private DNS zone. | diff --git a/arm/Microsoft.Network/privateDnsZones/virtualNetworkLinks/deploy.bicep b/arm/Microsoft.Network/privateDnsZones/virtualNetworkLinks/deploy.bicep index 4785655fab..3da2a7826b 100644 --- a/arm/Microsoft.Network/privateDnsZones/virtualNetworkLinks/deploy.bicep +++ b/arm/Microsoft.Network/privateDnsZones/virtualNetworkLinks/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Private DNS zone name.') +@description('Conditional. Private DNS zone name. Required if the template is used in a standalone deployment.') param privateDnsZoneName string @description('Optional. The name of the virtual network link.') @@ -10,7 +10,7 @@ param location string = 'global' @description('Optional. Tags of the resource.') param tags object = {} -@description('Optional. Is auto-registration of virtual machine records in the virtual network in the Private DNS zone enabled?') +@description('Optional. Is auto-registration of virtual machine records in the virtual network in the Private DNS zone enabled?.') param registrationEnabled bool = false @description('Required. Link to another virtual network resource ID.') @@ -48,11 +48,11 @@ resource virtualNetworkLink 'Microsoft.Network/privateDnsZones/virtualNetworkLin } } -@description('The name of the deployed virtual network link') +@description('The name of the deployed virtual network link.') output name string = virtualNetworkLink.name -@description('The resource ID of the deployed virtual network link') +@description('The resource ID of the deployed virtual network link.') output resourceId string = virtualNetworkLink.id -@description('The resource group of the deployed virtual network link') +@description('The resource group of the deployed virtual network link.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/privateDnsZones/virtualNetworkLinks/readme.md b/arm/Microsoft.Network/privateDnsZones/virtualNetworkLinks/readme.md index 68aa330d8f..cf2cb09429 100644 --- a/arm/Microsoft.Network/privateDnsZones/virtualNetworkLinks/readme.md +++ b/arm/Microsoft.Network/privateDnsZones/virtualNetworkLinks/readme.md @@ -19,16 +19,20 @@ This module deploys private dns zone virtual network links. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `privateDnsZoneName` | string | Private DNS zone name. | | `virtualNetworkResourceId` | string | Link to another virtual network resource ID. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `privateDnsZoneName` | string | Private DNS zone name. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `'global'` | The location of the PrivateDNSZone. Should be global. | | `name` | string | `[format('{0}-vnetlink', last(split(parameters('virtualNetworkResourceId'), '/')))]` | The name of the virtual network link. | -| `registrationEnabled` | bool | `False` | Is auto-registration of virtual machine records in the virtual network in the Private DNS zone enabled? | +| `registrationEnabled` | bool | `False` | Is auto-registration of virtual machine records in the virtual network in the Private DNS zone enabled?. | | `tags` | object | `{object}` | Tags of the resource. | @@ -53,6 +57,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed virtual network link | -| `resourceGroupName` | string | The resource group of the deployed virtual network link | -| `resourceId` | string | The resource ID of the deployed virtual network link | +| `name` | string | The name of the deployed virtual network link. | +| `resourceGroupName` | string | The resource group of the deployed virtual network link. | +| `resourceId` | string | The resource ID of the deployed virtual network link. | diff --git a/arm/Microsoft.Network/privateEndpoints/deploy.bicep b/arm/Microsoft.Network/privateEndpoints/deploy.bicep index a84d6bfd50..bd1538492d 100644 --- a/arm/Microsoft.Network/privateEndpoints/deploy.bicep +++ b/arm/Microsoft.Network/privateEndpoints/deploy.bicep @@ -24,7 +24,7 @@ param location string = resourceGroup().location @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags to be applied on all resources/resource groups in this deployment.') @@ -96,11 +96,11 @@ module privateEndpoint_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, i } }] -@description('The resource group the private endpoint was deployed into') +@description('The resource group the private endpoint was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The resource ID of the private endpoint') +@description('The resource ID of the private endpoint.') output resourceId string = privateEndpoint.id -@description('The name of the private endpoint') +@description('The name of the private endpoint.') output name string = privateEndpoint.name diff --git a/arm/Microsoft.Network/privateEndpoints/privateDnsZoneGroups/deploy.bicep b/arm/Microsoft.Network/privateEndpoints/privateDnsZoneGroups/deploy.bicep index 04ea26d87a..db01f717a2 100644 --- a/arm/Microsoft.Network/privateEndpoints/privateDnsZoneGroups/deploy.bicep +++ b/arm/Microsoft.Network/privateEndpoints/privateDnsZoneGroups/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. The name of the private endpoint') +@description('Conditional. The name of the parent private endpoint. Required if the template is used in a standalone deployment.') param privateEndpointName string -@description('Required. List of private DNS resource IDs') +@description('Required. List of private DNS resource IDs.') param privateDNSResourceIds array -@description('Optional. The name of the private DNS Zone Group') +@description('Optional. The name of the private DNS Zone Group.') param name string = 'default' @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -41,11 +41,11 @@ resource privateDnsZoneGroup 'Microsoft.Network/privateEndpoints/privateDnsZoneG } } -@description('The name of the private endpoint DNS zone group') +@description('The name of the private endpoint DNS zone group.') output name string = privateDnsZoneGroup.name -@description('The resource ID of the private endpoint DNS zone group') +@description('The resource ID of the private endpoint DNS zone group.') output resourceId string = privateDnsZoneGroup.id -@description('The resource group the private endpoint DNS zone group was deployed into') +@description('The resource group the private endpoint DNS zone group was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/privateEndpoints/privateDnsZoneGroups/readme.md b/arm/Microsoft.Network/privateEndpoints/privateDnsZoneGroups/readme.md index b1df6c6c8b..6d827b810d 100644 --- a/arm/Microsoft.Network/privateEndpoints/privateDnsZoneGroups/readme.md +++ b/arm/Microsoft.Network/privateEndpoints/privateDnsZoneGroups/readme.md @@ -19,20 +19,24 @@ This module deploys a private endpoint private DNS zone group **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `privateDNSResourceIds` | array | List of private DNS resource IDs | -| `privateEndpointName` | string | The name of the private endpoint | +| `privateDNSResourceIds` | array | List of private DNS resource IDs. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `privateEndpointName` | string | The name of the parent private endpoint. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `'default'` | The name of the private DNS Zone Group | +| `name` | string | `'default'` | The name of the private DNS Zone Group. | ## Outputs | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the private endpoint DNS zone group | -| `resourceGroupName` | string | The resource group the private endpoint DNS zone group was deployed into | -| `resourceId` | string | The resource ID of the private endpoint DNS zone group | +| `name` | string | The name of the private endpoint DNS zone group. | +| `resourceGroupName` | string | The resource group the private endpoint DNS zone group was deployed into. | +| `resourceId` | string | The resource ID of the private endpoint DNS zone group. | diff --git a/arm/Microsoft.Network/privateEndpoints/readme.md b/arm/Microsoft.Network/privateEndpoints/readme.md index 4460ae8c5e..81e9dc220c 100644 --- a/arm/Microsoft.Network/privateEndpoints/readme.md +++ b/arm/Microsoft.Network/privateEndpoints/readme.md @@ -44,7 +44,7 @@ The following resources are required to be able to deploy this resource: | `location` | string | `[resourceGroup().location]` | | Location for all Resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `privateDnsZoneGroups` | _[privateDnsZoneGroups](privateDnsZoneGroups/readme.md)_ array | `[]` | | Array of Private DNS zone groups configuration on the private endpoint. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags to be applied on all resources/resource groups in this deployment. | @@ -95,6 +95,6 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the private endpoint | -| `resourceGroupName` | string | The resource group the private endpoint was deployed into | -| `resourceId` | string | The resource ID of the private endpoint | +| `name` | string | The name of the private endpoint. | +| `resourceGroupName` | string | The resource group the private endpoint was deployed into. | +| `resourceId` | string | The resource ID of the private endpoint. | diff --git a/arm/Microsoft.Network/publicIPAddresses/deploy.bicep b/arm/Microsoft.Network/publicIPAddresses/deploy.bicep index cb6f57cfa9..22844b5472 100644 --- a/arm/Microsoft.Network/publicIPAddresses/deploy.bicep +++ b/arm/Microsoft.Network/publicIPAddresses/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. The name of the Public IP Address') +@description('Required. The name of the Public IP Address.') param name string @description('Optional. Resource ID of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix.') @@ -63,7 +63,7 @@ param lock string = 'NotSpecified' @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -181,14 +181,14 @@ module publicIpAddress_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, i } }] -@description('The resource group the public IP address was deployed into') +@description('The resource group the public IP address was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the public IP address') +@description('The name of the public IP address.') output name string = publicIpAddress.name -@description('The resource ID of the public IP address') +@description('The resource ID of the public IP address.') output resourceId string = publicIpAddress.id -@description('The public IP address of the of the public IP address resource') +@description('The public IP address of the public IP address resource.') output ipAddress string = publicIpAddress.properties.ipAddress diff --git a/arm/Microsoft.Network/publicIPAddresses/readme.md b/arm/Microsoft.Network/publicIPAddresses/readme.md index 0ce2673385..93389d8243 100644 --- a/arm/Microsoft.Network/publicIPAddresses/readme.md +++ b/arm/Microsoft.Network/publicIPAddresses/readme.md @@ -20,7 +20,7 @@ **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the Public IP Address | +| `name` | string | The name of the Public IP Address. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -39,7 +39,7 @@ | `publicIPAddressVersion` | string | `'IPv4'` | `[IPv4, IPv6]` | IP address version. | | `publicIPAllocationMethod` | string | `'Dynamic'` | `[Dynamic, Static]` | The public IP address allocation method. | | `publicIPPrefixResourceId` | string | `''` | | Resource ID of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `skuName` | string | `'Basic'` | `[Basic, Standard]` | Name of a public IP address SKU. | | `skuTier` | string | `'Regional'` | `[Global, Regional]` | Tier of a public IP address SKU. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -93,7 +93,7 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `ipAddress` | string | The public IP address of the of the public IP address resource | -| `name` | string | The name of the public IP address | -| `resourceGroupName` | string | The resource group the public IP address was deployed into | -| `resourceId` | string | The resource ID of the public IP address | +| `ipAddress` | string | The public IP address of the public IP address resource. | +| `name` | string | The name of the public IP address. | +| `resourceGroupName` | string | The resource group the public IP address was deployed into. | +| `resourceId` | string | The resource ID of the public IP address. | diff --git a/arm/Microsoft.Network/publicIPPrefixes/deploy.bicep b/arm/Microsoft.Network/publicIPPrefixes/deploy.bicep index 82f8b7b8af..22074ff112 100644 --- a/arm/Microsoft.Network/publicIPPrefixes/deploy.bicep +++ b/arm/Microsoft.Network/publicIPPrefixes/deploy.bicep @@ -1,11 +1,11 @@ -@description('Required. Name of the Public IP Prefix') +@description('Required. Name of the Public IP Prefix.') @minLength(1) param name string @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Required. Length of the Public IP Prefix') +@description('Required. Length of the Public IP Prefix.') @minValue(28) @maxValue(31) param prefixLength int @@ -18,7 +18,7 @@ param prefixLength int @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -72,11 +72,11 @@ module publicIpPrefix_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, in } }] -@description('The resource ID of the public IP prefix') +@description('The resource ID of the public IP prefix.') output resourceId string = publicIpPrefix.id -@description('The resource group the public IP prefix was deployed into') +@description('The resource group the public IP prefix was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the public IP prefix') +@description('The name of the public IP prefix.') output name string = publicIpPrefix.name diff --git a/arm/Microsoft.Network/publicIPPrefixes/readme.md b/arm/Microsoft.Network/publicIPPrefixes/readme.md index 01ad3d3307..c1b7f5e3d3 100644 --- a/arm/Microsoft.Network/publicIPPrefixes/readme.md +++ b/arm/Microsoft.Network/publicIPPrefixes/readme.md @@ -21,8 +21,8 @@ This template deploys a public IP prefix. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the Public IP Prefix | -| `prefixLength` | int | Length of the Public IP Prefix | +| `name` | string | Name of the Public IP Prefix. | +| `prefixLength` | int | Length of the Public IP Prefix. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -30,7 +30,7 @@ This template deploys a public IP prefix. | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -81,6 +81,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the public IP prefix | -| `resourceGroupName` | string | The resource group the public IP prefix was deployed into | -| `resourceId` | string | The resource ID of the public IP prefix | +| `name` | string | The name of the public IP prefix. | +| `resourceGroupName` | string | The resource group the public IP prefix was deployed into. | +| `resourceId` | string | The resource ID of the public IP prefix. | diff --git a/arm/Microsoft.Network/routeTables/deploy.bicep b/arm/Microsoft.Network/routeTables/deploy.bicep index 774aa95717..c6ebd7b4b5 100644 --- a/arm/Microsoft.Network/routeTables/deploy.bicep +++ b/arm/Microsoft.Network/routeTables/deploy.bicep @@ -18,7 +18,7 @@ param disableBgpRoutePropagation bool = false @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -69,11 +69,11 @@ module routeTable_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) } }] -@description('The resource group the route table was deployed into') +@description('The resource group the route table was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the route table') +@description('The name of the route table.') output name string = routeTable.name -@description('The resource ID of the route table') +@description('The resource ID of the route table.') output resourceId string = routeTable.id diff --git a/arm/Microsoft.Network/routeTables/readme.md b/arm/Microsoft.Network/routeTables/readme.md index 2fab128802..da9e4010a9 100644 --- a/arm/Microsoft.Network/routeTables/readme.md +++ b/arm/Microsoft.Network/routeTables/readme.md @@ -30,7 +30,7 @@ This module deploys a user defined route table. | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `routes` | array | `[]` | | An Array of Routes to be established within the hub route table. | | `tags` | object | `{object}` | | Tags of the resource. | @@ -124,6 +124,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the route table | -| `resourceGroupName` | string | The resource group the route table was deployed into | -| `resourceId` | string | The resource ID of the route table | +| `name` | string | The name of the route table. | +| `resourceGroupName` | string | The resource group the route table was deployed into. | +| `resourceId` | string | The resource ID of the route table. | diff --git a/arm/Microsoft.Network/trafficmanagerprofiles/deploy.bicep b/arm/Microsoft.Network/trafficmanagerprofiles/deploy.bicep index 10eb3a517c..3266752d2d 100644 --- a/arm/Microsoft.Network/trafficmanagerprofiles/deploy.bicep +++ b/arm/Microsoft.Network/trafficmanagerprofiles/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Name of the Traffic Manager') +@description('Required. Name of the Traffic Manager.') @minLength(1) param name string @@ -71,7 +71,7 @@ param diagnosticEventHubName string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Resource tags.') @@ -181,11 +181,11 @@ module trafficManagerProfile_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignm } }] -@description('The resource ID of the traffix manager') +@description('The resource ID of the traffix manager.') output resourceId string = trafficManagerProfile.id -@description('The resource group the traffix manager was deployed into') +@description('The resource group the traffix manager was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the traffix manager was deployed into') +@description('The name of the traffix manager was deployed into.') output name string = trafficManagerProfile.name diff --git a/arm/Microsoft.Network/trafficmanagerprofiles/readme.md b/arm/Microsoft.Network/trafficmanagerprofiles/readme.md index 7aa2977926..51d81561b9 100644 --- a/arm/Microsoft.Network/trafficmanagerprofiles/readme.md +++ b/arm/Microsoft.Network/trafficmanagerprofiles/readme.md @@ -22,7 +22,7 @@ This module deploys a traffic manager profile. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the Traffic Manager | +| `name` | string | Name of the Traffic Manager. | | `relativeName` | string | The relative DNS name provided by this Traffic Manager profile. This value is combined with the DNS domain name used by Azure Traffic Manager to form the fully-qualified domain name (FQDN) of the profile. | **Optional parameters** @@ -42,7 +42,7 @@ This module deploys a traffic manager profile. | `maxReturn` | int | `1` | | Maximum number of endpoints to be returned for MultiValue routing type. | | `monitorConfig` | object | `{object}` | | The endpoint monitoring settings of the Traffic Manager profile. | | `profileStatus` | string | `'Enabled'` | `[Enabled, Disabled]` | The status of the Traffic Manager profile. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Resource tags. | | `trafficRoutingMethod` | string | `'Performance'` | `[Performance, Priority, Weighted, Geographic, MultiValue, Subnet]` | The traffic routing method of the Traffic Manager profile. | | `trafficViewEnrollmentStatus` | string | `'Disabled'` | `[Disabled, Enabled]` | Indicates whether Traffic View is 'Enabled' or 'Disabled' for the Traffic Manager profile. Null, indicates 'Disabled'. Enabling this feature will increase the cost of the Traffic Manage profile. | @@ -134,6 +134,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the traffix manager was deployed into | -| `resourceGroupName` | string | The resource group the traffix manager was deployed into | -| `resourceId` | string | The resource ID of the traffix manager | +| `name` | string | The name of the traffix manager was deployed into. | +| `resourceGroupName` | string | The resource group the traffix manager was deployed into. | +| `resourceId` | string | The resource ID of the traffix manager. | diff --git a/arm/Microsoft.Network/virtualHubs/deploy.bicep b/arm/Microsoft.Network/virtualHubs/deploy.bicep index cbd6ae3112..5af207a5f1 100644 --- a/arm/Microsoft.Network/virtualHubs/deploy.bicep +++ b/arm/Microsoft.Network/virtualHubs/deploy.bicep @@ -13,16 +13,16 @@ param addressPrefix string @description('Optional. Flag to control transit for VirtualRouter hub.') param allowBranchToBranchTraffic bool = true -@description('Optional. Resource ID of the Azure Firewall to link to') +@description('Optional. Resource ID of the Azure Firewall to link to.') param azureFirewallId string = '' -@description('Optional. Resource ID of the Express Route Gateway to link to') +@description('Optional. Resource ID of the Express Route Gateway to link to.') param expressRouteGatewayId string = '' -@description('Optional. Resource ID of the Point-to-Site VPN Gateway to link to') +@description('Optional. Resource ID of the Point-to-Site VPN Gateway to link to.') param p2SVpnGatewayId string = '' -@description('Optional. The preferred routing gateway types') +@description('Optional. The preferred routing gateway types.') @allowed([ 'ExpressRoute' 'None' @@ -31,10 +31,10 @@ param p2SVpnGatewayId string = '' ]) param preferredRoutingGateway string = '' -@description('Optional. VirtualHub route tables') +@description('Optional. VirtualHub route tables.') param routeTableRoutes array = [] -@description('Optional. ID of the Security Partner Provider to link to') +@description('Optional. ID of the Security Partner Provider to link to.') param securityPartnerProviderId string = '' @description('Optional. The Security Provider name.') @@ -56,10 +56,10 @@ param virtualRouterAsn int = -1 @description('Optional. VirtualRouter IPs.') param virtualRouterIps array = [] -@description('Required. Resource ID of the virtual WAN to link to') +@description('Required. Resource ID of the virtual WAN to link to.') param virtualWanId string -@description('Optional. Resource ID of the VPN Gateway to link to') +@description('Optional. Resource ID of the VPN Gateway to link to.') param vpnGatewayId string = '' @description('Optional. Route tables to create for the virtual hub.') @@ -163,11 +163,11 @@ module virtualHub_hubVirtualNetworkConnections 'hubVirtualNetworkConnections/dep ] }] -@description('The resource group the virtual hub was deployed into') +@description('The resource group the virtual hub was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The resource ID of the virtual hub') +@description('The resource ID of the virtual hub.') output resourceId string = virtualHub.id -@description('The name of the virtual hub') +@description('The name of the virtual hub.') output name string = virtualHub.name diff --git a/arm/Microsoft.Network/virtualHubs/hubRouteTables/deploy.bicep b/arm/Microsoft.Network/virtualHubs/hubRouteTables/deploy.bicep index 221a76f44f..6cda1075f4 100644 --- a/arm/Microsoft.Network/virtualHubs/hubRouteTables/deploy.bicep +++ b/arm/Microsoft.Network/virtualHubs/hubRouteTables/deploy.bicep @@ -1,7 +1,7 @@ @description('Required. The route table name.') param name string -@description('Required. The virtual hub name.') +@description('Conditional. The name of the parent virtual hub. Required if the template is used in a standalone deployment.') param virtualHubName string @description('Optional. List of labels associated with this route table.') @@ -38,11 +38,11 @@ resource hubRouteTable 'Microsoft.Network/virtualHubs/hubRouteTables@2021-05-01' } } -@description('The name of the deployed virtual hub route table') +@description('The name of the deployed virtual hub route table.') output name string = hubRouteTable.name -@description('The resource ID of the deployed virtual hub route table') +@description('The resource ID of the deployed virtual hub route table.') output resourceId string = hubRouteTable.id -@description('The resource group the virtual hub route table was deployed into') +@description('The resource group the virtual hub route table was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/virtualHubs/hubRouteTables/readme.md b/arm/Microsoft.Network/virtualHubs/hubRouteTables/readme.md index f3a367f74a..b8be56a013 100644 --- a/arm/Microsoft.Network/virtualHubs/hubRouteTables/readme.md +++ b/arm/Microsoft.Network/virtualHubs/hubRouteTables/readme.md @@ -20,7 +20,11 @@ This module deploys virtual hub route tables. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The route table name. | -| `virtualHubName` | string | The virtual hub name. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `virtualHubName` | string | The name of the parent virtual hub. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -34,6 +38,6 @@ This module deploys virtual hub route tables. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed virtual hub route table | -| `resourceGroupName` | string | The resource group the virtual hub route table was deployed into | -| `resourceId` | string | The resource ID of the deployed virtual hub route table | +| `name` | string | The name of the deployed virtual hub route table. | +| `resourceGroupName` | string | The resource group the virtual hub route table was deployed into. | +| `resourceId` | string | The resource ID of the deployed virtual hub route table. | diff --git a/arm/Microsoft.Network/virtualHubs/hubVirtualNetworkConnections/deploy.bicep b/arm/Microsoft.Network/virtualHubs/hubVirtualNetworkConnections/deploy.bicep index 02d97d7e70..6d3cc941ab 100644 --- a/arm/Microsoft.Network/virtualHubs/hubVirtualNetworkConnections/deploy.bicep +++ b/arm/Microsoft.Network/virtualHubs/hubVirtualNetworkConnections/deploy.bicep @@ -1,13 +1,13 @@ @description('Required. The connection name.') param name string -@description('Required. The virtual hub name.') +@description('Conditional. The name of the parent virtual hub. Required if the template is used in a standalone deployment.') param virtualHubName string @description('Optional. Enable internet security.') param enableInternetSecurity bool = true -@description('Required. Resource ID of the virtual network to link to') +@description('Required. Resource ID of the virtual network to link to.') param remoteVirtualNetworkId string @description('Optional. Routing Configuration indicating the associated and propagated route tables for this connection.') @@ -44,11 +44,11 @@ resource hubVirtualNetworkConnection 'Microsoft.Network/virtualHubs/hubVirtualNe } } -@description('The resource group the virtual hub connection was deployed into') +@description('The resource group the virtual hub connection was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The resource ID of the virtual hub connection') +@description('The resource ID of the virtual hub connection.') output resourceId string = hubVirtualNetworkConnection.id -@description('The name of the virtual hub connection') +@description('The name of the virtual hub connection.') output name string = hubVirtualNetworkConnection.name diff --git a/arm/Microsoft.Network/virtualHubs/hubVirtualNetworkConnections/readme.md b/arm/Microsoft.Network/virtualHubs/hubVirtualNetworkConnections/readme.md index 6570ade0db..a3033acf10 100644 --- a/arm/Microsoft.Network/virtualHubs/hubVirtualNetworkConnections/readme.md +++ b/arm/Microsoft.Network/virtualHubs/hubVirtualNetworkConnections/readme.md @@ -20,8 +20,12 @@ This module deploys virtual hub virtual network connections. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The connection name. | -| `remoteVirtualNetworkId` | string | Resource ID of the virtual network to link to | -| `virtualHubName` | string | The virtual hub name. | +| `remoteVirtualNetworkId` | string | Resource ID of the virtual network to link to. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `virtualHubName` | string | The name of the parent virtual hub. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -39,6 +43,6 @@ This module deploys virtual hub virtual network connections. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the virtual hub connection | -| `resourceGroupName` | string | The resource group the virtual hub connection was deployed into | -| `resourceId` | string | The resource ID of the virtual hub connection | +| `name` | string | The name of the virtual hub connection. | +| `resourceGroupName` | string | The resource group the virtual hub connection was deployed into. | +| `resourceId` | string | The resource ID of the virtual hub connection. | diff --git a/arm/Microsoft.Network/virtualHubs/readme.md b/arm/Microsoft.Network/virtualHubs/readme.md index 5d7d95f945..ac716a5660 100644 --- a/arm/Microsoft.Network/virtualHubs/readme.md +++ b/arm/Microsoft.Network/virtualHubs/readme.md @@ -13,7 +13,7 @@ This module deploys a Virtual Hub. | Resource Type | API Version | | :-- | :-- | | `Microsoft.Authorization/locks` | [2017-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) | -| `Microsoft.Network/virtualHubs` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/virtualHubs) | +| `Microsoft.Network/virtualHubs` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/virtualHubs) | | `Microsoft.Network/virtualHubs/hubRouteTables` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/virtualHubs/hubRouteTables) | | `Microsoft.Network/virtualHubs/hubVirtualNetworkConnections` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/virtualHubs/hubVirtualNetworkConnections) | @@ -24,30 +24,30 @@ This module deploys a Virtual Hub. | :-- | :-- | :-- | | `addressPrefix` | string | Address-prefix for this VirtualHub. | | `name` | string | The virtual hub name. | -| `virtualWanId` | string | Resource ID of the virtual WAN to link to | +| `virtualWanId` | string | Resource ID of the virtual WAN to link to. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `allowBranchToBranchTraffic` | bool | `True` | | Flag to control transit for VirtualRouter hub. | -| `azureFirewallId` | string | `''` | | Resource ID of the Azure Firewall to link to | +| `azureFirewallId` | string | `''` | | Resource ID of the Azure Firewall to link to. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `expressRouteGatewayId` | string | `''` | | Resource ID of the Express Route Gateway to link to | +| `expressRouteGatewayId` | string | `''` | | Resource ID of the Express Route Gateway to link to. | | `hubRouteTables` | _[hubRouteTables](hubRouteTables/readme.md)_ array | `[]` | | Route tables to create for the virtual hub. | | `hubVirtualNetworkConnections` | _[hubVirtualNetworkConnections](hubVirtualNetworkConnections/readme.md)_ array | `[]` | | Virtual network connections to create for the virtual hub. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `p2SVpnGatewayId` | string | `''` | | Resource ID of the Point-to-Site VPN Gateway to link to | -| `preferredRoutingGateway` | string | `''` | `[ExpressRoute, None, VpnGateway, ]` | The preferred routing gateway types | -| `routeTableRoutes` | array | `[]` | | VirtualHub route tables | -| `securityPartnerProviderId` | string | `''` | | ID of the Security Partner Provider to link to | +| `p2SVpnGatewayId` | string | `''` | | Resource ID of the Point-to-Site VPN Gateway to link to. | +| `preferredRoutingGateway` | string | `''` | `[ExpressRoute, None, VpnGateway, ]` | The preferred routing gateway types. | +| `routeTableRoutes` | array | `[]` | | VirtualHub route tables. | +| `securityPartnerProviderId` | string | `''` | | ID of the Security Partner Provider to link to. | | `securityProviderName` | string | `''` | | The Security Provider name. | | `sku` | string | `'Standard'` | `[Basic, Standard]` | The sku of this VirtualHub. | | `tags` | object | `{object}` | | Tags of the resource. | | `virtualHubRouteTableV2s` | array | `[]` | | List of all virtual hub route table v2s associated with this VirtualHub. | | `virtualRouterAsn` | int | `-1` | | VirtualRouter ASN. | | `virtualRouterIps` | array | `[]` | | VirtualRouter IPs. | -| `vpnGatewayId` | string | `''` | | Resource ID of the VPN Gateway to link to | +| `vpnGatewayId` | string | `''` | | Resource ID of the VPN Gateway to link to. | ### Parameter Usage: `tags` @@ -71,6 +71,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the virtual hub | -| `resourceGroupName` | string | The resource group the virtual hub was deployed into | -| `resourceId` | string | The resource ID of the virtual hub | +| `name` | string | The name of the virtual hub. | +| `resourceGroupName` | string | The resource group the virtual hub was deployed into. | +| `resourceId` | string | The resource ID of the virtual hub. | diff --git a/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep b/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep index d99597c1b0..9bf15d588c 100644 --- a/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep +++ b/arm/Microsoft.Network/virtualNetworkGateways/deploy.bicep @@ -16,10 +16,10 @@ param publicIPPrefixResourceId string = '' @description('Optional. Specifies the zones of the Public IP address. Basic IP SKU does not support Availability Zones.') param publicIpZones array = [] -@description('Optional. DNS name(s) of the Public IP resource(s). If you enabled active-active configuration, you need to provide 2 DNS names, if you want to use this feature. A region specific suffix will be appended to it, e.g.: your-DNS-name.westeurope.cloudapp.azure.com') +@description('Optional. DNS name(s) of the Public IP resource(s). If you enabled active-active configuration, you need to provide 2 DNS names, if you want to use this feature. A region specific suffix will be appended to it, e.g.: your-DNS-name.westeurope.cloudapp.azure.com.') param domainNameLabel array = [] -@description('Required. Specifies the gateway type. E.g. VPN, ExpressRoute') +@description('Required. Specifies the gateway type. E.g. VPN, ExpressRoute.') @allowed([ 'Vpn' 'ExpressRoute' @@ -44,23 +44,23 @@ param virtualNetworkGatewayType string ]) param virtualNetworkGatewaySku string -@description('Required. Specifies the VPN type') +@description('Required. Specifies the VPN type.') @allowed([ 'PolicyBased' 'RouteBased' ]) param vpnType string = 'RouteBased' -@description('Required. Virtual Network resource ID') +@description('Required. Virtual Network resource ID.') param vNetResourceId string -@description('Optional. Value to specify if the Gateway should be deployed in active-active or active-passive configuration') +@description('Optional. Value to specify if the Gateway should be deployed in active-active or active-passive configuration.') param activeActive bool = true -@description('Optional. Value to specify if BGP is enabled or not') +@description('Optional. Value to specify if BGP is enabled or not.') param enableBgp bool = true -@description('Optional. ASN value') +@description('Optional. ASN value.') param asn int = 65815 @description('Optional. The IP address range from which VPN clients will receive an IP address when connected. Range specified must not overlap with on-premise network.') @@ -89,7 +89,7 @@ param diagnosticEventHubAuthorizationRuleId string = '' @description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category.') param diagnosticEventHubName string = '' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @allowed([ @@ -395,14 +395,14 @@ module virtualNetworkGateway_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignm // ================// // Outputs // // ================// -@description('The resource group the virtual network gateway was deployed') +@description('The resource group the virtual network gateway was deployed.') output resourceGroupName string = resourceGroup().name -@description('The name of the virtual network gateway') +@description('The name of the virtual network gateway.') output name string = virtualNetworkGateway.name -@description('The resource ID of the virtual network gateway') +@description('The resource ID of the virtual network gateway.') output resourceId string = virtualNetworkGateway.id -@description('Shows if the virtual network gateway is configured in active-active mode') +@description('Shows if the virtual network gateway is configured in active-active mode.') output activeActive bool = virtualNetworkGateway.properties.activeActive diff --git a/arm/Microsoft.Network/virtualNetworkGateways/readme.md b/arm/Microsoft.Network/virtualNetworkGateways/readme.md index 6e6f00ff47..f535b75645 100644 --- a/arm/Microsoft.Network/virtualNetworkGateways/readme.md +++ b/arm/Microsoft.Network/virtualNetworkGateways/readme.md @@ -25,16 +25,16 @@ This module deploys a virtual network gateway. | :-- | :-- | :-- | :-- | :-- | | `name` | string | | | Specifies the Virtual Network Gateway name. | | `virtualNetworkGatewaySku` | string | | `[Basic, VpnGw1, VpnGw2, VpnGw3, VpnGw1AZ, VpnGw2AZ, VpnGw3AZ, Standard, HighPerformance, UltraPerformance, ErGw1AZ, ErGw2AZ, ErGw3AZ]` | The Sku of the Gateway. | -| `virtualNetworkGatewayType` | string | | `[Vpn, ExpressRoute]` | Specifies the gateway type. E.g. VPN, ExpressRoute | -| `vNetResourceId` | string | | | Virtual Network resource ID | -| `vpnType` | string | `'RouteBased'` | `[PolicyBased, RouteBased]` | Specifies the VPN type | +| `virtualNetworkGatewayType` | string | | `[Vpn, ExpressRoute]` | Specifies the gateway type. E.g. VPN, ExpressRoute. | +| `vNetResourceId` | string | | | Virtual Network resource ID. | +| `vpnType` | string | `'RouteBased'` | `[PolicyBased, RouteBased]` | Specifies the VPN type. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `activeActive` | bool | `True` | | Value to specify if the Gateway should be deployed in active-active or active-passive configuration | +| `activeActive` | bool | `True` | | Value to specify if the Gateway should be deployed in active-active or active-passive configuration. | | `activeGatewayPipName` | string | `[format('{0}-pip2', parameters('name'))]` | | Specifies the name of the Public IP used by the Virtual Network Gateway when active-active configuration is required. If it's not provided, a '-pip' suffix will be appended to the gateway's name. | -| `asn` | int | `65815` | | ASN value | +| `asn` | int | `65815` | | ASN value. | | `clientRevokedCertThumbprint` | string | `''` | | Thumbprint of the revoked certificate. This would revoke VPN client certificates matching this thumbprint from connecting to the VNet. | | `clientRootCertData` | string | `''` | | Client root certificate data used to authenticate VPN clients. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | @@ -43,8 +43,8 @@ This module deploys a virtual network gateway. | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | -| `domainNameLabel` | array | `[]` | | DNS name(s) of the Public IP resource(s). If you enabled active-active configuration, you need to provide 2 DNS names, if you want to use this feature. A region specific suffix will be appended to it, e.g.: your-DNS-name.westeurope.cloudapp.azure.com | -| `enableBgp` | bool | `True` | | Value to specify if BGP is enabled or not | +| `domainNameLabel` | array | `[]` | | DNS name(s) of the Public IP resource(s). If you enabled active-active configuration, you need to provide 2 DNS names, if you want to use this feature. A region specific suffix will be appended to it, e.g.: your-DNS-name.westeurope.cloudapp.azure.com. | +| `enableBgp` | bool | `True` | | Value to specify if BGP is enabled or not. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `gatewayPipName` | string | `[format('{0}-pip1', parameters('name'))]` | | Specifies the name of the Public IP used by the Virtual Network Gateway. If it's not provided, a '-pip' suffix will be appended to the gateway's name. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | @@ -53,7 +53,7 @@ This module deploys a virtual network gateway. | `publicIpDiagnosticSettingsName` | string | `'diagnosticSettings'` | | The name of the diagnostic setting, if deployed. | | `publicIPPrefixResourceId` | string | `''` | | Resource ID of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix. | | `publicIpZones` | array | `[]` | | Specifies the zones of the Public IP address. Basic IP SKU does not support Availability Zones. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the resource. | | `virtualNetworkGatewaydiagnosticLogCategoriesToEnable` | array | `[GatewayDiagnosticLog, TunnelDiagnosticLog, RouteDiagnosticLog, IKEDiagnosticLog, P2SDiagnosticLog]` | `[GatewayDiagnosticLog, TunnelDiagnosticLog, RouteDiagnosticLog, IKEDiagnosticLog, P2SDiagnosticLog]` | The name of logs that will be streamed. | | `virtualNetworkGatewayDiagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | @@ -138,7 +138,7 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `activeActive` | bool | Shows if the virtual network gateway is configured in active-active mode | -| `name` | string | The name of the virtual network gateway | -| `resourceGroupName` | string | The resource group the virtual network gateway was deployed | -| `resourceId` | string | The resource ID of the virtual network gateway | +| `activeActive` | bool | Shows if the virtual network gateway is configured in active-active mode. | +| `name` | string | The name of the virtual network gateway. | +| `resourceGroupName` | string | The resource group the virtual network gateway was deployed. | +| `resourceId` | string | The resource ID of the virtual network gateway. | diff --git a/arm/Microsoft.Network/virtualNetworks/deploy.bicep b/arm/Microsoft.Network/virtualNetworks/deploy.bicep index bd857be34d..7bef007f89 100644 --- a/arm/Microsoft.Network/virtualNetworks/deploy.bicep +++ b/arm/Microsoft.Network/virtualNetworks/deploy.bicep @@ -16,7 +16,7 @@ param dnsServers array = [] @description('Optional. Resource ID of the DDoS protection plan to assign the VNET to. If it\'s left blank, DDoS protection will not be configured. If it\'s provided, the VNET created by this template will be attached to the referenced DDoS protection plan. The DDoS protection plan can exist in the same or in a different subscription.') param ddosProtectionPlanId string = '' -@description('Optional. Virtual Network Peerings configurations') +@description('Optional. Virtual Network Peerings configurations.') param virtualNetworkPeerings array = [] @description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') @@ -44,7 +44,7 @@ param diagnosticEventHubName string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -243,17 +243,17 @@ module virtualNetwork_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, in } }] -@description('The resource group the virtual network was deployed into') +@description('The resource group the virtual network was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The resource ID of the virtual network') +@description('The resource ID of the virtual network.') output resourceId string = virtualNetwork.id -@description('The name of the virtual network') +@description('The name of the virtual network.') output name string = virtualNetwork.name -@description('The names of the deployed subnets') +@description('The names of the deployed subnets.') output subnetNames array = [for subnet in subnets: subnet.name] -@description('The resource IDs of the deployed subnets') +@description('The resource IDs of the deployed subnets.') output subnetResourceIds array = [for subnet in subnets: az.resourceId('Microsoft.Network/virtualNetworks/subnets', name, subnet.name)] diff --git a/arm/Microsoft.Network/virtualNetworks/readme.md b/arm/Microsoft.Network/virtualNetworks/readme.md index 9599b31554..057b206ffc 100644 --- a/arm/Microsoft.Network/virtualNetworks/readme.md +++ b/arm/Microsoft.Network/virtualNetworks/readme.md @@ -44,10 +44,10 @@ This template deploys a virtual network (vNet). | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `subnets` | _[subnets](subnets/readme.md)_ array | `[]` | | An Array of subnets to deploy to the Virtual Network. | | `tags` | object | `{object}` | | Tags of the resource. | -| `virtualNetworkPeerings` | _[virtualNetworkPeerings](virtualNetworkPeerings/readme.md)_ array | `[]` | | Virtual Network Peerings configurations | +| `virtualNetworkPeerings` | _[virtualNetworkPeerings](virtualNetworkPeerings/readme.md)_ array | `[]` | | Virtual Network Peerings configurations. | ### Parameter Usage: `subnets` @@ -186,8 +186,8 @@ The network security group and route table resources must reside in the same res | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the virtual network | -| `resourceGroupName` | string | The resource group the virtual network was deployed into | -| `resourceId` | string | The resource ID of the virtual network | -| `subnetNames` | array | The names of the deployed subnets | -| `subnetResourceIds` | array | The resource IDs of the deployed subnets | +| `name` | string | The name of the virtual network. | +| `resourceGroupName` | string | The resource group the virtual network was deployed into. | +| `resourceId` | string | The resource ID of the virtual network. | +| `subnetNames` | array | The names of the deployed subnets. | +| `subnetResourceIds` | array | The resource IDs of the deployed subnets. | diff --git a/arm/Microsoft.Network/virtualNetworks/subnets/deploy.bicep b/arm/Microsoft.Network/virtualNetworks/subnets/deploy.bicep index f8fd00ce37..07c727f5dd 100644 --- a/arm/Microsoft.Network/virtualNetworks/subnets/deploy.bicep +++ b/arm/Microsoft.Network/virtualNetworks/subnets/deploy.bicep @@ -1,25 +1,25 @@ @description('Optional. The Name of the subnet resource.') param name string -@description('Required. The name of the parent virtual network') +@description('Conditional. The name of the parent parent virtual network. Required if the template is used in a standalone deployment.') param virtualNetworkName string @description('Required. The address prefix for the subnet.') param addressPrefix string -@description('Optional. The resource ID of the network security group to assign to the subnet') +@description('Optional. The resource ID of the network security group to assign to the subnet.') param networkSecurityGroupId string = '' -@description('Optional. The resource ID of the route table to assign to the subnet') +@description('Optional. The resource ID of the route table to assign to the subnet.') param routeTableId string = '' -@description('Optional. The service endpoints to enable on the subnet') +@description('Optional. The service endpoints to enable on the subnet.') param serviceEndpoints array = [] -@description('Optional. The delegations to enable on the subnet') +@description('Optional. The delegations to enable on the subnet.') param delegations array = [] -@description('Optional. The resource ID of the NAT Gateway to use for the subnet') +@description('Optional. The resource ID of the NAT Gateway to use for the subnet.') param natGatewayId string = '' @description('Optional. enable or disable apply network policies on private endpoint in the subnet.') @@ -44,13 +44,13 @@ param addressPrefixes array = [] @description('Optional. Application gateway IP configurations of virtual network resource.') param applicationGatewayIpConfigurations array = [] -@description('Optional. Array of IpAllocation which reference this subnet') +@description('Optional. Array of IpAllocation which reference this subnet.') param ipAllocations array = [] @description('Optional. An array of service endpoint policies.') param serviceEndpointPolicies array = [] -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -108,17 +108,17 @@ module subnet_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in } }] -@description('The resource group the virtual network peering was deployed into') +@description('The resource group the virtual network peering was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the virtual network peering') +@description('The name of the virtual network peering.') output name string = subnet.name -@description('The resource ID of the virtual network peering') +@description('The resource ID of the virtual network peering.') output resourceId string = subnet.id -@description('The address prefix for the subnet') +@description('The address prefix for the subnet.') output subnetAddressPrefix string = subnet.properties.addressPrefix -@description('List of address prefixes for the subnet') +@description('List of address prefixes for the subnet.') output subnetAddressPrefixes array = !empty(addressPrefixes) ? subnet.properties.addressPrefixes : [] diff --git a/arm/Microsoft.Network/virtualNetworks/subnets/readme.md b/arm/Microsoft.Network/virtualNetworks/subnets/readme.md index e5d2eda6dc..7298e1b33d 100644 --- a/arm/Microsoft.Network/virtualNetworks/subnets/readme.md +++ b/arm/Microsoft.Network/virtualNetworks/subnets/readme.md @@ -22,25 +22,29 @@ This module deploys a virtual network subnet. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `addressPrefix` | string | The address prefix for the subnet. | -| `virtualNetworkName` | string | The name of the parent virtual network | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `virtualNetworkName` | string | The name of the parent parent virtual network. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `addressPrefixes` | array | `[]` | | List of address prefixes for the subnet. | | `applicationGatewayIpConfigurations` | array | `[]` | | Application gateway IP configurations of virtual network resource. | -| `delegations` | array | `[]` | | The delegations to enable on the subnet | +| `delegations` | array | `[]` | | The delegations to enable on the subnet. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `ipAllocations` | array | `[]` | | Array of IpAllocation which reference this subnet | +| `ipAllocations` | array | `[]` | | Array of IpAllocation which reference this subnet. | | `name` | string | | | The Name of the subnet resource. | -| `natGatewayId` | string | `''` | | The resource ID of the NAT Gateway to use for the subnet | -| `networkSecurityGroupId` | string | `''` | | The resource ID of the network security group to assign to the subnet | +| `natGatewayId` | string | `''` | | The resource ID of the NAT Gateway to use for the subnet. | +| `networkSecurityGroupId` | string | `''` | | The resource ID of the network security group to assign to the subnet. | | `privateEndpointNetworkPolicies` | string | `''` | `[Disabled, Enabled, ]` | enable or disable apply network policies on private endpoint in the subnet. | | `privateLinkServiceNetworkPolicies` | string | `''` | `[Disabled, Enabled, ]` | enable or disable apply network policies on private link service in the subnet. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | -| `routeTableId` | string | `''` | | The resource ID of the route table to assign to the subnet | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| `routeTableId` | string | `''` | | The resource ID of the route table to assign to the subnet. | | `serviceEndpointPolicies` | array | `[]` | | An array of service endpoint policies. | -| `serviceEndpoints` | array | `[]` | | The service endpoints to enable on the subnet | +| `serviceEndpoints` | array | `[]` | | The service endpoints to enable on the subnet. | ### Parameter Usage: `delegations` @@ -102,8 +106,8 @@ The `privateEndpointNetworkPolicies` property must be set to disabled for subnet | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the virtual network peering | -| `resourceGroupName` | string | The resource group the virtual network peering was deployed into | -| `resourceId` | string | The resource ID of the virtual network peering | -| `subnetAddressPrefix` | string | The address prefix for the subnet | -| `subnetAddressPrefixes` | array | List of address prefixes for the subnet | +| `name` | string | The name of the virtual network peering. | +| `resourceGroupName` | string | The resource group the virtual network peering was deployed into. | +| `resourceId` | string | The resource ID of the virtual network peering. | +| `subnetAddressPrefix` | string | The address prefix for the subnet. | +| `subnetAddressPrefixes` | array | List of address prefixes for the subnet. | diff --git a/arm/Microsoft.Network/virtualNetworks/virtualNetworkPeerings/deploy.bicep b/arm/Microsoft.Network/virtualNetworks/virtualNetworkPeerings/deploy.bicep index 8dfa90b89b..2b03c2c930 100644 --- a/arm/Microsoft.Network/virtualNetworks/virtualNetworkPeerings/deploy.bicep +++ b/arm/Microsoft.Network/virtualNetworks/virtualNetworkPeerings/deploy.bicep @@ -1,25 +1,25 @@ -@description('Optional. The Name of Vnet Peering resource. If not provided, default value will be localVnetName-remoteVnetName') +@description('Optional. The Name of Vnet Peering resource. If not provided, default value will be localVnetName-remoteVnetName.') param name string = '${localVnetName}-${last(split(remoteVirtualNetworkId, '/'))}' -@description('Required. The Name of the Virtual Network to add the peering to.') +@description('Conditional. The name of the parent Virtual Network to add the peering to. Required if the template is used in a standalone deployment.') param localVnetName string -@description('Required. The Resource ID of the VNet that is this Local VNet is being peered to. Should be in the format of a Resource ID') +@description('Required. The Resource ID of the VNet that is this Local VNet is being peered to. Should be in the format of a Resource ID.') param remoteVirtualNetworkId string -@description('Optional. Whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network. Default is true') +@description('Optional. Whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network. Default is true.') param allowForwardedTraffic bool = true -@description('Optional. If gateway links can be used in remote virtual networking to link to this virtual network. Default is false') +@description('Optional. If gateway links can be used in remote virtual networking to link to this virtual network. Default is false.') param allowGatewayTransit bool = false -@description('Optional. Whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space. Default is true') +@description('Optional. Whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space. Default is true.') param allowVirtualNetworkAccess bool = true -@description('Optional. If we need to verify the provisioning state of the remote gateway. Default is true') +@description('Optional. If we need to verify the provisioning state of the remote gateway. Default is true.') param doNotVerifyRemoteGateways bool = true -@description('Optional. If remote gateways can be used on this virtual network. If the flag is set to true, and allowGatewayTransit on remote peering is also true, virtual network will use gateways of remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway. Default is false') +@description('Optional. If remote gateways can be used on this virtual network. If the flag is set to true, and allowGatewayTransit on remote peering is also true, virtual network will use gateways of remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway. Default is false.') param useRemoteGateways bool = false @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -56,11 +56,11 @@ resource virtualNetworkPeering 'Microsoft.Network/virtualNetworks/virtualNetwork } } -@description('The resource group the virtual network peering was deployed into') +@description('The resource group the virtual network peering was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the virtual network peering') +@description('The name of the virtual network peering.') output name string = virtualNetworkPeering.name -@description('The resource ID of the virtual network peering') +@description('The resource ID of the virtual network peering.') output resourceId string = virtualNetworkPeering.id diff --git a/arm/Microsoft.Network/virtualNetworks/virtualNetworkPeerings/readme.md b/arm/Microsoft.Network/virtualNetworks/virtualNetworkPeerings/readme.md index c541daf15b..cc666c6e36 100644 --- a/arm/Microsoft.Network/virtualNetworks/virtualNetworkPeerings/readme.md +++ b/arm/Microsoft.Network/virtualNetworks/virtualNetworkPeerings/readme.md @@ -26,25 +26,29 @@ The following resources are required to be able to deploy this resource. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `localVnetName` | string | The Name of the Virtual Network to add the peering to. | -| `remoteVirtualNetworkId` | string | The Resource ID of the VNet that is this Local VNet is being peered to. Should be in the format of a Resource ID | +| `remoteVirtualNetworkId` | string | The Resource ID of the VNet that is this Local VNet is being peered to. Should be in the format of a Resource ID. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `localVnetName` | string | The name of the parent Virtual Network to add the peering to. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | -| `allowForwardedTraffic` | bool | `True` | Whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network. Default is true | -| `allowGatewayTransit` | bool | `False` | If gateway links can be used in remote virtual networking to link to this virtual network. Default is false | -| `allowVirtualNetworkAccess` | bool | `True` | Whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space. Default is true | -| `doNotVerifyRemoteGateways` | bool | `True` | If we need to verify the provisioning state of the remote gateway. Default is true | +| `allowForwardedTraffic` | bool | `True` | Whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network. Default is true. | +| `allowGatewayTransit` | bool | `False` | If gateway links can be used in remote virtual networking to link to this virtual network. Default is false. | +| `allowVirtualNetworkAccess` | bool | `True` | Whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space. Default is true. | +| `doNotVerifyRemoteGateways` | bool | `True` | If we need to verify the provisioning state of the remote gateway. Default is true. | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `[format('{0}-{1}', parameters('localVnetName'), last(split(parameters('remoteVirtualNetworkId'), '/')))]` | The Name of Vnet Peering resource. If not provided, default value will be localVnetName-remoteVnetName | -| `useRemoteGateways` | bool | `False` | If remote gateways can be used on this virtual network. If the flag is set to true, and allowGatewayTransit on remote peering is also true, virtual network will use gateways of remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway. Default is false | +| `name` | string | `[format('{0}-{1}', parameters('localVnetName'), last(split(parameters('remoteVirtualNetworkId'), '/')))]` | The Name of Vnet Peering resource. If not provided, default value will be localVnetName-remoteVnetName. | +| `useRemoteGateways` | bool | `False` | If remote gateways can be used on this virtual network. If the flag is set to true, and allowGatewayTransit on remote peering is also true, virtual network will use gateways of remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway. Default is false. | ## Outputs | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the virtual network peering | -| `resourceGroupName` | string | The resource group the virtual network peering was deployed into | -| `resourceId` | string | The resource ID of the virtual network peering | +| `name` | string | The name of the virtual network peering. | +| `resourceGroupName` | string | The resource group the virtual network peering was deployed into. | +| `resourceId` | string | The resource ID of the virtual network peering. | diff --git a/arm/Microsoft.Network/virtualWans/deploy.bicep b/arm/Microsoft.Network/virtualWans/deploy.bicep index ed9577d228..45f145882e 100644 --- a/arm/Microsoft.Network/virtualWans/deploy.bicep +++ b/arm/Microsoft.Network/virtualWans/deploy.bicep @@ -14,13 +14,13 @@ param type string = 'Standard' @description('Optional. True if branch to branch traffic is allowed.') param allowBranchToBranchTraffic bool = false -@description('Optional. True if VNET to VNET traffic is allowed. ') +@description('Optional. True if VNET to VNET traffic is allowed.') param allowVnetToVnetTraffic bool = false @description('Optional. VPN encryption to be disabled or not.') param disableVpnEncryption bool = false -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -81,11 +81,11 @@ module virtualWan_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) } }] -@description('The name of the virtual WAN') +@description('The name of the virtual WAN.') output name string = virtualWan.name -@description('The resource ID of the virtual WAN') +@description('The resource ID of the virtual WAN.') output resourceId string = virtualWan.id -@description('The resource group the virtual WAN was deployed into') +@description('The resource group the virtual WAN was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/virtualWans/readme.md b/arm/Microsoft.Network/virtualWans/readme.md index d656fc5f61..6e1fc13427 100644 --- a/arm/Microsoft.Network/virtualWans/readme.md +++ b/arm/Microsoft.Network/virtualWans/readme.md @@ -27,12 +27,12 @@ This template deploys a virtual WAN. | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `allowBranchToBranchTraffic` | bool | `False` | | True if branch to branch traffic is allowed. | -| `allowVnetToVnetTraffic` | bool | `False` | | True if VNET to VNET traffic is allowed. | +| `allowVnetToVnetTraffic` | bool | `False` | | True if VNET to VNET traffic is allowed. | | `disableVpnEncryption` | bool | `False` | | VPN encryption to be disabled or not. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[resourceGroup().location]` | | Location where all resources will be created. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the resource. | | `type` | string | `'Standard'` | `[Standard, Basic]` | The type of the Virtual WAN. | @@ -84,6 +84,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the virtual WAN | -| `resourceGroupName` | string | The resource group the virtual WAN was deployed into | -| `resourceId` | string | The resource ID of the virtual WAN | +| `name` | string | The name of the virtual WAN. | +| `resourceGroupName` | string | The resource group the virtual WAN was deployed into. | +| `resourceId` | string | The resource ID of the virtual WAN. | diff --git a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep index 6464b6440c..7e63d366cd 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep @@ -1,7 +1,7 @@ @description('Required. The name of the VPN connection.') param name string -@description('Required. The name of the VPN gateway this VPN connection is associated with.') +@description('Conditional. The name of the parent VPN gateway this VPN connection is associated with. Required if the template is used in a standalone deployment.') param vpnGatewayName string @description('Optional. The IPSec policies to be considered by this connection.') @@ -47,7 +47,7 @@ param vpnConnectionProtocolType string = 'IKEv2' @description('Optional. SharedKey for the VPN connection.') param sharedKey string = '' -@description('Optional. Reference to a VPN site to link to') +@description('Optional. Reference to a VPN site to link to.') param remoteVpnSiteResourceId string = '' @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -92,11 +92,11 @@ resource vpnConnection 'Microsoft.Network/vpnGateways/vpnConnections@2021-05-01' } } -@description('The name of the VPN connection') +@description('The name of the VPN connection.') output name string = vpnConnection.name -@description('The resource ID of the VPN connection') +@description('The resource ID of the VPN connection.') output resourceId string = vpnConnection.id -@description('The name of the resource group the VPN connection was deployed into') +@description('The name of the resource group the VPN connection was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/vpnGateways/connections/readme.md b/arm/Microsoft.Network/vpnGateways/connections/readme.md index 3ccb6afee7..db07b517fc 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/readme.md +++ b/arm/Microsoft.Network/vpnGateways/connections/readme.md @@ -20,7 +20,11 @@ This module deploys VPN Gateways Connections. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the VPN connection. | -| `vpnGatewayName` | string | The name of the VPN gateway this VPN connection is associated with. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `vpnGatewayName` | string | The name of the parent VPN gateway this VPN connection is associated with. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -31,7 +35,7 @@ This module deploys VPN Gateways Connections. | `enableInternetSecurity` | bool | `False` | | Enable internet security. | | `enableRateLimiting` | bool | `False` | | Enable rate limiting. | | `ipsecPolicies` | array | `[]` | | The IPSec policies to be considered by this connection. | -| `remoteVpnSiteResourceId` | string | `''` | | Reference to a VPN site to link to | +| `remoteVpnSiteResourceId` | string | `''` | | Reference to a VPN site to link to. | | `routingConfiguration` | object | `{object}` | | Routing configuration indicating the associated and propagated route tables for this connection. | | `routingWeight` | int | `0` | | Routing weight for VPN connection. | | `sharedKey` | string | `''` | | SharedKey for the VPN connection. | @@ -69,6 +73,6 @@ This module deploys VPN Gateways Connections. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the VPN connection | -| `resourceGroupName` | string | The name of the resource group the VPN connection was deployed into | -| `resourceId` | string | The resource ID of the VPN connection | +| `name` | string | The name of the VPN connection. | +| `resourceGroupName` | string | The name of the resource group the VPN connection was deployed into. | +| `resourceId` | string | The resource ID of the VPN connection. | diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index 436c0cea3d..df1447f66d 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. Name of the VPN gateway') +@description('Required. Name of the VPN gateway.') param name string @description('Optional. Location where all resources will be created.') param location string = resourceGroup().location -@description('Optional. The connections to create in the VPN gateway') +@description('Optional. The connections to create in the VPN gateway.') param connections array = [] @description('Optional. List of all the NAT Rules to associate with the gateway.') @@ -109,11 +109,11 @@ module vpnGateway_connections 'connections/deploy.bicep' = [for (connection, ind } }] -@description('The name of the VPN gateway') +@description('The name of the VPN gateway.') output name string = vpnGateway.name -@description('The resource ID of the VPN gateway') +@description('The resource ID of the VPN gateway.') output resourceId string = vpnGateway.id -@description('The name of the resource group the VPN gateway was deployed into') +@description('The name of the resource group the VPN gateway was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep b/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep index 05c117ae5c..53156ffe17 100644 --- a/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep @@ -1,7 +1,7 @@ @description('Required. The name of the NAT rule.') param name string -@description('Required. The name of the VPN gateway this NAT rule is associated with.') +@description('Conditional. The name of the parent VPN gateway this NAT rule is associated with. Required if the template is used in a standalone deployment.') param vpnGatewayName string @description('Optional. An address prefix range of destination IPs on the outside network that source IPs will be mapped to. In other words, your post-NAT address prefix range.') @@ -60,11 +60,11 @@ resource natRule 'Microsoft.Network/vpnGateways/natRules@2021-05-01' = { } } -@description('The name of the NAT rule') +@description('The name of the NAT rule.') output name string = natRule.name -@description('The resource ID of the NAT rule') +@description('The resource ID of the NAT rule.') output resourceId string = natRule.id -@description('The name of the resource group the NAT rule was deployed into') +@description('The name of the resource group the NAT rule was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/vpnGateways/natRules/readme.md b/arm/Microsoft.Network/vpnGateways/natRules/readme.md index cac9b38cd0..fbb6699e83 100644 --- a/arm/Microsoft.Network/vpnGateways/natRules/readme.md +++ b/arm/Microsoft.Network/vpnGateways/natRules/readme.md @@ -20,7 +20,11 @@ This module deploys VPN Gateways NATRules | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the NAT rule. | -| `vpnGatewayName` | string | The name of the VPN gateway this NAT rule is associated with. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `vpnGatewayName` | string | The name of the parent VPN gateway this NAT rule is associated with. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -37,6 +41,6 @@ This module deploys VPN Gateways NATRules | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the NAT rule | -| `resourceGroupName` | string | The name of the resource group the NAT rule was deployed into | -| `resourceId` | string | The resource ID of the NAT rule | +| `name` | string | The name of the NAT rule. | +| `resourceGroupName` | string | The name of the resource group the NAT rule was deployed into. | +| `resourceId` | string | The resource ID of the NAT rule. | diff --git a/arm/Microsoft.Network/vpnGateways/readme.md b/arm/Microsoft.Network/vpnGateways/readme.md index 9b07b5236c..e04f063bc2 100644 --- a/arm/Microsoft.Network/vpnGateways/readme.md +++ b/arm/Microsoft.Network/vpnGateways/readme.md @@ -22,14 +22,14 @@ This module deploys VPN Gateways. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the VPN gateway | +| `name` | string | Name of the VPN gateway. | | `virtualHubResourceId` | string | The resource ID of a virtual Hub to connect to. Note: The virtual Hub and Gateway must be deployed into the same location. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `bgpSettings` | object | `{object}` | | BGP settings details. | -| `connections` | _[connections](connections/readme.md)_ array | `[]` | | The connections to create in the VPN gateway | +| `connections` | _[connections](connections/readme.md)_ array | `[]` | | The connections to create in the VPN gateway. | | `enableBgpRouteTranslationForNat` | bool | `False` | | Enable BGP routes translation for NAT on this VPN gateway. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `isRoutingPreferenceInternet` | bool | `False` | | Enable routing preference property for the public IP interface of the VPN gateway. | @@ -96,6 +96,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the VPN gateway | -| `resourceGroupName` | string | The name of the resource group the VPN gateway was deployed into | -| `resourceId` | string | The resource ID of the VPN gateway | +| `name` | string | The name of the VPN gateway. | +| `resourceGroupName` | string | The name of the resource group the VPN gateway was deployed into. | +| `resourceId` | string | The resource ID of the VPN gateway. | diff --git a/arm/Microsoft.Network/vpnSites/deploy.bicep b/arm/Microsoft.Network/vpnSites/deploy.bicep index 1dd53818ec..8911a52919 100644 --- a/arm/Microsoft.Network/vpnSites/deploy.bicep +++ b/arm/Microsoft.Network/vpnSites/deploy.bicep @@ -1,7 +1,7 @@ @description('Required. Name of the VPN Site.') param name string -@description('Required. Resource ID of the virtual WAN to link to') +@description('Required. Resource ID of the virtual WAN to link to.') param virtualWanId string @description('Optional. Location where all resources will be created.') @@ -22,7 +22,7 @@ param deviceProperties object = {} @description('Optional. The IP-address for the VPN-site. Note: This is a deprecated property, please use the corresponding VpnSiteLinks property instead.') param ipAddress string = '' -@description('Optional. IsSecuritySite flag') +@description('Optional. IsSecuritySite flag.') param isSecuritySite bool = false @description('Optional. The Office365 breakout policy.') @@ -42,7 +42,7 @@ param vpnSiteLinks array = [] @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { @@ -95,11 +95,11 @@ module vpnSite_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in } }] -@description('The name of the VPN site') +@description('The name of the VPN site.') output name string = vpnSite.name -@description('The resource ID of the VPN site') +@description('The resource ID of the VPN site.') output resourceId string = vpnSite.id -@description('The resource group the VPN site was deployed into') +@description('The resource group the VPN site was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/vpnSites/readme.md b/arm/Microsoft.Network/vpnSites/readme.md index ac37e81d13..7d68663326 100644 --- a/arm/Microsoft.Network/vpnSites/readme.md +++ b/arm/Microsoft.Network/vpnSites/readme.md @@ -22,7 +22,7 @@ This module deploys a VPN Site. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | Name of the VPN Site. | -| `virtualWanId` | string | Resource ID of the virtual WAN to link to | +| `virtualWanId` | string | Resource ID of the virtual WAN to link to. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -32,11 +32,11 @@ This module deploys a VPN Site. | `deviceProperties` | object | `{object}` | | List of properties of the device. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `ipAddress` | string | `''` | | The IP-address for the VPN-site. Note: This is a deprecated property, please use the corresponding VpnSiteLinks property instead. | -| `isSecuritySite` | bool | `False` | | IsSecuritySite flag | +| `isSecuritySite` | bool | `False` | | IsSecuritySite flag. | | `location` | string | `[resourceGroup().location]` | | Location where all resources will be created. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `o365Policy` | object | `{object}` | | The Office365 breakout policy. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the resource. | | `vpnSiteLinks` | array | `[]` | | List of all VPN site links. | @@ -153,6 +153,6 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the VPN site | -| `resourceGroupName` | string | The resource group the VPN site was deployed into | -| `resourceId` | string | The resource ID of the VPN site | +| `name` | string | The name of the VPN site. | +| `resourceGroupName` | string | The resource group the VPN site was deployed into. | +| `resourceId` | string | The resource ID of the VPN site. | diff --git a/arm/Microsoft.OperationalInsights/workspaces/dataSources/deploy.bicep b/arm/Microsoft.OperationalInsights/workspaces/dataSources/deploy.bicep index b977d44299..84a1306582 100644 --- a/arm/Microsoft.OperationalInsights/workspaces/dataSources/deploy.bicep +++ b/arm/Microsoft.OperationalInsights/workspaces/dataSources/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. Name of the Log Analytics workspace') +@description('Conditional. Name of the Log Analytics workspace. Required if the template is used in a standalone deployment.') param logAnalyticsWorkspaceName string -@description('Required. Name of the solution') +@description('Required. Name of the solution.') param name string @description('Required. The kind of the DataSource.') @@ -92,11 +92,11 @@ resource dataSource 'Microsoft.OperationalInsights/workspaces/dataSources@2020-0 } } -@description('The resource ID of the deployed data source') +@description('The resource ID of the deployed data source.') output resourceId string = dataSource.id -@description('The resource group where the data source is deployed') +@description('The resource group where the data source is deployed.') output resourceGroupName string = resourceGroup().name -@description('The name of the deployed data source') +@description('The name of the deployed data source.') output name string = dataSource.name diff --git a/arm/Microsoft.OperationalInsights/workspaces/dataSources/readme.md b/arm/Microsoft.OperationalInsights/workspaces/dataSources/readme.md index af15bd4bef..2025448ba4 100644 --- a/arm/Microsoft.OperationalInsights/workspaces/dataSources/readme.md +++ b/arm/Microsoft.OperationalInsights/workspaces/dataSources/readme.md @@ -20,8 +20,12 @@ This template deploys a data source for a Log Analytics workspace. | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `kind` | string | `'AzureActivityLog'` | `[AzureActivityLog, WindowsEvent, WindowsPerformanceCounter, IISLogs, LinuxSyslog, LinuxSyslogCollection, LinuxPerformanceObject, LinuxPerformanceCollection]` | The kind of the DataSource. | -| `logAnalyticsWorkspaceName` | string | | | Name of the Log Analytics workspace | -| `name` | string | | | Name of the solution | +| `name` | string | | | Name of the solution. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `logAnalyticsWorkspaceName` | string | Name of the Log Analytics workspace. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -62,6 +66,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed data source | -| `resourceGroupName` | string | The resource group where the data source is deployed | -| `resourceId` | string | The resource ID of the deployed data source | +| `name` | string | The name of the deployed data source. | +| `resourceGroupName` | string | The resource group where the data source is deployed. | +| `resourceId` | string | The resource ID of the deployed data source. | diff --git a/arm/Microsoft.OperationalInsights/workspaces/deploy.bicep b/arm/Microsoft.OperationalInsights/workspaces/deploy.bicep index 99995111c5..f5469c8138 100644 --- a/arm/Microsoft.OperationalInsights/workspaces/deploy.bicep +++ b/arm/Microsoft.OperationalInsights/workspaces/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. Name of the Log Analytics workspace') +@description('Required. Name of the Log Analytics workspace.') param name string @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Service Tier: PerGB2018, Free, Standalone, PerGB or PerNode') +@description('Optional. Service Tier: PerGB2018, Free, Standalone, PerGB or PerNode.') @allowed([ 'Free' 'Standalone' @@ -28,7 +28,7 @@ param dataSources array = [] @description('Optional. LAW gallerySolutions from the gallery.') param gallerySolutions array = [] -@description('Optional. Number of days data will be retained for') +@description('Optional. Number of days data will be retained for.') @minValue(0) @maxValue(730) param dataRetention int = 365 @@ -79,7 +79,7 @@ param diagnosticEventHubName string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -263,14 +263,14 @@ module logAnalyticsWorkspace_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignm } }] -@description('The resource ID of the deployed log analytics workspace') +@description('The resource ID of the deployed log analytics workspace.') output resourceId string = logAnalyticsWorkspace.id -@description('The resource group of the deployed log analytics workspace') +@description('The resource group of the deployed log analytics workspace.') output resourceGroupName string = resourceGroup().name -@description('The name of the deployed log analytics workspace') +@description('The name of the deployed log analytics workspace.') output name string = logAnalyticsWorkspace.name -@description('The ID associated with the workspace') +@description('The ID associated with the workspace.') output logAnalyticsWorkspaceId string = logAnalyticsWorkspace.properties.customerId diff --git a/arm/Microsoft.OperationalInsights/workspaces/linkedServices/deploy.bicep b/arm/Microsoft.OperationalInsights/workspaces/linkedServices/deploy.bicep index 257cc9ea5d..856d4d8977 100644 --- a/arm/Microsoft.OperationalInsights/workspaces/linkedServices/deploy.bicep +++ b/arm/Microsoft.OperationalInsights/workspaces/linkedServices/deploy.bicep @@ -1,13 +1,13 @@ -@description('Required. Name of the Log Analytics workspace') +@description('Conditional. Name of the Log Analytics workspace. Required if the template is used in a standalone deployment.') param logAnalyticsWorkspaceName string -@description('Required. Name of the link') +@description('Required. Name of the link.') param name string @description('Required. The resource ID of the resource that will be linked to the workspace. This should be used for linking resources which require read access.') param resourceId string = '' -@description('Optional. The resource ID of the resource that will be linked to the workspace. This should be used for linking resources which require write access. ') +@description('Optional. The resource ID of the resource that will be linked to the workspace. This should be used for linking resources which require write access.') param writeAccessResourceId string = '' @description('Optional. Tags to configure in the resource.') @@ -42,11 +42,11 @@ resource linkedService 'Microsoft.OperationalInsights/workspaces/linkedServices@ } } -@description('The resource ID of the deployed linked service') +@description('The resource ID of the deployed linked service.') output resourceId string = linkedService.id -@description('The resource group where the linked service is deployed') +@description('The resource group where the linked service is deployed.') output resourceGroupName string = resourceGroup().name -@description('The name of the deployed linked service') +@description('The name of the deployed linked service.') output name string = linkedService.name diff --git a/arm/Microsoft.OperationalInsights/workspaces/linkedServices/readme.md b/arm/Microsoft.OperationalInsights/workspaces/linkedServices/readme.md index 7fe8d237a9..6ca4892b41 100644 --- a/arm/Microsoft.OperationalInsights/workspaces/linkedServices/readme.md +++ b/arm/Microsoft.OperationalInsights/workspaces/linkedServices/readme.md @@ -19,16 +19,20 @@ This template deploys a linked service for a Log Analytics workspace. **Required parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | -| `logAnalyticsWorkspaceName` | string | | Name of the Log Analytics workspace | -| `name` | string | | Name of the link | +| `name` | string | | Name of the link. | | `resourceId` | string | `''` | The resource ID of the resource that will be linked to the workspace. This should be used for linking resources which require read access. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `logAnalyticsWorkspaceName` | string | Name of the Log Analytics workspace. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `tags` | object | `{object}` | Tags to configure in the resource. | -| `writeAccessResourceId` | string | `''` | The resource ID of the resource that will be linked to the workspace. This should be used for linking resources which require write access. | +| `writeAccessResourceId` | string | `''` | The resource ID of the resource that will be linked to the workspace. This should be used for linking resources which require write access. | ### Parameter Usage: `tags` @@ -52,6 +56,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed linked service | -| `resourceGroupName` | string | The resource group where the linked service is deployed | -| `resourceId` | string | The resource ID of the deployed linked service | +| `name` | string | The name of the deployed linked service. | +| `resourceGroupName` | string | The resource group where the linked service is deployed. | +| `resourceId` | string | The resource ID of the deployed linked service. | diff --git a/arm/Microsoft.OperationalInsights/workspaces/readme.md b/arm/Microsoft.OperationalInsights/workspaces/readme.md index 64e726046d..82a233af4d 100644 --- a/arm/Microsoft.OperationalInsights/workspaces/readme.md +++ b/arm/Microsoft.OperationalInsights/workspaces/readme.md @@ -27,13 +27,13 @@ This template deploys a log analytics workspace. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the Log Analytics workspace | +| `name` | string | Name of the Log Analytics workspace. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `dailyQuotaGb` | int | `-1` | | The workspace daily quota for ingestion. | -| `dataRetention` | int | `365` | | Number of days data will be retained for | +| `dataRetention` | int | `365` | | Number of days data will be retained for. | | `dataSources` | _[dataSources](dataSources/readme.md)_ array | `[]` | | LAW data sources to configure. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | @@ -50,9 +50,9 @@ This template deploys a log analytics workspace. | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `publicNetworkAccessForIngestion` | string | `'Enabled'` | `[Enabled, Disabled]` | The network access type for accessing Log Analytics ingestion. | | `publicNetworkAccessForQuery` | string | `'Enabled'` | `[Enabled, Disabled]` | The network access type for accessing Log Analytics query. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `savedSearches` | _[savedSearches](savedSearches/readme.md)_ array | `[]` | | Kusto Query Language searches to save. | -| `serviceTier` | string | `'PerGB2018'` | `[Free, Standalone, PerNode, PerGB2018]` | Service Tier: PerGB2018, Free, Standalone, PerGB or PerNode | +| `serviceTier` | string | `'PerGB2018'` | `[Free, Standalone, PerNode, PerGB2018]` | Service Tier: PerGB2018, Free, Standalone, PerGB or PerNode. | | `storageInsightsConfigs` | array | `[]` | | List of storage accounts to be read by the workspace. | | `tags` | object | `{object}` | | Tags of the resource. | | `useResourcePermissions` | bool | `False` | | Set to 'true' to use resource or workspace permissions and 'false' (or leave empty) to require workspace permissions. | @@ -235,7 +235,7 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `logAnalyticsWorkspaceId` | string | The ID associated with the workspace | -| `name` | string | The name of the deployed log analytics workspace | -| `resourceGroupName` | string | The resource group of the deployed log analytics workspace | -| `resourceId` | string | The resource ID of the deployed log analytics workspace | +| `logAnalyticsWorkspaceId` | string | The ID associated with the workspace. | +| `name` | string | The name of the deployed log analytics workspace. | +| `resourceGroupName` | string | The resource group of the deployed log analytics workspace. | +| `resourceId` | string | The resource ID of the deployed log analytics workspace. | diff --git a/arm/Microsoft.OperationalInsights/workspaces/savedSearches/deploy.bicep b/arm/Microsoft.OperationalInsights/workspaces/savedSearches/deploy.bicep index 9c64f8246e..8593e064ed 100644 --- a/arm/Microsoft.OperationalInsights/workspaces/savedSearches/deploy.bicep +++ b/arm/Microsoft.OperationalInsights/workspaces/savedSearches/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. Name of the Log Analytics workspace') +@description('Conditional. Name of the Log Analytics workspace. Required if the template is used in a standalone deployment.') param logAnalyticsWorkspaceName string -@description('Required. Name of the saved search') +@description('Required. Name of the saved search.') param name string @description('Required. Display name for the search.') @@ -58,11 +58,11 @@ resource savedSearch 'Microsoft.OperationalInsights/workspaces/savedSearches@202 } } -@description('The resource ID of the deployed saved search') +@description('The resource ID of the deployed saved search.') output resourceId string = savedSearch.id -@description('The resource group where the saved search is deployed') +@description('The resource group where the saved search is deployed.') output resourceGroupName string = resourceGroup().name -@description('The name of the deployed saved search') +@description('The name of the deployed saved search.') output name string = savedSearch.name diff --git a/arm/Microsoft.OperationalInsights/workspaces/savedSearches/readme.md b/arm/Microsoft.OperationalInsights/workspaces/savedSearches/readme.md index 662e72863d..f553c2dd27 100644 --- a/arm/Microsoft.OperationalInsights/workspaces/savedSearches/readme.md +++ b/arm/Microsoft.OperationalInsights/workspaces/savedSearches/readme.md @@ -21,10 +21,14 @@ This template deploys a saved search for a Log Analytics workspace. | :-- | :-- | :-- | | `category` | string | Query category. | | `displayName` | string | Display name for the search. | -| `logAnalyticsWorkspaceName` | string | Name of the Log Analytics workspace | -| `name` | string | Name of the saved search | +| `name` | string | Name of the saved search. | | `query` | string | Kusto Query to be stored. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `logAnalyticsWorkspaceName` | string | Name of the Log Analytics workspace. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | @@ -56,6 +60,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed saved search | -| `resourceGroupName` | string | The resource group where the saved search is deployed | -| `resourceId` | string | The resource ID of the deployed saved search | +| `name` | string | The name of the deployed saved search. | +| `resourceGroupName` | string | The resource group where the saved search is deployed. | +| `resourceId` | string | The resource ID of the deployed saved search. | diff --git a/arm/Microsoft.OperationalInsights/workspaces/storageInsightConfigs/deploy.bicep b/arm/Microsoft.OperationalInsights/workspaces/storageInsightConfigs/deploy.bicep index b86b20582c..0d756a84ad 100644 --- a/arm/Microsoft.OperationalInsights/workspaces/storageInsightConfigs/deploy.bicep +++ b/arm/Microsoft.OperationalInsights/workspaces/storageInsightConfigs/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. Name of the Log Analytics workspace.') +@description('Conditional. Name of the Log Analytics workspace. Required if the template is used in a standalone deployment.') param logAnalyticsWorkspaceName string -@description('Optional. The name of the storage insights config') +@description('Optional. The name of the storage insights config.') param name string = '${last(split(storageAccountId, '/'))}-stinsconfig' @description('Required. The Azure Resource Manager ID of the storage account resource.') @@ -53,11 +53,11 @@ resource storageinsightconfig 'Microsoft.OperationalInsights/workspaces/storageI } } -@description('The resource ID of the deployed storage insights configuration') +@description('The resource ID of the deployed storage insights configuration.') output resourceId string = storageinsightconfig.id -@description('The resource group where the storage insight configuration is deployed') +@description('The resource group where the storage insight configuration is deployed.') output resourceGroupName string = resourceGroup().name -@description('The name of the storage insights configuration') +@description('The name of the storage insights configuration.') output name string = storageinsightconfig.name diff --git a/arm/Microsoft.OperationalInsights/workspaces/storageInsightConfigs/readme.md b/arm/Microsoft.OperationalInsights/workspaces/storageInsightConfigs/readme.md index 24afa7fd77..a893ba491d 100644 --- a/arm/Microsoft.OperationalInsights/workspaces/storageInsightConfigs/readme.md +++ b/arm/Microsoft.OperationalInsights/workspaces/storageInsightConfigs/readme.md @@ -19,15 +19,19 @@ This template deploys a storage insights configuration for a Log Analytics works **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `logAnalyticsWorkspaceName` | string | Name of the Log Analytics workspace. | | `storageAccountId` | string | The Azure Resource Manager ID of the storage account resource. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `logAnalyticsWorkspaceName` | string | Name of the Log Analytics workspace. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `containers` | array | `[]` | The names of the blob containers that the workspace should read. | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `[format('{0}-stinsconfig', last(split(parameters('storageAccountId'), '/')))]` | The name of the storage insights config | +| `name` | string | `[format('{0}-stinsconfig', last(split(parameters('storageAccountId'), '/')))]` | The name of the storage insights config. | | `tables` | array | `[]` | The names of the Azure tables that the workspace should read. | | `tags` | object | `{object}` | Tags to configure in the resource. | @@ -53,6 +57,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the storage insights configuration | -| `resourceGroupName` | string | The resource group where the storage insight configuration is deployed | -| `resourceId` | string | The resource ID of the deployed storage insights configuration | +| `name` | string | The name of the storage insights configuration. | +| `resourceGroupName` | string | The resource group where the storage insight configuration is deployed. | +| `resourceId` | string | The resource ID of the deployed storage insights configuration. | diff --git a/arm/Microsoft.RecoveryServices/vaults/backupConfig/deploy.bicep b/arm/Microsoft.RecoveryServices/vaults/backupConfig/deploy.bicep index e8a4cb2651..9f94a391ea 100644 --- a/arm/Microsoft.RecoveryServices/vaults/backupConfig/deploy.bicep +++ b/arm/Microsoft.RecoveryServices/vaults/backupConfig/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. Name of the Azure Recovery Service Vault') +@description('Conditional. Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment.') param recoveryVaultName string -@description('Optional. Name of the Azure Recovery Service Vault Backup Policy') +@description('Optional. Name of the Azure Recovery Service Vault Backup Policy.') param name string = 'vaultconfig' @description('Optional. Enable this setting to protect hybrid backups against accidental deletes and add additional layer of authentication for critical operations.') @@ -11,17 +11,17 @@ param name string = 'vaultconfig' ]) param enhancedSecurityState string = 'Enabled' -@description('Optional. ResourceGuard Operation Requests') +@description('Optional. ResourceGuard Operation Requests.') param resourceGuardOperationRequests array = [] -@description('Optional. Enable this setting to protect backup data for Azure VM, SQL Server in Azure VM and SAP HANA in Azure VM from accidental deletes') +@description('Optional. Enable this setting to protect backup data for Azure VM, SQL Server in Azure VM and SAP HANA in Azure VM from accidental deletes.') @allowed([ 'Disabled' 'Enabled' ]) param softDeleteFeatureState string = 'Enabled' -@description('Optional. Storage type') +@description('Optional. Storage type.') @allowed([ 'GeoRedundant' 'LocallyRedundant' @@ -30,7 +30,7 @@ param softDeleteFeatureState string = 'Enabled' ]) param storageModelType string = 'GeoRedundant' -@description('Optional. Storage type') +@description('Optional. Storage type.') @allowed([ 'GeoRedundant' 'LocallyRedundant' @@ -78,10 +78,10 @@ resource backupConfig 'Microsoft.RecoveryServices/vaults/backupconfig@2021-10-01 } } -@description('The name of the backup config') +@description('The name of the backup config.') output name string = backupConfig.name -@description('The resource ID of the backup config') +@description('The resource ID of the backup config.') output resourceId string = backupConfig.id @description('The name of the resource group the backup config was created in.') diff --git a/arm/Microsoft.RecoveryServices/vaults/backupConfig/readme.md b/arm/Microsoft.RecoveryServices/vaults/backupConfig/readme.md index 24a0c21e43..7662852c32 100644 --- a/arm/Microsoft.RecoveryServices/vaults/backupConfig/readme.md +++ b/arm/Microsoft.RecoveryServices/vaults/backupConfig/readme.md @@ -16,21 +16,21 @@ This module deploys recovery services vault backup config. ## Parameters -**Required parameters** +**Conditional parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `recoveryVaultName` | string | Name of the Azure Recovery Service Vault | +| `recoveryVaultName` | string | Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `enhancedSecurityState` | string | `'Enabled'` | `[Disabled, Enabled]` | Enable this setting to protect hybrid backups against accidental deletes and add additional layer of authentication for critical operations. | -| `name` | string | `'vaultconfig'` | | Name of the Azure Recovery Service Vault Backup Policy | -| `resourceGuardOperationRequests` | array | `[]` | | ResourceGuard Operation Requests | -| `softDeleteFeatureState` | string | `'Enabled'` | `[Disabled, Enabled]` | Enable this setting to protect backup data for Azure VM, SQL Server in Azure VM and SAP HANA in Azure VM from accidental deletes | -| `storageModelType` | string | `'GeoRedundant'` | `[GeoRedundant, LocallyRedundant, ReadAccessGeoZoneRedundant, ZoneRedundant]` | Storage type | -| `storageType` | string | `'GeoRedundant'` | `[GeoRedundant, LocallyRedundant, ReadAccessGeoZoneRedundant, ZoneRedundant]` | Storage type | +| `name` | string | `'vaultconfig'` | | Name of the Azure Recovery Service Vault Backup Policy. | +| `resourceGuardOperationRequests` | array | `[]` | | ResourceGuard Operation Requests. | +| `softDeleteFeatureState` | string | `'Enabled'` | `[Disabled, Enabled]` | Enable this setting to protect backup data for Azure VM, SQL Server in Azure VM and SAP HANA in Azure VM from accidental deletes. | +| `storageModelType` | string | `'GeoRedundant'` | `[GeoRedundant, LocallyRedundant, ReadAccessGeoZoneRedundant, ZoneRedundant]` | Storage type. | +| `storageType` | string | `'GeoRedundant'` | `[GeoRedundant, LocallyRedundant, ReadAccessGeoZoneRedundant, ZoneRedundant]` | Storage type. | | `storageTypeState` | string | `'Locked'` | `[Locked, Unlocked]` | Once a machine is registered against a resource, the storageTypeState is always Locked. | @@ -38,6 +38,6 @@ This module deploys recovery services vault backup config. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the backup config | +| `name` | string | The name of the backup config. | | `resourceGroupName` | string | The name of the resource group the backup config was created in. | -| `resourceId` | string | The resource ID of the backup config | +| `resourceId` | string | The resource ID of the backup config. | diff --git a/arm/Microsoft.RecoveryServices/vaults/backupPolicies/deploy.bicep b/arm/Microsoft.RecoveryServices/vaults/backupPolicies/deploy.bicep index 6abbc8be30..3e3233a23f 100644 --- a/arm/Microsoft.RecoveryServices/vaults/backupPolicies/deploy.bicep +++ b/arm/Microsoft.RecoveryServices/vaults/backupPolicies/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. Name of the Azure Recovery Service Vault') +@description('Conditional. Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment.') param recoveryVaultName string -@description('Required. Name of the Azure Recovery Service Vault Backup Policy') +@description('Required. Name of the Azure Recovery Service Vault Backup Policy.') param name string -@description('Required. Configuration of the Azure Recovery Service Vault Backup Policy') +@description('Required. Configuration of the Azure Recovery Service Vault Backup Policy.') param backupPolicyProperties object @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -32,10 +32,10 @@ resource backupPolicy 'Microsoft.RecoveryServices/vaults/backupPolicies@2021-08- properties: backupPolicyProperties } -@description('The name of the backup policy') +@description('The name of the backup policy.') output name string = backupPolicy.name -@description('The resource ID of the backup policy') +@description('The resource ID of the backup policy.') output resourceId string = backupPolicy.id @description('The name of the resource group the backup policy was created in.') diff --git a/arm/Microsoft.RecoveryServices/vaults/backupPolicies/readme.md b/arm/Microsoft.RecoveryServices/vaults/backupPolicies/readme.md index 822aeb916d..7e4692d0b1 100644 --- a/arm/Microsoft.RecoveryServices/vaults/backupPolicies/readme.md +++ b/arm/Microsoft.RecoveryServices/vaults/backupPolicies/readme.md @@ -19,9 +19,13 @@ This module deploys a Backup Policy for a Recovery Services Vault **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `backupPolicyProperties` | object | Configuration of the Azure Recovery Service Vault Backup Policy | -| `name` | string | Name of the Azure Recovery Service Vault Backup Policy | -| `recoveryVaultName` | string | Name of the Azure Recovery Service Vault | +| `backupPolicyProperties` | object | Configuration of the Azure Recovery Service Vault Backup Policy. | +| `name` | string | Name of the Azure Recovery Service Vault Backup Policy. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `recoveryVaultName` | string | Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -121,6 +125,6 @@ Object continaining the configuration for backup policies. It needs to be proper | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the backup policy | +| `name` | string | The name of the backup policy. | | `resourceGroupName` | string | The name of the resource group the backup policy was created in. | -| `resourceId` | string | The resource ID of the backup policy | +| `resourceId` | string | The resource ID of the backup policy. | diff --git a/arm/Microsoft.RecoveryServices/vaults/backupStorageConfig/deploy.bicep b/arm/Microsoft.RecoveryServices/vaults/backupStorageConfig/deploy.bicep index 5b8d42ef31..4212630bd6 100644 --- a/arm/Microsoft.RecoveryServices/vaults/backupStorageConfig/deploy.bicep +++ b/arm/Microsoft.RecoveryServices/vaults/backupStorageConfig/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. Name of the Azure Recovery Service Vault') +@description('Conditional. Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment.') param recoveryVaultName string -@description('Optional. The name of the backup storage config') +@description('Optional. The name of the backup storage config.') param name string = 'vaultstorageconfig' -@description('Optional. Change Vault Storage Type (Works if vault has not registered any backup instance)') +@description('Optional. Change Vault Storage Type (Works if vault has not registered any backup instance).') @allowed([ 'GeoRedundant' 'LocallyRedundant' @@ -13,7 +13,7 @@ param name string = 'vaultstorageconfig' ]) param storageModelType string = 'GeoRedundant' -@description('Optional. Opt in details of Cross Region Restore feature') +@description('Optional. Opt in details of Cross Region Restore feature.') param crossRegionRestoreFlag bool = true @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -44,10 +44,10 @@ resource backupStorageConfig 'Microsoft.RecoveryServices/vaults/backupstoragecon } } -@description('The name of the backup storage config') +@description('The name of the backup storage config.') output name string = backupStorageConfig.name -@description('The resource ID of the backup storage config') +@description('The resource ID of the backup storage config.') output resourceId string = backupStorageConfig.id @description('The name of the Resource Group the backup storage configuration was created in.') diff --git a/arm/Microsoft.RecoveryServices/vaults/backupStorageConfig/readme.md b/arm/Microsoft.RecoveryServices/vaults/backupStorageConfig/readme.md index 4108cca296..01bb7fb089 100644 --- a/arm/Microsoft.RecoveryServices/vaults/backupStorageConfig/readme.md +++ b/arm/Microsoft.RecoveryServices/vaults/backupStorageConfig/readme.md @@ -15,24 +15,24 @@ This module deploys the Backup Storage Configuration for the Recovery Service Va ## Parameters -**Required parameters** +**Conditional parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `recoveryVaultName` | string | Name of the Azure Recovery Service Vault | +| `recoveryVaultName` | string | Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `crossRegionRestoreFlag` | bool | `True` | | Opt in details of Cross Region Restore feature | +| `crossRegionRestoreFlag` | bool | `True` | | Opt in details of Cross Region Restore feature. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `'vaultstorageconfig'` | | The name of the backup storage config | -| `storageModelType` | string | `'GeoRedundant'` | `[GeoRedundant, LocallyRedundant, ReadAccessGeoZoneRedundant, ZoneRedundant]` | Change Vault Storage Type (Works if vault has not registered any backup instance) | +| `name` | string | `'vaultstorageconfig'` | | The name of the backup storage config. | +| `storageModelType` | string | `'GeoRedundant'` | `[GeoRedundant, LocallyRedundant, ReadAccessGeoZoneRedundant, ZoneRedundant]` | Change Vault Storage Type (Works if vault has not registered any backup instance). | ## Outputs | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the backup storage config | +| `name` | string | The name of the backup storage config. | | `resourceGroupName` | string | The name of the Resource Group the backup storage configuration was created in. | -| `resourceId` | string | The resource ID of the backup storage config | +| `resourceId` | string | The resource ID of the backup storage config. | diff --git a/arm/Microsoft.RecoveryServices/vaults/deploy.bicep b/arm/Microsoft.RecoveryServices/vaults/deploy.bicep index 6b8d905f65..ac68b0a883 100644 --- a/arm/Microsoft.RecoveryServices/vaults/deploy.bicep +++ b/arm/Microsoft.RecoveryServices/vaults/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. Name of the Azure Recovery Service Vault') +@description('Required. Name of the Azure Recovery Service Vault.') param name string -@description('Optional. The storage configuration for the Azure Recovery Service Vault') +@description('Optional. The storage configuration for the Azure Recovery Service Vault.') param backupStorageConfig object = {} @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -45,7 +45,7 @@ param diagnosticEventHubAuthorizationRuleId string = '' @description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category.') param diagnosticEventHubName string = '' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @allowed([ @@ -268,13 +268,13 @@ module rsv_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in rol } }] -@description('The resource ID of the recovery services vault') +@description('The resource ID of the recovery services vault.') output resourceId string = rsv.id -@description('The name of the resource group the recovery services vault was created in') +@description('The name of the resource group the recovery services vault was created in.') output resourceGroupName string = resourceGroup().name -@description('The Name of the recovery services vault') +@description('The Name of the recovery services vault.') output name string = rsv.name @description('The principal ID of the system assigned identity.') diff --git a/arm/Microsoft.RecoveryServices/vaults/protectionContainers/deploy.bicep b/arm/Microsoft.RecoveryServices/vaults/protectionContainers/deploy.bicep index 2264fe36fa..5f37621952 100644 --- a/arm/Microsoft.RecoveryServices/vaults/protectionContainers/deploy.bicep +++ b/arm/Microsoft.RecoveryServices/vaults/protectionContainers/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. Name of the Azure Recovery Service Vault') +@description('Conditional. Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment.') param recoveryVaultName string -@description('Required. Name of the Azure Recovery Service Vault Protection Container') +@description('Required. Name of the Azure Recovery Service Vault Protection Container.') param name string @description('Optional. Backup management type to execute the current Protection Container job.') @@ -19,13 +19,13 @@ param name string ]) param backupManagementType string = '' -@description('Optional. Resource ID of the target resource for the Protection Container ') +@description('Optional. Resource ID of the target resource for the Protection Container.') param sourceResourceId string = '' -@description('Optional. Friendly name of the Protection Container') +@description('Optional. Friendly name of the Protection Container.') param friendlyName string = '' -@description('Optional. Type of the container') +@description('Optional. Type of the container.') @allowed([ 'AzureBackupServerContainer' 'AzureSqlContainer' diff --git a/arm/Microsoft.RecoveryServices/vaults/protectionContainers/readme.md b/arm/Microsoft.RecoveryServices/vaults/protectionContainers/readme.md index 2b2325842a..ac5095ede6 100644 --- a/arm/Microsoft.RecoveryServices/vaults/protectionContainers/readme.md +++ b/arm/Microsoft.RecoveryServices/vaults/protectionContainers/readme.md @@ -19,17 +19,21 @@ This module deploys a Protection Container for a Recovery Services Vault **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the Azure Recovery Service Vault Protection Container | -| `recoveryVaultName` | string | Name of the Azure Recovery Service Vault | +| `name` | string | Name of the Azure Recovery Service Vault Protection Container. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `recoveryVaultName` | string | Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `backupManagementType` | string | `''` | `[AzureBackupServer, AzureIaasVM, AzureSql, AzureStorage, AzureWorkload, DPM, DefaultBackup, Invalid, MAB, ]` | Backup management type to execute the current Protection Container job. | -| `containerType` | string | `''` | `[AzureBackupServerContainer, AzureSqlContainer, GenericContainer, Microsoft.ClassicCompute/virtualMachines, Microsoft.Compute/virtualMachines, SQLAGWorkLoadContainer, StorageContainer, VMAppContainer, Windows, ]` | Type of the container | +| `containerType` | string | `''` | `[AzureBackupServerContainer, AzureSqlContainer, GenericContainer, Microsoft.ClassicCompute/virtualMachines, Microsoft.Compute/virtualMachines, SQLAGWorkLoadContainer, StorageContainer, VMAppContainer, Windows, ]` | Type of the container. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `friendlyName` | string | `''` | | Friendly name of the Protection Container | -| `sourceResourceId` | string | `''` | | Resource ID of the target resource for the Protection Container | +| `friendlyName` | string | `''` | | Friendly name of the Protection Container. | +| `sourceResourceId` | string | `''` | | Resource ID of the target resource for the Protection Container. | ## Outputs diff --git a/arm/Microsoft.RecoveryServices/vaults/readme.md b/arm/Microsoft.RecoveryServices/vaults/readme.md index 22011bdd84..ea24de3189 100644 --- a/arm/Microsoft.RecoveryServices/vaults/readme.md +++ b/arm/Microsoft.RecoveryServices/vaults/readme.md @@ -30,14 +30,14 @@ This module deploys a recovery service vault. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the Azure Recovery Service Vault | +| `name` | string | Name of the Azure Recovery Service Vault. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `backupConfig` | _[backupConfig](backupConfig/readme.md)_ object | `{object}` | | The backup configuration. | | `backupPolicies` | _[backupPolicies](backupPolicies/readme.md)_ array | `[]` | | List of all backup policies. | -| `backupStorageConfig` | _[backupStorageConfig](backupStorageConfig/readme.md)_ object | `{object}` | | The storage configuration for the Azure Recovery Service Vault | +| `backupStorageConfig` | _[backupStorageConfig](backupStorageConfig/readme.md)_ object | `{object}` | | The storage configuration for the Azure Recovery Service Vault. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[AzureBackupReport, CoreAzureBackup, AddonAzureBackupJobs, AddonAzureBackupAlerts, AddonAzureBackupPolicy, AddonAzureBackupStorage, AddonAzureBackupProtectedInstance, AzureSiteRecoveryJobs, AzureSiteRecoveryEvents, AzureSiteRecoveryReplicatedItems, AzureSiteRecoveryReplicationStats, AzureSiteRecoveryRecoveryPoints, AzureSiteRecoveryReplicationDataUploadRate, AzureSiteRecoveryProtectedDiskDataChurn]` | `[AzureBackupReport, CoreAzureBackup, AddonAzureBackupJobs, AddonAzureBackupAlerts, AddonAzureBackupPolicy, AddonAzureBackupStorage, AddonAzureBackupProtectedInstance, AzureSiteRecoveryJobs, AzureSiteRecoveryEvents, AzureSiteRecoveryReplicatedItems, AzureSiteRecoveryReplicationStats, AzureSiteRecoveryRecoveryPoints, AzureSiteRecoveryReplicationDataUploadRate, AzureSiteRecoveryProtectedDiskDataChurn]` | The name of logs that will be streamed. | @@ -52,7 +52,7 @@ This module deploys a recovery service vault. | `protectionContainers` | _[protectionContainers](protectionContainers/readme.md)_ array | `[]` | | List of all protection containers. | | `replicationFabrics` | _[replicationFabrics](replicationFabrics/readme.md)_ array | `[]` | | List of all replication fabrics. | | `replicationPolicies` | _[replicationPolicies](replicationPolicies/readme.md)_ array | `[]` | | List of all replication policies. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `systemAssignedIdentity` | bool | `False` | | Enables system assigned managed identity on the resource. | | `tags` | object | `{object}` | | Tags of the Recovery Service Vault resource. | | `userAssignedIdentities` | object | `{object}` | | The ID(s) to assign to the resource. | @@ -423,7 +423,7 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The Name of the recovery services vault | -| `resourceGroupName` | string | The name of the resource group the recovery services vault was created in | -| `resourceId` | string | The resource ID of the recovery services vault | +| `name` | string | The Name of the recovery services vault. | +| `resourceGroupName` | string | The name of the resource group the recovery services vault was created in. | +| `resourceId` | string | The resource ID of the recovery services vault. | | `systemAssignedPrincipalId` | string | The principal ID of the system assigned identity. | diff --git a/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/deploy.bicep b/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/deploy.bicep index 7b5cb2f01c..ef2962f5f4 100644 --- a/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/deploy.bicep +++ b/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. Name of the Azure Recovery Service Vault') +@description('Conditional. Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment.') param recoveryVaultName string -@description('Required. The recovery location the fabric represents') +@description('Required. The recovery location the fabric represents.') param location string = resourceGroup().location -@description('Optional. The name of the fabric') +@description('Optional. The name of the fabric.') param name string = location @description('Optional. Replication containers to create.') diff --git a/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/readme.md b/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/readme.md index 05e9facccc..1ec0749e62 100644 --- a/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/readme.md +++ b/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/readme.md @@ -23,14 +23,18 @@ This module deploys a Replication Fabric for Azure to Azure disaster recovery sc **Required parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | -| `location` | string | `[resourceGroup().location]` | The recovery location the fabric represents | -| `recoveryVaultName` | string | | Name of the Azure Recovery Service Vault | +| `location` | string | `[resourceGroup().location]` | The recovery location the fabric represents. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `recoveryVaultName` | string | Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `[parameters('location')]` | The name of the fabric | +| `name` | string | `[parameters('location')]` | The name of the fabric. | | `replicationContainers` | array | `[]` | Replication containers to create. | diff --git a/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/deploy.bicep b/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/deploy.bicep index 990d587454..a7b0d301d2 100644 --- a/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/deploy.bicep +++ b/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. Name of the Azure Recovery Service Vault') +@description('Conditional. Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment.') param recoveryVaultName string -@description('Required. Name of the Replication Fabric') +@description('Conditional. Name of the Replication Fabric. Required if the template is used in a standalone deployment.') param replicationFabricName string -@description('Required. The name of the replication container') +@description('Required. The name of the replication container.') param name string @description('Optional. Replication containers mappings to create.') diff --git a/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/readme.md b/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/readme.md index 312fe0fb62..1d37148fcb 100644 --- a/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/readme.md +++ b/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/readme.md @@ -22,9 +22,13 @@ This module deploys a Replication Protection Container. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the replication container | -| `recoveryVaultName` | string | Name of the Azure Recovery Service Vault | -| `replicationFabricName` | string | Name of the Replication Fabric | +| `name` | string | The name of the replication container. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `recoveryVaultName` | string | Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment. | +| `replicationFabricName` | string | Name of the Replication Fabric. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | diff --git a/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/deploy.bicep b/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/deploy.bicep index adfe75faf7..2536fa6541 100644 --- a/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/deploy.bicep +++ b/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/deploy.bicep @@ -1,25 +1,25 @@ -@description('Required. Name of the Azure Recovery Service Vault') +@description('Conditional. Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment.') param recoveryVaultName string -@description('Required. Name of the Replication Fabric') +@description('Conditional. Name of the Replication Fabric. Required if the template is used in a standalone deployment.') param replicationFabricName string -@description('Required. Name of the source Replication container') +@description('Conditional. Name of the source Replication container. Required if the template is used in a standalone deployment.') param sourceProtectionContainerName string -@description('Optional. Resource ID of the target Replication container. Must be specified if targetContainerName is not. If specified, targetContainerFabricName and targetContainerName will be ignored') +@description('Optional. Resource ID of the target Replication container. Must be specified if targetContainerName is not. If specified, targetContainerFabricName and targetContainerName will be ignored.') param targetProtectionContainerId string = '' -@description('Optional. Name of the fabric containing the target container. If targetProtectionContainerId is specified, this parameter will be ignored') +@description('Optional. Name of the fabric containing the target container. If targetProtectionContainerId is specified, this parameter will be ignored.') param targetContainerFabricName string = replicationFabricName -@description('Optional. Name of the target container. Must be specified if targetProtectionContainerId is not. If targetProtectionContainerId is specified, this parameter will be ignored') +@description('Optional. Name of the target container. Must be specified if targetProtectionContainerId is not. If targetProtectionContainerId is specified, this parameter will be ignored.') param targetContainerName string = '' -@description('Optional. Resource ID of the replication policy. If defined, policyName will be ignored') +@description('Optional. Resource ID of the replication policy. If defined, policyName will be ignored.') param policyId string = '' -@description('Optional. Name of the replication policy. Will be ignored if policyId is also specified') +@description('Optional. Name of the replication policy. Will be ignored if policyId is also specified.') param policyName string = '' @description('Optional. The name of the replication container mapping. If not provided, it will be automatically generated as `-`.') diff --git a/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/readme.md b/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/readme.md index 6da341bd53..598b96f115 100644 --- a/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/readme.md +++ b/arm/Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/readme.md @@ -18,23 +18,23 @@ This module deploys a Replication Protection Container Mapping. ## Parameters -**Required parameters** +**Conditional parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `recoveryVaultName` | string | Name of the Azure Recovery Service Vault | -| `replicationFabricName` | string | Name of the Replication Fabric | -| `sourceProtectionContainerName` | string | Name of the source Replication container | +| `recoveryVaultName` | string | Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment. | +| `replicationFabricName` | string | Name of the Replication Fabric. Required if the template is used in a standalone deployment. | +| `sourceProtectionContainerName` | string | Name of the source Replication container. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `name` | string | `''` | The name of the replication container mapping. If not provided, it will be automatically generated as `-`. | -| `policyId` | string | `''` | Resource ID of the replication policy. If defined, policyName will be ignored | -| `policyName` | string | `''` | Name of the replication policy. Will be ignored if policyId is also specified | -| `targetContainerFabricName` | string | `[parameters('replicationFabricName')]` | Name of the fabric containing the target container. If targetProtectionContainerId is specified, this parameter will be ignored | -| `targetContainerName` | string | `''` | Name of the target container. Must be specified if targetProtectionContainerId is not. If targetProtectionContainerId is specified, this parameter will be ignored | -| `targetProtectionContainerId` | string | `''` | Resource ID of the target Replication container. Must be specified if targetContainerName is not. If specified, targetContainerFabricName and targetContainerName will be ignored | +| `policyId` | string | `''` | Resource ID of the replication policy. If defined, policyName will be ignored. | +| `policyName` | string | `''` | Name of the replication policy. Will be ignored if policyId is also specified. | +| `targetContainerFabricName` | string | `[parameters('replicationFabricName')]` | Name of the fabric containing the target container. If targetProtectionContainerId is specified, this parameter will be ignored. | +| `targetContainerName` | string | `''` | Name of the target container. Must be specified if targetProtectionContainerId is not. If targetProtectionContainerId is specified, this parameter will be ignored. | +| `targetProtectionContainerId` | string | `''` | Resource ID of the target Replication container. Must be specified if targetContainerName is not. If specified, targetContainerFabricName and targetContainerName will be ignored. | ## Outputs diff --git a/arm/Microsoft.RecoveryServices/vaults/replicationPolicies/deploy.bicep b/arm/Microsoft.RecoveryServices/vaults/replicationPolicies/deploy.bicep index edb4d5b432..9e4a1f5154 100644 --- a/arm/Microsoft.RecoveryServices/vaults/replicationPolicies/deploy.bicep +++ b/arm/Microsoft.RecoveryServices/vaults/replicationPolicies/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. Name of the Azure Recovery Service Vault') +@description('Conditional. Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment.') param recoveryVaultName string -@description('Required. The name of the replication policy') +@description('Required. The name of the replication policy.') param name string @description('Optional. The app consistent snapshot frequency (in minutes).') diff --git a/arm/Microsoft.RecoveryServices/vaults/replicationPolicies/readme.md b/arm/Microsoft.RecoveryServices/vaults/replicationPolicies/readme.md index 9739c35095..6f11899fca 100644 --- a/arm/Microsoft.RecoveryServices/vaults/replicationPolicies/readme.md +++ b/arm/Microsoft.RecoveryServices/vaults/replicationPolicies/readme.md @@ -21,8 +21,12 @@ This module deploys a Replication Policy for Disaster Recovery scenario. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the replication policy | -| `recoveryVaultName` | string | Name of the Azure Recovery Service Vault | +| `name` | string | The name of the replication policy. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `recoveryVaultName` | string | Name of the Azure Recovery Service Vault. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | diff --git a/arm/Microsoft.Resources/deploymentScripts/deploy.bicep b/arm/Microsoft.Resources/deploymentScripts/deploy.bicep index 65de5b3b0a..514d5343fd 100644 --- a/arm/Microsoft.Resources/deploymentScripts/deploy.bicep +++ b/arm/Microsoft.Resources/deploymentScripts/deploy.bicep @@ -126,11 +126,11 @@ resource deploymentScript_lock 'Microsoft.Authorization/locks@2017-04-01' = if ( scope: deploymentScript } -@description('The resource ID of the deployment script') +@description('The resource ID of the deployment script.') output resourceId string = deploymentScript.id -@description('The resource group the deployment script was deployed into') +@description('The resource group the deployment script was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the deployment script') +@description('The name of the deployment script.') output name string = deploymentScript.name diff --git a/arm/Microsoft.Resources/deploymentScripts/readme.md b/arm/Microsoft.Resources/deploymentScripts/readme.md index e0409092de..e4950859e6 100644 --- a/arm/Microsoft.Resources/deploymentScripts/readme.md +++ b/arm/Microsoft.Resources/deploymentScripts/readme.md @@ -85,9 +85,9 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployment script | -| `resourceGroupName` | string | The resource group the deployment script was deployed into | -| `resourceId` | string | The resource ID of the deployment script | +| `name` | string | The name of the deployment script. | +| `resourceGroupName` | string | The resource group the deployment script was deployed into. | +| `resourceId` | string | The resource ID of the deployment script. | ## Considerations diff --git a/arm/Microsoft.Resources/resourceGroups/deploy.bicep b/arm/Microsoft.Resources/resourceGroups/deploy.bicep index f149944422..536d41e7f7 100644 --- a/arm/Microsoft.Resources/resourceGroups/deploy.bicep +++ b/arm/Microsoft.Resources/resourceGroups/deploy.bicep @@ -1,6 +1,6 @@ targetScope = 'subscription' -@description('Required. The name of the Resource Group') +@description('Required. The name of the Resource Group.') param name string @description('Optional. Location of the Resource Group. It uses the deployment\'s location when not provided.') @@ -14,7 +14,7 @@ param location string = deployment().location @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the storage account resource.') @@ -64,8 +64,8 @@ module resourceGroup_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, ind scope: resourceGroup }] -@description('The name of the resource group') +@description('The name of the resource group.') output name string = resourceGroup.name -@description('The resource ID of the resource group') +@description('The resource ID of the resource group.') output resourceId string = resourceGroup.id diff --git a/arm/Microsoft.Resources/resourceGroups/readme.md b/arm/Microsoft.Resources/resourceGroups/readme.md index f5833f2dda..5cb7135dd4 100644 --- a/arm/Microsoft.Resources/resourceGroups/readme.md +++ b/arm/Microsoft.Resources/resourceGroups/readme.md @@ -22,7 +22,7 @@ This module deploys a resource group. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the Resource Group | +| `name` | string | The name of the Resource Group. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -30,7 +30,7 @@ This module deploys a resource group. | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[deployment().location]` | | Location of the Resource Group. It uses the deployment's location when not provided. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the storage account resource. | @@ -85,5 +85,5 @@ This module requires a User Assigned Identity (MSI, managed service identity) to | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the resource group | -| `resourceId` | string | The resource ID of the resource group | +| `name` | string | The name of the resource group. | +| `resourceId` | string | The resource ID of the resource group. | diff --git a/arm/Microsoft.Resources/tags/deploy.bicep b/arm/Microsoft.Resources/tags/deploy.bicep index be034dda20..1990344ff7 100644 --- a/arm/Microsoft.Resources/tags/deploy.bicep +++ b/arm/Microsoft.Resources/tags/deploy.bicep @@ -1,9 +1,9 @@ targetScope = 'subscription' -@description('Optional. Tags for the resource group. If not provided, removes existing tags') +@description('Optional. Tags for the resource group. If not provided, removes existing tags.') param tags object = {} -@description('Optional. Instead of overwriting the existing tags, combine them with the new tags') +@description('Optional. Instead of overwriting the existing tags, combine them with the new tags.') param onlyUpdate bool = false @description('Optional. Name of the Resource Group to assign the tags to. If no Resource Group name is provided, and Subscription ID is provided, the module deploys at subscription level, therefore assigns the provided tags to the subscription.') @@ -51,8 +51,8 @@ module tags_rg 'resourceGroups/deploy.bicep' = if (!empty(resourceGroupName) && } } -@description('The name of the tags resource') +@description('The name of the tags resource.') output name string = (!empty(resourceGroupName) && !empty(subscriptionId)) ? tags_rg.outputs.name : tags_sub.outputs.name -@description('The applied tags') +@description('The applied tags.') output tags object = (!empty(resourceGroupName) && !empty(subscriptionId)) ? tags_rg.outputs.tags : tags_sub.outputs.tags diff --git a/arm/Microsoft.Resources/tags/readme.md b/arm/Microsoft.Resources/tags/readme.md index 97181df64f..bfb80ea2b1 100644 --- a/arm/Microsoft.Resources/tags/readme.md +++ b/arm/Microsoft.Resources/tags/readme.md @@ -21,10 +21,10 @@ This module deploys Resources Tags on a subscription or resource group scope. | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[deployment().location]` | Location deployment metadata. | -| `onlyUpdate` | bool | `False` | Instead of overwriting the existing tags, combine them with the new tags | +| `onlyUpdate` | bool | `False` | Instead of overwriting the existing tags, combine them with the new tags. | | `resourceGroupName` | string | `''` | Name of the Resource Group to assign the tags to. If no Resource Group name is provided, and Subscription ID is provided, the module deploys at subscription level, therefore assigns the provided tags to the subscription. | | `subscriptionId` | string | `[subscription().id]` | Subscription ID of the subscription to assign the tags to. If no Resource Group name is provided, the module deploys at subscription level, therefore assigns the provided tags to the subscription. | -| `tags` | object | `{object}` | Tags for the resource group. If not provided, removes existing tags | +| `tags` | object | `{object}` | Tags for the resource group. If not provided, removes existing tags. | ### Parameter Usage: `tags` @@ -48,5 +48,5 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the tags resource | -| `tags` | object | The applied tags | +| `name` | string | The name of the tags resource. | +| `tags` | object | The applied tags. | diff --git a/arm/Microsoft.Resources/tags/resourceGroups/deploy.bicep b/arm/Microsoft.Resources/tags/resourceGroups/deploy.bicep index 81993a0cde..ae5646a219 100644 --- a/arm/Microsoft.Resources/tags/resourceGroups/deploy.bicep +++ b/arm/Microsoft.Resources/tags/resourceGroups/deploy.bicep @@ -1,10 +1,10 @@ -@description('Optional. Tags for the resource group. If not provided, removes existing tags') +@description('Optional. Tags for the resource group. If not provided, removes existing tags.') param tags object = {} @description('Optional. The name of the tags resource.') param name string = 'default' -@description('Optional. Instead of overwriting the existing tags, combine them with the new tags') +@description('Optional. Instead of overwriting the existing tags, combine them with the new tags.') param onlyUpdate bool = false @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -35,14 +35,14 @@ resource tag 'Microsoft.Resources/tags@2019-10-01' = { } } -@description('The name of the tags resource') +@description('The name of the tags resource.') output name string = tag.name -@description('The resourceId of the resource group the tags were applied to') +@description('The resourceId of the resource group the tags were applied to.') output resourceId string = resourceGroup().id -@description('The name of the resource group the tags were applied to') +@description('The name of the resource group the tags were applied to.') output resourceGroupName string = resourceGroup().name -@description('The applied tags') +@description('The applied tags.') output tags object = newTags diff --git a/arm/Microsoft.Resources/tags/resourceGroups/readme.md b/arm/Microsoft.Resources/tags/resourceGroups/readme.md index 30c1a457b6..603c87a484 100644 --- a/arm/Microsoft.Resources/tags/resourceGroups/readme.md +++ b/arm/Microsoft.Resources/tags/resourceGroups/readme.md @@ -21,8 +21,8 @@ This module deploys Resources Tags on a resource group scope. | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `name` | string | `'default'` | The name of the tags resource. | -| `onlyUpdate` | bool | `False` | Instead of overwriting the existing tags, combine them with the new tags | -| `tags` | object | `{object}` | Tags for the resource group. If not provided, removes existing tags | +| `onlyUpdate` | bool | `False` | Instead of overwriting the existing tags, combine them with the new tags. | +| `tags` | object | `{object}` | Tags for the resource group. If not provided, removes existing tags. | ### Parameter Usage: `tags` @@ -46,7 +46,7 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the tags resource | -| `resourceGroupName` | string | The name of the resource group the tags were applied to | -| `resourceId` | string | The resourceId of the resource group the tags were applied to | -| `tags` | object | The applied tags | +| `name` | string | The name of the tags resource. | +| `resourceGroupName` | string | The name of the resource group the tags were applied to. | +| `resourceId` | string | The resourceId of the resource group the tags were applied to. | +| `tags` | object | The applied tags. | diff --git a/arm/Microsoft.Resources/tags/subscriptions/deploy.bicep b/arm/Microsoft.Resources/tags/subscriptions/deploy.bicep index 7424c11bcb..5f15ea1dd0 100644 --- a/arm/Microsoft.Resources/tags/subscriptions/deploy.bicep +++ b/arm/Microsoft.Resources/tags/subscriptions/deploy.bicep @@ -1,12 +1,12 @@ targetScope = 'subscription' -@description('Optional. Tags for the resource group. If not provided, removes existing tags') +@description('Optional. Tags for the resource group. If not provided, removes existing tags.') param tags object = {} @description('Optional. The name of the tags resource.') param name string = 'default' -@description('Optional. Instead of overwriting the existing tags, combine them with the new tags') +@description('Optional. Instead of overwriting the existing tags, combine them with the new tags.') param onlyUpdate bool = false @sys.description('Optional. Location deployment metadata.') @@ -41,8 +41,8 @@ resource tag 'Microsoft.Resources/tags@2019-10-01' = { } } -@description('The name of the tags resource') +@description('The name of the tags resource.') output name string = tag.name -@description('The applied tags') +@description('The applied tags.') output tags object = newTags diff --git a/arm/Microsoft.Resources/tags/subscriptions/readme.md b/arm/Microsoft.Resources/tags/subscriptions/readme.md index a77e20bd70..cbd044f190 100644 --- a/arm/Microsoft.Resources/tags/subscriptions/readme.md +++ b/arm/Microsoft.Resources/tags/subscriptions/readme.md @@ -22,8 +22,8 @@ This module deploys Resources Tags on a subscription scope. | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[deployment().location]` | Location deployment metadata. | | `name` | string | `'default'` | The name of the tags resource. | -| `onlyUpdate` | bool | `False` | Instead of overwriting the existing tags, combine them with the new tags | -| `tags` | object | `{object}` | Tags for the resource group. If not provided, removes existing tags | +| `onlyUpdate` | bool | `False` | Instead of overwriting the existing tags, combine them with the new tags. | +| `tags` | object | `{object}` | Tags for the resource group. If not provided, removes existing tags. | ### Parameter Usage: `tags` @@ -47,5 +47,5 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the tags resource | -| `tags` | object | The applied tags | +| `name` | string | The name of the tags resource. | +| `tags` | object | The applied tags. | diff --git a/arm/Microsoft.Security/azureSecurityCenter/deploy.bicep b/arm/Microsoft.Security/azureSecurityCenter/deploy.bicep index 70b2980a22..b72892858d 100644 --- a/arm/Microsoft.Security/azureSecurityCenter/deploy.bicep +++ b/arm/Microsoft.Security/azureSecurityCenter/deploy.bicep @@ -9,111 +9,111 @@ param scope string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. Describes what kind of security agent provisioning action to take. - On or Off') +@description('Optional. Describes what kind of security agent provisioning action to take. - On or Off.') @allowed([ 'On' 'Off' ]) param autoProvision string = 'On' -@description('Optional. Device Security group data') +@description('Optional. Device Security group data.') param deviceSecurityGroupProperties object = {} -@description('Optional. Security Solution data') +@description('Optional. Security Solution data.') param ioTSecuritySolutionProperties object = {} -@description('Optional. The pricing tier value for VMs. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard') +@description('Optional. The pricing tier value for VMs. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard.') @allowed([ 'Free' 'Standard' ]) param virtualMachinesPricingTier string = 'Free' -@description('Optional. The pricing tier value for SqlServers. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard') +@description('Optional. The pricing tier value for SqlServers. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard.') @allowed([ 'Free' 'Standard' ]) param sqlServersPricingTier string = 'Free' -@description('Optional. The pricing tier value for AppServices. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard') +@description('Optional. The pricing tier value for AppServices. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard.') @allowed([ 'Free' 'Standard' ]) param appServicesPricingTier string = 'Free' -@description('Optional. The pricing tier value for StorageAccounts. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard') +@description('Optional. The pricing tier value for StorageAccounts. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard.') @allowed([ 'Free' 'Standard' ]) param storageAccountsPricingTier string = 'Free' -@description('Optional. The pricing tier value for SqlServerVirtualMachines. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard') +@description('Optional. The pricing tier value for SqlServerVirtualMachines. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard.') @allowed([ 'Free' 'Standard' ]) param sqlServerVirtualMachinesPricingTier string = 'Free' -@description('Optional. The pricing tier value for KubernetesService. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard') +@description('Optional. The pricing tier value for KubernetesService. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard.') @allowed([ 'Free' 'Standard' ]) param kubernetesServicePricingTier string = 'Free' -@description('Optional. The pricing tier value for ContainerRegistry. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard') +@description('Optional. The pricing tier value for ContainerRegistry. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard.') @allowed([ 'Free' 'Standard' ]) param containerRegistryPricingTier string = 'Free' -@description('Optional. The pricing tier value for KeyVaults. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard') +@description('Optional. The pricing tier value for KeyVaults. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard.') @allowed([ 'Free' 'Standard' ]) param keyVaultsPricingTier string = 'Free' -@description('Optional. The pricing tier value for DNS. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard') +@description('Optional. The pricing tier value for DNS. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard.') @allowed([ 'Free' 'Standard' ]) param dnsPricingTier string = 'Free' -@description('Optional. The pricing tier value for ARM. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard') +@description('Optional. The pricing tier value for ARM. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard.') @allowed([ 'Free' 'Standard' ]) param armPricingTier string = 'Free' -@description('Optional. The pricing tier value for OpenSourceRelationalDatabases. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard') +@description('Optional. The pricing tier value for OpenSourceRelationalDatabases. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard.') @allowed([ 'Free' 'Standard' ]) param openSourceRelationalDatabasesTier string = 'Free' -@description('Optional. The pricing tier value for containers. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard') +@description('Optional. The pricing tier value for containers. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard.') @allowed([ 'Free' 'Standard' ]) param containersTier string = 'Free' -@description('Optional. The pricing tier value for CosmosDbs. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard') +@description('Optional. The pricing tier value for CosmosDbs. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard.') @allowed([ 'Free' 'Standard' ]) param cosmosDbsTier string = 'Free' -@description('Optional. Security contact data') +@description('Optional. Security contact data.') param securityContactProperties object = {} @description('Optional. Location deployment metadata.') @@ -269,5 +269,5 @@ resource workspaceSettings 'Microsoft.Security/workspaceSettings@2017-08-01-prev ] } -@description('The resource IDs of the used log analytics workspace') +@description('The resource IDs of the used log analytics workspace.') output workspaceId string = workspaceId diff --git a/arm/Microsoft.Security/azureSecurityCenter/readme.md b/arm/Microsoft.Security/azureSecurityCenter/readme.md index fb91ffe15d..f5e3a8e1fc 100644 --- a/arm/Microsoft.Security/azureSecurityCenter/readme.md +++ b/arm/Microsoft.Security/azureSecurityCenter/readme.md @@ -30,25 +30,25 @@ This template enables Azure security center - Standard tier by default, could be **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `appServicesPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for AppServices. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard | -| `armPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for ARM. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard | -| `autoProvision` | string | `'On'` | `[On, Off]` | Describes what kind of security agent provisioning action to take. - On or Off | -| `containerRegistryPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for ContainerRegistry. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard | -| `containersTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for containers. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard | -| `cosmosDbsTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for CosmosDbs. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard | -| `deviceSecurityGroupProperties` | object | `{object}` | | Device Security group data | -| `dnsPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for DNS. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard | +| `appServicesPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for AppServices. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard. | +| `armPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for ARM. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard. | +| `autoProvision` | string | `'On'` | `[On, Off]` | Describes what kind of security agent provisioning action to take. - On or Off. | +| `containerRegistryPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for ContainerRegistry. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard. | +| `containersTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for containers. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard. | +| `cosmosDbsTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for CosmosDbs. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard. | +| `deviceSecurityGroupProperties` | object | `{object}` | | Device Security group data. | +| `dnsPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for DNS. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `ioTSecuritySolutionProperties` | object | `{object}` | | Security Solution data | -| `keyVaultsPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for KeyVaults. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard | -| `kubernetesServicePricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for KubernetesService. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard | +| `ioTSecuritySolutionProperties` | object | `{object}` | | Security Solution data. | +| `keyVaultsPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for KeyVaults. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard. | +| `kubernetesServicePricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for KubernetesService. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard. | | `location` | string | `[deployment().location]` | | Location deployment metadata. | -| `openSourceRelationalDatabasesTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for OpenSourceRelationalDatabases. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard | -| `securityContactProperties` | object | `{object}` | | Security contact data | -| `sqlServersPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for SqlServers. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard | -| `sqlServerVirtualMachinesPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for SqlServerVirtualMachines. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard | -| `storageAccountsPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for StorageAccounts. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard | -| `virtualMachinesPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for VMs. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard | +| `openSourceRelationalDatabasesTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for OpenSourceRelationalDatabases. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard. | +| `securityContactProperties` | object | `{object}` | | Security contact data. | +| `sqlServersPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for SqlServers. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard. | +| `sqlServerVirtualMachinesPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for SqlServerVirtualMachines. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard. | +| `storageAccountsPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for StorageAccounts. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard. | +| `virtualMachinesPricingTier` | string | `'Free'` | `[Free, Standard]` | The pricing tier value for VMs. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. - Free or Standard. | ### Parameter Usage: `deviceSecurityGroupProperties` @@ -146,4 +146,4 @@ This template enables Azure security center - Standard tier by default, could be | Output Name | Type | Description | | :-- | :-- | :-- | -| `workspaceId` | string | The resource IDs of the used log analytics workspace | +| `workspaceId` | string | The resource IDs of the used log analytics workspace. | diff --git a/arm/Microsoft.ServiceBus/namespaces/authorizationRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/authorizationRules/deploy.bicep index 13db67e79b..96ef2e56da 100644 --- a/arm/Microsoft.ServiceBus/namespaces/authorizationRules/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/authorizationRules/deploy.bicep @@ -1,9 +1,9 @@ -@description('Required. Name of the parent Service Bus Namespace for the Service Bus Queue.') +@description('Conditional. Name of the parent Service Bus Namespace for the Service Bus Queue. Required if the template is used in a standalone deployment.') @minLength(6) @maxLength(50) param namespaceName string -@description('Required. The name of the authorization rule') +@description('Required. The name of the authorization rule.') param name string @description('Optional. The rights associated with the rule.') diff --git a/arm/Microsoft.ServiceBus/namespaces/authorizationRules/readme.md b/arm/Microsoft.ServiceBus/namespaces/authorizationRules/readme.md index 0e9cc7625e..8e8f28ea5d 100644 --- a/arm/Microsoft.ServiceBus/namespaces/authorizationRules/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/authorizationRules/readme.md @@ -19,8 +19,12 @@ This module deploys authorization rules for a service bus namespace **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the authorization rule | -| `namespaceName` | string | Name of the parent Service Bus Namespace for the Service Bus Queue. | +| `name` | string | The name of the authorization rule. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `namespaceName` | string | Name of the parent Service Bus Namespace for the Service Bus Queue. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | diff --git a/arm/Microsoft.ServiceBus/namespaces/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/deploy.bicep index ab20032d94..fbc5b3abeb 100644 --- a/arm/Microsoft.ServiceBus/namespaces/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/deploy.bicep @@ -5,7 +5,7 @@ param name string = '' @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Required. Name of this SKU. - Basic, Standard, Premium') +@description('Required. Name of this SKU. - Basic, Standard, Premium.') @allowed([ 'Basic' 'Standard' @@ -16,7 +16,7 @@ param skuName string = 'Basic' @description('Optional. Enabling this property creates a Premium Service Bus Namespace in regions supported availability zones.') param zoneRedundant bool = false -@description('Optional. Authorization Rules for the Service Bus namespace') +@description('Optional. Authorization Rules for the Service Bus namespace.') param authorizationRules array = [ { name: 'RootManageSharedAccessKey' @@ -28,7 +28,7 @@ param authorizationRules array = [ } ] -@description('Optional. IP Filter Rules for the Service Bus namespace') +@description('Optional. IP Filter Rules for the Service Bus namespace.') param ipFilterRules array = [] @description('Optional. The migration configuration.') @@ -71,7 +71,7 @@ param systemAssignedIdentity bool = false @description('Optional. The ID(s) to assign to the resource.') param userAssignedIdentities object = {} -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Configuration Details for private endpoints.') @@ -86,10 +86,10 @@ param enableDefaultTelemetry bool = true @description('Generated. Do not provide a value! This date value is used to generate a SAS token to access the modules.') param baseTime string = utcNow('u') -@description('Optional. The queues to create in the service bus namespace') +@description('Optional. The queues to create in the service bus namespace.') param queues array = [] -@description('Optional. The topics to create in the service bus namespace') +@description('Optional. The topics to create in the service bus namespace.') param topics array = [] @description('Optional. The name of logs that will be streamed.') @@ -328,13 +328,13 @@ module serviceBusNamespace_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignmen } }] -@description('The resource ID of the deployed service bus namespace') +@description('The resource ID of the deployed service bus namespace.') output resourceId string = serviceBusNamespace.id -@description('The resource group of the deployed service bus namespace') +@description('The resource group of the deployed service bus namespace.') output resourceGroupName string = resourceGroup().name -@description('The name of the deployed service bus namespace') +@description('The name of the deployed service bus namespace.') output name string = serviceBusNamespace.name @description('The principal ID of the system assigned identity.') diff --git a/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/deploy.bicep index 3290733e46..73ffec9f71 100644 --- a/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/deploy.bicep @@ -1,15 +1,15 @@ -@description('Required. Name of the parent Service Bus Namespace for the Service Bus Queue.') +@description('Conditional. Name of the parent Service Bus Namespace for the Service Bus Queue. Required if the template is used in a standalone deployment.') @minLength(6) @maxLength(50) param namespaceName string -@description('Optional. The name of the disaster recovery config') +@description('Optional. The name of the disaster recovery config.') param name string = 'default' -@description('Optional. Primary/Secondary eventhub namespace name, which is part of GEO DR pairing') +@description('Optional. Primary/Secondary eventhub namespace name, which is part of GEO DR pairing.') param alternateName string = '' -@description('Optional. Resource ID of the Primary/Secondary event hub namespace name, which is part of GEO DR pairing') +@description('Optional. Resource ID of the Primary/Secondary event hub namespace name, which is part of GEO DR pairing.') param partnerNamespaceResourceID string = '' @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') diff --git a/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/readme.md b/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/readme.md index 259ddd4f7c..1868aa467a 100644 --- a/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs/readme.md @@ -16,18 +16,18 @@ This module deploys a disaster recovery config for a service bus Namespace ## Parameters -**Required parameters** +**Conditional parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `namespaceName` | string | Name of the parent Service Bus Namespace for the Service Bus Queue. | +| `namespaceName` | string | Name of the parent Service Bus Namespace for the Service Bus Queue. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | -| `alternateName` | string | `''` | Primary/Secondary eventhub namespace name, which is part of GEO DR pairing | +| `alternateName` | string | `''` | Primary/Secondary eventhub namespace name, which is part of GEO DR pairing. | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `'default'` | The name of the disaster recovery config | -| `partnerNamespaceResourceID` | string | `''` | Resource ID of the Primary/Secondary event hub namespace name, which is part of GEO DR pairing | +| `name` | string | `'default'` | The name of the disaster recovery config. | +| `partnerNamespaceResourceID` | string | `''` | Resource ID of the Primary/Secondary event hub namespace name, which is part of GEO DR pairing. | ## Outputs diff --git a/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/deploy.bicep index 1658d3baaa..5b0540070e 100644 --- a/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/deploy.bicep @@ -1,22 +1,22 @@ -@description('Required. Name of the parent Service Bus Namespace for the Service Bus Queue.') +@description('Conditional. Name of the parent Service Bus Namespace for the Service Bus Queue. Required if the template is used in a standalone deployment.') @minLength(6) @maxLength(50) param namespaceName string -@description('Optional. The name of the ip filter rule') +@description('Optional. The name of the ip filter rule.') param name string = filterName -@description('Required. The IP Filter Action') +@description('Required. The IP Filter Action.') @allowed([ 'Accept' // 'Reject' # Reason: Only Accept IpFilterRules are accepted by API ]) param action string -@description('Required. IP Filter name') +@description('Required. IP Filter name.') param filterName string -@description('Required. IP Mask') +@description('Required. IP Mask.') param ipMask string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') diff --git a/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/readme.md b/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/readme.md index c0ba097566..32ad32dff6 100644 --- a/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/ipFilterRules/readme.md @@ -19,16 +19,20 @@ This module deploys IP filter rules for a service bus namespace **Required parameters** | Parameter Name | Type | Allowed Values | Description | | :-- | :-- | :-- | :-- | -| `action` | string | `[Accept]` | The IP Filter Action | -| `filterName` | string | | IP Filter name | -| `ipMask` | string | | IP Mask | -| `namespaceName` | string | | Name of the parent Service Bus Namespace for the Service Bus Queue. | +| `action` | string | `[Accept]` | The IP Filter Action. | +| `filterName` | string | | IP Filter name. | +| `ipMask` | string | | IP Mask. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `namespaceName` | string | Name of the parent Service Bus Namespace for the Service Bus Queue. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `[parameters('filterName')]` | The name of the ip filter rule | +| `name` | string | `[parameters('filterName')]` | The name of the ip filter rule. | ## Outputs diff --git a/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/deploy.bicep index e082ad8cf9..9b5c7d136b 100644 --- a/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/deploy.bicep @@ -1,15 +1,15 @@ -@description('Required. Name of the parent Service Bus Namespace for the Service Bus Queue.') +@description('Conditional. Name of the parent Service Bus Namespace for the Service Bus Queue. Required if the template is used in a standalone deployment.') @minLength(6) @maxLength(50) param namespaceName string -@description('Optional. The name of the migration configuration') +@description('Optional. The name of the migration configuration.') param name string = '$default' -@description('Required. Name to access Standard Namespace after migration') +@description('Required. Name to access Standard Namespace after migration.') param postMigrationName string -@description('Required. Existing premium Namespace resource ID which has no entities, will be used for migration') +@description('Required. Existing premium Namespace resource ID which has no entities, will be used for migration.') param targetNamespaceResourceId string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -43,7 +43,7 @@ resource migrationConfiguration 'Microsoft.ServiceBus/namespaces/migrationConfig @description('The name of the migration configuration.') output name string = migrationConfiguration.name -@description('The Resource ID of the migration configuration') +@description('The Resource ID of the migration configuration.') output resourceId string = migrationConfiguration.id @description('The name of the Resource Group the migration configuration was created in.') diff --git a/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/readme.md b/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/readme.md index 050b02dfc5..2edc0dfffe 100644 --- a/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/migrationConfigurations/readme.md @@ -19,15 +19,19 @@ This module deploys a migration configuration for a service bus namespace **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `namespaceName` | string | Name of the parent Service Bus Namespace for the Service Bus Queue. | -| `postMigrationName` | string | Name to access Standard Namespace after migration | -| `targetNamespaceResourceId` | string | Existing premium Namespace resource ID which has no entities, will be used for migration | +| `postMigrationName` | string | Name to access Standard Namespace after migration. | +| `targetNamespaceResourceId` | string | Existing premium Namespace resource ID which has no entities, will be used for migration. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `namespaceName` | string | Name of the parent Service Bus Namespace for the Service Bus Queue. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `'$default'` | The name of the migration configuration | +| `name` | string | `'$default'` | The name of the migration configuration. | ## Outputs @@ -36,4 +40,4 @@ This module deploys a migration configuration for a service bus namespace | :-- | :-- | :-- | | `name` | string | The name of the migration configuration. | | `resourceGroupName` | string | The name of the Resource Group the migration configuration was created in. | -| `resourceId` | string | The Resource ID of the migration configuration | +| `resourceId` | string | The Resource ID of the migration configuration. | diff --git a/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/deploy.bicep index 6b0bc01b83..7c598dab1e 100644 --- a/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. The name of the service bus namepace queue') +@description('Required. The name of the service bus namepace queue.') param name string -@description('Required. The name of the parent service bus namespace') +@description('Conditional. The name of the parent parent service bus namespace. Required if the template is used in a standalone deployment.') param namespaceName string -@description('Required. The name of the parent service bus namespace queue') +@description('Conditional. The name of the parent parent service bus namespace queue. Required if the template is used in a standalone deployment.') param queueName string @description('Optional. The rights associated with the rule.') diff --git a/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/readme.md b/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/readme.md index ab1143d863..2518bdcf55 100644 --- a/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/queues/authorizationRules/readme.md @@ -19,9 +19,13 @@ This module deploys an authorization rule for a service bus namespace queue. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the service bus namepace queue | -| `namespaceName` | string | The name of the parent service bus namespace | -| `queueName` | string | The name of the parent service bus namespace queue | +| `name` | string | The name of the service bus namepace queue. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `namespaceName` | string | The name of the parent parent service bus namespace. Required if the template is used in a standalone deployment. | +| `queueName` | string | The name of the parent parent service bus namespace queue. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | diff --git a/arm/Microsoft.ServiceBus/namespaces/queues/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/queues/deploy.bicep index 954e9651a6..c0cc2e1684 100644 --- a/arm/Microsoft.ServiceBus/namespaces/queues/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/queues/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Name of the parent Service Bus Namespace for the Service Bus Queue.') +@description('Conditional. Name of the parent Service Bus Namespace for the Service Bus Queue. Required if the template is used in a standalone deployment.') @minLength(6) @maxLength(50) param namespaceName string @@ -35,7 +35,7 @@ param duplicateDetectionHistoryTimeWindow string = 'PT10M' @description('Optional. The maximum delivery count. A message is automatically deadlettered after this number of deliveries. default value is 10.') param maxDeliveryCount int = 10 -@description('Optional. Enumerates the possible values for the status of a messaging entity. - Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown') +@description('Optional. Enumerates the possible values for the status of a messaging entity. - Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown.') @allowed([ 'Active' 'Disabled' @@ -55,7 +55,7 @@ param enablePartitioning bool = false @description('Optional. A value that indicates whether Express Entities are enabled. An express queue holds a message in memory temporarily before writing it to persistent storage.') param enableExpress bool = false -@description('Optional. Authorization Rules for the Service Bus Queue') +@description('Optional. Authorization Rules for the Service Bus Queue.') param authorizationRules array = [ { name: 'RootManageSharedAccessKey' @@ -77,7 +77,7 @@ param authorizationRules array = [ @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -149,11 +149,11 @@ module queue_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in r } }] -@description('The name of the deployed queue') +@description('The name of the deployed queue.') output name string = queue.name -@description('The resource ID of the deployed queue') +@description('The resource ID of the deployed queue.') output resourceId string = queue.id -@description('The resource group of the deployed queue') +@description('The resource group of the deployed queue.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ServiceBus/namespaces/queues/readme.md b/arm/Microsoft.ServiceBus/namespaces/queues/readme.md index f8755851a8..c74fdea4f5 100644 --- a/arm/Microsoft.ServiceBus/namespaces/queues/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/queues/readme.md @@ -23,12 +23,16 @@ This module deploys a queue for a service bus namespace. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | Name of the Service Bus Queue. | -| `namespaceName` | string | Name of the parent Service Bus Namespace for the Service Bus Queue. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `namespaceName` | string | Name of the parent Service Bus Namespace for the Service Bus Queue. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `authorizationRules` | _[authorizationRules](authorizationRules/readme.md)_ array | `[System.Collections.Hashtable]` | | Authorization Rules for the Service Bus Queue | +| `authorizationRules` | _[authorizationRules](authorizationRules/readme.md)_ array | `[System.Collections.Hashtable]` | | Authorization Rules for the Service Bus Queue. | | `deadLetteringOnMessageExpiration` | bool | `True` | | A value that indicates whether this queue has dead letter support when a message expires. | | `defaultMessageTimeToLive` | string | `'P14D'` | | ISO 8601 default message timespan to live value. This is the duration after which the message expires, starting from when the message is sent to Service Bus. This is the default value used when TimeToLive is not set on a message itself. | | `duplicateDetectionHistoryTimeWindow` | string | `'PT10M'` | | ISO 8601 timeSpan structure that defines the duration of the duplicate detection history. The default value is 10 minutes. | @@ -42,8 +46,8 @@ This module deploys a queue for a service bus namespace. | `maxSizeInMegabytes` | int | `1024` | | The maximum size of the queue in megabytes, which is the size of memory allocated for the queue. Default is 1024. | | `requiresDuplicateDetection` | bool | `False` | | A value indicating if this queue requires duplicate detection. | | `requiresSession` | bool | `False` | | A value that indicates whether the queue supports the concept of sessions. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | -| `status` | string | `'Active'` | `[Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown]` | Enumerates the possible values for the status of a messaging entity. - Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| `status` | string | `'Active'` | `[Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown]` | Enumerates the possible values for the status of a messaging entity. - Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown. | ### Parameter Usage: `roleAssignments` @@ -76,6 +80,6 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed queue | -| `resourceGroupName` | string | The resource group of the deployed queue | -| `resourceId` | string | The resource ID of the deployed queue | +| `name` | string | The name of the deployed queue. | +| `resourceGroupName` | string | The resource group of the deployed queue. | +| `resourceId` | string | The resource ID of the deployed queue. | diff --git a/arm/Microsoft.ServiceBus/namespaces/readme.md b/arm/Microsoft.ServiceBus/namespaces/readme.md index e936a20a39..428e02ab95 100644 --- a/arm/Microsoft.ServiceBus/namespaces/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/readme.md @@ -33,12 +33,12 @@ This module deploys a service bus namespace resource. **Required parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `skuName` | string | `'Basic'` | `[Basic, Standard, Premium]` | Name of this SKU. - Basic, Standard, Premium | +| `skuName` | string | `'Basic'` | `[Basic, Standard, Premium]` | Name of this SKU. - Basic, Standard, Premium. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `authorizationRules` | _[authorizationRules](authorizationRules/readme.md)_ array | `[System.Collections.Hashtable]` | | Authorization Rules for the Service Bus namespace | +| `authorizationRules` | _[authorizationRules](authorizationRules/readme.md)_ array | `[System.Collections.Hashtable]` | | Authorization Rules for the Service Bus namespace. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[OperationalLogs]` | `[OperationalLogs]` | The name of logs that will be streamed. | @@ -49,17 +49,17 @@ This module deploys a service bus namespace resource. | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | | `disasterRecoveryConfigs` | _[disasterRecoveryConfigs](disasterRecoveryConfigs/readme.md)_ object | `{object}` | | The disaster recovery configuration. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `ipFilterRules` | _[ipFilterRules](ipFilterRules/readme.md)_ array | `[]` | | IP Filter Rules for the Service Bus namespace | +| `ipFilterRules` | _[ipFilterRules](ipFilterRules/readme.md)_ array | `[]` | | IP Filter Rules for the Service Bus namespace. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `migrationConfigurations` | _[migrationConfigurations](migrationConfigurations/readme.md)_ object | `{object}` | | The migration configuration. | | `name` | string | `''` | | Name of the Service Bus Namespace. If no name is provided, then unique name will be created. | | `privateEndpoints` | array | `[]` | | Configuration Details for private endpoints. | -| `queues` | _[queues](queues/readme.md)_ array | `[]` | | The queues to create in the service bus namespace | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `queues` | _[queues](queues/readme.md)_ array | `[]` | | The queues to create in the service bus namespace. | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `systemAssignedIdentity` | bool | `False` | | Enables system assigned managed identity on the resource. | | `tags` | object | `{object}` | | Tags of the resource. | -| `topics` | _[topics](topics/readme.md)_ array | `[]` | | The topics to create in the service bus namespace | +| `topics` | _[topics](topics/readme.md)_ array | `[]` | | The topics to create in the service bus namespace. | | `userAssignedIdentities` | object | `{object}` | | The ID(s) to assign to the resource. | | `virtualNetworkRules` | _[virtualNetworkRules](virtualNetworkRules/readme.md)_ array | `[]` | | vNet Rules SubnetIds for the Service Bus namespace. | | `zoneRedundant` | bool | `False` | | Enabling this property creates a Premium Service Bus Namespace in regions supported availability zones. | @@ -166,7 +166,7 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed service bus namespace | -| `resourceGroupName` | string | The resource group of the deployed service bus namespace | -| `resourceId` | string | The resource ID of the deployed service bus namespace | +| `name` | string | The name of the deployed service bus namespace. | +| `resourceGroupName` | string | The resource group of the deployed service bus namespace. | +| `resourceId` | string | The resource ID of the deployed service bus namespace. | | `systemAssignedPrincipalId` | string | The principal ID of the system assigned identity. | diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep index 1b99a34517..2c3c8e12fa 100644 --- a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/deploy.bicep @@ -1,10 +1,10 @@ -@description('Required. The name of the service bus namespace topic') +@description('Required. The name of the service bus namespace topic.') param name string -@description('Required. The name of the parent service bus namespace') +@description('Conditional. The name of the parent parent service bus namespace. Required if the template is used in a standalone deployment.') param namespaceName string -@description('Required. The name of the parent service bus namespace topic') +@description('Conditional. The name of the parent parent service bus namespace topic. Required if the template is used in a standalone deployment.') param topicName string @description('Optional. The rights associated with the rule.') diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md index 8e37179be9..9db26d7a07 100644 --- a/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/topics/authorizationRules/readme.md @@ -19,9 +19,13 @@ This module deploys an authorization rule for a service bus namespace topic. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the service bus namespace topic | -| `namespaceName` | string | The name of the parent service bus namespace | -| `topicName` | string | The name of the parent service bus namespace topic | +| `name` | string | The name of the service bus namespace topic. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `namespaceName` | string | The name of the parent parent service bus namespace. Required if the template is used in a standalone deployment. | +| `topicName` | string | The name of the parent parent service bus namespace topic. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep index d1c07ed076..c3176cb692 100644 --- a/arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/topics/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Name of the parent Service Bus Namespace for the Service Bus Topic.') +@description('Conditional. Name of the parent Service Bus Namespace for the Service Bus Topic. Required if the template is used in a standalone deployment.') @minLength(6) @maxLength(50) param namespaceName string @@ -32,7 +32,7 @@ param supportOrdering bool = false @description('Optional. ISO 8601 timespan idle interval after which the topic is automatically deleted. The minimum duration is 5 minutes.') param autoDeleteOnIdle string = 'PT5M' -@description('Optional. Enumerates the possible values for the status of a messaging entity. - Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown') +@description('Optional. Enumerates the possible values for the status of a messaging entity. - Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown.') @allowed([ 'Active' 'Disabled' @@ -52,7 +52,7 @@ param enablePartitioning bool = false @description('Optional. A value that indicates whether Express Entities are enabled. An express topic holds a message in memory temporarily before writing it to persistent storage.') param enableExpress bool = false -@description('Optional. Authorization Rules for the Service Bus Topic') +@description('Optional. Authorization Rules for the Service Bus Topic.') param authorizationRules array = [ { name: 'RootManageSharedAccessKey' @@ -74,7 +74,7 @@ param authorizationRules array = [ @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -145,11 +145,11 @@ module topic_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in r } }] -@description('The name of the deployed topic') +@description('The name of the deployed topic.') output name string = topic.name -@description('The resource ID of the deployed topic') +@description('The resource ID of the deployed topic.') output resourceId string = topic.id -@description('The resource group of the deployed topic') +@description('The resource group of the deployed topic.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.ServiceBus/namespaces/topics/readme.md b/arm/Microsoft.ServiceBus/namespaces/topics/readme.md index 077ba84b87..cd9283b351 100644 --- a/arm/Microsoft.ServiceBus/namespaces/topics/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/topics/readme.md @@ -23,12 +23,16 @@ This module deploys a topic for a service bus namespace. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | Name of the Service Bus Topic. | -| `namespaceName` | string | Name of the parent Service Bus Namespace for the Service Bus Topic. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `namespaceName` | string | Name of the parent Service Bus Namespace for the Service Bus Topic. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `authorizationRules` | _[authorizationRules](authorizationRules/readme.md)_ array | `[System.Collections.Hashtable]` | | Authorization Rules for the Service Bus Topic | +| `authorizationRules` | _[authorizationRules](authorizationRules/readme.md)_ array | `[System.Collections.Hashtable]` | | Authorization Rules for the Service Bus Topic. | | `autoDeleteOnIdle` | string | `'PT5M'` | | ISO 8601 timespan idle interval after which the topic is automatically deleted. The minimum duration is 5 minutes. | | `defaultMessageTimeToLive` | string | `'P14D'` | | ISO 8601 default message timespan to live value. This is the duration after which the message expires, starting from when the message is sent to Service Bus. This is the default value used when TimeToLive is not set on a message itself. | | `duplicateDetectionHistoryTimeWindow` | string | `'PT10M'` | | ISO 8601 timeSpan structure that defines the duration of the duplicate detection history. The default value is 10 minutes. | @@ -40,8 +44,8 @@ This module deploys a topic for a service bus namespace. | `maxMessageSizeInKilobytes` | int | `1024` | | Maximum size (in KB) of the message payload that can be accepted by the topic. This property is only used in Premium today and default is 1024. | | `maxSizeInMegabytes` | int | `1024` | | The maximum size of the topic in megabytes, which is the size of memory allocated for the topic. Default is 1024. | | `requiresDuplicateDetection` | bool | `False` | | A value indicating if this topic requires duplicate detection. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | -| `status` | string | `'Active'` | `[Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown]` | Enumerates the possible values for the status of a messaging entity. - Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| `status` | string | `'Active'` | `[Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown]` | Enumerates the possible values for the status of a messaging entity. - Active, Disabled, Restoring, SendDisabled, ReceiveDisabled, Creating, Deleting, Renaming, Unknown. | | `supportOrdering` | bool | `False` | | Value that indicates whether the topic supports ordering. | @@ -75,6 +79,6 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed topic | -| `resourceGroupName` | string | The resource group of the deployed topic | -| `resourceId` | string | The resource ID of the deployed topic | +| `name` | string | The name of the deployed topic. | +| `resourceGroupName` | string | The resource group of the deployed topic. | +| `resourceId` | string | The resource ID of the deployed topic. | diff --git a/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/deploy.bicep b/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/deploy.bicep index 40efd723e5..817ee36d0e 100644 --- a/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/deploy.bicep +++ b/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/deploy.bicep @@ -1,12 +1,12 @@ -@description('Required. Name of the parent Service Bus Namespace for the Service Bus Queue.') +@description('Conditional. Name of the parent Service Bus Namespace for the Service Bus Queue. Required if the template is used in a standalone deployment.') @minLength(6) @maxLength(50) param namespaceName string -@description('Optional. The name of the virtual network rule') +@description('Optional. The name of the virtual network rule.') param name string = '${namespaceName}-vnr' -@description('Required. Resource ID of Virtual Network Subnet') +@description('Required. Resource ID of Virtual Network Subnet.') param virtualNetworkSubnetId string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') diff --git a/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/readme.md b/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/readme.md index 20ec06d65a..9a35d8096c 100644 --- a/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/readme.md +++ b/arm/Microsoft.ServiceBus/namespaces/virtualNetworkRules/readme.md @@ -19,14 +19,18 @@ This module deploys a virtual network rule for a service bus namespace. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `namespaceName` | string | Name of the parent Service Bus Namespace for the Service Bus Queue. | -| `virtualNetworkSubnetId` | string | Resource ID of Virtual Network Subnet | +| `virtualNetworkSubnetId` | string | Resource ID of Virtual Network Subnet. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `namespaceName` | string | Name of the parent Service Bus Namespace for the Service Bus Queue. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `[format('{0}-vnr', parameters('namespaceName'))]` | The name of the virtual network rule | +| `name` | string | `[format('{0}-vnr', parameters('namespaceName'))]` | The name of the virtual network rule. | ## Outputs diff --git a/arm/Microsoft.ServiceFabric/clusters/applicationTypes/deploy.bicep b/arm/Microsoft.ServiceFabric/clusters/applicationTypes/deploy.bicep index 9e56b88bd4..db17874dd9 100644 --- a/arm/Microsoft.ServiceFabric/clusters/applicationTypes/deploy.bicep +++ b/arm/Microsoft.ServiceFabric/clusters/applicationTypes/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Name of the Service Fabric cluster.') +@description('Conditional. Name of the Service Fabric cluster. Required if the template is used in a standalone deployment.') param serviceFabricClusterName string = '' @description('Optional. Application type name.') diff --git a/arm/Microsoft.ServiceFabric/clusters/applicationTypes/readme.md b/arm/Microsoft.ServiceFabric/clusters/applicationTypes/readme.md index 7ebb01db31..062b1f2a98 100644 --- a/arm/Microsoft.ServiceFabric/clusters/applicationTypes/readme.md +++ b/arm/Microsoft.ServiceFabric/clusters/applicationTypes/readme.md @@ -16,10 +16,10 @@ This module deploys a Service Fabric Cluster Application Type. ## Parameters -**Required parameters** +**Conditional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | -| `serviceFabricClusterName` | string | `''` | Name of the Service Fabric cluster. | +| `serviceFabricClusterName` | string | `''` | Name of the Service Fabric cluster. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | diff --git a/arm/Microsoft.ServiceFabric/clusters/deploy.bicep b/arm/Microsoft.ServiceFabric/clusters/deploy.bicep index fedc50cc08..13fbeb0fbe 100644 --- a/arm/Microsoft.ServiceFabric/clusters/deploy.bicep +++ b/arm/Microsoft.ServiceFabric/clusters/deploy.bicep @@ -33,7 +33,7 @@ param maxUnusedVersionsToKeep int = 3 @description('Optional. The settings to enable AAD authentication on the cluster.') param azureActiveDirectory object = {} -@description('Optional. Describes the certificate details like thumbprint of the primary certificate, thumbprint of the secondary certificate and the local certificate store location') +@description('Optional. Describes the certificate details like thumbprint of the primary certificate, thumbprint of the secondary certificate and the local certificate store location.') param certificate object = {} @description('Optional. Describes a list of server certificates referenced by common name that are used to secure the cluster.') @@ -116,7 +116,7 @@ param upgradePauseStartTimestampUtc string = '' @description('Optional. Indicates when new cluster runtime version upgrades will be applied after they are released. By default is Wave0.') param upgradeWave string = 'Wave0' -@description('Optional. The VM image VMSS has been configured with. Generic names such as Windows or Linux can be used') +@description('Optional. The VM image VMSS has been configured with. Generic names such as Windows or Linux can be used.') param vmImage string = '' @allowed([ @@ -129,7 +129,7 @@ param vmssZonalUpgradeMode string = 'Hierarchical' @description('Optional. Boolean to pause automatic runtime version upgrades to the cluster.') param waveUpgradePaused bool = false -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Array of Service Fabric cluster application types.') diff --git a/arm/Microsoft.ServiceFabric/clusters/readme.md b/arm/Microsoft.ServiceFabric/clusters/readme.md index 4c80adbf96..24b41f52bb 100644 --- a/arm/Microsoft.ServiceFabric/clusters/readme.md +++ b/arm/Microsoft.ServiceFabric/clusters/readme.md @@ -33,7 +33,7 @@ This module deploys a Service Fabric Cluster. | `addOnFeatures` | array | `[]` | `[BackupRestoreService, DnsService, RepairManager, ResourceMonitorService]` | The list of add-on features to enable in the cluster. | | `applicationTypes` | _[applicationTypes](applicationTypes/readme.md)_ array | `[]` | | Array of Service Fabric cluster application types. | | `azureActiveDirectory` | object | `{object}` | | The settings to enable AAD authentication on the cluster. | -| `certificate` | object | `{object}` | | Describes the certificate details like thumbprint of the primary certificate, thumbprint of the secondary certificate and the local certificate store location | +| `certificate` | object | `{object}` | | Describes the certificate details like thumbprint of the primary certificate, thumbprint of the secondary certificate and the local certificate store location. | | `certificateCommonNames` | object | `{object}` | | Describes a list of server certificates referenced by common name that are used to secure the cluster. | | `clientCertificateCommonNames` | array | `[]` | | The list of client certificates referenced by common name that are allowed to manage the cluster. | | `clientCertificateThumbprints` | array | `[]` | | The list of client certificates referenced by thumbprint that are allowed to manage the cluster. | @@ -49,7 +49,7 @@ This module deploys a Service Fabric Cluster. | `reliabilityLevel` | string | | `[Bronze, Gold, None, Platinum, Silver]` | The reliability level sets the replica set size of system services. Learn about ReliabilityLevel (https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-cluster-capacity). - None - Run the System services with a target replica set count of 1. This should only be used for test clusters. - Bronze - Run the System services with a target replica set count of 3. This should only be used for test clusters. - Silver - Run the System services with a target replica set count of 5. - Gold - Run the System services with a target replica set count of 7. - Platinum - Run the System services with a target replica set count of 9. | | `reverseProxyCertificate` | object | `{object}` | | Describes the certificate details. | | `reverseProxyCertificateCommonNames` | object | `{object}` | | Describes a list of server certificates referenced by common name that are used to secure the cluster. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `sfZonalUpgradeMode` | string | `'Hierarchical'` | `[Hierarchical, Parallel]` | This property controls the logical grouping of VMs in upgrade domains (UDs). This property cannot be modified if a node type with multiple Availability Zones is already present in the cluster. | | `tags` | object | `{object}` | | Tags of the resource. | | `upgradeDescription` | object | `{object}` | | Describes the policy used when upgrading the cluster. | @@ -57,7 +57,7 @@ This module deploys a Service Fabric Cluster. | `upgradePauseEndTimestampUtc` | string | `''` | | Indicates the end date and time to pause automatic runtime version upgrades on the cluster for an specific period of time on the cluster (UTC). | | `upgradePauseStartTimestampUtc` | string | `''` | | Indicates the start date and time to pause automatic runtime version upgrades on the cluster for an specific period of time on the cluster (UTC). | | `upgradeWave` | string | `'Wave0'` | `[Wave0, Wave1, Wave2]` | Indicates when new cluster runtime version upgrades will be applied after they are released. By default is Wave0. | -| `vmImage` | string | `''` | | The VM image VMSS has been configured with. Generic names such as Windows or Linux can be used | +| `vmImage` | string | `''` | | The VM image VMSS has been configured with. Generic names such as Windows or Linux can be used. | | `vmssZonalUpgradeMode` | string | `'Hierarchical'` | `[Hierarchical, Parallel]` | This property defines the upgrade mode for the virtual machine scale set, it is mandatory if a node type with multiple Availability Zones is added. | | `waveUpgradePaused` | bool | `False` | | Boolean to pause automatic runtime version upgrades to the cluster. | diff --git a/arm/Microsoft.Sql/managedInstances/administrators/deploy.bicep b/arm/Microsoft.Sql/managedInstances/administrators/deploy.bicep index 50e79f8ed6..01f18bb73e 100644 --- a/arm/Microsoft.Sql/managedInstances/administrators/deploy.bicep +++ b/arm/Microsoft.Sql/managedInstances/administrators/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Name of the SQL managed instance.') +@description('Conditional. Name of the SQL managed instance. Required if the template is used in a standalone deployment.') param managedInstanceName string @description('Required. Login name of the managed instance administrator.') @@ -7,7 +7,7 @@ param login string @description('Required. SID (object ID) of the managed instance administrator.') param sid string -@description('Optional. The name of the managed instance administrator') +@description('Optional. The name of the managed instance administrator.') param name string = 'ActiveDirectory' @description('Optional. Tenant ID of the managed instance administrator.') @@ -43,11 +43,11 @@ resource administrator 'Microsoft.Sql/managedInstances/administrators@2021-02-01 } } -@description('The name of the deployed managed instance') +@description('The name of the deployed managed instance.') output name string = administrator.name -@description('The resource ID of the deployed managed instance') +@description('The resource ID of the deployed managed instance.') output resourceId string = administrator.id -@description('The resource group of the deployed managed instance') +@description('The resource group of the deployed managed instance.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Sql/managedInstances/administrators/readme.md b/arm/Microsoft.Sql/managedInstances/administrators/readme.md index 3ad1dad1cd..c03e60262f 100644 --- a/arm/Microsoft.Sql/managedInstances/administrators/readme.md +++ b/arm/Microsoft.Sql/managedInstances/administrators/readme.md @@ -20,14 +20,18 @@ This module deploys an administrator for the SQL managed instance | Parameter Name | Type | Description | | :-- | :-- | :-- | | `login` | string | Login name of the managed instance administrator. | -| `managedInstanceName` | string | Name of the SQL managed instance. | | `sid` | string | SID (object ID) of the managed instance administrator. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `managedInstanceName` | string | Name of the SQL managed instance. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `'ActiveDirectory'` | The name of the managed instance administrator | +| `name` | string | `'ActiveDirectory'` | The name of the managed instance administrator. | | `tenantId` | string | `''` | Tenant ID of the managed instance administrator. | @@ -35,6 +39,6 @@ This module deploys an administrator for the SQL managed instance | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed managed instance | -| `resourceGroupName` | string | The resource group of the deployed managed instance | -| `resourceId` | string | The resource ID of the deployed managed instance | +| `name` | string | The name of the deployed managed instance. | +| `resourceGroupName` | string | The resource group of the deployed managed instance. | +| `resourceId` | string | The resource ID of the deployed managed instance. | diff --git a/arm/Microsoft.Sql/managedInstances/databases/backupLongTermRetentionPolicies/deploy.bicep b/arm/Microsoft.Sql/managedInstances/databases/backupLongTermRetentionPolicies/deploy.bicep index fe8d57289a..b9ccf57725 100644 --- a/arm/Microsoft.Sql/managedInstances/databases/backupLongTermRetentionPolicies/deploy.bicep +++ b/arm/Microsoft.Sql/managedInstances/databases/backupLongTermRetentionPolicies/deploy.bicep @@ -1,10 +1,10 @@ @description('Required. The name of the Long Term Retention backup policy. For example "default".') param name string -@description('Required. The name of the managed instance database') +@description('Conditional. The name of the parent managed instance database. Required if the template is used in a standalone deployment.') param databaseName string -@description('Required. Name of the managed instance.') +@description('Conditional. Name of the managed instance. Required if the template is used in a standalone deployment.') param managedInstanceName string @description('Optional. The week of year to take the yearly backup in an ISO 8601 format.') @@ -53,11 +53,11 @@ resource backupLongTermRetentionPolicy 'Microsoft.Sql/managedInstances/databases } } -@description('The name of the deployed database backup long-term retention policy') +@description('The name of the deployed database backup long-term retention policy.') output name string = backupLongTermRetentionPolicy.name -@description('The resource ID of the deployed database backup long-term retention policy') +@description('The resource ID of the deployed database backup long-term retention policy.') output resourceId string = backupLongTermRetentionPolicy.id -@description('The resource group of the deployed database backup long-term retention policy') +@description('The resource group of the deployed database backup long-term retention policy.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Sql/managedInstances/databases/backupLongTermRetentionPolicies/readme.md b/arm/Microsoft.Sql/managedInstances/databases/backupLongTermRetentionPolicies/readme.md index 134c849baa..0f21b9a808 100644 --- a/arm/Microsoft.Sql/managedInstances/databases/backupLongTermRetentionPolicies/readme.md +++ b/arm/Microsoft.Sql/managedInstances/databases/backupLongTermRetentionPolicies/readme.md @@ -19,10 +19,14 @@ This module deploys a backup long-term retention policies for SQL Managed Instan **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `databaseName` | string | The name of the managed instance database | -| `managedInstanceName` | string | Name of the managed instance. | | `name` | string | The name of the Long Term Retention backup policy. For example "default". | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `databaseName` | string | The name of the parent managed instance database. Required if the template is used in a standalone deployment. | +| `managedInstanceName` | string | Name of the managed instance. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | @@ -37,6 +41,6 @@ This module deploys a backup long-term retention policies for SQL Managed Instan | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed database backup long-term retention policy | -| `resourceGroupName` | string | The resource group of the deployed database backup long-term retention policy | -| `resourceId` | string | The resource ID of the deployed database backup long-term retention policy | +| `name` | string | The name of the deployed database backup long-term retention policy. | +| `resourceGroupName` | string | The resource group of the deployed database backup long-term retention policy. | +| `resourceId` | string | The resource ID of the deployed database backup long-term retention policy. | diff --git a/arm/Microsoft.Sql/managedInstances/databases/backupShortTermRetentionPolicies/deploy.bicep b/arm/Microsoft.Sql/managedInstances/databases/backupShortTermRetentionPolicies/deploy.bicep index aeb359a9ee..d8e5819231 100644 --- a/arm/Microsoft.Sql/managedInstances/databases/backupShortTermRetentionPolicies/deploy.bicep +++ b/arm/Microsoft.Sql/managedInstances/databases/backupShortTermRetentionPolicies/deploy.bicep @@ -1,10 +1,10 @@ @description('Required. The name of the Short Term Retention backup policy. For example "default".') param name string -@description('Required. The name of the SQL managed instance database') +@description('Conditional. The name of the parent SQL managed instance database. Required if the template is used in a standalone deployment.') param databaseName string -@description('Required. Name of the SQL managed instance.') +@description('Conditional. Name of the SQL managed instance. Required if the template is used in a standalone deployment.') param managedInstanceName string @description('Optional. The backup retention period in days. This is how many days Point-in-Time Restore will be supported.') @@ -41,11 +41,11 @@ resource backupShortTermRetentionPolicy 'Microsoft.Sql/managedInstances/database } } -@description('The name of the deployed database backup short-term retention policy') +@description('The name of the deployed database backup short-term retention policy.') output name string = backupShortTermRetentionPolicy.name -@description('The resource ID of the deployed database backup short-term retention policy') +@description('The resource ID of the deployed database backup short-term retention policy.') output resourceId string = backupShortTermRetentionPolicy.id -@description('The resource group of the deployed database backup short-term retention policy') +@description('The resource group of the deployed database backup short-term retention policy.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Sql/managedInstances/databases/backupShortTermRetentionPolicies/readme.md b/arm/Microsoft.Sql/managedInstances/databases/backupShortTermRetentionPolicies/readme.md index 261983c024..95e3e4c883 100644 --- a/arm/Microsoft.Sql/managedInstances/databases/backupShortTermRetentionPolicies/readme.md +++ b/arm/Microsoft.Sql/managedInstances/databases/backupShortTermRetentionPolicies/readme.md @@ -20,10 +20,14 @@ This module deploys a backup short-term retention policies for SQL Managed Insta **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `databaseName` | string | The name of the SQL managed instance database | -| `managedInstanceName` | string | Name of the SQL managed instance. | | `name` | string | The name of the Short Term Retention backup policy. For example "default". | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `databaseName` | string | The name of the parent SQL managed instance database. Required if the template is used in a standalone deployment. | +| `managedInstanceName` | string | Name of the SQL managed instance. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | @@ -35,6 +39,6 @@ This module deploys a backup short-term retention policies for SQL Managed Insta | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed database backup short-term retention policy | -| `resourceGroupName` | string | The resource group of the deployed database backup short-term retention policy | -| `resourceId` | string | The resource ID of the deployed database backup short-term retention policy | +| `name` | string | The name of the deployed database backup short-term retention policy. | +| `resourceGroupName` | string | The resource group of the deployed database backup short-term retention policy. | +| `resourceId` | string | The resource ID of the deployed database backup short-term retention policy. | diff --git a/arm/Microsoft.Sql/managedInstances/databases/deploy.bicep b/arm/Microsoft.Sql/managedInstances/databases/deploy.bicep index fd805dfcff..7ffb74a133 100644 --- a/arm/Microsoft.Sql/managedInstances/databases/deploy.bicep +++ b/arm/Microsoft.Sql/managedInstances/databases/deploy.bicep @@ -1,7 +1,7 @@ @description('Required. The name of the SQL managed instance database.') param name string -@description('Required. The name of the SQL managed instance.') +@description('Conditional. The name of the parent SQL managed instance. Required if the template is used in a standalone deployment.') param managedInstanceName string @description('Optional. Location for all resources.') @@ -69,10 +69,10 @@ param diagnosticEventHubName string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. The configuration for the backup short term retention policy definition') +@description('Optional. The configuration for the backup short term retention policy definition.') param backupShortTermRetentionPoliciesObj object = {} -@description('Optional. The configuration for the backup long term retention policy definition') +@description('Optional. The configuration for the backup long term retention policy definition.') param backupLongTermRetentionPoliciesObj object = {} @description('Optional. Tags of the resource.') @@ -188,11 +188,11 @@ module database_backupLongTermRetentionPolicy 'backupLongTermRetentionPolicies/d } } -@description('The name of the deployed database') +@description('The name of the deployed database.') output name string = database.name -@description('The resource ID of the deployed database') +@description('The resource ID of the deployed database.') output resourceId string = database.id -@description('The resource group the database was deployed into') +@description('The resource group the database was deployed into.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Sql/managedInstances/databases/readme.md b/arm/Microsoft.Sql/managedInstances/databases/readme.md index 73a495da6c..c0532bd6b3 100644 --- a/arm/Microsoft.Sql/managedInstances/databases/readme.md +++ b/arm/Microsoft.Sql/managedInstances/databases/readme.md @@ -27,14 +27,18 @@ The SQL Managed Instance Database is deployed on a SQL Managed Instance. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `managedInstanceName` | string | The name of the SQL managed instance. | | `name` | string | The name of the SQL managed instance database. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `managedInstanceName` | string | The name of the parent SQL managed instance. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `backupLongTermRetentionPoliciesObj` | _[backupLongTermRetentionPolicies](backupLongTermRetentionPolicies/readme.md)_ object | `{object}` | | The configuration for the backup long term retention policy definition | -| `backupShortTermRetentionPoliciesObj` | _[backupShortTermRetentionPolicies](backupShortTermRetentionPolicies/readme.md)_ object | `{object}` | | The configuration for the backup short term retention policy definition | +| `backupLongTermRetentionPoliciesObj` | _[backupLongTermRetentionPolicies](backupLongTermRetentionPolicies/readme.md)_ object | `{object}` | | The configuration for the backup long term retention policy definition. | +| `backupShortTermRetentionPoliciesObj` | _[backupShortTermRetentionPolicies](backupShortTermRetentionPolicies/readme.md)_ object | `{object}` | | The configuration for the backup short term retention policy definition. | | `catalogCollation` | string | `'SQL_Latin1_General_CP1_CI_AS'` | | Collation of the managed instance. | | `collation` | string | `'SQL_Latin1_General_CP1_CI_AS'` | | Collation of the managed instance database. | | `createMode` | string | `'Default'` | `[Default, RestoreExternalBackup, PointInTimeRestore, Recovery, RestoreLongTermRetentionBackup]` | Managed database create mode. PointInTimeRestore: Create a database by restoring a point in time backup of an existing database. SourceDatabaseName, SourceManagedInstanceName and PointInTime must be specified. RestoreExternalBackup: Create a database by restoring from external backup files. Collation, StorageContainerUri and StorageContainerSasToken must be specified. Recovery: Creates a database by restoring a geo-replicated backup. RecoverableDatabaseId must be specified as the recoverable database resource ID to restore. | @@ -79,6 +83,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed database | -| `resourceGroupName` | string | The resource group the database was deployed into | -| `resourceId` | string | The resource ID of the deployed database | +| `name` | string | The name of the deployed database. | +| `resourceGroupName` | string | The resource group the database was deployed into. | +| `resourceId` | string | The resource ID of the deployed database. | diff --git a/arm/Microsoft.Sql/managedInstances/deploy.bicep b/arm/Microsoft.Sql/managedInstances/deploy.bicep index 44cb5fcdda..dce0133dd2 100644 --- a/arm/Microsoft.Sql/managedInstances/deploy.bicep +++ b/arm/Microsoft.Sql/managedInstances/deploy.bicep @@ -39,7 +39,7 @@ param hardwareFamily string = 'Gen5' @description('Optional. Whether or not multi-az is enabled.') param zoneRedundant bool = false -@description('Optional. Service principal type. If using AD Authentication and applying Admin, must be set to `SystemAssigned`. Then Global Admin must allow Reader access to Azure AD for the Service Principal') +@description('Optional. Service principal type. If using AD Authentication and applying Admin, must be set to `SystemAssigned`. Then Global Admin must allow Reader access to Azure AD for the Service Principal.') @allowed([ 'None' 'SystemAssigned' @@ -107,7 +107,7 @@ param diagnosticEventHubName string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -128,19 +128,19 @@ param primaryUserAssignedIdentityId string = '' @description('Optional. Databases to create in this server.') param databases array = [] -@description('Optional. The vulnerability assessment configuration') +@description('Optional. The vulnerability assessment configuration.') param vulnerabilityAssessmentsObj object = {} -@description('Optional. The security alert policy configuration') +@description('Optional. The security alert policy configuration.') param securityAlertPoliciesObj object = {} -@description('Optional. The keys to configure') +@description('Optional. The keys to configure.') param keys array = [] -@description('Optional. The encryption protection configuration') +@description('Optional. The encryption protection configuration.') param encryptionProtectorObj object = {} -@description('Optional. The administrator configuration') +@description('Optional. The administrator configuration.') param administratorsObj object = {} @description('Optional. The storage account type used to store backups for this database.') @@ -369,13 +369,13 @@ module managedInstance_administrator 'administrators/deploy.bicep' = if (!empty( } } -@description('The name of the deployed managed instance') +@description('The name of the deployed managed instance.') output name string = managedInstance.name -@description('The resource ID of the deployed managed instance') +@description('The resource ID of the deployed managed instance.') output resourceId string = managedInstance.id -@description('The resource group of the deployed managed instance') +@description('The resource group of the deployed managed instance.') output resourceGroupName string = resourceGroup().name @description('The principal ID of the system assigned identity.') diff --git a/arm/Microsoft.Sql/managedInstances/encryptionProtector/deploy.bicep b/arm/Microsoft.Sql/managedInstances/encryptionProtector/deploy.bicep index d22b475984..596566b95e 100644 --- a/arm/Microsoft.Sql/managedInstances/encryptionProtector/deploy.bicep +++ b/arm/Microsoft.Sql/managedInstances/encryptionProtector/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. The name of the encryptionProtector') +@description('Required. The name of the encryptionProtector.') param name string = 'current' -@description('Required. Name of the SQL managed instance.') +@description('Conditional. Name of the SQL managed instance. Required if the template is used in a standalone deployment.') param managedInstanceName string @description('Required. The name of the SQL managed instance key.') @@ -14,7 +14,7 @@ param serverKeyName string ]) param serverKeyType string = 'ServiceManaged' -@description('Optional. Key auto rotation opt-in flag') +@description('Optional. Key auto rotation opt-in flag.') param autoRotationEnabled bool = false @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -46,11 +46,11 @@ resource encryptionProtector 'Microsoft.Sql/managedInstances/encryptionProtector } } -@description('The name of the deployed managed instance') +@description('The name of the deployed managed instance.') output name string = encryptionProtector.name -@description('The resource ID of the deployed managed instance') +@description('The resource ID of the deployed managed instance.') output resourceId string = encryptionProtector.id -@description('The resource group of the deployed managed instance') +@description('The resource group of the deployed managed instance.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Sql/managedInstances/encryptionProtector/readme.md b/arm/Microsoft.Sql/managedInstances/encryptionProtector/readme.md index d354e48825..56bd5c1334 100644 --- a/arm/Microsoft.Sql/managedInstances/encryptionProtector/readme.md +++ b/arm/Microsoft.Sql/managedInstances/encryptionProtector/readme.md @@ -19,14 +19,18 @@ This module deploys an encryption protector for a SQL managed instance. **Required parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | -| `managedInstanceName` | string | | Name of the SQL managed instance. | -| `name` | string | `'current'` | The name of the encryptionProtector | +| `name` | string | `'current'` | The name of the encryptionProtector. | | `serverKeyName` | string | | The name of the SQL managed instance key. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `managedInstanceName` | string | Name of the SQL managed instance. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `autoRotationEnabled` | bool | `False` | | Key auto rotation opt-in flag | +| `autoRotationEnabled` | bool | `False` | | Key auto rotation opt-in flag. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `serverKeyType` | string | `'ServiceManaged'` | `[AzureKeyVault, ServiceManaged]` | The encryption protector type like "ServiceManaged", "AzureKeyVault". | @@ -35,6 +39,6 @@ This module deploys an encryption protector for a SQL managed instance. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed managed instance | -| `resourceGroupName` | string | The resource group of the deployed managed instance | -| `resourceId` | string | The resource ID of the deployed managed instance | +| `name` | string | The name of the deployed managed instance. | +| `resourceGroupName` | string | The resource group of the deployed managed instance. | +| `resourceId` | string | The resource ID of the deployed managed instance. | diff --git a/arm/Microsoft.Sql/managedInstances/keys/deploy.bicep b/arm/Microsoft.Sql/managedInstances/keys/deploy.bicep index 6249ba56ae..6cd3c11c01 100644 --- a/arm/Microsoft.Sql/managedInstances/keys/deploy.bicep +++ b/arm/Microsoft.Sql/managedInstances/keys/deploy.bicep @@ -1,10 +1,10 @@ -@description('Optional. The name of the key. Must follow the [__] pattern') +@description('Optional. The name of the key. Must follow the [__] pattern.') param name string = '' -@description('Required. Name of the SQL managed instance.') +@description('Conditional. Name of the SQL managed instance. Required if the template is used in a standalone deployment.') param managedInstanceName string -@description('Optional. The encryption protector type like "ServiceManaged", "AzureKeyVault"') +@description('Optional. The encryption protector type like "ServiceManaged", "AzureKeyVault".') @allowed([ 'AzureKeyVault' 'ServiceManaged' @@ -48,11 +48,11 @@ resource key 'Microsoft.Sql/managedInstances/keys@2021-05-01-preview' = { } } -@description('The name of the deployed managed instance') +@description('The name of the deployed managed instance.') output name string = key.name -@description('The resource ID of the deployed managed instance') +@description('The resource ID of the deployed managed instance.') output resourceId string = key.id -@description('The resource group of the deployed managed instance') +@description('The resource group of the deployed managed instance.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Sql/managedInstances/keys/readme.md b/arm/Microsoft.Sql/managedInstances/keys/readme.md index e06721656c..b60364d7f6 100644 --- a/arm/Microsoft.Sql/managedInstances/keys/readme.md +++ b/arm/Microsoft.Sql/managedInstances/keys/readme.md @@ -16,17 +16,17 @@ This module deploys a key for a SQL managed instance. ## Parameters -**Required parameters** +**Conditional parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `managedInstanceName` | string | Name of the SQL managed instance. | +| `managedInstanceName` | string | Name of the SQL managed instance. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `''` | | The name of the key. Must follow the [__] pattern | -| `serverKeyType` | string | `'ServiceManaged'` | `[AzureKeyVault, ServiceManaged]` | The encryption protector type like "ServiceManaged", "AzureKeyVault" | +| `name` | string | `''` | | The name of the key. Must follow the [__] pattern. | +| `serverKeyType` | string | `'ServiceManaged'` | `[AzureKeyVault, ServiceManaged]` | The encryption protector type like "ServiceManaged", "AzureKeyVault". | | `uri` | string | `''` | | The URI of the key. If the ServerKeyType is AzureKeyVault, then either the URI or the keyVaultName/keyName combination is required. | @@ -34,6 +34,6 @@ This module deploys a key for a SQL managed instance. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed managed instance | -| `resourceGroupName` | string | The resource group of the deployed managed instance | -| `resourceId` | string | The resource ID of the deployed managed instance | +| `name` | string | The name of the deployed managed instance. | +| `resourceGroupName` | string | The resource group of the deployed managed instance. | +| `resourceId` | string | The resource ID of the deployed managed instance. | diff --git a/arm/Microsoft.Sql/managedInstances/readme.md b/arm/Microsoft.Sql/managedInstances/readme.md index e07d938b8a..f807973dcf 100644 --- a/arm/Microsoft.Sql/managedInstances/readme.md +++ b/arm/Microsoft.Sql/managedInstances/readme.md @@ -55,7 +55,7 @@ SQL MI allows for Azure AD Authentication via an [Azure AD Admin](https://docs.m **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `administratorsObj` | _[administrators](administrators/readme.md)_ object | `{object}` | | The administrator configuration | +| `administratorsObj` | _[administrators](administrators/readme.md)_ object | `{object}` | | The administrator configuration. | | `collation` | string | `'SQL_Latin1_General_CP1_CI_AS'` | | Collation of the managed instance. | | `databases` | _[databases](databases/readme.md)_ array | `[]` | | Databases to create in this server. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | @@ -68,10 +68,10 @@ SQL MI allows for Azure AD Authentication via an [Azure AD Admin](https://docs.m | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | | `dnsZonePartner` | string | `''` | | The resource ID of another managed instance whose DNS zone this managed instance will share after creation. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `encryptionProtectorObj` | _[encryptionProtector](encryptionProtector/readme.md)_ object | `{object}` | | The encryption protection configuration | +| `encryptionProtectorObj` | _[encryptionProtector](encryptionProtector/readme.md)_ object | `{object}` | | The encryption protection configuration. | | `hardwareFamily` | string | `'Gen5'` | | If the service has different generations of hardware, for the same SKU, then that can be captured here. | | `instancePoolResourceId` | string | `''` | | The resource ID of the instance pool this managed server belongs to. | -| `keys` | _[keys](keys/readme.md)_ array | `[]` | | The keys to configure | +| `keys` | _[keys](keys/readme.md)_ array | `[]` | | The keys to configure. | | `licenseType` | string | `'LicenseIncluded'` | `[LicenseIncluded, BasePrice]` | The license type. Possible values are 'LicenseIncluded' (regular price inclusive of a new SQL license) and 'BasePrice' (discounted AHB price for bringing your own SQL licenses). | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | @@ -80,9 +80,9 @@ SQL MI allows for Azure AD Authentication via an [Azure AD Admin](https://docs.m | `publicDataEndpointEnabled` | bool | `False` | | Whether or not the public data endpoint is enabled. | | `requestedBackupStorageRedundancy` | string | `'Geo'` | `[Geo, GeoZone, Local, Zone]` | The storage account type used to store backups for this database. | | `restorePointInTime` | string | `''` | | Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | -| `securityAlertPoliciesObj` | _[securityAlertPolicies](securityAlertPolicies/readme.md)_ object | `{object}` | | The security alert policy configuration | -| `servicePrincipal` | string | `'None'` | `[None, SystemAssigned]` | Service principal type. If using AD Authentication and applying Admin, must be set to `SystemAssigned`. Then Global Admin must allow Reader access to Azure AD for the Service Principal | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| `securityAlertPoliciesObj` | _[securityAlertPolicies](securityAlertPolicies/readme.md)_ object | `{object}` | | The security alert policy configuration. | +| `servicePrincipal` | string | `'None'` | `[None, SystemAssigned]` | Service principal type. If using AD Authentication and applying Admin, must be set to `SystemAssigned`. Then Global Admin must allow Reader access to Azure AD for the Service Principal. | | `skuName` | string | `'GP_Gen5'` | | The name of the SKU, typically, a letter + Number code, e.g. P3. | | `skuTier` | string | `'GeneralPurpose'` | | The tier or edition of the particular SKU, e.g. Basic, Premium. | | `sourceManagedInstanceId` | string | `''` | | The resource identifier of the source managed instance associated with create operation of this instance. | @@ -92,7 +92,7 @@ SQL MI allows for Azure AD Authentication via an [Azure AD Admin](https://docs.m | `timezoneId` | string | `'UTC'` | | ID of the timezone. Allowed values are timezones supported by Windows. | | `userAssignedIdentities` | object | `{object}` | | The ID(s) to assign to the resource. | | `vCores` | int | `4` | | The number of vCores. Allowed values: 8, 16, 24, 32, 40, 64, 80. | -| `vulnerabilityAssessmentsObj` | _[vulnerabilityAssessments](vulnerabilityAssessments/readme.md)_ object | `{object}` | | The vulnerability assessment configuration | +| `vulnerabilityAssessmentsObj` | _[vulnerabilityAssessments](vulnerabilityAssessments/readme.md)_ object | `{object}` | | The vulnerability assessment configuration. | | `zoneRedundant` | bool | `False` | | Whether or not multi-az is enabled. | @@ -167,7 +167,7 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed managed instance | -| `resourceGroupName` | string | The resource group of the deployed managed instance | -| `resourceId` | string | The resource ID of the deployed managed instance | +| `name` | string | The name of the deployed managed instance. | +| `resourceGroupName` | string | The resource group of the deployed managed instance. | +| `resourceId` | string | The resource ID of the deployed managed instance. | | `systemAssignedPrincipalId` | string | The principal ID of the system assigned identity. | diff --git a/arm/Microsoft.Sql/managedInstances/securityAlertPolicies/deploy.bicep b/arm/Microsoft.Sql/managedInstances/securityAlertPolicies/deploy.bicep index f38e1c4488..a85a13fe78 100644 --- a/arm/Microsoft.Sql/managedInstances/securityAlertPolicies/deploy.bicep +++ b/arm/Microsoft.Sql/managedInstances/securityAlertPolicies/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. The name of the security alert policy') +@description('Required. The name of the security alert policy.') param name string -@description('Required. Name of the SQL managed instance.') +@description('Conditional. Name of the SQL managed instance. Required if the template is used in a standalone deployment.') param managedInstanceName string @description('Optional. Enables advanced data security features, like recuring vulnerability assesment scans and ATP. If enabled, storage account must be provided.') @@ -42,11 +42,11 @@ resource securityAlertPolicy 'Microsoft.Sql/managedInstances/securityAlertPolici } } -@description('The name of the deployed security alert policy') +@description('The name of the deployed security alert policy.') output name string = securityAlertPolicy.name -@description('The resource ID of the deployed security alert policy') +@description('The resource ID of the deployed security alert policy.') output resourceId string = securityAlertPolicy.id -@description('The resource group of the deployed security alert policy') +@description('The resource group of the deployed security alert policy.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Sql/managedInstances/securityAlertPolicies/readme.md b/arm/Microsoft.Sql/managedInstances/securityAlertPolicies/readme.md index d47fa5ab1c..339ff79c25 100644 --- a/arm/Microsoft.Sql/managedInstances/securityAlertPolicies/readme.md +++ b/arm/Microsoft.Sql/managedInstances/securityAlertPolicies/readme.md @@ -19,8 +19,12 @@ This module deploys a security alert policy for a SQL managed instance. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `managedInstanceName` | string | Name of the SQL managed instance. | -| `name` | string | The name of the security alert policy | +| `name` | string | The name of the security alert policy. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `managedInstanceName` | string | Name of the SQL managed instance. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -34,6 +38,6 @@ This module deploys a security alert policy for a SQL managed instance. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed security alert policy | -| `resourceGroupName` | string | The resource group of the deployed security alert policy | -| `resourceId` | string | The resource ID of the deployed security alert policy | +| `name` | string | The name of the deployed security alert policy. | +| `resourceGroupName` | string | The resource group of the deployed security alert policy. | +| `resourceId` | string | The resource ID of the deployed security alert policy. | diff --git a/arm/Microsoft.Sql/managedInstances/vulnerabilityAssessments/deploy.bicep b/arm/Microsoft.Sql/managedInstances/vulnerabilityAssessments/deploy.bicep index 45c211f29e..d1d48235b8 100644 --- a/arm/Microsoft.Sql/managedInstances/vulnerabilityAssessments/deploy.bicep +++ b/arm/Microsoft.Sql/managedInstances/vulnerabilityAssessments/deploy.bicep @@ -1,7 +1,7 @@ -@description('Required. The name of the vulnerability assessment') +@description('Required. The name of the vulnerability assessment.') param name string -@description('Required. Name of the SQL managed instance.') +@description('Conditional. Name of the SQL managed instance. Required if the template is used in a standalone deployment.') param managedInstanceName string @description('Optional. Recurring scans state.') @@ -49,11 +49,11 @@ resource vulnerabilityAssessment 'Microsoft.Sql/managedInstances/vulnerabilityAs } } -@description('The name of the deployed vulnerability assessment') +@description('The name of the deployed vulnerability assessment.') output name string = vulnerabilityAssessment.name -@description('The resource ID of the deployed vulnerability assessment') +@description('The resource ID of the deployed vulnerability assessment.') output resourceId string = vulnerabilityAssessment.id -@description('The resource group of the deployed vulnerability assessment') +@description('The resource group of the deployed vulnerability assessment.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Sql/managedInstances/vulnerabilityAssessments/readme.md b/arm/Microsoft.Sql/managedInstances/vulnerabilityAssessments/readme.md index c4b2151546..ee02698c95 100644 --- a/arm/Microsoft.Sql/managedInstances/vulnerabilityAssessments/readme.md +++ b/arm/Microsoft.Sql/managedInstances/vulnerabilityAssessments/readme.md @@ -19,8 +19,12 @@ This module deploys a vulnerability assessment for a SQL managed instance. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `managedInstanceName` | string | Name of the SQL managed instance. | -| `name` | string | The name of the vulnerability assessment | +| `name` | string | The name of the vulnerability assessment. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `managedInstanceName` | string | Name of the SQL managed instance. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -36,6 +40,6 @@ This module deploys a vulnerability assessment for a SQL managed instance. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed vulnerability assessment | -| `resourceGroupName` | string | The resource group of the deployed vulnerability assessment | -| `resourceId` | string | The resource ID of the deployed vulnerability assessment | +| `name` | string | The name of the deployed vulnerability assessment. | +| `resourceGroupName` | string | The resource group of the deployed vulnerability assessment. | +| `resourceId` | string | The resource ID of the deployed vulnerability assessment. | diff --git a/arm/Microsoft.Sql/servers/databases/deploy.bicep b/arm/Microsoft.Sql/servers/databases/deploy.bicep index 75b98cc14d..c9791da6ce 100644 --- a/arm/Microsoft.Sql/servers/databases/deploy.bicep +++ b/arm/Microsoft.Sql/servers/databases/deploy.bicep @@ -1,7 +1,7 @@ @description('Required. The name of the database.') param name string -@description('Required. The Name of SQL Server') +@description('Conditional. The name of the parent SQL Server. Required if the template is used in a standalone deployment.') param serverName string @description('Optional. The collation of the database.') @@ -217,11 +217,11 @@ resource database_diagnosticSettings 'Microsoft.Insights/diagnosticSettings@2021 scope: database } -@description('The name of the deployed database') +@description('The name of the deployed database.') output name string = database.name -@description('The resource ID of the deployed database') +@description('The resource ID of the deployed database.') output resourceId string = database.id -@description('The resourceGroup of the deployed database') +@description('The resourceGroup of the deployed database.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Sql/servers/databases/readme.md b/arm/Microsoft.Sql/servers/databases/readme.md index 78b4c83dbf..9b09263672 100644 --- a/arm/Microsoft.Sql/servers/databases/readme.md +++ b/arm/Microsoft.Sql/servers/databases/readme.md @@ -21,7 +21,11 @@ This module deploys an Azure SQL Server. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the database. | -| `serverName` | string | The Name of SQL Server | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `serverName` | string | The name of the parent SQL Server. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -77,6 +81,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed database | -| `resourceGroupName` | string | The resourceGroup of the deployed database | -| `resourceId` | string | The resource ID of the deployed database | +| `name` | string | The name of the deployed database. | +| `resourceGroupName` | string | The resourceGroup of the deployed database. | +| `resourceId` | string | The resource ID of the deployed database. | diff --git a/arm/Microsoft.Sql/servers/deploy.bicep b/arm/Microsoft.Sql/servers/deploy.bicep index eb6605c9f8..db2a46ff0b 100644 --- a/arm/Microsoft.Sql/servers/deploy.bicep +++ b/arm/Microsoft.Sql/servers/deploy.bicep @@ -25,7 +25,7 @@ param userAssignedIdentities object = {} @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -34,13 +34,13 @@ param tags object = {} @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The databases to create in the server') +@description('Optional. The databases to create in the server.') param databases array = [] -@description('Optional. The firewall rules to create in the server') +@description('Optional. The firewall rules to create in the server.') param firewallRules array = [] -@description('Optional. The security alert policies to create in the server') +@description('Optional. The security alert policies to create in the server.') param securityAlertPolicies array = [] @description('Optional. The Azure Active Directory (AAD) administrator authentication. Required if no `administratorLogin` & `administratorLoginPassword` is provided.') @@ -167,13 +167,13 @@ module server_securityAlertPolicies 'securityAlertPolicies/deploy.bicep' = [for } }] -@description('The name of the deployed SQL server') +@description('The name of the deployed SQL server.') output name string = server.name -@description('The resource ID of the deployed SQL server') +@description('The resource ID of the deployed SQL server.') output resourceId string = server.id -@description('The resourceGroup of the deployed SQL server') +@description('The resourceGroup of the deployed SQL server.') output resourceGroupName string = resourceGroup().name @description('The principal ID of the system assigned identity.') diff --git a/arm/Microsoft.Sql/servers/firewallRules/deploy.bicep b/arm/Microsoft.Sql/servers/firewallRules/deploy.bicep index 6702cb522a..ec242a2453 100644 --- a/arm/Microsoft.Sql/servers/firewallRules/deploy.bicep +++ b/arm/Microsoft.Sql/servers/firewallRules/deploy.bicep @@ -7,7 +7,7 @@ param endIpAddress string = '0.0.0.0' @description('Optional. The start IP address of the firewall rule. Must be IPv4 format. Use value \'0.0.0.0\' for all Azure-internal IP addresses.') param startIpAddress string = '0.0.0.0' -@description('Required. The Name of SQL Server') +@description('Conditional. The name of the parent SQL Server. Required if the template is used in a standalone deployment.') param serverName string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -38,11 +38,11 @@ resource firewallRule 'Microsoft.Sql/servers/firewallRules@2021-05-01-preview' = } } -@description('The name of the deployed firewall rule') +@description('The name of the deployed firewall rule.') output name string = firewallRule.name -@description('The resource ID of the deployed firewall rule') +@description('The resource ID of the deployed firewall rule.') output resourceId string = firewallRule.id -@description('The resourceGroup of the deployed firewall rule') +@description('The resourceGroup of the deployed firewall rule.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Sql/servers/firewallRules/readme.md b/arm/Microsoft.Sql/servers/firewallRules/readme.md index 570e9011bd..6d059ebe87 100644 --- a/arm/Microsoft.Sql/servers/firewallRules/readme.md +++ b/arm/Microsoft.Sql/servers/firewallRules/readme.md @@ -20,7 +20,11 @@ This module deploys an SQL Server Firewall rule. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the Server Firewall Rule. | -| `serverName` | string | The Name of SQL Server | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `serverName` | string | The name of the parent SQL Server. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | @@ -34,6 +38,6 @@ This module deploys an SQL Server Firewall rule. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed firewall rule | -| `resourceGroupName` | string | The resourceGroup of the deployed firewall rule | -| `resourceId` | string | The resource ID of the deployed firewall rule | +| `name` | string | The name of the deployed firewall rule. | +| `resourceGroupName` | string | The resourceGroup of the deployed firewall rule. | +| `resourceId` | string | The resource ID of the deployed firewall rule. | diff --git a/arm/Microsoft.Sql/servers/readme.md b/arm/Microsoft.Sql/servers/readme.md index d2f556b73b..d38789ae87 100644 --- a/arm/Microsoft.Sql/servers/readme.md +++ b/arm/Microsoft.Sql/servers/readme.md @@ -33,13 +33,13 @@ This module deploys a SQL server. | `administratorLogin` | string | `''` | | Administrator username for the server. Required if no `administrators` object for AAD authentication is provided. | | `administratorLoginPassword` | secureString | `''` | | The administrator login password. Required if no `administrators` object for AAD authentication is provided. | | `administrators` | object | `{object}` | | The Azure Active Directory (AAD) administrator authentication. Required if no `administratorLogin` & `administratorLoginPassword` is provided. | -| `databases` | _[databases](databases/readme.md)_ array | `[]` | | The databases to create in the server | +| `databases` | _[databases](databases/readme.md)_ array | `[]` | | The databases to create in the server. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `firewallRules` | _[firewallRules](firewallRules/readme.md)_ array | `[]` | | The firewall rules to create in the server | +| `firewallRules` | _[firewallRules](firewallRules/readme.md)_ array | `[]` | | The firewall rules to create in the server. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | -| `securityAlertPolicies` | _[securityAlertPolicies](securityAlertPolicies/readme.md)_ array | `[]` | | The security alert policies to create in the server | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| `securityAlertPolicies` | _[securityAlertPolicies](securityAlertPolicies/readme.md)_ array | `[]` | | The security alert policies to create in the server. | | `systemAssignedIdentity` | bool | `False` | | Enables system assigned managed identity on the resource. | | `tags` | object | `{object}` | | Tags of the resource. | | `userAssignedIdentities` | object | `{object}` | | The ID(s) to assign to the resource. | @@ -122,7 +122,7 @@ https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/administr | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed SQL server | -| `resourceGroupName` | string | The resourceGroup of the deployed SQL server | -| `resourceId` | string | The resource ID of the deployed SQL server | +| `name` | string | The name of the deployed SQL server. | +| `resourceGroupName` | string | The resourceGroup of the deployed SQL server. | +| `resourceId` | string | The resource ID of the deployed SQL server. | | `systemAssignedPrincipalId` | string | The principal ID of the system assigned identity. | diff --git a/arm/Microsoft.Sql/servers/securityAlertPolicies/deploy.bicep b/arm/Microsoft.Sql/servers/securityAlertPolicies/deploy.bicep index f126189ebc..61e277134c 100644 --- a/arm/Microsoft.Sql/servers/securityAlertPolicies/deploy.bicep +++ b/arm/Microsoft.Sql/servers/securityAlertPolicies/deploy.bicep @@ -27,7 +27,7 @@ param storageAccountAccessKey string = '' @description('Optional. Specifies the blob storage endpoint (e.g. https://mystorageaccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.') param storageEndpoint string = '' -@description('Required. The Name of SQL Server') +@description('Conditional. The name of the parent SQL Server. Required if the template is used in a standalone deployment.') param serverName string @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -63,11 +63,11 @@ resource securityAlertPolicy 'Microsoft.Sql/servers/securityAlertPolicies@2021-0 } } -@description('The name of the deployed security alert policy') +@description('The name of the deployed security alert policy.') output name string = securityAlertPolicy.name -@description('The resource ID of the deployed security alert policy') +@description('The resource ID of the deployed security alert policy.') output resourceId string = securityAlertPolicy.id -@description('The resourceGroup of the deployed security alert policy') +@description('The resourceGroup of the deployed security alert policy.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Sql/servers/securityAlertPolicies/readme.md b/arm/Microsoft.Sql/servers/securityAlertPolicies/readme.md index bedec71818..ba5330a064 100644 --- a/arm/Microsoft.Sql/servers/securityAlertPolicies/readme.md +++ b/arm/Microsoft.Sql/servers/securityAlertPolicies/readme.md @@ -20,7 +20,11 @@ This module deploys an SQL Server Security Alert Policy. | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the Security Alert Policy. | -| `serverName` | string | The Name of SQL Server | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `serverName` | string | The name of the parent SQL Server. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -39,6 +43,6 @@ This module deploys an SQL Server Security Alert Policy. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed security alert policy | -| `resourceGroupName` | string | The resourceGroup of the deployed security alert policy | -| `resourceId` | string | The resource ID of the deployed security alert policy | +| `name` | string | The name of the deployed security alert policy. | +| `resourceGroupName` | string | The resourceGroup of the deployed security alert policy. | +| `resourceId` | string | The resource ID of the deployed security alert policy. | diff --git a/arm/Microsoft.Storage/storageAccounts/blobServices/containers/deploy.bicep b/arm/Microsoft.Storage/storageAccounts/blobServices/containers/deploy.bicep index 45b19fdbed..b317a21cdd 100644 --- a/arm/Microsoft.Storage/storageAccounts/blobServices/containers/deploy.bicep +++ b/arm/Microsoft.Storage/storageAccounts/blobServices/containers/deploy.bicep @@ -1,11 +1,11 @@ @maxLength(24) -@description('Required. Name of the Storage Account.') +@description('Conditional. Name of the Storage Account. Required if the template is used in a standalone deployment.') param storageAccountName string @description('Optional. Name of the blob service.') param blobServicesName string = 'default' -@description('Required. The name of the storage container to deploy') +@description('Required. The name of the storage container to deploy.') param name string @description('Optional. Name of the immutable policy.') @@ -22,7 +22,7 @@ param publicAccess string = 'None' @description('Optional. Configure immutability policy.') param immutabilityPolicyProperties object = {} -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -79,11 +79,11 @@ module container_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) } }] -@description('The name of the deployed container') +@description('The name of the deployed container.') output name string = container.name -@description('The resource ID of the deployed container') +@description('The resource ID of the deployed container.') output resourceId string = container.id -@description('The resource group of the deployed container') +@description('The resource group of the deployed container.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/deploy.bicep b/arm/Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/deploy.bicep index a7c87d2553..56d029610a 100644 --- a/arm/Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/deploy.bicep +++ b/arm/Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/deploy.bicep @@ -1,11 +1,11 @@ @maxLength(24) -@description('Required. Name of the Storage Account.') +@description('Conditional. Name of the Storage Account. Required if the template is used in a standalone deployment.') param storageAccountName string -@description('Optional. Name of the blob service.') +@description('Conditional. Name of the blob service. Required if the template is used in a standalone deployment.') param blobServicesName string = 'default' -@description('Required. Name of the container to apply the policy to') +@description('Conditional. Name of the container to apply the policy to. Required if the template is used in a standalone deployment.') param containerName string @description('Optional. Name of the immutable policy.') @@ -14,7 +14,7 @@ param name string = 'default' @description('Optional. The immutability period for the blobs in the container since the policy creation, in days.') param immutabilityPeriodSinceCreationInDays int = 365 -@description('Optional. This property can only be changed for unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted. This property cannot be changed with ExtendImmutabilityPolicy API') +@description('Optional. This property can only be changed for unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted. This property cannot be changed with ExtendImmutabilityPolicy API.') param allowProtectedAppendWrites bool = true @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') diff --git a/arm/Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/readme.md b/arm/Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/readme.md index b6637877ee..dc380f1b40 100644 --- a/arm/Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/readme.md +++ b/arm/Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/readme.md @@ -16,17 +16,17 @@ This module deploys an Immutability Policy for a blob container ## Parameters -**Required parameters** -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `containerName` | string | Name of the container to apply the policy to | -| `storageAccountName` | string | Name of the Storage Account. | +**Conditional parameters** +| Parameter Name | Type | Default Value | Description | +| :-- | :-- | :-- | :-- | +| `blobServicesName` | string | `'default'` | Name of the blob service. Required if the template is used in a standalone deployment. | +| `containerName` | string | | Name of the container to apply the policy to. Required if the template is used in a standalone deployment. | +| `storageAccountName` | string | | Name of the Storage Account. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | -| `allowProtectedAppendWrites` | bool | `True` | This property can only be changed for unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted. This property cannot be changed with ExtendImmutabilityPolicy API | -| `blobServicesName` | string | `'default'` | Name of the blob service. | +| `allowProtectedAppendWrites` | bool | `True` | This property can only be changed for unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted. This property cannot be changed with ExtendImmutabilityPolicy API. | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `immutabilityPeriodSinceCreationInDays` | int | `365` | The immutability period for the blobs in the container since the policy creation, in days. | | `name` | string | `'default'` | Name of the immutable policy. | diff --git a/arm/Microsoft.Storage/storageAccounts/blobServices/containers/readme.md b/arm/Microsoft.Storage/storageAccounts/blobServices/containers/readme.md index 7f30c88111..12dbb73d25 100644 --- a/arm/Microsoft.Storage/storageAccounts/blobServices/containers/readme.md +++ b/arm/Microsoft.Storage/storageAccounts/blobServices/containers/readme.md @@ -21,8 +21,12 @@ This module deploys a blob container **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the storage container to deploy | -| `storageAccountName` | string | Name of the Storage Account. | +| `name` | string | The name of the storage container to deploy. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `storageAccountName` | string | Name of the Storage Account. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -32,7 +36,7 @@ This module deploys a blob container | `immutabilityPolicyName` | string | `'default'` | | Name of the immutable policy. | | `immutabilityPolicyProperties` | object | `{object}` | | Configure immutability policy. | | `publicAccess` | string | `'None'` | `[Container, Blob, None]` | Specifies whether data in the container may be accessed publicly and the level of access. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | ### Parameter Usage: `roleAssignments` @@ -65,6 +69,6 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed container | -| `resourceGroupName` | string | The resource group of the deployed container | -| `resourceId` | string | The resource ID of the deployed container | +| `name` | string | The name of the deployed container. | +| `resourceGroupName` | string | The resource group of the deployed container. | +| `resourceId` | string | The resource ID of the deployed container. | diff --git a/arm/Microsoft.Storage/storageAccounts/blobServices/deploy.bicep b/arm/Microsoft.Storage/storageAccounts/blobServices/deploy.bicep index b6afb1a82e..9b929162e0 100644 --- a/arm/Microsoft.Storage/storageAccounts/blobServices/deploy.bicep +++ b/arm/Microsoft.Storage/storageAccounts/blobServices/deploy.bicep @@ -1,8 +1,8 @@ @maxLength(24) -@description('Required. Name of the Storage Account.') +@description('Conditional. Name of the Storage Account. Required if the template is used in a standalone deployment.') param storageAccountName string -@description('Optional. The name of the blob service') +@description('Optional. The name of the blob service.') param name string = 'default' @description('Optional. Indicates whether DeleteRetentionPolicy is enabled for the Blob service.') @@ -133,11 +133,11 @@ module blobServices_container 'containers/deploy.bicep' = [for (container, index } }] -@description('The name of the deployed blob service') +@description('The name of the deployed blob service.') output name string = blobServices.name -@description('The resource ID of the deployed blob service') +@description('The resource ID of the deployed blob service.') output resourceId string = blobServices.id -@description('The name of the deployed blob service') +@description('The name of the deployed blob service.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Storage/storageAccounts/blobServices/readme.md b/arm/Microsoft.Storage/storageAccounts/blobServices/readme.md index 9f0b0b1c6c..9d809fca75 100644 --- a/arm/Microsoft.Storage/storageAccounts/blobServices/readme.md +++ b/arm/Microsoft.Storage/storageAccounts/blobServices/readme.md @@ -20,10 +20,10 @@ This module can be used to deploy a blob service into a storage account. ## Parameters -**Required parameters** +**Conditional parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `storageAccountName` | string | Name of the Storage Account. | +| `storageAccountName` | string | Name of the Storage Account. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -41,13 +41,13 @@ This module can be used to deploy a blob service into a storage account. | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of a log analytics workspace. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `'default'` | | The name of the blob service | +| `name` | string | `'default'` | | The name of the blob service. | ## Outputs | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed blob service | -| `resourceGroupName` | string | The name of the deployed blob service | -| `resourceId` | string | The resource ID of the deployed blob service | +| `name` | string | The name of the deployed blob service. | +| `resourceGroupName` | string | The name of the deployed blob service. | +| `resourceId` | string | The resource ID of the deployed blob service. | diff --git a/arm/Microsoft.Storage/storageAccounts/deploy.bicep b/arm/Microsoft.Storage/storageAccounts/deploy.bicep index 8b9ca4d1e2..afdd3da9f5 100644 --- a/arm/Microsoft.Storage/storageAccounts/deploy.bicep +++ b/arm/Microsoft.Storage/storageAccounts/deploy.bicep @@ -5,7 +5,7 @@ param name string = '' @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Enables system assigned managed identity on the resource.') @@ -47,22 +47,22 @@ param storageAccountAccessTier string = 'Hot' @description('Optional. Provides the identity based authentication settings for Azure Files.') param azureFilesIdentityBasedAuthentication object = {} -@description('Optional. Configuration Details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible') +@description('Optional. Configuration Details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible.') param privateEndpoints array = [] @description('Optional. The Storage Account ManagementPolicies Rules.') param managementPolicyRules array = [] -@description('Optional. Networks ACLs, this value contains IPs to whitelist and/or Subnet information. For security reasons, it is recommended to set the DefaultAction Deny') +@description('Optional. Networks ACLs, this value contains IPs to whitelist and/or Subnet information. For security reasons, it is recommended to set the DefaultAction Deny.') param networkAcls object = {} @description('Optional. A boolean indicating whether or not the service applies a secondary layer of encryption with platform managed keys for data at rest. For security reasons, it is recommended to set it to true.') param requireInfrastructureEncryption bool = true -@description('Optional. Blob service and containers to deploy') +@description('Optional. Blob service and containers to deploy.') param blobServices object = {} -@description('Optional. File service and shares to deploy') +@description('Optional. File service and shares to deploy.') param fileServices object = {} @description('Optional. Queue service and queues to create.') @@ -82,7 +82,7 @@ param allowBlobPublicAccess bool = false @description('Optional. Set the minimum TLS version on request to storage.') param minimumTlsVersion string = 'TLS1_2' -@description('Optional. If true, enables Hierarchical Namespace for the storage account') +@description('Optional. If true, enables Hierarchical Namespace for the storage account.') param enableHierarchicalNamespace bool = false @description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') @@ -342,13 +342,13 @@ module storageAccount_tableServices 'tableServices/deploy.bicep' = if (!empty(ta } } -@description('The resource ID of the deployed storage account') +@description('The resource ID of the deployed storage account.') output resourceId string = storageAccount.id -@description('The name of the deployed storage account') +@description('The name of the deployed storage account.') output name string = storageAccount.name -@description('The resource group of the deployed storage account') +@description('The resource group of the deployed storage account.') output resourceGroupName string = resourceGroup().name @description('The primary blob endpoint reference if blob services are deployed.') diff --git a/arm/Microsoft.Storage/storageAccounts/fileServices/deploy.bicep b/arm/Microsoft.Storage/storageAccounts/fileServices/deploy.bicep index 7f1fea1b01..8809baaa96 100644 --- a/arm/Microsoft.Storage/storageAccounts/fileServices/deploy.bicep +++ b/arm/Microsoft.Storage/storageAccounts/fileServices/deploy.bicep @@ -1,11 +1,11 @@ @maxLength(24) -@description('Required. Name of the Storage Account.') +@description('Conditional. Name of the Storage Account. Required if the template is used in a standalone deployment.') param storageAccountName string -@description('Optional. The name of the file service') +@description('Optional. The name of the file service.') param name string = 'default' -@description('Optional. Protocol settings for file service') +@description('Optional. Protocol settings for file service.') param protocolSettings object = {} @description('Optional. The service properties for soft delete.') @@ -131,11 +131,11 @@ module fileServices_shares 'shares/deploy.bicep' = [for (share, index) in shares } }] -@description('The name of the deployed file share service') +@description('The name of the deployed file share service.') output name string = fileServices.name -@description('The resource ID of the deployed file share service') +@description('The resource ID of the deployed file share service.') output resourceId string = fileServices.id -@description('The resource group of the deployed file share service') +@description('The resource group of the deployed file share service.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Storage/storageAccounts/fileServices/readme.md b/arm/Microsoft.Storage/storageAccounts/fileServices/readme.md index 4b12d54d0b..fdb60ec5c7 100644 --- a/arm/Microsoft.Storage/storageAccounts/fileServices/readme.md +++ b/arm/Microsoft.Storage/storageAccounts/fileServices/readme.md @@ -19,10 +19,10 @@ This module can be used to deploy a file share service into a storage account. ## Parameters -**Required parameters** +**Conditional parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `storageAccountName` | string | Name of the Storage Account. | +| `storageAccountName` | string | Name of the Storage Account. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -36,8 +36,8 @@ This module can be used to deploy a file share service into a storage account. | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of a log analytics workspace. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `'default'` | | The name of the file service | -| `protocolSettings` | object | `{object}` | | Protocol settings for file service | +| `name` | string | `'default'` | | The name of the file service. | +| `protocolSettings` | object | `{object}` | | Protocol settings for file service. | | `shareDeleteRetentionPolicy` | object | `{object}` | | The service properties for soft delete. | | `shares` | _[shares](shares/readme.md)_ array | `[]` | | File shares to create. | @@ -46,6 +46,6 @@ This module can be used to deploy a file share service into a storage account. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed file share service | -| `resourceGroupName` | string | The resource group of the deployed file share service | -| `resourceId` | string | The resource ID of the deployed file share service | +| `name` | string | The name of the deployed file share service. | +| `resourceGroupName` | string | The resource group of the deployed file share service. | +| `resourceId` | string | The resource ID of the deployed file share service. | diff --git a/arm/Microsoft.Storage/storageAccounts/fileServices/shares/deploy.bicep b/arm/Microsoft.Storage/storageAccounts/fileServices/shares/deploy.bicep index 7e0fe99b8c..2cd67243cf 100644 --- a/arm/Microsoft.Storage/storageAccounts/fileServices/shares/deploy.bicep +++ b/arm/Microsoft.Storage/storageAccounts/fileServices/shares/deploy.bicep @@ -1,11 +1,11 @@ @maxLength(24) -@description('Required. Name of the Storage Account.') +@description('Conditional. Name of the Storage Account. Required if the template is used in a standalone deployment.') param storageAccountName string -@description('Optional. The name of the file service') +@description('Conditional. The name of the parent file service. Required if the template is used in a standalone deployment.') param fileServicesName string = 'default' -@description('Required. The name of the file share to create') +@description('Required. The name of the file share to create.') param name string @description('Optional. The maximum size of the share, in gigabytes. Must be greater than 0, and less than or equal to 5TB (5120). For Large File Shares, the maximum size is 102400.') @@ -26,7 +26,7 @@ param enabledProtocols string = 'SMB' @description('Optional. Permissions for NFS file shares are enforced by the client OS rather than the Azure Files service. Toggling the root squash behavior reduces the rights of the root user for NFS shares.') param rootSquash string = 'NoRootSquash' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -73,11 +73,11 @@ module fileShare_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) } }] -@description('The name of the deployed file share') +@description('The name of the deployed file share.') output name string = fileShare.name -@description('The resource ID of the deployed file share') +@description('The resource ID of the deployed file share.') output resourceId string = fileShare.id -@description('The resource group of the deployed file share') +@description('The resource group of the deployed file share.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md b/arm/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md index 3c4f01d561..fd4fe08135 100644 --- a/arm/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md +++ b/arm/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md @@ -20,16 +20,20 @@ This module deploys a storage account file share. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the file share to create | -| `storageAccountName` | string | Name of the Storage Account. | +| `name` | string | The name of the file share to create. | + +**Conditional parameters** +| Parameter Name | Type | Default Value | Description | +| :-- | :-- | :-- | :-- | +| `fileServicesName` | string | `'default'` | The name of the parent file service. Required if the template is used in a standalone deployment. | +| `storageAccountName` | string | | Name of the Storage Account. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `enabledProtocols` | string | `'SMB'` | `[NFS, SMB]` | The authentication protocol that is used for the file share. Can only be specified when creating a share. | -| `fileServicesName` | string | `'default'` | | The name of the file service | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `rootSquash` | string | `'NoRootSquash'` | `[AllSquash, NoRootSquash, RootSquash]` | Permissions for NFS file shares are enforced by the client OS rather than the Azure Files service. Toggling the root squash behavior reduces the rights of the root user for NFS shares. | | `sharedQuota` | int | `5120` | | The maximum size of the share, in gigabytes. Must be greater than 0, and less than or equal to 5TB (5120). For Large File Shares, the maximum size is 102400. | @@ -64,6 +68,6 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed file share | -| `resourceGroupName` | string | The resource group of the deployed file share | -| `resourceId` | string | The resource ID of the deployed file share | +| `name` | string | The name of the deployed file share. | +| `resourceGroupName` | string | The resource group of the deployed file share. | +| `resourceId` | string | The resource ID of the deployed file share. | diff --git a/arm/Microsoft.Storage/storageAccounts/managementPolicies/deploy.bicep b/arm/Microsoft.Storage/storageAccounts/managementPolicies/deploy.bicep index 5d2c4dbe5f..38abc2d7a1 100644 --- a/arm/Microsoft.Storage/storageAccounts/managementPolicies/deploy.bicep +++ b/arm/Microsoft.Storage/storageAccounts/managementPolicies/deploy.bicep @@ -1,11 +1,11 @@ @maxLength(24) -@description('Required. Name of the Storage Account.') +@description('Conditional. Name of the Storage Account. Required if the template is used in a standalone deployment.') param storageAccountName string -@description('Optional. The name of the storage container to deploy') +@description('Optional. The name of the storage container to deploy.') param name string = 'default' -@description('Required. The Storage Account ManagementPolicies Rules') +@description('Required. The Storage Account ManagementPolicies Rules.') param rules array @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -38,11 +38,11 @@ resource managementPolicy 'Microsoft.Storage/storageAccounts/managementPolicies@ } } -@description('The resource ID of the deployed management policy') +@description('The resource ID of the deployed management policy.') output resourceId string = managementPolicy.name -@description('The name of the deployed management policy') +@description('The name of the deployed management policy.') output name string = managementPolicy.name -@description('The resource group of the deployed management policy') +@description('The resource group of the deployed management policy.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Storage/storageAccounts/managementPolicies/readme.md b/arm/Microsoft.Storage/storageAccounts/managementPolicies/readme.md index 4019813885..425b161759 100644 --- a/arm/Microsoft.Storage/storageAccounts/managementPolicies/readme.md +++ b/arm/Microsoft.Storage/storageAccounts/managementPolicies/readme.md @@ -19,14 +19,18 @@ This module can be used to deploy a management policies into a storage account. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `rules` | array | The Storage Account ManagementPolicies Rules | -| `storageAccountName` | string | Name of the Storage Account. | +| `rules` | array | The Storage Account ManagementPolicies Rules. | + +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `storageAccountName` | string | Name of the Storage Account. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `'default'` | The name of the storage container to deploy | +| `name` | string | `'default'` | The name of the storage container to deploy. | ### Parameter Usage: `rules` @@ -67,6 +71,6 @@ This module can be used to deploy a management policies into a storage account. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed management policy | -| `resourceGroupName` | string | The resource group of the deployed management policy | -| `resourceId` | string | The resource ID of the deployed management policy | +| `name` | string | The name of the deployed management policy. | +| `resourceGroupName` | string | The resource group of the deployed management policy. | +| `resourceId` | string | The resource ID of the deployed management policy. | diff --git a/arm/Microsoft.Storage/storageAccounts/queueServices/deploy.bicep b/arm/Microsoft.Storage/storageAccounts/queueServices/deploy.bicep index a9f796e3b1..6678c041f5 100644 --- a/arm/Microsoft.Storage/storageAccounts/queueServices/deploy.bicep +++ b/arm/Microsoft.Storage/storageAccounts/queueServices/deploy.bicep @@ -1,8 +1,8 @@ @maxLength(24) -@description('Required. Name of the Storage Account.') +@description('Conditional. Name of the Storage Account. Required if the template is used in a standalone deployment.') param storageAccountName string -@description('Optional. The name of the queue service') +@description('Optional. The name of the queue service.') param name string = 'default' @description('Optional. Queues to create.') @@ -117,11 +117,11 @@ module queueServices_queues 'queues/deploy.bicep' = [for (queue, index) in queue } }] -@description('The name of the deployed file share service') +@description('The name of the deployed file share service.') output name string = queueServices.name -@description('The resource ID of the deployed file share service') +@description('The resource ID of the deployed file share service.') output resourceId string = queueServices.id -@description('The resource group of the deployed file share service') +@description('The resource group of the deployed file share service.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Storage/storageAccounts/queueServices/queues/deploy.bicep b/arm/Microsoft.Storage/storageAccounts/queueServices/queues/deploy.bicep index 20d60bedf7..911bed91fc 100644 --- a/arm/Microsoft.Storage/storageAccounts/queueServices/queues/deploy.bicep +++ b/arm/Microsoft.Storage/storageAccounts/queueServices/queues/deploy.bicep @@ -1,17 +1,17 @@ @maxLength(24) -@description('Required. Name of the Storage Account.') +@description('Conditional. Name of the Storage Account. Required if the template is used in a standalone deployment.') param storageAccountName string -@description('Optional. The name of the queue service') +@description('Conditional. The name of the parent queue service. Required if the template is used in a standalone deployment.') param queueServicesName string = 'default' -@description('Required. The name of the storage queue to deploy') +@description('Required. The name of the storage queue to deploy.') param name string @description('Required. A name-value pair that represents queue metadata.') param metadata object = {} -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') @@ -56,11 +56,11 @@ module queue_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in r } }] -@description('The name of the deployed queue') +@description('The name of the deployed queue.') output name string = queue.name -@description('The resource ID of the deployed queue') +@description('The resource ID of the deployed queue.') output resourceId string = queue.id -@description('The resource group of the deployed queue') +@description('The resource group of the deployed queue.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Storage/storageAccounts/queueServices/queues/readme.md b/arm/Microsoft.Storage/storageAccounts/queueServices/queues/readme.md index af1258886c..564d83a872 100644 --- a/arm/Microsoft.Storage/storageAccounts/queueServices/queues/readme.md +++ b/arm/Microsoft.Storage/storageAccounts/queueServices/queues/readme.md @@ -21,15 +21,19 @@ This module deploys a storage account queue | Parameter Name | Type | Description | | :-- | :-- | :-- | | `metadata` | object | A name-value pair that represents queue metadata. | -| `name` | string | The name of the storage queue to deploy | -| `storageAccountName` | string | Name of the Storage Account. | +| `name` | string | The name of the storage queue to deploy. | + +**Conditional parameters** +| Parameter Name | Type | Default Value | Description | +| :-- | :-- | :-- | :-- | +| `queueServicesName` | string | `'default'` | The name of the parent queue service. Required if the template is used in a standalone deployment. | +| `storageAccountName` | string | | Name of the Storage Account. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `queueServicesName` | string | `'default'` | The name of the queue service | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | ### Parameter Usage: `roleAssignments` @@ -62,6 +66,6 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed queue | -| `resourceGroupName` | string | The resource group of the deployed queue | -| `resourceId` | string | The resource ID of the deployed queue | +| `name` | string | The name of the deployed queue. | +| `resourceGroupName` | string | The resource group of the deployed queue. | +| `resourceId` | string | The resource ID of the deployed queue. | diff --git a/arm/Microsoft.Storage/storageAccounts/queueServices/readme.md b/arm/Microsoft.Storage/storageAccounts/queueServices/readme.md index 06d0e8b9b1..1b30175b94 100644 --- a/arm/Microsoft.Storage/storageAccounts/queueServices/readme.md +++ b/arm/Microsoft.Storage/storageAccounts/queueServices/readme.md @@ -19,10 +19,10 @@ This module can be used to deploy a file share service into a storage account. ## Parameters -**Required parameters** +**Conditional parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `storageAccountName` | string | Name of the Storage Account. | +| `storageAccountName` | string | Name of the Storage Account. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -36,7 +36,7 @@ This module can be used to deploy a file share service into a storage account. | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of a log analytics workspace. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `'default'` | | The name of the queue service | +| `name` | string | `'default'` | | The name of the queue service. | | `queues` | _[queues](queues/readme.md)_ array | `[]` | | Queues to create. | @@ -44,6 +44,6 @@ This module can be used to deploy a file share service into a storage account. | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed file share service | -| `resourceGroupName` | string | The resource group of the deployed file share service | -| `resourceId` | string | The resource ID of the deployed file share service | +| `name` | string | The name of the deployed file share service. | +| `resourceGroupName` | string | The resource group of the deployed file share service. | +| `resourceId` | string | The resource ID of the deployed file share service. | diff --git a/arm/Microsoft.Storage/storageAccounts/readme.md b/arm/Microsoft.Storage/storageAccounts/readme.md index 3f7567b9fa..ec6146af84 100644 --- a/arm/Microsoft.Storage/storageAccounts/readme.md +++ b/arm/Microsoft.Storage/storageAccounts/readme.md @@ -37,7 +37,7 @@ This module is used to deploy a storage account, with the ability to deploy 1 or | :-- | :-- | :-- | :-- | :-- | | `allowBlobPublicAccess` | bool | `False` | | Indicates whether public access is enabled for all blobs or containers in the storage account. For security reasons, it is recommended to set it to false. | | `azureFilesIdentityBasedAuthentication` | object | `{object}` | | Provides the identity based authentication settings for Azure Files. | -| `blobServices` | _[blobServices](blobServices/readme.md)_ object | `{object}` | | Blob service and containers to deploy | +| `blobServices` | _[blobServices](blobServices/readme.md)_ object | `{object}` | | Blob service and containers to deploy. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | @@ -46,19 +46,19 @@ This module is used to deploy a storage account, with the ability to deploy 1 or | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `enableHierarchicalNamespace` | bool | `False` | | If true, enables Hierarchical Namespace for the storage account | -| `fileServices` | _[fileServices](fileServices/readme.md)_ object | `{object}` | | File service and shares to deploy | +| `enableHierarchicalNamespace` | bool | `False` | | If true, enables Hierarchical Namespace for the storage account. | +| `fileServices` | _[fileServices](fileServices/readme.md)_ object | `{object}` | | File service and shares to deploy. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `managementPolicyRules` | array | `[]` | | The Storage Account ManagementPolicies Rules. | | `minimumTlsVersion` | string | `'TLS1_2'` | `[TLS1_0, TLS1_1, TLS1_2]` | Set the minimum TLS version on request to storage. | | `name` | string | `''` | | Name of the Storage Account. Autogenerated with a unique string if not provided. | -| `networkAcls` | object | `{object}` | | Networks ACLs, this value contains IPs to whitelist and/or Subnet information. For security reasons, it is recommended to set the DefaultAction Deny | -| `privateEndpoints` | array | `[]` | | Configuration Details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible | +| `networkAcls` | object | `{object}` | | Networks ACLs, this value contains IPs to whitelist and/or Subnet information. For security reasons, it is recommended to set the DefaultAction Deny. | +| `privateEndpoints` | array | `[]` | | Configuration Details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible. | | `publicNetworkAccess` | string | `'Enabled'` | `[Enabled, Disabled]` | Enable or disallow public network access to Storage Account.. | | `queueServices` | _[queueServices](queueServices/readme.md)_ object | `{object}` | | Queue service and queues to create. | | `requireInfrastructureEncryption` | bool | `True` | | A boolean indicating whether or not the service applies a secondary layer of encryption with platform managed keys for data at rest. For security reasons, it is recommended to set it to true. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `storageAccountAccessTier` | string | `'Hot'` | `[Hot, Cool]` | Storage Account Access Tier. | | `storageAccountKind` | string | `'StorageV2'` | `[Storage, StorageV2, BlobStorage, FileStorage, BlockBlobStorage]` | Type of Storage Account to create. | | `storageAccountSku` | string | `'Standard_GRS'` | `[Standard_LRS, Standard_GRS, Standard_RAGRS, Standard_ZRS, Premium_LRS, Premium_ZRS, Standard_GZRS, Standard_RAGZRS]` | Storage Account Sku Name. | @@ -192,10 +192,10 @@ You can specify multiple user assigned identities to a resource by providing add | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed storage account | +| `name` | string | The name of the deployed storage account. | | `primaryBlobEndpoint` | string | The primary blob endpoint reference if blob services are deployed. | -| `resourceGroupName` | string | The resource group of the deployed storage account | -| `resourceId` | string | The resource ID of the deployed storage account | +| `resourceGroupName` | string | The resource group of the deployed storage account. | +| `resourceId` | string | The resource ID of the deployed storage account. | | `systemAssignedPrincipalId` | string | The principal ID of the system assigned identity. | ## Considerations diff --git a/arm/Microsoft.Storage/storageAccounts/tableServices/deploy.bicep b/arm/Microsoft.Storage/storageAccounts/tableServices/deploy.bicep index 580142ebf0..f00d3dc348 100644 --- a/arm/Microsoft.Storage/storageAccounts/tableServices/deploy.bicep +++ b/arm/Microsoft.Storage/storageAccounts/tableServices/deploy.bicep @@ -1,8 +1,8 @@ @maxLength(24) -@description('Required. Name of the Storage Account.') +@description('Conditional. Name of the Storage Account. Required if the template is used in a standalone deployment.') param storageAccountName string -@description('Optional. The name of the table service') +@description('Optional. The name of the table service.') param name string = 'default' @description('Optional. tables to create.') @@ -115,11 +115,11 @@ module tableServices_tables 'tables/deploy.bicep' = [for (tableName, index) in t } }] -@description('The name of the deployed table service') +@description('The name of the deployed table service.') output name string = tableServices.name -@description('The resource ID of the deployed table service') +@description('The resource ID of the deployed table service.') output resourceId string = tableServices.id -@description('The resource group of the deployed table service') +@description('The resource group of the deployed table service.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Storage/storageAccounts/tableServices/readme.md b/arm/Microsoft.Storage/storageAccounts/tableServices/readme.md index a8b1b129ec..0dc4f8ba02 100644 --- a/arm/Microsoft.Storage/storageAccounts/tableServices/readme.md +++ b/arm/Microsoft.Storage/storageAccounts/tableServices/readme.md @@ -18,10 +18,10 @@ This module deploys a storage account table service ## Parameters -**Required parameters** +**Conditional parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `storageAccountName` | string | Name of the Storage Account. | +| `storageAccountName` | string | Name of the Storage Account. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -35,7 +35,7 @@ This module deploys a storage account table service | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of a log analytics workspace. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `name` | string | `'default'` | | The name of the table service | +| `name` | string | `'default'` | | The name of the table service. | | `tables` | _[tables](tables/readme.md)_ array | `[]` | | tables to create. | @@ -43,6 +43,6 @@ This module deploys a storage account table service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed table service | -| `resourceGroupName` | string | The resource group of the deployed table service | -| `resourceId` | string | The resource ID of the deployed table service | +| `name` | string | The name of the deployed table service. | +| `resourceGroupName` | string | The resource group of the deployed table service. | +| `resourceId` | string | The resource ID of the deployed table service. | diff --git a/arm/Microsoft.Storage/storageAccounts/tableServices/tables/deploy.bicep b/arm/Microsoft.Storage/storageAccounts/tableServices/tables/deploy.bicep index 04a702ed56..896ebe5f07 100644 --- a/arm/Microsoft.Storage/storageAccounts/tableServices/tables/deploy.bicep +++ b/arm/Microsoft.Storage/storageAccounts/tableServices/tables/deploy.bicep @@ -1,8 +1,8 @@ @maxLength(24) -@description('Required. Name of the Storage Account.') +@description('Conditional. Name of the Storage Account. Required if the template is used in a standalone deployment.') param storageAccountName string -@description('Optional. The name of the table service') +@description('Conditional. The name of the parent table service. Required if the template is used in a standalone deployment.') param tableServicesName string = 'default' @description('Required. Name of the table.') @@ -36,11 +36,11 @@ resource table 'Microsoft.Storage/storageAccounts/tableServices/tables@2021-06-0 parent: storageAccount::tableServices } -@description('The name of the deployed file share service') +@description('The name of the deployed file share service.') output name string = table.name -@description('The resource ID of the deployed file share service') +@description('The resource ID of the deployed file share service.') output resourceId string = table.id -@description('The resource group of the deployed file share service') +@description('The resource group of the deployed file share service.') output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Storage/storageAccounts/tableServices/tables/readme.md b/arm/Microsoft.Storage/storageAccounts/tableServices/tables/readme.md index 1c26ceaf39..c7f66335f6 100644 --- a/arm/Microsoft.Storage/storageAccounts/tableServices/tables/readme.md +++ b/arm/Microsoft.Storage/storageAccounts/tableServices/tables/readme.md @@ -20,19 +20,23 @@ This module deploys a storage account table | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | Name of the table. | -| `storageAccountName` | string | Name of the Storage Account. | + +**Conditional parameters** +| Parameter Name | Type | Default Value | Description | +| :-- | :-- | :-- | :-- | +| `storageAccountName` | string | | Name of the Storage Account. Required if the template is used in a standalone deployment. | +| `tableServicesName` | string | `'default'` | The name of the parent table service. Required if the template is used in a standalone deployment. | **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | -| `tableServicesName` | string | `'default'` | The name of the table service | ## Outputs | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the deployed file share service | -| `resourceGroupName` | string | The resource group of the deployed file share service | -| `resourceId` | string | The resource ID of the deployed file share service | +| `name` | string | The name of the deployed file share service. | +| `resourceGroupName` | string | The resource group of the deployed file share service. | +| `resourceId` | string | The resource ID of the deployed file share service. | diff --git a/arm/Microsoft.Synapse/privateLinkHubs/deploy.bicep b/arm/Microsoft.Synapse/privateLinkHubs/deploy.bicep index 8aca7e8ff5..0fc250d813 100644 --- a/arm/Microsoft.Synapse/privateLinkHubs/deploy.bicep +++ b/arm/Microsoft.Synapse/privateLinkHubs/deploy.bicep @@ -18,7 +18,7 @@ param lock string = 'NotSpecified' @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Configuration Details for private endpoints.') diff --git a/arm/Microsoft.Synapse/privateLinkHubs/readme.md b/arm/Microsoft.Synapse/privateLinkHubs/readme.md index e8ed6901d8..bcab729a4e 100644 --- a/arm/Microsoft.Synapse/privateLinkHubs/readme.md +++ b/arm/Microsoft.Synapse/privateLinkHubs/readme.md @@ -32,7 +32,7 @@ This module deploys Azure Synapse Analytics (private link hubs). | `location` | string | `[resourceGroup().location]` | | The geo-location where the resource lives. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `privateEndpoints` | array | `[]` | | Configuration Details for private endpoints. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the resource. | diff --git a/arm/Microsoft.VirtualMachineImages/imageTemplates/deploy.bicep b/arm/Microsoft.VirtualMachineImages/imageTemplates/deploy.bicep index 974478571c..d47b12365a 100644 --- a/arm/Microsoft.VirtualMachineImages/imageTemplates/deploy.bicep +++ b/arm/Microsoft.VirtualMachineImages/imageTemplates/deploy.bicep @@ -10,7 +10,7 @@ param userMsiResourceGroup string = resourceGroup().name @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Image build timeout in minutes. Allowed values: 0-960. 0 means the default 240 minutes') +@description('Optional. Image build timeout in minutes. Allowed values: 0-960. 0 means the default 240 minutes.') @minValue(0) @maxValue(960) param buildTimeoutInMinutes int = 0 @@ -36,7 +36,7 @@ param managedImageName string = '' @description('Optional. Name of the unmanaged image that will be created in the AIB resourcegroup.') param unManagedImageName string = '' -@description('Optional. Resource ID of Shared Image Gallery to distribute image to, e.g.: /subscriptions//resourceGroups//providers/Microsoft.Compute/galleries//images/') +@description('Optional. Resource ID of Shared Image Gallery to distribute image to, e.g.: /subscriptions//resourceGroups//providers/Microsoft.Compute/galleries//images/.') param sigImageDefinitionId string = '' @description('Optional. List of the regions the image produced by this solution should be stored in the Shared Image Gallery. When left empty, the deployment\'s location will be taken as a default value.') @@ -59,7 +59,7 @@ param baseTime string = utcNow('yyyy-MM-dd-HH-mm-ss') @description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] var managedImageName_var = '${managedImageName}-${baseTime}' @@ -175,14 +175,14 @@ module imageTemplate_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, ind } }] -@description('The resource ID of the image template') +@description('The resource ID of the image template.') output resourceId string = imageTemplate.id -@description('The resource group the image template was deployed into') +@description('The resource group the image template was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the image template') +@description('The name of the image template.') output name string = imageTemplate.name -@description('The command to run in order to trigger the image build') +@description('The command to run in order to trigger the image build.') output runThisCommand string = 'Invoke-AzResourceAction -ResourceName ${imageTemplate.name} -ResourceGroupName ${resourceGroup().name} -ResourceType Microsoft.VirtualMachineImages/imageTemplates -Action Run -Force' diff --git a/arm/Microsoft.VirtualMachineImages/imageTemplates/readme.md b/arm/Microsoft.VirtualMachineImages/imageTemplates/readme.md index 5364aef83b..876b230cdb 100644 --- a/arm/Microsoft.VirtualMachineImages/imageTemplates/readme.md +++ b/arm/Microsoft.VirtualMachineImages/imageTemplates/readme.md @@ -29,15 +29,15 @@ This module deploys an image template that can be consumed by the Azure Image Bu **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | -| `buildTimeoutInMinutes` | int | `0` | | Image build timeout in minutes. Allowed values: 0-960. 0 means the default 240 minutes | +| `buildTimeoutInMinutes` | int | `0` | | Image build timeout in minutes. Allowed values: 0-960. 0 means the default 240 minutes. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `imageReplicationRegions` | array | `[]` | | List of the regions the image produced by this solution should be stored in the Shared Image Gallery. When left empty, the deployment's location will be taken as a default value. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `managedImageName` | string | `''` | | Name of the managed image that will be created in the AIB resourcegroup. | | `osDiskSizeGB` | int | `128` | | Specifies the size of OS disk. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | -| `sigImageDefinitionId` | string | `''` | | Resource ID of Shared Image Gallery to distribute image to, e.g.: /subscriptions//resourceGroups//providers/Microsoft.Compute/galleries//images/ | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| `sigImageDefinitionId` | string | `''` | | Resource ID of Shared Image Gallery to distribute image to, e.g.: /subscriptions//resourceGroups//providers/Microsoft.Compute/galleries//images/. | | `subnetId` | string | `''` | | Resource ID of an already existing subnet, e.g. '/subscriptions//resourceGroups//providers/Microsoft.Network/virtualNetworks//subnets/'. If no value is provided, a new VNET will be created in the target Resource Group. | | `tags` | object | `{object}` | | Tags of the resource. | | `unManagedImageName` | string | `''` | | Name of the unmanaged image that will be created in the AIB resourcegroup. | @@ -131,7 +131,7 @@ Create a role assignment for the given resource. If you want to assign a service | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the image template | -| `resourceGroupName` | string | The resource group the image template was deployed into | -| `resourceId` | string | The resource ID of the image template | -| `runThisCommand` | string | The command to run in order to trigger the image build | +| `name` | string | The name of the image template. | +| `resourceGroupName` | string | The resource group the image template was deployed into. | +| `resourceId` | string | The resource ID of the image template. | +| `runThisCommand` | string | The command to run in order to trigger the image build. | diff --git a/arm/Microsoft.Web/connections/deploy.bicep b/arm/Microsoft.Web/connections/deploy.bicep index 879ac65608..2e7a933f19 100644 --- a/arm/Microsoft.Web/connections/deploy.bicep +++ b/arm/Microsoft.Web/connections/deploy.bicep @@ -102,11 +102,11 @@ module connection_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) } }] -@description('The resource ID of the connection') +@description('The resource ID of the connection.') output resourceId string = connection.id -@description('The resource group the connection was deployed into') +@description('The resource group the connection was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the connection') +@description('The name of the connection.') output name string = connection.name diff --git a/arm/Microsoft.Web/connections/readme.md b/arm/Microsoft.Web/connections/readme.md index d31f760f00..686bb2a38e 100644 --- a/arm/Microsoft.Web/connections/readme.md +++ b/arm/Microsoft.Web/connections/readme.md @@ -141,6 +141,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the connection | -| `resourceGroupName` | string | The resource group the connection was deployed into | -| `resourceId` | string | The resource ID of the connection | +| `name` | string | The name of the connection. | +| `resourceGroupName` | string | The resource group the connection was deployed into. | +| `resourceId` | string | The resource ID of the connection. | diff --git a/arm/Microsoft.Web/hostingEnvironments/deploy.bicep b/arm/Microsoft.Web/hostingEnvironments/deploy.bicep index b9f90d86bf..e0c57ad27d 100644 --- a/arm/Microsoft.Web/hostingEnvironments/deploy.bicep +++ b/arm/Microsoft.Web/hostingEnvironments/deploy.bicep @@ -1,4 +1,4 @@ -@description('Required. Name of the App Service Environment') +@description('Required. Name of the App Service Environment.') @minLength(1) param name string @@ -8,10 +8,10 @@ param location string = resourceGroup().location @description('Optional. Kind of resource.') param kind string = 'ASEV2' -@description('Required. ResourceId for the sub net') +@description('Required. ResourceId for the sub net.') param subnetResourceId string -@description('Optional. Specifies which endpoints to serve internally in the Virtual Network for the App Service Environment. - None, Web, Publishing, Web,Publishing') +@description('Optional. Specifies which endpoints to serve internally in the Virtual Network for the App Service Environment. - None, Web, Publishing, Web,Publishing.') @allowed([ 'None' 'Web' @@ -19,7 +19,7 @@ param subnetResourceId string ]) param internalLoadBalancingMode string = 'None' -@description('Optional. Frontend VM size, e.g. Medium, Large') +@description('Optional. Frontend VM size, e.g. Medium, Large.') @allowed([ 'Medium' 'Large' @@ -61,13 +61,13 @@ param suspended bool = false @description('Optional. True/false indicating whether the App Service Environment is suspended. The environment can be suspended e.g. when the management endpoint is no longer available(most likely because NSG blocked the incoming traffic).') param dynamicCacheEnabled bool = false -@description('Optional. User added ip ranges to whitelist on ASE db - string') +@description('Optional. User added ip ranges to whitelist on ASE db - string.') param userWhitelistedIpRanges array = [] -@description('Optional. Flag that displays whether an ASE has linux workers or not') +@description('Optional. Flag that displays whether an ASE has linux workers or not.') param hasLinuxWorkers bool = false -@description('Optional. Custom settings for changing the behavior of the App Service Environment') +@description('Optional. Custom settings for changing the behavior of the App Service Environment.') param clusterSettings array = [] @description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') @@ -95,7 +95,7 @@ param diagnosticEventHubName string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Resource tags.') @@ -199,11 +199,11 @@ module appServiceEnvironment_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignm } }] -@description('The resource ID of the app service environment') +@description('The resource ID of the app service environment.') output resourceId string = appServiceEnvironment.id -@description('The resource group the app service environment was deployed into') +@description('The resource group the app service environment was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the app service environment') +@description('The name of the app service environment.') output name string = appServiceEnvironment.name diff --git a/arm/Microsoft.Web/hostingEnvironments/readme.md b/arm/Microsoft.Web/hostingEnvironments/readme.md index bfff0dc05b..a5aad4ccbc 100644 --- a/arm/Microsoft.Web/hostingEnvironments/readme.md +++ b/arm/Microsoft.Web/hostingEnvironments/readme.md @@ -22,14 +22,14 @@ This module deploys an app service environment. **Required parameters** | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the App Service Environment | -| `subnetResourceId` | string | ResourceId for the sub net | +| `name` | string | Name of the App Service Environment. | +| `subnetResourceId` | string | ResourceId for the sub net. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `apiManagementAccountId` | string | `''` | | API Management Account associated with the App Service Environment. | -| `clusterSettings` | array | `[]` | | Custom settings for changing the behavior of the App Service Environment | +| `clusterSettings` | array | `[]` | | Custom settings for changing the behavior of the App Service Environment. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[AppServiceEnvironmentPlatformLogs]` | `[AppServiceEnvironmentPlatformLogs]` | The name of logs that will be streamed. | @@ -41,19 +41,19 @@ This module deploys an app service environment. | `dynamicCacheEnabled` | bool | `False` | | True/false indicating whether the App Service Environment is suspended. The environment can be suspended e.g. when the management endpoint is no longer available(most likely because NSG blocked the incoming traffic). | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `frontEndScaleFactor` | int | `15` | | Scale factor for frontends. | -| `hasLinuxWorkers` | bool | `False` | | Flag that displays whether an ASE has linux workers or not | -| `internalLoadBalancingMode` | string | `'None'` | `[None, Web, Publishing]` | Specifies which endpoints to serve internally in the Virtual Network for the App Service Environment. - None, Web, Publishing, Web,Publishing | +| `hasLinuxWorkers` | bool | `False` | | Flag that displays whether an ASE has linux workers or not. | +| `internalLoadBalancingMode` | string | `'None'` | `[None, Web, Publishing]` | Specifies which endpoints to serve internally in the Virtual Network for the App Service Environment. - None, Web, Publishing, Web,Publishing. | | `ipsslAddressCount` | int | `2` | | Number of IP SSL addresses reserved for the App Service Environment. | | `kind` | string | `'ASEV2'` | | Kind of resource. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `multiRoleCount` | int | `2` | | Number of frontend instances. | -| `multiSize` | string | `'Standard_D1_V2'` | `[Medium, Large, ExtraLarge, Standard_D2, Standard_D3, Standard_D4, Standard_D1_V2, Standard_D2_V2, Standard_D3_V2, Standard_D4_V2]` | Frontend VM size, e.g. Medium, Large | +| `multiSize` | string | `'Standard_D1_V2'` | `[Medium, Large, ExtraLarge, Standard_D2, Standard_D3, Standard_D4, Standard_D1_V2, Standard_D2_V2, Standard_D3_V2, Standard_D4_V2]` | Frontend VM size, e.g. Medium, Large. | | `networkAccessControlList` | array | `[]` | | Access control list for controlling traffic to the App Service Environment.. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `suspended` | bool | `False` | | true if the App Service Environment is suspended; otherwise, false. The environment can be suspended, e.g. when the management endpoint is no longer available (most likely because NSG blocked the incoming traffic). | | `tags` | object | `{object}` | | Resource tags. | -| `userWhitelistedIpRanges` | array | `[]` | | User added ip ranges to whitelist on ASE db - string | +| `userWhitelistedIpRanges` | array | `[]` | | User added ip ranges to whitelist on ASE db - string. | | `workerPools` | array | `[]` | | Description of worker pools with worker size IDs, VM sizes, and number of workers in each pool.. | @@ -152,6 +152,6 @@ workerPools can have two properties workerSize and workerCount: | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the app service environment | -| `resourceGroupName` | string | The resource group the app service environment was deployed into | -| `resourceId` | string | The resource ID of the app service environment | +| `name` | string | The name of the app service environment. | +| `resourceGroupName` | string | The resource group the app service environment was deployed into. | +| `resourceId` | string | The resource ID of the app service environment. | diff --git a/arm/Microsoft.Web/serverfarms/deploy.bicep b/arm/Microsoft.Web/serverfarms/deploy.bicep index d02b145448..91aee2c5f0 100644 --- a/arm/Microsoft.Web/serverfarms/deploy.bicep +++ b/arm/Microsoft.Web/serverfarms/deploy.bicep @@ -50,7 +50,7 @@ param targetWorkerSize int = 0 @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') @@ -67,16 +67,16 @@ param diagnosticSettingsName string = '${name}-diagnosticSettings' @maxValue(365) param diagnosticLogsRetentionInDays int = 365 -@description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub') +@description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticStorageAccountId string = '' -@description('Optional. Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub') +@description('Optional. Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticWorkspaceId string = '' -@description('Optional. Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. ') +@description('Optional. Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to.') param diagnosticEventHubAuthorizationRuleId string = '' -@description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub') +@description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticEventHubName string = '' @description('Optional. The name of metrics that will be streamed.') @@ -172,11 +172,11 @@ module appServicePlan_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignment, in // =========== // // Outputs // // =========== // -@description('The resource group the app service plan was deployed into') +@description('The resource group the app service plan was deployed into.') output resourceGroupName string = resourceGroup().name -@description('The name of the app service plan') +@description('The name of the app service plan.') output name string = appServicePlan.name -@description('The resource ID of the app service plan') +@description('The resource ID of the app service plan.') output resourceId string = appServicePlan.id diff --git a/arm/Microsoft.Web/serverfarms/readme.md b/arm/Microsoft.Web/serverfarms/readme.md index 63409b186c..dbe9c63eb4 100644 --- a/arm/Microsoft.Web/serverfarms/readme.md +++ b/arm/Microsoft.Web/serverfarms/readme.md @@ -29,19 +29,19 @@ This module deploys an app service plan. | Parameter Name | Type | Default Value | Allowed Values | Description | | :-- | :-- | :-- | :-- | :-- | | `appServiceEnvironmentId` | string | `''` | | The Resource ID of the App Service Environment to use for the App Service Plan. | -| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | -| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub | +| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | +| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | -| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub | -| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub | +| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | +| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `maximumElasticWorkerCount` | int | `1` | | Maximum number of total workers allowed for this ElasticScaleEnabled App Service Plan. | | `perSiteScaling` | bool | `False` | | If true, apps assigned to this App Service plan can be scaled independently. If false, apps assigned to this App Service plan will scale to all instances of the plan. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `serverOS` | string | `'Windows'` | `[Windows, Linux]` | Kind of server OS. | | `tags` | object | `{object}` | | Tags of the resource. | | `targetWorkerCount` | int | `0` | | Scaling worker count. | @@ -110,6 +110,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a | Output Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the app service plan | -| `resourceGroupName` | string | The resource group the app service plan was deployed into | -| `resourceId` | string | The resource ID of the app service plan | +| `name` | string | The name of the app service plan. | +| `resourceGroupName` | string | The resource group the app service plan was deployed into. | +| `resourceId` | string | The resource ID of the app service plan. | diff --git a/arm/Microsoft.Web/sites/config-appsettings/deploy.bicep b/arm/Microsoft.Web/sites/config-appsettings/deploy.bicep index 35d98d9458..0329547679 100644 --- a/arm/Microsoft.Web/sites/config-appsettings/deploy.bicep +++ b/arm/Microsoft.Web/sites/config-appsettings/deploy.bicep @@ -1,7 +1,7 @@ // ================ // // Parameters // // ================ // -@description('Required. Name of the site parent resource.') +@description('Conditional. Name of the site parent resource. Required if the template is used in a standalone deployment.') param appName string @description('Required. Type of site to deploy.') diff --git a/arm/Microsoft.Web/sites/config-appsettings/readme.md b/arm/Microsoft.Web/sites/config-appsettings/readme.md index 996ca29112..6dda33e689 100644 --- a/arm/Microsoft.Web/sites/config-appsettings/readme.md +++ b/arm/Microsoft.Web/sites/config-appsettings/readme.md @@ -19,9 +19,13 @@ This module deploys the app settings. **Required parameters** | Parameter Name | Type | Allowed Values | Description | | :-- | :-- | :-- | :-- | -| `appName` | string | | Name of the site parent resource. | | `kind` | string | `[functionapp, functionapp,linux, app]` | Type of site to deploy. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `appName` | string | Name of the site parent resource. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | diff --git a/arm/Microsoft.Web/sites/config-authsettingsv2/deploy.bicep b/arm/Microsoft.Web/sites/config-authsettingsv2/deploy.bicep index b00c1c2fa2..cb1f6c60b0 100644 --- a/arm/Microsoft.Web/sites/config-authsettingsv2/deploy.bicep +++ b/arm/Microsoft.Web/sites/config-authsettingsv2/deploy.bicep @@ -1,7 +1,7 @@ // ================ // // Parameters // // ================ // -@description('Required. Name of the site parent resource.') +@description('Conditional. Name of the site parent resource. Required if the template is used in a standalone deployment.') param appName string @description('Required. Type of site to deploy.') diff --git a/arm/Microsoft.Web/sites/config-authsettingsv2/readme.md b/arm/Microsoft.Web/sites/config-authsettingsv2/readme.md index 04a7fcbc65..a499e6f257 100644 --- a/arm/Microsoft.Web/sites/config-authsettingsv2/readme.md +++ b/arm/Microsoft.Web/sites/config-authsettingsv2/readme.md @@ -19,10 +19,14 @@ This module deploys the auth settings v2. **Required parameters** | Parameter Name | Type | Allowed Values | Description | | :-- | :-- | :-- | :-- | -| `appName` | string | | Name of the site parent resource. | | `authSettingV2Configuration` | object | | The auth settings V2 configuration. | | `kind` | string | `[functionapp, functionapp,linux, app]` | Type of site to deploy. | +**Conditional parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `appName` | string | Name of the site parent resource. Required if the template is used in a standalone deployment. | + **Optional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | diff --git a/arm/Microsoft.Web/staticSites/deploy.bicep b/arm/Microsoft.Web/staticSites/deploy.bicep index 731c02afd0..6f9a16794c 100644 --- a/arm/Microsoft.Web/staticSites/deploy.bicep +++ b/arm/Microsoft.Web/staticSites/deploy.bicep @@ -13,7 +13,7 @@ param sku string = 'Free' @description('Optional. If config file is locked for this static web app.') param allowConfigFileUpdates bool = true -@description('Optional. Location to deploy static site. The following locations are supported: CentralUS, EastUS2, EastAsia, WestEurope, WestUS2') +@description('Optional. Location to deploy static site. The following locations are supported: CentralUS, EastUS2, EastAsia, WestEurope, WestUS2.') param location string = resourceGroup().location @allowed([ diff --git a/arm/Microsoft.Web/staticSites/readme.md b/arm/Microsoft.Web/staticSites/readme.md index ebf9723f3f..94e5c28084 100644 --- a/arm/Microsoft.Web/staticSites/readme.md +++ b/arm/Microsoft.Web/staticSites/readme.md @@ -33,7 +33,7 @@ This module deploys a Static Web Site. | `buildProperties` | object | `{object}` | | Build properties for the static site. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `enterpriseGradeCdnStatus` | string | `'Disabled'` | `[Disabled, Disabling, Enabled, Enabling]` | State indicating the status of the enterprise grade CDN serving traffic to the static web app. | -| `location` | string | `[resourceGroup().location]` | | Location to deploy static site. The following locations are supported: CentralUS, EastUS2, EastAsia, WestEurope, WestUS2 | +| `location` | string | `[resourceGroup().location]` | | Location to deploy static site. The following locations are supported: CentralUS, EastUS2, EastAsia, WestEurope, WestUS2. | | `lock` | string | `'NotSpecified'` | `[CanNotDelete, NotSpecified, ReadOnly]` | Specify the type of lock. | | `privateEndpoints` | array | `[]` | | Configuration details for private endpoints. | | `provider` | string | `'None'` | | The provider that submitted the last deployment to the primary environment of the static site. | diff --git a/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/deploy.bicep b/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/deploy.bicep index 1dd8b48aab..caaee31e61 100644 --- a/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/deploy.bicep +++ b/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/deploy.bicep @@ -1,6 +1,6 @@ targetScope = 'managementGroup' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Name of the Resource Group to assign the RBAC role to. If no Resource Group name is provided, and Subscription ID is provided, the module deploys at subscription level, therefore assigns the provided RBAC role to the subscription.') @@ -61,7 +61,7 @@ module nested_rbac_rg '.bicep/nested_rbac.bicep' = [for (roleAssignment, index) } }] -@description('The scope of the deployed role assignments') +@description('The scope of the deployed role assignments.') output roleAssignmentScope string = !empty(managementGroupId) ? nested_rbac_mg[0].outputs.roleAssignmentScope : (!empty(resourceGroupName) ? nested_rbac_rg[0].outputs.roleAssignmentScope : nested_rbac_sub[0].outputs.roleAssignmentScope) -@description('The names of the deployed role assignments') +@description('The names of the deployed role assignments.') output roleAssignments array = roleAssignments diff --git a/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/readme.md b/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/readme.md index dffa27c3bd..13ae596eb0 100644 --- a/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/readme.md +++ b/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/readme.md @@ -24,10 +24,9 @@ This module deploys Role Assignments. | `location` | string | `[deployment().location]` | Location for all resources. | | `managementGroupId` | string | `''` | Group ID of the Management Group to assign the RBAC role to. If no Subscription is provided, the module deploys at management group level, therefore assigns the provided RBAC role to the management group. | | `resourceGroupName` | string | `''` | Name of the Resource Group to assign the RBAC role to. If no Resource Group name is provided, and Subscription ID is provided, the module deploys at subscription level, therefore assigns the provided RBAC role to the subscription. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `subscriptionId` | string | `''` | Subscription ID of the subscription to assign the RBAC role to. If no Resource Group name is provided, the module deploys at subscription level, therefore assigns the provided RBAC role to the subscription. | - ### Parameter Usage: `roleAssignments` Create a role assignment for the given resource. If you want to assign a service principal / managed identity that is created in the same deployment, make sure to also specify the `'principalType'` parameter and set it to `'ServicePrincipal'`. This will ensure the role assignment waits for the principal's propagation in Azure. @@ -95,8 +94,8 @@ To deploy resource to a Resource Group, provide the `subscriptionId` and `resour | Output Name | Type | Description | | :-- | :-- | :-- | -| `roleAssignments` | array | The names of the deployed role assignments | -| `roleAssignmentScope` | string | The scope of the deployed role assignments | +| `roleAssignments` | array | The names of the deployed role assignments. | +| `roleAssignmentScope` | string | The scope of the deployed role assignments. | ## Considerations diff --git a/constructs/Microsoft.Management/managementGroup-structure/readme.md b/constructs/Microsoft.Management/managementGroup-structure/readme.md index f643efe439..7e1d41b706 100644 --- a/constructs/Microsoft.Management/managementGroup-structure/readme.md +++ b/constructs/Microsoft.Management/managementGroup-structure/readme.md @@ -58,7 +58,6 @@ Describes the Management groups to be created. Each management group is represen } ] } - ``` | Parameter Name | Type | Default Value | Possible values | Description | @@ -120,8 +119,3 @@ This template is using a **Tenant level deployment**, meaning the user/principal >> `$TopMGID = ""`
>> `New-AzRoleAssignment -ObjectId $PrincipalID -Scope "/" -RoleDefinitionName "Automation Job Operator"`
>> `New-AzRoleAssignment -ObjectId $PrincipalID -Scope "/providers/Microsoft.Management/managementGroups/$TopMGID" -RoleDefinitionName "Management Group Contributor"` - -## Additional resources - -- [Management group](https://docs.microsoft.com/en-us/azure/governance/management-groups/) -- [Managementgroups](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Management/2021-04-01/managementGroups) diff --git a/constructs/Microsoft.Network/virtualNetwork/virtualNetworkPeerings-multiRemoteVnets/deploy.bicep b/constructs/Microsoft.Network/virtualNetwork/virtualNetworkPeerings-multiRemoteVnets/deploy.bicep index 18fb9619e7..80971b71eb 100644 --- a/constructs/Microsoft.Network/virtualNetwork/virtualNetworkPeerings-multiRemoteVnets/deploy.bicep +++ b/constructs/Microsoft.Network/virtualNetwork/virtualNetworkPeerings-multiRemoteVnets/deploy.bicep @@ -33,9 +33,9 @@ module virtualNetworkPeering '../../../../arm/Microsoft.Network/virtualNetworks/ } }] -@description('The names of the deployed virtual network peerings') +@description('The names of the deployed virtual network peerings.') output virtualNetworkPeeringNames array = [for i in range(0, length(peeringConfigurations)): virtualNetworkPeering[i].name] -@description('The resource IDs of the deployed virtual network peerings') +@description('The resource IDs of the deployed virtual network peerings.') output localVirtualNetworkPeeringResourceIds array = [for peeringConfiguration in peeringConfigurations: resourceId('Microsoft.Network/virtualNetworks/virtualNetworkPeerings', localVnetName, (contains(peeringConfiguration, 'peeringName') ? peeringConfiguration.peeringName : '${localVnetName}-${last(split(peeringConfiguration.remoteVirtualNetworkId, '/'))}'))] -@description('The resource group of the deployed virtual network peerings') +@description('The resource group of the deployed virtual network peerings.') output virtualNetworkPeeringResourceGroup string = resourceGroup().name diff --git a/constructs/Microsoft.Network/virtualNetwork/virtualNetworkPeerings-multiRemoteVnets/readme.md b/constructs/Microsoft.Network/virtualNetwork/virtualNetworkPeerings-multiRemoteVnets/readme.md index ce256d28a5..82514ee7b3 100644 --- a/constructs/Microsoft.Network/virtualNetwork/virtualNetworkPeerings-multiRemoteVnets/readme.md +++ b/constructs/Microsoft.Network/virtualNetwork/virtualNetworkPeerings-multiRemoteVnets/readme.md @@ -27,7 +27,6 @@ This template deploys Virtual Network Peering. | `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `peeringConfigurations` | array | `[]` | Optional. The list of remote networks to peering peer with, including the configuration. | - ### Parameter Usage: `peeringConfigurations` Array containing multiple objects for different VNETs to peer with. @@ -51,6 +50,10 @@ Array containing multiple objects for different VNETs to peer with. | Output Name | Type | Description | | :-- | :-- | :-- | +| `localVirtualNetworkPeeringResourceIds` | array | The resource IDs of the deployed virtual network peerings. | +| `virtualNetworkPeeringNames` | array | The names of the deployed virtual network peerings. | +| `virtualNetworkPeeringResourceGroup` | string | The resource group of the deployed virtual network peerings. | | `localVirtualNetworkPeeringResourceIds` | array | The resource IDs of the deployed virtual network peerings | | `virtualNetworkPeeringNames` | array | The names of the deployed virtual network peerings | | `virtualNetworkPeeringResourceGroup` | string | The resource group of the deployed virtual network peerings | +