From 85423584e35b7239b5de9e26532c0e38b7883432 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 1 Jul 2022 13:54:33 +0200 Subject: [PATCH 01/38] Updated Readme Deployment Example Title + Bicep/JSON order --- .../Microsoft.AAD/DomainServices/readme.md | 77 +- .../servers/readme.md | 143 ++-- .../Microsoft.ApiManagement/service/readme.md | 365 +++++---- .../configurationStores/readme.md | 122 +-- .../Microsoft.Authorization/locks/readme.md | 37 +- .../policyAssignments/readme.md | 234 +++--- .../policyDefinitions/readme.md | 256 +++--- .../policyExemptions/readme.md | 114 +-- .../policySetDefinitions/readme.md | 210 ++--- .../roleAssignments/readme.md | 88 +- .../roleDefinitions/readme.md | 192 ++--- .../automationAccounts/readme.md | 371 ++++----- .../Microsoft.Batch/batchAccounts/readme.md | 62 +- .../accounts/readme.md | 160 ++-- .../availabilitySets/readme.md | 60 +- .../diskEncryptionSets/readme.md | 53 +- modules/Microsoft.Compute/disks/readme.md | 100 +-- modules/Microsoft.Compute/galleries/readme.md | 128 +-- modules/Microsoft.Compute/images/readme.md | 61 +- .../proximityPlacementGroups/readme.md | 51 +- .../virtualMachineScaleSets/readme.md | 470 +++++------ .../virtualMachines/readme.md | 658 +++++++-------- .../Microsoft.Consumption/budgets/readme.md | 53 +- .../containerGroups/readme.md | 67 +- .../registries/readme.md | 147 ++-- .../managedClusters/readme.md | 228 +++--- .../Microsoft.DataFactory/factories/readme.md | 95 +-- .../backupVaults/readme.md | 166 ++-- .../Microsoft.Databricks/workspaces/readme.md | 61 +- .../applicationgroups/readme.md | 114 +-- .../hostpools/readme.md | 111 +-- .../scalingplans/readme.md | 33 +- .../workspaces/readme.md | 73 +- .../databaseAccounts/readme.md | 515 ++++++------ .../systemTopics/readme.md | 72 +- modules/Microsoft.EventGrid/topics/readme.md | 73 +- .../Microsoft.EventHub/namespaces/readme.md | 260 +++--- .../Microsoft.HealthBot/healthBots/readme.md | 51 +- .../Microsoft.Insights/actionGroups/readme.md | 89 +- .../activityLogAlerts/readme.md | 93 +-- .../Microsoft.Insights/components/readme.md | 51 +- .../diagnosticSettings/readme.md | 43 +- .../Microsoft.Insights/metricAlerts/readme.md | 85 +- .../privateLinkScopes/readme.md | 75 +- .../scheduledQueryRules/readme.md | 121 +-- modules/Microsoft.KeyVault/vaults/readme.md | 232 +++--- .../extensions/readme.md | 62 +- .../fluxConfigurations/readme.md | 84 +- modules/Microsoft.Logic/workflows/readme.md | 127 +-- .../workspaces/readme.md | 170 ++-- .../userAssignedIdentities/readme.md | 51 +- .../registrationDefinitions/readme.md | 80 +- .../managementGroups/readme.md | 37 +- .../Microsoft.NetApp/netAppAccounts/readme.md | 243 +++--- .../applicationGateways/readme.md | 771 +++++++++--------- .../applicationSecurityGroups/readme.md | 51 +- .../azureFirewalls/readme.md | 322 ++++---- .../Microsoft.Network/bastionHosts/readme.md | 154 ++-- .../Microsoft.Network/connections/readme.md | 65 +- .../ddosProtectionPlans/readme.md | 51 +- .../expressRouteCircuits/readme.md | 71 +- .../firewallPolicies/readme.md | 116 +-- .../Microsoft.Network/frontDoors/readme.md | 213 ++--- modules/Microsoft.Network/ipGroups/readme.md | 59 +- .../Microsoft.Network/loadBalancers/readme.md | 365 +++++---- .../localNetworkGateways/readme.md | 63 +- .../Microsoft.Network/natGateways/readme.md | 63 +- .../networkInterfaces/readme.md | 100 +-- .../networkSecurityGroups/readme.md | 196 ++--- .../networkWatchers/readme.md | 194 ++--- .../privateDnsZones/readme.md | 374 ++++----- .../privateEndpoints/readme.md | 82 +- .../publicIPAddresses/readme.md | 75 +- .../publicIPPrefixes/readme.md | 53 +- .../Microsoft.Network/routeTables/readme.md | 71 +- .../trafficmanagerprofiles/readme.md | 63 +- .../Microsoft.Network/virtualHubs/readme.md | 100 +-- .../virtualNetworkGateways/readme.md | 114 +-- .../virtualNetworks/readme.md | 205 ++--- .../Microsoft.Network/virtualWans/readme.md | 66 +- .../Microsoft.Network/vpnGateways/readme.md | 140 ++-- modules/Microsoft.Network/vpnSites/readme.md | 156 ++-- .../workspaces/readme.md | 304 +++---- .../solutions/readme.md | 57 +- .../vaults/readme.md | 647 +++++++-------- .../deploymentScripts/readme.md | 68 +- .../resourceGroups/readme.md | 57 +- modules/Microsoft.Resources/tags/readme.md | 57 +- .../azureSecurityCenter/readme.md | 47 +- .../Microsoft.ServiceBus/namespaces/readme.md | 280 +++---- .../clusters/readme.md | 391 ++++----- .../Microsoft.Sql/managedInstances/readme.md | 185 ++--- modules/Microsoft.Sql/servers/readme.md | 190 ++--- .../fileServices/shares/readme.md | 2 +- .../storageAccounts/readme.md | 379 ++++----- .../privateLinkHubs/readme.md | 82 +- .../imageTemplates/readme.md | 97 +-- modules/Microsoft.Web/connections/readme.md | 59 +- .../hostingEnvironments/readme.md | 102 +-- modules/Microsoft.Web/serverfarms/readme.md | 75 +- modules/Microsoft.Web/sites/readme.md | 324 ++++---- modules/Microsoft.Web/staticSites/readme.md | 86 +- utilities/tools/Set-ModuleReadMe.ps1 | 45 +- 103 files changed, 7939 insertions(+), 7722 deletions(-) diff --git a/modules/Microsoft.AAD/DomainServices/readme.md b/modules/Microsoft.AAD/DomainServices/readme.md index 3983b63fe0..9d36652fff 100644 --- a/modules/Microsoft.AAD/DomainServices/readme.md +++ b/modules/Microsoft.AAD/DomainServices/readme.md @@ -207,7 +207,45 @@ $pfxCertificate = [System.Convert]::ToBase64String($rawCertByteStream) ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { + name: 'adp-<>-az-kv-x-001' + scope: resourceGroup('<>','validation-rg') +} + +module DomainServices './Microsoft.AAD/DomainServices/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-DomainServices' + params: { + domainName: '<>.onmicrosoft.com' + sku: 'Standard' + lock: 'CanNotDelete' + replicaSets: [ + { + location: 'WestEurope' + subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-aadds-001/subnets/AADDSSubnet' + } + ] + pfxCertificate: kv1.getSecret('pfxBase64Certificate') + pfxCertificatePassword: kv1.getSecret('pfxCertificatePassword') + additionalRecipients: [ + '<>@noreply.github.com' + ] + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } +} +``` + +
+

@@ -272,42 +310,5 @@ $pfxCertificate = [System.Convert]::ToBase64String($rawCertByteStream) } ``` -
- -
- -via Bicep module - -```bicep -resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { - name: 'adp-<>-az-kv-x-001' - scope: resourceGroup('<>','validation-rg') -} - -module DomainServices './Microsoft.AAD/DomainServices/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-DomainServices' - params: { - domainName: '<>.onmicrosoft.com' - sku: 'Standard' - lock: 'CanNotDelete' - replicaSets: [ - { - location: 'WestEurope' - subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-aadds-001/subnets/AADDSSubnet' - } - ] - pfxCertificate: kv1.getSecret('pfxBase64Certificate') - pfxCertificatePassword: kv1.getSecret('pfxCertificatePassword') - additionalRecipients: [ - '<>@noreply.github.com' - ] - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.AnalysisServices/servers/readme.md b/modules/Microsoft.AnalysisServices/servers/readme.md index a5e08d351a..b28d5174cf 100644 --- a/modules/Microsoft.AnalysisServices/servers/readme.md +++ b/modules/Microsoft.AnalysisServices/servers/readme.md @@ -157,7 +157,56 @@ roleAssignments: [ ## Deployment examples -

Example 1

+

Example 1: Max

+ +
+ +via Bicep module + +```bicep +module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-servers' + params: { + name: '<>azasweumax001' + lock: 'CanNotDelete' + skuName: 'S0' + skuCapacity: 1 + firewallSettings: { + firewallRules: [ + { + firewallRuleName: 'AllowFromAll' + rangeStart: '0.0.0.0' + rangeEnd: '255.255.255.255' + } + ] + enablePowerBIService: true + } + diagnosticLogsRetentionInDays: 365 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogCategoriesToEnable: [ + 'Engine' + 'Service' + ] + diagnosticMetricsToEnable: [ + 'AllMetrics' + ] + } +} +``` + +
+

@@ -233,6 +282,9 @@ roleAssignments: [ ```
+

+ +

Example 2: Min

@@ -242,40 +294,7 @@ roleAssignments: [ module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-servers' params: { - name: '<>azasweumax001' - lock: 'CanNotDelete' - skuName: 'S0' - skuCapacity: 1 - firewallSettings: { - firewallRules: [ - { - firewallRuleName: 'AllowFromAll' - rangeStart: '0.0.0.0' - rangeEnd: '255.255.255.255' - } - ] - enablePowerBIService: true - } - diagnosticLogsRetentionInDays: 365 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogCategoriesToEnable: [ - 'Engine' - 'Service' - ] - diagnosticMetricsToEnable: [ - 'AllMetrics' - ] + name: '<>azasweumin001' } } ``` @@ -283,8 +302,6 @@ module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -302,6 +319,9 @@ module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { ```
+

+ +

Example 3: Parameters

@@ -311,7 +331,22 @@ module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-servers' params: { - name: '<>azasweumin001' + name: '<>azasweux001' + lock: 'CanNotDelete' + skuName: 'S0' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -319,8 +354,6 @@ module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -368,35 +401,5 @@ module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-servers' - params: { - name: '<>azasweux001' - lock: 'CanNotDelete' - skuName: 'S0' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.ApiManagement/service/readme.md b/modules/Microsoft.ApiManagement/service/readme.md index c6734912af..abe64c7dd9 100644 --- a/modules/Microsoft.ApiManagement/service/readme.md +++ b/modules/Microsoft.ApiManagement/service/readme.md @@ -268,7 +268,149 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Max

+ +
+ +via Bicep module + +```bicep +module service './Microsoft.ApiManagement/service/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-service' + params: { + name: '<>-az-apim-max-001' + lock: 'CanNotDelete' + publisherEmail: 'apimgmt-noreply@mail.windowsazure.com' + publisherName: '<>-az-amorg-x-001' + apis: [ + { + name: 'echo-api' + displayName: 'Echo API' + path: 'echo' + serviceUrl: 'http://echoapi.cloudapp.net/api' + apiVersionSet: { + name: 'echo-version-set' + properties: { + description: 'echo-version-set' + displayName: 'echo-version-set' + versioningScheme: 'Segment' + } + } + } + ] + authorizationServers: [ + { + name: 'AuthServer1' + authorizationEndpoint: 'https://login.microsoftonline.com/651b43ce-ccb8-4301-b551-b04dd872d401/oauth2/v2.0/authorize' + grantTypes: [ + 'authorizationCode' + ] + clientCredentialsKeyVaultId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + clientIdSecretName: 'apimclientid' + clientSecretSecretName: 'apimclientsecret' + clientRegistrationEndpoint: 'http://localhost' + tokenEndpoint: 'https://login.microsoftonline.com/651b43ce-ccb8-4301-b551-b04dd872d401/oauth2/v2.0/token' + } + ] + backends: [ + { + name: 'backend' + url: 'http://echoapi.cloudapp.net/api' + tls: { + validateCertificateChain: false + validateCertificateName: false + } + } + ] + caches: [ + { + name: 'westeurope' + connectionString: 'connectionstringtest' + useFromLocation: 'westeurope' + } + ] + identityProviders: [ + { + name: 'aadProvider' + } + ] + namedValues: [ + { + name: 'apimkey' + displayName: 'apimkey' + secret: true + } + ] + policies: [ + { + value: ' ' + format: 'xml' + } + ] + portalSettings: [ + { + name: 'signin' + properties: { + enabled: false + } + } + { + name: 'signup' + properties: { + enabled: false + termsOfService: { + enabled: false + consentRequired: false + } + } + } + ] + products: [ + { + name: 'Starter' + subscriptionRequired: false + approvalRequired: false + apis: [ + { + name: 'echo-api' + } + ] + groups: [ + { + name: 'developers' + } + ] + } + ] + subscriptions: [ + { + scope: '/apis' + name: 'testArmSubscriptionAllApis' + } + ] + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } +} +``` + +
+

@@ -455,6 +597,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Min

@@ -464,133 +609,9 @@ userAssignedIdentities: { module service './Microsoft.ApiManagement/service/deploy.bicep' = { name: '${uniqueString(deployment().name)}-service' params: { - name: '<>-az-apim-max-001' - lock: 'CanNotDelete' + name: '<>-az-apim-min-001' publisherEmail: 'apimgmt-noreply@mail.windowsazure.com' publisherName: '<>-az-amorg-x-001' - apis: [ - { - name: 'echo-api' - displayName: 'Echo API' - path: 'echo' - serviceUrl: 'http://echoapi.cloudapp.net/api' - apiVersionSet: { - name: 'echo-version-set' - properties: { - description: 'echo-version-set' - displayName: 'echo-version-set' - versioningScheme: 'Segment' - } - } - } - ] - authorizationServers: [ - { - name: 'AuthServer1' - authorizationEndpoint: 'https://login.microsoftonline.com/651b43ce-ccb8-4301-b551-b04dd872d401/oauth2/v2.0/authorize' - grantTypes: [ - 'authorizationCode' - ] - clientCredentialsKeyVaultId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - clientIdSecretName: 'apimclientid' - clientSecretSecretName: 'apimclientsecret' - clientRegistrationEndpoint: 'http://localhost' - tokenEndpoint: 'https://login.microsoftonline.com/651b43ce-ccb8-4301-b551-b04dd872d401/oauth2/v2.0/token' - } - ] - backends: [ - { - name: 'backend' - url: 'http://echoapi.cloudapp.net/api' - tls: { - validateCertificateChain: false - validateCertificateName: false - } - } - ] - caches: [ - { - name: 'westeurope' - connectionString: 'connectionstringtest' - useFromLocation: 'westeurope' - } - ] - identityProviders: [ - { - name: 'aadProvider' - } - ] - namedValues: [ - { - name: 'apimkey' - displayName: 'apimkey' - secret: true - } - ] - policies: [ - { - value: ' ' - format: 'xml' - } - ] - portalSettings: [ - { - name: 'signin' - properties: { - enabled: false - } - } - { - name: 'signup' - properties: { - enabled: false - termsOfService: { - enabled: false - consentRequired: false - } - } - } - ] - products: [ - { - name: 'Starter' - subscriptionRequired: false - approvalRequired: false - apis: [ - { - name: 'echo-api' - } - ] - groups: [ - { - name: 'developers' - } - ] - } - ] - subscriptions: [ - { - scope: '/apis' - name: 'testArmSubscriptionAllApis' - } - ] - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -598,8 +619,6 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -623,6 +642,9 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { ```
+

+ +

Example 3: Parameters

@@ -632,9 +654,42 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { module service './Microsoft.ApiManagement/service/deploy.bicep' = { name: '${uniqueString(deployment().name)}-service' params: { - name: '<>-az-apim-min-001' + name: '<>-az-apim-x-001' + lock: 'CanNotDelete' publisherEmail: 'apimgmt-noreply@mail.windowsazure.com' publisherName: '<>-az-amorg-x-001' + portalSettings: [ + { + name: 'signin' + properties: { + enabled: false + } + } + { + name: 'signup' + properties: { + enabled: false + termsOfService: { + enabled: false + consentRequired: false + } + } + } + ] + policies: [ + { + value: ' ' + format: 'xml' + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] } } ``` @@ -642,8 +697,6 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -707,55 +760,5 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module service './Microsoft.ApiManagement/service/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-service' - params: { - name: '<>-az-apim-x-001' - lock: 'CanNotDelete' - publisherEmail: 'apimgmt-noreply@mail.windowsazure.com' - publisherName: '<>-az-amorg-x-001' - portalSettings: [ - { - name: 'signin' - properties: { - enabled: false - } - } - { - name: 'signup' - properties: { - enabled: false - termsOfService: { - enabled: false - consentRequired: false - } - } - } - ] - policies: [ - { - value: ' ' - format: 'xml' - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.AppConfiguration/configurationStores/readme.md b/modules/Microsoft.AppConfiguration/configurationStores/readme.md index 4d09613cb0..c9e8aae266 100644 --- a/modules/Microsoft.AppConfiguration/configurationStores/readme.md +++ b/modules/Microsoft.AppConfiguration/configurationStores/readme.md @@ -280,7 +280,23 @@ privateEndpoints: [ ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module configurationStores './Microsoft.AppConfiguration/configurationStores/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-configurationStores' + params: { + name: '<>-az-appcs-min-001' + } +} +``` + +
+

@@ -299,6 +315,9 @@ privateEndpoints: [ ```
+

+ +

Example 2: Parameters

@@ -308,7 +327,48 @@ privateEndpoints: [ module configurationStores './Microsoft.AppConfiguration/configurationStores/deploy.bicep' = { name: '${uniqueString(deployment().name)}-configurationStores' params: { - name: '<>-az-appcs-min-001' + name: '<>-az-appcs-x-001' + lock: 'CanNotDelete' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + systemAssignedIdentity: true + keyValues: [ + { + name: 'keyName' + value: 'valueName' + contentType: 'contentType' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + createMode: 'Default' + disableLocalAuth: false + enablePurgeProtection: false + publicNetworkAccess: 'Enabled' + softDeleteRetentionInDays: 1 + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'configurationStores' + } + ] } } ``` @@ -316,8 +376,6 @@ module configurationStores './Microsoft.AppConfiguration/configurationStores/dep

-

Example 2

-
via JSON Parameter file @@ -405,61 +463,5 @@ module configurationStores './Microsoft.AppConfiguration/configurationStores/dep } ``` -
- -
- -via Bicep module - -```bicep -module configurationStores './Microsoft.AppConfiguration/configurationStores/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-configurationStores' - params: { - name: '<>-az-appcs-x-001' - lock: 'CanNotDelete' - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - systemAssignedIdentity: true - keyValues: [ - { - name: 'keyName' - value: 'valueName' - contentType: 'contentType' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - createMode: 'Default' - disableLocalAuth: false - enablePurgeProtection: false - publicNetworkAccess: 'Enabled' - softDeleteRetentionInDays: 1 - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'configurationStores' - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Authorization/locks/readme.md b/modules/Microsoft.Authorization/locks/readme.md index 67a3ece4a7..8d5b1772a9 100644 --- a/modules/Microsoft.Authorization/locks/readme.md +++ b/modules/Microsoft.Authorization/locks/readme.md @@ -42,7 +42,25 @@ This module deploys Authorization Locks. ## Deployment examples -

Example 1

+

Example 1: Rg

+ +
+ +via Bicep module + +```bicep +module locks './Microsoft.Authorization/locks/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-locks' + params: { + level: 'CanNotDelete' + resourceGroupName: 'adp-<>-az-locks-rg-001' + subscriptionId: '<>' + } +} +``` + +
+

@@ -66,22 +84,5 @@ This module deploys Authorization Locks. } ``` -
- -
- -via Bicep module - -```bicep -module locks './Microsoft.Authorization/locks/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-locks' - params: { - level: 'CanNotDelete' - resourceGroupName: 'adp-<>-az-locks-rg-001' - subscriptionId: '<>' - } -} -``` -

diff --git a/modules/Microsoft.Authorization/policyAssignments/readme.md b/modules/Microsoft.Authorization/policyAssignments/readme.md index f0d77958d9..5426d2e9f3 100644 --- a/modules/Microsoft.Authorization/policyAssignments/readme.md +++ b/modules/Microsoft.Authorization/policyAssignments/readme.md @@ -168,7 +168,24 @@ module policyassignment 'yourpath/modules/Microsoft.Authorization.policyAssignme ## Deployment examples -

Example 1

+

Example 1: Mg Min

+ +
+ +via Bicep module + +```bicep +module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-policyAssignments' + params: { + name: '<>-min-mg-polAss' + policyDefinitionID: '/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d' + } +} +``` + +
+

@@ -190,6 +207,9 @@ module policyassignment 'yourpath/modules/Microsoft.Authorization.policyAssignme ```
+

+ +

Example 2: Mg

@@ -199,8 +219,33 @@ module policyassignment 'yourpath/modules/Microsoft.Authorization.policyAssignme module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyAssignments' params: { - name: '<>-min-mg-polAss' - policyDefinitionID: '/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d' + name: '<>-mg-polAss' + displayName: '[Display Name] Policy Assignment at the management group scope' + description: '[Description] Policy Assignment at the management group scope' + policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26' + parameters: { + tagName: { + value: 'env' + } + tagValue: { + value: 'prod' + } + } + nonComplianceMessage: 'Violated Policy Assignment - This is a Non Compliance Message' + enforcementMode: 'DoNotEnforce' + metadata: { + category: 'Security' + version: '1.0' + } + location: 'australiaeast' + notScopes: [ + '/subscriptions/<>/resourceGroups/validation-rg' + ] + identity: 'SystemAssigned' + roleDefinitionIds: [ + '/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c' + ] + managementGroupId: '<>' } } ``` @@ -208,8 +253,6 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic

-

Example 2

-
via JSON Parameter file @@ -277,6 +320,9 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic ```
+

+ +

Example 3: Rg Min

@@ -286,33 +332,10 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyAssignments' params: { - name: '<>-mg-polAss' - displayName: '[Display Name] Policy Assignment at the management group scope' - description: '[Description] Policy Assignment at the management group scope' - policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26' - parameters: { - tagName: { - value: 'env' - } - tagValue: { - value: 'prod' - } - } - nonComplianceMessage: 'Violated Policy Assignment - This is a Non Compliance Message' - enforcementMode: 'DoNotEnforce' - metadata: { - category: 'Security' - version: '1.0' - } - location: 'australiaeast' - notScopes: [ - '/subscriptions/<>/resourceGroups/validation-rg' - ] - identity: 'SystemAssigned' - roleDefinitionIds: [ - '/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c' - ] - managementGroupId: '<>' + name: '<>-min-rg-polAss' + policyDefinitionID: '/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d' + subscriptionId: '<>' + resourceGroupName: 'validation-rg' } } ``` @@ -320,8 +343,6 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic

-

Example 3

-
via JSON Parameter file @@ -348,6 +369,9 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic ```
+

+ +

Example 4: Rg

@@ -357,8 +381,33 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyAssignments' params: { - name: '<>-min-rg-polAss' - policyDefinitionID: '/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d' + name: '<>-rg-polAss' + displayName: '[Display Name] Policy Assignment at the resource group scope' + description: '[Description] Policy Assignment at the resource group scope' + policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26' + parameters: { + tagName: { + value: 'env' + } + tagValue: { + value: 'prod' + } + } + nonComplianceMessage: 'Violated Policy Assignment - This is a Non Compliance Message' + enforcementMode: 'DoNotEnforce' + metadata: { + category: 'Security' + version: '1.0' + } + location: 'australiaeast' + notScopes: [ + '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + ] + identity: 'UserAssigned' + userAssignedIdentityId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' + roleDefinitionIds: [ + '/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c' + ] subscriptionId: '<>' resourceGroupName: 'validation-rg' } @@ -368,8 +417,6 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic

-

Example 4

-
via JSON Parameter file @@ -443,6 +490,9 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic ```
+

+ +

Example 5: Sub Min

@@ -452,35 +502,9 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyAssignments' params: { - name: '<>-rg-polAss' - displayName: '[Display Name] Policy Assignment at the resource group scope' - description: '[Description] Policy Assignment at the resource group scope' - policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26' - parameters: { - tagName: { - value: 'env' - } - tagValue: { - value: 'prod' - } - } - nonComplianceMessage: 'Violated Policy Assignment - This is a Non Compliance Message' - enforcementMode: 'DoNotEnforce' - metadata: { - category: 'Security' - version: '1.0' - } - location: 'australiaeast' - notScopes: [ - '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - ] - identity: 'UserAssigned' - userAssignedIdentityId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' - roleDefinitionIds: [ - '/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c' - ] + name: '<>-min-sub-polAss' + policyDefinitionID: '/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d' subscriptionId: '<>' - resourceGroupName: 'validation-rg' } } ``` @@ -488,8 +512,6 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic

-

Example 5

-
via JSON Parameter file @@ -513,6 +535,9 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic ```
+

+ +

Example 6: Sub

@@ -522,8 +547,33 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyAssignments' params: { - name: '<>-min-sub-polAss' - policyDefinitionID: '/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d' + name: '<>-sub-polAss' + displayName: '[Display Name] Policy Assignment at the subscription scope' + description: '[Description] Policy Assignment at the subscription scope' + policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26' + parameters: { + tagName: { + value: 'env' + } + tagValue: { + value: 'prod' + } + } + nonComplianceMessage: 'Violated Policy Assignment - This is a Non Compliance Message' + enforcementMode: 'DoNotEnforce' + metadata: { + category: 'Security' + version: '1.0' + } + location: 'australiaeast' + notScopes: [ + '/subscriptions/<>/resourceGroups/validation-rg' + ] + identity: 'UserAssigned' + userAssignedIdentityId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' + roleDefinitionIds: [ + '/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c' + ] subscriptionId: '<>' } } @@ -532,8 +582,6 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic

-

Example 6

-
via JSON Parameter file @@ -603,47 +651,5 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic } ``` -
- -
- -via Bicep module - -```bicep -module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-policyAssignments' - params: { - name: '<>-sub-polAss' - displayName: '[Display Name] Policy Assignment at the subscription scope' - description: '[Description] Policy Assignment at the subscription scope' - policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26' - parameters: { - tagName: { - value: 'env' - } - tagValue: { - value: 'prod' - } - } - nonComplianceMessage: 'Violated Policy Assignment - This is a Non Compliance Message' - enforcementMode: 'DoNotEnforce' - metadata: { - category: 'Security' - version: '1.0' - } - location: 'australiaeast' - notScopes: [ - '/subscriptions/<>/resourceGroups/validation-rg' - ] - identity: 'UserAssigned' - userAssignedIdentityId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' - roleDefinitionIds: [ - '/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c' - ] - subscriptionId: '<>' - } -} -``` -

diff --git a/modules/Microsoft.Authorization/policyDefinitions/readme.md b/modules/Microsoft.Authorization/policyDefinitions/readme.md index 8f340ddb14..1f748fb572 100644 --- a/modules/Microsoft.Authorization/policyDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policyDefinitions/readme.md @@ -126,7 +126,45 @@ module policydefinition 'yourpath/modules/Microsoft.Authorization.policyDefiniti ## Deployment examples -

Example 1

+

Example 1: Mg Min

+ +
+ +via Bicep module + +```bicep +module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-policyDefinitions' + params: { + name: '<>-mg-min-policyDef' + policyRule: { + if: { + allOf: [ + { + equals: 'Microsoft.KeyVault/vaults' + field: 'type' + } + ] + } + then: { + effect: '[parameters('effect')]' + } + } + parameters: { + effect: { + allowedValues: [ + 'Audit' + ] + defaultValue: 'Audit' + type: 'String' + } + } + } +} +``` + +
+

@@ -171,6 +209,9 @@ module policydefinition 'yourpath/modules/Microsoft.Authorization.policyDefiniti ```
+

+ +

Example 2: Mg

@@ -180,29 +221,58 @@ module policydefinition 'yourpath/modules/Microsoft.Authorization.policyDefiniti module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyDefinitions' params: { - name: '<>-mg-min-policyDef' + name: '<>-mg-policyDef' + displayName: '[DisplayName] This policy definition is deployed at the management group scope' + description: '[Description] This policy definition is deployed at the management group scope' policyRule: { if: { allOf: [ { - equals: 'Microsoft.KeyVault/vaults' field: 'type' + equals: 'Microsoft.Resources/subscriptions' + } + { + field: '[concat('tags[' parameters('tagName') ']')]' + exists: 'false' } ] } then: { - effect: '[parameters('effect')]' + effect: 'modify' + details: { + roleDefinitionIds: [ + '/providers/microsoft.authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f' + ] + operations: [ + { + operation: 'add' + field: '[concat('tags[' parameters('tagName') ']')]' + value: '[parameters('tagValue')]' + } + ] + } } } parameters: { - effect: { - allowedValues: [ - 'Audit' - ] - defaultValue: 'Audit' + tagName: { type: 'String' + metadata: { + displayName: 'Tag Name' + description: 'Name of the tag such as 'environment'' + } } + tagValue: { + type: 'String' + metadata: { + displayName: 'Tag Value' + description: 'Value of the tag such as 'production'' + } + } + } + metadata: { + category: 'Security' } + managementGroupId: '<>' } } ``` @@ -210,8 +280,6 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic

-

Example 2

-
via JSON Parameter file @@ -292,6 +360,9 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic ```
+

+ +

Example 3: Sub Min

@@ -301,58 +372,30 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyDefinitions' params: { - name: '<>-mg-policyDef' - displayName: '[DisplayName] This policy definition is deployed at the management group scope' - description: '[Description] This policy definition is deployed at the management group scope' + name: '<>-sub-min-policyDef' policyRule: { if: { allOf: [ { + equals: 'Microsoft.KeyVault/vaults' field: 'type' - equals: 'Microsoft.Resources/subscriptions' - } - { - field: '[concat('tags[' parameters('tagName') ']')]' - exists: 'false' } ] } then: { - effect: 'modify' - details: { - roleDefinitionIds: [ - '/providers/microsoft.authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f' - ] - operations: [ - { - operation: 'add' - field: '[concat('tags[' parameters('tagName') ']')]' - value: '[parameters('tagValue')]' - } - ] - } + effect: '[parameters('effect')]' } } parameters: { - tagName: { - type: 'String' - metadata: { - displayName: 'Tag Name' - description: 'Name of the tag such as 'environment'' - } - } - tagValue: { + effect: { + allowedValues: [ + 'Audit' + ] + defaultValue: 'Audit' type: 'String' - metadata: { - displayName: 'Tag Value' - description: 'Value of the tag such as 'production'' - } } } - metadata: { - category: 'Security' - } - managementGroupId: '<>' + subscriptionId: '<>' } } ``` @@ -360,8 +403,6 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic

-

Example 3

-
via JSON Parameter file @@ -408,6 +449,9 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic ```
+

+ +

Example 4: Sub

@@ -417,29 +461,57 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyDefinitions' params: { - name: '<>-sub-min-policyDef' + name: '<>-sub-policyDef' + displayName: '[DisplayName] This policy definition is deployed at subscription scope' + description: '[Description] This policy definition is deployed at subscription scope' policyRule: { if: { allOf: [ { - equals: 'Microsoft.KeyVault/vaults' field: 'type' + equals: 'Microsoft.Resources/subscriptions' + } + { + field: '[concat('tags[' parameters('tagName') ']')]' + exists: 'false' } ] } then: { - effect: '[parameters('effect')]' + effect: 'modify' + details: { + roleDefinitionIds: [ + '/providers/microsoft.authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f' + ] + operations: [ + { + operation: 'add' + field: '[concat('tags[' parameters('tagName') ']')]' + value: '[parameters('tagValue')]' + } + ] + } } } parameters: { - effect: { - allowedValues: [ - 'Audit' - ] - defaultValue: 'Audit' + tagName: { type: 'String' + metadata: { + displayName: 'Tag Name' + description: 'Name of the tag such as 'environment'' + } + } + tagValue: { + type: 'String' + metadata: { + displayName: 'Tag Value' + description: 'Value of the tag such as 'production'' + } } } + metadata: { + category: 'Security' + } subscriptionId: '<>' } } @@ -448,8 +520,6 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic

-

Example 4

-
via JSON Parameter file @@ -529,71 +599,5 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic } ``` -
- -
- -via Bicep module - -```bicep -module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-policyDefinitions' - params: { - name: '<>-sub-policyDef' - displayName: '[DisplayName] This policy definition is deployed at subscription scope' - description: '[Description] This policy definition is deployed at subscription scope' - policyRule: { - if: { - allOf: [ - { - field: 'type' - equals: 'Microsoft.Resources/subscriptions' - } - { - field: '[concat('tags[' parameters('tagName') ']')]' - exists: 'false' - } - ] - } - then: { - effect: 'modify' - details: { - roleDefinitionIds: [ - '/providers/microsoft.authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f' - ] - operations: [ - { - operation: 'add' - field: '[concat('tags[' parameters('tagName') ']')]' - value: '[parameters('tagValue')]' - } - ] - } - } - } - parameters: { - tagName: { - type: 'String' - metadata: { - displayName: 'Tag Name' - description: 'Name of the tag such as 'environment'' - } - } - tagValue: { - type: 'String' - metadata: { - displayName: 'Tag Value' - description: 'Value of the tag such as 'production'' - } - } - } - metadata: { - category: 'Security' - } - subscriptionId: '<>' - } -} -``` -

diff --git a/modules/Microsoft.Authorization/policyExemptions/readme.md b/modules/Microsoft.Authorization/policyExemptions/readme.md index d2cb79de7e..9af309c2f0 100644 --- a/modules/Microsoft.Authorization/policyExemptions/readme.md +++ b/modules/Microsoft.Authorization/policyExemptions/readme.md @@ -149,7 +149,24 @@ module policyexemption 'yourpath/modules/Microsoft.Authorization.policyExemption ## Deployment examples -

Example 1

+

Example 1: Mg Min

+ +
+ +via Bicep module + +```bicep +module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-policyExemptions' + params: { + name: '<>-min-mg-polexem' + policyAssignmentId: '/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg' + } +} +``` + +
+

@@ -171,6 +188,9 @@ module policyexemption 'yourpath/modules/Microsoft.Authorization.policyExemption ```
+

+ +

Example 2: Mg

@@ -180,8 +200,15 @@ module policyexemption 'yourpath/modules/Microsoft.Authorization.policyExemption module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyExemptions' params: { - name: '<>-min-mg-polexem' + name: '<>-mg-polexem' + displayName: '[Display Name] policy exempt (management group scope)' policyAssignmentId: '/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg' + exemptionCategory: 'Waiver' + metadata: { + category: 'Security' + } + expiresOn: '2025-10-02T03:57:00Z' + managementGroupId: '<>' } } ``` @@ -189,8 +216,6 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep

-

Example 2

-
via JSON Parameter file @@ -228,6 +253,9 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep ```
+

+ +

Example 3: Rg Min

@@ -237,15 +265,10 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyExemptions' params: { - name: '<>-mg-polexem' - displayName: '[Display Name] policy exempt (management group scope)' - policyAssignmentId: '/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg' - exemptionCategory: 'Waiver' - metadata: { - category: 'Security' - } - expiresOn: '2025-10-02T03:57:00Z' - managementGroupId: '<>' + name: '<>-min-rg-polexem' + policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' + subscriptionId: '<>' + resourceGroupName: '<>' } } ``` @@ -253,8 +276,6 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep

-

Example 3

-
via JSON Parameter file @@ -281,6 +302,9 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep ```
+

+ +

Example 4: Rg

@@ -290,8 +314,14 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyExemptions' params: { - name: '<>-min-rg-polexem' + name: '<>-rg-polexem' + displayName: '[Display Name] policy exempt (resource group scope)' policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' + exemptionCategory: 'Waiver' + metadata: { + category: 'Security' + } + expiresOn: '2025-10-02T03:57:00Z' subscriptionId: '<>' resourceGroupName: '<>' } @@ -301,8 +331,6 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep

-

Example 4

-
via JSON Parameter file @@ -343,6 +371,9 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep ```
+

+ +

Example 5: Sub Min

@@ -352,16 +383,9 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyExemptions' params: { - name: '<>-rg-polexem' - displayName: '[Display Name] policy exempt (resource group scope)' + name: '<>-min-sub-polexem' policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' - exemptionCategory: 'Waiver' - metadata: { - category: 'Security' - } - expiresOn: '2025-10-02T03:57:00Z' subscriptionId: '<>' - resourceGroupName: '<>' } } ``` @@ -369,8 +393,6 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep

-

Example 5

-
via JSON Parameter file @@ -394,6 +416,9 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep ```
+

+ +

Example 6: Sub

@@ -403,8 +428,14 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyExemptions' params: { - name: '<>-min-sub-polexem' + name: '<>-sub-polexem' + displayName: '[Display Name] policy exempt (subscription scope)' policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' + exemptionCategory: 'Waiver' + metadata: { + category: 'Security' + } + expiresOn: '2025-10-02T03:57:00Z' subscriptionId: '<>' } } @@ -413,8 +444,6 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep

-

Example 6

-
via JSON Parameter file @@ -451,28 +480,5 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep } ``` -
- -
- -via Bicep module - -```bicep -module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-policyExemptions' - params: { - name: '<>-sub-polexem' - displayName: '[Display Name] policy exempt (subscription scope)' - policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' - exemptionCategory: 'Waiver' - metadata: { - category: 'Security' - } - expiresOn: '2025-10-02T03:57:00Z' - subscriptionId: '<>' - } -} -``` -

diff --git a/modules/Microsoft.Authorization/policySetDefinitions/readme.md b/modules/Microsoft.Authorization/policySetDefinitions/readme.md index 8479158522..64664443ee 100644 --- a/modules/Microsoft.Authorization/policySetDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policySetDefinitions/readme.md @@ -132,7 +132,35 @@ module policysetdefinition 'yourpath/modules/Microsoft.Authorization.policySetDe ## Deployment examples -

Example 1

+

Example 1: Mg Min

+ +
+ +via Bicep module + +```bicep +module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-policySetDefinitions' + params: { + name: '<>-mg-min-policySet' + policyDefinitions: [ + { + parameters: { + listOfAllowedLocations: { + value: [ + 'australiaeast' + ] + } + } + policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/e56962a6-4747-49cd-b67b-bf8b01975c4c' + } + ] + } +} +``` + +
+

@@ -165,6 +193,9 @@ module policysetdefinition 'yourpath/modules/Microsoft.Authorization.policySetDe ```
+

+ +

Example 2: Mg

@@ -174,9 +205,22 @@ module policysetdefinition 'yourpath/modules/Microsoft.Authorization.policySetDe module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policySetDefinitions' params: { - name: '<>-mg-min-policySet' + name: '<>-mg-policySet' + displayName: '[DisplayName] This policy set definition is deployed at management group scope' + description: '[Description] This policy set definition is deployed at management group scope' + policyDefinitionGroups: [ + { + name: 'Network' + } + { + name: 'ARM' + } + ] policyDefinitions: [ { + groupNames: [ + 'ARM' + ] parameters: { listOfAllowedLocations: { value: [ @@ -185,8 +229,28 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl } } policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/e56962a6-4747-49cd-b67b-bf8b01975c4c' + policyDefinitionReferenceId: 'Allowed locations_1' + } + { + groupNames: [ + 'ARM' + ] + parameters: { + listOfAllowedLocations: { + value: [ + 'australiaeast' + ] + } + } + policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/e765b5de-1225-4ba3-bd56-1ac6695af988' + policyDefinitionReferenceId: 'Allowed locations for resource groups_1' } ] + metadata: { + category: 'Security' + version: '1' + } + managementGroupId: '<>' } } ``` @@ -194,8 +258,6 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl

-

Example 2

-
via JSON Parameter file @@ -270,6 +332,9 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl ```
+

+ +

Example 3: Sub Min

@@ -279,22 +344,9 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policySetDefinitions' params: { - name: '<>-mg-policySet' - displayName: '[DisplayName] This policy set definition is deployed at management group scope' - description: '[Description] This policy set definition is deployed at management group scope' - policyDefinitionGroups: [ - { - name: 'Network' - } - { - name: 'ARM' - } - ] + name: '<>-sub-min-policySet' policyDefinitions: [ { - groupNames: [ - 'ARM' - ] parameters: { listOfAllowedLocations: { value: [ @@ -303,28 +355,9 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl } } policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/e56962a6-4747-49cd-b67b-bf8b01975c4c' - policyDefinitionReferenceId: 'Allowed locations_1' - } - { - groupNames: [ - 'ARM' - ] - parameters: { - listOfAllowedLocations: { - value: [ - 'australiaeast' - ] - } - } - policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/e765b5de-1225-4ba3-bd56-1ac6695af988' - policyDefinitionReferenceId: 'Allowed locations for resource groups_1' } ] - metadata: { - category: 'Security' - version: '1' - } - managementGroupId: '<>' + subscriptionId: '<>' } } ``` @@ -332,8 +365,6 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl

-

Example 3

-
via JSON Parameter file @@ -368,6 +399,9 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl ```
+

+ +

Example 4: Sub

@@ -377,9 +411,22 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policySetDefinitions' params: { - name: '<>-sub-min-policySet' + name: '<>-sub-policySet' + displayName: '[DisplayName] This policy set definition is deployed at subscription scope' + description: '[Description] This policy set definition is deployed at subscription scope' + policyDefinitionGroups: [ + { + name: 'Network' + } + { + name: 'ARM' + } + ] policyDefinitions: [ { + groupNames: [ + 'ARM' + ] parameters: { listOfAllowedLocations: { value: [ @@ -388,8 +435,27 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl } } policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/e56962a6-4747-49cd-b67b-bf8b01975c4c' + policyDefinitionReferenceId: 'Allowed locations_1' + } + { + groupNames: [ + 'ARM' + ] + parameters: { + listOfAllowedLocations: { + value: [ + 'australiaeast' + ] + } + } + policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/e765b5de-1225-4ba3-bd56-1ac6695af988' + policyDefinitionReferenceId: 'Allowed locations for resource groups_1' } ] + metadata: { + category: 'Security' + version: '1' + } subscriptionId: '<>' } } @@ -398,8 +464,6 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl

-

Example 4

-
via JSON Parameter file @@ -473,65 +537,5 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl } ``` -
- -
- -via Bicep module - -```bicep -module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-policySetDefinitions' - params: { - name: '<>-sub-policySet' - displayName: '[DisplayName] This policy set definition is deployed at subscription scope' - description: '[Description] This policy set definition is deployed at subscription scope' - policyDefinitionGroups: [ - { - name: 'Network' - } - { - name: 'ARM' - } - ] - policyDefinitions: [ - { - groupNames: [ - 'ARM' - ] - parameters: { - listOfAllowedLocations: { - value: [ - 'australiaeast' - ] - } - } - policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/e56962a6-4747-49cd-b67b-bf8b01975c4c' - policyDefinitionReferenceId: 'Allowed locations_1' - } - { - groupNames: [ - 'ARM' - ] - parameters: { - listOfAllowedLocations: { - value: [ - 'australiaeast' - ] - } - } - policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/e765b5de-1225-4ba3-bd56-1ac6695af988' - policyDefinitionReferenceId: 'Allowed locations for resource groups_1' - } - ] - metadata: { - category: 'Security' - version: '1' - } - subscriptionId: '<>' - } -} -``` -

diff --git a/modules/Microsoft.Authorization/roleAssignments/readme.md b/modules/Microsoft.Authorization/roleAssignments/readme.md index 0c05aa9723..57db85ae83 100644 --- a/modules/Microsoft.Authorization/roleAssignments/readme.md +++ b/modules/Microsoft.Authorization/roleAssignments/readme.md @@ -167,7 +167,24 @@ This module can be deployed at the management group, subscription or resource gr ## Deployment examples -

Example 1

+

Example 1: Mg Min

+ +
+ +via Bicep module + +```bicep +module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-roleAssignments' + params: { + roleDefinitionIdOrName: 'Storage Queue Data Reader' + principalId: '<>' + } +} +``` + +
+

@@ -189,6 +206,9 @@ This module can be deployed at the management group, subscription or resource gr ```
+

+ +

Example 2: Mg

@@ -198,8 +218,11 @@ This module can be deployed at the management group, subscription or resource gr module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { - roleDefinitionIdOrName: 'Storage Queue Data Reader' + roleDefinitionIdOrName: 'Backup Reader' + description: 'Role Assignment (management group scope)' principalId: '<>' + principalType: 'ServicePrincipal' + managementGroupId: '<>' } } ``` @@ -207,8 +230,6 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'

-

Example 2

-
via JSON Parameter file @@ -238,6 +259,9 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' ```
+

+ +

Example 3: Rg Min

@@ -247,11 +271,10 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { - roleDefinitionIdOrName: 'Backup Reader' - description: 'Role Assignment (management group scope)' + roleDefinitionIdOrName: 'Storage Queue Data Reader' principalId: '<>' - principalType: 'ServicePrincipal' - managementGroupId: '<>' + subscriptionId: '<>' + resourceGroupName: '<>' } } ``` @@ -259,8 +282,6 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'

-

Example 3

-
via JSON Parameter file @@ -287,6 +308,9 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' ```
+

+ +

Example 4: Rg

@@ -296,8 +320,10 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { - roleDefinitionIdOrName: 'Storage Queue Data Reader' + roleDefinitionIdOrName: 'Backup Reader' + description: 'Role Assignment (resource group scope)' principalId: '<>' + principalType: 'ServicePrincipal' subscriptionId: '<>' resourceGroupName: '<>' } @@ -307,8 +333,6 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'

-

Example 4

-
via JSON Parameter file @@ -341,6 +365,9 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' ```
+

+ +

Example 5: Sub Min

@@ -350,12 +377,9 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { - roleDefinitionIdOrName: 'Backup Reader' - description: 'Role Assignment (resource group scope)' + roleDefinitionIdOrName: 'Storage Queue Data Reader' principalId: '<>' - principalType: 'ServicePrincipal' subscriptionId: '<>' - resourceGroupName: '<>' } } ``` @@ -363,8 +387,6 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'

-

Example 5

-
via JSON Parameter file @@ -388,6 +410,9 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' ```
+

+ +

Example 6: Sub

@@ -397,8 +422,10 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { - roleDefinitionIdOrName: 'Storage Queue Data Reader' + roleDefinitionIdOrName: 'Backup Reader' + description: 'Role Assignment (subscription scope)' principalId: '<>' + principalType: 'ServicePrincipal' subscriptionId: '<>' } } @@ -407,8 +434,6 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'

-

Example 6

-
via JSON Parameter file @@ -437,24 +462,5 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' } ``` -
- -
- -via Bicep module - -```bicep -module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-roleAssignments' - params: { - roleDefinitionIdOrName: 'Backup Reader' - description: 'Role Assignment (subscription scope)' - principalId: '<>' - principalType: 'ServicePrincipal' - subscriptionId: '<>' - } -} -``` -

diff --git a/modules/Microsoft.Authorization/roleDefinitions/readme.md b/modules/Microsoft.Authorization/roleDefinitions/readme.md index a7566ea2e3..9f1baba9bc 100644 --- a/modules/Microsoft.Authorization/roleDefinitions/readme.md +++ b/modules/Microsoft.Authorization/roleDefinitions/readme.md @@ -171,7 +171,27 @@ This module can be deployed both at subscription or resource group level: ## Deployment examples -

Example 1

+

Example 1: Mg Min

+ +
+ +via Bicep module + +```bicep +module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-roleDefinitions' + params: { + roleName: '<>-az-testRole-mg-min' + actions: [ + 'Microsoft.Compute/galleries/read' + 'Microsoft.Compute/galleries/images/read' + ] + } +} +``` + +
+

@@ -196,6 +216,9 @@ This module can be deployed both at subscription or resource group level: ```
+

+ +

Example 2: Mg

@@ -205,11 +228,27 @@ This module can be deployed both at subscription or resource group level: module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleDefinitions' params: { - roleName: '<>-az-testRole-mg-min' + roleName: '<>-az-testRole-mg' + description: 'Test Custom Role Definition Standard (management group scope)' actions: [ - 'Microsoft.Compute/galleries/read' - 'Microsoft.Compute/galleries/images/read' + 'Microsoft.Compute/galleries/*' + 'Microsoft.Network/virtualNetworks/read' + ] + notActions: [ + 'Microsoft.Compute/images/write' + 'Microsoft.Compute/images/delete' + 'Microsoft.Network/virtualNetworks/subnets/join/action' ] + dataActions: [ + 'Microsoft.Storage/storageAccounts/blobServices/*/read' + ] + notDataActions: [ + 'Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read' + ] + assignableScopes: [ + '/providers/Microsoft.Management/managementGroups/<>' + ] + managementGroupId: '<>' } } ``` @@ -217,8 +256,6 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep'

-

Example 2

-
via JSON Parameter file @@ -270,6 +307,9 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' ```
+

+ +

Example 3: Rg Min

@@ -279,27 +319,13 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleDefinitions' params: { - roleName: '<>-az-testRole-mg' - description: 'Test Custom Role Definition Standard (management group scope)' + roleName: '<>-az-testRole-rg-min' actions: [ - 'Microsoft.Compute/galleries/*' - 'Microsoft.Network/virtualNetworks/read' - ] - notActions: [ - 'Microsoft.Compute/images/write' - 'Microsoft.Compute/images/delete' - 'Microsoft.Network/virtualNetworks/subnets/join/action' - ] - dataActions: [ - 'Microsoft.Storage/storageAccounts/blobServices/*/read' - ] - notDataActions: [ - 'Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read' - ] - assignableScopes: [ - '/providers/Microsoft.Management/managementGroups/<>' + 'Microsoft.Compute/galleries/read' + 'Microsoft.Compute/galleries/images/read' ] - managementGroupId: '<>' + subscriptionId: '<>' + resourceGroupName: '<>' } } ``` @@ -307,8 +333,6 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep'

-

Example 3

-
via JSON Parameter file @@ -338,6 +362,9 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' ```
+

+ +

Example 4: Rg

@@ -347,10 +374,25 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleDefinitions' params: { - roleName: '<>-az-testRole-rg-min' + roleName: '<>-az-testRole-rg' + description: 'Test Custom Role Definition Standard (resource group scope)' actions: [ - 'Microsoft.Compute/galleries/read' - 'Microsoft.Compute/galleries/images/read' + 'Microsoft.Compute/galleries/*' + 'Microsoft.Network/virtualNetworks/read' + ] + notActions: [ + 'Microsoft.Compute/images/write' + 'Microsoft.Compute/images/delete' + 'Microsoft.Network/virtualNetworks/subnets/join/action' + ] + dataActions: [ + 'Microsoft.Storage/storageAccounts/blobServices/*/read' + ] + notDataActions: [ + 'Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read' + ] + assignableScopes: [ + '/subscriptions/<>/resourceGroups/<>' ] subscriptionId: '<>' resourceGroupName: '<>' @@ -361,8 +403,6 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep'

-

Example 4

-
via JSON Parameter file @@ -417,6 +457,9 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' ```
+

+ +

Example 5: Sub Min

@@ -426,28 +469,12 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleDefinitions' params: { - roleName: '<>-az-testRole-rg' - description: 'Test Custom Role Definition Standard (resource group scope)' + roleName: '<>-az-testRole-sub-min' actions: [ - 'Microsoft.Compute/galleries/*' - 'Microsoft.Network/virtualNetworks/read' - ] - notActions: [ - 'Microsoft.Compute/images/write' - 'Microsoft.Compute/images/delete' - 'Microsoft.Network/virtualNetworks/subnets/join/action' - ] - dataActions: [ - 'Microsoft.Storage/storageAccounts/blobServices/*/read' - ] - notDataActions: [ - 'Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read' - ] - assignableScopes: [ - '/subscriptions/<>/resourceGroups/<>' + 'Microsoft.Compute/galleries/read' + 'Microsoft.Compute/galleries/images/read' ] subscriptionId: '<>' - resourceGroupName: '<>' } } ``` @@ -455,8 +482,6 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep'

-

Example 5

-
via JSON Parameter file @@ -483,6 +508,9 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' ```
+

+ +

Example 6: Sub

@@ -492,10 +520,25 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleDefinitions' params: { - roleName: '<>-az-testRole-sub-min' + roleName: '<>-az-testRole-sub' + description: 'Test Custom Role Definition Standard (subscription scope)' actions: [ - 'Microsoft.Compute/galleries/read' - 'Microsoft.Compute/galleries/images/read' + 'Microsoft.Compute/galleries/*' + 'Microsoft.Network/virtualNetworks/read' + ] + notActions: [ + 'Microsoft.Compute/images/write' + 'Microsoft.Compute/images/delete' + 'Microsoft.Network/virtualNetworks/subnets/join/action' + ] + dataActions: [ + 'Microsoft.Storage/storageAccounts/blobServices/*/read' + ] + notDataActions: [ + 'Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read' + ] + assignableScopes: [ + '/subscriptions/<>' ] subscriptionId: '<>' } @@ -505,8 +548,6 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep'

-

Example 6

-
via JSON Parameter file @@ -557,40 +598,5 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' } ``` -
- -
- -via Bicep module - -```bicep -module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-roleDefinitions' - params: { - roleName: '<>-az-testRole-sub' - description: 'Test Custom Role Definition Standard (subscription scope)' - actions: [ - 'Microsoft.Compute/galleries/*' - 'Microsoft.Network/virtualNetworks/read' - ] - notActions: [ - 'Microsoft.Compute/images/write' - 'Microsoft.Compute/images/delete' - 'Microsoft.Network/virtualNetworks/subnets/join/action' - ] - dataActions: [ - 'Microsoft.Storage/storageAccounts/blobServices/*/read' - ] - notDataActions: [ - 'Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read' - ] - assignableScopes: [ - '/subscriptions/<>' - ] - subscriptionId: '<>' - } -} -``` -

diff --git a/modules/Microsoft.Automation/automationAccounts/readme.md b/modules/Microsoft.Automation/automationAccounts/readme.md index 35f83cf8c0..c0b4411006 100644 --- a/modules/Microsoft.Automation/automationAccounts/readme.md +++ b/modules/Microsoft.Automation/automationAccounts/readme.md @@ -345,7 +345,31 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Encr

+ +
+ +via Bicep module + +```bicep +module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-automationAccounts' + params: { + name: '<>-az-aut-encr-001' + encryptionKeySource: 'Microsoft.Keyvault' + encryptionUserAssignedIdentity: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' + keyName: 'keyEncryptionKey' + keyvaultUri: 'https://adp-<>-az-kv-nopr-002.vault.azure.net/' + keyVersion: '9917c14be51d4d93b37218de7d326f60' + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + } +} +``` + +
+

@@ -384,6 +408,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Min

@@ -393,15 +420,7 @@ userAssignedIdentities: { module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-automationAccounts' params: { - name: '<>-az-aut-encr-001' - encryptionKeySource: 'Microsoft.Keyvault' - encryptionUserAssignedIdentity: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' - keyName: 'keyEncryptionKey' - keyvaultUri: 'https://adp-<>-az-kv-nopr-002.vault.azure.net/' - keyVersion: '9917c14be51d4d93b37218de7d326f60' - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } + name: '<>-az-aut-min-001' } } ``` @@ -409,8 +428,6 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice

-

Example 2

-
via JSON Parameter file @@ -428,6 +445,9 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice ```
+

+ +

Example 3: Parameters

@@ -437,7 +457,161 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-automationAccounts' params: { - name: '<>-az-aut-min-001' + name: '<>-az-aut-x-001' + lock: 'CanNotDelete' + schedules: [ + { + name: 'TestSchedule' + startTime: '' + expiryTime: '9999-12-31T13:00' + interval: 15 + frequency: 'Minute' + timeZone: 'Europe/Berlin' + advancedSchedule: {} + } + ] + modules: [ + { + name: 'PSWindowsUpdate' + version: 'latest' + uri: 'https://www.powershellgallery.com/api/v2/package' + } + ] + runbooks: [ + { + name: 'TestRunbook' + runbookType: 'PowerShell' + description: 'Test runbook' + uri: 'https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.automation/101-automation/scripts/AzureAutomationTutorial.ps1' + version: '1.0.0.0' + } + ] + jobSchedules: [ + { + scheduleName: 'TestSchedule' + runbookName: 'TestRunbook' + } + ] + variables: [ + { + name: 'TestString' + value: '\'TestString\'' + description: 'TestStringDescription' + } + { + name: 'TestInteger' + value: '500' + description: 'TestIntegerDescription' + } + { + name: 'TestBoolean' + value: 'false' + description: 'TestBooleanDescription' + } + { + name: 'TestDateTime' + value: '\'\\/Date(1637934042656)\\/\'' + description: 'TestDateTimeDescription' + isEncrypted: false + } + { + name: 'TestEncryptedVariable' + value: '\'TestEncryptedValue\'' + description: 'TestEncryptedDescription' + } + ] + linkedWorkspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-aut-001' + gallerySolutions: [ + { + name: 'Updates' + product: 'OMSGallery' + publisher: 'Microsoft' + } + ] + softwareUpdateConfigurations: [ + { + name: 'Windows_ZeroDay' + frequency: 'Month' + operatingSystem: 'Windows' + rebootSetting: 'IfRequired' + scopeByTags: { + Update: [ + 'Automatic-Wave1' + ] + } + maintenanceWindow: 'PT4H' + updateClassifications: [ + 'Critical' + 'Security' + 'UpdateRollup' + 'FeaturePack' + 'ServicePack' + 'Definition' + 'Tools' + 'Updates' + ] + includeUpdates: [ + '654321' + ] + excludeUpdates: [ + '123456' + ] + interval: 1 + monthlyOccurrences: [ + { + occurrence: 3 + day: 'Friday' + } + ] + startTime: '22:00' + } + { + name: 'Linux_ZeroDay' + frequency: 'OneTime' + operatingSystem: 'Linux' + rebootSetting: 'IfRequired' + maintenanceWindow: 'PT4H' + updateClassifications: [ + 'Critical' + 'Security' + 'Other' + ] + includeUpdates: [ + 'kernel' + ] + excludeUpdates: [ + 'icacls' + ] + startTime: '22:00' + } + ] + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'Webhook' + } + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'DSCAndHybridWorker' + } + ] + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -445,8 +619,6 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice

-

Example 3

-
via JSON Parameter file @@ -653,174 +825,5 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice } ``` -
- -
- -via Bicep module - -```bicep -module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-automationAccounts' - params: { - name: '<>-az-aut-x-001' - lock: 'CanNotDelete' - schedules: [ - { - name: 'TestSchedule' - startTime: '' - expiryTime: '9999-12-31T13:00' - interval: 15 - frequency: 'Minute' - timeZone: 'Europe/Berlin' - advancedSchedule: {} - } - ] - modules: [ - { - name: 'PSWindowsUpdate' - version: 'latest' - uri: 'https://www.powershellgallery.com/api/v2/package' - } - ] - runbooks: [ - { - name: 'TestRunbook' - runbookType: 'PowerShell' - description: 'Test runbook' - uri: 'https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.automation/101-automation/scripts/AzureAutomationTutorial.ps1' - version: '1.0.0.0' - } - ] - jobSchedules: [ - { - scheduleName: 'TestSchedule' - runbookName: 'TestRunbook' - } - ] - variables: [ - { - name: 'TestString' - value: '\'TestString\'' - description: 'TestStringDescription' - } - { - name: 'TestInteger' - value: '500' - description: 'TestIntegerDescription' - } - { - name: 'TestBoolean' - value: 'false' - description: 'TestBooleanDescription' - } - { - name: 'TestDateTime' - value: '\'\\/Date(1637934042656)\\/\'' - description: 'TestDateTimeDescription' - isEncrypted: false - } - { - name: 'TestEncryptedVariable' - value: '\'TestEncryptedValue\'' - description: 'TestEncryptedDescription' - } - ] - linkedWorkspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-aut-001' - gallerySolutions: [ - { - name: 'Updates' - product: 'OMSGallery' - publisher: 'Microsoft' - } - ] - softwareUpdateConfigurations: [ - { - name: 'Windows_ZeroDay' - frequency: 'Month' - operatingSystem: 'Windows' - rebootSetting: 'IfRequired' - scopeByTags: { - Update: [ - 'Automatic-Wave1' - ] - } - maintenanceWindow: 'PT4H' - updateClassifications: [ - 'Critical' - 'Security' - 'UpdateRollup' - 'FeaturePack' - 'ServicePack' - 'Definition' - 'Tools' - 'Updates' - ] - includeUpdates: [ - '654321' - ] - excludeUpdates: [ - '123456' - ] - interval: 1 - monthlyOccurrences: [ - { - occurrence: 3 - day: 'Friday' - } - ] - startTime: '22:00' - } - { - name: 'Linux_ZeroDay' - frequency: 'OneTime' - operatingSystem: 'Linux' - rebootSetting: 'IfRequired' - maintenanceWindow: 'PT4H' - updateClassifications: [ - 'Critical' - 'Security' - 'Other' - ] - includeUpdates: [ - 'kernel' - ] - excludeUpdates: [ - 'icacls' - ] - startTime: '22:00' - } - ] - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'Webhook' - } - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'DSCAndHybridWorker' - } - ] - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Batch/batchAccounts/readme.md b/modules/Microsoft.Batch/batchAccounts/readme.md index a3ed7c0429..cfa02f404b 100644 --- a/modules/Microsoft.Batch/batchAccounts/readme.md +++ b/modules/Microsoft.Batch/batchAccounts/readme.md @@ -140,7 +140,24 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-batchAccounts' + params: { + name: '<>azbaweumin001' + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + } +} +``` + +
+

@@ -162,6 +179,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Parameters

@@ -171,8 +191,18 @@ userAssignedIdentities: { module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-batchAccounts' params: { - name: '<>azbaweumin001' + name: '<>azbaweux001' + lock: 'CanNotDelete' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + poolAllocationMode: 'BatchService' storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + systemAssignedIdentity: true + storageAuthenticationMode: 'BatchAccountManagedIdentity' + storageAccessIdentity: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' } } ``` @@ -180,8 +210,6 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -231,31 +259,5 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-batchAccounts' - params: { - name: '<>azbaweux001' - lock: 'CanNotDelete' - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - poolAllocationMode: 'BatchService' - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - systemAssignedIdentity: true - storageAuthenticationMode: 'BatchAccountManagedIdentity' - storageAccessIdentity: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' - } -} -``` -

diff --git a/modules/Microsoft.CognitiveServices/accounts/readme.md b/modules/Microsoft.CognitiveServices/accounts/readme.md index bb71911827..13d0c943d9 100644 --- a/modules/Microsoft.CognitiveServices/accounts/readme.md +++ b/modules/Microsoft.CognitiveServices/accounts/readme.md @@ -404,7 +404,38 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Encr

+ +
+ +via Bicep module + +```bicep +module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-accounts' + params: { + name: '<>-az-cgs-encr-001' + kind: 'SpeechServices' + sku: 'S0' + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + publicNetworkAccess: 'Enabled' + encryption: { + keySource: 'Microsoft.KeyVault' + keyVaultProperties: { + identityClientId: 'c907a696-36f4-49fe-b926-39e3aabba814' + keyVaultUri: 'https://adp-<>-az-kv-nopr-002.vault.azure.net/' + keyName: 'keyEncryptionKey' + keyversion: '4570a207ec394a0bbbe4fc9adc663a51' + } + } + } +} +``` + +
+

@@ -448,6 +479,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Min

@@ -457,22 +491,8 @@ userAssignedIdentities: { module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-accounts' params: { - name: '<>-az-cgs-encr-001' + name: '<>-az-cgs-min-001' kind: 'SpeechServices' - sku: 'S0' - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - publicNetworkAccess: 'Enabled' - encryption: { - keySource: 'Microsoft.KeyVault' - keyVaultProperties: { - identityClientId: 'c907a696-36f4-49fe-b926-39e3aabba814' - keyVaultUri: 'https://adp-<>-az-kv-nopr-002.vault.azure.net/' - keyName: 'keyEncryptionKey' - keyversion: '4570a207ec394a0bbbe4fc9adc663a51' - } - } } } ``` @@ -480,8 +500,6 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -502,6 +520,9 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { ```
+

+ +

Example 3: Parameters

@@ -511,8 +532,37 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-accounts' params: { - name: '<>-az-cgs-min-001' - kind: 'SpeechServices' + name: '<>-az-cgs-x-001' + lock: 'CanNotDelete' + kind: 'Face' + sku: 'S0' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + networkAcls: { + defaultAction: 'deny' + virtualNetworkRules: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' + action: 'Allow' + } + ] + } + customSubDomainName: '<>xdomain' + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -520,8 +570,6 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -595,6 +643,9 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { ```
+

+ +

Example 4: Speech

@@ -604,37 +655,20 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-accounts' params: { - name: '<>-az-cgs-x-001' - lock: 'CanNotDelete' - kind: 'Face' + name: '<>-az-cgs-speech-001' + kind: 'SpeechServices' sku: 'S0' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - networkAcls: { - defaultAction: 'deny' - virtualNetworkRules: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' - action: 'Allow' - } - ] - } - customSubDomainName: '<>xdomain' systemAssignedIdentity: true userAssignedIdentities: { '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + customSubDomainName: '<>speechdomain' + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'account' + } + ] } } ``` @@ -642,8 +676,6 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = {

-

Example 4

-
via JSON Parameter file @@ -685,33 +717,5 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-accounts' - params: { - name: '<>-az-cgs-speech-001' - kind: 'SpeechServices' - sku: 'S0' - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - customSubDomainName: '<>speechdomain' - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'account' - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Compute/availabilitySets/readme.md b/modules/Microsoft.Compute/availabilitySets/readme.md index 69d0451b6a..3f145a0a07 100644 --- a/modules/Microsoft.Compute/availabilitySets/readme.md +++ b/modules/Microsoft.Compute/availabilitySets/readme.md @@ -149,7 +149,23 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module availabilitySets './Microsoft.Compute/availabilitySets/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-availabilitySets' + params: { + name: '<>-az-avs-min-001' + } +} +``` + +
+

@@ -168,6 +184,9 @@ tags: { ```
+

+ +

Example 2: Parameters

@@ -177,7 +196,17 @@ tags: { module availabilitySets './Microsoft.Compute/availabilitySets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-availabilitySets' params: { - name: '<>-az-avs-min-001' + name: '<>-az-avs-x-001' + lock: 'CanNotDelete' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + proximityPlacementGroupId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/proximityPlacementGroups/adp-<>-az-ppg-x-001' } } ``` @@ -185,8 +214,6 @@ module availabilitySets './Microsoft.Compute/availabilitySets/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -219,30 +246,5 @@ module availabilitySets './Microsoft.Compute/availabilitySets/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module availabilitySets './Microsoft.Compute/availabilitySets/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-availabilitySets' - params: { - name: '<>-az-avs-x-001' - lock: 'CanNotDelete' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - proximityPlacementGroupId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/proximityPlacementGroups/adp-<>-az-ppg-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Compute/diskEncryptionSets/readme.md b/modules/Microsoft.Compute/diskEncryptionSets/readme.md index 7e22cabc31..2dd4546013 100644 --- a/modules/Microsoft.Compute/diskEncryptionSets/readme.md +++ b/modules/Microsoft.Compute/diskEncryptionSets/readme.md @@ -151,7 +151,33 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module diskEncryptionSets './Microsoft.Compute/diskEncryptionSets/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-diskEncryptionSets' + params: { + name: '<>-az-des-x-001' + keyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + keyName: 'keyEncryptionKey' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -185,30 +211,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module diskEncryptionSets './Microsoft.Compute/diskEncryptionSets/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-diskEncryptionSets' - params: { - name: '<>-az-des-x-001' - keyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - keyName: 'keyEncryptionKey' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Compute/disks/readme.md b/modules/Microsoft.Compute/disks/readme.md index 06951fb6aa..b49a72fe06 100644 --- a/modules/Microsoft.Compute/disks/readme.md +++ b/modules/Microsoft.Compute/disks/readme.md @@ -165,7 +165,34 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Image

+ +
+ +via Bicep module + +```bicep +module disks './Microsoft.Compute/disks/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-disks' + params: { + name: '<>-az-disk-image-001' + sku: 'Standard_LRS' + createOption: 'FromImage' + imageReferenceId: '/Subscriptions/<>/Providers/Microsoft.Compute/Locations/westeurope/Publishers/MicrosoftWindowsServer/ArtifactTypes/VMImage/Offers/WindowsServer/Skus/2016-Datacenter/Versions/14393.4906.2112080838' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -203,6 +230,9 @@ tags: { ```
+

+ +

Example 2: Import

@@ -212,10 +242,11 @@ tags: { module disks './Microsoft.Compute/disks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-disks' params: { - name: '<>-az-disk-image-001' + name: '<>-az-disk-import-001' sku: 'Standard_LRS' - createOption: 'FromImage' - imageReferenceId: '/Subscriptions/<>/Providers/Microsoft.Compute/Locations/westeurope/Publishers/MicrosoftWindowsServer/ArtifactTypes/VMImage/Offers/WindowsServer/Skus/2016-Datacenter/Versions/14393.4906.2112080838' + createOption: 'Import' + sourceUri: 'https://adp<>azsax001.blob.core.windows.net/vhds/adp-<>-az-imgt-x-001.vhd' + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' roleAssignments: [ { roleDefinitionIdOrName: 'Reader' @@ -231,8 +262,6 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -272,6 +301,9 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { ```
+

+ +

Example 3: Min

@@ -281,11 +313,9 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { module disks './Microsoft.Compute/disks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-disks' params: { - name: '<>-az-disk-import-001' + name: '<>-az-disk-min-001' sku: 'Standard_LRS' - createOption: 'Import' - sourceUri: 'https://adp<>azsax001.blob.core.windows.net/vhds/adp-<>-az-imgt-x-001.vhd' - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diskSizeGB: 1 roleAssignments: [ { roleDefinitionIdOrName: 'Reader' @@ -301,8 +331,6 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -336,6 +364,9 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { ```
+

+ +

Example 4: Parameters

@@ -345,9 +376,15 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { module disks './Microsoft.Compute/disks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-disks' params: { - name: '<>-az-disk-min-001' - sku: 'Standard_LRS' - diskSizeGB: 1 + name: '<>-az-disk-x-001' + lock: 'CanNotDelete' + sku: 'UltraSSD_LRS' + diskSizeGB: 128 + logicalSectorSize: 512 + diskIOPSReadWrite: 500 + diskMBpsReadWrite: 60 + osType: 'Windows' + publicNetworkAccess: 'Enabled' roleAssignments: [ { roleDefinitionIdOrName: 'Reader' @@ -363,8 +400,6 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = {

-

Example 4

-
via JSON Parameter file @@ -415,36 +450,5 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module disks './Microsoft.Compute/disks/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-disks' - params: { - name: '<>-az-disk-x-001' - lock: 'CanNotDelete' - sku: 'UltraSSD_LRS' - diskSizeGB: 128 - logicalSectorSize: 512 - diskIOPSReadWrite: 500 - diskMBpsReadWrite: 60 - osType: 'Windows' - publicNetworkAccess: 'Enabled' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Compute/galleries/readme.md b/modules/Microsoft.Compute/galleries/readme.md index 7ac821f3aa..9404c41b24 100644 --- a/modules/Microsoft.Compute/galleries/readme.md +++ b/modules/Microsoft.Compute/galleries/readme.md @@ -148,7 +148,62 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Images

+ +
+ +via Bicep module + +```bicep +module galleries './Microsoft.Compute/galleries/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-galleries' + params: { + name: '<>azsigweuimages001' + images: [ + { + name: '<>-az-imgd-x-003' + } + { + name: '<>-az-imgd-x-001' + osType: 'Windows' + osState: 'Generalized' + publisher: 'MicrosoftWindowsServer' + offer: 'WindowsServer' + sku: '2022-datacenter-azure-edition' + minRecommendedvCPUs: 2 + maxRecommendedvCPUs: 8 + minRecommendedMemory: 4 + maxRecommendedMemory: 16 + hyperVGeneration: 'V1' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + { + name: '<>-az-imgd-x-002' + osType: 'Linux' + osState: 'Generalized' + publisher: 'canonical' + offer: '0001-com-ubuntu-server-focal' + sku: '20_04-lts-gen2' + minRecommendedvCPUs: 1 + maxRecommendedvCPUs: 4 + minRecommendedMemory: 4 + maxRecommendedMemory: 32 + hyperVGeneration: 'V2' + } + ] + } +} +``` + +
+

@@ -208,6 +263,9 @@ tags: { ```
+

+ +

Example 2: Parameters

@@ -217,45 +275,15 @@ tags: { module galleries './Microsoft.Compute/galleries/deploy.bicep' = { name: '${uniqueString(deployment().name)}-galleries' params: { - name: '<>azsigweuimages001' - images: [ - { - name: '<>-az-imgd-x-003' - } + name: '<>azsigweux001' + lock: 'CanNotDelete' + roleAssignments: [ { - name: '<>-az-imgd-x-001' - osType: 'Windows' - osState: 'Generalized' - publisher: 'MicrosoftWindowsServer' - offer: 'WindowsServer' - sku: '2022-datacenter-azure-edition' - minRecommendedvCPUs: 2 - maxRecommendedvCPUs: 8 - minRecommendedMemory: 4 - maxRecommendedMemory: 16 - hyperVGeneration: 'V1' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' ] } - { - name: '<>-az-imgd-x-002' - osType: 'Linux' - osState: 'Generalized' - publisher: 'canonical' - offer: '0001-com-ubuntu-server-focal' - sku: '20_04-lts-gen2' - minRecommendedvCPUs: 1 - maxRecommendedvCPUs: 4 - minRecommendedMemory: 4 - maxRecommendedMemory: 32 - hyperVGeneration: 'V2' - } ] } } @@ -264,8 +292,6 @@ module galleries './Microsoft.Compute/galleries/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -295,29 +321,5 @@ module galleries './Microsoft.Compute/galleries/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module galleries './Microsoft.Compute/galleries/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-galleries' - params: { - name: '<>azsigweux001' - lock: 'CanNotDelete' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Compute/images/readme.md b/modules/Microsoft.Compute/images/readme.md index de9985b177..0ec5d6b7a9 100644 --- a/modules/Microsoft.Compute/images/readme.md +++ b/modules/Microsoft.Compute/images/readme.md @@ -149,7 +149,37 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module images './Microsoft.Compute/images/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-images' + params: { + name: '<>-az-img-x-001' + osAccountType: 'Premium_LRS' + osType: 'Windows' + osDiskBlobUri: 'https://adp<>azsax001.blob.core.windows.net/vhds/adp-<>-az-imgt-x-001.vhd' + osDiskCaching: 'ReadWrite' + zoneResilient: true + hyperVGeneration: 'V1' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -195,34 +225,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module images './Microsoft.Compute/images/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-images' - params: { - name: '<>-az-img-x-001' - osAccountType: 'Premium_LRS' - osType: 'Windows' - osDiskBlobUri: 'https://adp<>azsax001.blob.core.windows.net/vhds/adp-<>-az-imgt-x-001.vhd' - osDiskCaching: 'ReadWrite' - zoneResilient: true - hyperVGeneration: 'V1' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Compute/proximityPlacementGroups/readme.md b/modules/Microsoft.Compute/proximityPlacementGroups/readme.md index d9244bbe7b..8fef0a06d4 100644 --- a/modules/Microsoft.Compute/proximityPlacementGroups/readme.md +++ b/modules/Microsoft.Compute/proximityPlacementGroups/readme.md @@ -146,7 +146,32 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module proximityPlacementGroups './Microsoft.Compute/proximityPlacementGroups/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-proximityPlacementGroups' + params: { + name: '<>-az-ppg-x-001' + lock: 'CanNotDelete' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -177,29 +202,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module proximityPlacementGroups './Microsoft.Compute/proximityPlacementGroups/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-proximityPlacementGroups' - params: { - name: '<>-az-ppg-x-001' - lock: 'CanNotDelete' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md index 9499c2b043..d418c2c80f 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md @@ -873,7 +873,61 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Linux Min

+ +
+ +via Bicep module + +```bicep +module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-virtualMachineScaleSets' + params: { + name: '<>-scaleset-linux-min-001' + osDisk: { + createOption: 'fromImage' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + osType: 'Linux' + skuName: 'Standard_B2s' + imageReference: { + publisher: 'Canonical' + offer: 'UbuntuServer' + sku: '18.04-LTS' + version: 'latest' + } + adminUsername: 'scaleSetAdmin' + disablePasswordAuthentication: true + publicKeys: [ + { + path: '/home/scaleSetAdmin/.ssh/authorized_keys' + keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' + } + ] + nicConfigurations: [ + { + nicSuffix: '-nic01' + ipConfigurations: [ + { + name: 'ipconfig1' + properties: { + subnet: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002' + } + } + } + ] + } + ] + } +} +``` + +
+

@@ -946,6 +1000,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Linux

@@ -955,7 +1012,13 @@ userAssignedIdentities: { module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachineScaleSets' params: { - name: '<>-scaleset-linux-min-001' + name: '<>-scaleset-linux-001' + lock: 'CanNotDelete' + vmNamePrefix: 'vmsslinvm' + skuName: 'Standard_B2s' + skuCapacity: 1 + upgradePolicyMode: 'Manual' + vmPriority: 'Regular' osDisk: { createOption: 'fromImage' diskSizeGB: '128' @@ -963,8 +1026,17 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl storageAccountType: 'Premium_LRS' } } + availabilityZones: [ + '2' + ] + scaleSetFaultDomain: 1 + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + bootDiagnosticStorageAccountName: 'adp<>azsax001' osType: 'Linux' - skuName: 'Standard_B2s' + encryptionAtHost: false imageReference: { publisher: 'Canonical' offer: 'UbuntuServer' @@ -979,6 +1051,24 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' } ] + dataDisks: [ + { + caching: 'ReadOnly' + createOption: 'Empty' + diskSizeGB: '256' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + { + caching: 'ReadOnly' + createOption: 'Empty' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + ] nicConfigurations: [ { nicSuffix: '-nic01' @@ -994,6 +1084,53 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ] } ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + extensionMonitoringAgentConfig: { + enabled: true + } + extensionDependencyAgentConfig: { + enabled: true + } + extensionNetworkWatcherAgentConfig: { + enabled: true + } + extensionDiskEncryptionConfig: { + enabled: true + settings: { + EncryptionOperation: 'EnableEncryption' + KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' + KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' + KekVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + KeyEncryptionAlgorithm: 'RSA-OAEP' + VolumeType: 'All' + ResizeOSDisk: 'false' + } + } + extensionCustomScriptConfig: { + enabled: true + fileData: [ + { + uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + } + ] + protectedSettings: { + commandToExecute: 'sudo apt-get update' + } + } } } ``` @@ -1001,8 +1138,6 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl

-

Example 2

-
via JSON Parameter file @@ -1200,22 +1335,25 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ```
+

+ +

Example 3: Windows Min

via Bicep module ```bicep +resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { + name: 'adp-<>-az-kv-x-001' + scope: resourceGroup('<>','validation-rg') +} + module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachineScaleSets' params: { - name: '<>-scaleset-linux-001' - lock: 'CanNotDelete' - vmNamePrefix: 'vmsslinvm' + name: '<>-scaleset-win-min-001' skuName: 'Standard_B2s' - skuCapacity: 1 - upgradePolicyMode: 'Manual' - vmPriority: 'Regular' osDisk: { createOption: 'fromImage' diskSizeGB: '128' @@ -1223,49 +1361,15 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl storageAccountType: 'Premium_LRS' } } - availabilityZones: [ - '2' - ] - scaleSetFaultDomain: 1 - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - bootDiagnosticStorageAccountName: 'adp<>azsax001' - osType: 'Linux' - encryptionAtHost: false + osType: 'Windows' imageReference: { - publisher: 'Canonical' - offer: 'UbuntuServer' - sku: '18.04-LTS' + publisher: 'MicrosoftWindowsServer' + offer: 'WindowsServer' + sku: '2016-Datacenter' version: 'latest' } - adminUsername: 'scaleSetAdmin' - disablePasswordAuthentication: true - publicKeys: [ - { - path: '/home/scaleSetAdmin/.ssh/authorized_keys' - keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' - } - ] - dataDisks: [ - { - caching: 'ReadOnly' - createOption: 'Empty' - diskSizeGB: '256' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - { - caching: 'ReadOnly' - createOption: 'Empty' - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - ] + adminUsername: kv1.getSecret('adminUsername') + adminPassword: kv1.getSecret('adminPassword') nicConfigurations: [ { nicSuffix: '-nic01' @@ -1281,53 +1385,6 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ] } ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - extensionMonitoringAgentConfig: { - enabled: true - } - extensionDependencyAgentConfig: { - enabled: true - } - extensionNetworkWatcherAgentConfig: { - enabled: true - } - extensionDiskEncryptionConfig: { - enabled: true - settings: { - EncryptionOperation: 'EnableEncryption' - KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' - KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' - KekVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - KeyEncryptionAlgorithm: 'RSA-OAEP' - VolumeType: 'All' - ResizeOSDisk: 'false' - } - } - extensionCustomScriptConfig: { - enabled: true - fileData: [ - { - uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - } - ] - protectedSettings: { - commandToExecute: 'sudo apt-get update' - } - } } } ``` @@ -1335,8 +1392,6 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl

-

Example 3

-
via JSON Parameter file @@ -1410,6 +1465,9 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ```
+

+ +

Example 4: Windows

@@ -1424,8 +1482,17 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachineScaleSets' params: { - name: '<>-scaleset-win-min-001' + name: '<>-scaleset-win-001' + lock: 'CanNotDelete' + vmNamePrefix: 'vmsswinvm' skuName: 'Standard_B2s' + skuCapacity: 1 + upgradePolicyMode: 'Manual' + vmPriority: 'Regular' + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } osDisk: { createOption: 'fromImage' diskSizeGB: '128' @@ -1434,6 +1501,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } } osType: 'Windows' + encryptionAtHost: false imageReference: { publisher: 'MicrosoftWindowsServer' offer: 'WindowsServer' @@ -1457,6 +1525,74 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ] } ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + extensionAntiMalwareConfig: { + enabled: true + settings: { + AntimalwareEnabled: true + Exclusions: { + Extensions: '.log;.ldf' + Paths: 'D:\\IISlogs;D:\\DatabaseLogs' + Processes: 'mssence.svc' + } + RealtimeProtectionEnabled: true + ScheduledScanSettings: { + isEnabled: 'true' + scanType: 'Quick' + day: '7' + time: '120' + } + } + } + extensionMonitoringAgentConfig: { + enabled: true + } + extensionDependencyAgentConfig: { + enabled: true + } + extensionNetworkWatcherAgentConfig: { + enabled: true + } + extensionDiskEncryptionConfig: { + enabled: true + settings: { + EncryptionOperation: 'EnableEncryption' + KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' + KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' + KekVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + KeyEncryptionAlgorithm: 'RSA-OAEP' + VolumeType: 'All' + ResizeOSDisk: 'false' + } + } + extensionDSCConfig: { + enabled: true + } + extensionCustomScriptConfig: { + enabled: true + fileData: [ + { + uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + } + ] + protectedSettings: { + commandToExecute: 'powershell -ExecutionPolicy Unrestricted -Command \'& .\\scriptExtensionMasterInstaller.ps1\'' + } + } } } ``` @@ -1464,8 +1600,6 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl

-

Example 4

-
via JSON Parameter file @@ -1658,135 +1792,5 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } ``` -
- -
- -via Bicep module - -```bicep -resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { - name: 'adp-<>-az-kv-x-001' - scope: resourceGroup('<>','validation-rg') -} - -module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-virtualMachineScaleSets' - params: { - name: '<>-scaleset-win-001' - lock: 'CanNotDelete' - vmNamePrefix: 'vmsswinvm' - skuName: 'Standard_B2s' - skuCapacity: 1 - upgradePolicyMode: 'Manual' - vmPriority: 'Regular' - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - osDisk: { - createOption: 'fromImage' - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - osType: 'Windows' - encryptionAtHost: false - imageReference: { - publisher: 'MicrosoftWindowsServer' - offer: 'WindowsServer' - sku: '2016-Datacenter' - version: 'latest' - } - adminUsername: kv1.getSecret('adminUsername') - adminPassword: kv1.getSecret('adminPassword') - nicConfigurations: [ - { - nicSuffix: '-nic01' - ipConfigurations: [ - { - name: 'ipconfig1' - properties: { - subnet: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002' - } - } - } - ] - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - extensionAntiMalwareConfig: { - enabled: true - settings: { - AntimalwareEnabled: true - Exclusions: { - Extensions: '.log;.ldf' - Paths: 'D:\\IISlogs;D:\\DatabaseLogs' - Processes: 'mssence.svc' - } - RealtimeProtectionEnabled: true - ScheduledScanSettings: { - isEnabled: 'true' - scanType: 'Quick' - day: '7' - time: '120' - } - } - } - extensionMonitoringAgentConfig: { - enabled: true - } - extensionDependencyAgentConfig: { - enabled: true - } - extensionNetworkWatcherAgentConfig: { - enabled: true - } - extensionDiskEncryptionConfig: { - enabled: true - settings: { - EncryptionOperation: 'EnableEncryption' - KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' - KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' - KekVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - KeyEncryptionAlgorithm: 'RSA-OAEP' - VolumeType: 'All' - ResizeOSDisk: 'false' - } - } - extensionDSCConfig: { - enabled: true - } - extensionCustomScriptConfig: { - enabled: true - fileData: [ - { - uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - } - ] - protectedSettings: { - commandToExecute: 'powershell -ExecutionPolicy Unrestricted -Command \'& .\\scriptExtensionMasterInstaller.ps1\'' - } - } - } -} -``` -

diff --git a/modules/Microsoft.Compute/virtualMachines/readme.md b/modules/Microsoft.Compute/virtualMachines/readme.md index 9439d45942..9b201dd8e9 100644 --- a/modules/Microsoft.Compute/virtualMachines/readme.md +++ b/modules/Microsoft.Compute/virtualMachines/readme.md @@ -1000,7 +1000,60 @@ For further details on automanage please refer to [Automanage virtual machines]( ## Deployment examples -

Example 1

+

Example 1: Linux Autmg

+ +
+ +via Bicep module + +```bicep +module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-virtualMachines' + params: { + name: '<>-vm-linux-autmg-01' + osType: 'Linux' + imageReference: { + publisher: 'Canonical' + offer: 'UbuntuServer' + sku: '18.04-LTS' + version: 'latest' + } + osDisk: { + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + vmSize: 'Standard_B12ms' + adminUsername: 'localAdminUser' + disablePasswordAuthentication: true + publicKeys: [ + { + path: '/home/localAdminUser/.ssh/authorized_keys' + keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' + } + ] + nicConfigurations: [ + { + nicSuffix: '-nic-01' + ipConfigurations: [ + { + name: 'ipconfig01' + subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' + pipConfiguration: { + publicIpNameSuffix: '-pip-01' + } + } + ] + } + ] + configurationProfile: '/providers/Microsoft.Automanage/bestPractices/AzureBestPracticesProduction' + } +} +``` + +
+

@@ -1074,6 +1127,9 @@ For further details on automanage please refer to [Automanage virtual machines]( ```
+

+ +

Example 2: Linux Min

@@ -1083,7 +1139,7 @@ For further details on automanage please refer to [Automanage virtual machines]( module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { - name: '<>-vm-linux-autmg-01' + name: '<>-vm-linux-min-01' osType: 'Linux' imageReference: { publisher: 'Canonical' @@ -1120,7 +1176,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ] } ] - configurationProfile: '/providers/Microsoft.Automanage/bestPractices/AzureBestPracticesProduction' } } ``` @@ -1128,8 +1183,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -1199,6 +1252,9 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ```
+

+ +

Example 3: Linux

@@ -1208,8 +1264,16 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { - name: '<>-vm-linux-min-01' + name: '<>-vm-linux-01' + lock: 'CanNotDelete' + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } osType: 'Linux' + encryptionAtHost: false + availabilityZone: 1 + vmSize: 'Standard_B12ms' imageReference: { publisher: 'Canonical' offer: 'UbuntuServer' @@ -1217,12 +1281,34 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { version: 'latest' } osDisk: { + createOption: 'fromImage' + deleteOption: 'Delete' + caching: 'ReadOnly' diskSizeGB: '128' managedDisk: { storageAccountType: 'Premium_LRS' } } - vmSize: 'Standard_B12ms' + dataDisks: [ + { + createOption: 'Empty' + deleteOption: 'Delete' + caching: 'ReadWrite' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + { + createOption: 'Empty' + deleteOption: 'Delete' + caching: 'ReadWrite' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + ] adminUsername: 'localAdminUser' disablePasswordAuthentication: true publicKeys: [ @@ -1234,17 +1320,98 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { nicConfigurations: [ { nicSuffix: '-nic-01' + deleteOption: 'Delete' ipConfigurations: [ { name: 'ipconfig01' subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' pipConfiguration: { publicIpNameSuffix: '-pip-01' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] } + loadBalancerBackendAddressPools: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers' + } + ] + applicationSecurityGroups: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' + } + ] + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] } ] } ] + backupVaultName: 'adp-<>-az-rsv-x-001' + backupVaultResourceGroup: 'validation-rg' + backupPolicyName: 'VMpolicy' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + extensionMonitoringAgentConfig: { + enabled: true + } + monitoringWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + extensionDependencyAgentConfig: { + enabled: true + } + extensionNetworkWatcherAgentConfig: { + enabled: true + } + extensionDiskEncryptionConfig: { + enabled: true + settings: { + EncryptionOperation: 'EnableEncryption' + KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' + KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' + KekVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + KeyEncryptionAlgorithm: 'RSA-OAEP' + VolumeType: 'All' + ResizeOSDisk: 'false' + } + } + extensionDSCConfig: { + enabled: false + } + extensionCustomScriptConfig: { + enabled: true + fileData: [ + { + uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + } + ] + } + extensionCustomScriptProtectedSetting: { + commandToExecute: 'sudo apt-get update' + } } } ``` @@ -1252,8 +1419,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -1480,163 +1645,52 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ```
+

+ +

Example 4: Windows Autmg

via Bicep module ```bicep +resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { + name: 'adp-<>-az-kv-x-001' + scope: resourceGroup('<>','validation-rg') +} + module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { - name: '<>-vm-linux-01' - lock: 'CanNotDelete' - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - osType: 'Linux' - encryptionAtHost: false - availabilityZone: 1 - vmSize: 'Standard_B12ms' + name: '<>-vm-win-03' imageReference: { - publisher: 'Canonical' - offer: 'UbuntuServer' - sku: '18.04-LTS' + publisher: 'MicrosoftWindowsServer' + offer: 'WindowsServer' + sku: '2019-Datacenter' version: 'latest' } + osType: 'Windows' + vmSize: 'Standard_B12ms' osDisk: { - createOption: 'fromImage' - deleteOption: 'Delete' - caching: 'ReadOnly' diskSizeGB: '128' managedDisk: { storageAccountType: 'Premium_LRS' } } - dataDisks: [ - { - createOption: 'Empty' - deleteOption: 'Delete' - caching: 'ReadWrite' - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - { - createOption: 'Empty' - deleteOption: 'Delete' - caching: 'ReadWrite' - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - ] adminUsername: 'localAdminUser' - disablePasswordAuthentication: true - publicKeys: [ - { - path: '/home/localAdminUser/.ssh/authorized_keys' - keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' - } - ] + adminPassword: kv1.getSecret('adminPassword') nicConfigurations: [ { nicSuffix: '-nic-01' - deleteOption: 'Delete' ipConfigurations: [ { name: 'ipconfig01' subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' - pipConfiguration: { - publicIpNameSuffix: '-pip-01' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - loadBalancerBackendAddressPools: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers' - } - ] - applicationSecurityGroups: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' - } - ] - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] } ] } ] - backupVaultName: 'adp-<>-az-rsv-x-001' - backupVaultResourceGroup: 'validation-rg' - backupPolicyName: 'VMpolicy' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - extensionMonitoringAgentConfig: { - enabled: true - } - monitoringWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - extensionDependencyAgentConfig: { - enabled: true - } - extensionNetworkWatcherAgentConfig: { - enabled: true - } - extensionDiskEncryptionConfig: { - enabled: true - settings: { - EncryptionOperation: 'EnableEncryption' - KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' - KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' - KekVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - KeyEncryptionAlgorithm: 'RSA-OAEP' - VolumeType: 'All' - ResizeOSDisk: 'false' - } - } - extensionDSCConfig: { - enabled: false - } - extensionCustomScriptConfig: { - enabled: true - fileData: [ - { - uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - } - ] - } - extensionCustomScriptProtectedSetting: { - commandToExecute: 'sudo apt-get update' - } + configurationProfile: '/providers/Microsoft.Automanage/bestPractices/AzureBestPracticesProduction' } } ``` @@ -1644,8 +1698,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = {

-

Example 4

-
via JSON Parameter file @@ -1712,6 +1764,9 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ```
+

+ +

Example 5: Windows Min

@@ -1726,11 +1781,11 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { - name: '<>-vm-win-03' + name: '<>-vm-win-02' imageReference: { publisher: 'MicrosoftWindowsServer' offer: 'WindowsServer' - sku: '2019-Datacenter' + sku: '2022-datacenter-azure-edition' version: 'latest' } osType: 'Windows' @@ -1754,7 +1809,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ] } ] - configurationProfile: '/providers/Microsoft.Automanage/bestPractices/AzureBestPracticesProduction' } } ``` @@ -1762,8 +1816,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = {

-

Example 5

-
via JSON Parameter file @@ -1827,6 +1879,9 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ```
+

+ +

Example 6: Windows

@@ -1841,34 +1896,166 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { - name: '<>-vm-win-02' + name: '<>-vm-win-01' + lock: 'CanNotDelete' + encryptionAtHost: false imageReference: { publisher: 'MicrosoftWindowsServer' offer: 'WindowsServer' - sku: '2022-datacenter-azure-edition' + sku: '2019-Datacenter' version: 'latest' } osType: 'Windows' vmSize: 'Standard_B12ms' osDisk: { + createOption: 'fromImage' + deleteOption: 'Delete' + caching: 'None' diskSizeGB: '128' managedDisk: { storageAccountType: 'Premium_LRS' } } + dataDisks: [ + { + createOption: 'Empty' + deleteOption: 'Delete' + caching: 'None' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + { + createOption: 'Empty' + deleteOption: 'Delete' + caching: 'None' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + ] + availabilityZone: 2 adminUsername: 'localAdminUser' adminPassword: kv1.getSecret('adminPassword') nicConfigurations: [ { nicSuffix: '-nic-01' + deleteOption: 'Delete' ipConfigurations: [ { name: 'ipconfig01' subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' + pipConfiguration: { + publicIpNameSuffix: '-pip-01' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + loadBalancerBackendAddressPools: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers' + } + ] + applicationSecurityGroups: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' + } + ] + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] } ] } ] + backupVaultName: 'adp-<>-az-rsv-x-001' + backupVaultResourceGroup: 'validation-rg' + backupPolicyName: 'VMpolicy' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + extensionAntiMalwareConfig: { + enabled: true + settings: { + AntimalwareEnabled: 'true' + Exclusions: { + Extensions: '.ext1;.ext2' + Paths: 'c:\\excluded-path-1;c:\\excluded-path-2' + Processes: 'excludedproc1.exe;excludedproc2.exe' + } + RealtimeProtectionEnabled: 'true' + ScheduledScanSettings: { + isEnabled: 'true' + scanType: 'Quick' + day: '7' + time: '120' + } + } + } + extensionMonitoringAgentConfig: { + enabled: true + } + monitoringWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + extensionDependencyAgentConfig: { + enabled: true + } + extensionNetworkWatcherAgentConfig: { + enabled: true + } + extensionDiskEncryptionConfig: { + enabled: true + settings: { + EncryptionOperation: 'EnableEncryption' + KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' + KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' + KekVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + KeyEncryptionAlgorithm: 'RSA-OAEP' + VolumeType: 'All' + ResizeOSDisk: 'false' + } + } + extensionDSCConfig: { + enabled: true + } + extensionCustomScriptConfig: { + enabled: true + fileData: [ + { + uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + } + ] + } + extensionCustomScriptProtectedSetting: { + commandToExecute: 'powershell -ExecutionPolicy Unrestricted -Command \'& .\\scriptExtensionMasterInstaller.ps1\'' + } } } ``` @@ -1876,8 +2063,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = {

-

Example 6

-
via JSON Parameter file @@ -2120,184 +2305,5 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { - name: 'adp-<>-az-kv-x-001' - scope: resourceGroup('<>','validation-rg') -} - -module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-virtualMachines' - params: { - name: '<>-vm-win-01' - lock: 'CanNotDelete' - encryptionAtHost: false - imageReference: { - publisher: 'MicrosoftWindowsServer' - offer: 'WindowsServer' - sku: '2019-Datacenter' - version: 'latest' - } - osType: 'Windows' - vmSize: 'Standard_B12ms' - osDisk: { - createOption: 'fromImage' - deleteOption: 'Delete' - caching: 'None' - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - dataDisks: [ - { - createOption: 'Empty' - deleteOption: 'Delete' - caching: 'None' - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - { - createOption: 'Empty' - deleteOption: 'Delete' - caching: 'None' - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - ] - availabilityZone: 2 - adminUsername: 'localAdminUser' - adminPassword: kv1.getSecret('adminPassword') - nicConfigurations: [ - { - nicSuffix: '-nic-01' - deleteOption: 'Delete' - ipConfigurations: [ - { - name: 'ipconfig01' - subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' - pipConfiguration: { - publicIpNameSuffix: '-pip-01' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - loadBalancerBackendAddressPools: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers' - } - ] - applicationSecurityGroups: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' - } - ] - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - ] - backupVaultName: 'adp-<>-az-rsv-x-001' - backupVaultResourceGroup: 'validation-rg' - backupPolicyName: 'VMpolicy' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - extensionAntiMalwareConfig: { - enabled: true - settings: { - AntimalwareEnabled: 'true' - Exclusions: { - Extensions: '.ext1;.ext2' - Paths: 'c:\\excluded-path-1;c:\\excluded-path-2' - Processes: 'excludedproc1.exe;excludedproc2.exe' - } - RealtimeProtectionEnabled: 'true' - ScheduledScanSettings: { - isEnabled: 'true' - scanType: 'Quick' - day: '7' - time: '120' - } - } - } - extensionMonitoringAgentConfig: { - enabled: true - } - monitoringWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - extensionDependencyAgentConfig: { - enabled: true - } - extensionNetworkWatcherAgentConfig: { - enabled: true - } - extensionDiskEncryptionConfig: { - enabled: true - settings: { - EncryptionOperation: 'EnableEncryption' - KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' - KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' - KekVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - KeyEncryptionAlgorithm: 'RSA-OAEP' - VolumeType: 'All' - ResizeOSDisk: 'false' - } - } - extensionDSCConfig: { - enabled: true - } - extensionCustomScriptConfig: { - enabled: true - fileData: [ - { - uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - } - ] - } - extensionCustomScriptProtectedSetting: { - commandToExecute: 'powershell -ExecutionPolicy Unrestricted -Command \'& .\\scriptExtensionMasterInstaller.ps1\'' - } - } -} -``` -

diff --git a/modules/Microsoft.Consumption/budgets/readme.md b/modules/Microsoft.Consumption/budgets/readme.md index 006419b774..f76df49499 100644 --- a/modules/Microsoft.Consumption/budgets/readme.md +++ b/modules/Microsoft.Consumption/budgets/readme.md @@ -48,7 +48,33 @@ This module deploys budgets for subscriptions. ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module budgets './Microsoft.Consumption/budgets/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-budgets' + params: { + amount: 500 + thresholds: [ + 50 + 75 + 90 + 100 + 110 + ] + contactEmails: [ + 'dummy@contoso.com' + ] + } +} +``` + +
+

@@ -80,30 +106,5 @@ This module deploys budgets for subscriptions. } ``` -
- -
- -via Bicep module - -```bicep -module budgets './Microsoft.Consumption/budgets/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-budgets' - params: { - amount: 500 - thresholds: [ - 50 - 75 - 90 - 100 - 110 - ] - contactEmails: [ - 'dummy@contoso.com' - ] - } -} -``` -

diff --git a/modules/Microsoft.ContainerInstance/containerGroups/readme.md b/modules/Microsoft.ContainerInstance/containerGroups/readme.md index aa5719fbd0..a63ecc8a85 100644 --- a/modules/Microsoft.ContainerInstance/containerGroups/readme.md +++ b/modules/Microsoft.ContainerInstance/containerGroups/readme.md @@ -170,7 +170,40 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module containerGroups './Microsoft.ContainerInstance/containerGroups/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-containerGroups' + params: { + name: '<>-az-acg-x-001' + lock: 'CanNotDelete' + containerName: '<>-az-aci-x-001' + image: 'mcr.microsoft.com/azuredocs/aci-helloworld' + ports: [ + { + protocol: 'Tcp' + port: '80' + } + { + protocol: 'Tcp' + port: '443' + } + ] + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + } +} +``` + +
+

@@ -217,37 +250,5 @@ userAssignedIdentities: { } ``` -
- -
- -via Bicep module - -```bicep -module containerGroups './Microsoft.ContainerInstance/containerGroups/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-containerGroups' - params: { - name: '<>-az-acg-x-001' - lock: 'CanNotDelete' - containerName: '<>-az-aci-x-001' - image: 'mcr.microsoft.com/azuredocs/aci-helloworld' - ports: [ - { - protocol: 'Tcp' - port: '80' - } - { - protocol: 'Tcp' - port: '443' - } - ] - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - } -} -``` -

diff --git a/modules/Microsoft.ContainerRegistry/registries/readme.md b/modules/Microsoft.ContainerRegistry/registries/readme.md index e13a5836bc..75d9203bcb 100644 --- a/modules/Microsoft.ContainerRegistry/registries/readme.md +++ b/modules/Microsoft.ContainerRegistry/registries/readme.md @@ -330,7 +330,31 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Encr

+ +
+ +via Bicep module + +```bicep +module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-registries' + params: { + name: '<>azacrencr001' + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + publicNetworkAccess: 'Disabled' + acrSku: 'Premium' + cMKUserAssignedIdentityResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' + cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' + cMKKeyName: 'keyEncryptionKey' + } +} +``` + +
+

@@ -369,6 +393,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Min

@@ -378,15 +405,7 @@ userAssignedIdentities: { module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { name: '${uniqueString(deployment().name)}-registries' params: { - name: '<>azacrencr001' - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - publicNetworkAccess: 'Disabled' - acrSku: 'Premium' - cMKUserAssignedIdentityResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' - cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' - cMKKeyName: 'keyEncryptionKey' + name: '<>azacrmin001' } } ``` @@ -394,8 +413,6 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -413,6 +430,9 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { ```
+

+ +

Example 3: Parameters

@@ -422,7 +442,49 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { name: '${uniqueString(deployment().name)}-registries' params: { - name: '<>azacrmin001' + name: '<>azacrx001' + lock: 'CanNotDelete' + acrAdminUserEnabled: false + acrSku: 'Premium' + exportPolicyStatus: 'enabled' + quarantinePolicyStatus: 'enabled' + trustPolicyStatus: 'enabled' + replications: [ + { + name: 'northeurope' + location: 'northeurope' + } + ] + webhooks: [ + { + name: '<>azacrx001webhook' + serviceUri: 'https://www.contoso.com/webhook' + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + publicNetworkAccess: 'Disabled' + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'registry' + } + ] } } ``` @@ -430,8 +492,6 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -526,62 +586,5 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-registries' - params: { - name: '<>azacrx001' - lock: 'CanNotDelete' - acrAdminUserEnabled: false - acrSku: 'Premium' - exportPolicyStatus: 'enabled' - quarantinePolicyStatus: 'enabled' - trustPolicyStatus: 'enabled' - replications: [ - { - name: 'northeurope' - location: 'northeurope' - } - ] - webhooks: [ - { - name: '<>azacrx001webhook' - serviceUri: 'https://www.contoso.com/webhook' - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - publicNetworkAccess: 'Disabled' - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'registry' - } - ] - } -} -``` -

diff --git a/modules/Microsoft.ContainerService/managedClusters/readme.md b/modules/Microsoft.ContainerService/managedClusters/readme.md index 8b924369b1..3d7978ede7 100644 --- a/modules/Microsoft.ContainerService/managedClusters/readme.md +++ b/modules/Microsoft.ContainerService/managedClusters/readme.md @@ -359,7 +359,113 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Azure

+ +
+ +via Bicep module + +```bicep +module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-managedClusters' + params: { + name: '<>-az-aks-azure-001' + lock: 'CanNotDelete' + diskEncryptionSetID: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/diskEncryptionSets/adp-<>-az-des-x-001' + primaryAgentPoolProfile: [ + { + name: 'systempool' + osDiskSizeGB: 0 + count: 1 + enableAutoScaling: true + minCount: 1 + maxCount: 3 + vmSize: 'Standard_DS2_v2' + osType: 'Linux' + storageProfile: 'ManagedDisks' + type: 'VirtualMachineScaleSets' + mode: 'System' + vnetSubnetID: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Primary' + serviceCidr: '' + maxPods: 30 + availabilityZones: [ + '1' + ] + } + ] + aksClusterNetworkPlugin: 'azure' + agentPools: [ + { + name: 'userpool1' + vmSize: 'Standard_DS2_v2' + osDiskSizeGB: 128 + count: 2 + osType: 'Linux' + maxCount: 3 + minCount: 1 + enableAutoScaling: true + scaleSetPriority: 'Regular' + scaleSetEvictionPolicy: 'Delete' + nodeLabels: {} + nodeTaints: [ + 'CriticalAddonsOnly=true:NoSchedule' + ] + type: 'VirtualMachineScaleSets' + availabilityZones: [ + '1' + ] + minPods: 2 + maxPods: 30 + storageProfile: 'ManagedDisks' + mode: 'User' + vnetSubnetID: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Secondary' + } + { + name: 'userpool2' + vmSize: 'Standard_DS2_v2' + osDiskSizeGB: 128 + count: 2 + osType: 'Linux' + maxCount: 3 + minCount: 1 + enableAutoScaling: true + scaleSetPriority: 'Regular' + scaleSetEvictionPolicy: 'Delete' + nodeLabels: {} + nodeTaints: [ + 'CriticalAddonsOnly=true:NoSchedule' + ] + type: 'VirtualMachineScaleSets' + availabilityZones: [ + '1' + ] + minPods: 2 + maxPods: 30 + storageProfile: 'ManagedDisks' + mode: 'User' + vnetSubnetID: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Tertiary' + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + systemAssignedIdentity: true + } +} +``` + +
+

@@ -492,6 +598,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Kubenet

@@ -501,9 +610,7 @@ userAssignedIdentities: { module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bicep' = { name: '${uniqueString(deployment().name)}-managedClusters' params: { - name: '<>-az-aks-azure-001' - lock: 'CanNotDelete' - diskEncryptionSetID: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/diskEncryptionSets/adp-<>-az-des-x-001' + name: '<>-az-aks-kubenet-001' primaryAgentPoolProfile: [ { name: 'systempool' @@ -517,7 +624,6 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice storageProfile: 'ManagedDisks' type: 'VirtualMachineScaleSets' mode: 'System' - vnetSubnetID: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Primary' serviceCidr: '' maxPods: 30 availabilityZones: [ @@ -525,7 +631,7 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice ] } ] - aksClusterNetworkPlugin: 'azure' + aksClusterNetworkPlugin: 'kubenet' agentPools: [ { name: 'userpool1' @@ -550,7 +656,6 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice maxPods: 30 storageProfile: 'ManagedDisks' mode: 'User' - vnetSubnetID: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Secondary' } { name: 'userpool2' @@ -575,7 +680,6 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice maxPods: 30 storageProfile: 'ManagedDisks' mode: 'User' - vnetSubnetID: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Tertiary' } ] roleAssignments: [ @@ -591,7 +695,9 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' - systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } } } ``` @@ -599,8 +705,6 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice

-

Example 2

-
via JSON Parameter file @@ -724,107 +828,5 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice } ``` -
- -
- -via Bicep module - -```bicep -module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-managedClusters' - params: { - name: '<>-az-aks-kubenet-001' - primaryAgentPoolProfile: [ - { - name: 'systempool' - osDiskSizeGB: 0 - count: 1 - enableAutoScaling: true - minCount: 1 - maxCount: 3 - vmSize: 'Standard_DS2_v2' - osType: 'Linux' - storageProfile: 'ManagedDisks' - type: 'VirtualMachineScaleSets' - mode: 'System' - serviceCidr: '' - maxPods: 30 - availabilityZones: [ - '1' - ] - } - ] - aksClusterNetworkPlugin: 'kubenet' - agentPools: [ - { - name: 'userpool1' - vmSize: 'Standard_DS2_v2' - osDiskSizeGB: 128 - count: 2 - osType: 'Linux' - maxCount: 3 - minCount: 1 - enableAutoScaling: true - scaleSetPriority: 'Regular' - scaleSetEvictionPolicy: 'Delete' - nodeLabels: {} - nodeTaints: [ - 'CriticalAddonsOnly=true:NoSchedule' - ] - type: 'VirtualMachineScaleSets' - availabilityZones: [ - '1' - ] - minPods: 2 - maxPods: 30 - storageProfile: 'ManagedDisks' - mode: 'User' - } - { - name: 'userpool2' - vmSize: 'Standard_DS2_v2' - osDiskSizeGB: 128 - count: 2 - osType: 'Linux' - maxCount: 3 - minCount: 1 - enableAutoScaling: true - scaleSetPriority: 'Regular' - scaleSetEvictionPolicy: 'Delete' - nodeLabels: {} - nodeTaints: [ - 'CriticalAddonsOnly=true:NoSchedule' - ] - type: 'VirtualMachineScaleSets' - availabilityZones: [ - '1' - ] - minPods: 2 - maxPods: 30 - storageProfile: 'ManagedDisks' - mode: 'User' - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - } -} -``` -

diff --git a/modules/Microsoft.DataFactory/factories/readme.md b/modules/Microsoft.DataFactory/factories/readme.md index be5e3ef51e..bbd0f5fd2d 100644 --- a/modules/Microsoft.DataFactory/factories/readme.md +++ b/modules/Microsoft.DataFactory/factories/readme.md @@ -277,7 +277,54 @@ privateEndpoints: [ ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module factories './Microsoft.DataFactory/factories/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-factories' + params: { + name: '<>-adf-001' + lock: 'CanNotDelete' + managedVirtualNetworkName: 'default' + integrationRuntime: { + name: 'AutoResolveIntegrationRuntime' + type: 'Managed' + managedVirtualNetworkName: 'default' + typeProperties: { + computeProperties: { + location: 'AutoResolve' + } + } + } + publicNetworkAccess: true + gitConfigureLater: true + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + } +} +``` + +
+

@@ -352,51 +399,5 @@ privateEndpoints: [ } ``` -
- -
- -via Bicep module - -```bicep -module factories './Microsoft.DataFactory/factories/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-factories' - params: { - name: '<>-adf-001' - lock: 'CanNotDelete' - managedVirtualNetworkName: 'default' - integrationRuntime: { - name: 'AutoResolveIntegrationRuntime' - type: 'Managed' - managedVirtualNetworkName: 'default' - typeProperties: { - computeProperties: { - location: 'AutoResolve' - } - } - } - publicNetworkAccess: true - gitConfigureLater: true - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - } -} -``` -

diff --git a/modules/Microsoft.DataProtection/backupVaults/readme.md b/modules/Microsoft.DataProtection/backupVaults/readme.md index edf22bb233..9567072b92 100644 --- a/modules/Microsoft.DataProtection/backupVaults/readme.md +++ b/modules/Microsoft.DataProtection/backupVaults/readme.md @@ -332,7 +332,23 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module backupVaults './Microsoft.DataProtection/backupVaults/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-backupVaults' + params: { + name: '<>-az-bv-min-001' + } +} +``` + +
+

@@ -351,6 +367,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Parameters

@@ -360,7 +379,70 @@ userAssignedIdentities: { module backupVaults './Microsoft.DataProtection/backupVaults/deploy.bicep' = { name: '${uniqueString(deployment().name)}-backupVaults' params: { - name: '<>-az-bv-min-001' + name: '<>-az-bv-x-001' + lock: 'CanNotDelete' + backupPolicies: [ + { + name: 'DefaultPolicy' + properties: { + policyRules: [ + { + backupParameters: { + backupType: 'Incremental' + objectType: 'AzureBackupParams' + } + trigger: { + schedule: { + repeatingTimeIntervals: [ + 'R/2022-05-31T23:30:00+01:00/P1D' + ] + timeZone: 'W. Europe Standard Time' + } + taggingCriteria: [ + { + tagInfo: { + tagName: 'Default' + id: 'Default_' + } + taggingPriority: 99 + isDefault: true + } + ] + objectType: 'ScheduleBasedTriggerContext' + } + dataStore: { + dataStoreType: 'OperationalStore' + objectType: 'DataStoreInfoBase' + } + name: 'BackupDaily' + objectType: 'AzureBackupRule' + } + { + lifecycles: [ + { + deleteAfter: { + objectType: 'AbsoluteDeleteOption' + duration: 'P7D' + } + targetDataStoreCopySettings: [] + sourceDataStore: { + dataStoreType: 'OperationalStore' + objectType: 'DataStoreInfoBase' + } + } + ] + isDefault: true + name: 'Default' + objectType: 'AzureRetentionRule' + } + ] + datasourceTypes: [ + 'Microsoft.Compute/disks' + ] + objectType: 'BackupPolicy' + } + } + ] } } ``` @@ -368,8 +450,6 @@ module backupVaults './Microsoft.DataProtection/backupVaults/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -453,83 +533,5 @@ module backupVaults './Microsoft.DataProtection/backupVaults/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module backupVaults './Microsoft.DataProtection/backupVaults/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-backupVaults' - params: { - name: '<>-az-bv-x-001' - lock: 'CanNotDelete' - backupPolicies: [ - { - name: 'DefaultPolicy' - properties: { - policyRules: [ - { - backupParameters: { - backupType: 'Incremental' - objectType: 'AzureBackupParams' - } - trigger: { - schedule: { - repeatingTimeIntervals: [ - 'R/2022-05-31T23:30:00+01:00/P1D' - ] - timeZone: 'W. Europe Standard Time' - } - taggingCriteria: [ - { - tagInfo: { - tagName: 'Default' - id: 'Default_' - } - taggingPriority: 99 - isDefault: true - } - ] - objectType: 'ScheduleBasedTriggerContext' - } - dataStore: { - dataStoreType: 'OperationalStore' - objectType: 'DataStoreInfoBase' - } - name: 'BackupDaily' - objectType: 'AzureBackupRule' - } - { - lifecycles: [ - { - deleteAfter: { - objectType: 'AbsoluteDeleteOption' - duration: 'P7D' - } - targetDataStoreCopySettings: [] - sourceDataStore: { - dataStoreType: 'OperationalStore' - objectType: 'DataStoreInfoBase' - } - } - ] - isDefault: true - name: 'Default' - objectType: 'AzureRetentionRule' - } - ] - datasourceTypes: [ - 'Microsoft.Compute/disks' - ] - objectType: 'BackupPolicy' - } - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Databricks/workspaces/readme.md b/modules/Microsoft.Databricks/workspaces/readme.md index 62d8ce9f44..77984855b8 100644 --- a/modules/Microsoft.Databricks/workspaces/readme.md +++ b/modules/Microsoft.Databricks/workspaces/readme.md @@ -219,7 +219,37 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module workspaces './Microsoft.Databricks/workspaces/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-workspaces' + params: { + name: '<>-az-adb-x-001' + lock: 'CanNotDelete' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } +} +``` + +
+

@@ -265,34 +295,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module workspaces './Microsoft.Databricks/workspaces/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-workspaces' - params: { - name: '<>-az-adb-x-001' - lock: 'CanNotDelete' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md index 9a6d1250f1..0061b8b9e8 100644 --- a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md +++ b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md @@ -159,7 +159,25 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-applicationgroups' + params: { + name: '<>-az-avdag-min-001' + applicationGroupType: 'RemoteApp' + hostpoolName: 'adp-<>-az-avdhp-x-001' + } +} +``` + +
+

@@ -184,6 +202,9 @@ tags: { ```
+

+ +

Example 2: Parameters

@@ -193,9 +214,44 @@ tags: { module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-applicationgroups' params: { - name: '<>-az-avdag-min-001' + name: '<>-az-avdag-x-001' + lock: 'CanNotDelete' + location: 'westeurope' applicationGroupType: 'RemoteApp' hostpoolName: 'adp-<>-az-avdhp-x-001' + friendlyName: 'Remote Applications 1' + description: 'This is my first Remote Applications bundle' + applications: [ + { + name: 'notepad' + description: 'Notepad by ARM template' + friendlyName: 'Notepad' + filePath: 'C:\\Windows\\System32\\notepad.exe' + commandLineSetting: 'DoNotAllow' + commandLineArguments: '' + showInPortal: true + iconPath: 'C:\\Windows\\System32\\notepad.exe' + iconIndex: 0 + } + { + name: 'wordpad' + filePath: 'C:\\Program Files\\Windows NT\\Accessories\\wordpad.exe' + friendlyName: 'Wordpad' + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -203,8 +259,6 @@ module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/de

-

Example 2

-
via JSON Parameter file @@ -284,57 +338,5 @@ module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/de } ``` -
- -
- -via Bicep module - -```bicep -module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-applicationgroups' - params: { - name: '<>-az-avdag-x-001' - lock: 'CanNotDelete' - location: 'westeurope' - applicationGroupType: 'RemoteApp' - hostpoolName: 'adp-<>-az-avdhp-x-001' - friendlyName: 'Remote Applications 1' - description: 'This is my first Remote Applications bundle' - applications: [ - { - name: 'notepad' - description: 'Notepad by ARM template' - friendlyName: 'Notepad' - filePath: 'C:\\Windows\\System32\\notepad.exe' - commandLineSetting: 'DoNotAllow' - commandLineArguments: '' - showInPortal: true - iconPath: 'C:\\Windows\\System32\\notepad.exe' - iconIndex: 0 - } - { - name: 'wordpad' - filePath: 'C:\\Program Files\\Windows NT\\Accessories\\wordpad.exe' - friendlyName: 'Wordpad' - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.DesktopVirtualization/hostpools/readme.md b/modules/Microsoft.DesktopVirtualization/hostpools/readme.md index bf7c03291f..df3760221c 100644 --- a/modules/Microsoft.DesktopVirtualization/hostpools/readme.md +++ b/modules/Microsoft.DesktopVirtualization/hostpools/readme.md @@ -255,7 +255,62 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module hostpools './Microsoft.DesktopVirtualization/hostpools/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-hostpools' + params: { + name: '<>-az-avdhp-x-001' + lock: 'CanNotDelete' + location: 'westeurope' + hostpoolFriendlyName: 'AVDv2' + hostpoolDescription: 'My first AVD Host Pool' + hostpoolType: 'Pooled' + personalDesktopAssignmentType: 'Automatic' + maxSessionLimit: 99999 + loadBalancerType: 'BreadthFirst' + customRdpProperty: 'audiocapturemode:i:1;audiomode:i:0;drivestoredirect:s:;redirectclipboard:i:1;redirectcomports:i:1;redirectprinters:i:1;redirectsmartcards:i:1;screen mode id:i:2;' + vmTemplate: { + domain: 'domainname.onmicrosoft.com' + galleryImageOffer: 'office-365' + galleryImagePublisher: 'microsoftwindowsdesktop' + galleryImageSKU: '20h1-evd-o365pp' + imageType: 'Gallery' + imageUri: null + customImageId: null + namePrefix: 'avdv2' + osDiskType: 'StandardSSD_LRS' + useManagedDisks: true + vmSize: { + id: 'Standard_D2s_v3' + cores: 2 + ram: 8 + } + } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } +} +``` + +
+

@@ -344,59 +399,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module hostpools './Microsoft.DesktopVirtualization/hostpools/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-hostpools' - params: { - name: '<>-az-avdhp-x-001' - lock: 'CanNotDelete' - location: 'westeurope' - hostpoolFriendlyName: 'AVDv2' - hostpoolDescription: 'My first AVD Host Pool' - hostpoolType: 'Pooled' - personalDesktopAssignmentType: 'Automatic' - maxSessionLimit: 99999 - loadBalancerType: 'BreadthFirst' - customRdpProperty: 'audiocapturemode:i:1;audiomode:i:0;drivestoredirect:s:;redirectclipboard:i:1;redirectcomports:i:1;redirectprinters:i:1;redirectsmartcards:i:1;screen mode id:i:2;' - vmTemplate: { - domain: 'domainname.onmicrosoft.com' - galleryImageOffer: 'office-365' - galleryImagePublisher: 'microsoftwindowsdesktop' - galleryImageSKU: '20h1-evd-o365pp' - imageType: 'Gallery' - imageUri: null - customImageId: null - namePrefix: 'avdv2' - osDiskType: 'StandardSSD_LRS' - useManagedDisks: true - vmSize: { - id: 'Standard_D2s_v3' - cores: 2 - ram: 8 - } - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md b/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md index 9fe79b0076..71e7097075 100644 --- a/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md +++ b/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md @@ -257,7 +257,23 @@ roleAssignments: [ ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module scalingplans './Microsoft.DesktopVirtualization/scalingplans/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-scalingplans' + params: { + name: '<>-az-avdsp-x-001' + } +} +``` + +
+

@@ -275,20 +291,5 @@ roleAssignments: [ } ``` -
- -
- -via Bicep module - -```bicep -module scalingplans './Microsoft.DesktopVirtualization/scalingplans/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-scalingplans' - params: { - name: '<>-az-avdsp-x-001' - } -} -``` -

diff --git a/modules/Microsoft.DesktopVirtualization/workspaces/readme.md b/modules/Microsoft.DesktopVirtualization/workspaces/readme.md index 120180accc..0b2b58ecda 100644 --- a/modules/Microsoft.DesktopVirtualization/workspaces/readme.md +++ b/modules/Microsoft.DesktopVirtualization/workspaces/readme.md @@ -156,7 +156,43 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module workspaces './Microsoft.DesktopVirtualization/workspaces/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-workspaces' + params: { + name: '<>-az-avdws-x-001' + lock: 'CanNotDelete' + location: 'westeurope' + appGroupResourceIds: [ + '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.DesktopVirtualization/applicationgroups/adp-<>-az-avdag-x-001' + ] + workspaceFriendlyName: 'My first AVD Workspace' + workspaceDescription: 'This is my first AVD Workspace' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } +} +``` + +
+

@@ -216,40 +252,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module workspaces './Microsoft.DesktopVirtualization/workspaces/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-workspaces' - params: { - name: '<>-az-avdws-x-001' - lock: 'CanNotDelete' - location: 'westeurope' - appGroupResourceIds: [ - '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.DesktopVirtualization/applicationgroups/adp-<>-az-avdag-x-001' - ] - workspaceFriendlyName: 'My first AVD Workspace' - workspaceDescription: 'This is my first AVD Workspace' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md index dc28bcb037..58ddbd906d 100644 --- a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md +++ b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md @@ -456,7 +456,234 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Mongodb

+ +
+ +via Bicep module + +```bicep +module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-databaseAccounts' + params: { + name: '<>-az-cdb-mongodb-001' + location: 'West Europe' + locations: [ + { + locationName: 'West Europe' + failoverPriority: 0 + isZoneRedundant: false + } + { + locationName: 'North Europe' + failoverPriority: 1 + isZoneRedundant: false + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + mongodbDatabases: [ + { + name: '<>-az-mdb-x-001' + collections: [ + { + name: 'car_collection' + indexes: [ + { + key: { + keys: [ + '_id' + ] + } + } + { + key: { + keys: [ + '$**' + ] + } + } + { + key: { + keys: [ + 'car_id' + 'car_model' + ] + } + options: { + unique: true + } + } + { + key: { + keys: [ + '_ts' + ] + } + options: { + expireAfterSeconds: 2629746 + } + } + ] + shardKey: { + car_id: 'Hash' + } + } + { + name: 'truck_collection' + indexes: [ + { + key: { + keys: [ + '_id' + ] + } + } + { + key: { + keys: [ + '$**' + ] + } + } + { + key: { + keys: [ + 'truck_id' + 'truck_model' + ] + } + options: { + unique: true + } + } + { + key: { + keys: [ + '_ts' + ] + } + options: { + expireAfterSeconds: 2629746 + } + } + ] + shardKey: { + truck_id: 'Hash' + } + } + ] + } + { + name: '<>-az-mdb-x-002' + collections: [ + { + name: 'bike_collection' + indexes: [ + { + key: { + keys: [ + '_id' + ] + } + } + { + key: { + keys: [ + '$**' + ] + } + } + { + key: { + keys: [ + 'bike_id' + 'bike_model' + ] + } + options: { + unique: true + } + } + { + key: { + keys: [ + '_ts' + ] + } + options: { + expireAfterSeconds: 2629746 + } + } + ] + shardKey: { + bike_id: 'Hash' + } + } + { + name: 'bicycle_collection' + indexes: [ + { + key: { + keys: [ + '_id' + ] + } + } + { + key: { + keys: [ + '$**' + ] + } + } + { + key: { + keys: [ + 'bicycle_id' + 'bicycle_model' + ] + } + options: { + unique: true + } + } + { + key: { + keys: [ + '_ts' + ] + } + options: { + expireAfterSeconds: 2629746 + } + } + ] + shardKey: { + bicycle_id: 'Hash' + } + } + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + systemAssignedIdentity: true + } +} +``` + +
+

@@ -706,6 +933,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Plain

@@ -715,8 +945,8 @@ userAssignedIdentities: { module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-databaseAccounts' params: { - name: '<>-az-cdb-mongodb-001' - location: 'West Europe' + name: '<>-az-cdb-plain-001' + lock: 'CanNotDelete' locations: [ { locationName: 'West Europe' @@ -737,196 +967,11 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ] } ] - mongodbDatabases: [ - { - name: '<>-az-mdb-x-001' - collections: [ - { - name: 'car_collection' - indexes: [ - { - key: { - keys: [ - '_id' - ] - } - } - { - key: { - keys: [ - '$**' - ] - } - } - { - key: { - keys: [ - 'car_id' - 'car_model' - ] - } - options: { - unique: true - } - } - { - key: { - keys: [ - '_ts' - ] - } - options: { - expireAfterSeconds: 2629746 - } - } - ] - shardKey: { - car_id: 'Hash' - } - } - { - name: 'truck_collection' - indexes: [ - { - key: { - keys: [ - '_id' - ] - } - } - { - key: { - keys: [ - '$**' - ] - } - } - { - key: { - keys: [ - 'truck_id' - 'truck_model' - ] - } - options: { - unique: true - } - } - { - key: { - keys: [ - '_ts' - ] - } - options: { - expireAfterSeconds: 2629746 - } - } - ] - shardKey: { - truck_id: 'Hash' - } - } - ] - } - { - name: '<>-az-mdb-x-002' - collections: [ - { - name: 'bike_collection' - indexes: [ - { - key: { - keys: [ - '_id' - ] - } - } - { - key: { - keys: [ - '$**' - ] - } - } - { - key: { - keys: [ - 'bike_id' - 'bike_model' - ] - } - options: { - unique: true - } - } - { - key: { - keys: [ - '_ts' - ] - } - options: { - expireAfterSeconds: 2629746 - } - } - ] - shardKey: { - bike_id: 'Hash' - } - } - { - name: 'bicycle_collection' - indexes: [ - { - key: { - keys: [ - '_id' - ] - } - } - { - key: { - keys: [ - '$**' - ] - } - } - { - key: { - keys: [ - 'bicycle_id' - 'bicycle_model' - ] - } - options: { - unique: true - } - } - { - key: { - keys: [ - '_ts' - ] - } - options: { - expireAfterSeconds: 2629746 - } - } - ] - shardKey: { - bicycle_id: 'Hash' - } - } - ] - } - ] diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' - systemAssignedIdentity: true } } ``` @@ -934,8 +979,6 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' =

-

Example 2

-
via JSON Parameter file @@ -995,6 +1038,9 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ```
+

+ +

Example 3: Sqldb

@@ -1004,8 +1050,8 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-databaseAccounts' params: { - name: '<>-az-cdb-plain-001' - lock: 'CanNotDelete' + name: '<>-az-cdb-sqldb-001' + location: 'West Europe' locations: [ { locationName: 'West Europe' @@ -1026,11 +1072,32 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ] } ] + sqlDatabases: [ + { + name: '<>-az-sql-x-001' + containers: [ + { + name: 'container-001' + paths: [ + '/myPartitionKey' + ] + kind: 'Hash' + } + ] + } + { + name: '<>-az-sql-x-002' + containers: [] + } + ] diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } } } ``` @@ -1038,8 +1105,6 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' =

-

Example 3

-
via JSON Parameter file @@ -1123,67 +1188,5 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } ``` -
- -
- -via Bicep module - -```bicep -module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-databaseAccounts' - params: { - name: '<>-az-cdb-sqldb-001' - location: 'West Europe' - locations: [ - { - locationName: 'West Europe' - failoverPriority: 0 - isZoneRedundant: false - } - { - locationName: 'North Europe' - failoverPriority: 1 - isZoneRedundant: false - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - sqlDatabases: [ - { - name: '<>-az-sql-x-001' - containers: [ - { - name: 'container-001' - paths: [ - '/myPartitionKey' - ] - kind: 'Hash' - } - ] - } - { - name: '<>-az-sql-x-002' - containers: [] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - } -} -``` -

diff --git a/modules/Microsoft.EventGrid/systemTopics/readme.md b/modules/Microsoft.EventGrid/systemTopics/readme.md index 6c96887d63..94e155473f 100644 --- a/modules/Microsoft.EventGrid/systemTopics/readme.md +++ b/modules/Microsoft.EventGrid/systemTopics/readme.md @@ -269,7 +269,25 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-systemTopics' + params: { + name: '<>-az-egstn-x-002' + source: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + topicType: 'Microsoft.Storage.StorageAccounts' + } +} +``` + +
+

@@ -294,6 +312,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Parameters

@@ -303,9 +324,23 @@ userAssignedIdentities: { module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { name: '${uniqueString(deployment().name)}-systemTopics' params: { - name: '<>-az-egstn-x-002' + name: '<>-az-egstn-x-001' + lock: 'CanNotDelete' source: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' topicType: 'Microsoft.Storage.StorageAccounts' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -313,8 +348,6 @@ module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -365,36 +398,5 @@ module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-systemTopics' - params: { - name: '<>-az-egstn-x-001' - lock: 'CanNotDelete' - source: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - topicType: 'Microsoft.Storage.StorageAccounts' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.EventGrid/topics/readme.md b/modules/Microsoft.EventGrid/topics/readme.md index 40f7cf73ce..d1b7e44c13 100644 --- a/modules/Microsoft.EventGrid/topics/readme.md +++ b/modules/Microsoft.EventGrid/topics/readme.md @@ -236,7 +236,43 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module topics './Microsoft.EventGrid/topics/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-topics' + params: { + name: '<>-az-egtn-x-001' + lock: 'CanNotDelete' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'topic' + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } +} +``` + +
+

@@ -290,40 +326,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module topics './Microsoft.EventGrid/topics/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-topics' - params: { - name: '<>-az-egtn-x-001' - lock: 'CanNotDelete' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'topic' - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.EventHub/namespaces/readme.md b/modules/Microsoft.EventHub/namespaces/readme.md index a948d576a2..f9c15762dc 100644 --- a/modules/Microsoft.EventHub/namespaces/readme.md +++ b/modules/Microsoft.EventHub/namespaces/readme.md @@ -281,7 +281,23 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module namespaces './Microsoft.EventHub/namespaces/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-namespaces' + params: { + + } +} +``` + +
+

@@ -296,6 +312,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Parameters

@@ -305,7 +324,117 @@ userAssignedIdentities: { module namespaces './Microsoft.EventHub/namespaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-namespaces' params: { - + name: '<>-az-evnsp-x-001' + lock: 'CanNotDelete' + authorizationRules: [ + { + name: 'RootManageSharedAccessKey' + rights: [ + 'Listen' + 'Manage' + 'Send' + ] + } + { + name: 'SendListenAccess' + rights: [ + 'Listen' + 'Send' + ] + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + eventHubs: [ + { + name: '<>-az-evh-x-001' + } + { + name: '<>-az-evh-x-002' + authorizationRules: [ + { + name: 'RootManageSharedAccessKey' + rights: [ + 'Listen' + 'Manage' + 'Send' + ] + } + { + name: 'SendListenAccess' + rights: [ + 'Listen' + 'Send' + ] + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + messageRetentionInDays: 1 + partitionCount: 2 + status: 'Active' + captureDescriptionEnabled: true + captureDescriptionEncoding: 'Avro' + captureDescriptionIntervalInSeconds: 300 + captureDescriptionSizeLimitInBytes: 314572800 + captureDescriptionDestinationName: 'EventHubArchive.AzureBlockBlob' + captureDescriptionDestinationStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + captureDescriptionDestinationBlobContainer: 'eventhub' + captureDescriptionDestinationArchiveNameFormat: '{Namespace}/{EventHub}/{PartitionId}/{Year}/{Month}/{Day}/{Hour}/{Minute}/{Second}' + captureDescriptionSkipEmptyArchives: true + consumerGroups: [ + { + name: 'custom' + userMetadata: 'customMetadata' + } + ] + } + ] + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'namespace' + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + systemAssignedIdentity: true + networkRuleSets: { + defaultAction: 'Deny' + ipRules: [ + { + action: 'Allow' + ipMask: '10.10.10.10' + } + ] + virtualNetworkRules: [ + { + subnet: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' + } + ignoreMissingVnetServiceEndpoint: true + } + ] + trustedServiceAccessEnabled: false + } + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } } } ``` @@ -313,8 +442,6 @@ module namespaces './Microsoft.EventHub/namespaces/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -467,130 +594,5 @@ module namespaces './Microsoft.EventHub/namespaces/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module namespaces './Microsoft.EventHub/namespaces/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-namespaces' - params: { - name: '<>-az-evnsp-x-001' - lock: 'CanNotDelete' - authorizationRules: [ - { - name: 'RootManageSharedAccessKey' - rights: [ - 'Listen' - 'Manage' - 'Send' - ] - } - { - name: 'SendListenAccess' - rights: [ - 'Listen' - 'Send' - ] - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - eventHubs: [ - { - name: '<>-az-evh-x-001' - } - { - name: '<>-az-evh-x-002' - authorizationRules: [ - { - name: 'RootManageSharedAccessKey' - rights: [ - 'Listen' - 'Manage' - 'Send' - ] - } - { - name: 'SendListenAccess' - rights: [ - 'Listen' - 'Send' - ] - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - messageRetentionInDays: 1 - partitionCount: 2 - status: 'Active' - captureDescriptionEnabled: true - captureDescriptionEncoding: 'Avro' - captureDescriptionIntervalInSeconds: 300 - captureDescriptionSizeLimitInBytes: 314572800 - captureDescriptionDestinationName: 'EventHubArchive.AzureBlockBlob' - captureDescriptionDestinationStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - captureDescriptionDestinationBlobContainer: 'eventhub' - captureDescriptionDestinationArchiveNameFormat: '{Namespace}/{EventHub}/{PartitionId}/{Year}/{Month}/{Day}/{Hour}/{Minute}/{Second}' - captureDescriptionSkipEmptyArchives: true - consumerGroups: [ - { - name: 'custom' - userMetadata: 'customMetadata' - } - ] - } - ] - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'namespace' - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - systemAssignedIdentity: true - networkRuleSets: { - defaultAction: 'Deny' - ipRules: [ - { - action: 'Allow' - ipMask: '10.10.10.10' - } - ] - virtualNetworkRules: [ - { - subnet: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' - } - ignoreMissingVnetServiceEndpoint: true - } - ] - trustedServiceAccessEnabled: false - } - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - } -} -``` -

diff --git a/modules/Microsoft.HealthBot/healthBots/readme.md b/modules/Microsoft.HealthBot/healthBots/readme.md index 7b1074bea1..82e89af6b4 100644 --- a/modules/Microsoft.HealthBot/healthBots/readme.md +++ b/modules/Microsoft.HealthBot/healthBots/readme.md @@ -146,7 +146,32 @@ roleAssignments: [ ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module healthBots './Microsoft.HealthBot/healthBots/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-healthBots' + params: { + name: '<>-az-ahb-x-001' + lock: 'CanNotDelete' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -177,29 +202,5 @@ roleAssignments: [ } ``` -
- -
- -via Bicep module - -```bicep -module healthBots './Microsoft.HealthBot/healthBots/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-healthBots' - params: { - name: '<>-az-ahb-x-001' - lock: 'CanNotDelete' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Insights/actionGroups/readme.md b/modules/Microsoft.Insights/actionGroups/readme.md index 5b8e41406c..bd0e70d985 100644 --- a/modules/Microsoft.Insights/actionGroups/readme.md +++ b/modules/Microsoft.Insights/actionGroups/readme.md @@ -232,7 +232,51 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module actionGroups './Microsoft.Insights/actionGroups/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-actionGroups' + params: { + name: '<>-az-ag-x-001' + groupShortName: 'azagweux001' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + emailReceivers: [ + { + name: 'TestUser_-EmailAction-' + emailAddress: 'test.user@testcompany.com' + useCommonAlertSchema: true + } + { + name: 'TestUser2' + emailAddress: 'test.user2@testcompany.com' + useCommonAlertSchema: true + } + ] + smsReceivers: [ + { + name: 'TestUser_-SMSAction-' + countryCode: '1' + phoneNumber: '2345678901' + } + ] + } +} +``` + +
+

@@ -286,48 +330,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module actionGroups './Microsoft.Insights/actionGroups/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-actionGroups' - params: { - name: '<>-az-ag-x-001' - groupShortName: 'azagweux001' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - emailReceivers: [ - { - name: 'TestUser_-EmailAction-' - emailAddress: 'test.user@testcompany.com' - useCommonAlertSchema: true - } - { - name: 'TestUser2' - emailAddress: 'test.user2@testcompany.com' - useCommonAlertSchema: true - } - ] - smsReceivers: [ - { - name: 'TestUser_-SMSAction-' - countryCode: '1' - phoneNumber: '2345678901' - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Insights/activityLogAlerts/readme.md b/modules/Microsoft.Insights/activityLogAlerts/readme.md index a8a08e68b0..bba444dec2 100644 --- a/modules/Microsoft.Insights/activityLogAlerts/readme.md +++ b/modules/Microsoft.Insights/activityLogAlerts/readme.md @@ -394,7 +394,53 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module activityLogAlerts './Microsoft.Insights/activityLogAlerts/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-activityLogAlerts' + params: { + name: '<>-az-ala-x-001' + scopes: [ + '/subscriptions/<>' + ] + conditions: [ + { + field: 'category' + equals: 'Administrative' + } + { + field: 'resourceType' + equals: 'microsoft.compute/virtualmachines' + } + { + field: 'operationName' + equals: 'Microsoft.Compute/virtualMachines/performMaintenance/action' + } + ] + actions: [ + { + actionGroupId: '/subscriptions/<>/resourceGroups/validation-rg/providers/microsoft.insights/actiongroups/adp-<>-az-ag-x-001' + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -450,50 +496,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module activityLogAlerts './Microsoft.Insights/activityLogAlerts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-activityLogAlerts' - params: { - name: '<>-az-ala-x-001' - scopes: [ - '/subscriptions/<>' - ] - conditions: [ - { - field: 'category' - equals: 'Administrative' - } - { - field: 'resourceType' - equals: 'microsoft.compute/virtualmachines' - } - { - field: 'operationName' - equals: 'Microsoft.Compute/virtualMachines/performMaintenance/action' - } - ] - actions: [ - { - actionGroupId: '/subscriptions/<>/resourceGroups/validation-rg/providers/microsoft.insights/actiongroups/adp-<>-az-ag-x-001' - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Insights/components/readme.md b/modules/Microsoft.Insights/components/readme.md index 0a42f4eda2..d711ad81fc 100644 --- a/modules/Microsoft.Insights/components/readme.md +++ b/modules/Microsoft.Insights/components/readme.md @@ -150,7 +150,32 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module components './Microsoft.Insights/components/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-components' + params: { + name: '<>-az-appi-x-001' + workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-appi-001' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -181,29 +206,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module components './Microsoft.Insights/components/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-components' - params: { - name: '<>-az-appi-x-001' - workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-appi-001' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Insights/diagnosticSettings/readme.md b/modules/Microsoft.Insights/diagnosticSettings/readme.md index 23fedd6bec..7296654989 100644 --- a/modules/Microsoft.Insights/diagnosticSettings/readme.md +++ b/modules/Microsoft.Insights/diagnosticSettings/readme.md @@ -41,7 +41,28 @@ This module deploys a subscription wide export of the activity log. ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module diagnosticSettings './Microsoft.Insights/diagnosticSettings/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-diagnosticSettings' + params: { + name: '<>-az-diag-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } +} +``` + +
+

@@ -74,25 +95,5 @@ This module deploys a subscription wide export of the activity log. } ``` -
- -
- -via Bicep module - -```bicep -module diagnosticSettings './Microsoft.Insights/diagnosticSettings/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-diagnosticSettings' - params: { - name: '<>-az-diag-x-001' - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Insights/metricAlerts/readme.md b/modules/Microsoft.Insights/metricAlerts/readme.md index 21e7b39971..91e7e34cb2 100644 --- a/modules/Microsoft.Insights/metricAlerts/readme.md +++ b/modules/Microsoft.Insights/metricAlerts/readme.md @@ -375,7 +375,49 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module metricAlerts './Microsoft.Insights/metricAlerts/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-metricAlerts' + params: { + name: '<>-az-ma-x-001' + windowSize: 'PT15M' + actions: [ + '/subscriptions/<>/resourceGroups/validation-rg/providers/microsoft.insights/actiongroups/adp-<>-az-ag-x-001' + ] + targetResourceType: 'microsoft.compute/virtualmachines' + targetResourceRegion: 'westeurope' + criterias: [ + { + criterionType: 'StaticThresholdCriterion' + metricName: 'Percentage CPU' + metricNamespace: 'microsoft.compute/virtualmachines' + name: 'HighCPU' + operator: 'GreaterThan' + threshold: '90' + timeAggregation: 'Average' + } + ] + alertCriteriaType: 'Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -433,46 +475,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module metricAlerts './Microsoft.Insights/metricAlerts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-metricAlerts' - params: { - name: '<>-az-ma-x-001' - windowSize: 'PT15M' - actions: [ - '/subscriptions/<>/resourceGroups/validation-rg/providers/microsoft.insights/actiongroups/adp-<>-az-ag-x-001' - ] - targetResourceType: 'microsoft.compute/virtualmachines' - targetResourceRegion: 'westeurope' - criterias: [ - { - criterionType: 'StaticThresholdCriterion' - metricName: 'Percentage CPU' - metricNamespace: 'microsoft.compute/virtualmachines' - name: 'HighCPU' - operator: 'GreaterThan' - threshold: '90' - timeAggregation: 'Average' - } - ] - alertCriteriaType: 'Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Insights/privateLinkScopes/readme.md b/modules/Microsoft.Insights/privateLinkScopes/readme.md index 44835e37a8..27ae171cff 100644 --- a/modules/Microsoft.Insights/privateLinkScopes/readme.md +++ b/modules/Microsoft.Insights/privateLinkScopes/readme.md @@ -227,7 +227,44 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module privateLinkScopes './Microsoft.Insights/privateLinkScopes/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-privateLinkScopes' + params: { + name: '<>-az-pls-x-001' + lock: 'CanNotDelete' + scopedResources: [ + { + name: 'scoped1' + linkedResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'azuremonitor' + } + ] + } +} +``` + +
+

@@ -274,41 +311,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module privateLinkScopes './Microsoft.Insights/privateLinkScopes/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-privateLinkScopes' - params: { - name: '<>-az-pls-x-001' - lock: 'CanNotDelete' - scopedResources: [ - { - name: 'scoped1' - linkedResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'azuremonitor' - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Insights/scheduledQueryRules/readme.md b/modules/Microsoft.Insights/scheduledQueryRules/readme.md index 304ae9217d..dacac14608 100644 --- a/modules/Microsoft.Insights/scheduledQueryRules/readme.md +++ b/modules/Microsoft.Insights/scheduledQueryRules/readme.md @@ -157,7 +157,67 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module scheduledQueryRules './Microsoft.Insights/scheduledQueryRules/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-scheduledQueryRules' + params: { + name: 'myAlert01' + alertDescription: 'My sample Alert' + scopes: [ + '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + ] + evaluationFrequency: 'PT5M' + windowSize: 'PT5M' + suppressForMinutes: 'PT5M' + queryTimeRange: 'PT5M' + autoMitigate: false + criterias: { + allOf: [ + { + query: 'Perf | where ObjectName == \'LogicalDisk\' | where CounterName == \'% Free Space\' | where InstanceName <> \'HarddiskVolume1\' and InstanceName <> \'_Total\' | summarize AggregatedValue = min(CounterValue) by Computer InstanceName bin(TimeGenerated5m)' + timeAggregation: 'Average' + metricMeasureColumn: 'AggregatedValue' + dimensions: [ + { + name: 'Computer' + operator: 'Include' + values: [ + '*' + ] + } + { + name: 'InstanceName' + operator: 'Include' + values: [ + '*' + ] + } + ] + operator: 'GreaterThan' + threshold: 0 + } + ] + } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -237,64 +297,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module scheduledQueryRules './Microsoft.Insights/scheduledQueryRules/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-scheduledQueryRules' - params: { - name: 'myAlert01' - alertDescription: 'My sample Alert' - scopes: [ - '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - ] - evaluationFrequency: 'PT5M' - windowSize: 'PT5M' - suppressForMinutes: 'PT5M' - queryTimeRange: 'PT5M' - autoMitigate: false - criterias: { - allOf: [ - { - query: 'Perf | where ObjectName == \'LogicalDisk\' | where CounterName == \'% Free Space\' | where InstanceName <> \'HarddiskVolume1\' and InstanceName <> \'_Total\' | summarize AggregatedValue = min(CounterValue) by Computer InstanceName bin(TimeGenerated5m)' - timeAggregation: 'Average' - metricMeasureColumn: 'AggregatedValue' - dimensions: [ - { - name: 'Computer' - operator: 'Include' - values: [ - '*' - ] - } - { - name: 'InstanceName' - operator: 'Include' - values: [ - '*' - ] - } - ] - operator: 'GreaterThan' - threshold: 0 - } - ] - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.KeyVault/vaults/readme.md b/modules/Microsoft.KeyVault/vaults/readme.md index 9c6dce362a..e8aea707b4 100644 --- a/modules/Microsoft.KeyVault/vaults/readme.md +++ b/modules/Microsoft.KeyVault/vaults/readme.md @@ -380,7 +380,23 @@ privateEndpoints: [ ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module vaults './Microsoft.KeyVault/vaults/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-vaults' + params: { + + } +} +``` + +
+

@@ -395,6 +411,9 @@ privateEndpoints: [ ```
+

+ +

Example 2: Parameters

@@ -404,7 +423,103 @@ privateEndpoints: [ module vaults './Microsoft.KeyVault/vaults/deploy.bicep' = { name: '${uniqueString(deployment().name)}-vaults' params: { - + name: '<>-az-kv-x-002' + lock: 'CanNotDelete' + softDeleteRetentionInDays: 7 + enableRbacAuthorization: false + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'vault' + } + ] + networkAcls: { + bypass: 'AzureServices' + defaultAction: 'Deny' + virtualNetworkRules: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' + action: 'Allow' + } + ] + ipRules: [] + } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + secrets: { + secureList: [ + { + name: 'secretName' + value: 'secretValue' + contentType: 'Something' + attributesExp: 1702648632 + attributesNbf: 10000 + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + ] + } + keys: [ + { + name: 'keyName' + attributesExp: 1702648632 + attributesNbf: 10000 + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + ] + accessPolicies: [ + { + objectId: '<>' + permissions: { + keys: [ + 'get' + 'list' + 'update' + ] + secrets: [ + 'all' + ] + } + tenantId: '<>' + } + { + objectId: '<>' + permissions: { + certificates: [ + 'backup' + 'create' + 'delete' + ] + secrets: [ + 'all' + ] + } + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -412,8 +527,6 @@ module vaults './Microsoft.KeyVault/vaults/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -554,116 +667,5 @@ module vaults './Microsoft.KeyVault/vaults/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module vaults './Microsoft.KeyVault/vaults/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-vaults' - params: { - name: '<>-az-kv-x-002' - lock: 'CanNotDelete' - softDeleteRetentionInDays: 7 - enableRbacAuthorization: false - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'vault' - } - ] - networkAcls: { - bypass: 'AzureServices' - defaultAction: 'Deny' - virtualNetworkRules: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' - action: 'Allow' - } - ] - ipRules: [] - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - secrets: { - secureList: [ - { - name: 'secretName' - value: 'secretValue' - contentType: 'Something' - attributesExp: 1702648632 - attributesNbf: 10000 - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - ] - } - keys: [ - { - name: 'keyName' - attributesExp: 1702648632 - attributesNbf: 10000 - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - ] - accessPolicies: [ - { - objectId: '<>' - permissions: { - keys: [ - 'get' - 'list' - 'update' - ] - secrets: [ - 'all' - ] - } - tenantId: '<>' - } - { - objectId: '<>' - permissions: { - certificates: [ - 'backup' - 'create' - 'delete' - ] - secrets: [ - 'all' - ] - } - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.KubernetesConfiguration/extensions/readme.md b/modules/Microsoft.KubernetesConfiguration/extensions/readme.md index b82481be34..7aa4a6ae34 100644 --- a/modules/Microsoft.KubernetesConfiguration/extensions/readme.md +++ b/modules/Microsoft.KubernetesConfiguration/extensions/readme.md @@ -65,7 +65,27 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-extensions' + params: { + name: 'flux' + extensionType: 'microsoft.flux' + clusterName: '<>-az-aks-kubenet-001' + releaseTrain: 'Stable' + releaseNamespace: 'flux-system' + } +} +``` + +
+

@@ -96,6 +116,9 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc ```
+

+ +

Example 2: Parameters

@@ -110,6 +133,14 @@ module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' clusterName: '<>-az-aks-kubenet-001' releaseTrain: 'Stable' releaseNamespace: 'flux-system' + version: '0.5.2' + configurationSettings: { + 'source-controller.enabled': 'true' + 'kustomize-controller.enabled': 'true' + 'notification-controller.enabled': 'false' + 'image-automation-controller.enabled': 'false' + 'image-reflector-controller.enabled': 'false' + } } } ``` @@ -117,8 +148,6 @@ module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep'

-

Example 2

-
via JSON Parameter file @@ -160,32 +189,5 @@ module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' } ``` -
- -
- -via Bicep module - -```bicep -module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-extensions' - params: { - name: 'flux' - extensionType: 'microsoft.flux' - clusterName: '<>-az-aks-kubenet-001' - releaseTrain: 'Stable' - releaseNamespace: 'flux-system' - version: '0.5.2' - configurationSettings: { - 'source-controller.enabled': 'true' - 'kustomize-controller.enabled': 'true' - 'notification-controller.enabled': 'false' - 'image-automation-controller.enabled': 'false' - 'image-reflector-controller.enabled': 'false' - } - } -} -``` -

diff --git a/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md b/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md index 76e5b93f61..49bbf4ba46 100644 --- a/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md +++ b/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md @@ -67,7 +67,36 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfigurations/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-fluxConfigurations' + params: { + name: 'flux2' + scope: 'cluster' + clusterName: '<>-az-aks-kubenet-001' + namespace: 'flux-system' + sourceKind: 'GitRepository' + gitRepository: { + url: 'https://github.com/mspnp/aks-baseline' + timeoutInSeconds: 180 + syncIntervalInSeconds: 300 + repositoryRef: { + branch: 'main' + } + sshKnownHosts: '' + } + } +} +``` + +
+

@@ -109,6 +138,9 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc ```
+

+ +

Example 2: Parameters

@@ -132,6 +164,16 @@ module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfiguration } sshKnownHosts: '' } + kustomizations: { + unified: { + path: './cluster-manifests' + dependsOn: [] + timeoutInSeconds: 300 + syncIntervalInSeconds: 300 + prune: true + force: false + } + } } } ``` @@ -139,8 +181,6 @@ module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfiguration

-

Example 2

-
via JSON Parameter file @@ -192,43 +232,5 @@ module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfiguration } ``` -
- -
- -via Bicep module - -```bicep -module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfigurations/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-fluxConfigurations' - params: { - name: 'flux2' - scope: 'cluster' - clusterName: '<>-az-aks-kubenet-001' - namespace: 'flux-system' - sourceKind: 'GitRepository' - gitRepository: { - url: 'https://github.com/mspnp/aks-baseline' - timeoutInSeconds: 180 - syncIntervalInSeconds: 300 - repositoryRef: { - branch: 'main' - } - sshKnownHosts: '' - } - kustomizations: { - unified: { - path: './cluster-manifests' - dependsOn: [] - timeoutInSeconds: 300 - syncIntervalInSeconds: 300 - prune: true - force: false - } - } - } -} -``` -

diff --git a/modules/Microsoft.Logic/workflows/readme.md b/modules/Microsoft.Logic/workflows/readme.md index 5eb088778f..3dfa18ab8f 100644 --- a/modules/Microsoft.Logic/workflows/readme.md +++ b/modules/Microsoft.Logic/workflows/readme.md @@ -313,7 +313,70 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module workflows './Microsoft.Logic/workflows/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-workflows' + params: { + name: '<>-az-lga-x-001' + lock: 'CanNotDelete' + tags: {} + workflowActions: { + HTTP: { + type: 'Http' + inputs: { + method: 'POST' + uri: 'https://testStringForValidation.com' + body: { + HostPoolName: '[HostPoolName]' + LAWorkspaceName: '[LAWorkspaceName]' + LimitSecondsToForceLogOffUser: '[LimitSecondsToForceLogOffUser]' + EndPeakTime: '[EndPeakTime]' + BeginPeakTime: '[BeginPeakTime]' + UtcOffset: '[UtcOffset]' + LogOffMessageBody: '[LogOffMessageBody]' + LogOffMessageTitle: '[LogOffMessageTitle]' + MinimumNumberOfRDSH: 1 + SessionThresholdPerCPU: 1 + ResourceGroupName: '[ResourceGroupName]' + } + } + } + } + workflowTriggers: { + Recurrence: { + recurrence: { + frequency: 'Minute' + interval: 15 + } + type: 'Recurrence' + } + } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + systemAssignedIdentity: true + } +} +``` + +
+

@@ -400,67 +463,5 @@ userAssignedIdentities: { } ``` -
- -
- -via Bicep module - -```bicep -module workflows './Microsoft.Logic/workflows/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-workflows' - params: { - name: '<>-az-lga-x-001' - lock: 'CanNotDelete' - tags: {} - workflowActions: { - HTTP: { - type: 'Http' - inputs: { - method: 'POST' - uri: 'https://testStringForValidation.com' - body: { - HostPoolName: '[HostPoolName]' - LAWorkspaceName: '[LAWorkspaceName]' - LimitSecondsToForceLogOffUser: '[LimitSecondsToForceLogOffUser]' - EndPeakTime: '[EndPeakTime]' - BeginPeakTime: '[BeginPeakTime]' - UtcOffset: '[UtcOffset]' - LogOffMessageBody: '[LogOffMessageBody]' - LogOffMessageTitle: '[LogOffMessageTitle]' - MinimumNumberOfRDSH: 1 - SessionThresholdPerCPU: 1 - ResourceGroupName: '[ResourceGroupName]' - } - } - } - } - workflowTriggers: { - Recurrence: { - recurrence: { - frequency: 'Minute' - interval: 15 - } - type: 'Recurrence' - } - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - systemAssignedIdentity: true - } -} -``` -

diff --git a/modules/Microsoft.MachineLearningServices/workspaces/readme.md b/modules/Microsoft.MachineLearningServices/workspaces/readme.md index f329f56ca6..508f03c5da 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/readme.md +++ b/modules/Microsoft.MachineLearningServices/workspaces/readme.md @@ -397,7 +397,28 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-workspaces' + params: { + name: '<>-az-mls-min-001' + sku: 'Basic' + associatedStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + associatedKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + associatedApplicationInsightsResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' + systemAssignedIdentity: true + } +} +``` + +
+

@@ -431,6 +452,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Parameters

@@ -440,12 +464,71 @@ userAssignedIdentities: { module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-workspaces' params: { - name: '<>-az-mls-min-001' + name: '<>-az-mls-x-001' + lock: 'CanNotDelete' sku: 'Basic' associatedStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' associatedKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' associatedApplicationInsightsResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' - systemAssignedIdentity: true + systemAssignedIdentity: false + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + description: 'The cake is a lie.' + discoveryUrl: 'http://example.com' + encryptionIdentity: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' + encryptionKeyIdentifier: 'https://adp-carml-az-kv-nopr-002.vault.azure.net/keys/keyEncryptionKey/5263fcde203347baa7cda35d074073b2' + encryptionKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-carml-az-kv-nopr-002' + imageBuildCompute: 'testcompute' + publicNetworkAccess: 'Enabled' + primaryUserAssignedIdentity: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' + computes: [ + { + name: 'DefaultCPU' + location: 'westeurope' + computeLocation: 'westeurope' + sku: 'Basic' + systemAssignedIdentity: false + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + description: 'Default CPU Cluster' + disableLocalAuth: false + computeType: 'AmlCompute' + properties: { + enableNodePublicIp: true + isolatedNetwork: false + osType: 'Linux' + remoteLoginPortPublicAccess: 'Disabled' + scaleSettings: { + maxNodeCount: 3 + minNodeCount: 0 + nodeIdleTimeBeforeScaleDown: 'PT5M' + } + vmPriority: 'Dedicated' + vmSize: 'STANDARD_DS11_V2' + } + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'amlworkspace' + } + ] } } ``` @@ -453,8 +536,6 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep'

-

Example 2

-
via JSON Parameter file @@ -581,84 +662,5 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' } ``` -
- -
- -via Bicep module - -```bicep -module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-workspaces' - params: { - name: '<>-az-mls-x-001' - lock: 'CanNotDelete' - sku: 'Basic' - associatedStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - associatedKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - associatedApplicationInsightsResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' - systemAssignedIdentity: false - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - description: 'The cake is a lie.' - discoveryUrl: 'http://example.com' - encryptionIdentity: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' - encryptionKeyIdentifier: 'https://adp-carml-az-kv-nopr-002.vault.azure.net/keys/keyEncryptionKey/5263fcde203347baa7cda35d074073b2' - encryptionKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-carml-az-kv-nopr-002' - imageBuildCompute: 'testcompute' - publicNetworkAccess: 'Enabled' - primaryUserAssignedIdentity: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' - computes: [ - { - name: 'DefaultCPU' - location: 'westeurope' - computeLocation: 'westeurope' - sku: 'Basic' - systemAssignedIdentity: false - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - description: 'Default CPU Cluster' - disableLocalAuth: false - computeType: 'AmlCompute' - properties: { - enableNodePublicIp: true - isolatedNetwork: false - osType: 'Linux' - remoteLoginPortPublicAccess: 'Disabled' - scaleSettings: { - maxNodeCount: 3 - minNodeCount: 0 - nodeIdleTimeBeforeScaleDown: 'PT5M' - } - vmPriority: 'Dedicated' - vmSize: 'STANDARD_DS11_V2' - } - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'amlworkspace' - } - ] - } -} -``` -

diff --git a/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md b/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md index 3331846f2e..6a91106aa3 100644 --- a/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md +++ b/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md @@ -142,7 +142,32 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module userAssignedIdentities './Microsoft.ManagedIdentity/userAssignedIdentities/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-userAssignedIdentities' + params: { + name: '<>-az-msi-x-001' + lock: 'CanNotDelete' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -173,29 +198,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module userAssignedIdentities './Microsoft.ManagedIdentity/userAssignedIdentities/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-userAssignedIdentities' - params: { - name: '<>-az-msi-x-001' - lock: 'CanNotDelete' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md b/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md index 7b3c262e66..1a2fbfed32 100644 --- a/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md +++ b/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md @@ -165,7 +165,42 @@ There are a couple of limitations that you should be aware of with Lighthouse: ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module registrationDefinitions './Microsoft.ManagedServices/registrationDefinitions/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-registrationDefinitions' + params: { + name: 'Component Validation - Subscription assignment' + registrationDescription: 'Managed by Lighthouse' + managedByTenantId: '195ee85d-2f10-4764-8352-a3c99aa772fb' + authorizations: [ + { + principalId: 'e87a249c-b53b-4685-94fe-863af522e4ee' + principalIdDisplayName: 'ResourceModules-Reader' + roleDefinitionId: 'acdd72a7-3385-48ef-bd42-f606fba81ae7' + } + { + principalId: 'e2f126a7-136e-443f-b39f-f73ddfd146b1' + principalIdDisplayName: 'ResourceModules-Contributor' + roleDefinitionId: 'b24988ac-6180-42a0-ab88-20f7382dd24c' + } + { + principalId: '87813317-fb25-4c76-91fe-783af429d109' + principalIdDisplayName: 'ResourceModules-LHManagement' + roleDefinitionId: '91c1777a-f3dc-4fae-b103-61d183457e46' + } + ] + } +} +``` + +
+

@@ -209,6 +244,9 @@ There are a couple of limitations that you should be aware of with Lighthouse: ```
+

+ +

Example 2: Rg

@@ -218,9 +256,10 @@ There are a couple of limitations that you should be aware of with Lighthouse: module registrationDefinitions './Microsoft.ManagedServices/registrationDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-registrationDefinitions' params: { - name: 'Component Validation - Subscription assignment' + name: 'Component Validation - Resource group assignment' registrationDescription: 'Managed by Lighthouse' managedByTenantId: '195ee85d-2f10-4764-8352-a3c99aa772fb' + resourceGroupName: 'validation-rg' authorizations: [ { principalId: 'e87a249c-b53b-4685-94fe-863af522e4ee' @@ -245,8 +284,6 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti

-

Example 2

-
via JSON Parameter file @@ -291,40 +328,5 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti } ``` -
- -
- -via Bicep module - -```bicep -module registrationDefinitions './Microsoft.ManagedServices/registrationDefinitions/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-registrationDefinitions' - params: { - name: 'Component Validation - Resource group assignment' - registrationDescription: 'Managed by Lighthouse' - managedByTenantId: '195ee85d-2f10-4764-8352-a3c99aa772fb' - resourceGroupName: 'validation-rg' - authorizations: [ - { - principalId: 'e87a249c-b53b-4685-94fe-863af522e4ee' - principalIdDisplayName: 'ResourceModules-Reader' - roleDefinitionId: 'acdd72a7-3385-48ef-bd42-f606fba81ae7' - } - { - principalId: 'e2f126a7-136e-443f-b39f-f73ddfd146b1' - principalIdDisplayName: 'ResourceModules-Contributor' - roleDefinitionId: 'b24988ac-6180-42a0-ab88-20f7382dd24c' - } - { - principalId: '87813317-fb25-4c76-91fe-783af429d109' - principalIdDisplayName: 'ResourceModules-LHManagement' - roleDefinitionId: '91c1777a-f3dc-4fae-b103-61d183457e46' - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Management/managementGroups/readme.md b/modules/Microsoft.Management/managementGroups/readme.md index 8af733d99c..5b44577143 100644 --- a/modules/Microsoft.Management/managementGroups/readme.md +++ b/modules/Microsoft.Management/managementGroups/readme.md @@ -123,7 +123,25 @@ New-AzRoleAssignment -ObjectId $PrincipalID -Scope "/providers/Microsoft.Managem ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module managementGroups './Microsoft.Management/managementGroups/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-managementGroups' + params: { + name: 'testMG' + displayName: 'Test MG' + parentId: '<>' + } +} +``` + +
+

@@ -147,22 +165,5 @@ New-AzRoleAssignment -ObjectId $PrincipalID -Scope "/providers/Microsoft.Managem } ``` -
- -
- -via Bicep module - -```bicep -module managementGroups './Microsoft.Management/managementGroups/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-managementGroups' - params: { - name: 'testMG' - displayName: 'Test MG' - parentId: '<>' - } -} -``` -

diff --git a/modules/Microsoft.NetApp/netAppAccounts/readme.md b/modules/Microsoft.NetApp/netAppAccounts/readme.md index 63d2cd3b74..d3b5c0f953 100644 --- a/modules/Microsoft.NetApp/netAppAccounts/readme.md +++ b/modules/Microsoft.NetApp/netAppAccounts/readme.md @@ -154,7 +154,23 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-netAppAccounts' + params: { + name: '<>-az-anf-min-001' + } +} +``` + +
+

@@ -173,6 +189,9 @@ tags: { ```
+

+ +

Example 2: Nfs3

@@ -182,7 +201,89 @@ tags: { module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-netAppAccounts' params: { - name: '<>-az-anf-min-001' + name: '<>-az-anf-nfs3-001' + lock: 'CanNotDelete' + capacityPools: [ + { + name: '<>-az-anfcp-x-001' + serviceLevel: 'Premium' + size: 4398046511104 + volumes: [ + { + name: 'anf3-vol01-nfsv3' + usageThreshold: 107374182400 + protocolTypes: [ + 'NFSv3' + ] + exportPolicyRules: [ + { + ruleIndex: 1 + unixReadOnly: false + unixReadWrite: true + nfsv3: true + nfsv41: false + allowedClients: '0.0.0.0/0' + } + ] + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + { + name: 'anf3-vol02-nfsv3' + usageThreshold: 107374182400 + protocolTypes: [ + 'NFSv3' + ] + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004' + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + { + name: '<>-az-anfcp-x-002' + serviceLevel: 'Premium' + size: 4398046511104 + volumes: [] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + tags: { + Environment: 'Non-Prod' + Contact: 'test.user@testcompany.com' + PurchaseOrder: '1234' + CostCenter: '7890' + ServiceName: 'DeploymentValidation' + Role: 'DeploymentValidation' + } } } ``` @@ -190,8 +291,6 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -299,6 +398,9 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { ```
+

+ +

Example 3: Nfs41

@@ -308,8 +410,7 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-netAppAccounts' params: { - name: '<>-az-anf-nfs3-001' - lock: 'CanNotDelete' + name: '<>-az-anf-nfs41-001' capacityPools: [ { name: '<>-az-anfcp-x-001' @@ -317,18 +418,18 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { size: 4398046511104 volumes: [ { - name: 'anf3-vol01-nfsv3' + name: 'anf4-vol01-nfsv41' usageThreshold: 107374182400 protocolTypes: [ - 'NFSv3' + 'NFSv4.1' ] exportPolicyRules: [ { ruleIndex: 1 unixReadOnly: false unixReadWrite: true - nfsv3: true - nfsv41: false + nfsv3: false + nfsv41: true allowedClients: '0.0.0.0/0' } ] @@ -343,10 +444,20 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { ] } { - name: 'anf3-vol02-nfsv3' + name: 'anf4-vol02-nfsv41' usageThreshold: 107374182400 protocolTypes: [ - 'NFSv3' + 'NFSv4.1' + ] + exportPolicyRules: [ + { + ruleIndex: 1 + unixReadOnly: false + unixReadWrite: true + nfsv3: false + nfsv41: true + allowedClients: '0.0.0.0/0' + } ] subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004' } @@ -398,8 +509,6 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -513,111 +622,5 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-netAppAccounts' - params: { - name: '<>-az-anf-nfs41-001' - capacityPools: [ - { - name: '<>-az-anfcp-x-001' - serviceLevel: 'Premium' - size: 4398046511104 - volumes: [ - { - name: 'anf4-vol01-nfsv41' - usageThreshold: 107374182400 - protocolTypes: [ - 'NFSv4.1' - ] - exportPolicyRules: [ - { - ruleIndex: 1 - unixReadOnly: false - unixReadWrite: true - nfsv3: false - nfsv41: true - allowedClients: '0.0.0.0/0' - } - ] - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - { - name: 'anf4-vol02-nfsv41' - usageThreshold: 107374182400 - protocolTypes: [ - 'NFSv4.1' - ] - exportPolicyRules: [ - { - ruleIndex: 1 - unixReadOnly: false - unixReadWrite: true - nfsv3: false - nfsv41: true - allowedClients: '0.0.0.0/0' - } - ] - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004' - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - { - name: '<>-az-anfcp-x-002' - serviceLevel: 'Premium' - size: 4398046511104 - volumes: [] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - tags: { - Environment: 'Non-Prod' - Contact: 'test.user@testcompany.com' - PurchaseOrder: '1234' - CostCenter: '7890' - ServiceName: 'DeploymentValidation' - Role: 'DeploymentValidation' - } - } -} -``` -

diff --git a/modules/Microsoft.Network/applicationGateways/readme.md b/modules/Microsoft.Network/applicationGateways/readme.md index a3f3ddbb63..f58cad586a 100644 --- a/modules/Microsoft.Network/applicationGateways/readme.md +++ b/modules/Microsoft.Network/applicationGateways/readme.md @@ -222,67 +222,399 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Parameters

-via JSON Parameter file +via Bicep module -```json -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-apgw-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} +```bicep +module applicationGateways './Microsoft.Network/applicationGateways/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-applicationGateways' + params: { + name: '<>-az-apgw-x-001' + lock: 'CanNotDelete' + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + webApplicationFirewallConfiguration: { + enabled: true + firewallMode: 'Detection' + ruleSetType: 'OWASP' + ruleSetVersion: '3.0' + disabledRuleGroups: [] + requestBodyCheck: true + maxRequestBodySizeInKb: 128 + fileUploadLimitInMb: 100 + } + enableHttp2: true + backendAddressPools: [ + { + name: 'appServiceBackendPool' + properties: { + backendAddresses: [ + { + fqdn: 'aghapp.azurewebsites.net' } - }, - "webApplicationFirewallConfiguration": { - "value": { - "enabled": true, - "firewallMode": "Detection", - "ruleSetType": "OWASP", - "ruleSetVersion": "3.0", - "disabledRuleGroups": [], - "requestBodyCheck": true, - "maxRequestBodySizeInKb": 128, - "fileUploadLimitInMb": 100 + ] + } + } + { + name: 'privateVmBackendPool' + properties: { + backendAddresses: [ + { + ipAddress: '10.0.0.4' } - }, - "enableHttp2": { - "value": true - }, - "backendAddressPools": { - "value": [ - { - "name": "appServiceBackendPool", - "properties": { - "backendAddresses": [ - { - "fqdn": "aghapp.azurewebsites.net" - } - ] - } - }, - { - "name": "privateVmBackendPool", - "properties": { - "backendAddresses": [ - { - "ipAddress": "10.0.0.4" - } - ] - } - } + ] + } + } + ] + backendHttpSettingsCollection: [ + { + name: 'appServiceBackendHttpsSetting' + properties: { + port: 443 + protocol: 'Https' + cookieBasedAffinity: 'Disabled' + pickHostNameFromBackendAddress: true + requestTimeout: 30 + } + } + { + name: 'privateVmHttpSetting' + properties: { + port: 80 + protocol: 'Http' + cookieBasedAffinity: 'Disabled' + pickHostNameFromBackendAddress: false + requestTimeout: 30 + probe: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/probes/privateVmHttpSettingProbe' + } + } + } + ] + frontendIPConfigurations: [ + { + name: 'private' + properties: { + privateIPAddress: '10.0.8.6' + privateIPAllocationMethod: 'Static' + subnet: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-007' + } + } + } + { + name: 'public' + properties: { + privateIPAllocationMethod: 'Dynamic' + publicIPAddress: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-apgw' + } + } + } + ] + frontendPorts: [ + { + name: 'port443' + properties: { + port: 443 + } + } + { + name: 'port4433' + properties: { + port: 4433 + } + } + { + name: 'port80' + properties: { + port: 80 + } + } + { + name: 'port8080' + properties: { + port: 8080 + } + } + ] + httpListeners: [ + { + name: 'public443' + properties: { + frontendIPConfiguration: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/public' + } + frontendPort: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port443' + } + sslCertificate: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/sslCertificates/<>-az-apgw-x-001-ssl-certificate' + } + protocol: 'https' + hostNames: [] + requireServerNameIndication: false + } + } + { + name: 'private4433' + properties: { + frontendIPConfiguration: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/private' + } + frontendPort: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port4433' + } + sslCertificate: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/sslCertificates/<>-az-apgw-x-001-ssl-certificate' + } + protocol: 'https' + hostNames: [] + requireServerNameIndication: false + } + } + { + name: 'httpRedirect80' + properties: { + frontendIPConfiguration: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/public' + } + frontendPort: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port80' + } + protocol: 'Http' + hostNames: [] + requireServerNameIndication: false + } + } + { + name: 'httpRedirect8080' + properties: { + frontendIPConfiguration: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/private' + } + frontendPort: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port8080' + } + protocol: 'Http' + hostNames: [] + requireServerNameIndication: false + } + } + ] + gatewayIPConfigurations: [ + { + name: 'apw-ip-configuration' + properties: { + subnet: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-007' + } + } + } + ] + probes: [ + { + name: 'privateVmHttpSettingProbe' + properties: { + protocol: 'Http' + host: '10.0.0.4' + path: '/' + interval: 60 + timeout: 15 + unhealthyThreshold: 5 + pickHostNameFromBackendHttpSettings: false + minServers: 3 + match: { + statusCodes: [ + '200' + '401' ] - }, + } + } + } + ] + redirectConfigurations: [ + { + name: 'httpRedirect80' + properties: { + redirectType: 'Permanent' + targetListener: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/public443' + } + includePath: true + includeQueryString: true + requestRoutingRules: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/requestRoutingRules/httpRedirect80-public443' + } + ] + } + } + { + name: 'httpRedirect8080' + properties: { + redirectType: 'Permanent' + targetListener: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/private4433' + } + includePath: true + includeQueryString: true + requestRoutingRules: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/requestRoutingRules/httpRedirect8080-private4433' + } + ] + } + } + ] + requestRoutingRules: [ + { + name: 'public443-appServiceBackendHttpsSetting-appServiceBackendHttpsSetting' + properties: { + ruleType: 'Basic' + httpListener: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/public443' + } + backendAddressPool: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendAddressPools/appServiceBackendPool' + } + backendHttpSettings: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendHttpSettingsCollection/appServiceBackendHttpsSetting' + } + } + } + { + name: 'private4433-privateVmHttpSetting-privateVmHttpSetting' + properties: { + ruleType: 'Basic' + httpListener: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/private4433' + } + backendAddressPool: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendAddressPools/privateVmBackendPool' + } + backendHttpSettings: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendHttpSettingsCollection/privateVmHttpSetting' + } + } + } + { + name: 'httpRedirect80-public443' + properties: { + ruleType: 'Basic' + httpListener: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/httpRedirect80' + } + redirectConfiguration: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/redirectConfigurations/httpRedirect80' + } + } + } + { + name: 'httpRedirect8080-private4433' + properties: { + ruleType: 'Basic' + httpListener: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/httpRedirect8080' + } + redirectConfiguration: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/redirectConfigurations/httpRedirect8080' + } + } + } + ] + sku: 'WAF_v2' + sslCertificates: [ + { + name: '<>-az-apgw-x-001-ssl-certificate' + properties: { + keyVaultSecretId: 'https://adp-<>-az-kv-x-001.vault.azure.net/secrets/applicationGatewaySslCertificate' + } + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

+ +

+ +via JSON Parameter file + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-apgw-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } + }, + "webApplicationFirewallConfiguration": { + "value": { + "enabled": true, + "firewallMode": "Detection", + "ruleSetType": "OWASP", + "ruleSetVersion": "3.0", + "disabledRuleGroups": [], + "requestBodyCheck": true, + "maxRequestBodySizeInKb": 128, + "fileUploadLimitInMb": 100 + } + }, + "enableHttp2": { + "value": true + }, + "backendAddressPools": { + "value": [ + { + "name": "appServiceBackendPool", + "properties": { + "backendAddresses": [ + { + "fqdn": "aghapp.azurewebsites.net" + } + ] + } + }, + { + "name": "privateVmBackendPool", + "properties": { + "backendAddresses": [ + { + "ipAddress": "10.0.0.4" + } + ] + } + } + ] + }, "backendHttpSettingsCollection": { "value": [ { @@ -598,336 +930,5 @@ userAssignedIdentities: { } ``` -
- -
- -via Bicep module - -```bicep -module applicationGateways './Microsoft.Network/applicationGateways/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-applicationGateways' - params: { - name: '<>-az-apgw-x-001' - lock: 'CanNotDelete' - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - webApplicationFirewallConfiguration: { - enabled: true - firewallMode: 'Detection' - ruleSetType: 'OWASP' - ruleSetVersion: '3.0' - disabledRuleGroups: [] - requestBodyCheck: true - maxRequestBodySizeInKb: 128 - fileUploadLimitInMb: 100 - } - enableHttp2: true - backendAddressPools: [ - { - name: 'appServiceBackendPool' - properties: { - backendAddresses: [ - { - fqdn: 'aghapp.azurewebsites.net' - } - ] - } - } - { - name: 'privateVmBackendPool' - properties: { - backendAddresses: [ - { - ipAddress: '10.0.0.4' - } - ] - } - } - ] - backendHttpSettingsCollection: [ - { - name: 'appServiceBackendHttpsSetting' - properties: { - port: 443 - protocol: 'Https' - cookieBasedAffinity: 'Disabled' - pickHostNameFromBackendAddress: true - requestTimeout: 30 - } - } - { - name: 'privateVmHttpSetting' - properties: { - port: 80 - protocol: 'Http' - cookieBasedAffinity: 'Disabled' - pickHostNameFromBackendAddress: false - requestTimeout: 30 - probe: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/probes/privateVmHttpSettingProbe' - } - } - } - ] - frontendIPConfigurations: [ - { - name: 'private' - properties: { - privateIPAddress: '10.0.8.6' - privateIPAllocationMethod: 'Static' - subnet: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-007' - } - } - } - { - name: 'public' - properties: { - privateIPAllocationMethod: 'Dynamic' - publicIPAddress: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-apgw' - } - } - } - ] - frontendPorts: [ - { - name: 'port443' - properties: { - port: 443 - } - } - { - name: 'port4433' - properties: { - port: 4433 - } - } - { - name: 'port80' - properties: { - port: 80 - } - } - { - name: 'port8080' - properties: { - port: 8080 - } - } - ] - httpListeners: [ - { - name: 'public443' - properties: { - frontendIPConfiguration: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/public' - } - frontendPort: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port443' - } - sslCertificate: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/sslCertificates/<>-az-apgw-x-001-ssl-certificate' - } - protocol: 'https' - hostNames: [] - requireServerNameIndication: false - } - } - { - name: 'private4433' - properties: { - frontendIPConfiguration: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/private' - } - frontendPort: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port4433' - } - sslCertificate: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/sslCertificates/<>-az-apgw-x-001-ssl-certificate' - } - protocol: 'https' - hostNames: [] - requireServerNameIndication: false - } - } - { - name: 'httpRedirect80' - properties: { - frontendIPConfiguration: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/public' - } - frontendPort: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port80' - } - protocol: 'Http' - hostNames: [] - requireServerNameIndication: false - } - } - { - name: 'httpRedirect8080' - properties: { - frontendIPConfiguration: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/private' - } - frontendPort: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port8080' - } - protocol: 'Http' - hostNames: [] - requireServerNameIndication: false - } - } - ] - gatewayIPConfigurations: [ - { - name: 'apw-ip-configuration' - properties: { - subnet: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-007' - } - } - } - ] - probes: [ - { - name: 'privateVmHttpSettingProbe' - properties: { - protocol: 'Http' - host: '10.0.0.4' - path: '/' - interval: 60 - timeout: 15 - unhealthyThreshold: 5 - pickHostNameFromBackendHttpSettings: false - minServers: 3 - match: { - statusCodes: [ - '200' - '401' - ] - } - } - } - ] - redirectConfigurations: [ - { - name: 'httpRedirect80' - properties: { - redirectType: 'Permanent' - targetListener: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/public443' - } - includePath: true - includeQueryString: true - requestRoutingRules: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/requestRoutingRules/httpRedirect80-public443' - } - ] - } - } - { - name: 'httpRedirect8080' - properties: { - redirectType: 'Permanent' - targetListener: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/private4433' - } - includePath: true - includeQueryString: true - requestRoutingRules: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/requestRoutingRules/httpRedirect8080-private4433' - } - ] - } - } - ] - requestRoutingRules: [ - { - name: 'public443-appServiceBackendHttpsSetting-appServiceBackendHttpsSetting' - properties: { - ruleType: 'Basic' - httpListener: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/public443' - } - backendAddressPool: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendAddressPools/appServiceBackendPool' - } - backendHttpSettings: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendHttpSettingsCollection/appServiceBackendHttpsSetting' - } - } - } - { - name: 'private4433-privateVmHttpSetting-privateVmHttpSetting' - properties: { - ruleType: 'Basic' - httpListener: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/private4433' - } - backendAddressPool: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendAddressPools/privateVmBackendPool' - } - backendHttpSettings: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendHttpSettingsCollection/privateVmHttpSetting' - } - } - } - { - name: 'httpRedirect80-public443' - properties: { - ruleType: 'Basic' - httpListener: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/httpRedirect80' - } - redirectConfiguration: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/redirectConfigurations/httpRedirect80' - } - } - } - { - name: 'httpRedirect8080-private4433' - properties: { - ruleType: 'Basic' - httpListener: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/httpRedirect8080' - } - redirectConfiguration: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/redirectConfigurations/httpRedirect8080' - } - } - } - ] - sku: 'WAF_v2' - sslCertificates: [ - { - name: '<>-az-apgw-x-001-ssl-certificate' - properties: { - keyVaultSecretId: 'https://adp-<>-az-kv-x-001.vault.azure.net/secrets/applicationGatewaySslCertificate' - } - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Network/applicationSecurityGroups/readme.md b/modules/Microsoft.Network/applicationSecurityGroups/readme.md index 045a885b8a..8137012bc1 100644 --- a/modules/Microsoft.Network/applicationSecurityGroups/readme.md +++ b/modules/Microsoft.Network/applicationSecurityGroups/readme.md @@ -145,7 +145,32 @@ roleAssignments: [ ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module applicationSecurityGroups './Microsoft.Network/applicationSecurityGroups/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-applicationSecurityGroups' + params: { + name: '<>-az-asg-x-001' + lock: 'CanNotDelete' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -176,29 +201,5 @@ roleAssignments: [ } ``` -
- -
- -via Bicep module - -```bicep -module applicationSecurityGroups './Microsoft.Network/applicationSecurityGroups/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-applicationSecurityGroups' - params: { - name: '<>-az-asg-x-001' - lock: 'CanNotDelete' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Network/azureFirewalls/readme.md b/modules/Microsoft.Network/azureFirewalls/readme.md index 5425e61026..f65f091e74 100644 --- a/modules/Microsoft.Network/azureFirewalls/readme.md +++ b/modules/Microsoft.Network/azureFirewalls/readme.md @@ -299,7 +299,30 @@ The `networkRuleCollections` parameter accepts a JSON Array of AzureFirewallNetw ## Deployment examples -

Example 1

+

Example 1: Addpip

+ +
+ +via Bicep module + +```bicep +module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-azureFirewalls' + params: { + name: '<>-az-fw-add-001' + vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-add-azfw' + additionalPublicIpConfigurations: [ + { + name: 'ipConfig01' + publicIPAddressResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-additional-fw' + } + ] + } +} +``` + +
+

@@ -329,6 +352,9 @@ The `networkRuleCollections` parameter accepts a JSON Array of AzureFirewallNetw ```
+

+ +

Example 2: Custompip

@@ -338,14 +364,31 @@ The `networkRuleCollections` parameter accepts a JSON Array of AzureFirewallNetw module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { name: '${uniqueString(deployment().name)}-azureFirewalls' params: { - name: '<>-az-fw-add-001' - vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-add-azfw' - additionalPublicIpConfigurations: [ - { - name: 'ipConfig01' - publicIPAddressResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-additional-fw' - } - ] + name: '<>-az-fw-custompip-001' + vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-azfw' + publicIPAddressObject: { + name: 'adp-<>-az-pip-custom-x-fw' + publicIPPrefixResourceId: '' + publicIPAllocationMethod: 'Static' + skuName: 'Standard' + skuTier: 'Regional' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticMetricsToEnable: [ + 'AllMetrics' + ] + diagnosticLogCategoriesToEnable: [ + 'DDoSProtectionNotifications' + 'DDoSMitigationFlowLogs' + 'DDoSMitigationReports' + ] + } } } ``` @@ -353,8 +396,6 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -400,6 +441,9 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { ```
+

+ +

Example 3: Min

@@ -409,31 +453,8 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { name: '${uniqueString(deployment().name)}-azureFirewalls' params: { - name: '<>-az-fw-custompip-001' - vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-azfw' - publicIPAddressObject: { - name: 'adp-<>-az-pip-custom-x-fw' - publicIPPrefixResourceId: '' - publicIPAllocationMethod: 'Static' - skuName: 'Standard' - skuTier: 'Regional' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticMetricsToEnable: [ - 'AllMetrics' - ] - diagnosticLogCategoriesToEnable: [ - 'DDoSProtectionNotifications' - 'DDoSMitigationFlowLogs' - 'DDoSMitigationReports' - ] - } + name: '<>-az-fw-min-001' + vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-min-azfw' } } ``` @@ -441,8 +462,6 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -463,6 +482,9 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { ```
+

+ +

Example 4: Parameters

@@ -472,8 +494,109 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { name: '${uniqueString(deployment().name)}-azureFirewalls' params: { - name: '<>-az-fw-min-001' - vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-min-azfw' + name: '<>-az-fw-x-001' + lock: 'CanNotDelete' + zones: [ + '1' + '2' + '3' + ] + vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-azfw' + azureFirewallSubnetPublicIpId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-fw' + applicationRuleCollections: [ + { + name: 'allow-app-rules' + properties: { + priority: 100 + action: { + type: 'allow' + } + rules: [ + { + name: 'allow-ase-tags' + sourceAddresses: [ + '*' + ] + protocols: [ + { + protocolType: 'HTTP' + port: '80' + } + { + protocolType: 'HTTPS' + port: '443' + } + ] + fqdnTags: [ + 'AppServiceEnvironment' + 'WindowsUpdate' + ] + } + { + name: 'allow-ase-management' + sourceAddresses: [ + '*' + ] + protocols: [ + { + protocolType: 'HTTP' + port: '80' + } + { + protocolType: 'HTTPS' + port: '443' + } + ] + targetFqdns: [ + 'management.azure.com' + ] + } + ] + } + } + ] + networkRuleCollections: [ + { + name: 'allow-network-rules' + properties: { + priority: 100 + action: { + type: 'allow' + } + rules: [ + { + name: 'allow-ntp' + sourceAddresses: [ + '*' + ] + destinationAddresses: [ + '*' + ] + destinationPorts: [ + '123' + '12000' + ] + protocols: [ + 'Any' + ] + } + ] + } + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -481,8 +604,6 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = {

-

Example 4

-
via JSON Parameter file @@ -625,122 +746,5 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-azureFirewalls' - params: { - name: '<>-az-fw-x-001' - lock: 'CanNotDelete' - zones: [ - '1' - '2' - '3' - ] - vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-azfw' - azureFirewallSubnetPublicIpId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-fw' - applicationRuleCollections: [ - { - name: 'allow-app-rules' - properties: { - priority: 100 - action: { - type: 'allow' - } - rules: [ - { - name: 'allow-ase-tags' - sourceAddresses: [ - '*' - ] - protocols: [ - { - protocolType: 'HTTP' - port: '80' - } - { - protocolType: 'HTTPS' - port: '443' - } - ] - fqdnTags: [ - 'AppServiceEnvironment' - 'WindowsUpdate' - ] - } - { - name: 'allow-ase-management' - sourceAddresses: [ - '*' - ] - protocols: [ - { - protocolType: 'HTTP' - port: '80' - } - { - protocolType: 'HTTPS' - port: '443' - } - ] - targetFqdns: [ - 'management.azure.com' - ] - } - ] - } - } - ] - networkRuleCollections: [ - { - name: 'allow-network-rules' - properties: { - priority: 100 - action: { - type: 'allow' - } - rules: [ - { - name: 'allow-ntp' - sourceAddresses: [ - '*' - ] - destinationAddresses: [ - '*' - ] - destinationPorts: [ - '123' - '12000' - ] - protocols: [ - 'Any' - ] - } - ] - } - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Network/bastionHosts/readme.md b/modules/Microsoft.Network/bastionHosts/readme.md index b9bc848c0f..b7ddce67c8 100644 --- a/modules/Microsoft.Network/bastionHosts/readme.md +++ b/modules/Microsoft.Network/bastionHosts/readme.md @@ -283,7 +283,30 @@ roleAssignments: [ ## Deployment examples -

Example 1

+

Example 1: Addpip

+ +
+ +via Bicep module + +```bicep +module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-bastionHosts' + params: { + name: '<>-az-bas-add-001' + vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-add-bas' + additionalPublicIpConfigurations: [ + { + name: 'ipConfig01' + publicIPAddressResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-additional-bas' + } + ] + } +} +``` + +
+

@@ -313,6 +336,9 @@ roleAssignments: [ ```
+

+ +

Example 2: Custompip

@@ -322,14 +348,31 @@ roleAssignments: [ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-bastionHosts' params: { - name: '<>-az-bas-add-001' - vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-add-bas' - additionalPublicIpConfigurations: [ - { - name: 'ipConfig01' - publicIPAddressResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-additional-bas' - } - ] + name: '<>-az-bas-custompip-001' + vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-bas' + publicIPAddressObject: { + name: 'adp-<>-az-pip-custom-x-bas' + publicIPPrefixResourceId: '' + publicIPAllocationMethod: 'Static' + skuName: 'Standard' + skuTier: 'Regional' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticMetricsToEnable: [ + 'AllMetrics' + ] + diagnosticLogCategoriesToEnable: [ + 'DDoSProtectionNotifications' + 'DDoSMitigationFlowLogs' + 'DDoSMitigationReports' + ] + } } } ``` @@ -337,8 +380,6 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -384,6 +425,9 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { ```
+

+ +

Example 3: Min

@@ -393,31 +437,8 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-bastionHosts' params: { - name: '<>-az-bas-custompip-001' - vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-bas' - publicIPAddressObject: { - name: 'adp-<>-az-pip-custom-x-bas' - publicIPPrefixResourceId: '' - publicIPAllocationMethod: 'Static' - skuName: 'Standard' - skuTier: 'Regional' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticMetricsToEnable: [ - 'AllMetrics' - ] - diagnosticLogCategoriesToEnable: [ - 'DDoSProtectionNotifications' - 'DDoSMitigationFlowLogs' - 'DDoSMitigationReports' - ] - } + name: '<>-az-bas-min-001' + vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-002' } } ``` @@ -425,8 +446,6 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -447,6 +466,9 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { ```
+

+ +

Example 4: Parameters

@@ -456,8 +478,25 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-bastionHosts' params: { - name: '<>-az-bas-min-001' - vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-002' + name: '<>-az-bas-x-001' + lock: 'CanNotDelete' + vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' + azureBastionSubnetPublicIpId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-bas' + skuType: 'Standard' + scaleUnits: 4 + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -465,8 +504,6 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = {

-

Example 4

-
via JSON Parameter file @@ -523,38 +560,5 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-bastionHosts' - params: { - name: '<>-az-bas-x-001' - lock: 'CanNotDelete' - vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' - azureBastionSubnetPublicIpId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-bas' - skuType: 'Standard' - scaleUnits: 4 - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Network/connections/readme.md b/modules/Microsoft.Network/connections/readme.md index bd5c52509e..4aa9eb2102 100644 --- a/modules/Microsoft.Network/connections/readme.md +++ b/modules/Microsoft.Network/connections/readme.md @@ -304,7 +304,39 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Vnet2vnet

+ +
+ +via Bicep module + +```bicep +resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { + name: 'adp-<>-az-kv-x-001' + scope: resourceGroup('<>','validation-rg') +} + +module connections './Microsoft.Network/connections/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-connections' + params: { + name: '<>-az-vnetgwc-x-001' + lock: 'CanNotDelete' + virtualNetworkGateway1: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworkGateways/<>-az-vnet-vpn-gw-p-001' + } + virtualNetworkGateway2: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworkGateways/<>-az-vnet-vpn-gw-p-002' + } + vpnSharedKey: kv1.getSecret('vpnSharedKey') + virtualNetworkGatewayConnectionType: 'Vnet2Vnet' + enableBgp: false + location: 'eastus' + } +} +``` + +
+

@@ -352,36 +384,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { - name: 'adp-<>-az-kv-x-001' - scope: resourceGroup('<>','validation-rg') -} - -module connections './Microsoft.Network/connections/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-connections' - params: { - name: '<>-az-vnetgwc-x-001' - lock: 'CanNotDelete' - virtualNetworkGateway1: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworkGateways/<>-az-vnet-vpn-gw-p-001' - } - virtualNetworkGateway2: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworkGateways/<>-az-vnet-vpn-gw-p-002' - } - vpnSharedKey: kv1.getSecret('vpnSharedKey') - virtualNetworkGatewayConnectionType: 'Vnet2Vnet' - enableBgp: false - location: 'eastus' - } -} -``` -

diff --git a/modules/Microsoft.Network/ddosProtectionPlans/readme.md b/modules/Microsoft.Network/ddosProtectionPlans/readme.md index 3d33168d71..ce87c173fa 100644 --- a/modules/Microsoft.Network/ddosProtectionPlans/readme.md +++ b/modules/Microsoft.Network/ddosProtectionPlans/readme.md @@ -145,7 +145,32 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module ddosProtectionPlans './Microsoft.Network/ddosProtectionPlans/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-ddosProtectionPlans' + params: { + name: '<>-az-ddos-x-001' + lock: 'CanNotDelete' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -176,29 +201,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module ddosProtectionPlans './Microsoft.Network/ddosProtectionPlans/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-ddosProtectionPlans' - params: { - name: '<>-az-ddos-x-001' - lock: 'CanNotDelete' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Network/expressRouteCircuits/readme.md b/modules/Microsoft.Network/expressRouteCircuits/readme.md index 2597635ebe..5276e798da 100644 --- a/modules/Microsoft.Network/expressRouteCircuits/readme.md +++ b/modules/Microsoft.Network/expressRouteCircuits/readme.md @@ -167,7 +167,42 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module expressRouteCircuits './Microsoft.Network/expressRouteCircuits/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-expressRouteCircuits' + params: { + name: '<>-az-erc-x-001' + lock: 'CanNotDelete' + serviceProviderName: 'Equinix' + peeringLocation: 'Amsterdam' + bandwidthInMbps: 50 + skuTier: 'Standard' + skuFamily: 'MeteredData' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } +} +``` + +
+

@@ -228,39 +263,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module expressRouteCircuits './Microsoft.Network/expressRouteCircuits/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-expressRouteCircuits' - params: { - name: '<>-az-erc-x-001' - lock: 'CanNotDelete' - serviceProviderName: 'Equinix' - peeringLocation: 'Amsterdam' - bandwidthInMbps: 50 - skuTier: 'Standard' - skuFamily: 'MeteredData' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Network/firewallPolicies/readme.md b/modules/Microsoft.Network/firewallPolicies/readme.md index f5fa668b83..88aec80bd7 100644 --- a/modules/Microsoft.Network/firewallPolicies/readme.md +++ b/modules/Microsoft.Network/firewallPolicies/readme.md @@ -136,7 +136,23 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module firewallPolicies './Microsoft.Network/firewallPolicies/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-firewallPolicies' + params: { + name: '<>-az-fwpol-min-001' + } +} +``` + +
+

@@ -155,6 +171,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Parameters

@@ -164,7 +183,45 @@ userAssignedIdentities: { module firewallPolicies './Microsoft.Network/firewallPolicies/deploy.bicep' = { name: '${uniqueString(deployment().name)}-firewallPolicies' params: { - name: '<>-az-fwpol-min-001' + name: '<>-az-fwpol-x-002' + ruleCollectionGroups: [ + { + name: '<>-rule-001' + priority: 5000 + ruleCollections: [ + { + name: 'collection002' + priority: 5555 + action: { + type: 'Allow' + } + rules: [ + { + name: 'rule002' + ipProtocols: [ + 'TCP' + 'UDP' + ] + destinationPorts: [ + '80' + ] + sourceAddresses: [ + '*' + ] + sourceIpGroups: [] + ruleType: 'NetworkRule' + destinationIpGroups: [] + destinationAddresses: [ + '*' + ] + destinationFqdns: [] + } + ] + ruleCollectionType: 'FirewallPolicyFilterRuleCollection' + } + ] + } + ] } } ``` @@ -172,8 +229,6 @@ module firewallPolicies './Microsoft.Network/firewallPolicies/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -230,58 +285,5 @@ module firewallPolicies './Microsoft.Network/firewallPolicies/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module firewallPolicies './Microsoft.Network/firewallPolicies/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-firewallPolicies' - params: { - name: '<>-az-fwpol-x-002' - ruleCollectionGroups: [ - { - name: '<>-rule-001' - priority: 5000 - ruleCollections: [ - { - name: 'collection002' - priority: 5555 - action: { - type: 'Allow' - } - rules: [ - { - name: 'rule002' - ipProtocols: [ - 'TCP' - 'UDP' - ] - destinationPorts: [ - '80' - ] - sourceAddresses: [ - '*' - ] - sourceIpGroups: [] - ruleType: 'NetworkRule' - destinationIpGroups: [] - destinationAddresses: [ - '*' - ] - destinationFqdns: [] - } - ] - ruleCollectionType: 'FirewallPolicyFilterRuleCollection' - } - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Network/frontDoors/readme.md b/modules/Microsoft.Network/frontDoors/readme.md index f3784be4d1..4871f9720b 100644 --- a/modules/Microsoft.Network/frontDoors/readme.md +++ b/modules/Microsoft.Network/frontDoors/readme.md @@ -162,7 +162,113 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module frontDoors './Microsoft.Network/frontDoors/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-frontDoors' + params: { + name: '<>-az-fd-x-001' + lock: 'CanNotDelete' + backendPools: [ + { + name: 'backendPool' + properties: { + backends: [ + { + address: 'biceptest.local' + backendHostHeader: 'backendAddress' + httpPort: 80 + httpsPort: 443 + weight: 50 + priority: 1 + enabledState: 'Enabled' + privateLinkAlias: '' + privateLinkApprovalMessage: '' + privateLinkLocation: '' + privateLinkResourceId: '' + } + ] + LoadBalancingSettings: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/LoadBalancingSettings/loadBalancer' + } + HealthProbeSettings: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/HealthProbeSettings/heathProbe' + } + } + } + ] + enforceCertificateNameCheck: 'Disabled' + sendRecvTimeoutSeconds: 10 + frontendEndpoints: [ + { + name: 'frontEnd' + properties: { + hostName: '<>-az-fd-x-001.azurefd.net' + sessionAffinityEnabledState: 'Disabled' + sessionAffinityTtlSeconds: 60 + } + } + ] + healthProbeSettings: [ + { + name: 'heathProbe' + properties: { + enabledState: '' + healthProbeMethod: '' + intervalInSeconds: 60 + path: '/' + protocol: 'Https' + } + } + ] + loadBalancingSettings: [ + { + name: 'loadBalancer' + properties: { + additionalLatencyMilliseconds: 0 + sampleSize: 50 + successfulSamplesRequired: 1 + } + } + ] + routingRules: [ + { + name: 'routingRule' + properties: { + acceptedProtocols: [ + 'Http' + 'Https' + ] + enabledState: 'Enabled' + frontendEndpoints: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/FrontendEndpoints/frontEnd' + } + ] + patternsToMatch: [ + '/*' + ] + routeConfiguration: { + '@odata.type': '#Microsoft.Azure.FrontDoor.Models.FrontdoorForwardingConfiguration' + forwardingProtocol: 'MatchRequest' + backendPool: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/BackendPools/backendPool' + } + } + } + } + ] + } +} +``` + +
+

@@ -286,110 +392,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module frontDoors './Microsoft.Network/frontDoors/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-frontDoors' - params: { - name: '<>-az-fd-x-001' - lock: 'CanNotDelete' - backendPools: [ - { - name: 'backendPool' - properties: { - backends: [ - { - address: 'biceptest.local' - backendHostHeader: 'backendAddress' - httpPort: 80 - httpsPort: 443 - weight: 50 - priority: 1 - enabledState: 'Enabled' - privateLinkAlias: '' - privateLinkApprovalMessage: '' - privateLinkLocation: '' - privateLinkResourceId: '' - } - ] - LoadBalancingSettings: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/LoadBalancingSettings/loadBalancer' - } - HealthProbeSettings: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/HealthProbeSettings/heathProbe' - } - } - } - ] - enforceCertificateNameCheck: 'Disabled' - sendRecvTimeoutSeconds: 10 - frontendEndpoints: [ - { - name: 'frontEnd' - properties: { - hostName: '<>-az-fd-x-001.azurefd.net' - sessionAffinityEnabledState: 'Disabled' - sessionAffinityTtlSeconds: 60 - } - } - ] - healthProbeSettings: [ - { - name: 'heathProbe' - properties: { - enabledState: '' - healthProbeMethod: '' - intervalInSeconds: 60 - path: '/' - protocol: 'Https' - } - } - ] - loadBalancingSettings: [ - { - name: 'loadBalancer' - properties: { - additionalLatencyMilliseconds: 0 - sampleSize: 50 - successfulSamplesRequired: 1 - } - } - ] - routingRules: [ - { - name: 'routingRule' - properties: { - acceptedProtocols: [ - 'Http' - 'Https' - ] - enabledState: 'Enabled' - frontendEndpoints: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/FrontendEndpoints/frontEnd' - } - ] - patternsToMatch: [ - '/*' - ] - routeConfiguration: { - '@odata.type': '#Microsoft.Azure.FrontDoor.Models.FrontdoorForwardingConfiguration' - forwardingProtocol: 'MatchRequest' - backendPool: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/BackendPools/backendPool' - } - } - } - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Network/ipGroups/readme.md b/modules/Microsoft.Network/ipGroups/readme.md index 9a185fe6b9..659b4eb61d 100644 --- a/modules/Microsoft.Network/ipGroups/readme.md +++ b/modules/Microsoft.Network/ipGroups/readme.md @@ -146,7 +146,36 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module ipGroups './Microsoft.Network/ipGroups/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-ipGroups' + params: { + name: 'iacsGroup-servers' + lock: 'CanNotDelete' + ipAddresses: [ + '10.0.0.1' + '10.0.0.2' + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -183,33 +212,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module ipGroups './Microsoft.Network/ipGroups/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-ipGroups' - params: { - name: 'iacsGroup-servers' - lock: 'CanNotDelete' - ipAddresses: [ - '10.0.0.1' - '10.0.0.2' - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Network/loadBalancers/readme.md b/modules/Microsoft.Network/loadBalancers/readme.md index dc3386a169..956a453a04 100644 --- a/modules/Microsoft.Network/loadBalancers/readme.md +++ b/modules/Microsoft.Network/loadBalancers/readme.md @@ -459,7 +459,91 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Internal

+ +
+ +via Bicep module + +```bicep +module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-loadBalancers' + params: { + name: '<>-az-lb-internal-001' + loadBalancerSku: 'Standard' + frontendIPConfigurations: [ + { + name: 'privateIPConfig1' + subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' + } + ] + backendAddressPools: [ + { + name: 'servers' + } + ] + probes: [ + { + name: 'probe1' + protocol: 'Tcp' + port: '62000' + intervalInSeconds: 5 + numberOfProbes: 2 + } + ] + loadBalancingRules: [ + { + name: 'privateIPLBRule1' + frontendIPConfigurationName: 'privateIPConfig1' + frontendPort: 0 + backendPort: 0 + enableFloatingIP: true + idleTimeoutInMinutes: 4 + protocol: 'All' + loadDistribution: 'Default' + probeName: 'probe1' + disableOutboundSnat: true + enableTcpReset: false + backendAddressPoolName: 'servers' + } + ] + inboundNatRules: [ + { + name: 'inboundNatRule1' + frontendIPConfigurationName: 'privateIPConfig1' + frontendPort: 443 + backendPort: 443 + enableFloatingIP: false + idleTimeoutInMinutes: 4 + protocol: 'Tcp' + enableTcpReset: false + } + { + name: 'inboundNatRule2' + frontendIPConfigurationName: 'privateIPConfig1' + frontendPort: 3389 + backendPort: 3389 + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } +} +``` + +
+

@@ -570,6 +654,9 @@ tags: { ```
+

+ +

Example 2: Min

@@ -579,75 +666,13 @@ tags: { module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-loadBalancers' params: { - name: '<>-az-lb-internal-001' - loadBalancerSku: 'Standard' + name: '<>-az-lb-min-001' frontendIPConfigurations: [ { - name: 'privateIPConfig1' - subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' - } - ] - backendAddressPools: [ - { - name: 'servers' - } - ] - probes: [ - { - name: 'probe1' - protocol: 'Tcp' - port: '62000' - intervalInSeconds: 5 - numberOfProbes: 2 - } - ] - loadBalancingRules: [ - { - name: 'privateIPLBRule1' - frontendIPConfigurationName: 'privateIPConfig1' - frontendPort: 0 - backendPort: 0 - enableFloatingIP: true - idleTimeoutInMinutes: 4 - protocol: 'All' - loadDistribution: 'Default' - probeName: 'probe1' - disableOutboundSnat: true - enableTcpReset: false - backendAddressPoolName: 'servers' - } - ] - inboundNatRules: [ - { - name: 'inboundNatRule1' - frontendIPConfigurationName: 'privateIPConfig1' - frontendPort: 443 - backendPort: 443 - enableFloatingIP: false - idleTimeoutInMinutes: 4 - protocol: 'Tcp' - enableTcpReset: false - } - { - name: 'inboundNatRule2' - frontendIPConfigurationName: 'privateIPConfig1' - frontendPort: 3389 - backendPort: 3389 - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] + name: 'publicIPConfig1' + publicIPAddressId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-min-lb' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -655,8 +680,6 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -682,6 +705,9 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { ```
+

+ +

Example 3: Parameters

@@ -691,13 +717,101 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-loadBalancers' params: { - name: '<>-az-lb-min-001' + name: '<>-az-lb-x-001' + lock: 'CanNotDelete' frontendIPConfigurations: [ { name: 'publicIPConfig1' - publicIPAddressId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-min-lb' + publicIPAddressId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-lb' + } + ] + backendAddressPools: [ + { + name: 'backendAddressPool1' + } + { + name: 'backendAddressPool2' } ] + loadBalancingRules: [ + { + name: 'publicIPLBRule1' + frontendIPConfigurationName: 'publicIPConfig1' + frontendPort: 80 + backendPort: 80 + enableFloatingIP: false + idleTimeoutInMinutes: 5 + protocol: 'Tcp' + enableTcpReset: false + loadDistribution: 'Default' + disableOutboundSnat: true + probeName: 'probe1' + backendAddressPoolName: 'backendAddressPool1' + } + { + name: 'publicIPLBRule2' + frontendIPConfigurationName: 'publicIPConfig1' + frontendPort: 8080 + backendPort: 8080 + loadDistribution: 'Default' + probeName: 'probe2' + backendAddressPoolName: 'backendAddressPool2' + } + ] + inboundNatRules: [ + { + name: 'inboundNatRule1' + frontendIPConfigurationName: 'publicIPConfig1' + frontendPort: 443 + backendPort: 443 + enableFloatingIP: false + idleTimeoutInMinutes: 4 + protocol: 'Tcp' + enableTcpReset: false + } + { + name: 'inboundNatRule2' + frontendIPConfigurationName: 'publicIPConfig1' + frontendPort: 3389 + backendPort: 3389 + } + ] + outboundRules: [ + { + name: 'outboundRule1' + frontendIPConfigurationName: 'publicIPConfig1' + backendAddressPoolName: 'backendAddressPool1' + allocatedOutboundPorts: 63984 + } + ] + probes: [ + { + name: 'probe1' + protocol: 'Tcp' + port: 80 + intervalInSeconds: 10 + numberOfProbes: 5 + } + { + name: 'probe2' + protocol: 'Https' + port: 443 + requestPath: '/' + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -705,8 +819,6 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -843,114 +955,5 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-loadBalancers' - params: { - name: '<>-az-lb-x-001' - lock: 'CanNotDelete' - frontendIPConfigurations: [ - { - name: 'publicIPConfig1' - publicIPAddressId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-lb' - } - ] - backendAddressPools: [ - { - name: 'backendAddressPool1' - } - { - name: 'backendAddressPool2' - } - ] - loadBalancingRules: [ - { - name: 'publicIPLBRule1' - frontendIPConfigurationName: 'publicIPConfig1' - frontendPort: 80 - backendPort: 80 - enableFloatingIP: false - idleTimeoutInMinutes: 5 - protocol: 'Tcp' - enableTcpReset: false - loadDistribution: 'Default' - disableOutboundSnat: true - probeName: 'probe1' - backendAddressPoolName: 'backendAddressPool1' - } - { - name: 'publicIPLBRule2' - frontendIPConfigurationName: 'publicIPConfig1' - frontendPort: 8080 - backendPort: 8080 - loadDistribution: 'Default' - probeName: 'probe2' - backendAddressPoolName: 'backendAddressPool2' - } - ] - inboundNatRules: [ - { - name: 'inboundNatRule1' - frontendIPConfigurationName: 'publicIPConfig1' - frontendPort: 443 - backendPort: 443 - enableFloatingIP: false - idleTimeoutInMinutes: 4 - protocol: 'Tcp' - enableTcpReset: false - } - { - name: 'inboundNatRule2' - frontendIPConfigurationName: 'publicIPConfig1' - frontendPort: 3389 - backendPort: 3389 - } - ] - outboundRules: [ - { - name: 'outboundRule1' - frontendIPConfigurationName: 'publicIPConfig1' - backendAddressPoolName: 'backendAddressPool1' - allocatedOutboundPorts: 63984 - } - ] - probes: [ - { - name: 'probe1' - protocol: 'Tcp' - port: 80 - intervalInSeconds: 10 - numberOfProbes: 5 - } - { - name: 'probe2' - protocol: 'Https' - port: 443 - requestPath: '/' - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Network/localNetworkGateways/readme.md b/modules/Microsoft.Network/localNetworkGateways/readme.md index 51276b735a..208d71aef1 100644 --- a/modules/Microsoft.Network/localNetworkGateways/readme.md +++ b/modules/Microsoft.Network/localNetworkGateways/readme.md @@ -151,7 +151,38 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module localNetworkGateways './Microsoft.Network/localNetworkGateways/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-localNetworkGateways' + params: { + name: '<>-az-lng-x-001' + lock: 'CanNotDelete' + localAddressPrefixes: [ + '192.168.1.0/24' + ] + localGatewayPublicIpAddress: '8.8.8.8' + localAsn: '65123' + localBgpPeeringAddress: '192.168.1.5' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -196,35 +227,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module localNetworkGateways './Microsoft.Network/localNetworkGateways/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-localNetworkGateways' - params: { - name: '<>-az-lng-x-001' - lock: 'CanNotDelete' - localAddressPrefixes: [ - '192.168.1.0/24' - ] - localGatewayPublicIpAddress: '8.8.8.8' - localAsn: '65123' - localBgpPeeringAddress: '192.168.1.5' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Network/natGateways/readme.md b/modules/Microsoft.Network/natGateways/readme.md index 4dabc5b9b2..17679f2825 100644 --- a/modules/Microsoft.Network/natGateways/readme.md +++ b/modules/Microsoft.Network/natGateways/readme.md @@ -163,7 +163,38 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module natGateways './Microsoft.Network/natGateways/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-natGateways' + params: { + name: '<>-az-ngw-x-001' + lock: 'CanNotDelete' + natGatewayPublicIpAddress: true + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } +} +``` + +
+

@@ -212,35 +243,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module natGateways './Microsoft.Network/natGateways/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-natGateways' - params: { - name: '<>-az-ngw-x-001' - lock: 'CanNotDelete' - natGatewayPublicIpAddress: true - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Network/networkInterfaces/readme.md b/modules/Microsoft.Network/networkInterfaces/readme.md index cf9e430624..74ffe548cb 100644 --- a/modules/Microsoft.Network/networkInterfaces/readme.md +++ b/modules/Microsoft.Network/networkInterfaces/readme.md @@ -179,7 +179,29 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-networkInterfaces' + params: { + name: '<>-az-nic-min-001' + ipConfigurations: [ + { + name: 'ipconfig01' + subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' + } + ] + } +} +``` + +
+

@@ -206,6 +228,9 @@ tags: { ```
+

+ +

Example 2: Parameters

@@ -215,13 +240,37 @@ tags: { module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-networkInterfaces' params: { - name: '<>-az-nic-min-001' + name: '<>-az-nic-x-001' + lock: 'CanNotDelete' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] ipConfigurations: [ { name: 'ipconfig01' subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' + loadBalancerBackendAddressPools: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers' + } + ] + applicationSecurityGroups: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' + } + ] } ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -229,8 +278,6 @@ module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' =

-

Example 2

-
via JSON Parameter file @@ -293,50 +340,5 @@ module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = } ``` -
- -
- -via Bicep module - -```bicep -module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-networkInterfaces' - params: { - name: '<>-az-nic-x-001' - lock: 'CanNotDelete' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - ipConfigurations: [ - { - name: 'ipconfig01' - subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' - loadBalancerBackendAddressPools: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers' - } - ] - applicationSecurityGroups: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' - } - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Network/networkSecurityGroups/readme.md b/modules/Microsoft.Network/networkSecurityGroups/readme.md index f7676a388f..b96e860979 100644 --- a/modules/Microsoft.Network/networkSecurityGroups/readme.md +++ b/modules/Microsoft.Network/networkSecurityGroups/readme.md @@ -155,7 +155,23 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module networkSecurityGroups './Microsoft.Network/networkSecurityGroups/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-networkSecurityGroups' + params: { + name: '<>-az-nsg-min-001' + } +} +``` + +
+

@@ -174,6 +190,9 @@ tags: { ```
+

+ +

Example 2: Parameters

@@ -183,7 +202,85 @@ tags: { module networkSecurityGroups './Microsoft.Network/networkSecurityGroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-networkSecurityGroups' params: { - name: '<>-az-nsg-min-001' + name: '<>-az-nsg-x-001' + lock: 'CanNotDelete' + securityRules: [ + { + name: 'Specific' + properties: { + description: 'Tests specific IPs and ports' + protocol: '*' + sourcePortRange: '*' + destinationPortRange: '8080' + sourceAddressPrefix: '*' + destinationAddressPrefix: '*' + access: 'Allow' + priority: 100 + direction: 'Inbound' + } + } + { + name: 'Ranges' + properties: { + description: 'Tests Ranges' + protocol: '*' + access: 'Allow' + priority: 101 + direction: 'Inbound' + sourcePortRanges: [ + '80' + '81' + ] + destinationPortRanges: [ + '90' + '91' + ] + sourceAddressPrefixes: [ + '10.0.0.0/16' + '10.1.0.0/16' + ] + destinationAddressPrefixes: [ + '10.2.0.0/16' + '10.3.0.0/16' + ] + } + } + { + name: 'Port_8082' + properties: { + description: 'Allow inbound access on TCP 8082' + protocol: '*' + sourcePortRange: '*' + destinationPortRange: '8082' + access: 'Allow' + priority: 102 + direction: 'Inbound' + sourceApplicationSecurityGroups: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' + } + ] + destinationApplicationSecurityGroups: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' + } + ] + } + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -191,8 +288,6 @@ module networkSecurityGroups './Microsoft.Network/networkSecurityGroups/deploy.b

-

Example 2

-
via JSON Parameter file @@ -303,98 +398,5 @@ module networkSecurityGroups './Microsoft.Network/networkSecurityGroups/deploy.b } ``` -
- -
- -via Bicep module - -```bicep -module networkSecurityGroups './Microsoft.Network/networkSecurityGroups/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-networkSecurityGroups' - params: { - name: '<>-az-nsg-x-001' - lock: 'CanNotDelete' - securityRules: [ - { - name: 'Specific' - properties: { - description: 'Tests specific IPs and ports' - protocol: '*' - sourcePortRange: '*' - destinationPortRange: '8080' - sourceAddressPrefix: '*' - destinationAddressPrefix: '*' - access: 'Allow' - priority: 100 - direction: 'Inbound' - } - } - { - name: 'Ranges' - properties: { - description: 'Tests Ranges' - protocol: '*' - access: 'Allow' - priority: 101 - direction: 'Inbound' - sourcePortRanges: [ - '80' - '81' - ] - destinationPortRanges: [ - '90' - '91' - ] - sourceAddressPrefixes: [ - '10.0.0.0/16' - '10.1.0.0/16' - ] - destinationAddressPrefixes: [ - '10.2.0.0/16' - '10.3.0.0/16' - ] - } - } - { - name: 'Port_8082' - properties: { - description: 'Allow inbound access on TCP 8082' - protocol: '*' - sourcePortRange: '*' - destinationPortRange: '8082' - access: 'Allow' - priority: 102 - direction: 'Inbound' - sourceApplicationSecurityGroups: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' - } - ] - destinationApplicationSecurityGroups: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' - } - ] - } - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Network/networkWatchers/readme.md b/modules/Microsoft.Network/networkWatchers/readme.md index 05a8e2d91c..977f57ec3d 100644 --- a/modules/Microsoft.Network/networkWatchers/readme.md +++ b/modules/Microsoft.Network/networkWatchers/readme.md @@ -149,7 +149,23 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-networkWatchers' + params: { + location: 'northeurope' + } +} +``` + +
+

@@ -168,6 +184,9 @@ tags: { ```
+

+ +

Example 2: Parameters

@@ -177,7 +196,84 @@ tags: { module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-networkWatchers' params: { - location: 'northeurope' + name: 'adp-<>-az-nw-x-001' + flowLogs: [ + { + targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001' + storageId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + enabled: false + } + { + name: 'adp-<>-az-nsg-x-apgw-flowlog' + targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-apgw' + storageId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + formatVersion: 1 + trafficAnalyticsInterval: 10 + retentionInDays: 8 + } + ] + connectionMonitors: [ + { + name: 'adp-<>-az-conn-mon-x-001' + endpoints: [ + { + name: '<>-az-subnet-x-001(validation-rg)' + type: 'AzureVM' + resourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/virtualMachines/adp-<>-vm-01' + } + { + name: 'Office Portal' + type: 'ExternalAddress' + address: 'www.office.com' + } + ] + testConfigurations: [ + { + name: 'HTTP Test' + testFrequencySec: 30 + protocol: 'Http' + httpConfiguration: { + port: 80 + method: 'Get' + requestHeaders: [] + validStatusCodeRanges: [ + '200' + ] + preferHTTPS: false + } + successThreshold: { + checksFailedPercent: 5 + roundTripTimeMs: 100 + } + } + ] + testGroups: [ + { + name: 'TestHTTPBing' + disable: false + testConfigurations: [ + 'HTTP Test' + ] + sources: [ + '<>-az-subnet-x-001(validation-rg)' + ] + destinations: [ + 'Office Portal' + ] + } + ] + workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] } } ``` @@ -185,8 +281,6 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -286,97 +380,5 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-networkWatchers' - params: { - name: 'adp-<>-az-nw-x-001' - flowLogs: [ - { - targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001' - storageId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - enabled: false - } - { - name: 'adp-<>-az-nsg-x-apgw-flowlog' - targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-apgw' - storageId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - formatVersion: 1 - trafficAnalyticsInterval: 10 - retentionInDays: 8 - } - ] - connectionMonitors: [ - { - name: 'adp-<>-az-conn-mon-x-001' - endpoints: [ - { - name: '<>-az-subnet-x-001(validation-rg)' - type: 'AzureVM' - resourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/virtualMachines/adp-<>-vm-01' - } - { - name: 'Office Portal' - type: 'ExternalAddress' - address: 'www.office.com' - } - ] - testConfigurations: [ - { - name: 'HTTP Test' - testFrequencySec: 30 - protocol: 'Http' - httpConfiguration: { - port: 80 - method: 'Get' - requestHeaders: [] - validStatusCodeRanges: [ - '200' - ] - preferHTTPS: false - } - successThreshold: { - checksFailedPercent: 5 - roundTripTimeMs: 100 - } - } - ] - testGroups: [ - { - name: 'TestHTTPBing' - disable: false - testConfigurations: [ - 'HTTP Test' - ] - sources: [ - '<>-az-subnet-x-001(validation-rg)' - ] - destinations: [ - 'Office Portal' - ] - } - ] - workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Network/privateDnsZones/readme.md b/modules/Microsoft.Network/privateDnsZones/readme.md index 17fe8f45ba..deaf1e40ad 100644 --- a/modules/Microsoft.Network/privateDnsZones/readme.md +++ b/modules/Microsoft.Network/privateDnsZones/readme.md @@ -163,7 +163,23 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module privateDnsZones './Microsoft.Network/privateDnsZones/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-privateDnsZones' + params: { + name: '<>-az-privdns-x-001.com' + } +} +``` + +
+

@@ -182,6 +198,9 @@ tags: { ```
+

+ +

Example 2: Parameters

@@ -191,7 +210,174 @@ tags: { module privateDnsZones './Microsoft.Network/privateDnsZones/deploy.bicep' = { name: '${uniqueString(deployment().name)}-privateDnsZones' params: { - name: '<>-az-privdns-x-001.com' + name: '<>-az-privdns-x-002.com' + lock: 'CanNotDelete' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + AAAA: [ + { + name: 'AAAA_2001_0db8_85a3_0000_0000_8a2e_0370_7334' + ttl: 3600 + aaaaRecords: [ + { + ipv6Address: '2001:0db8:85a3:0000:0000:8a2e:0370:7334' + } + ] + } + ] + A: [ + { + name: 'A_10.240.4.4' + ttl: 3600 + aRecords: [ + { + ipv4Address: '10.240.4.4' + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + ] + CNAME: [ + { + name: 'CNAME_test' + ttl: 3600 + cnameRecord: { + cname: 'test' + } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + ] + MX: [ + { + name: 'MX_contoso' + ttl: 3600 + mxRecords: [ + { + exchange: 'contoso.com' + preference: 100 + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + ] + PTR: [ + { + name: 'PTR_contoso' + ttl: 3600 + ptrRecords: [ + { + ptrdname: 'contoso.com' + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + ] + SOA: [ + { + name: '@' + ttl: 3600 + soaRecord: { + email: 'azureprivatedns-host.microsoft.com' + expireTime: 2419200 + host: 'azureprivatedns.net' + minimumTtl: 10 + refreshTime: 3600 + retryTime: 300 + serialNumber: '1' + } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + ] + SRV: [ + { + name: 'SRV_contoso' + ttl: 3600 + srvRecords: [ + { + port: 9332 + priority: 0 + target: 'test.contoso.com' + weight: 0 + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + ] + TXT: [ + { + name: 'TXT_test' + ttl: 3600 + txtRecords: [ + { + value: [ + 'test' + ] + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + ] + virtualNetworkLinks: [ + { + virtualNetworkResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' + registrationEnabled: true + } + ] } } ``` @@ -199,8 +385,6 @@ module privateDnsZones './Microsoft.Network/privateDnsZones/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -406,187 +590,5 @@ module privateDnsZones './Microsoft.Network/privateDnsZones/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module privateDnsZones './Microsoft.Network/privateDnsZones/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-privateDnsZones' - params: { - name: '<>-az-privdns-x-002.com' - lock: 'CanNotDelete' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - AAAA: [ - { - name: 'AAAA_2001_0db8_85a3_0000_0000_8a2e_0370_7334' - ttl: 3600 - aaaaRecords: [ - { - ipv6Address: '2001:0db8:85a3:0000:0000:8a2e:0370:7334' - } - ] - } - ] - A: [ - { - name: 'A_10.240.4.4' - ttl: 3600 - aRecords: [ - { - ipv4Address: '10.240.4.4' - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - ] - CNAME: [ - { - name: 'CNAME_test' - ttl: 3600 - cnameRecord: { - cname: 'test' - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - ] - MX: [ - { - name: 'MX_contoso' - ttl: 3600 - mxRecords: [ - { - exchange: 'contoso.com' - preference: 100 - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - ] - PTR: [ - { - name: 'PTR_contoso' - ttl: 3600 - ptrRecords: [ - { - ptrdname: 'contoso.com' - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - ] - SOA: [ - { - name: '@' - ttl: 3600 - soaRecord: { - email: 'azureprivatedns-host.microsoft.com' - expireTime: 2419200 - host: 'azureprivatedns.net' - minimumTtl: 10 - refreshTime: 3600 - retryTime: 300 - serialNumber: '1' - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - ] - SRV: [ - { - name: 'SRV_contoso' - ttl: 3600 - srvRecords: [ - { - port: 9332 - priority: 0 - target: 'test.contoso.com' - weight: 0 - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - ] - TXT: [ - { - name: 'TXT_test' - ttl: 3600 - txtRecords: [ - { - value: [ - 'test' - ] - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - ] - virtualNetworkLinks: [ - { - virtualNetworkResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' - registrationEnabled: true - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Network/privateEndpoints/readme.md b/modules/Microsoft.Network/privateEndpoints/readme.md index 66b5e836ff..ce047557bc 100644 --- a/modules/Microsoft.Network/privateEndpoints/readme.md +++ b/modules/Microsoft.Network/privateEndpoints/readme.md @@ -162,7 +162,28 @@ roleAssignments: [ ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-privateEndpoints' + params: { + name: '<>-az-pe-kvlt-min-001' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + serviceResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-pe' + groupIds: [ + 'vault' + ] + } +} +``` + +
+

@@ -192,6 +213,9 @@ roleAssignments: [ ```
+

+ +

Example 2: Parameters

@@ -201,12 +225,28 @@ roleAssignments: [ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { name: '${uniqueString(deployment().name)}-privateEndpoints' params: { - name: '<>-az-pe-kvlt-min-001' + name: '<>-az-pe-kvlt-001' + lock: 'CanNotDelete' subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' serviceResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-pe' groupIds: [ 'vault' ] + privateDnsZoneGroups: [ + { + privateDNSResourceIds: [ + '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/privateDnsZones/privatelink.vaultcore.azure.net' + ] + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] } } ``` @@ -214,8 +254,6 @@ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -265,41 +303,5 @@ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-privateEndpoints' - params: { - name: '<>-az-pe-kvlt-001' - lock: 'CanNotDelete' - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - serviceResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-pe' - groupIds: [ - 'vault' - ] - privateDnsZoneGroups: [ - { - privateDNSResourceIds: [ - '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/privateDnsZones/privatelink.vaultcore.azure.net' - ] - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Network/publicIPAddresses/readme.md b/modules/Microsoft.Network/publicIPAddresses/readme.md index a8cd9907eb..b0aa070850 100644 --- a/modules/Microsoft.Network/publicIPAddresses/readme.md +++ b/modules/Microsoft.Network/publicIPAddresses/readme.md @@ -159,7 +159,44 @@ roleAssignments: [ ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module publicIPAddresses './Microsoft.Network/publicIPAddresses/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-publicIPAddresses' + params: { + name: '<>-az-pip-x-001' + lock: 'CanNotDelete' + skuName: 'Standard' + publicIPAllocationMethod: 'Static' + zones: [ + '1' + '2' + '3' + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } +} +``` + +
+

@@ -218,41 +255,5 @@ roleAssignments: [ } ``` -
- -
- -via Bicep module - -```bicep -module publicIPAddresses './Microsoft.Network/publicIPAddresses/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-publicIPAddresses' - params: { - name: '<>-az-pip-x-001' - lock: 'CanNotDelete' - skuName: 'Standard' - publicIPAllocationMethod: 'Static' - zones: [ - '1' - '2' - '3' - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Network/publicIPPrefixes/readme.md b/modules/Microsoft.Network/publicIPPrefixes/readme.md index 32881b7905..56a363f126 100644 --- a/modules/Microsoft.Network/publicIPPrefixes/readme.md +++ b/modules/Microsoft.Network/publicIPPrefixes/readme.md @@ -146,7 +146,33 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module publicIPPrefixes './Microsoft.Network/publicIPPrefixes/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-publicIPPrefixes' + params: { + name: '<>-az-pippfx-x-001' + lock: 'CanNotDelete' + prefixLength: 28 + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -180,30 +206,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module publicIPPrefixes './Microsoft.Network/publicIPPrefixes/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-publicIPPrefixes' - params: { - name: '<>-az-pippfx-x-001' - lock: 'CanNotDelete' - prefixLength: 28 - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Network/routeTables/readme.md b/modules/Microsoft.Network/routeTables/readme.md index 7bbf95c725..ef7f7458da 100644 --- a/modules/Microsoft.Network/routeTables/readme.md +++ b/modules/Microsoft.Network/routeTables/readme.md @@ -236,7 +236,42 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module routeTables './Microsoft.Network/routeTables/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-routeTables' + params: { + name: '<>-az-udr-x-001' + lock: 'CanNotDelete' + routes: [ + { + name: 'default' + properties: { + addressPrefix: '0.0.0.0/0' + nextHopType: 'VirtualAppliance' + nextHopIpAddress: '172.16.0.20' + } + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -279,39 +314,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module routeTables './Microsoft.Network/routeTables/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-routeTables' - params: { - name: '<>-az-udr-x-001' - lock: 'CanNotDelete' - routes: [ - { - name: 'default' - properties: { - addressPrefix: '0.0.0.0/0' - nextHopType: 'VirtualAppliance' - nextHopIpAddress: '172.16.0.20' - } - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md index 884cf361cb..d4c49749b4 100644 --- a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md +++ b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md @@ -250,7 +250,38 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module trafficmanagerprofiles './Microsoft.Network/trafficmanagerprofiles/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-trafficmanagerprofiles' + params: { + name: 'tm-000001' + lock: 'CanNotDelete' + relativeName: 'tm-000001' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } +} +``` + +
+

@@ -299,35 +330,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module trafficmanagerprofiles './Microsoft.Network/trafficmanagerprofiles/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-trafficmanagerprofiles' - params: { - name: 'tm-000001' - lock: 'CanNotDelete' - relativeName: 'tm-000001' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Network/virtualHubs/readme.md b/modules/Microsoft.Network/virtualHubs/readme.md index 9d3449bbc6..4d259fec26 100644 --- a/modules/Microsoft.Network/virtualHubs/readme.md +++ b/modules/Microsoft.Network/virtualHubs/readme.md @@ -103,7 +103,25 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-virtualHubs' + params: { + name: '<>-az-vhub-min-001' + addressPrefix: '10.0.0.0/16' + virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001' + } +} +``` + +
+

@@ -128,6 +146,9 @@ tags: { ```
+

+ +

Example 2: Parameters

@@ -137,9 +158,36 @@ tags: { module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualHubs' params: { - name: '<>-az-vhub-min-001' - addressPrefix: '10.0.0.0/16' + name: '<>-az-vhub-x-001' + lock: 'CanNotDelete' + addressPrefix: '10.1.0.0/16' virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001' + hubRouteTables: [ + { + name: 'routeTable1' + } + ] + hubVirtualNetworkConnections: [ + { + name: 'connection1' + remoteVirtualNetworkId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-vhub' + routingConfiguration: { + associatedRouteTable: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vHub-x-001/hubRouteTables/routeTable1' + } + propagatedRouteTables: { + ids: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vHub-x-001/hubRouteTables/routeTable1' + } + ] + labels: [ + 'none' + ] + } + } + } + ] } } ``` @@ -147,8 +195,6 @@ module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -204,49 +250,5 @@ module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-virtualHubs' - params: { - name: '<>-az-vhub-x-001' - lock: 'CanNotDelete' - addressPrefix: '10.1.0.0/16' - virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001' - hubRouteTables: [ - { - name: 'routeTable1' - } - ] - hubVirtualNetworkConnections: [ - { - name: 'connection1' - remoteVirtualNetworkId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-vhub' - routingConfiguration: { - associatedRouteTable: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vHub-x-001/hubRouteTables/routeTable1' - } - propagatedRouteTables: { - ids: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vHub-x-001/hubRouteTables/routeTable1' - } - ] - labels: [ - 'none' - ] - } - } - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Network/virtualNetworkGateways/readme.md b/modules/Microsoft.Network/virtualNetworkGateways/readme.md index 7324b614d0..cd9fd51604 100644 --- a/modules/Microsoft.Network/virtualNetworkGateways/readme.md +++ b/modules/Microsoft.Network/virtualNetworkGateways/readme.md @@ -240,7 +240,51 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Expressroute

+ +
+ +via Bicep module + +```bicep +module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-virtualNetworkGateways' + params: { + name: '<>-az-gw-er-001' + gatewayPipName: '<>-az-gw-er-001-pip' + domainNameLabel: [ + '<>-az-gw-er-dm-001' + ] + virtualNetworkGatewayType: 'ExpressRoute' + virtualNetworkGatewaySku: 'ErGw1AZ' + vNetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' + tags: { + Environment: 'Validation' + Contact: 'test.user@testcompany.com' + PurchaseOrder: '' + CostCenter: '' + ServiceName: 'DeploymentValidation' + Role: 'DeploymentValidation' + } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } +} +``` + +
+

@@ -311,6 +355,9 @@ tags: { ```
+

+ +

Example 2: Vpn

@@ -320,22 +367,19 @@ tags: { module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualNetworkGateways' params: { - name: '<>-az-gw-er-001' - gatewayPipName: '<>-az-gw-er-001-pip' + name: '<>-az-gw-vpn-001' + lock: 'CanNotDelete' domainNameLabel: [ - '<>-az-gw-er-dm-001' + '<>-az-gw-vpn-dm-001' ] - virtualNetworkGatewayType: 'ExpressRoute' - virtualNetworkGatewaySku: 'ErGw1AZ' + virtualNetworkGatewayType: 'Vpn' + virtualNetworkGatewaySku: 'VpnGw1AZ' + publicIpZones: [ + '1' + ] + vpnType: 'RouteBased' + activeActive: true vNetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' - tags: { - Environment: 'Validation' - Contact: 'test.user@testcompany.com' - PurchaseOrder: '' - CostCenter: '' - ServiceName: 'DeploymentValidation' - Role: 'DeploymentValidation' - } roleAssignments: [ { roleDefinitionIdOrName: 'Reader' @@ -356,8 +400,6 @@ module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy

-

Example 2

-
via JSON Parameter file @@ -427,45 +469,5 @@ module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy } ``` -
- -
- -via Bicep module - -```bicep -module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-virtualNetworkGateways' - params: { - name: '<>-az-gw-vpn-001' - lock: 'CanNotDelete' - domainNameLabel: [ - '<>-az-gw-vpn-dm-001' - ] - virtualNetworkGatewayType: 'Vpn' - virtualNetworkGatewaySku: 'VpnGw1AZ' - publicIpZones: [ - '1' - ] - vpnType: 'RouteBased' - activeActive: true - vNetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Network/virtualNetworks/readme.md b/modules/Microsoft.Network/virtualNetworks/readme.md index 9e5d73bf64..2dce305a9d 100644 --- a/modules/Microsoft.Network/virtualNetworks/readme.md +++ b/modules/Microsoft.Network/virtualNetworks/readme.md @@ -348,7 +348,26 @@ The network security group and route table resources must reside in the same res ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-virtualNetworks' + params: { + name: '<>-az-vnet-min-001' + addressPrefixes: [ + '10.0.0.0/16' + ] + } +} +``` + +
+

@@ -372,6 +391,9 @@ The network security group and route table resources must reside in the same res ```
+

+ +

Example 2: Parameters

@@ -381,10 +403,74 @@ The network security group and route table resources must reside in the same res module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualNetworks' params: { - name: '<>-az-vnet-min-001' + name: '<>-az-vnet-x-001' + lock: 'CanNotDelete' addressPrefixes: [ '10.0.0.0/16' ] + subnets: [ + { + name: 'GatewaySubnet' + addressPrefix: '10.0.255.0/24' + } + { + name: '<>-az-subnet-x-001' + addressPrefix: '10.0.0.0/24' + networkSecurityGroupId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001' + serviceEndpoints: [ + { + service: 'Microsoft.Storage' + } + { + service: 'Microsoft.Sql' + } + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + routeTableId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/routeTables/adp-<>-az-udr-x-001' + } + { + name: '<>-az-subnet-x-002' + addressPrefix: '10.0.3.0/24' + delegations: [ + { + name: 'netappDel' + properties: { + serviceName: 'Microsoft.Netapp/volumes' + } + } + ] + } + { + name: '<>-az-subnet-x-003' + addressPrefix: '10.0.6.0/24' + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Enabled' + } + ] + dnsServers: [ + '10.0.1.4' + '10.0.1.5' + ] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -392,8 +478,6 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -498,6 +582,9 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { ```
+

+ +

Example 3: Vnetpeering

@@ -507,67 +594,27 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualNetworks' params: { - name: '<>-az-vnet-x-001' - lock: 'CanNotDelete' + name: '<>-az-vnet-peer-001' addressPrefixes: [ - '10.0.0.0/16' + '10.0.0.0/24' ] subnets: [ { name: 'GatewaySubnet' - addressPrefix: '10.0.255.0/24' - } - { - name: '<>-az-subnet-x-001' - addressPrefix: '10.0.0.0/24' - networkSecurityGroupId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001' - serviceEndpoints: [ - { - service: 'Microsoft.Storage' - } - { - service: 'Microsoft.Sql' - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - routeTableId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/routeTables/adp-<>-az-udr-x-001' - } - { - name: '<>-az-subnet-x-002' - addressPrefix: '10.0.3.0/24' - delegations: [ - { - name: 'netappDel' - properties: { - serviceName: 'Microsoft.Netapp/volumes' - } - } - ] - } - { - name: '<>-az-subnet-x-003' - addressPrefix: '10.0.6.0/24' - privateEndpointNetworkPolicies: 'Disabled' - privateLinkServiceNetworkPolicies: 'Enabled' + addressPrefix: '10.0.0.0/26' } ] - dnsServers: [ - '10.0.1.4' - '10.0.1.5' - ] - roleAssignments: [ + virtualNetworkPeerings: [ { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] + remoteVirtualNetworkId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-peer01' + allowForwardedTraffic: true + allowGatewayTransit: false + allowVirtualNetworkAccess: true + useRemoteGateways: false + remotePeeringEnabled: true + remotePeeringName: 'customName' + remotePeeringAllowVirtualNetworkAccess: true + remotePeeringAllowForwardedTraffic: true } ] diagnosticLogsRetentionInDays: 7 @@ -582,8 +629,6 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -643,47 +688,5 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-virtualNetworks' - params: { - name: '<>-az-vnet-peer-001' - addressPrefixes: [ - '10.0.0.0/24' - ] - subnets: [ - { - name: 'GatewaySubnet' - addressPrefix: '10.0.0.0/26' - } - ] - virtualNetworkPeerings: [ - { - remoteVirtualNetworkId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-peer01' - allowForwardedTraffic: true - allowGatewayTransit: false - allowVirtualNetworkAccess: true - useRemoteGateways: false - remotePeeringEnabled: true - remotePeeringName: 'customName' - remotePeeringAllowVirtualNetworkAccess: true - remotePeeringAllowForwardedTraffic: true - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Network/virtualWans/readme.md b/modules/Microsoft.Network/virtualWans/readme.md index f081449087..fb6553219a 100644 --- a/modules/Microsoft.Network/virtualWans/readme.md +++ b/modules/Microsoft.Network/virtualWans/readme.md @@ -149,7 +149,23 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module virtualWans './Microsoft.Network/virtualWans/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-virtualWans' + params: { + name: '<>-az-vw-min-001' + } +} +``` + +
+

@@ -168,6 +184,9 @@ tags: { ```
+

+ +

Example 2: Parameters

@@ -177,7 +196,20 @@ tags: { module virtualWans './Microsoft.Network/virtualWans/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualWans' params: { - name: '<>-az-vw-min-001' + name: '<>-az-vw-x-001' + lock: 'CanNotDelete' + type: 'Basic' + allowBranchToBranchTraffic: true + allowVnetToVnetTraffic: true + disableVpnEncryption: true + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] } } ``` @@ -185,8 +217,6 @@ module virtualWans './Microsoft.Network/virtualWans/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -228,33 +258,5 @@ module virtualWans './Microsoft.Network/virtualWans/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module virtualWans './Microsoft.Network/virtualWans/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-virtualWans' - params: { - name: '<>-az-vw-x-001' - lock: 'CanNotDelete' - type: 'Basic' - allowBranchToBranchTraffic: true - allowVnetToVnetTraffic: true - disableVpnEncryption: true - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Network/vpnGateways/readme.md b/modules/Microsoft.Network/vpnGateways/readme.md index 5f162f0fd3..86474e7ba5 100644 --- a/modules/Microsoft.Network/vpnGateways/readme.md +++ b/modules/Microsoft.Network/vpnGateways/readme.md @@ -170,7 +170,24 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-vpnGateways' + params: { + name: '<>-az-vpngw-min-001' + virtualHubResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-min-001' + } +} +``` + +
+

@@ -192,6 +209,9 @@ tags: { ```
+

+ +

Example 2: Parameters

@@ -201,8 +221,56 @@ tags: { module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { name: '${uniqueString(deployment().name)}-vpnGateways' params: { - name: '<>-az-vpngw-min-001' - virtualHubResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-min-001' + name: '<>-az-vpngw-x-001' + lock: 'CanNotDelete' + virtualHubResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001' + bgpSettings: { + asn: 65515 + peerWeight: 0 + } + connections: [ + { + name: 'Connection-<>-az-vsite-x-001' + connectionBandwidth: 10 + enableBgp: true + routingConfiguration: { + associatedRouteTable: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable' + } + propagatedRouteTables: { + labels: [ + 'default' + ] + ids: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable' + } + ] + } + vnetRoutes: { + staticRoutes: [] + } + } + remoteVpnSiteResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/<>-az-vsite-x-001' + } + ] + natRules: [ + { + name: 'natRule1' + internalMappings: [ + { + addressSpace: '10.4.0.0/24' + } + ] + externalMappings: [ + { + addressSpace: '192.168.21.0/24' + } + ] + type: 'Static' + mode: 'EgressSnat' + } + ] } } ``` @@ -210,8 +278,6 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -287,69 +353,5 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-vpnGateways' - params: { - name: '<>-az-vpngw-x-001' - lock: 'CanNotDelete' - virtualHubResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001' - bgpSettings: { - asn: 65515 - peerWeight: 0 - } - connections: [ - { - name: 'Connection-<>-az-vsite-x-001' - connectionBandwidth: 10 - enableBgp: true - routingConfiguration: { - associatedRouteTable: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable' - } - propagatedRouteTables: { - labels: [ - 'default' - ] - ids: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable' - } - ] - } - vnetRoutes: { - staticRoutes: [] - } - } - remoteVpnSiteResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/<>-az-vsite-x-001' - } - ] - natRules: [ - { - name: 'natRule1' - internalMappings: [ - { - addressSpace: '10.4.0.0/24' - } - ] - externalMappings: [ - { - addressSpace: '192.168.21.0/24' - } - ] - type: 'Static' - mode: 'EgressSnat' - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Network/vpnSites/readme.md b/modules/Microsoft.Network/vpnSites/readme.md index 05d815968d..0e15b731d6 100644 --- a/modules/Microsoft.Network/vpnSites/readme.md +++ b/modules/Microsoft.Network/vpnSites/readme.md @@ -318,7 +318,28 @@ roleAssignments: [ ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-vpnSites' + params: { + name: '<>-az-vSite-min-001' + addressPrefixes: [ + '10.0.0.0/16' + ] + ipAddress: '1.2.3.4' + virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001' + } +} +``` + +
+

@@ -348,6 +369,9 @@ roleAssignments: [ ```
+

+ +

Example 2: Parameters

@@ -357,12 +381,61 @@ roleAssignments: [ module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-vpnSites' params: { - name: '<>-az-vSite-min-001' - addressPrefixes: [ - '10.0.0.0/16' - ] - ipAddress: '1.2.3.4' + name: '<>-az-vSite-x-001' + lock: 'CanNotDelete' + tags: { + tagA: 'valueA' + tagB: 'valueB' + } + deviceProperties: { + linkSpeedInMbps: 0 + } virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001' + vpnSiteLinks: [ + { + name: '<>-az-vSite-x-001' + properties: { + bgpProperties: { + asn: 65010 + bgpPeeringAddress: '1.1.1.1' + } + ipAddress: '1.2.3.4' + linkProperties: { + linkProviderName: 'contoso' + linkSpeedInMbps: 5 + } + } + } + { + name: 'Link1' + properties: { + bgpProperties: { + asn: 65020 + bgpPeeringAddress: '192.168.1.0' + } + ipAddress: '2.2.2.2' + linkProperties: { + linkProviderName: 'contoso' + linkSpeedInMbps: 5 + } + } + } + ] + o365Policy: { + breakOutCategories: { + optimize: true + allow: true + default: true + } + } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] } } ``` @@ -370,8 +443,6 @@ module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -456,74 +527,5 @@ module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-vpnSites' - params: { - name: '<>-az-vSite-x-001' - lock: 'CanNotDelete' - tags: { - tagA: 'valueA' - tagB: 'valueB' - } - deviceProperties: { - linkSpeedInMbps: 0 - } - virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001' - vpnSiteLinks: [ - { - name: '<>-az-vSite-x-001' - properties: { - bgpProperties: { - asn: 65010 - bgpPeeringAddress: '1.1.1.1' - } - ipAddress: '1.2.3.4' - linkProperties: { - linkProviderName: 'contoso' - linkSpeedInMbps: 5 - } - } - } - { - name: 'Link1' - properties: { - bgpProperties: { - asn: 65020 - bgpPeeringAddress: '192.168.1.0' - } - ipAddress: '2.2.2.2' - linkProperties: { - linkProviderName: 'contoso' - linkSpeedInMbps: 5 - } - } - } - ] - o365Policy: { - breakOutCategories: { - optimize: true - allow: true - default: true - } - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.OperationalInsights/workspaces/readme.md b/modules/Microsoft.OperationalInsights/workspaces/readme.md index 7ab03028f1..c8acfaf7af 100644 --- a/modules/Microsoft.OperationalInsights/workspaces/readme.md +++ b/modules/Microsoft.OperationalInsights/workspaces/readme.md @@ -440,7 +440,23 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module workspaces './Microsoft.OperationalInsights/workspaces/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-workspaces' + params: { + name: '<>-az-law-min-001' + } +} +``` + +
+

@@ -459,6 +475,9 @@ tags: { ```
+

+ +

Example 2: Parameters

@@ -468,7 +487,139 @@ tags: { module workspaces './Microsoft.OperationalInsights/workspaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-workspaces' params: { - name: '<>-az-law-min-001' + name: '<>-az-law-x-001' + lock: 'CanNotDelete' + publicNetworkAccessForIngestion: 'Disabled' + publicNetworkAccessForQuery: 'Disabled' + dailyQuotaGb: 10 + storageInsightsConfigs: [ + { + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsalaw001' + tables: [ + 'WADWindowsEventLogsTable' + 'WADETWEventTable' + 'WADServiceFabric*EventTable' + 'LinuxsyslogVer2v0' + ] + } + ] + linkedServices: [ + { + name: 'Automation' + resourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Automation/automationAccounts/adp-<>-az-aut-x-001' + } + ] + savedSearches: [ + { + name: 'VMSSQueries' + displayName: 'VMSS Instance Count2' + category: 'VDC Saved Searches' + query: 'Event | where Source == 'ServiceFabricNodeBootstrapAgent' | summarize AggregatedValue = count() by Computer' + } + ] + dataSources: [ + { + name: 'applicationEvent' + kind: 'WindowsEvent' + eventLogName: 'Application' + eventTypes: [ + { + eventType: 'Error' + } + { + eventType: 'Warning' + } + { + eventType: 'Information' + } + ] + } + { + name: 'windowsPerfCounter1' + kind: 'WindowsPerformanceCounter' + objectName: 'Processor' + instanceName: '*' + intervalSeconds: 60 + counterName: '% Processor Time' + } + { + name: 'sampleIISLog1' + kind: 'IISLogs' + state: 'OnPremiseEnabled' + } + { + name: 'sampleSyslog1' + kind: 'LinuxSyslog' + syslogName: 'kern' + syslogSeverities: [ + { + severity: 'emerg' + } + { + severity: 'alert' + } + { + severity: 'crit' + } + { + severity: 'err' + } + { + severity: 'warning' + } + ] + } + { + name: 'sampleSyslogCollection1' + kind: 'LinuxSyslogCollection' + state: 'Enabled' + } + { + name: 'sampleLinuxPerf1' + kind: 'LinuxPerformanceObject' + syslogSeverities: [ + { + counterName: '% Used Inodes' + } + { + counterName: 'Free Megabytes' + } + { + counterName: '% Used Space' + } + { + counterName: 'Disk Transfers/sec' + } + { + counterName: 'Disk Reads/sec' + } + { + counterName: 'Disk Writes/sec' + } + ] + objectName: 'Logical Disk' + instanceName: '*' + intervalSeconds: 10 + } + { + name: 'sampleLinuxPerfCollection1' + kind: 'LinuxPerformanceCollection' + state: 'Enabled' + } + ] + gallerySolutions: [ + { + name: 'AzureAutomation' + product: 'OMSGallery' + publisher: 'Microsoft' + } + ] + useResourcePermissions: true + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -476,8 +627,6 @@ module workspaces './Microsoft.OperationalInsights/workspaces/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -656,152 +805,5 @@ module workspaces './Microsoft.OperationalInsights/workspaces/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module workspaces './Microsoft.OperationalInsights/workspaces/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-workspaces' - params: { - name: '<>-az-law-x-001' - lock: 'CanNotDelete' - publicNetworkAccessForIngestion: 'Disabled' - publicNetworkAccessForQuery: 'Disabled' - dailyQuotaGb: 10 - storageInsightsConfigs: [ - { - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsalaw001' - tables: [ - 'WADWindowsEventLogsTable' - 'WADETWEventTable' - 'WADServiceFabric*EventTable' - 'LinuxsyslogVer2v0' - ] - } - ] - linkedServices: [ - { - name: 'Automation' - resourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Automation/automationAccounts/adp-<>-az-aut-x-001' - } - ] - savedSearches: [ - { - name: 'VMSSQueries' - displayName: 'VMSS Instance Count2' - category: 'VDC Saved Searches' - query: 'Event | where Source == 'ServiceFabricNodeBootstrapAgent' | summarize AggregatedValue = count() by Computer' - } - ] - dataSources: [ - { - name: 'applicationEvent' - kind: 'WindowsEvent' - eventLogName: 'Application' - eventTypes: [ - { - eventType: 'Error' - } - { - eventType: 'Warning' - } - { - eventType: 'Information' - } - ] - } - { - name: 'windowsPerfCounter1' - kind: 'WindowsPerformanceCounter' - objectName: 'Processor' - instanceName: '*' - intervalSeconds: 60 - counterName: '% Processor Time' - } - { - name: 'sampleIISLog1' - kind: 'IISLogs' - state: 'OnPremiseEnabled' - } - { - name: 'sampleSyslog1' - kind: 'LinuxSyslog' - syslogName: 'kern' - syslogSeverities: [ - { - severity: 'emerg' - } - { - severity: 'alert' - } - { - severity: 'crit' - } - { - severity: 'err' - } - { - severity: 'warning' - } - ] - } - { - name: 'sampleSyslogCollection1' - kind: 'LinuxSyslogCollection' - state: 'Enabled' - } - { - name: 'sampleLinuxPerf1' - kind: 'LinuxPerformanceObject' - syslogSeverities: [ - { - counterName: '% Used Inodes' - } - { - counterName: 'Free Megabytes' - } - { - counterName: '% Used Space' - } - { - counterName: 'Disk Transfers/sec' - } - { - counterName: 'Disk Reads/sec' - } - { - counterName: 'Disk Writes/sec' - } - ] - objectName: 'Logical Disk' - instanceName: '*' - intervalSeconds: 10 - } - { - name: 'sampleLinuxPerfCollection1' - kind: 'LinuxPerformanceCollection' - state: 'Enabled' - } - ] - gallerySolutions: [ - { - name: 'AzureAutomation' - product: 'OMSGallery' - publisher: 'Microsoft' - } - ] - useResourcePermissions: true - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.OperationsManagement/solutions/readme.md b/modules/Microsoft.OperationsManagement/solutions/readme.md index f3f67ea393..3b3f41942a 100644 --- a/modules/Microsoft.OperationsManagement/solutions/readme.md +++ b/modules/Microsoft.OperationsManagement/solutions/readme.md @@ -43,7 +43,24 @@ This module deploys OperationsManagement Solutions. ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-solutions' + params: { + name: 'Updates' + logAnalyticsWorkspaceName: 'adp-<>-az-law-sol-001' + } +} +``` + +
+

@@ -65,6 +82,9 @@ This module deploys OperationsManagement Solutions. ```
+

+ +

Example 2: Ms

@@ -74,8 +94,10 @@ This module deploys OperationsManagement Solutions. module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-solutions' params: { - name: 'Updates' + name: 'AzureAutomation' logAnalyticsWorkspaceName: 'adp-<>-az-law-sol-001' + product: 'OMSGallery' + publisher: 'Microsoft' } } ``` @@ -83,8 +105,6 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -111,6 +131,9 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { ```
+

+ +

Example 3: Nonms

@@ -120,10 +143,10 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-solutions' params: { - name: 'AzureAutomation' + name: 'nonmsTestSolution' logAnalyticsWorkspaceName: 'adp-<>-az-law-sol-001' - product: 'OMSGallery' - publisher: 'Microsoft' + product: 'nonmsTestSolutionProduct' + publisher: 'nonmsTestSolutionPublisher' } } ``` @@ -131,8 +154,6 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -158,23 +179,5 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-solutions' - params: { - name: 'nonmsTestSolution' - logAnalyticsWorkspaceName: 'adp-<>-az-law-sol-001' - product: 'nonmsTestSolutionProduct' - publisher: 'nonmsTestSolutionPublisher' - } -} -``` -

diff --git a/modules/Microsoft.RecoveryServices/vaults/readme.md b/modules/Microsoft.RecoveryServices/vaults/readme.md index f86387494b..8c0bbe16cd 100644 --- a/modules/Microsoft.RecoveryServices/vaults/readme.md +++ b/modules/Microsoft.RecoveryServices/vaults/readme.md @@ -893,84 +893,7 @@ privateEndpoints: [ ## Deployment examples -

Example 1

- -
- -via JSON Parameter file - -```json -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-rsv-dr-001" - }, - "replicationFabrics": { - "value": [ - { - "location": "NorthEurope", - "replicationContainers": [ - { - "name": "ne-container1", - "replicationContainerMappings": [ - { - "targetProtectionContainerId": "/Subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.RecoveryServices/vaults/<>-az-rsv-min-001/replicationFabrics/NorthEurope/replicationProtectionContainers/ne-container2", - "policyName": "Default_values", - "targetContainerName": "pluto" - } - ] - }, - { - "name": "ne-container2", - "replicationContainerMappings": [ - { - "policyName": "Default_values", - "targetContainerFabricName": "WE-2", - "targetContainerName": "we-container1" - } - ] - } - ] - }, - { - "name": "WE-2", - "location": "WestEurope", - "replicationContainers": [ - { - "name": "we-container1", - "replicationContainerMappings": [ - { - "policyName": "Default_values", - "targetContainerFabricName": "NorthEurope", - "targetContainerName": "ne-container2" - } - ] - } - ] - } - ] - }, - "replicationPolicies": { - "value": [ - { - "name": "Default_values" - }, - { - "name": "Custom_values", - "appConsistentFrequencyInMinutes": 240, - "crashConsistentFrequencyInMinutes": 7, - "multiVmSyncStatus": "Disable", - "recoveryPointHistory": 2880 - } - ] - } - } -} -``` - -
+

Example 1: Dr

@@ -1043,8 +966,6 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -1055,13 +976,75 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { "contentVersion": "1.0.0.0", "parameters": { "name": { - "value": "<>-az-rsv-min-001" + "value": "<>-az-rsv-dr-001" + }, + "replicationFabrics": { + "value": [ + { + "location": "NorthEurope", + "replicationContainers": [ + { + "name": "ne-container1", + "replicationContainerMappings": [ + { + "targetProtectionContainerId": "/Subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.RecoveryServices/vaults/<>-az-rsv-min-001/replicationFabrics/NorthEurope/replicationProtectionContainers/ne-container2", + "policyName": "Default_values", + "targetContainerName": "pluto" + } + ] + }, + { + "name": "ne-container2", + "replicationContainerMappings": [ + { + "policyName": "Default_values", + "targetContainerFabricName": "WE-2", + "targetContainerName": "we-container1" + } + ] + } + ] + }, + { + "name": "WE-2", + "location": "WestEurope", + "replicationContainers": [ + { + "name": "we-container1", + "replicationContainerMappings": [ + { + "policyName": "Default_values", + "targetContainerFabricName": "NorthEurope", + "targetContainerName": "ne-container2" + } + ] + } + ] + } + ] + }, + "replicationPolicies": { + "value": [ + { + "name": "Default_values" + }, + { + "name": "Custom_values", + "appConsistentFrequencyInMinutes": 240, + "crashConsistentFrequencyInMinutes": 7, + "multiVmSyncStatus": "Disable", + "recoveryPointHistory": 2880 + } + ] } } } ```
+

+ +

Example 2: Min

@@ -1079,259 +1062,26 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-rsv-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "backupConfig": { - "value": { - "enhancedSecurityState": "Disabled", - "softDeleteFeatureState": "Disabled" - } - }, - "backupPolicies": { - "value": [ - { - "name": "VMpolicy", - "properties": { - "backupManagementType": "AzureIaasVM", - "instantRPDetails": {}, - "schedulePolicy": { - "schedulePolicyType": "SimpleSchedulePolicy", - "scheduleRunFrequency": "Daily", - "scheduleRunTimes": ["2019-11-07T07:00:00Z"], - "scheduleWeeklyFrequency": 0 - }, - "retentionPolicy": { - "retentionPolicyType": "LongTermRetentionPolicy", - "dailySchedule": { - "retentionTimes": ["2019-11-07T07:00:00Z"], - "retentionDuration": { - "count": 180, - "durationType": "Days" - } - }, - "weeklySchedule": { - "daysOfTheWeek": ["Sunday"], - "retentionTimes": ["2019-11-07T07:00:00Z"], - "retentionDuration": { - "count": 12, - "durationType": "Weeks" - } - }, - "monthlySchedule": { - "retentionScheduleFormatType": "Weekly", - "retentionScheduleWeekly": { - "daysOfTheWeek": ["Sunday"], - "weeksOfTheMonth": ["First"] - }, - "retentionTimes": ["2019-11-07T07:00:00Z"], - "retentionDuration": { - "count": 60, - "durationType": "Months" - } - }, - "yearlySchedule": { - "retentionScheduleFormatType": "Weekly", - "monthsOfYear": ["January"], - "retentionScheduleWeekly": { - "daysOfTheWeek": ["Sunday"], - "weeksOfTheMonth": ["First"] - }, - "retentionTimes": ["2019-11-07T07:00:00Z"], - "retentionDuration": { - "count": 10, - "durationType": "Years" - } - } - }, - "instantRpRetentionRangeInDays": 2, - "timeZone": "UTC", - "protectedItemsCount": 0 - } - }, - { - "name": "sqlpolicy", - "properties": { - "backupManagementType": "AzureWorkload", - "workLoadType": "SQLDataBase", - "settings": { - "timeZone": "UTC", - "issqlcompression": true, - "isCompression": true - }, - "subProtectionPolicy": [ - { - "policyType": "Full", - "schedulePolicy": { - "schedulePolicyType": "SimpleSchedulePolicy", - "scheduleRunFrequency": "Weekly", - "scheduleRunDays": ["Sunday"], - "scheduleRunTimes": ["2019-11-07T22:00:00Z"], - "scheduleWeeklyFrequency": 0 - }, - "retentionPolicy": { - "retentionPolicyType": "LongTermRetentionPolicy", - "weeklySchedule": { - "daysOfTheWeek": ["Sunday"], - "retentionTimes": ["2019-11-07T22:00:00Z"], - "retentionDuration": { - "count": 104, - "durationType": "Weeks" - } - }, - "monthlySchedule": { - "retentionScheduleFormatType": "Weekly", - "retentionScheduleWeekly": { - "daysOfTheWeek": ["Sunday"], - "weeksOfTheMonth": ["First"] - }, - "retentionTimes": ["2019-11-07T22:00:00Z"], - "retentionDuration": { - "count": 60, - "durationType": "Months" - } - }, - "yearlySchedule": { - "retentionScheduleFormatType": "Weekly", - "monthsOfYear": ["January"], - "retentionScheduleWeekly": { - "daysOfTheWeek": ["Sunday"], - "weeksOfTheMonth": ["First"] - }, - "retentionTimes": ["2019-11-07T22:00:00Z"], - "retentionDuration": { - "count": 10, - "durationType": "Years" - } - } - } - }, - { - "policyType": "Differential", - "schedulePolicy": { - "schedulePolicyType": "SimpleSchedulePolicy", - "scheduleRunFrequency": "Weekly", - "scheduleRunDays": ["Monday"], - "scheduleRunTimes": ["2017-03-07T02:00:00Z"], - "scheduleWeeklyFrequency": 0 - }, - "retentionPolicy": { - "retentionPolicyType": "SimpleRetentionPolicy", - "retentionDuration": { - "count": 30, - "durationType": "Days" - } - } - }, - { - "policyType": "Log", - "schedulePolicy": { - "schedulePolicyType": "LogSchedulePolicy", - "scheduleFrequencyInMins": 120 - }, - "retentionPolicy": { - "retentionPolicyType": "SimpleRetentionPolicy", - "retentionDuration": { - "count": 15, - "durationType": "Days" - } - } - } - ], - "protectedItemsCount": 0 - } - }, - { - "name": "filesharepolicy", - "properties": { - "backupManagementType": "AzureStorage", - "workloadType": "AzureFileShare", - "schedulePolicy": { - "schedulePolicyType": "SimpleSchedulePolicy", - "scheduleRunFrequency": "Daily", - "scheduleRunTimes": ["2019-11-07T04:30:00Z"], - "scheduleWeeklyFrequency": 0 - }, - "retentionPolicy": { - "retentionPolicyType": "LongTermRetentionPolicy", - "dailySchedule": { - "retentionTimes": ["2019-11-07T04:30:00Z"], - "retentionDuration": { - "count": 30, - "durationType": "Days" - } - } - }, - "timeZone": "UTC", - "protectedItemsCount": 0 - } - } - ] - }, - "backupStorageConfig": { - "value": { - "storageModelType": "GeoRedundant", - "crossRegionRestoreFlag": true - } - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "AzureSiteRecovery" - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": ["<>"] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-rsv-min-001" } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } } - } } ```
+

+ +

Example 3: Parameters

@@ -1610,3 +1360,256 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = {

+ +

+ +via JSON Parameter file + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-rsv-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "backupConfig": { + "value": { + "enhancedSecurityState": "Disabled", + "softDeleteFeatureState": "Disabled" + } + }, + "backupPolicies": { + "value": [ + { + "name": "VMpolicy", + "properties": { + "backupManagementType": "AzureIaasVM", + "instantRPDetails": {}, + "schedulePolicy": { + "schedulePolicyType": "SimpleSchedulePolicy", + "scheduleRunFrequency": "Daily", + "scheduleRunTimes": ["2019-11-07T07:00:00Z"], + "scheduleWeeklyFrequency": 0 + }, + "retentionPolicy": { + "retentionPolicyType": "LongTermRetentionPolicy", + "dailySchedule": { + "retentionTimes": ["2019-11-07T07:00:00Z"], + "retentionDuration": { + "count": 180, + "durationType": "Days" + } + }, + "weeklySchedule": { + "daysOfTheWeek": ["Sunday"], + "retentionTimes": ["2019-11-07T07:00:00Z"], + "retentionDuration": { + "count": 12, + "durationType": "Weeks" + } + }, + "monthlySchedule": { + "retentionScheduleFormatType": "Weekly", + "retentionScheduleWeekly": { + "daysOfTheWeek": ["Sunday"], + "weeksOfTheMonth": ["First"] + }, + "retentionTimes": ["2019-11-07T07:00:00Z"], + "retentionDuration": { + "count": 60, + "durationType": "Months" + } + }, + "yearlySchedule": { + "retentionScheduleFormatType": "Weekly", + "monthsOfYear": ["January"], + "retentionScheduleWeekly": { + "daysOfTheWeek": ["Sunday"], + "weeksOfTheMonth": ["First"] + }, + "retentionTimes": ["2019-11-07T07:00:00Z"], + "retentionDuration": { + "count": 10, + "durationType": "Years" + } + } + }, + "instantRpRetentionRangeInDays": 2, + "timeZone": "UTC", + "protectedItemsCount": 0 + } + }, + { + "name": "sqlpolicy", + "properties": { + "backupManagementType": "AzureWorkload", + "workLoadType": "SQLDataBase", + "settings": { + "timeZone": "UTC", + "issqlcompression": true, + "isCompression": true + }, + "subProtectionPolicy": [ + { + "policyType": "Full", + "schedulePolicy": { + "schedulePolicyType": "SimpleSchedulePolicy", + "scheduleRunFrequency": "Weekly", + "scheduleRunDays": ["Sunday"], + "scheduleRunTimes": ["2019-11-07T22:00:00Z"], + "scheduleWeeklyFrequency": 0 + }, + "retentionPolicy": { + "retentionPolicyType": "LongTermRetentionPolicy", + "weeklySchedule": { + "daysOfTheWeek": ["Sunday"], + "retentionTimes": ["2019-11-07T22:00:00Z"], + "retentionDuration": { + "count": 104, + "durationType": "Weeks" + } + }, + "monthlySchedule": { + "retentionScheduleFormatType": "Weekly", + "retentionScheduleWeekly": { + "daysOfTheWeek": ["Sunday"], + "weeksOfTheMonth": ["First"] + }, + "retentionTimes": ["2019-11-07T22:00:00Z"], + "retentionDuration": { + "count": 60, + "durationType": "Months" + } + }, + "yearlySchedule": { + "retentionScheduleFormatType": "Weekly", + "monthsOfYear": ["January"], + "retentionScheduleWeekly": { + "daysOfTheWeek": ["Sunday"], + "weeksOfTheMonth": ["First"] + }, + "retentionTimes": ["2019-11-07T22:00:00Z"], + "retentionDuration": { + "count": 10, + "durationType": "Years" + } + } + } + }, + { + "policyType": "Differential", + "schedulePolicy": { + "schedulePolicyType": "SimpleSchedulePolicy", + "scheduleRunFrequency": "Weekly", + "scheduleRunDays": ["Monday"], + "scheduleRunTimes": ["2017-03-07T02:00:00Z"], + "scheduleWeeklyFrequency": 0 + }, + "retentionPolicy": { + "retentionPolicyType": "SimpleRetentionPolicy", + "retentionDuration": { + "count": 30, + "durationType": "Days" + } + } + }, + { + "policyType": "Log", + "schedulePolicy": { + "schedulePolicyType": "LogSchedulePolicy", + "scheduleFrequencyInMins": 120 + }, + "retentionPolicy": { + "retentionPolicyType": "SimpleRetentionPolicy", + "retentionDuration": { + "count": 15, + "durationType": "Days" + } + } + } + ], + "protectedItemsCount": 0 + } + }, + { + "name": "filesharepolicy", + "properties": { + "backupManagementType": "AzureStorage", + "workloadType": "AzureFileShare", + "schedulePolicy": { + "schedulePolicyType": "SimpleSchedulePolicy", + "scheduleRunFrequency": "Daily", + "scheduleRunTimes": ["2019-11-07T04:30:00Z"], + "scheduleWeeklyFrequency": 0 + }, + "retentionPolicy": { + "retentionPolicyType": "LongTermRetentionPolicy", + "dailySchedule": { + "retentionTimes": ["2019-11-07T04:30:00Z"], + "retentionDuration": { + "count": 30, + "durationType": "Days" + } + } + }, + "timeZone": "UTC", + "protectedItemsCount": 0 + } + } + ] + }, + "backupStorageConfig": { + "value": { + "storageModelType": "GeoRedundant", + "crossRegionRestoreFlag": true + } + }, + "privateEndpoints": { + "value": [ + { + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", + "service": "AzureSiteRecovery" + } + ] + }, + "roleAssignments": { + "value": [ + { + "roleDefinitionIdOrName": "Reader", + "principalIds": ["<>"] + } + ] + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "systemAssignedIdentity": { + "value": true + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } + } + } +} +``` + +
+

diff --git a/modules/Microsoft.Resources/deploymentScripts/readme.md b/modules/Microsoft.Resources/deploymentScripts/readme.md index 781e5dbb21..7d91399cd6 100644 --- a/modules/Microsoft.Resources/deploymentScripts/readme.md +++ b/modules/Microsoft.Resources/deploymentScripts/readme.md @@ -141,7 +141,33 @@ This module requires a User Assigned Identity (MSI, managed service identity) to ## Deployment examples -

Example 1

+

Example 1: Cli

+ +
+ +via Bicep module + +```bicep +module deploymentScripts './Microsoft.Resources/deploymentScripts/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-deploymentScripts' + params: { + name: '<>-az-ds-cli-001' + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + kind: 'AzureCLI' + azCliVersion: '2.15.0' + scriptContent: 'echo \'Hello from inside the script\'' + retentionInterval: 'P1D' + runOnce: false + cleanupPreference: 'Always' + timeout: 'PT30M' + } +} +``` + +
+

@@ -186,6 +212,9 @@ This module requires a User Assigned Identity (MSI, managed service identity) to ```
+

+ +

Example 2: Ps

@@ -195,13 +224,14 @@ This module requires a User Assigned Identity (MSI, managed service identity) to module deploymentScripts './Microsoft.Resources/deploymentScripts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-deploymentScripts' params: { - name: '<>-az-ds-cli-001' + name: '<>-az-ds-ps-001' + lock: 'CanNotDelete' userAssignedIdentities: { '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } - kind: 'AzureCLI' - azCliVersion: '2.15.0' - scriptContent: 'echo \'Hello from inside the script\'' + kind: 'AzurePowerShell' + azPowerShellVersion: '3.0' + scriptContent: 'Write-Host 'Running PowerShell from template'' retentionInterval: 'P1D' runOnce: false cleanupPreference: 'Always' @@ -213,8 +243,6 @@ module deploymentScripts './Microsoft.Resources/deploymentScripts/deploy.bicep'

-

Example 2

-
via JSON Parameter file @@ -260,31 +288,5 @@ module deploymentScripts './Microsoft.Resources/deploymentScripts/deploy.bicep' } ``` -
- -
- -via Bicep module - -```bicep -module deploymentScripts './Microsoft.Resources/deploymentScripts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-deploymentScripts' - params: { - name: '<>-az-ds-ps-001' - lock: 'CanNotDelete' - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - kind: 'AzurePowerShell' - azPowerShellVersion: '3.0' - scriptContent: 'Write-Host 'Running PowerShell from template'' - retentionInterval: 'P1D' - runOnce: false - cleanupPreference: 'Always' - timeout: 'PT30M' - } -} -``` -

diff --git a/modules/Microsoft.Resources/resourceGroups/readme.md b/modules/Microsoft.Resources/resourceGroups/readme.md index 730f5ce040..4157ae1396 100644 --- a/modules/Microsoft.Resources/resourceGroups/readme.md +++ b/modules/Microsoft.Resources/resourceGroups/readme.md @@ -149,7 +149,35 @@ This module requires a User Assigned Identity (MSI, managed service identity) to ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module resourceGroups './Microsoft.Resources/resourceGroups/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-resourceGroups' + params: { + name: '<>-az-rg-x-001' + lock: 'CanNotDelete' + tags: { + Test: 'Yes' + } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -185,32 +213,5 @@ This module requires a User Assigned Identity (MSI, managed service identity) to } ``` -
- -
- -via Bicep module - -```bicep -module resourceGroups './Microsoft.Resources/resourceGroups/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-resourceGroups' - params: { - name: '<>-az-rg-x-001' - lock: 'CanNotDelete' - tags: { - Test: 'Yes' - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Resources/tags/readme.md b/modules/Microsoft.Resources/tags/readme.md index 92510e3730..ee29a1a259 100644 --- a/modules/Microsoft.Resources/tags/readme.md +++ b/modules/Microsoft.Resources/tags/readme.md @@ -79,7 +79,23 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module tags './Microsoft.Resources/tags/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-tags' + params: { + + } +} +``` + +
+

@@ -94,6 +110,9 @@ tags: { ```
+

+ +

Example 2: Rg

@@ -103,7 +122,12 @@ tags: { module tags './Microsoft.Resources/tags/deploy.bicep' = { name: '${uniqueString(deployment().name)}-tags' params: { - + onlyUpdate: false + tags: { + Test: 'Yes' + TestToo: 'No' + } + resourceGroupName: 'validation-rg' } } ``` @@ -111,8 +135,6 @@ module tags './Microsoft.Resources/tags/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -139,6 +161,9 @@ module tags './Microsoft.Resources/tags/deploy.bicep' = { ```
+

+ +

Example 3: Sub

@@ -148,12 +173,11 @@ module tags './Microsoft.Resources/tags/deploy.bicep' = { module tags './Microsoft.Resources/tags/deploy.bicep' = { name: '${uniqueString(deployment().name)}-tags' params: { - onlyUpdate: false + onlyUpdate: true tags: { Test: 'Yes' TestToo: 'No' } - resourceGroupName: 'validation-rg' } } ``` @@ -161,8 +185,6 @@ module tags './Microsoft.Resources/tags/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -185,24 +207,5 @@ module tags './Microsoft.Resources/tags/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module tags './Microsoft.Resources/tags/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-tags' - params: { - onlyUpdate: true - tags: { - Test: 'Yes' - TestToo: 'No' - } - } -} -``` -

diff --git a/modules/Microsoft.Security/azureSecurityCenter/readme.md b/modules/Microsoft.Security/azureSecurityCenter/readme.md index 6696f1c3a3..39c7c9e107 100644 --- a/modules/Microsoft.Security/azureSecurityCenter/readme.md +++ b/modules/Microsoft.Security/azureSecurityCenter/readme.md @@ -96,7 +96,30 @@ securityContactProperties: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module azureSecurityCenter './Microsoft.Security/azureSecurityCenter/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-azureSecurityCenter' + params: { + scope: '/subscriptions/<>' + securityContactProperties: { + email: 'foo@contoso.com' + phone: '+12345678' + alertNotifications: 'Off' + alertsToAdmins: 'Off' + } + workspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + } +} +``` + +
+

@@ -125,27 +148,5 @@ securityContactProperties: { } ``` -
- -
- -via Bicep module - -```bicep -module azureSecurityCenter './Microsoft.Security/azureSecurityCenter/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-azureSecurityCenter' - params: { - scope: '/subscriptions/<>' - securityContactProperties: { - email: 'foo@contoso.com' - phone: '+12345678' - alertNotifications: 'Off' - alertsToAdmins: 'Off' - } - workspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - } -} -``` -

diff --git a/modules/Microsoft.ServiceBus/namespaces/readme.md b/modules/Microsoft.ServiceBus/namespaces/readme.md index 7bab9cd9a6..2da7961107 100644 --- a/modules/Microsoft.ServiceBus/namespaces/readme.md +++ b/modules/Microsoft.ServiceBus/namespaces/readme.md @@ -293,7 +293,23 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module namespaces './Microsoft.ServiceBus/namespaces/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-namespaces' + params: { + + } +} +``` + +
+

@@ -308,6 +324,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Parameters

@@ -317,7 +336,127 @@ userAssignedIdentities: { module namespaces './Microsoft.ServiceBus/namespaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-namespaces' params: { - + name: '<>-az-sbn-x-002' + lock: 'CanNotDelete' + skuName: 'Premium' + tags: {} + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + disasterRecoveryConfigs: {} + migrationConfigurations: {} + virtualNetworkRules: [ + '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-003' + ] + ipFilterRules: [ + { + filterName: 'ipFilter1' + ipMask: '10.0.1.0/32' + action: 'Accept' + } + { + filterName: 'ipFilter2' + ipMask: '10.0.2.0/32' + action: 'Accept' + } + ] + authorizationRules: [ + { + name: 'RootManageSharedAccessKey' + rights: [ + 'Listen' + 'Manage' + 'Send' + ] + } + { + name: 'AnotherKey' + rights: [ + 'Listen' + 'Send' + ] + } + ] + queues: [ + { + name: '<>-az-sbq-x-002' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + authorizationRules: [ + { + name: 'RootManageSharedAccessKey' + rights: [ + 'Listen' + 'Manage' + 'Send' + ] + } + { + name: 'AnotherKey' + rights: [ + 'Listen' + 'Send' + ] + } + ] + } + ] + topics: [ + { + name: '<>-az-sbt-x-001' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + authorizationRules: [ + { + name: 'RootManageSharedAccessKey' + rights: [ + 'Listen' + 'Manage' + 'Send' + ] + } + { + name: 'AnotherKey' + rights: [ + 'Listen' + 'Send' + ] + } + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'namespace' + } + ] } } ``` @@ -325,8 +464,6 @@ module namespaces './Microsoft.ServiceBus/namespaces/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -501,140 +638,5 @@ module namespaces './Microsoft.ServiceBus/namespaces/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module namespaces './Microsoft.ServiceBus/namespaces/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-namespaces' - params: { - name: '<>-az-sbn-x-002' - lock: 'CanNotDelete' - skuName: 'Premium' - tags: {} - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - disasterRecoveryConfigs: {} - migrationConfigurations: {} - virtualNetworkRules: [ - '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-003' - ] - ipFilterRules: [ - { - filterName: 'ipFilter1' - ipMask: '10.0.1.0/32' - action: 'Accept' - } - { - filterName: 'ipFilter2' - ipMask: '10.0.2.0/32' - action: 'Accept' - } - ] - authorizationRules: [ - { - name: 'RootManageSharedAccessKey' - rights: [ - 'Listen' - 'Manage' - 'Send' - ] - } - { - name: 'AnotherKey' - rights: [ - 'Listen' - 'Send' - ] - } - ] - queues: [ - { - name: '<>-az-sbq-x-002' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - authorizationRules: [ - { - name: 'RootManageSharedAccessKey' - rights: [ - 'Listen' - 'Manage' - 'Send' - ] - } - { - name: 'AnotherKey' - rights: [ - 'Listen' - 'Send' - ] - } - ] - } - ] - topics: [ - { - name: '<>-az-sbt-x-001' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - authorizationRules: [ - { - name: 'RootManageSharedAccessKey' - rights: [ - 'Listen' - 'Manage' - 'Send' - ] - } - { - name: 'AnotherKey' - rights: [ - 'Listen' - 'Send' - ] - } - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'namespace' - } - ] - } -} -``` -

diff --git a/modules/Microsoft.ServiceFabric/clusters/readme.md b/modules/Microsoft.ServiceFabric/clusters/readme.md index 49f09ce508..ce8ce1915b 100644 --- a/modules/Microsoft.ServiceFabric/clusters/readme.md +++ b/modules/Microsoft.ServiceFabric/clusters/readme.md @@ -228,7 +228,46 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Cert

+ +
+ +via Bicep module + +```bicep +module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-clusters' + params: { + name: '<>-az-sfc-cert-001' + managementEndpoint: 'https://<>-az-sfc-cert-001.westeurope.cloudapp.azure.com:19080' + reliabilityLevel: 'None' + certificate: { + thumbprint: '0AC113D5E1D94C401DDEB0EE2B1B96CC130' + x509StoreName: 'My' + } + nodeTypes: [ + { + applicationPorts: { + endPort: 30000 + startPort: 20000 + } + clientConnectionEndpointPort: 19000 + durabilityLevel: 'Bronze' + ephemeralPorts: { + endPort: 65534 + startPort: 49152 + } + httpGatewayEndpointPort: 19080 + isPrimary: true + name: 'Node01' + } + ] + } +} +``` + +
+

@@ -278,6 +317,9 @@ tags: { ```
+

+ +

Example 2: Full

@@ -287,28 +329,168 @@ tags: { module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { name: '${uniqueString(deployment().name)}-clusters' params: { - name: '<>-az-sfc-cert-001' - managementEndpoint: 'https://<>-az-sfc-cert-001.westeurope.cloudapp.azure.com:19080' - reliabilityLevel: 'None' - certificate: { - thumbprint: '0AC113D5E1D94C401DDEB0EE2B1B96CC130' - x509StoreName: 'My' + name: '<>-az-sfc-full-001' + lock: 'CanNotDelete' + tags: { + resourceType: 'Service Fabric' + clusterName: '<>-az-sfc-full-001' + } + addOnFeatures: [ + 'RepairManager' + 'DnsService' + 'BackupRestoreService' + 'ResourceMonitorService' + ] + maxUnusedVersionsToKeep: 2 + azureActiveDirectory: { + clientApplication: '<>' + clusterApplication: 'cf33fea8-b30f-424f-ab73-c48d99e0b222' + tenantId: '<>' + } + certificateCommonNames: { + commonNames: [ + { + certificateCommonName: 'certcommon' + certificateIssuerThumbprint: '0AC113D5E1D94C401DDEB0EE2B1B96CC130' + } + ] + x509StoreName: '' } + clientCertificateCommonNames: [ + { + certificateCommonName: 'clientcommoncert1' + certificateIssuerThumbprint: '0AC113D5E1D94C401DDEB0EE2B1B96CC130' + isAdmin: false + } + { + certificateCommonName: 'clientcommoncert2' + certificateIssuerThumbprint: '0AC113D5E1D94C401DDEB0EE2B1B96CC131' + isAdmin: false + } + ] + clientCertificateThumbprints: [ + { + certificateThumbprint: '0AC113D5E1D94C401DDEB0EE2B1B96CC130' + isAdmin: false + } + { + certificateThumbprint: '0AC113D5E1D94C401DDEB0EE2B1B96CC131' + isAdmin: false + } + ] + diagnosticsStorageAccountConfig: { + blobEndpoint: 'https://adp<>azsaweux001.blob.core.windows.net/' + protectedAccountKeyName: 'StorageAccountKey1' + queueEndpoint: 'https://adp<>azsaweux001.queue.core.windows.net/' + storageAccountName: 'adp<>azsaweux001' + tableEndpoint: 'https://adp<>azsaweux001.table.core.windows.net/' + } + fabricSettings: [ + { + name: 'Security' + parameters: [ + { + name: 'ClusterProtectionLevel' + value: 'EncryptAndSign' + } + ] + } + { + name: 'UpgradeService' + parameters: [ + { + name: 'AppPollIntervalInSeconds' + value: '60' + } + ] + } + ] + managementEndpoint: 'https://<>-az-sfc-full-001.westeurope.cloudapp.azure.com:19080' nodeTypes: [ { applicationPorts: { endPort: 30000 startPort: 20000 } + capacities: {} clientConnectionEndpointPort: 19000 - durabilityLevel: 'Bronze' + durabilityLevel: 'Silver' ephemeralPorts: { endPort: 65534 startPort: 49152 } httpGatewayEndpointPort: 19080 isPrimary: true + isStateless: false + multipleAvailabilityZones: false name: 'Node01' + placementProperties: {} + reverseProxyEndpointPort: '' + vmInstanceCount: 5 + } + { + applicationPorts: { + endPort: 30000 + startPort: 20000 + } + clientConnectionEndpointPort: 19000 + durabilityLevel: 'Bronze' + ephemeralPorts: { + endPort: 64000 + startPort: 49000 + } + httpGatewayEndpointPort: 19007 + isPrimary: true + name: 'Node02' + vmInstanceCount: 5 + } + ] + notifications: [ + { + isEnabled: true + notificationCategory: 'WaveProgress' + notificationLevel: 'Critical' + notificationTargets: [ + { + notificationChannel: 'EmailUser' + receivers: [ + 'SomeReceiver' + ] + } + ] + } + ] + upgradeDescription: { + forceRestart: false + upgradeReplicaSetCheckTimeout: '1.00:00:00' + healthCheckWaitDuration: '00:00:30' + healthCheckStableDuration: '00:01:00' + healthCheckRetryTimeout: '00:45:00' + upgradeTimeout: '02:00:00' + upgradeDomainTimeout: '02:00:00' + healthPolicy: { + maxPercentUnhealthyNodes: 0 + maxPercentUnhealthyApplications: 0 + } + deltaHealthPolicy: { + maxPercentDeltaUnhealthyNodes: 0 + maxPercentUpgradeDomainDeltaUnhealthyNodes: 0 + maxPercentDeltaUnhealthyApplications: 0 + } + } + reliabilityLevel: 'Silver' + vmImage: 'Linux' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + applicationTypes: [ + { + name: 'WordCount' } ] } @@ -318,8 +500,6 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -536,6 +716,9 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { ```
+

+ +

Example 3: Min

@@ -545,168 +728,24 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { name: '${uniqueString(deployment().name)}-clusters' params: { - name: '<>-az-sfc-full-001' - lock: 'CanNotDelete' - tags: { - resourceType: 'Service Fabric' - clusterName: '<>-az-sfc-full-001' - } - addOnFeatures: [ - 'RepairManager' - 'DnsService' - 'BackupRestoreService' - 'ResourceMonitorService' - ] - maxUnusedVersionsToKeep: 2 - azureActiveDirectory: { - clientApplication: '<>' - clusterApplication: 'cf33fea8-b30f-424f-ab73-c48d99e0b222' - tenantId: '<>' - } - certificateCommonNames: { - commonNames: [ - { - certificateCommonName: 'certcommon' - certificateIssuerThumbprint: '0AC113D5E1D94C401DDEB0EE2B1B96CC130' - } - ] - x509StoreName: '' - } - clientCertificateCommonNames: [ - { - certificateCommonName: 'clientcommoncert1' - certificateIssuerThumbprint: '0AC113D5E1D94C401DDEB0EE2B1B96CC130' - isAdmin: false - } - { - certificateCommonName: 'clientcommoncert2' - certificateIssuerThumbprint: '0AC113D5E1D94C401DDEB0EE2B1B96CC131' - isAdmin: false - } - ] - clientCertificateThumbprints: [ - { - certificateThumbprint: '0AC113D5E1D94C401DDEB0EE2B1B96CC130' - isAdmin: false - } - { - certificateThumbprint: '0AC113D5E1D94C401DDEB0EE2B1B96CC131' - isAdmin: false - } - ] - diagnosticsStorageAccountConfig: { - blobEndpoint: 'https://adp<>azsaweux001.blob.core.windows.net/' - protectedAccountKeyName: 'StorageAccountKey1' - queueEndpoint: 'https://adp<>azsaweux001.queue.core.windows.net/' - storageAccountName: 'adp<>azsaweux001' - tableEndpoint: 'https://adp<>azsaweux001.table.core.windows.net/' - } - fabricSettings: [ - { - name: 'Security' - parameters: [ - { - name: 'ClusterProtectionLevel' - value: 'EncryptAndSign' - } - ] - } - { - name: 'UpgradeService' - parameters: [ - { - name: 'AppPollIntervalInSeconds' - value: '60' - } - ] - } - ] - managementEndpoint: 'https://<>-az-sfc-full-001.westeurope.cloudapp.azure.com:19080' + name: '<>-az-sfc-min-001' + managementEndpoint: 'https://<>-az-sfc-min-001.westeurope.cloudapp.azure.com:19080' + reliabilityLevel: 'None' nodeTypes: [ { applicationPorts: { endPort: 30000 startPort: 20000 } - capacities: {} clientConnectionEndpointPort: 19000 - durabilityLevel: 'Silver' + durabilityLevel: 'Bronze' ephemeralPorts: { endPort: 65534 startPort: 49152 } httpGatewayEndpointPort: 19080 isPrimary: true - isStateless: false - multipleAvailabilityZones: false name: 'Node01' - placementProperties: {} - reverseProxyEndpointPort: '' - vmInstanceCount: 5 - } - { - applicationPorts: { - endPort: 30000 - startPort: 20000 - } - clientConnectionEndpointPort: 19000 - durabilityLevel: 'Bronze' - ephemeralPorts: { - endPort: 64000 - startPort: 49000 - } - httpGatewayEndpointPort: 19007 - isPrimary: true - name: 'Node02' - vmInstanceCount: 5 - } - ] - notifications: [ - { - isEnabled: true - notificationCategory: 'WaveProgress' - notificationLevel: 'Critical' - notificationTargets: [ - { - notificationChannel: 'EmailUser' - receivers: [ - 'SomeReceiver' - ] - } - ] - } - ] - upgradeDescription: { - forceRestart: false - upgradeReplicaSetCheckTimeout: '1.00:00:00' - healthCheckWaitDuration: '00:00:30' - healthCheckStableDuration: '00:01:00' - healthCheckRetryTimeout: '00:45:00' - upgradeTimeout: '02:00:00' - upgradeDomainTimeout: '02:00:00' - healthPolicy: { - maxPercentUnhealthyNodes: 0 - maxPercentUnhealthyApplications: 0 - } - deltaHealthPolicy: { - maxPercentDeltaUnhealthyNodes: 0 - maxPercentUpgradeDomainDeltaUnhealthyNodes: 0 - maxPercentDeltaUnhealthyApplications: 0 - } - } - reliabilityLevel: 'Silver' - vmImage: 'Linux' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - applicationTypes: [ - { - name: 'WordCount' } ] } @@ -716,8 +755,6 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -759,39 +796,5 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-clusters' - params: { - name: '<>-az-sfc-min-001' - managementEndpoint: 'https://<>-az-sfc-min-001.westeurope.cloudapp.azure.com:19080' - reliabilityLevel: 'None' - nodeTypes: [ - { - applicationPorts: { - endPort: 30000 - startPort: 20000 - } - clientConnectionEndpointPort: 19000 - durabilityLevel: 'Bronze' - ephemeralPorts: { - endPort: 65534 - startPort: 49152 - } - httpGatewayEndpointPort: 19080 - isPrimary: true - name: 'Node01' - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Sql/managedInstances/readme.md b/modules/Microsoft.Sql/managedInstances/readme.md index c2b83a041c..31beeefaf5 100644 --- a/modules/Microsoft.Sql/managedInstances/readme.md +++ b/modules/Microsoft.Sql/managedInstances/readme.md @@ -274,7 +274,99 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { + name: 'adp-<>-az-kv-x-001' + scope: resourceGroup('<>','validation-rg') +} + +module managedInstances './Microsoft.Sql/managedInstances/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-managedInstances' + params: { + name: '<>-az-sqlmi-x-002' + lock: 'CanNotDelete' + administratorLogin: kv1.getSecret('administratorLogin') + administratorLoginPassword: kv1.getSecret('administratorLoginPassword') + subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-sqlmi/subnets/<>-az-subnet-x-sqlmi' + skuName: 'GP_Gen5' + skuTier: 'GeneralPurpose' + storageSizeInGB: 32 + vCores: 4 + licenseType: 'LicenseIncluded' + hardwareFamily: 'Gen5' + servicePrincipal: 'SystemAssigned' + dnsZonePartner: '' + timezoneId: 'UTC' + collation: 'SQL_Latin1_General_CP1_CI_AS' + proxyOverride: 'Proxy' + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + primaryUserAssignedIdentityId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' + publicDataEndpointEnabled: false + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + keys: [ + { + name: 'adp-<>-az-kv-x-sqlmi_keyEncryptionKeySqlMi_4bf367f64c914d8ba698700fb598ad07' + uri: 'https://adp-<>-az-kv-x-sqlmi.vault.azure.net/keys/keyEncryptionKeySqlMi/4bf367f64c914d8ba698700fb598ad07' + serverKeyType: 'AzureKeyVault' + } + ] + encryptionProtectorObj: { + serverKeyName: 'adp-<>-az-kv-x-sqlmi_keyEncryptionKeySqlMi_4bf367f64c914d8ba698700fb598ad07' + serverKeyType: 'AzureKeyVault' + } + securityAlertPoliciesObj: { + name: 'default' + state: 'Enabled' + emailAccountAdmins: true + } + vulnerabilityAssessmentsObj: { + name: 'default' + emailSubscriptionAdmins: true + recurringScansIsEnabled: true + recurringScansEmails: [ + 'test1@contoso.com' + 'test2@contoso.com' + ] + vulnerabilityAssessmentsStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + } + databases: [ + { + name: '<>-az-sqlmidb-x-001' + backupShortTermRetentionPolicies: { + name: 'default' + } + backupLongTermRetentionPolicies: { + name: 'default' + } + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } +} +``` + +
+

@@ -433,96 +525,5 @@ userAssignedIdentities: { } ``` -
- -
- -via Bicep module - -```bicep -resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { - name: 'adp-<>-az-kv-x-001' - scope: resourceGroup('<>','validation-rg') -} - -module managedInstances './Microsoft.Sql/managedInstances/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-managedInstances' - params: { - name: '<>-az-sqlmi-x-002' - lock: 'CanNotDelete' - administratorLogin: kv1.getSecret('administratorLogin') - administratorLoginPassword: kv1.getSecret('administratorLoginPassword') - subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-sqlmi/subnets/<>-az-subnet-x-sqlmi' - skuName: 'GP_Gen5' - skuTier: 'GeneralPurpose' - storageSizeInGB: 32 - vCores: 4 - licenseType: 'LicenseIncluded' - hardwareFamily: 'Gen5' - servicePrincipal: 'SystemAssigned' - dnsZonePartner: '' - timezoneId: 'UTC' - collation: 'SQL_Latin1_General_CP1_CI_AS' - proxyOverride: 'Proxy' - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - primaryUserAssignedIdentityId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' - publicDataEndpointEnabled: false - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - keys: [ - { - name: 'adp-<>-az-kv-x-sqlmi_keyEncryptionKeySqlMi_4bf367f64c914d8ba698700fb598ad07' - uri: 'https://adp-<>-az-kv-x-sqlmi.vault.azure.net/keys/keyEncryptionKeySqlMi/4bf367f64c914d8ba698700fb598ad07' - serverKeyType: 'AzureKeyVault' - } - ] - encryptionProtectorObj: { - serverKeyName: 'adp-<>-az-kv-x-sqlmi_keyEncryptionKeySqlMi_4bf367f64c914d8ba698700fb598ad07' - serverKeyType: 'AzureKeyVault' - } - securityAlertPoliciesObj: { - name: 'default' - state: 'Enabled' - emailAccountAdmins: true - } - vulnerabilityAssessmentsObj: { - name: 'default' - emailSubscriptionAdmins: true - recurringScansIsEnabled: true - recurringScansEmails: [ - 'test1@contoso.com' - 'test2@contoso.com' - ] - vulnerabilityAssessmentsStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - } - databases: [ - { - name: '<>-az-sqlmidb-x-001' - backupShortTermRetentionPolicies: { - name: 'default' - } - backupLongTermRetentionPolicies: { - name: 'default' - } - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Sql/servers/readme.md b/modules/Microsoft.Sql/servers/readme.md index 529b1018b5..7efe1e6199 100644 --- a/modules/Microsoft.Sql/servers/readme.md +++ b/modules/Microsoft.Sql/servers/readme.md @@ -318,7 +318,30 @@ privateEndpoints: [ ## Deployment examples -

Example 1

+

Example 1: Admin

+ +
+ +via Bicep module + +```bicep +module servers './Microsoft.Sql/servers/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-servers' + params: { + name: '<>-az-sqlsrv-admin-001' + administrators: { + azureADOnlyAuthentication: true + login: 'myspn' + sid: '<>' + principalType: 'Application' + tenantId: '<>' + } + } +} +``` + +
+

@@ -346,23 +369,88 @@ privateEndpoints: [ ```
+

+ +

Example 2: Parameters

via Bicep module ```bicep +resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { + name: 'adp-<>-az-kv-x-001' + scope: resourceGroup('<>','<>') +} + module servers './Microsoft.Sql/servers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-servers' params: { - name: '<>-az-sqlsrv-admin-001' - administrators: { - azureADOnlyAuthentication: true - login: 'myspn' - sid: '<>' - principalType: 'Application' - tenantId: '<>' + name: '<>-az-sqlsrv-x-001' + lock: 'CanNotDelete' + administratorLogin: kv1.getSecret('administratorLogin') + administratorLoginPassword: kv1.getSecret('administratorLoginPassword') + location: 'westeurope' + minimalTlsVersion: '1.2' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + vulnerabilityAssessmentsObj: { + name: 'default' + emailSubscriptionAdmins: true + recurringScansIsEnabled: true + recurringScansEmails: [ + 'test1@contoso.com' + 'test2@contoso.com' + ] + vulnerabilityAssessmentsStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + } + databases: [ + { + name: '<>-az-sqldb-x-001' + collation: 'SQL_Latin1_General_CP1_CI_AS' + skuTier: 'BusinessCritical' + skuName: 'BC_Gen5' + skuCapacity: 12 + skuFamily: 'Gen5' + maxSizeBytes: 34359738368 + licenseType: 'LicenseIncluded' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } + ] + firewallRules: [ + { + name: 'AllowAllWindowsAzureIps' + endIpAddress: '0.0.0.0' + startIpAddress: '0.0.0.0' + } + ] + securityAlertPolicies: [ + { + name: 'Default' + state: 'Enabled' + emailAccountAdmins: true + } + ] + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'sqlServer' + } + ] } } ``` @@ -370,8 +458,6 @@ module servers './Microsoft.Sql/servers/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -488,89 +574,5 @@ module servers './Microsoft.Sql/servers/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { - name: 'adp-<>-az-kv-x-001' - scope: resourceGroup('<>','<>') -} - -module servers './Microsoft.Sql/servers/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-servers' - params: { - name: '<>-az-sqlsrv-x-001' - lock: 'CanNotDelete' - administratorLogin: kv1.getSecret('administratorLogin') - administratorLoginPassword: kv1.getSecret('administratorLoginPassword') - location: 'westeurope' - minimalTlsVersion: '1.2' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - vulnerabilityAssessmentsObj: { - name: 'default' - emailSubscriptionAdmins: true - recurringScansIsEnabled: true - recurringScansEmails: [ - 'test1@contoso.com' - 'test2@contoso.com' - ] - vulnerabilityAssessmentsStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - } - databases: [ - { - name: '<>-az-sqldb-x-001' - collation: 'SQL_Latin1_General_CP1_CI_AS' - skuTier: 'BusinessCritical' - skuName: 'BC_Gen5' - skuCapacity: 12 - skuFamily: 'Gen5' - maxSizeBytes: 34359738368 - licenseType: 'LicenseIncluded' - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } - ] - firewallRules: [ - { - name: 'AllowAllWindowsAzureIps' - endIpAddress: '0.0.0.0' - startIpAddress: '0.0.0.0' - } - ] - securityAlertPolicies: [ - { - name: 'Default' - state: 'Enabled' - emailAccountAdmins: true - } - ] - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'sqlServer' - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md b/modules/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md index be24359634..d87feefd2d 100644 --- a/modules/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md +++ b/modules/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md @@ -13,7 +13,7 @@ This module deploys a storage account file share. | Resource Type | API Version | | :-- | :-- | | `Microsoft.Authorization/roleAssignments` | [2020-10-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2020-10-01-preview/roleAssignments) | -| `Microsoft.Storage/storageAccounts/fileServices/shares` | [2021-08-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Storage/2021-08-01/storageAccounts/fileServices/shares) | +| `Microsoft.Storage/storageAccounts/fileServices/shares` | [2021-08-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Storage/storageAccounts/fileServices/shares) | ## Parameters diff --git a/modules/Microsoft.Storage/storageAccounts/readme.md b/modules/Microsoft.Storage/storageAccounts/readme.md index 418f064a82..95641a3e73 100644 --- a/modules/Microsoft.Storage/storageAccounts/readme.md +++ b/modules/Microsoft.Storage/storageAccounts/readme.md @@ -364,7 +364,34 @@ The hierarchical namespace of the storage account (see parameter `enableHierarch ## Deployment examples -

Example 1

+

Example 1: Encr

+ +
+ +via Bicep module + +```bicep +module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-storageAccounts' + params: { + name: '<>azsaencr001' + storageAccountSku: 'Standard_LRS' + allowBlobPublicAccess: false + publicNetworkAccess: 'Disabled' + requireInfrastructureEncryption: true + systemAssignedIdentity: false + userAssignedIdentities: { + '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' + cMKKeyName: 'keyEncryptionKey' + cMKUserAssignedIdentityResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' + } +} +``` + +
+

@@ -412,6 +439,9 @@ The hierarchical namespace of the storage account (see parameter `enableHierarch ```
+

+ +

Example 2: Min

@@ -421,18 +451,7 @@ The hierarchical namespace of the storage account (see parameter `enableHierarch module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-storageAccounts' params: { - name: '<>azsaencr001' - storageAccountSku: 'Standard_LRS' allowBlobPublicAccess: false - publicNetworkAccess: 'Disabled' - requireInfrastructureEncryption: true - systemAssignedIdentity: false - userAssignedIdentities: { - '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' - cMKKeyName: 'keyEncryptionKey' - cMKUserAssignedIdentityResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' } } ``` @@ -440,8 +459,6 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -459,6 +476,9 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { ```
+

+ +

Example 3: Nfs

@@ -468,7 +488,36 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-storageAccounts' params: { + name: '<>azsax002' + storageAccountSku: 'Premium_LRS' + storageAccountKind: 'FileStorage' allowBlobPublicAccess: false + supportsHttpsTrafficOnly: false + fileServices: { + shares: [ + { + name: 'nfsfileshare' + enabledProtocols: 'NFS' + } + ] + } + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -476,8 +525,6 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -550,6 +597,9 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { ```
+

+ +

Example 4: Parameters

@@ -559,16 +609,132 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-storageAccounts' params: { - name: '<>azsax002' - storageAccountSku: 'Premium_LRS' - storageAccountKind: 'FileStorage' + name: '<>azsax001' + storageAccountSku: 'Standard_LRS' allowBlobPublicAccess: false - supportsHttpsTrafficOnly: false + publicNetworkAccess: 'Disabled' + requireInfrastructureEncryption: true + lock: 'CanNotDelete' + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'blob' + } + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'table' + } + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'queue' + } + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'file' + } + ] + networkAcls: { + bypass: 'AzureServices' + defaultAction: 'Deny' + virtualNetworkRules: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' + action: 'Allow' + } + ] + ipRules: [ + { + action: 'Allow' + value: '1.1.1.1' + } + ] + } + blobServices: { + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + containers: [ + { + name: 'avdscripts' + publicAccess: 'None' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + { + name: 'archivecontainer' + publicAccess: 'None' + enableWORM: true + WORMRetention: 666 + allowProtectedAppendWrites: false + } + ] + } fileServices: { + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' shares: [ { - name: 'nfsfileshare' - enabledProtocols: 'NFS' + name: 'avdprofiles' + shareQuota: '5120' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + { + name: 'avdprofiles2' + shareQuota: '5120' + } + ] + } + tableServices: { + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + tables: [ + 'table1' + 'table2' + ] + } + queueServices: { + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + queues: [ + { + name: 'queue1' + metadata: {} + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } + { + name: 'queue2' + metadata: {} } ] } @@ -596,8 +762,6 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = {

-

Example 4

-
via JSON Parameter file @@ -798,6 +962,9 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { ```
+

+ +

Example 5: V1

@@ -807,152 +974,8 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-storageAccounts' params: { - name: '<>azsax001' - storageAccountSku: 'Standard_LRS' + storageAccountKind: 'Storage' allowBlobPublicAccess: false - publicNetworkAccess: 'Disabled' - requireInfrastructureEncryption: true - lock: 'CanNotDelete' - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'blob' - } - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'table' - } - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'queue' - } - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'file' - } - ] - networkAcls: { - bypass: 'AzureServices' - defaultAction: 'Deny' - virtualNetworkRules: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' - action: 'Allow' - } - ] - ipRules: [ - { - action: 'Allow' - value: '1.1.1.1' - } - ] - } - blobServices: { - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - containers: [ - { - name: 'avdscripts' - publicAccess: 'None' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - { - name: 'archivecontainer' - publicAccess: 'None' - enableWORM: true - WORMRetention: 666 - allowProtectedAppendWrites: false - } - ] - } - fileServices: { - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - shares: [ - { - name: 'avdprofiles' - shareQuota: '5120' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - { - name: 'avdprofiles2' - shareQuota: '5120' - } - ] - } - tableServices: { - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - tables: [ - 'table1' - 'table2' - ] - } - queueServices: { - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - queues: [ - { - name: 'queue1' - metadata: {} - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } - { - name: 'queue2' - metadata: {} - } - ] - } - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -960,8 +983,6 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = {

-

Example 5

-
via JSON Parameter file @@ -981,21 +1002,5 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-storageAccounts' - params: { - storageAccountKind: 'Storage' - allowBlobPublicAccess: false - } -} -``` -

diff --git a/modules/Microsoft.Synapse/privateLinkHubs/readme.md b/modules/Microsoft.Synapse/privateLinkHubs/readme.md index 0f89482ad3..9f2f2aa678 100644 --- a/modules/Microsoft.Synapse/privateLinkHubs/readme.md +++ b/modules/Microsoft.Synapse/privateLinkHubs/readme.md @@ -225,7 +225,23 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module privateLinkHubs './Microsoft.Synapse/privateLinkHubs/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-privateLinkHubs' + params: { + name: 'synplhmin001' + } +} +``` + +
+

@@ -244,6 +260,9 @@ tags: { ```
+

+ +

Example 2: Parameters

@@ -253,7 +272,28 @@ tags: { module privateLinkHubs './Microsoft.Synapse/privateLinkHubs/deploy.bicep' = { name: '${uniqueString(deployment().name)}-privateLinkHubs' params: { - name: 'synplhmin001' + name: 'synplhstandard001' + lock: 'CanNotDelete' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + { + roleDefinitionIdOrName: '/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c' + principalIds: [ + '<>' + ] + } + ] + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'Web' + } + ] } } ``` @@ -261,8 +301,6 @@ module privateLinkHubs './Microsoft.Synapse/privateLinkHubs/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -306,41 +344,5 @@ module privateLinkHubs './Microsoft.Synapse/privateLinkHubs/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module privateLinkHubs './Microsoft.Synapse/privateLinkHubs/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-privateLinkHubs' - params: { - name: 'synplhstandard001' - lock: 'CanNotDelete' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - { - roleDefinitionIdOrName: '/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c' - principalIds: [ - '<>' - ] - } - ] - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'Web' - } - ] - } -} -``` -

diff --git a/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md b/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md index f8edd4cdd7..fde584958d 100644 --- a/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md +++ b/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md @@ -260,7 +260,55 @@ roleAssignments: [ ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module imageTemplates './Microsoft.VirtualMachineImages/imageTemplates/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-imageTemplates' + params: { + name: '<>-az-imgt-x-001' + lock: 'CanNotDelete' + userMsiName: 'adp-<>-az-msi-x-001' + userMsiResourceGroup: 'validation-rg' + buildTimeoutInMinutes: 0 + vmSize: 'Standard_D2s_v3' + osDiskSizeGB: 127 + subnetId: '' + imageSource: { + type: 'PlatformImage' + publisher: 'MicrosoftWindowsDesktop' + offer: 'Windows-10' + sku: '19h2-evd' + version: 'latest' + } + customizationSteps: [ + { + type: 'WindowsRestart' + restartTimeout: '30m' + } + ] + managedImageName: '<>-az-mi-x-001' + unManagedImageName: '<>-az-umi-x-001' + sigImageDefinitionId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/galleries/adp<>azsigweux001/images/adp-<>-az-imgd-x-001' + imageReplicationRegions: [] + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -338,52 +386,5 @@ roleAssignments: [ } ``` -
- -
- -via Bicep module - -```bicep -module imageTemplates './Microsoft.VirtualMachineImages/imageTemplates/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-imageTemplates' - params: { - name: '<>-az-imgt-x-001' - lock: 'CanNotDelete' - userMsiName: 'adp-<>-az-msi-x-001' - userMsiResourceGroup: 'validation-rg' - buildTimeoutInMinutes: 0 - vmSize: 'Standard_D2s_v3' - osDiskSizeGB: 127 - subnetId: '' - imageSource: { - type: 'PlatformImage' - publisher: 'MicrosoftWindowsDesktop' - offer: 'Windows-10' - sku: '19h2-evd' - version: 'latest' - } - customizationSteps: [ - { - type: 'WindowsRestart' - restartTimeout: '30m' - } - ] - managedImageName: '<>-az-mi-x-001' - unManagedImageName: '<>-az-umi-x-001' - sigImageDefinitionId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/galleries/adp<>azsigweux001/images/adp-<>-az-imgd-x-001' - imageReplicationRegions: [] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Web/connections/readme.md b/modules/Microsoft.Web/connections/readme.md index 17d31cbb98..c34cc84760 100644 --- a/modules/Microsoft.Web/connections/readme.md +++ b/modules/Microsoft.Web/connections/readme.md @@ -153,7 +153,36 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module connections './Microsoft.Web/connections/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-connections' + params: { + name: 'azuremonitor' + lock: 'CanNotDelete' + displayName: 'azuremonitorlogs' + connectionApi: { + id: '/subscriptions/<>/providers/Microsoft.Web/locations/westeurope/managedApis/azuremonitorlogs' + } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -192,33 +221,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module connections './Microsoft.Web/connections/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-connections' - params: { - name: 'azuremonitor' - lock: 'CanNotDelete' - displayName: 'azuremonitorlogs' - connectionApi: { - id: '/subscriptions/<>/providers/Microsoft.Web/locations/westeurope/managedApis/azuremonitorlogs' - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Web/hostingEnvironments/readme.md b/modules/Microsoft.Web/hostingEnvironments/readme.md index 0dd5e01601..7b007936cb 100644 --- a/modules/Microsoft.Web/hostingEnvironments/readme.md +++ b/modules/Microsoft.Web/hostingEnvironments/readme.md @@ -199,7 +199,46 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Asev2

+ +
+ +via Bicep module + +```bicep +module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-hostingEnvironments' + params: { + name: '<>-az-appse-asev2-001' + kind: 'ASEv2' + multiSize: 'Standard_D1_V2' + ipsslAddressCount: 2 + clusterSettings: [ + { + name: 'DisableTls1.0' + value: '1' + } + ] + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-008' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + } +} +``` + +
+

@@ -263,6 +302,9 @@ tags: { ```
+

+ +

Example 2: Asev3

@@ -272,17 +314,9 @@ tags: { module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-hostingEnvironments' params: { - name: '<>-az-appse-asev2-001' - kind: 'ASEv2' - multiSize: 'Standard_D1_V2' - ipsslAddressCount: 2 - clusterSettings: [ - { - name: 'DisableTls1.0' - value: '1' - } - ] - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-008' + name: '<>-az-appse-asev3-001' + lock: 'CanNotDelete' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-006' roleAssignments: [ { roleDefinitionIdOrName: 'Reader' @@ -292,6 +326,12 @@ module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = } ] diagnosticLogsRetentionInDays: 7 + clusterSettings: [ + { + name: 'DisableTls1.0' + value: '1' + } + ] diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' @@ -303,8 +343,6 @@ module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' =

-

Example 2

-
via JSON Parameter file @@ -360,41 +398,5 @@ module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = } ``` -
- -
- -via Bicep module - -```bicep -module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-hostingEnvironments' - params: { - name: '<>-az-appse-asev3-001' - lock: 'CanNotDelete' - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-006' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - clusterSettings: [ - { - name: 'DisableTls1.0' - value: '1' - } - ] - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - } -} -``` -

diff --git a/modules/Microsoft.Web/serverfarms/readme.md b/modules/Microsoft.Web/serverfarms/readme.md index 72d0297048..b64ca1362c 100644 --- a/modules/Microsoft.Web/serverfarms/readme.md +++ b/modules/Microsoft.Web/serverfarms/readme.md @@ -198,7 +198,44 @@ tags: { ## Deployment examples -

Example 1

+

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module serverfarms './Microsoft.Web/serverfarms/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-serverfarms' + params: { + name: '<>-az-asp-x-001' + lock: 'CanNotDelete' + sku: { + name: 'S1' + tier: 'Standard' + size: 'S1' + family: 'S' + capacity: '1' + } + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + } +} +``` + +
+

@@ -253,41 +290,5 @@ tags: { } ``` -
- -
- -via Bicep module - -```bicep -module serverfarms './Microsoft.Web/serverfarms/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-serverfarms' - params: { - name: '<>-az-asp-x-001' - lock: 'CanNotDelete' - sku: { - name: 'S1' - tier: 'Standard' - size: 'S1' - family: 'S' - capacity: '1' - } - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Web/sites/readme.md b/modules/Microsoft.Web/sites/readme.md index 7d0efff160..cdfabf74a7 100644 --- a/modules/Microsoft.Web/sites/readme.md +++ b/modules/Microsoft.Web/sites/readme.md @@ -392,7 +392,28 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Fa Min

+ +
+ +via Bicep module + +```bicep +module sites './Microsoft.Web/sites/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-sites' + params: { + name: '<>-az-fa-min-001' + kind: 'functionapp' + serverFarmResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001' + siteConfig: { + alwaysOn: true + } + } +} +``` + +
+

@@ -422,6 +443,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Fa

@@ -431,12 +455,108 @@ userAssignedIdentities: { module sites './Microsoft.Web/sites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-sites' params: { - name: '<>-az-fa-min-001' + name: '<>-az-fa-x-001' + lock: 'CanNotDelete' kind: 'functionapp' serverFarmResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001' siteConfig: { alwaysOn: true + use32BitWorkerProcess: false + } + appInsightId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + setAzureWebJobsDashboard: true + appSettingsKeyValuePairs: { + FUNCTIONS_EXTENSION_VERSION: '~4' + FUNCTIONS_WORKER_RUNTIME: 'dotnet' + AzureFunctionsJobHost__logging__logLevel__default: 'Trace' + EASYAUTH_SECRET: 'https://adp-<>-az-kv-x-001.vault.azure.net/secrets/Modules-Test-SP-Password' + } + authSettingV2Configuration: { + globalValidation: { + requireAuthentication: true + unauthenticatedClientAction: 'Return401' + } + httpSettings: { + forwardProxy: { + convention: 'NoProxy' + } + requireHttps: true + routes: { + apiPrefix: '/.auth' + } + } + identityProviders: { + azureActiveDirectory: { + enabled: true + login: { + disableWWWAuthenticate: false + } + registration: { + openIdIssuer: 'https://sts.windows.net/<>/v2.0/' + clientId: 'd874dd2f-2032-4db1-a053-f0ec243685aa' + clientSecretSettingName: 'EASYAUTH_SECRET' + } + validation: { + allowedAudiences: [ + 'api://d874dd2f-2032-4db1-a053-f0ec243685aa' + ] + defaultAuthorizationPolicy: { + allowedPrincipals: {} + } + jwtClaimChecks: {} + } + } + } + login: { + allowedExternalRedirectUrls: [ + 'string' + ] + cookieExpiration: { + convention: 'FixedTime' + timeToExpiration: '08:00:00' + } + nonce: { + nonceExpirationInterval: '00:05:00' + validateNonce: true + } + preserveUrlFragmentsForLogins: false + routes: {} + tokenStore: { + azureBlobStorage: {} + enabled: true + fileSystem: {} + tokenRefreshExtensionHours: 72 + } + } + platform: { + enabled: true + runtimeVersion: '~1' + } + } + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'sites' + } + ] } } ``` @@ -444,8 +564,6 @@ module sites './Microsoft.Web/sites/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -600,6 +718,9 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { ```
+

+ +

Example 3: Wa Min

@@ -609,108 +730,9 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { module sites './Microsoft.Web/sites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-sites' params: { - name: '<>-az-fa-x-001' - lock: 'CanNotDelete' - kind: 'functionapp' + name: '<>-az-wa-min-001' + kind: 'app' serverFarmResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001' - siteConfig: { - alwaysOn: true - use32BitWorkerProcess: false - } - appInsightId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - setAzureWebJobsDashboard: true - appSettingsKeyValuePairs: { - FUNCTIONS_EXTENSION_VERSION: '~4' - FUNCTIONS_WORKER_RUNTIME: 'dotnet' - AzureFunctionsJobHost__logging__logLevel__default: 'Trace' - EASYAUTH_SECRET: 'https://adp-<>-az-kv-x-001.vault.azure.net/secrets/Modules-Test-SP-Password' - } - authSettingV2Configuration: { - globalValidation: { - requireAuthentication: true - unauthenticatedClientAction: 'Return401' - } - httpSettings: { - forwardProxy: { - convention: 'NoProxy' - } - requireHttps: true - routes: { - apiPrefix: '/.auth' - } - } - identityProviders: { - azureActiveDirectory: { - enabled: true - login: { - disableWWWAuthenticate: false - } - registration: { - openIdIssuer: 'https://sts.windows.net/<>/v2.0/' - clientId: 'd874dd2f-2032-4db1-a053-f0ec243685aa' - clientSecretSettingName: 'EASYAUTH_SECRET' - } - validation: { - allowedAudiences: [ - 'api://d874dd2f-2032-4db1-a053-f0ec243685aa' - ] - defaultAuthorizationPolicy: { - allowedPrincipals: {} - } - jwtClaimChecks: {} - } - } - } - login: { - allowedExternalRedirectUrls: [ - 'string' - ] - cookieExpiration: { - convention: 'FixedTime' - timeToExpiration: '08:00:00' - } - nonce: { - nonceExpirationInterval: '00:05:00' - validateNonce: true - } - preserveUrlFragmentsForLogins: false - routes: {} - tokenStore: { - azureBlobStorage: {} - enabled: true - fileSystem: {} - tokenRefreshExtensionHours: 72 - } - } - platform: { - enabled: true - runtimeVersion: '~1' - } - } - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'sites' - } - ] } } ``` @@ -718,8 +740,6 @@ module sites './Microsoft.Web/sites/deploy.bicep' = {

-

Example 3

-
via JSON Parameter file @@ -743,6 +763,9 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { ```
+

+ +

Example 4: Wa

@@ -752,9 +775,42 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { module sites './Microsoft.Web/sites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-sites' params: { - name: '<>-az-wa-min-001' + name: '<>-az-wa-x-001' kind: 'app' serverFarmResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001' + siteConfig: { + metadata: [ + { + name: 'CURRENT_STACK' + value: 'dotnetcore' + } + ] + alwaysOn: true + } + httpsOnly: true + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'sites' + } + ] } } ``` @@ -762,8 +818,6 @@ module sites './Microsoft.Web/sites/deploy.bicep' = {

-

Example 4

-
via JSON Parameter file @@ -841,55 +895,5 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module sites './Microsoft.Web/sites/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-sites' - params: { - name: '<>-az-wa-x-001' - kind: 'app' - serverFarmResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001' - siteConfig: { - metadata: [ - { - name: 'CURRENT_STACK' - value: 'dotnetcore' - } - ] - alwaysOn: true - } - httpsOnly: true - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'sites' - } - ] - } -} -``` -

diff --git a/modules/Microsoft.Web/staticSites/readme.md b/modules/Microsoft.Web/staticSites/readme.md index 76dee48d1c..654b13e6be 100644 --- a/modules/Microsoft.Web/staticSites/readme.md +++ b/modules/Microsoft.Web/staticSites/readme.md @@ -271,7 +271,23 @@ userAssignedIdentities: { ## Deployment examples -

Example 1

+

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module staticSites './Microsoft.Web/staticSites/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-staticSites' + params: { + name: '<>-az-wss-min-001' + } +} +``` + +
+

@@ -290,6 +306,9 @@ userAssignedIdentities: { ```
+

+ +

Example 2: Parameters

@@ -299,7 +318,30 @@ userAssignedIdentities: { module staticSites './Microsoft.Web/staticSites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-staticSites' params: { - name: '<>-az-wss-min-001' + name: '<>-az-wss-x-001' + lock: 'CanNotDelete' + sku: 'Standard' + stagingEnvironmentPolicy: 'Enabled' + allowConfigFileUpdates: true + enterpriseGradeCdnStatus: 'Disabled' + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + roleAssignments: [ + { + roleDefinitionIdOrName: 'Reader' + principalIds: [ + '<>' + ] + } + ] + privateEndpoints: [ + { + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + service: 'staticSites' + } + ] } } ``` @@ -307,8 +349,6 @@ module staticSites './Microsoft.Web/staticSites/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -366,43 +406,5 @@ module staticSites './Microsoft.Web/staticSites/deploy.bicep' = { } ``` -
- -
- -via Bicep module - -```bicep -module staticSites './Microsoft.Web/staticSites/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-staticSites' - params: { - name: '<>-az-wss-x-001' - lock: 'CanNotDelete' - sku: 'Standard' - stagingEnvironmentPolicy: 'Enabled' - allowConfigFileUpdates: true - enterpriseGradeCdnStatus: 'Disabled' - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'staticSites' - } - ] - } -} -``` -

diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 8daf716a73..f1f8355bc1 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -351,31 +351,23 @@ function Set-DeploymentExamplesSection { $moduleRoot = Split-Path $TemplateFilePath -Parent $resourceTypeIdentifier = $moduleRoot.Replace('\', '/').Split('/modules/')[1].TrimStart('/') + $resourceType = $resourceTypeIdentifier.Split('/')[1] $parameterFiles = Get-ChildItem (Join-Path $moduleRoot '.test') -Filter '*parameters.json' -Recurse - $index = 1 + ############################ + ## Process test files ## + ############################ + $pathIndex = 1 foreach ($testFilePath in $parameterFiles.FullName) { $contentInJSONFormat = Get-Content -Path $testFilePath -Encoding 'utf8' | Out-String + $exampleTitle = ((Split-Path $testFilePath -LeafBase) -replace '\.', ' ') -replace ' parameters', '' + $TextInfo = (Get-Culture).TextInfo + $exampleTitle = $TextInfo.ToTitleCase($exampleTitle) $SectionContent += @( - "

Example $index

" + '

Example {0}: {1}

' -f $pathIndex, $exampleTitle ) - if ($addJson) { - $SectionContent += @( - '', - '
', - '', - 'via JSON Parameter file', - '', - '```json', - $contentInJSONFormat.TrimEnd(), - '```', - '', - '
' - ) - } - if ($addBicep) { $JSONParametersHashTable = (ConvertFrom-Json $contentInJSONFormat -AsHashtable -Depth 99).parameters @@ -437,7 +429,6 @@ function Set-DeploymentExamplesSection { $bicepParamsArray = $contentInBicepFormat -split ('\n') $bicepParamsArray = $bicepParamsArray[1..($bicepParamsArray.count - 2)] } - $resourceType = $resourceTypeIdentifier.Split('/')[1] $SectionContent += @( '', @@ -460,11 +451,27 @@ function Set-DeploymentExamplesSection { ) } + if ($addJson) { + $SectionContent += @( + '', + '
', + '', + 'via JSON Parameter file', + '', + '```json', + $contentInJSONFormat.TrimEnd(), + '```', + '', + '
' + '

' + ) + } + $SectionContent += @( '' ) - $index++ + $pathIndex++ } # Build result From a0439d99b155ded476fb10b67984071b82cd9a3a Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 1 Jul 2022 14:24:43 +0200 Subject: [PATCH 02/38] Minor fix --- utilities/tools/Set-ModuleReadMe.ps1 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index f1f8355bc1..15ceb43fef 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -725,7 +725,8 @@ function Set-ModuleReadMe { $readMeFileContent = Set-OutputsSection @inputObject } - if ($SectionsToRefresh -contains 'Deployment examples') { + $isTopLevelModule = $TemplateFilePath.Replace('\', '/').Split('/modules/')[1].Split('/').Count -eq 3 # //deploy.* + if ($SectionsToRefresh -contains 'Deployment examples' -and $isTopLevelModule) { # Handle [Deployment examples] section # =================================== $inputObject = @{ From b1c8c1933d1dde611e730c15adc19b6c9ef87339 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 1 Jul 2022 14:25:48 +0200 Subject: [PATCH 03/38] Minor fix --- .../storageAccounts/fileServices/shares/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md b/modules/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md index d87feefd2d..be24359634 100644 --- a/modules/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md +++ b/modules/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md @@ -13,7 +13,7 @@ This module deploys a storage account file share. | Resource Type | API Version | | :-- | :-- | | `Microsoft.Authorization/roleAssignments` | [2020-10-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2020-10-01-preview/roleAssignments) | -| `Microsoft.Storage/storageAccounts/fileServices/shares` | [2021-08-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Storage/storageAccounts/fileServices/shares) | +| `Microsoft.Storage/storageAccounts/fileServices/shares` | [2021-08-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Storage/2021-08-01/storageAccounts/fileServices/shares) | ## Parameters From 0770df3ae944a6a71af252331bbc81b4446cc1d0 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Mon, 4 Jul 2022 20:25:19 +0200 Subject: [PATCH 04/38] Updated exceptions --- bicepconfig.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/bicepconfig.json b/bicepconfig.json index 6f7008fa9f..af7838eca4 100644 --- a/bicepconfig.json +++ b/bicepconfig.json @@ -7,6 +7,9 @@ "rules": { "explicit-values-for-loc-params": { "level": "off" // Reason: Our modules default to e.g. the location of their parent resource group which is sufficient if deploying a self-contained solution + }, + "prefer-unquoted-property-names": { + "level": "off" // Reason: This is complains primarily about RBAC roles which are all in quotes to be consistent within the list of roles with and without spaces in their name } } } From 8d94ace4fc6f48d98c68af5ddb4491de656d7fcf Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 5 Jul 2022 20:00:54 +0200 Subject: [PATCH 05/38] Added ordering to ReadMe generation script --- utilities/tools/Set-ModuleReadMe.ps1 | 41 +++++-- .../helper/ConvertTo-OrderedHashtable.ps1 | 110 ++++++++++++++++++ 2 files changed, 141 insertions(+), 10 deletions(-) create mode 100644 utilities/tools/helper/ConvertTo-OrderedHashtable.ps1 diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 15ceb43fef..e8ac5f171e 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -306,6 +306,9 @@ Generate 'Deployment examples' for the ReadMe out of the parameter files current .DESCRIPTION Generate 'Deployment examples' for the ReadMe out of the parameter files currently used to test the template +.PARAMETER TemplateFilePath +Mandatory. The path to the template file + .PARAMETER TemplateFileContent Mandatory. The template file content object to crawl data from @@ -322,7 +325,7 @@ Optional. A switch to control whether or not to add a ARM-JSON-Parameter file ex Optional. A switch to control whether or not to add a Bicep deployment example. Defaults to true. .EXAMPLE -Set-DeploymentExamplesSection -TemplateFileContent @{ resource = @{}; ... } -ReadMeFileContent @('# Title', '', '## Section 1', ...) +Set-DeploymentExamplesSection -TemplateFilePath 'C:/deploy.bicep' -TemplateFileContent @{ resource = @{}; ... } -ReadMeFileContent @('# Title', '', '## Section 1', ...) Update the given readme file's 'Deployment Examples' section based on the given template file content #> @@ -333,6 +336,9 @@ function Set-DeploymentExamplesSection { [Parameter(Mandatory = $true)] [string] $TemplateFilePath, + [Parameter(Mandatory)] + [hashtable] $TemplateFileContent, + [Parameter(Mandatory = $true)] [object[]] $ReadMeFileContent, @@ -346,6 +352,9 @@ function Set-DeploymentExamplesSection { [string] $SectionStartIdentifier = '## Deployment examples' ) + # Load used function(s) + . (Join-Path $PSScriptRoot 'helper' 'ConvertTo-OrderedHashtable.ps1') + # Process content $SectionContent = [System.Collections.ArrayList]@() @@ -407,19 +416,30 @@ function Set-DeploymentExamplesSection { } # Handle VALUE references (i.e. remove them) - $JSONParameters = (ConvertFrom-Json $contentInJSONFormat -Depth 99).PSObject.properties['parameters'].value - $JSONParametersWithoutValue = [ordered]@{} - foreach ($parameter in $JSONParameters.PSObject.Properties) { - if ($parameter.value.PSObject.Properties.name -eq 'value') { - $JSONParametersWithoutValue[$parameter.name] = $parameter.value.PSObject.Properties['value'].value + $JSONParameters = (ConvertFrom-Json $contentInJSONFormat -Depth 99 -AsHashtable).parameters + $JSONParametersWithoutValue = @{} + foreach ($parameterName in $JSONParameters.Keys) { + if ($JSONParameters[$parameterName].Keys -eq 'value') { + $JSONParametersWithoutValue[$parameterName] = $JSONParameters[$parameterName]['value'] } else { # replace key vault references - $matchingTuple = $keyVaultReferenceData | Where-Object { $_.parameterName -eq $parameter.Name } + $matchingTuple = $keyVaultReferenceData | Where-Object { $_.parameterName -eq $parameterName } $JSONParametersWithoutValue[$parameter.name] = "{0}.getSecret('{1}')" -f $matchingTuple.vaultResourceReference, $matchingTuple.secretName } } - $templateParameterObject = $JSONParametersWithoutValue | ConvertTo-Json -Depth 99 + # Order parameters recursively + $JSONParametersWithoutValue = ConvertTo-OrderedHashtable -JSONInputObject ($JSONParametersWithoutValue | ConvertTo-Json -Depth 99) + + # Sort 'required' parameters to the front + $requiredParameterNames = $TemplateFileContent.parameters.Keys | Where-Object { $TemplateFileContent.parameters[$_].Keys -notcontains 'defaultValue' } + $orderedJSONParameters = [ordered]@{} + # Add required + $JSONParametersWithoutValue.Keys | Where-Object { $_ -in $requiredParameterNames } | ForEach-Object { $orderedJSONParameters[$_] = $JSONParametersWithoutValue[$_] } + # Add rest + $JSONParametersWithoutValue.Keys | Where-Object { $_ -notin $requiredParameterNames } | ForEach-Object { $orderedJSONParameters[$_] = $JSONParametersWithoutValue[$_] } + + $templateParameterObject = $orderedJSONParameters | ConvertTo-Json -Depth 99 if ($templateParameterObject -ne '{}') { $contentInBicepFormat = $templateParameterObject -replace '"', "'" # Update any [xyz: "xyz"] to [xyz: 'xyz'] $contentInBicepFormat = $contentInBicepFormat -replace ',', '' # Update any [xyz: xyz,] to [xyz: xyz] @@ -730,8 +750,9 @@ function Set-ModuleReadMe { # Handle [Deployment examples] section # =================================== $inputObject = @{ - ReadMeFileContent = $readMeFileContent - TemplateFilePath = $TemplateFilePath + ReadMeFileContent = $readMeFileContent + TemplateFilePath = $TemplateFilePath + TemplateFileContent = $templateFileContent } $readMeFileContent = Set-DeploymentExamplesSection @inputObject } diff --git a/utilities/tools/helper/ConvertTo-OrderedHashtable.ps1 b/utilities/tools/helper/ConvertTo-OrderedHashtable.ps1 new file mode 100644 index 0000000000..83f0c790c0 --- /dev/null +++ b/utilities/tools/helper/ConvertTo-OrderedHashtable.ps1 @@ -0,0 +1,110 @@ +<# +.SYNOPSIS +Convert a given JSON string into an ordered HashTable. + +.DESCRIPTION +Convert a given JSON string into an ordered HashTable. + +.PARAMETER JSONInputObject +Mandatory. The JSON string to convert into an ordered HashTable object. + +.EXAMPLE +ConvertTo-OrderedHashtable -JSONInputObject "@{ b = 'b'; a = 'a' ; c = @( 3, 1, 2 )}" + +Convert the given JSON string into a sorted HashTable. Would return the HashTable: + + @{ + a = 'a' + b = 'b' + c = @( + 1, + 2, + 3 + ) + } + +.EXAMPLE +ConvertTo-OrderedHashtable -JSONInputObject '{"elem":[3,1,2,"a",{"a":"a","b":"b"},[23,1],["23","1"]],"arr":["one"]}' + +Convert the given JSON string into a sorted HashTable. Would return the HashTable: + + @{ + arr = @('one') + elem = @( + 1, + @( + 1, + 23 + ), + @( + '1', + '23' + ) + 2, + 3, + 'a' + ) + } +#> +function ConvertTo-OrderedHashtable { + + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] $JSONInputObject # Must be string to workaround auto-conversion + ) + + $JSONObject = ConvertFrom-Json $JSONInputObject -AsHashtable -Depth 99 -NoEnumerate + $orderedLevel = [ordered]@{} + + if (-not ($JSONObject -is [hashtable])) { + return $JSONObject # E.g. in primitive data types [1,2,3] + } + + foreach ($currentLevelKey in ($JSONObject.Keys | Sort-Object)) { + + switch ($JSONObject[$currentLevelKey].GetType().BaseType.Name) { + 'Object' { + $orderedLevel[$currentLevelKey] = ConvertTo-OrderedHashtable -JSONInputObject ($JSONObject[$currentLevelKey] | ConvertTo-Json -Depth 99) + } + 'Array' { + $arrayOutput = @() + + # Case: Array of arrays + $arrayElements = $JSONObject[$currentLevelKey] | Where-Object { $_.GetType().Name -eq 'Object[]' } + foreach ($array in $arrayElements) { + if ($array.Count -gt 1) { + # Only sort for arrays with more than one item. Otherwise single-item arrays are casted + $array = $array | Sort-Object + } + $arrayOutput += , (ConvertTo-OrderedHashtable -JSONInputObject ($array | ConvertTo-Json -Depth 99)) + } + + # Case: Array of objects + $hashTableElements = $JSONObject[$currentLevelKey] | Where-Object { $_.GetType().Name -eq 'Hashtable' } + foreach ($hashTable in $hashTableElements) { + $arrayOutput += , (ConvertTo-OrderedHashtable -JSONInputObject ($hashTable | ConvertTo-Json -Depth 99)) + } + + # Case: Primitive data types + $primitiveElements = $JSONObject[$currentLevelKey] | Where-Object { $_.GetType().Name -notin @('Object[]', 'Hashtable') } | ConvertTo-Json | ConvertFrom-Json -AsHashtable -NoEnumerate + if ($primitiveElements.Count -gt 1) { + $primitiveElements = $primitiveElements | Sort-Object + } + $arrayOutput += $primitiveElements + + if ($array.Count -gt 1) { + # Only sort for arrays with more than one item. Otherwise single-item arrays are casted + $arrayOutput = $arrayOutput | Sort-Object + } + $orderedLevel[$currentLevelKey] = $arrayOutput + } + Default { + # string/int/etc. + $orderedLevel[$currentLevelKey] = $JSONObject[$currentLevelKey] + } + } + } + + return $orderedLevel +} From 270f00b02a47b95af0d386f8ad1c539aa40d07e9 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 5 Jul 2022 20:02:39 +0200 Subject: [PATCH 06/38] Small fix --- utilities/tools/Set-ModuleReadMe.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index e8ac5f171e..cc5395aabf 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -424,7 +424,7 @@ function Set-DeploymentExamplesSection { } else { # replace key vault references $matchingTuple = $keyVaultReferenceData | Where-Object { $_.parameterName -eq $parameterName } - $JSONParametersWithoutValue[$parameter.name] = "{0}.getSecret('{1}')" -f $matchingTuple.vaultResourceReference, $matchingTuple.secretName + $JSONParametersWithoutValue[$parameterName] = "{0}.getSecret('{1}')" -f $matchingTuple.vaultResourceReference, $matchingTuple.secretName } } From 37311ba5e4072f8a475aa1537c0cb8c713cfcd1e Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 5 Jul 2022 20:26:27 +0200 Subject: [PATCH 07/38] Updated a subset of readmes --- .../Microsoft.AAD/DomainServices/readme.md | 20 +- .../servers/readme.md | 50 +- .../Microsoft.ApiManagement/service/readme.md | 82 +-- .../configurationStores/readme.md | 36 +- .../policyAssignments/readme.md | 88 ++-- .../policyDefinitions/readme.md | 66 +-- .../policyExemptions/readme.md | 18 +- .../policySetDefinitions/readme.md | 42 +- .../roleAssignments/readme.md | 18 +- .../roleDefinitions/readme.md | 60 +-- .../automationAccounts/readme.md | 192 +++---- .../Microsoft.Batch/batchAccounts/readme.md | 12 +- .../accounts/readme.md | 64 +-- .../availabilitySets/readme.md | 4 +- .../diskEncryptionSets/readme.md | 6 +- modules/Microsoft.Compute/disks/readme.md | 18 +- modules/Microsoft.Compute/galleries/readme.md | 34 +- modules/Microsoft.Compute/images/readme.md | 6 +- .../proximityPlacementGroups/readme.md | 4 +- .../virtualMachineScaleSets/readme.md | 302 +++++------ .../virtualMachines/readme.md | 472 +++++++++--------- .../Microsoft.Consumption/budgets/readme.md | 6 +- .../containerGroups/readme.md | 8 +- .../registries/readme.md | 48 +- .../managedClusters/readme.md | 182 +++---- .../Microsoft.DataFactory/factories/readme.md | 20 +- .../backupVaults/readme.md | 36 +- .../Microsoft.Databricks/workspaces/readme.md | 12 +- .../applicationgroups/readme.md | 38 +- 29 files changed, 972 insertions(+), 972 deletions(-) diff --git a/modules/Microsoft.AAD/DomainServices/readme.md b/modules/Microsoft.AAD/DomainServices/readme.md index 9d36652fff..e2f73b4f9a 100644 --- a/modules/Microsoft.AAD/DomainServices/readme.md +++ b/modules/Microsoft.AAD/DomainServices/readme.md @@ -223,23 +223,23 @@ module DomainServices './Microsoft.AAD/DomainServices/deploy.bicep' = { name: '${uniqueString(deployment().name)}-DomainServices' params: { domainName: '<>.onmicrosoft.com' - sku: 'Standard' + additionalRecipients: [ + '<>@noreply.github.com' + ] + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' lock: 'CanNotDelete' + pfxCertificate: kv1.getSecret('pfxBase64Certificate') + pfxCertificatePassword: kv1.getSecret('pfxCertificatePassword') replicaSets: [ { location: 'WestEurope' subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-aadds-001/subnets/AADDSSubnet' } ] - pfxCertificate: kv1.getSecret('pfxBase64Certificate') - pfxCertificatePassword: kv1.getSecret('pfxCertificatePassword') - additionalRecipients: [ - '<>@noreply.github.com' - ] - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + sku: 'Standard' } } ``` diff --git a/modules/Microsoft.AnalysisServices/servers/readme.md b/modules/Microsoft.AnalysisServices/servers/readme.md index b28d5174cf..832604436e 100644 --- a/modules/Microsoft.AnalysisServices/servers/readme.md +++ b/modules/Microsoft.AnalysisServices/servers/readme.md @@ -168,39 +168,39 @@ module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-servers' params: { name: '<>azasweumax001' - lock: 'CanNotDelete' - skuName: 'S0' - skuCapacity: 1 + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogCategoriesToEnable: [ + 'Engine' + 'Service' + ] + diagnosticLogsRetentionInDays: 365 + diagnosticMetricsToEnable: [ + 'AllMetrics' + ] + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' firewallSettings: { + enablePowerBIService: true firewallRules: [ { firewallRuleName: 'AllowFromAll' - rangeStart: '0.0.0.0' rangeEnd: '255.255.255.255' + rangeStart: '0.0.0.0' } ] - enablePowerBIService: true } - diagnosticLogsRetentionInDays: 365 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogCategoriesToEnable: [ - 'Engine' - 'Service' - ] - diagnosticMetricsToEnable: [ - 'AllMetrics' - ] + skuCapacity: 1 + skuName: 'S0' } } ``` @@ -332,21 +332,21 @@ module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-servers' params: { name: '<>azasweux001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' lock: 'CanNotDelete' - skuName: 'S0' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + skuName: 'S0' } } ``` diff --git a/modules/Microsoft.ApiManagement/service/readme.md b/modules/Microsoft.ApiManagement/service/readme.md index abe64c7dd9..f58c26fb40 100644 --- a/modules/Microsoft.ApiManagement/service/readme.md +++ b/modules/Microsoft.ApiManagement/service/readme.md @@ -279,15 +279,10 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { name: '${uniqueString(deployment().name)}-service' params: { name: '<>-az-apim-max-001' - lock: 'CanNotDelete' publisherEmail: 'apimgmt-noreply@mail.windowsazure.com' publisherName: '<>-az-amorg-x-001' apis: [ { - name: 'echo-api' - displayName: 'Echo API' - path: 'echo' - serviceUrl: 'http://echoapi.cloudapp.net/api' apiVersionSet: { name: 'echo-version-set' properties: { @@ -296,55 +291,65 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { versioningScheme: 'Segment' } } + displayName: 'Echo API' + name: 'echo-api' + path: 'echo' + serviceUrl: 'http://echoapi.cloudapp.net/api' } ] authorizationServers: [ { - name: 'AuthServer1' authorizationEndpoint: 'https://login.microsoftonline.com/651b43ce-ccb8-4301-b551-b04dd872d401/oauth2/v2.0/authorize' - grantTypes: [ - 'authorizationCode' - ] clientCredentialsKeyVaultId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' clientIdSecretName: 'apimclientid' - clientSecretSecretName: 'apimclientsecret' clientRegistrationEndpoint: 'http://localhost' + clientSecretSecretName: 'apimclientsecret' + grantTypes: [ + 'authorizationCode' + ] + name: 'AuthServer1' tokenEndpoint: 'https://login.microsoftonline.com/651b43ce-ccb8-4301-b551-b04dd872d401/oauth2/v2.0/token' } ] backends: [ { name: 'backend' - url: 'http://echoapi.cloudapp.net/api' tls: { validateCertificateChain: false validateCertificateName: false } + url: 'http://echoapi.cloudapp.net/api' } ] caches: [ { - name: 'westeurope' connectionString: 'connectionstringtest' + name: 'westeurope' useFromLocation: 'westeurope' } ] + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' identityProviders: [ { name: 'aadProvider' } ] + lock: 'CanNotDelete' namedValues: [ { - name: 'apimkey' displayName: 'apimkey' + name: 'apimkey' secret: true } ] policies: [ { - value: ' ' format: 'xml' + value: ' ' } ] portalSettings: [ @@ -359,52 +364,47 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { properties: { enabled: false termsOfService: { - enabled: false consentRequired: false + enabled: false } } } ] products: [ { - name: 'Starter' - subscriptionRequired: false - approvalRequired: false apis: [ { name: 'echo-api' } ] + approvalRequired: false groups: [ { name: 'developers' } ] + name: 'Starter' + subscriptionRequired: false + } + ] + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' } ] subscriptions: [ { - scope: '/apis' name: 'testArmSubscriptionAllApis' + scope: '/apis' } ] systemAssignedIdentity: true userAssignedIdentities: { '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -655,9 +655,15 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { name: '${uniqueString(deployment().name)}-service' params: { name: '<>-az-apim-x-001' - lock: 'CanNotDelete' publisherEmail: 'apimgmt-noreply@mail.windowsazure.com' publisherName: '<>-az-amorg-x-001' + lock: 'CanNotDelete' + policies: [ + { + format: 'xml' + value: ' ' + } + ] portalSettings: [ { name: 'signin' @@ -670,24 +676,18 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { properties: { enabled: false termsOfService: { - enabled: false consentRequired: false + enabled: false } } } ] - policies: [ - { - value: ' ' - format: 'xml' - } - ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.AppConfiguration/configurationStores/readme.md b/modules/Microsoft.AppConfiguration/configurationStores/readme.md index c9e8aae266..1bed049eac 100644 --- a/modules/Microsoft.AppConfiguration/configurationStores/readme.md +++ b/modules/Microsoft.AppConfiguration/configurationStores/readme.md @@ -328,47 +328,47 @@ module configurationStores './Microsoft.AppConfiguration/configurationStores/dep name: '${uniqueString(deployment().name)}-configurationStores' params: { name: '<>-az-appcs-x-001' - lock: 'CanNotDelete' + createMode: 'Default' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - systemAssignedIdentity: true + disableLocalAuth: false + enablePurgeProtection: false keyValues: [ { - name: 'keyName' - value: 'valueName' contentType: 'contentType' + name: 'keyName' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + value: 'valueName' + } + ] + lock: 'CanNotDelete' + privateEndpoints: [ + { + service: 'configurationStores' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' } ] + publicNetworkAccess: 'Enabled' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - createMode: 'Default' - disableLocalAuth: false - enablePurgeProtection: false - publicNetworkAccess: 'Enabled' softDeleteRetentionInDays: 1 - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'configurationStores' - } - ] + systemAssignedIdentity: true } } ``` diff --git a/modules/Microsoft.Authorization/policyAssignments/readme.md b/modules/Microsoft.Authorization/policyAssignments/readme.md index 5426d2e9f3..e6e0cf30bc 100644 --- a/modules/Microsoft.Authorization/policyAssignments/readme.md +++ b/modules/Microsoft.Authorization/policyAssignments/readme.md @@ -220,32 +220,32 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic name: '${uniqueString(deployment().name)}-policyAssignments' params: { name: '<>-mg-polAss' - displayName: '[Display Name] Policy Assignment at the management group scope' - description: '[Description] Policy Assignment at the management group scope' policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26' - parameters: { - tagName: { - value: 'env' - } - tagValue: { - value: 'prod' - } - } - nonComplianceMessage: 'Violated Policy Assignment - This is a Non Compliance Message' + description: '[Description] Policy Assignment at the management group scope' + displayName: '[Display Name] Policy Assignment at the management group scope' enforcementMode: 'DoNotEnforce' + identity: 'SystemAssigned' + location: 'australiaeast' + managementGroupId: '<>' metadata: { category: 'Security' version: '1.0' } - location: 'australiaeast' + nonComplianceMessage: 'Violated Policy Assignment - This is a Non Compliance Message' notScopes: [ '/subscriptions/<>/resourceGroups/validation-rg' ] - identity: 'SystemAssigned' + parameters: { + tagName: { + value: 'env' + } + tagValue: { + value: 'prod' + } + } roleDefinitionIds: [ '/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c' ] - managementGroupId: '<>' } } ``` @@ -334,8 +334,8 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic params: { name: '<>-min-rg-polAss' policyDefinitionID: '/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d' - subscriptionId: '<>' resourceGroupName: 'validation-rg' + subscriptionId: '<>' } } ``` @@ -382,34 +382,34 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic name: '${uniqueString(deployment().name)}-policyAssignments' params: { name: '<>-rg-polAss' - displayName: '[Display Name] Policy Assignment at the resource group scope' - description: '[Description] Policy Assignment at the resource group scope' policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26' - parameters: { - tagName: { - value: 'env' - } - tagValue: { - value: 'prod' - } - } - nonComplianceMessage: 'Violated Policy Assignment - This is a Non Compliance Message' + description: '[Description] Policy Assignment at the resource group scope' + displayName: '[Display Name] Policy Assignment at the resource group scope' enforcementMode: 'DoNotEnforce' + identity: 'UserAssigned' + location: 'australiaeast' metadata: { category: 'Security' version: '1.0' } - location: 'australiaeast' + nonComplianceMessage: 'Violated Policy Assignment - This is a Non Compliance Message' notScopes: [ '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' ] - identity: 'UserAssigned' - userAssignedIdentityId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' + parameters: { + tagName: { + value: 'env' + } + tagValue: { + value: 'prod' + } + } + resourceGroupName: 'validation-rg' roleDefinitionIds: [ '/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c' ] subscriptionId: '<>' - resourceGroupName: 'validation-rg' + userAssignedIdentityId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' } } ``` @@ -548,33 +548,33 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic name: '${uniqueString(deployment().name)}-policyAssignments' params: { name: '<>-sub-polAss' - displayName: '[Display Name] Policy Assignment at the subscription scope' - description: '[Description] Policy Assignment at the subscription scope' policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26' - parameters: { - tagName: { - value: 'env' - } - tagValue: { - value: 'prod' - } - } - nonComplianceMessage: 'Violated Policy Assignment - This is a Non Compliance Message' + description: '[Description] Policy Assignment at the subscription scope' + displayName: '[Display Name] Policy Assignment at the subscription scope' enforcementMode: 'DoNotEnforce' + identity: 'UserAssigned' + location: 'australiaeast' metadata: { category: 'Security' version: '1.0' } - location: 'australiaeast' + nonComplianceMessage: 'Violated Policy Assignment - This is a Non Compliance Message' notScopes: [ '/subscriptions/<>/resourceGroups/validation-rg' ] - identity: 'UserAssigned' - userAssignedIdentityId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' + parameters: { + tagName: { + value: 'env' + } + tagValue: { + value: 'prod' + } + } roleDefinitionIds: [ '/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c' ] subscriptionId: '<>' + userAssignedIdentityId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' } } ``` diff --git a/modules/Microsoft.Authorization/policyDefinitions/readme.md b/modules/Microsoft.Authorization/policyDefinitions/readme.md index 1f748fb572..7019e64401 100644 --- a/modules/Microsoft.Authorization/policyDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policyDefinitions/readme.md @@ -222,57 +222,57 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic name: '${uniqueString(deployment().name)}-policyDefinitions' params: { name: '<>-mg-policyDef' - displayName: '[DisplayName] This policy definition is deployed at the management group scope' - description: '[Description] This policy definition is deployed at the management group scope' policyRule: { if: { allOf: [ { - field: 'type' equals: 'Microsoft.Resources/subscriptions' + field: 'type' } { - field: '[concat('tags[' parameters('tagName') ']')]' exists: 'false' + field: '[concat('tags[' parameters('tagName') ']')]' } ] } then: { - effect: 'modify' details: { - roleDefinitionIds: [ - '/providers/microsoft.authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f' - ] operations: [ { - operation: 'add' field: '[concat('tags[' parameters('tagName') ']')]' + operation: 'add' value: '[parameters('tagValue')]' } ] + roleDefinitionIds: [ + '/providers/microsoft.authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f' + ] } + effect: 'modify' } } + description: '[Description] This policy definition is deployed at the management group scope' + displayName: '[DisplayName] This policy definition is deployed at the management group scope' + managementGroupId: '<>' + metadata: { + category: 'Security' + } parameters: { tagName: { - type: 'String' metadata: { - displayName: 'Tag Name' description: 'Name of the tag such as 'environment'' + displayName: 'Tag Name' } + type: 'String' } tagValue: { - type: 'String' metadata: { - displayName: 'Tag Value' description: 'Value of the tag such as 'production'' + displayName: 'Tag Value' } + type: 'String' } } - metadata: { - category: 'Security' - } - managementGroupId: '<>' } } ``` @@ -462,56 +462,56 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic name: '${uniqueString(deployment().name)}-policyDefinitions' params: { name: '<>-sub-policyDef' - displayName: '[DisplayName] This policy definition is deployed at subscription scope' - description: '[Description] This policy definition is deployed at subscription scope' policyRule: { if: { allOf: [ { - field: 'type' equals: 'Microsoft.Resources/subscriptions' + field: 'type' } { - field: '[concat('tags[' parameters('tagName') ']')]' exists: 'false' + field: '[concat('tags[' parameters('tagName') ']')]' } ] } then: { - effect: 'modify' details: { - roleDefinitionIds: [ - '/providers/microsoft.authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f' - ] operations: [ { - operation: 'add' field: '[concat('tags[' parameters('tagName') ']')]' + operation: 'add' value: '[parameters('tagValue')]' } ] + roleDefinitionIds: [ + '/providers/microsoft.authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f' + ] } + effect: 'modify' } } + description: '[Description] This policy definition is deployed at subscription scope' + displayName: '[DisplayName] This policy definition is deployed at subscription scope' + metadata: { + category: 'Security' + } parameters: { tagName: { - type: 'String' metadata: { - displayName: 'Tag Name' description: 'Name of the tag such as 'environment'' + displayName: 'Tag Name' } + type: 'String' } tagValue: { - type: 'String' metadata: { - displayName: 'Tag Value' description: 'Value of the tag such as 'production'' + displayName: 'Tag Value' } + type: 'String' } } - metadata: { - category: 'Security' - } subscriptionId: '<>' } } diff --git a/modules/Microsoft.Authorization/policyExemptions/readme.md b/modules/Microsoft.Authorization/policyExemptions/readme.md index 9af309c2f0..8e113edf0d 100644 --- a/modules/Microsoft.Authorization/policyExemptions/readme.md +++ b/modules/Microsoft.Authorization/policyExemptions/readme.md @@ -201,14 +201,14 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep name: '${uniqueString(deployment().name)}-policyExemptions' params: { name: '<>-mg-polexem' - displayName: '[Display Name] policy exempt (management group scope)' policyAssignmentId: '/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg' + displayName: '[Display Name] policy exempt (management group scope)' exemptionCategory: 'Waiver' + expiresOn: '2025-10-02T03:57:00Z' + managementGroupId: '<>' metadata: { category: 'Security' } - expiresOn: '2025-10-02T03:57:00Z' - managementGroupId: '<>' } } ``` @@ -267,8 +267,8 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep params: { name: '<>-min-rg-polexem' policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' - subscriptionId: '<>' resourceGroupName: '<>' + subscriptionId: '<>' } } ``` @@ -315,15 +315,15 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep name: '${uniqueString(deployment().name)}-policyExemptions' params: { name: '<>-rg-polexem' - displayName: '[Display Name] policy exempt (resource group scope)' policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' + displayName: '[Display Name] policy exempt (resource group scope)' exemptionCategory: 'Waiver' + expiresOn: '2025-10-02T03:57:00Z' metadata: { category: 'Security' } - expiresOn: '2025-10-02T03:57:00Z' - subscriptionId: '<>' resourceGroupName: '<>' + subscriptionId: '<>' } } ``` @@ -429,13 +429,13 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep name: '${uniqueString(deployment().name)}-policyExemptions' params: { name: '<>-sub-polexem' - displayName: '[Display Name] policy exempt (subscription scope)' policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' + displayName: '[Display Name] policy exempt (subscription scope)' exemptionCategory: 'Waiver' + expiresOn: '2025-10-02T03:57:00Z' metadata: { category: 'Security' } - expiresOn: '2025-10-02T03:57:00Z' subscriptionId: '<>' } } diff --git a/modules/Microsoft.Authorization/policySetDefinitions/readme.md b/modules/Microsoft.Authorization/policySetDefinitions/readme.md index 64664443ee..a52f50840a 100644 --- a/modules/Microsoft.Authorization/policySetDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policySetDefinitions/readme.md @@ -206,16 +206,6 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl name: '${uniqueString(deployment().name)}-policySetDefinitions' params: { name: '<>-mg-policySet' - displayName: '[DisplayName] This policy set definition is deployed at management group scope' - description: '[Description] This policy set definition is deployed at management group scope' - policyDefinitionGroups: [ - { - name: 'Network' - } - { - name: 'ARM' - } - ] policyDefinitions: [ { groupNames: [ @@ -246,11 +236,21 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl policyDefinitionReferenceId: 'Allowed locations for resource groups_1' } ] + description: '[Description] This policy set definition is deployed at management group scope' + displayName: '[DisplayName] This policy set definition is deployed at management group scope' + managementGroupId: '<>' metadata: { category: 'Security' version: '1' } - managementGroupId: '<>' + policyDefinitionGroups: [ + { + name: 'Network' + } + { + name: 'ARM' + } + ] } } ``` @@ -412,16 +412,6 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl name: '${uniqueString(deployment().name)}-policySetDefinitions' params: { name: '<>-sub-policySet' - displayName: '[DisplayName] This policy set definition is deployed at subscription scope' - description: '[Description] This policy set definition is deployed at subscription scope' - policyDefinitionGroups: [ - { - name: 'Network' - } - { - name: 'ARM' - } - ] policyDefinitions: [ { groupNames: [ @@ -452,10 +442,20 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl policyDefinitionReferenceId: 'Allowed locations for resource groups_1' } ] + description: '[Description] This policy set definition is deployed at subscription scope' + displayName: '[DisplayName] This policy set definition is deployed at subscription scope' metadata: { category: 'Security' version: '1' } + policyDefinitionGroups: [ + { + name: 'Network' + } + { + name: 'ARM' + } + ] subscriptionId: '<>' } } diff --git a/modules/Microsoft.Authorization/roleAssignments/readme.md b/modules/Microsoft.Authorization/roleAssignments/readme.md index 57db85ae83..c7be8792fb 100644 --- a/modules/Microsoft.Authorization/roleAssignments/readme.md +++ b/modules/Microsoft.Authorization/roleAssignments/readme.md @@ -177,8 +177,8 @@ This module can be deployed at the management group, subscription or resource gr module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { - roleDefinitionIdOrName: 'Storage Queue Data Reader' principalId: '<>' + roleDefinitionIdOrName: 'Storage Queue Data Reader' } } ``` @@ -218,11 +218,11 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { + principalId: '<>' roleDefinitionIdOrName: 'Backup Reader' description: 'Role Assignment (management group scope)' - principalId: '<>' - principalType: 'ServicePrincipal' managementGroupId: '<>' + principalType: 'ServicePrincipal' } } ``` @@ -271,10 +271,10 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { - roleDefinitionIdOrName: 'Storage Queue Data Reader' principalId: '<>' - subscriptionId: '<>' + roleDefinitionIdOrName: 'Storage Queue Data Reader' resourceGroupName: '<>' + subscriptionId: '<>' } } ``` @@ -320,12 +320,12 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { + principalId: '<>' roleDefinitionIdOrName: 'Backup Reader' description: 'Role Assignment (resource group scope)' - principalId: '<>' principalType: 'ServicePrincipal' - subscriptionId: '<>' resourceGroupName: '<>' + subscriptionId: '<>' } } ``` @@ -377,8 +377,8 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { - roleDefinitionIdOrName: 'Storage Queue Data Reader' principalId: '<>' + roleDefinitionIdOrName: 'Storage Queue Data Reader' subscriptionId: '<>' } } @@ -422,9 +422,9 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { + principalId: '<>' roleDefinitionIdOrName: 'Backup Reader' description: 'Role Assignment (subscription scope)' - principalId: '<>' principalType: 'ServicePrincipal' subscriptionId: '<>' } diff --git a/modules/Microsoft.Authorization/roleDefinitions/readme.md b/modules/Microsoft.Authorization/roleDefinitions/readme.md index 9f1baba9bc..340451e904 100644 --- a/modules/Microsoft.Authorization/roleDefinitions/readme.md +++ b/modules/Microsoft.Authorization/roleDefinitions/readme.md @@ -183,8 +183,8 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' params: { roleName: '<>-az-testRole-mg-min' actions: [ - 'Microsoft.Compute/galleries/read' 'Microsoft.Compute/galleries/images/read' + 'Microsoft.Compute/galleries/read' ] } } @@ -229,26 +229,26 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' name: '${uniqueString(deployment().name)}-roleDefinitions' params: { roleName: '<>-az-testRole-mg' - description: 'Test Custom Role Definition Standard (management group scope)' actions: [ 'Microsoft.Compute/galleries/*' 'Microsoft.Network/virtualNetworks/read' ] - notActions: [ - 'Microsoft.Compute/images/write' - 'Microsoft.Compute/images/delete' - 'Microsoft.Network/virtualNetworks/subnets/join/action' + assignableScopes: [ + '/providers/Microsoft.Management/managementGroups/<>' ] dataActions: [ 'Microsoft.Storage/storageAccounts/blobServices/*/read' ] + description: 'Test Custom Role Definition Standard (management group scope)' + managementGroupId: '<>' + notActions: [ + 'Microsoft.Compute/images/delete' + 'Microsoft.Compute/images/write' + 'Microsoft.Network/virtualNetworks/subnets/join/action' + ] notDataActions: [ 'Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read' ] - assignableScopes: [ - '/providers/Microsoft.Management/managementGroups/<>' - ] - managementGroupId: '<>' } } ``` @@ -321,11 +321,11 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' params: { roleName: '<>-az-testRole-rg-min' actions: [ - 'Microsoft.Compute/galleries/read' 'Microsoft.Compute/galleries/images/read' + 'Microsoft.Compute/galleries/read' ] - subscriptionId: '<>' resourceGroupName: '<>' + subscriptionId: '<>' } } ``` @@ -375,27 +375,27 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' name: '${uniqueString(deployment().name)}-roleDefinitions' params: { roleName: '<>-az-testRole-rg' - description: 'Test Custom Role Definition Standard (resource group scope)' actions: [ 'Microsoft.Compute/galleries/*' 'Microsoft.Network/virtualNetworks/read' ] - notActions: [ - 'Microsoft.Compute/images/write' - 'Microsoft.Compute/images/delete' - 'Microsoft.Network/virtualNetworks/subnets/join/action' + assignableScopes: [ + '/subscriptions/<>/resourceGroups/<>' ] dataActions: [ 'Microsoft.Storage/storageAccounts/blobServices/*/read' ] + description: 'Test Custom Role Definition Standard (resource group scope)' + notActions: [ + 'Microsoft.Compute/images/delete' + 'Microsoft.Compute/images/write' + 'Microsoft.Network/virtualNetworks/subnets/join/action' + ] notDataActions: [ 'Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read' ] - assignableScopes: [ - '/subscriptions/<>/resourceGroups/<>' - ] - subscriptionId: '<>' resourceGroupName: '<>' + subscriptionId: '<>' } } ``` @@ -471,8 +471,8 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' params: { roleName: '<>-az-testRole-sub-min' actions: [ - 'Microsoft.Compute/galleries/read' 'Microsoft.Compute/galleries/images/read' + 'Microsoft.Compute/galleries/read' ] subscriptionId: '<>' } @@ -521,25 +521,25 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' name: '${uniqueString(deployment().name)}-roleDefinitions' params: { roleName: '<>-az-testRole-sub' - description: 'Test Custom Role Definition Standard (subscription scope)' actions: [ 'Microsoft.Compute/galleries/*' 'Microsoft.Network/virtualNetworks/read' ] - notActions: [ - 'Microsoft.Compute/images/write' - 'Microsoft.Compute/images/delete' - 'Microsoft.Network/virtualNetworks/subnets/join/action' + assignableScopes: [ + '/subscriptions/<>' ] dataActions: [ 'Microsoft.Storage/storageAccounts/blobServices/*/read' ] + description: 'Test Custom Role Definition Standard (subscription scope)' + notActions: [ + 'Microsoft.Compute/images/delete' + 'Microsoft.Compute/images/write' + 'Microsoft.Network/virtualNetworks/subnets/join/action' + ] notDataActions: [ 'Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read' ] - assignableScopes: [ - '/subscriptions/<>' - ] subscriptionId: '<>' } } diff --git a/modules/Microsoft.Automation/automationAccounts/readme.md b/modules/Microsoft.Automation/automationAccounts/readme.md index c0b4411006..8229af4de5 100644 --- a/modules/Microsoft.Automation/automationAccounts/readme.md +++ b/modules/Microsoft.Automation/automationAccounts/readme.md @@ -458,80 +458,89 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice name: '${uniqueString(deployment().name)}-automationAccounts' params: { name: '<>-az-aut-x-001' - lock: 'CanNotDelete' - schedules: [ - { - name: 'TestSchedule' - startTime: '' - expiryTime: '9999-12-31T13:00' - interval: 15 - frequency: 'Minute' - timeZone: 'Europe/Berlin' - advancedSchedule: {} - } - ] - modules: [ - { - name: 'PSWindowsUpdate' - version: 'latest' - uri: 'https://www.powershellgallery.com/api/v2/package' - } - ] - runbooks: [ + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + gallerySolutions: [ { - name: 'TestRunbook' - runbookType: 'PowerShell' - description: 'Test runbook' - uri: 'https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.automation/101-automation/scripts/AzureAutomationTutorial.ps1' - version: '1.0.0.0' + name: 'Updates' + product: 'OMSGallery' + publisher: 'Microsoft' } ] jobSchedules: [ { - scheduleName: 'TestSchedule' runbookName: 'TestRunbook' + scheduleName: 'TestSchedule' } ] - variables: [ + linkedWorkspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-aut-001' + lock: 'CanNotDelete' + modules: [ { - name: 'TestString' - value: '\'TestString\'' - description: 'TestStringDescription' + name: 'PSWindowsUpdate' + uri: 'https://www.powershellgallery.com/api/v2/package' + version: 'latest' } + ] + privateEndpoints: [ { - name: 'TestInteger' - value: '500' - description: 'TestIntegerDescription' + service: 'Webhook' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' } { - name: 'TestBoolean' - value: 'false' - description: 'TestBooleanDescription' + service: 'DSCAndHybridWorker' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' } + ] + roleAssignments: [ { - name: 'TestDateTime' - value: '\'\\/Date(1637934042656)\\/\'' - description: 'TestDateTimeDescription' - isEncrypted: false + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' } + ] + runbooks: [ { - name: 'TestEncryptedVariable' - value: '\'TestEncryptedValue\'' - description: 'TestEncryptedDescription' + description: 'Test runbook' + name: 'TestRunbook' + runbookType: 'PowerShell' + uri: 'https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.automation/101-automation/scripts/AzureAutomationTutorial.ps1' + version: '1.0.0.0' } ] - linkedWorkspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-aut-001' - gallerySolutions: [ + schedules: [ { - name: 'Updates' - product: 'OMSGallery' - publisher: 'Microsoft' + advancedSchedule: {} + expiryTime: '9999-12-31T13:00' + frequency: 'Minute' + interval: 15 + name: 'TestSchedule' + startTime: '' + timeZone: 'Europe/Berlin' } ] softwareUpdateConfigurations: [ { - name: 'Windows_ZeroDay' + excludeUpdates: [ + '123456' + ] frequency: 'Month' + includeUpdates: [ + '654321' + ] + interval: 1 + maintenanceWindow: 'PT4H' + monthlyOccurrences: [ + { + day: 'Friday' + occurrence: 3 + } + ] + name: 'Windows_ZeroDay' operatingSystem: 'Windows' rebootSetting: 'IfRequired' scopeByTags: { @@ -539,79 +548,70 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice 'Automatic-Wave1' ] } - maintenanceWindow: 'PT4H' + startTime: '22:00' updateClassifications: [ 'Critical' - 'Security' - 'UpdateRollup' + 'Definition' 'FeaturePack' + 'Security' 'ServicePack' - 'Definition' 'Tools' + 'UpdateRollup' 'Updates' ] - includeUpdates: [ - '654321' - ] + } + { excludeUpdates: [ - '123456' + 'icacls' ] - interval: 1 - monthlyOccurrences: [ - { - occurrence: 3 - day: 'Friday' - } + frequency: 'OneTime' + includeUpdates: [ + 'kernel' ] - startTime: '22:00' - } - { + maintenanceWindow: 'PT4H' name: 'Linux_ZeroDay' - frequency: 'OneTime' operatingSystem: 'Linux' rebootSetting: 'IfRequired' - maintenanceWindow: 'PT4H' + startTime: '22:00' updateClassifications: [ 'Critical' - 'Security' 'Other' + 'Security' ] - includeUpdates: [ - 'kernel' - ] - excludeUpdates: [ - 'icacls' - ] - startTime: '22:00' - } - ] - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'Webhook' - } - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'DSCAndHybridWorker' } ] systemAssignedIdentity: true userAssignedIdentities: { '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } - roleAssignments: [ + variables: [ { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] + description: 'TestStringDescription' + name: 'TestString' + value: '\'TestString\'' + } + { + description: 'TestIntegerDescription' + name: 'TestInteger' + value: '500' + } + { + description: 'TestBooleanDescription' + name: 'TestBoolean' + value: 'false' + } + { + description: 'TestDateTimeDescription' + isEncrypted: false + name: 'TestDateTime' + value: '\'\\/Date(1637934042656)\\/\'' + } + { + description: 'TestEncryptedDescription' + name: 'TestEncryptedVariable' + value: '\'TestEncryptedValue\'' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` diff --git a/modules/Microsoft.Batch/batchAccounts/readme.md b/modules/Microsoft.Batch/batchAccounts/readme.md index cfa02f404b..a93ad421a7 100644 --- a/modules/Microsoft.Batch/batchAccounts/readme.md +++ b/modules/Microsoft.Batch/batchAccounts/readme.md @@ -192,17 +192,17 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-batchAccounts' params: { name: '<>azbaweux001' - lock: 'CanNotDelete' + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + lock: 'CanNotDelete' poolAllocationMode: 'BatchService' - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - systemAssignedIdentity: true - storageAuthenticationMode: 'BatchAccountManagedIdentity' storageAccessIdentity: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' + storageAuthenticationMode: 'BatchAccountManagedIdentity' + systemAssignedIdentity: true } } ``` diff --git a/modules/Microsoft.CognitiveServices/accounts/readme.md b/modules/Microsoft.CognitiveServices/accounts/readme.md index 13d0c943d9..bc161ba146 100644 --- a/modules/Microsoft.CognitiveServices/accounts/readme.md +++ b/modules/Microsoft.CognitiveServices/accounts/readme.md @@ -414,22 +414,22 @@ userAssignedIdentities: { module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-accounts' params: { - name: '<>-az-cgs-encr-001' kind: 'SpeechServices' - sku: 'S0' - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - publicNetworkAccess: 'Enabled' + name: '<>-az-cgs-encr-001' encryption: { keySource: 'Microsoft.KeyVault' keyVaultProperties: { identityClientId: 'c907a696-36f4-49fe-b926-39e3aabba814' - keyVaultUri: 'https://adp-<>-az-kv-nopr-002.vault.azure.net/' keyName: 'keyEncryptionKey' + keyVaultUri: 'https://adp-<>-az-kv-nopr-002.vault.azure.net/' keyversion: '4570a207ec394a0bbbe4fc9adc663a51' } } + publicNetworkAccess: 'Enabled' + sku: 'S0' + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } } } ``` @@ -491,8 +491,8 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-accounts' params: { - name: '<>-az-cgs-min-001' kind: 'SpeechServices' + name: '<>-az-cgs-min-001' } } ``` @@ -532,37 +532,37 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-accounts' params: { + kind: 'Face' name: '<>-az-cgs-x-001' + customSubDomainName: '<>xdomain' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' lock: 'CanNotDelete' - kind: 'Face' - sku: 'S0' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] networkAcls: { defaultAction: 'deny' virtualNetworkRules: [ { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' action: 'Allow' + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' } ] } - customSubDomainName: '<>xdomain' + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] + sku: 'S0' systemAssignedIdentity: true userAssignedIdentities: { '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -655,20 +655,20 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-accounts' params: { - name: '<>-az-cgs-speech-001' kind: 'SpeechServices' - sku: 'S0' - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } + name: '<>-az-cgs-speech-001' customSubDomainName: '<>speechdomain' privateEndpoints: [ { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' service: 'account' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' } ] + sku: 'S0' + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } } } ``` diff --git a/modules/Microsoft.Compute/availabilitySets/readme.md b/modules/Microsoft.Compute/availabilitySets/readme.md index 3f145a0a07..2d1e24a7b1 100644 --- a/modules/Microsoft.Compute/availabilitySets/readme.md +++ b/modules/Microsoft.Compute/availabilitySets/readme.md @@ -198,15 +198,15 @@ module availabilitySets './Microsoft.Compute/availabilitySets/deploy.bicep' = { params: { name: '<>-az-avs-x-001' lock: 'CanNotDelete' + proximityPlacementGroupId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/proximityPlacementGroups/adp-<>-az-ppg-x-001' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - proximityPlacementGroupId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/proximityPlacementGroups/adp-<>-az-ppg-x-001' } } ``` diff --git a/modules/Microsoft.Compute/diskEncryptionSets/readme.md b/modules/Microsoft.Compute/diskEncryptionSets/readme.md index 2dd4546013..d105a2ac37 100644 --- a/modules/Microsoft.Compute/diskEncryptionSets/readme.md +++ b/modules/Microsoft.Compute/diskEncryptionSets/readme.md @@ -161,15 +161,15 @@ tags: { module diskEncryptionSets './Microsoft.Compute/diskEncryptionSets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-diskEncryptionSets' params: { - name: '<>-az-des-x-001' - keyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' keyName: 'keyEncryptionKey' + keyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + name: '<>-az-des-x-001' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.Compute/disks/readme.md b/modules/Microsoft.Compute/disks/readme.md index b49a72fe06..c4290d0422 100644 --- a/modules/Microsoft.Compute/disks/readme.md +++ b/modules/Microsoft.Compute/disks/readme.md @@ -181,10 +181,10 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { imageReferenceId: '/Subscriptions/<>/Providers/Microsoft.Compute/Locations/westeurope/Publishers/MicrosoftWindowsServer/ArtifactTypes/VMImage/Offers/WindowsServer/Skus/2016-Datacenter/Versions/14393.4906.2112080838' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } @@ -245,16 +245,16 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { name: '<>-az-disk-import-001' sku: 'Standard_LRS' createOption: 'Import' - sourceUri: 'https://adp<>azsax001.blob.core.windows.net/vhds/adp-<>-az-imgt-x-001.vhd' - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + sourceUri: 'https://adp<>azsax001.blob.core.windows.net/vhds/adp-<>-az-imgt-x-001.vhd' + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' } } ``` @@ -318,10 +318,10 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { diskSizeGB: 1 roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } @@ -377,20 +377,20 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-disks' params: { name: '<>-az-disk-x-001' - lock: 'CanNotDelete' sku: 'UltraSSD_LRS' - diskSizeGB: 128 - logicalSectorSize: 512 diskIOPSReadWrite: 500 diskMBpsReadWrite: 60 + diskSizeGB: 128 + lock: 'CanNotDelete' + logicalSectorSize: 512 osType: 'Windows' publicNetworkAccess: 'Enabled' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.Compute/galleries/readme.md b/modules/Microsoft.Compute/galleries/readme.md index 9404c41b24..0be885c0ea 100644 --- a/modules/Microsoft.Compute/galleries/readme.md +++ b/modules/Microsoft.Compute/galleries/readme.md @@ -164,38 +164,38 @@ module galleries './Microsoft.Compute/galleries/deploy.bicep' = { name: '<>-az-imgd-x-003' } { + hyperVGeneration: 'V1' + maxRecommendedMemory: 16 + maxRecommendedvCPUs: 8 + minRecommendedMemory: 4 + minRecommendedvCPUs: 2 name: '<>-az-imgd-x-001' - osType: 'Windows' + offer: 'WindowsServer' osState: 'Generalized' + osType: 'Windows' publisher: 'MicrosoftWindowsServer' - offer: 'WindowsServer' - sku: '2022-datacenter-azure-edition' - minRecommendedvCPUs: 2 - maxRecommendedvCPUs: 8 - minRecommendedMemory: 4 - maxRecommendedMemory: 16 - hyperVGeneration: 'V1' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + sku: '2022-datacenter-azure-edition' } { + hyperVGeneration: 'V2' + maxRecommendedMemory: 32 + maxRecommendedvCPUs: 4 + minRecommendedMemory: 4 + minRecommendedvCPUs: 1 name: '<>-az-imgd-x-002' - osType: 'Linux' + offer: '0001-com-ubuntu-server-focal' osState: 'Generalized' + osType: 'Linux' publisher: 'canonical' - offer: '0001-com-ubuntu-server-focal' sku: '20_04-lts-gen2' - minRecommendedvCPUs: 1 - maxRecommendedvCPUs: 4 - minRecommendedMemory: 4 - maxRecommendedMemory: 32 - hyperVGeneration: 'V2' } ] } @@ -279,10 +279,10 @@ module galleries './Microsoft.Compute/galleries/deploy.bicep' = { lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.Compute/images/readme.md b/modules/Microsoft.Compute/images/readme.md index 0ec5d6b7a9..ab92ac6bea 100644 --- a/modules/Microsoft.Compute/images/readme.md +++ b/modules/Microsoft.Compute/images/readme.md @@ -161,19 +161,19 @@ module images './Microsoft.Compute/images/deploy.bicep' = { params: { name: '<>-az-img-x-001' osAccountType: 'Premium_LRS' - osType: 'Windows' osDiskBlobUri: 'https://adp<>azsax001.blob.core.windows.net/vhds/adp-<>-az-imgt-x-001.vhd' osDiskCaching: 'ReadWrite' - zoneResilient: true + osType: 'Windows' hyperVGeneration: 'V1' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + zoneResilient: true } } ``` diff --git a/modules/Microsoft.Compute/proximityPlacementGroups/readme.md b/modules/Microsoft.Compute/proximityPlacementGroups/readme.md index 8fef0a06d4..805d5662ef 100644 --- a/modules/Microsoft.Compute/proximityPlacementGroups/readme.md +++ b/modules/Microsoft.Compute/proximityPlacementGroups/readme.md @@ -156,14 +156,14 @@ tags: { module proximityPlacementGroups './Microsoft.Compute/proximityPlacementGroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-proximityPlacementGroups' params: { - name: '<>-az-ppg-x-001' lock: 'CanNotDelete' + name: '<>-az-ppg-x-001' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md index d418c2c80f..dd20341f14 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md @@ -883,6 +883,13 @@ userAssignedIdentities: { module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachineScaleSets' params: { + adminUsername: 'scaleSetAdmin' + imageReference: { + offer: 'UbuntuServer' + publisher: 'Canonical' + sku: '18.04-LTS' + version: 'latest' + } name: '<>-scaleset-linux-min-001' osDisk: { createOption: 'fromImage' @@ -893,23 +900,9 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } osType: 'Linux' skuName: 'Standard_B2s' - imageReference: { - publisher: 'Canonical' - offer: 'UbuntuServer' - sku: '18.04-LTS' - version: 'latest' - } - adminUsername: 'scaleSetAdmin' disablePasswordAuthentication: true - publicKeys: [ - { - path: '/home/scaleSetAdmin/.ssh/authorized_keys' - keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' - } - ] nicConfigurations: [ { - nicSuffix: '-nic01' ipConfigurations: [ { name: 'ipconfig1' @@ -920,6 +913,13 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } } ] + nicSuffix: '-nic01' + } + ] + publicKeys: [ + { + keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' + path: '/home/scaleSetAdmin/.ssh/authorized_keys' } ] } @@ -1012,13 +1012,14 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachineScaleSets' params: { + adminUsername: 'scaleSetAdmin' + imageReference: { + offer: 'UbuntuServer' + publisher: 'Canonical' + sku: '18.04-LTS' + version: 'latest' + } name: '<>-scaleset-linux-001' - lock: 'CanNotDelete' - vmNamePrefix: 'vmsslinvm' - skuName: 'Standard_B2s' - skuCapacity: 1 - upgradePolicyMode: 'Manual' - vmPriority: 'Regular' osDisk: { createOption: 'fromImage' diskSizeGB: '128' @@ -1026,31 +1027,12 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl storageAccountType: 'Premium_LRS' } } + osType: 'Linux' + skuName: 'Standard_B2s' availabilityZones: [ '2' ] - scaleSetFaultDomain: 1 - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } bootDiagnosticStorageAccountName: 'adp<>azsax001' - osType: 'Linux' - encryptionAtHost: false - imageReference: { - publisher: 'Canonical' - offer: 'UbuntuServer' - sku: '18.04-LTS' - version: 'latest' - } - adminUsername: 'scaleSetAdmin' - disablePasswordAuthentication: true - publicKeys: [ - { - path: '/home/scaleSetAdmin/.ssh/authorized_keys' - keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' - } - ] dataDisks: [ { caching: 'ReadOnly' @@ -1069,9 +1051,50 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } } ] + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + disablePasswordAuthentication: true + encryptionAtHost: false + extensionCustomScriptConfig: { + enabled: true + fileData: [ + { + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' + } + ] + protectedSettings: { + commandToExecute: 'sudo apt-get update' + } + } + extensionDependencyAgentConfig: { + enabled: true + } + extensionDiskEncryptionConfig: { + enabled: true + settings: { + EncryptionOperation: 'EnableEncryption' + KekVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + KeyEncryptionAlgorithm: 'RSA-OAEP' + KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' + KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' + ResizeOSDisk: 'false' + VolumeType: 'All' + } + } + extensionMonitoringAgentConfig: { + enabled: true + } + extensionNetworkWatcherAgentConfig: { + enabled: true + } + lock: 'CanNotDelete' nicConfigurations: [ { - nicSuffix: '-nic01' ipConfigurations: [ { name: 'ipconfig1' @@ -1082,55 +1105,32 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } } ] + nicSuffix: '-nic01' + } + ] + publicKeys: [ + { + keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' + path: '/home/scaleSetAdmin/.ssh/authorized_keys' } ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - extensionMonitoringAgentConfig: { - enabled: true - } - extensionDependencyAgentConfig: { - enabled: true - } - extensionNetworkWatcherAgentConfig: { - enabled: true - } - extensionDiskEncryptionConfig: { - enabled: true - settings: { - EncryptionOperation: 'EnableEncryption' - KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' - KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' - KekVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - KeyEncryptionAlgorithm: 'RSA-OAEP' - VolumeType: 'All' - ResizeOSDisk: 'false' - } - } - extensionCustomScriptConfig: { - enabled: true - fileData: [ - { - uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - } - ] - protectedSettings: { - commandToExecute: 'sudo apt-get update' - } + scaleSetFaultDomain: 1 + skuCapacity: 1 + systemAssignedIdentity: true + upgradePolicyMode: 'Manual' + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } + vmNamePrefix: 'vmsslinvm' + vmPriority: 'Regular' } } ``` @@ -1352,8 +1352,14 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachineScaleSets' params: { + adminUsername: kv1.getSecret('adminUsername') + imageReference: { + offer: 'WindowsServer' + publisher: 'MicrosoftWindowsServer' + sku: '2016-Datacenter' + version: 'latest' + } name: '<>-scaleset-win-min-001' - skuName: 'Standard_B2s' osDisk: { createOption: 'fromImage' diskSizeGB: '128' @@ -1362,17 +1368,10 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } } osType: 'Windows' - imageReference: { - publisher: 'MicrosoftWindowsServer' - offer: 'WindowsServer' - sku: '2016-Datacenter' - version: 'latest' - } - adminUsername: kv1.getSecret('adminUsername') + skuName: 'Standard_B2s' adminPassword: kv1.getSecret('adminPassword') nicConfigurations: [ { - nicSuffix: '-nic01' ipConfigurations: [ { name: 'ipconfig1' @@ -1383,6 +1382,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } } ] + nicSuffix: '-nic01' } ] } @@ -1482,17 +1482,14 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachineScaleSets' params: { - name: '<>-scaleset-win-001' - lock: 'CanNotDelete' - vmNamePrefix: 'vmsswinvm' - skuName: 'Standard_B2s' - skuCapacity: 1 - upgradePolicyMode: 'Manual' - vmPriority: 'Regular' - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + adminUsername: kv1.getSecret('adminUsername') + imageReference: { + offer: 'WindowsServer' + publisher: 'MicrosoftWindowsServer' + sku: '2016-Datacenter' + version: 'latest' } + name: '<>-scaleset-win-001' osDisk: { createOption: 'fromImage' diskSizeGB: '128' @@ -1501,43 +1498,14 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } } osType: 'Windows' - encryptionAtHost: false - imageReference: { - publisher: 'MicrosoftWindowsServer' - offer: 'WindowsServer' - sku: '2016-Datacenter' - version: 'latest' - } - adminUsername: kv1.getSecret('adminUsername') + skuName: 'Standard_B2s' adminPassword: kv1.getSecret('adminPassword') - nicConfigurations: [ - { - nicSuffix: '-nic01' - ipConfigurations: [ - { - name: 'ipconfig1' - properties: { - subnet: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002' - } - } - } - ] - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + encryptionAtHost: false extensionAntiMalwareConfig: { enabled: true settings: { @@ -1549,50 +1517,82 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } RealtimeProtectionEnabled: true ScheduledScanSettings: { + day: '7' isEnabled: 'true' scanType: 'Quick' - day: '7' time: '120' } } } - extensionMonitoringAgentConfig: { + extensionCustomScriptConfig: { enabled: true + fileData: [ + { + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' + } + ] + protectedSettings: { + commandToExecute: 'powershell -ExecutionPolicy Unrestricted -Command \'& .\\scriptExtensionMasterInstaller.ps1\'' + } } extensionDependencyAgentConfig: { enabled: true } - extensionNetworkWatcherAgentConfig: { - enabled: true - } extensionDiskEncryptionConfig: { enabled: true settings: { EncryptionOperation: 'EnableEncryption' - KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' - KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' KekVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' KeyEncryptionAlgorithm: 'RSA-OAEP' - VolumeType: 'All' + KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' + KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' ResizeOSDisk: 'false' + VolumeType: 'All' } } extensionDSCConfig: { enabled: true } - extensionCustomScriptConfig: { + extensionMonitoringAgentConfig: { enabled: true - fileData: [ - { - uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - } - ] - protectedSettings: { - commandToExecute: 'powershell -ExecutionPolicy Unrestricted -Command \'& .\\scriptExtensionMasterInstaller.ps1\'' + } + extensionNetworkWatcherAgentConfig: { + enabled: true + } + lock: 'CanNotDelete' + nicConfigurations: [ + { + ipConfigurations: [ + { + name: 'ipconfig1' + properties: { + subnet: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002' + } + } + } + ] + nicSuffix: '-nic01' + } + ] + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' } + ] + skuCapacity: 1 + systemAssignedIdentity: true + upgradePolicyMode: 'Manual' + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } + vmNamePrefix: 'vmsswinvm' + vmPriority: 'Regular' } } ``` diff --git a/modules/Microsoft.Compute/virtualMachines/readme.md b/modules/Microsoft.Compute/virtualMachines/readme.md index 9b201dd8e9..b26ef958c6 100644 --- a/modules/Microsoft.Compute/virtualMachines/readme.md +++ b/modules/Microsoft.Compute/virtualMachines/readme.md @@ -1010,44 +1010,44 @@ For further details on automanage please refer to [Automanage virtual machines]( module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { - name: '<>-vm-linux-autmg-01' - osType: 'Linux' + adminUsername: 'localAdminUser' imageReference: { - publisher: 'Canonical' offer: 'UbuntuServer' + publisher: 'Canonical' sku: '18.04-LTS' version: 'latest' } - osDisk: { - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - vmSize: 'Standard_B12ms' - adminUsername: 'localAdminUser' - disablePasswordAuthentication: true - publicKeys: [ - { - path: '/home/localAdminUser/.ssh/authorized_keys' - keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' - } - ] nicConfigurations: [ { - nicSuffix: '-nic-01' ipConfigurations: [ { name: 'ipconfig01' - subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' pipConfiguration: { publicIpNameSuffix: '-pip-01' } + subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' } ] + nicSuffix: '-nic-01' } ] + osDisk: { + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + osType: 'Linux' + vmSize: 'Standard_B12ms' configurationProfile: '/providers/Microsoft.Automanage/bestPractices/AzureBestPracticesProduction' + disablePasswordAuthentication: true + name: '<>-vm-linux-autmg-01' + publicKeys: [ + { + keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' + path: '/home/localAdminUser/.ssh/authorized_keys' + } + ] } } ``` @@ -1139,41 +1139,41 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { - name: '<>-vm-linux-min-01' - osType: 'Linux' + adminUsername: 'localAdminUser' imageReference: { - publisher: 'Canonical' offer: 'UbuntuServer' + publisher: 'Canonical' sku: '18.04-LTS' version: 'latest' } + nicConfigurations: [ + { + ipConfigurations: [ + { + name: 'ipconfig01' + pipConfiguration: { + publicIpNameSuffix: '-pip-01' + } + subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' + } + ] + nicSuffix: '-nic-01' + } + ] osDisk: { diskSizeGB: '128' managedDisk: { storageAccountType: 'Premium_LRS' } } + osType: 'Linux' vmSize: 'Standard_B12ms' - adminUsername: 'localAdminUser' disablePasswordAuthentication: true + name: '<>-vm-linux-min-01' publicKeys: [ { - path: '/home/localAdminUser/.ssh/authorized_keys' keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' - } - ] - nicConfigurations: [ - { - nicSuffix: '-nic-01' - ipConfigurations: [ - { - name: 'ipconfig01' - subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' - pipConfiguration: { - publicIpNameSuffix: '-pip-01' - } - } - ] + path: '/home/localAdminUser/.ssh/authorized_keys' } ] } @@ -1264,153 +1264,153 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { - name: '<>-vm-linux-01' - lock: 'CanNotDelete' - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - osType: 'Linux' - encryptionAtHost: false - availabilityZone: 1 - vmSize: 'Standard_B12ms' + adminUsername: 'localAdminUser' imageReference: { - publisher: 'Canonical' offer: 'UbuntuServer' + publisher: 'Canonical' sku: '18.04-LTS' version: 'latest' } - osDisk: { - createOption: 'fromImage' - deleteOption: 'Delete' - caching: 'ReadOnly' - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - dataDisks: [ - { - createOption: 'Empty' - deleteOption: 'Delete' - caching: 'ReadWrite' - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - { - createOption: 'Empty' - deleteOption: 'Delete' - caching: 'ReadWrite' - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - ] - adminUsername: 'localAdminUser' - disablePasswordAuthentication: true - publicKeys: [ - { - path: '/home/localAdminUser/.ssh/authorized_keys' - keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' - } - ] nicConfigurations: [ { - nicSuffix: '-nic-01' deleteOption: 'Delete' ipConfigurations: [ { + applicationSecurityGroups: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' + } + ] + loadBalancerBackendAddressPools: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers' + } + ] name: 'ipconfig01' - subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' pipConfiguration: { publicIpNameSuffix: '-pip-01' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } - loadBalancerBackendAddressPools: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers' - } - ] - applicationSecurityGroups: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' - } - ] + subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' } ] + nicSuffix: '-nic-01' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } ] + osDisk: { + caching: 'ReadOnly' + createOption: 'fromImage' + deleteOption: 'Delete' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + osType: 'Linux' + vmSize: 'Standard_B12ms' + availabilityZone: 1 + backupPolicyName: 'VMpolicy' backupVaultName: 'adp-<>-az-rsv-x-001' backupVaultResourceGroup: 'validation-rg' - backupPolicyName: 'VMpolicy' - roleAssignments: [ + dataDisks: [ { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] + caching: 'ReadWrite' + createOption: 'Empty' + deleteOption: 'Delete' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + { + caching: 'ReadWrite' + createOption: 'Empty' + deleteOption: 'Delete' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } } ] + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - extensionMonitoringAgentConfig: { + disablePasswordAuthentication: true + encryptionAtHost: false + extensionCustomScriptConfig: { enabled: true + fileData: [ + { + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' + } + ] } - monitoringWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - extensionDependencyAgentConfig: { - enabled: true + extensionCustomScriptProtectedSetting: { + commandToExecute: 'sudo apt-get update' } - extensionNetworkWatcherAgentConfig: { + extensionDependencyAgentConfig: { enabled: true } extensionDiskEncryptionConfig: { enabled: true settings: { EncryptionOperation: 'EnableEncryption' - KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' - KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' KekVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' KeyEncryptionAlgorithm: 'RSA-OAEP' - VolumeType: 'All' + KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' + KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' ResizeOSDisk: 'false' + VolumeType: 'All' } } extensionDSCConfig: { enabled: false } - extensionCustomScriptConfig: { + extensionMonitoringAgentConfig: { enabled: true - fileData: [ - { - uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - } - ] } - extensionCustomScriptProtectedSetting: { - commandToExecute: 'sudo apt-get update' + extensionNetworkWatcherAgentConfig: { + enabled: true + } + lock: 'CanNotDelete' + monitoringWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + name: '<>-vm-linux-01' + publicKeys: [ + { + keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' + path: '/home/localAdminUser/.ssh/authorized_keys' + } + ] + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } } } @@ -1662,35 +1662,35 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { - name: '<>-vm-win-03' + adminUsername: 'localAdminUser' imageReference: { - publisher: 'MicrosoftWindowsServer' offer: 'WindowsServer' + publisher: 'MicrosoftWindowsServer' sku: '2019-Datacenter' version: 'latest' } - osType: 'Windows' - vmSize: 'Standard_B12ms' - osDisk: { - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - adminUsername: 'localAdminUser' - adminPassword: kv1.getSecret('adminPassword') nicConfigurations: [ { - nicSuffix: '-nic-01' ipConfigurations: [ { name: 'ipconfig01' subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' } ] + nicSuffix: '-nic-01' } ] + osDisk: { + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + osType: 'Windows' + vmSize: 'Standard_B12ms' + adminPassword: kv1.getSecret('adminPassword') configurationProfile: '/providers/Microsoft.Automanage/bestPractices/AzureBestPracticesProduction' + name: '<>-vm-win-03' } } ``` @@ -1781,34 +1781,34 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { - name: '<>-vm-win-02' + adminUsername: 'localAdminUser' imageReference: { - publisher: 'MicrosoftWindowsServer' offer: 'WindowsServer' + publisher: 'MicrosoftWindowsServer' sku: '2022-datacenter-azure-edition' version: 'latest' } - osType: 'Windows' - vmSize: 'Standard_B12ms' - osDisk: { - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - adminUsername: 'localAdminUser' - adminPassword: kv1.getSecret('adminPassword') nicConfigurations: [ { - nicSuffix: '-nic-01' ipConfigurations: [ { name: 'ipconfig01' subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' } ] + nicSuffix: '-nic-01' } ] + osDisk: { + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + osType: 'Windows' + vmSize: 'Standard_B12ms' + adminPassword: kv1.getSecret('adminPassword') + name: '<>-vm-win-02' } } ``` @@ -1896,110 +1896,96 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { - name: '<>-vm-win-01' - lock: 'CanNotDelete' - encryptionAtHost: false + adminUsername: 'localAdminUser' imageReference: { - publisher: 'MicrosoftWindowsServer' offer: 'WindowsServer' + publisher: 'MicrosoftWindowsServer' sku: '2019-Datacenter' version: 'latest' } - osType: 'Windows' - vmSize: 'Standard_B12ms' - osDisk: { - createOption: 'fromImage' - deleteOption: 'Delete' - caching: 'None' - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - dataDisks: [ - { - createOption: 'Empty' - deleteOption: 'Delete' - caching: 'None' - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - { - createOption: 'Empty' - deleteOption: 'Delete' - caching: 'None' - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - ] - availabilityZone: 2 - adminUsername: 'localAdminUser' - adminPassword: kv1.getSecret('adminPassword') nicConfigurations: [ { - nicSuffix: '-nic-01' deleteOption: 'Delete' ipConfigurations: [ { + applicationSecurityGroups: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' + } + ] + loadBalancerBackendAddressPools: [ + { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers' + } + ] name: 'ipconfig01' - subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' pipConfiguration: { publicIpNameSuffix: '-pip-01' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } - loadBalancerBackendAddressPools: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers' - } - ] - applicationSecurityGroups: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' - } - ] + subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' } ] + nicSuffix: '-nic-01' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } ] + osDisk: { + caching: 'None' + createOption: 'fromImage' + deleteOption: 'Delete' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + osType: 'Windows' + vmSize: 'Standard_B12ms' + adminPassword: kv1.getSecret('adminPassword') + availabilityZone: 2 + backupPolicyName: 'VMpolicy' backupVaultName: 'adp-<>-az-rsv-x-001' backupVaultResourceGroup: 'validation-rg' - backupPolicyName: 'VMpolicy' - roleAssignments: [ + dataDisks: [ { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] + caching: 'None' + createOption: 'Empty' + deleteOption: 'Delete' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + { + caching: 'None' + createOption: 'Empty' + deleteOption: 'Delete' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } } ] + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } + encryptionAtHost: false extensionAntiMalwareConfig: { enabled: true settings: { @@ -2011,50 +1997,64 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { } RealtimeProtectionEnabled: 'true' ScheduledScanSettings: { + day: '7' isEnabled: 'true' scanType: 'Quick' - day: '7' time: '120' } } } - extensionMonitoringAgentConfig: { + extensionCustomScriptConfig: { enabled: true + fileData: [ + { + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' + } + ] } - monitoringWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - extensionDependencyAgentConfig: { - enabled: true + extensionCustomScriptProtectedSetting: { + commandToExecute: 'powershell -ExecutionPolicy Unrestricted -Command \'& .\\scriptExtensionMasterInstaller.ps1\'' } - extensionNetworkWatcherAgentConfig: { + extensionDependencyAgentConfig: { enabled: true } extensionDiskEncryptionConfig: { enabled: true settings: { EncryptionOperation: 'EnableEncryption' - KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' - KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' KekVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' KeyEncryptionAlgorithm: 'RSA-OAEP' - VolumeType: 'All' + KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' + KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' ResizeOSDisk: 'false' + VolumeType: 'All' } } extensionDSCConfig: { enabled: true } - extensionCustomScriptConfig: { + extensionMonitoringAgentConfig: { enabled: true - fileData: [ - { - uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - } - ] } - extensionCustomScriptProtectedSetting: { - commandToExecute: 'powershell -ExecutionPolicy Unrestricted -Command \'& .\\scriptExtensionMasterInstaller.ps1\'' + extensionNetworkWatcherAgentConfig: { + enabled: true + } + lock: 'CanNotDelete' + monitoringWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + name: '<>-vm-win-01' + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } } } diff --git a/modules/Microsoft.Consumption/budgets/readme.md b/modules/Microsoft.Consumption/budgets/readme.md index f76df49499..ddf256599c 100644 --- a/modules/Microsoft.Consumption/budgets/readme.md +++ b/modules/Microsoft.Consumption/budgets/readme.md @@ -59,6 +59,9 @@ module budgets './Microsoft.Consumption/budgets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-budgets' params: { amount: 500 + contactEmails: [ + 'dummy@contoso.com' + ] thresholds: [ 50 75 @@ -66,9 +69,6 @@ module budgets './Microsoft.Consumption/budgets/deploy.bicep' = { 100 110 ] - contactEmails: [ - 'dummy@contoso.com' - ] } } ``` diff --git a/modules/Microsoft.ContainerInstance/containerGroups/readme.md b/modules/Microsoft.ContainerInstance/containerGroups/readme.md index a63ecc8a85..4a3ae786ee 100644 --- a/modules/Microsoft.ContainerInstance/containerGroups/readme.md +++ b/modules/Microsoft.ContainerInstance/containerGroups/readme.md @@ -180,18 +180,18 @@ userAssignedIdentities: { module containerGroups './Microsoft.ContainerInstance/containerGroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-containerGroups' params: { - name: '<>-az-acg-x-001' - lock: 'CanNotDelete' containerName: '<>-az-aci-x-001' image: 'mcr.microsoft.com/azuredocs/aci-helloworld' + name: '<>-az-acg-x-001' + lock: 'CanNotDelete' ports: [ { - protocol: 'Tcp' port: '80' + protocol: 'Tcp' } { - protocol: 'Tcp' port: '443' + protocol: 'Tcp' } ] systemAssignedIdentity: true diff --git a/modules/Microsoft.ContainerRegistry/registries/readme.md b/modules/Microsoft.ContainerRegistry/registries/readme.md index 75d9203bcb..be9d19d0a9 100644 --- a/modules/Microsoft.ContainerRegistry/registries/readme.md +++ b/modules/Microsoft.ContainerRegistry/registries/readme.md @@ -341,14 +341,14 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { name: '${uniqueString(deployment().name)}-registries' params: { name: '<>azacrencr001' + acrSku: 'Premium' + cMKKeyName: 'keyEncryptionKey' + cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' + cMKUserAssignedIdentityResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' + publicNetworkAccess: 'Disabled' userAssignedIdentities: { '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } - publicNetworkAccess: 'Disabled' - acrSku: 'Premium' - cMKUserAssignedIdentityResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' - cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' - cMKKeyName: 'keyEncryptionKey' } } ``` @@ -443,46 +443,46 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { name: '${uniqueString(deployment().name)}-registries' params: { name: '<>azacrx001' - lock: 'CanNotDelete' acrAdminUserEnabled: false acrSku: 'Premium' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' exportPolicyStatus: 'enabled' - quarantinePolicyStatus: 'enabled' - trustPolicyStatus: 'enabled' - replications: [ + lock: 'CanNotDelete' + privateEndpoints: [ { - name: 'northeurope' - location: 'northeurope' + service: 'registry' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' } ] - webhooks: [ + publicNetworkAccess: 'Disabled' + quarantinePolicyStatus: 'enabled' + replications: [ { - name: '<>azacrx001webhook' - serviceUri: 'https://www.contoso.com/webhook' + location: 'northeurope' + name: 'northeurope' } ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' systemAssignedIdentity: true + trustPolicyStatus: 'enabled' userAssignedIdentities: { '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } - publicNetworkAccess: 'Disabled' - privateEndpoints: [ + webhooks: [ { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'registry' + name: '<>azacrx001webhook' + serviceUri: 'https://www.contoso.com/webhook' } ] } diff --git a/modules/Microsoft.ContainerService/managedClusters/readme.md b/modules/Microsoft.ContainerService/managedClusters/readme.md index 3d7978ede7..13cee63a21 100644 --- a/modules/Microsoft.ContainerService/managedClusters/readme.md +++ b/modules/Microsoft.ContainerService/managedClusters/readme.md @@ -370,95 +370,95 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice name: '${uniqueString(deployment().name)}-managedClusters' params: { name: '<>-az-aks-azure-001' - lock: 'CanNotDelete' - diskEncryptionSetID: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/diskEncryptionSets/adp-<>-az-des-x-001' primaryAgentPoolProfile: [ { - name: 'systempool' - osDiskSizeGB: 0 + availabilityZones: [ + '1' + ] count: 1 enableAutoScaling: true - minCount: 1 maxCount: 3 - vmSize: 'Standard_DS2_v2' + maxPods: 30 + minCount: 1 + mode: 'System' + name: 'systempool' + osDiskSizeGB: 0 osType: 'Linux' + serviceCidr: '' storageProfile: 'ManagedDisks' type: 'VirtualMachineScaleSets' - mode: 'System' + vmSize: 'Standard_DS2_v2' vnetSubnetID: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Primary' - serviceCidr: '' - maxPods: 30 - availabilityZones: [ - '1' - ] } ] - aksClusterNetworkPlugin: 'azure' agentPools: [ { - name: 'userpool1' - vmSize: 'Standard_DS2_v2' - osDiskSizeGB: 128 + availabilityZones: [ + '1' + ] count: 2 - osType: 'Linux' + enableAutoScaling: true maxCount: 3 + maxPods: 30 minCount: 1 - enableAutoScaling: true - scaleSetPriority: 'Regular' - scaleSetEvictionPolicy: 'Delete' + minPods: 2 + mode: 'User' + name: 'userpool1' nodeLabels: {} nodeTaints: [ 'CriticalAddonsOnly=true:NoSchedule' ] - type: 'VirtualMachineScaleSets' - availabilityZones: [ - '1' - ] - minPods: 2 - maxPods: 30 + osDiskSizeGB: 128 + osType: 'Linux' + scaleSetEvictionPolicy: 'Delete' + scaleSetPriority: 'Regular' storageProfile: 'ManagedDisks' - mode: 'User' + type: 'VirtualMachineScaleSets' + vmSize: 'Standard_DS2_v2' vnetSubnetID: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Secondary' } { - name: 'userpool2' - vmSize: 'Standard_DS2_v2' - osDiskSizeGB: 128 + availabilityZones: [ + '1' + ] count: 2 - osType: 'Linux' + enableAutoScaling: true maxCount: 3 + maxPods: 30 minCount: 1 - enableAutoScaling: true - scaleSetPriority: 'Regular' - scaleSetEvictionPolicy: 'Delete' + minPods: 2 + mode: 'User' + name: 'userpool2' nodeLabels: {} nodeTaints: [ 'CriticalAddonsOnly=true:NoSchedule' ] - type: 'VirtualMachineScaleSets' - availabilityZones: [ - '1' - ] - minPods: 2 - maxPods: 30 + osDiskSizeGB: 128 + osType: 'Linux' + scaleSetEvictionPolicy: 'Delete' + scaleSetPriority: 'Regular' storageProfile: 'ManagedDisks' - mode: 'User' + type: 'VirtualMachineScaleSets' + vmSize: 'Standard_DS2_v2' vnetSubnetID: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Tertiary' } ] + aksClusterNetworkPlugin: 'azure' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diskEncryptionSetID: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/diskEncryptionSets/adp-<>-az-des-x-001' + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' systemAssignedIdentity: true } } @@ -613,88 +613,88 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice name: '<>-az-aks-kubenet-001' primaryAgentPoolProfile: [ { - name: 'systempool' - osDiskSizeGB: 0 + availabilityZones: [ + '1' + ] count: 1 enableAutoScaling: true - minCount: 1 maxCount: 3 - vmSize: 'Standard_DS2_v2' + maxPods: 30 + minCount: 1 + mode: 'System' + name: 'systempool' + osDiskSizeGB: 0 osType: 'Linux' + serviceCidr: '' storageProfile: 'ManagedDisks' type: 'VirtualMachineScaleSets' - mode: 'System' - serviceCidr: '' - maxPods: 30 - availabilityZones: [ - '1' - ] + vmSize: 'Standard_DS2_v2' } ] - aksClusterNetworkPlugin: 'kubenet' agentPools: [ { - name: 'userpool1' - vmSize: 'Standard_DS2_v2' - osDiskSizeGB: 128 + availabilityZones: [ + '1' + ] count: 2 - osType: 'Linux' + enableAutoScaling: true maxCount: 3 + maxPods: 30 minCount: 1 - enableAutoScaling: true - scaleSetPriority: 'Regular' - scaleSetEvictionPolicy: 'Delete' + minPods: 2 + mode: 'User' + name: 'userpool1' nodeLabels: {} nodeTaints: [ 'CriticalAddonsOnly=true:NoSchedule' ] + osDiskSizeGB: 128 + osType: 'Linux' + scaleSetEvictionPolicy: 'Delete' + scaleSetPriority: 'Regular' + storageProfile: 'ManagedDisks' type: 'VirtualMachineScaleSets' + vmSize: 'Standard_DS2_v2' + } + { availabilityZones: [ '1' ] - minPods: 2 - maxPods: 30 - storageProfile: 'ManagedDisks' - mode: 'User' - } - { - name: 'userpool2' - vmSize: 'Standard_DS2_v2' - osDiskSizeGB: 128 count: 2 - osType: 'Linux' + enableAutoScaling: true maxCount: 3 + maxPods: 30 minCount: 1 - enableAutoScaling: true - scaleSetPriority: 'Regular' - scaleSetEvictionPolicy: 'Delete' + minPods: 2 + mode: 'User' + name: 'userpool2' nodeLabels: {} nodeTaints: [ 'CriticalAddonsOnly=true:NoSchedule' ] - type: 'VirtualMachineScaleSets' - availabilityZones: [ - '1' - ] - minPods: 2 - maxPods: 30 + osDiskSizeGB: 128 + osType: 'Linux' + scaleSetEvictionPolicy: 'Delete' + scaleSetPriority: 'Regular' storageProfile: 'ManagedDisks' - mode: 'User' + type: 'VirtualMachineScaleSets' + vmSize: 'Standard_DS2_v2' } ] + aksClusterNetworkPlugin: 'kubenet' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' userAssignedIdentities: { '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } diff --git a/modules/Microsoft.DataFactory/factories/readme.md b/modules/Microsoft.DataFactory/factories/readme.md index bbd0f5fd2d..8108d9b41d 100644 --- a/modules/Microsoft.DataFactory/factories/readme.md +++ b/modules/Microsoft.DataFactory/factories/readme.md @@ -288,33 +288,33 @@ module factories './Microsoft.DataFactory/factories/deploy.bicep' = { name: '${uniqueString(deployment().name)}-factories' params: { name: '<>-adf-001' - lock: 'CanNotDelete' - managedVirtualNetworkName: 'default' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + gitConfigureLater: true integrationRuntime: { + managedVirtualNetworkName: 'default' name: 'AutoResolveIntegrationRuntime' type: 'Managed' - managedVirtualNetworkName: 'default' typeProperties: { computeProperties: { location: 'AutoResolve' } } } + lock: 'CanNotDelete' + managedVirtualNetworkName: 'default' publicNetworkAccess: true - gitConfigureLater: true roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' systemAssignedIdentity: true userAssignedIdentities: { '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} diff --git a/modules/Microsoft.DataProtection/backupVaults/readme.md b/modules/Microsoft.DataProtection/backupVaults/readme.md index 9567072b92..9066ccdf77 100644 --- a/modules/Microsoft.DataProtection/backupVaults/readme.md +++ b/modules/Microsoft.DataProtection/backupVaults/readme.md @@ -380,18 +380,28 @@ module backupVaults './Microsoft.DataProtection/backupVaults/deploy.bicep' = { name: '${uniqueString(deployment().name)}-backupVaults' params: { name: '<>-az-bv-x-001' - lock: 'CanNotDelete' backupPolicies: [ { name: 'DefaultPolicy' properties: { + datasourceTypes: [ + 'Microsoft.Compute/disks' + ] + objectType: 'BackupPolicy' policyRules: [ { backupParameters: { backupType: 'Incremental' objectType: 'AzureBackupParams' } + dataStore: { + dataStoreType: 'OperationalStore' + objectType: 'DataStoreInfoBase' + } + name: 'BackupDaily' + objectType: 'AzureBackupRule' trigger: { + objectType: 'ScheduleBasedTriggerContext' schedule: { repeatingTimeIntervals: [ 'R/2022-05-31T23:30:00+01:00/P1D' @@ -400,49 +410,39 @@ module backupVaults './Microsoft.DataProtection/backupVaults/deploy.bicep' = { } taggingCriteria: [ { + isDefault: true + taggingPriority: 99 tagInfo: { - tagName: 'Default' id: 'Default_' + tagName: 'Default' } - taggingPriority: 99 - isDefault: true } ] - objectType: 'ScheduleBasedTriggerContext' - } - dataStore: { - dataStoreType: 'OperationalStore' - objectType: 'DataStoreInfoBase' } - name: 'BackupDaily' - objectType: 'AzureBackupRule' } { + isDefault: true lifecycles: [ { deleteAfter: { - objectType: 'AbsoluteDeleteOption' duration: 'P7D' + objectType: 'AbsoluteDeleteOption' } - targetDataStoreCopySettings: [] sourceDataStore: { dataStoreType: 'OperationalStore' objectType: 'DataStoreInfoBase' } + targetDataStoreCopySettings: [] } ] - isDefault: true name: 'Default' objectType: 'AzureRetentionRule' } ] - datasourceTypes: [ - 'Microsoft.Compute/disks' - ] - objectType: 'BackupPolicy' } } ] + lock: 'CanNotDelete' } } ``` diff --git a/modules/Microsoft.Databricks/workspaces/readme.md b/modules/Microsoft.Databricks/workspaces/readme.md index 77984855b8..8c9fcb2f53 100644 --- a/modules/Microsoft.Databricks/workspaces/readme.md +++ b/modules/Microsoft.Databricks/workspaces/readme.md @@ -230,20 +230,20 @@ module workspaces './Microsoft.Databricks/workspaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-workspaces' params: { name: '<>-az-adb-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` diff --git a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md index 0061b8b9e8..a6c1c7910f 100644 --- a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md +++ b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md @@ -169,9 +169,9 @@ tags: { module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-applicationgroups' params: { - name: '<>-az-avdag-min-001' applicationGroupType: 'RemoteApp' hostpoolName: 'adp-<>-az-avdhp-x-001' + name: '<>-az-avdag-min-001' } } ``` @@ -214,44 +214,44 @@ module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/de module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-applicationgroups' params: { - name: '<>-az-avdag-x-001' - lock: 'CanNotDelete' - location: 'westeurope' applicationGroupType: 'RemoteApp' hostpoolName: 'adp-<>-az-avdhp-x-001' - friendlyName: 'Remote Applications 1' - description: 'This is my first Remote Applications bundle' + name: '<>-az-avdag-x-001' applications: [ { - name: 'notepad' + commandLineArguments: '' + commandLineSetting: 'DoNotAllow' description: 'Notepad by ARM template' - friendlyName: 'Notepad' filePath: 'C:\\Windows\\System32\\notepad.exe' - commandLineSetting: 'DoNotAllow' - commandLineArguments: '' - showInPortal: true - iconPath: 'C:\\Windows\\System32\\notepad.exe' + friendlyName: 'Notepad' iconIndex: 0 + iconPath: 'C:\\Windows\\System32\\notepad.exe' + name: 'notepad' + showInPortal: true } { - name: 'wordpad' filePath: 'C:\\Program Files\\Windows NT\\Accessories\\wordpad.exe' friendlyName: 'Wordpad' + name: 'wordpad' } ] + description: 'This is my first Remote Applications bundle' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + friendlyName: 'Remote Applications 1' + location: 'westeurope' + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` From 438205fef5e2eaac08f9b6b0dfa7b7a0409df2d2 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 5 Jul 2022 21:09:55 +0200 Subject: [PATCH 08/38] Updated ordering functino with null handling --- utilities/tools/helper/ConvertTo-OrderedHashtable.ps1 | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/utilities/tools/helper/ConvertTo-OrderedHashtable.ps1 b/utilities/tools/helper/ConvertTo-OrderedHashtable.ps1 index 83f0c790c0..8d00f5a6ef 100644 --- a/utilities/tools/helper/ConvertTo-OrderedHashtable.ps1 +++ b/utilities/tools/helper/ConvertTo-OrderedHashtable.ps1 @@ -63,6 +63,12 @@ function ConvertTo-OrderedHashtable { foreach ($currentLevelKey in ($JSONObject.Keys | Sort-Object)) { + if ($null -eq $JSONObject[$currentLevelKey]) { + # Handling case in which the value is 'null' and hence has no type + $orderedLevel[$currentLevelKey] = $null + continue + } + switch ($JSONObject[$currentLevelKey].GetType().BaseType.Name) { 'Object' { $orderedLevel[$currentLevelKey] = ConvertTo-OrderedHashtable -JSONInputObject ($JSONObject[$currentLevelKey] | ConvertTo-Json -Depth 99) From 58817abac2df2b18aa5d7c097b55148b2d461200 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 5 Jul 2022 22:20:00 +0200 Subject: [PATCH 09/38] Handle empty parameters --- utilities/tools/Set-ModuleReadMe.ps1 | 9 +++++++-- utilities/tools/helper/ConvertTo-OrderedHashtable.ps1 | 2 +- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index cc5395aabf..92faa54e20 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -435,9 +435,14 @@ function Set-DeploymentExamplesSection { $requiredParameterNames = $TemplateFileContent.parameters.Keys | Where-Object { $TemplateFileContent.parameters[$_].Keys -notcontains 'defaultValue' } $orderedJSONParameters = [ordered]@{} # Add required - $JSONParametersWithoutValue.Keys | Where-Object { $_ -in $requiredParameterNames } | ForEach-Object { $orderedJSONParameters[$_] = $JSONParametersWithoutValue[$_] } + $JSONParameters.Keys | Where-Object { $_ -in $requiredParameterNames } | ForEach-Object { $orderedJSONParameters[$_] = $JSONParametersWithoutValue[$_] } # Add rest - $JSONParametersWithoutValue.Keys | Where-Object { $_ -notin $requiredParameterNames } | ForEach-Object { $orderedJSONParameters[$_] = $JSONParametersWithoutValue[$_] } + $JSONParameters.Keys | Where-Object { $_ -notin $requiredParameterNames } | ForEach-Object { $orderedJSONParameters[$_] = $JSONParametersWithoutValue[$_] } + + if ($orderedJSONParameters.count -eq 0) { + # Handle empty dictionaries (in case the parmaeter file was empty) + $orderedJSONParameters = @{} + } $templateParameterObject = $orderedJSONParameters | ConvertTo-Json -Depth 99 if ($templateParameterObject -ne '{}') { diff --git a/utilities/tools/helper/ConvertTo-OrderedHashtable.ps1 b/utilities/tools/helper/ConvertTo-OrderedHashtable.ps1 index 8d00f5a6ef..7311b4d8bb 100644 --- a/utilities/tools/helper/ConvertTo-OrderedHashtable.ps1 +++ b/utilities/tools/helper/ConvertTo-OrderedHashtable.ps1 @@ -64,7 +64,7 @@ function ConvertTo-OrderedHashtable { foreach ($currentLevelKey in ($JSONObject.Keys | Sort-Object)) { if ($null -eq $JSONObject[$currentLevelKey]) { - # Handling case in which the value is 'null' and hence has no type + # Handle case in which the value is 'null' and hence has no type $orderedLevel[$currentLevelKey] = $null continue } From 79b97c55c18eb2e8de2339953ce0187e454adfef Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 5 Jul 2022 22:21:18 +0200 Subject: [PATCH 10/38] Generated more readmes --- .../hostpools/readme.md | 42 ++-- .../workspaces/readme.md | 20 +- .../databaseAccounts/readme.md | 92 ++++---- .../systemTopics/readme.md | 14 +- modules/Microsoft.EventGrid/topics/readme.md | 24 +-- .../Microsoft.EventHub/namespaces/readme.md | 80 +++---- .../Microsoft.HealthBot/healthBots/readme.md | 2 +- .../Microsoft.Insights/actionGroups/readme.md | 24 +-- .../activityLogAlerts/readme.md | 16 +- .../Microsoft.Insights/components/readme.md | 2 +- .../diagnosticSettings/readme.md | 6 +- .../Microsoft.Insights/metricAlerts/readme.md | 16 +- .../privateLinkScopes/readme.md | 14 +- .../scheduledQueryRules/readme.md | 22 +- modules/Microsoft.KeyVault/vaults/readme.md | 116 +++++----- .../extensions/readme.md | 22 +- .../fluxConfigurations/readme.md | 28 +-- modules/Microsoft.Logic/workflows/readme.md | 42 ++-- .../workspaces/readme.md | 76 +++---- .../userAssignedIdentities/readme.md | 4 +- .../registrationDefinitions/readme.md | 14 +- .../Microsoft.NetApp/netAppAccounts/readme.md | 124 +++++------ .../applicationGateways/readme.md | 150 ++++++------- .../applicationSecurityGroups/readme.md | 2 +- .../azureFirewalls/readme.md | 90 ++++---- .../Microsoft.Network/bastionHosts/readme.md | 42 ++-- .../Microsoft.Network/connections/readme.md | 8 +- .../ddosProtectionPlans/readme.md | 4 +- .../expressRouteCircuits/readme.md | 22 +- .../firewallPolicies/readme.md | 26 +-- .../Microsoft.Network/frontDoors/readme.md | 28 +-- modules/Microsoft.Network/ipGroups/readme.md | 4 +- .../Microsoft.Network/loadBalancers/readme.md | 154 ++++++------- .../localNetworkGateways/readme.md | 6 +- .../Microsoft.Network/natGateways/readme.md | 12 +- .../networkInterfaces/readme.md | 38 ++-- .../networkSecurityGroups/readme.md | 74 +++---- .../networkWatchers/readme.md | 64 +++--- .../privateDnsZones/readme.md | 108 +++++----- .../privateEndpoints/readme.md | 16 +- .../publicIPAddresses/readme.md | 24 +-- .../publicIPPrefixes/readme.md | 4 +- .../Microsoft.Network/routeTables/readme.md | 18 +- .../trafficmanagerprofiles/readme.md | 14 +- .../Microsoft.Network/virtualHubs/readme.md | 6 +- .../virtualNetworkGateways/readme.md | 60 +++--- .../virtualNetworks/readme.md | 88 ++++---- .../Microsoft.Network/virtualWans/readme.md | 6 +- .../Microsoft.Network/vpnGateways/readme.md | 24 +-- modules/Microsoft.Network/vpnSites/readme.md | 40 ++-- .../workspaces/readme.md | 94 ++++---- .../solutions/readme.md | 6 +- .../vaults/readme.md | 204 +++++++++--------- .../deploymentScripts/readme.md | 26 +-- .../resourceGroups/readme.md | 8 +- modules/Microsoft.Resources/tags/readme.md | 2 +- .../azureSecurityCenter/readme.md | 6 +- .../Microsoft.ServiceBus/namespaces/readme.md | 108 +++++----- .../clusters/readme.md | 74 +++---- .../Microsoft.Sql/managedInstances/readme.md | 74 +------ modules/Microsoft.Sql/servers/readme.md | 78 +++---- .../storageAccounts/readme.md | 192 ++++++++--------- .../privateLinkHubs/readme.md | 16 +- .../imageTemplates/readme.md | 40 ++-- modules/Microsoft.Web/connections/readme.md | 6 +- .../hostingEnvironments/readme.md | 44 ++-- modules/Microsoft.Web/serverfarms/readme.md | 14 +- modules/Microsoft.Web/sites/readme.md | 102 ++++----- modules/Microsoft.Web/staticSites/readme.md | 28 +-- 69 files changed, 1492 insertions(+), 1562 deletions(-) diff --git a/modules/Microsoft.DesktopVirtualization/hostpools/readme.md b/modules/Microsoft.DesktopVirtualization/hostpools/readme.md index df3760221c..2eb86a0f4e 100644 --- a/modules/Microsoft.DesktopVirtualization/hostpools/readme.md +++ b/modules/Microsoft.DesktopVirtualization/hostpools/readme.md @@ -266,45 +266,45 @@ module hostpools './Microsoft.DesktopVirtualization/hostpools/deploy.bicep' = { name: '${uniqueString(deployment().name)}-hostpools' params: { name: '<>-az-avdhp-x-001' - lock: 'CanNotDelete' - location: 'westeurope' - hostpoolFriendlyName: 'AVDv2' + customRdpProperty: 'audiocapturemode:i:1;audiomode:i:0;drivestoredirect:s:;redirectclipboard:i:1;redirectcomports:i:1;redirectprinters:i:1;redirectsmartcards:i:1;screen mode id:i:2;' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' hostpoolDescription: 'My first AVD Host Pool' + hostpoolFriendlyName: 'AVDv2' hostpoolType: 'Pooled' - personalDesktopAssignmentType: 'Automatic' - maxSessionLimit: 99999 loadBalancerType: 'BreadthFirst' - customRdpProperty: 'audiocapturemode:i:1;audiomode:i:0;drivestoredirect:s:;redirectclipboard:i:1;redirectcomports:i:1;redirectprinters:i:1;redirectsmartcards:i:1;screen mode id:i:2;' + location: 'westeurope' + lock: 'CanNotDelete' + maxSessionLimit: 99999 + personalDesktopAssignmentType: 'Automatic' + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] vmTemplate: { + customImageId: null domain: 'domainname.onmicrosoft.com' galleryImageOffer: 'office-365' galleryImagePublisher: 'microsoftwindowsdesktop' galleryImageSKU: '20h1-evd-o365pp' imageType: 'Gallery' imageUri: null - customImageId: null namePrefix: 'avdv2' osDiskType: 'StandardSSD_LRS' useManagedDisks: true vmSize: { - id: 'Standard_D2s_v3' cores: 2 + id: 'Standard_D2s_v3' ram: 8 } } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` diff --git a/modules/Microsoft.DesktopVirtualization/workspaces/readme.md b/modules/Microsoft.DesktopVirtualization/workspaces/readme.md index 0b2b58ecda..cb5a18742e 100644 --- a/modules/Microsoft.DesktopVirtualization/workspaces/readme.md +++ b/modules/Microsoft.DesktopVirtualization/workspaces/readme.md @@ -167,26 +167,26 @@ module workspaces './Microsoft.DesktopVirtualization/workspaces/deploy.bicep' = name: '${uniqueString(deployment().name)}-workspaces' params: { name: '<>-az-avdws-x-001' - lock: 'CanNotDelete' - location: 'westeurope' appGroupResourceIds: [ '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.DesktopVirtualization/applicationgroups/adp-<>-az-avdag-x-001' ] - workspaceFriendlyName: 'My first AVD Workspace' - workspaceDescription: 'This is my first AVD Workspace' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + location: 'westeurope' + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + workspaceDescription: 'This is my first AVD Workspace' + workspaceFriendlyName: 'My first AVD Workspace' } } ``` diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md index 58ddbd906d..ed9680f703 100644 --- a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md +++ b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md @@ -466,34 +466,29 @@ userAssignedIdentities: { module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-databaseAccounts' params: { - name: '<>-az-cdb-mongodb-001' - location: 'West Europe' locations: [ { - locationName: 'West Europe' failoverPriority: 0 isZoneRedundant: false + locationName: 'West Europe' } { - locationName: 'North Europe' failoverPriority: 1 isZoneRedundant: false + locationName: 'North Europe' } ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] + name: '<>-az-cdb-mongodb-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + location: 'West Europe' mongodbDatabases: [ { - name: '<>-az-mdb-x-001' collections: [ { - name: 'car_collection' indexes: [ { key: { @@ -531,12 +526,12 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } } ] + name: 'car_collection' shardKey: { car_id: 'Hash' } } { - name: 'truck_collection' indexes: [ { key: { @@ -574,17 +569,17 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } } ] + name: 'truck_collection' shardKey: { truck_id: 'Hash' } } ] + name: '<>-az-mdb-x-001' } { - name: '<>-az-mdb-x-002' collections: [ { - name: 'bike_collection' indexes: [ { key: { @@ -622,12 +617,12 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } } ] + name: 'bike_collection' shardKey: { bike_id: 'Hash' } } { - name: 'bicycle_collection' indexes: [ { key: { @@ -665,18 +660,23 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } } ] + name: 'bicycle_collection' shardKey: { bicycle_id: 'Hash' } } ] + name: '<>-az-mdb-x-002' + } + ] + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' systemAssignedIdentity: true } } @@ -945,33 +945,33 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-databaseAccounts' params: { - name: '<>-az-cdb-plain-001' - lock: 'CanNotDelete' locations: [ { - locationName: 'West Europe' failoverPriority: 0 isZoneRedundant: false + locationName: 'West Europe' } { - locationName: 'North Europe' failoverPriority: 1 isZoneRedundant: false + locationName: 'North Europe' } ] + name: '<>-az-cdb-plain-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -1050,51 +1050,51 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-databaseAccounts' params: { - name: '<>-az-cdb-sqldb-001' - location: 'West Europe' locations: [ { - locationName: 'West Europe' failoverPriority: 0 isZoneRedundant: false + locationName: 'West Europe' } { - locationName: 'North Europe' failoverPriority: 1 isZoneRedundant: false + locationName: 'North Europe' } ] + name: '<>-az-cdb-sqldb-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + location: 'West Europe' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] sqlDatabases: [ { - name: '<>-az-sql-x-001' containers: [ { + kind: 'Hash' name: 'container-001' paths: [ '/myPartitionKey' ] - kind: 'Hash' } ] + name: '<>-az-sql-x-001' } { - name: '<>-az-sql-x-002' containers: [] + name: '<>-az-sql-x-002' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' userAssignedIdentities: { '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } diff --git a/modules/Microsoft.EventGrid/systemTopics/readme.md b/modules/Microsoft.EventGrid/systemTopics/readme.md index 94e155473f..cc5658c116 100644 --- a/modules/Microsoft.EventGrid/systemTopics/readme.md +++ b/modules/Microsoft.EventGrid/systemTopics/readme.md @@ -325,22 +325,22 @@ module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { name: '${uniqueString(deployment().name)}-systemTopics' params: { name: '<>-az-egstn-x-001' - lock: 'CanNotDelete' source: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' topicType: 'Microsoft.Storage.StorageAccounts' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` diff --git a/modules/Microsoft.EventGrid/topics/readme.md b/modules/Microsoft.EventGrid/topics/readme.md index d1b7e44c13..302ec7cb94 100644 --- a/modules/Microsoft.EventGrid/topics/readme.md +++ b/modules/Microsoft.EventGrid/topics/readme.md @@ -247,26 +247,26 @@ module topics './Microsoft.EventGrid/topics/deploy.bicep' = { name: '${uniqueString(deployment().name)}-topics' params: { name: '<>-az-egtn-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' lock: 'CanNotDelete' + privateEndpoints: [ + { + service: 'topic' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + } + ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'topic' - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` diff --git a/modules/Microsoft.EventHub/namespaces/readme.md b/modules/Microsoft.EventHub/namespaces/readme.md index f9c15762dc..74cad65799 100644 --- a/modules/Microsoft.EventHub/namespaces/readme.md +++ b/modules/Microsoft.EventHub/namespaces/readme.md @@ -324,8 +324,6 @@ module namespaces './Microsoft.EventHub/namespaces/deploy.bicep' = { module namespaces './Microsoft.EventHub/namespaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-namespaces' params: { - name: '<>-az-evnsp-x-001' - lock: 'CanNotDelete' authorizationRules: [ { name: 'RootManageSharedAccessKey' @@ -343,20 +341,16 @@ module namespaces './Microsoft.EventHub/namespaces/deploy.bicep' = { ] } ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' eventHubs: [ { name: '<>-az-evh-x-001' } { - name: '<>-az-evh-x-002' authorizationRules: [ { name: 'RootManageSharedAccessKey' @@ -374,25 +368,14 @@ module namespaces './Microsoft.EventHub/namespaces/deploy.bicep' = { ] } ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - messageRetentionInDays: 1 - partitionCount: 2 - status: 'Active' + captureDescriptionDestinationArchiveNameFormat: '{Namespace}/{EventHub}/{PartitionId}/{Year}/{Month}/{Day}/{Hour}/{Minute}/{Second}' + captureDescriptionDestinationBlobContainer: 'eventhub' + captureDescriptionDestinationName: 'EventHubArchive.AzureBlockBlob' + captureDescriptionDestinationStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' captureDescriptionEnabled: true captureDescriptionEncoding: 'Avro' captureDescriptionIntervalInSeconds: 300 captureDescriptionSizeLimitInBytes: 314572800 - captureDescriptionDestinationName: 'EventHubArchive.AzureBlockBlob' - captureDescriptionDestinationStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - captureDescriptionDestinationBlobContainer: 'eventhub' - captureDescriptionDestinationArchiveNameFormat: '{Namespace}/{EventHub}/{PartitionId}/{Year}/{Month}/{Day}/{Hour}/{Minute}/{Second}' captureDescriptionSkipEmptyArchives: true consumerGroups: [ { @@ -400,20 +383,22 @@ module namespaces './Microsoft.EventHub/namespaces/deploy.bicep' = { userMetadata: 'customMetadata' } ] + messageRetentionInDays: 1 + name: '<>-az-evh-x-002' + partitionCount: 2 + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] + status: 'Active' } ] - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'namespace' - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - systemAssignedIdentity: true + lock: 'CanNotDelete' + name: '<>-az-evnsp-x-001' networkRuleSets: { defaultAction: 'Deny' ipRules: [ @@ -422,16 +407,31 @@ module namespaces './Microsoft.EventHub/namespaces/deploy.bicep' = { ipMask: '10.10.10.10' } ] + trustedServiceAccessEnabled: false virtualNetworkRules: [ { + ignoreMissingVnetServiceEndpoint: true subnet: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' } - ignoreMissingVnetServiceEndpoint: true } ] - trustedServiceAccessEnabled: false } + privateEndpoints: [ + { + service: 'namespace' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + } + ] + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] + systemAssignedIdentity: true userAssignedIdentities: { '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } diff --git a/modules/Microsoft.HealthBot/healthBots/readme.md b/modules/Microsoft.HealthBot/healthBots/readme.md index 82e89af6b4..a38e4411b9 100644 --- a/modules/Microsoft.HealthBot/healthBots/readme.md +++ b/modules/Microsoft.HealthBot/healthBots/readme.md @@ -160,10 +160,10 @@ module healthBots './Microsoft.HealthBot/healthBots/deploy.bicep' = { lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.Insights/actionGroups/readme.md b/modules/Microsoft.Insights/actionGroups/readme.md index bd0e70d985..522bebc0ac 100644 --- a/modules/Microsoft.Insights/actionGroups/readme.md +++ b/modules/Microsoft.Insights/actionGroups/readme.md @@ -242,32 +242,32 @@ tags: { module actionGroups './Microsoft.Insights/actionGroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-actionGroups' params: { - name: '<>-az-ag-x-001' groupShortName: 'azagweux001' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] + name: '<>-az-ag-x-001' emailReceivers: [ { - name: 'TestUser_-EmailAction-' emailAddress: 'test.user@testcompany.com' + name: 'TestUser_-EmailAction-' useCommonAlertSchema: true } { - name: 'TestUser2' emailAddress: 'test.user2@testcompany.com' + name: 'TestUser2' useCommonAlertSchema: true } ] + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] smsReceivers: [ { - name: 'TestUser_-SMSAction-' countryCode: '1' + name: 'TestUser_-SMSAction-' phoneNumber: '2345678901' } ] diff --git a/modules/Microsoft.Insights/activityLogAlerts/readme.md b/modules/Microsoft.Insights/activityLogAlerts/readme.md index bba444dec2..be47b92174 100644 --- a/modules/Microsoft.Insights/activityLogAlerts/readme.md +++ b/modules/Microsoft.Insights/activityLogAlerts/readme.md @@ -404,24 +404,21 @@ tags: { module activityLogAlerts './Microsoft.Insights/activityLogAlerts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-activityLogAlerts' params: { - name: '<>-az-ala-x-001' - scopes: [ - '/subscriptions/<>' - ] conditions: [ { - field: 'category' equals: 'Administrative' + field: 'category' } { - field: 'resourceType' equals: 'microsoft.compute/virtualmachines' + field: 'resourceType' } { - field: 'operationName' equals: 'Microsoft.Compute/virtualMachines/performMaintenance/action' + field: 'operationName' } ] + name: '<>-az-ala-x-001' actions: [ { actionGroupId: '/subscriptions/<>/resourceGroups/validation-rg/providers/microsoft.insights/actiongroups/adp-<>-az-ag-x-001' @@ -429,12 +426,15 @@ module activityLogAlerts './Microsoft.Insights/activityLogAlerts/deploy.bicep' = ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + scopes: [ + '/subscriptions/<>' + ] } } ``` diff --git a/modules/Microsoft.Insights/components/readme.md b/modules/Microsoft.Insights/components/readme.md index d711ad81fc..3fdd5c3639 100644 --- a/modules/Microsoft.Insights/components/readme.md +++ b/modules/Microsoft.Insights/components/readme.md @@ -164,10 +164,10 @@ module components './Microsoft.Insights/components/deploy.bicep' = { workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-appi-001' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.Insights/diagnosticSettings/readme.md b/modules/Microsoft.Insights/diagnosticSettings/readme.md index 7296654989..f6707a28b5 100644 --- a/modules/Microsoft.Insights/diagnosticSettings/readme.md +++ b/modules/Microsoft.Insights/diagnosticSettings/readme.md @@ -51,12 +51,12 @@ This module deploys a subscription wide export of the activity log. module diagnosticSettings './Microsoft.Insights/diagnosticSettings/deploy.bicep' = { name: '${uniqueString(deployment().name)}-diagnosticSettings' params: { - name: '<>-az-diag-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + name: '<>-az-diag-x-001' } } ``` diff --git a/modules/Microsoft.Insights/metricAlerts/readme.md b/modules/Microsoft.Insights/metricAlerts/readme.md index 91e7e34cb2..d2cf3b54a0 100644 --- a/modules/Microsoft.Insights/metricAlerts/readme.md +++ b/modules/Microsoft.Insights/metricAlerts/readme.md @@ -385,13 +385,6 @@ tags: { module metricAlerts './Microsoft.Insights/metricAlerts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-metricAlerts' params: { - name: '<>-az-ma-x-001' - windowSize: 'PT15M' - actions: [ - '/subscriptions/<>/resourceGroups/validation-rg/providers/microsoft.insights/actiongroups/adp-<>-az-ag-x-001' - ] - targetResourceType: 'microsoft.compute/virtualmachines' - targetResourceRegion: 'westeurope' criterias: [ { criterionType: 'StaticThresholdCriterion' @@ -403,15 +396,22 @@ module metricAlerts './Microsoft.Insights/metricAlerts/deploy.bicep' = { timeAggregation: 'Average' } ] + name: '<>-az-ma-x-001' + actions: [ + '/subscriptions/<>/resourceGroups/validation-rg/providers/microsoft.insights/actiongroups/adp-<>-az-ag-x-001' + ] alertCriteriaType: 'Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + targetResourceRegion: 'westeurope' + targetResourceType: 'microsoft.compute/virtualmachines' + windowSize: 'PT15M' } } ``` diff --git a/modules/Microsoft.Insights/privateLinkScopes/readme.md b/modules/Microsoft.Insights/privateLinkScopes/readme.md index 27ae171cff..988cdc485f 100644 --- a/modules/Microsoft.Insights/privateLinkScopes/readme.md +++ b/modules/Microsoft.Insights/privateLinkScopes/readme.md @@ -239,24 +239,24 @@ module privateLinkScopes './Microsoft.Insights/privateLinkScopes/deploy.bicep' = params: { name: '<>-az-pls-x-001' lock: 'CanNotDelete' - scopedResources: [ + privateEndpoints: [ { - name: 'scoped1' - linkedResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + service: 'azuremonitor' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' } ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - privateEndpoints: [ + scopedResources: [ { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'azuremonitor' + linkedResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + name: 'scoped1' } ] } diff --git a/modules/Microsoft.Insights/scheduledQueryRules/readme.md b/modules/Microsoft.Insights/scheduledQueryRules/readme.md index dacac14608..542ff823b1 100644 --- a/modules/Microsoft.Insights/scheduledQueryRules/readme.md +++ b/modules/Microsoft.Insights/scheduledQueryRules/readme.md @@ -169,20 +169,10 @@ module scheduledQueryRules './Microsoft.Insights/scheduledQueryRules/deploy.bice params: { name: 'myAlert01' alertDescription: 'My sample Alert' - scopes: [ - '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - ] - evaluationFrequency: 'PT5M' - windowSize: 'PT5M' - suppressForMinutes: 'PT5M' - queryTimeRange: 'PT5M' autoMitigate: false criterias: { allOf: [ { - query: 'Perf | where ObjectName == \'LogicalDisk\' | where CounterName == \'% Free Space\' | where InstanceName <> \'HarddiskVolume1\' and InstanceName <> \'_Total\' | summarize AggregatedValue = min(CounterValue) by Computer InstanceName bin(TimeGenerated5m)' - timeAggregation: 'Average' - metricMeasureColumn: 'AggregatedValue' dimensions: [ { name: 'Computer' @@ -199,19 +189,29 @@ module scheduledQueryRules './Microsoft.Insights/scheduledQueryRules/deploy.bice ] } ] + metricMeasureColumn: 'AggregatedValue' operator: 'GreaterThan' + query: 'Perf | where ObjectName == \'LogicalDisk\' | where CounterName == \'% Free Space\' | where InstanceName <> \'HarddiskVolume1\' and InstanceName <> \'_Total\' | summarize AggregatedValue = min(CounterValue) by Computer InstanceName bin(TimeGenerated5m)' threshold: 0 + timeAggregation: 'Average' } ] } + evaluationFrequency: 'PT5M' + queryTimeRange: 'PT5M' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + scopes: [ + '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + ] + suppressForMinutes: 'PT5M' + windowSize: 'PT5M' } } ``` diff --git a/modules/Microsoft.KeyVault/vaults/readme.md b/modules/Microsoft.KeyVault/vaults/readme.md index e8aea707b4..0cf57a655d 100644 --- a/modules/Microsoft.KeyVault/vaults/readme.md +++ b/modules/Microsoft.KeyVault/vaults/readme.md @@ -423,103 +423,103 @@ module vaults './Microsoft.KeyVault/vaults/deploy.bicep' = { module vaults './Microsoft.KeyVault/vaults/deploy.bicep' = { name: '${uniqueString(deployment().name)}-vaults' params: { - name: '<>-az-kv-x-002' - lock: 'CanNotDelete' - softDeleteRetentionInDays: 7 - enableRbacAuthorization: false - privateEndpoints: [ + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + accessPolicies: [ { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'vault' - } - ] - networkAcls: { - bypass: 'AzureServices' - defaultAction: 'Deny' - virtualNetworkRules: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' - action: 'Allow' + objectId: '<>' + permissions: { + keys: [ + 'get' + 'list' + 'update' + ] + secrets: [ + 'all' + ] } - ] - ipRules: [] - } - roleAssignments: [ + tenantId: '<>' + } { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] + objectId: '<>' + permissions: { + certificates: [ + 'backup' + 'create' + 'delete' + ] + secrets: [ + 'all' + ] + } } ] + diagnosticLogsRetentionInDays: 7 secrets: { secureList: [ { - name: 'secretName' - value: 'secretValue' - contentType: 'Something' attributesExp: 1702648632 attributesNbf: 10000 + contentType: 'Something' + name: 'secretName' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + value: 'secretValue' } ] } + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + lock: 'CanNotDelete' keys: [ { - name: 'keyName' attributesExp: 1702648632 attributesNbf: 10000 + name: 'keyName' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } ] - accessPolicies: [ - { - objectId: '<>' - permissions: { - keys: [ - 'get' - 'list' - 'update' - ] - secrets: [ - 'all' - ] + name: '<>-az-kv-x-002' + networkAcls: { + bypass: 'AzureServices' + defaultAction: 'Deny' + ipRules: [] + virtualNetworkRules: [ + { + action: 'Allow' + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' } - tenantId: '<>' + ] + } + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' } + ] + enableRbacAuthorization: false + softDeleteRetentionInDays: 7 + privateEndpoints: [ { - objectId: '<>' - permissions: { - certificates: [ - 'backup' - 'create' - 'delete' - ] - secrets: [ - 'all' - ] - } + service: 'vault' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` diff --git a/modules/Microsoft.KubernetesConfiguration/extensions/readme.md b/modules/Microsoft.KubernetesConfiguration/extensions/readme.md index 7aa4a6ae34..b8ac3510cf 100644 --- a/modules/Microsoft.KubernetesConfiguration/extensions/readme.md +++ b/modules/Microsoft.KubernetesConfiguration/extensions/readme.md @@ -75,11 +75,11 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-extensions' params: { - name: 'flux' - extensionType: 'microsoft.flux' clusterName: '<>-az-aks-kubenet-001' - releaseTrain: 'Stable' + extensionType: 'microsoft.flux' + name: 'flux' releaseNamespace: 'flux-system' + releaseTrain: 'Stable' } } ``` @@ -128,19 +128,19 @@ module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-extensions' params: { - name: 'flux' - extensionType: 'microsoft.flux' clusterName: '<>-az-aks-kubenet-001' - releaseTrain: 'Stable' - releaseNamespace: 'flux-system' - version: '0.5.2' + extensionType: 'microsoft.flux' + name: 'flux' configurationSettings: { - 'source-controller.enabled': 'true' - 'kustomize-controller.enabled': 'true' - 'notification-controller.enabled': 'false' 'image-automation-controller.enabled': 'false' 'image-reflector-controller.enabled': 'false' + 'kustomize-controller.enabled': 'true' + 'notification-controller.enabled': 'false' + 'source-controller.enabled': 'true' } + releaseNamespace: 'flux-system' + releaseTrain: 'Stable' + version: '0.5.2' } } ``` diff --git a/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md b/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md index 49bbf4ba46..9072b9f713 100644 --- a/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md +++ b/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md @@ -77,19 +77,19 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfigurations/deploy.bicep' = { name: '${uniqueString(deployment().name)}-fluxConfigurations' params: { - name: 'flux2' - scope: 'cluster' clusterName: '<>-az-aks-kubenet-001' + name: 'flux2' namespace: 'flux-system' + scope: 'cluster' sourceKind: 'GitRepository' gitRepository: { - url: 'https://github.com/mspnp/aks-baseline' - timeoutInSeconds: 180 - syncIntervalInSeconds: 300 repositoryRef: { branch: 'main' } sshKnownHosts: '' + syncIntervalInSeconds: 300 + timeoutInSeconds: 180 + url: 'https://github.com/mspnp/aks-baseline' } } } @@ -150,28 +150,28 @@ module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfiguration module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfigurations/deploy.bicep' = { name: '${uniqueString(deployment().name)}-fluxConfigurations' params: { - name: 'flux2' - scope: 'cluster' clusterName: '<>-az-aks-kubenet-001' + name: 'flux2' namespace: 'flux-system' + scope: 'cluster' sourceKind: 'GitRepository' gitRepository: { - url: 'https://github.com/mspnp/aks-baseline' - timeoutInSeconds: 180 - syncIntervalInSeconds: 300 repositoryRef: { branch: 'main' } sshKnownHosts: '' + syncIntervalInSeconds: 300 + timeoutInSeconds: 180 + url: 'https://github.com/mspnp/aks-baseline' } kustomizations: { unified: { - path: './cluster-manifests' dependsOn: [] - timeoutInSeconds: 300 - syncIntervalInSeconds: 300 - prune: true force: false + path: './cluster-manifests' + prune: true + syncIntervalInSeconds: 300 + timeoutInSeconds: 300 } } } diff --git a/modules/Microsoft.Logic/workflows/readme.md b/modules/Microsoft.Logic/workflows/readme.md index 3dfa18ab8f..60de020b43 100644 --- a/modules/Microsoft.Logic/workflows/readme.md +++ b/modules/Microsoft.Logic/workflows/readme.md @@ -324,28 +324,42 @@ module workflows './Microsoft.Logic/workflows/deploy.bicep' = { name: '${uniqueString(deployment().name)}-workflows' params: { name: '<>-az-lga-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' lock: 'CanNotDelete' + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] + systemAssignedIdentity: true tags: {} workflowActions: { HTTP: { - type: 'Http' inputs: { - method: 'POST' - uri: 'https://testStringForValidation.com' body: { + BeginPeakTime: '[BeginPeakTime]' + EndPeakTime: '[EndPeakTime]' HostPoolName: '[HostPoolName]' LAWorkspaceName: '[LAWorkspaceName]' LimitSecondsToForceLogOffUser: '[LimitSecondsToForceLogOffUser]' - EndPeakTime: '[EndPeakTime]' - BeginPeakTime: '[BeginPeakTime]' - UtcOffset: '[UtcOffset]' LogOffMessageBody: '[LogOffMessageBody]' LogOffMessageTitle: '[LogOffMessageTitle]' MinimumNumberOfRDSH: 1 - SessionThresholdPerCPU: 1 ResourceGroupName: '[ResourceGroupName]' + SessionThresholdPerCPU: 1 + UtcOffset: '[UtcOffset]' } + method: 'POST' + uri: 'https://testStringForValidation.com' } + type: 'Http' } } workflowTriggers: { @@ -357,20 +371,6 @@ module workflows './Microsoft.Logic/workflows/deploy.bicep' = { type: 'Recurrence' } } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - systemAssignedIdentity: true } } ``` diff --git a/modules/Microsoft.MachineLearningServices/workspaces/readme.md b/modules/Microsoft.MachineLearningServices/workspaces/readme.md index 508f03c5da..7bb74cc9db 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/readme.md +++ b/modules/Microsoft.MachineLearningServices/workspaces/readme.md @@ -407,11 +407,11 @@ userAssignedIdentities: { module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-workspaces' params: { + associatedApplicationInsightsResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' + associatedKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + associatedStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' name: '<>-az-mls-min-001' sku: 'Basic' - associatedStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - associatedKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - associatedApplicationInsightsResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' systemAssignedIdentity: true } } @@ -464,37 +464,19 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-workspaces' params: { + associatedApplicationInsightsResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' + associatedKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + associatedStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' name: '<>-az-mls-x-001' - lock: 'CanNotDelete' sku: 'Basic' - associatedStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - associatedKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - associatedApplicationInsightsResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' - systemAssignedIdentity: false - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - description: 'The cake is a lie.' - discoveryUrl: 'http://example.com' - encryptionIdentity: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' - encryptionKeyIdentifier: 'https://adp-carml-az-kv-nopr-002.vault.azure.net/keys/keyEncryptionKey/5263fcde203347baa7cda35d074073b2' - encryptionKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-carml-az-kv-nopr-002' - imageBuildCompute: 'testcompute' - publicNetworkAccess: 'Enabled' - primaryUserAssignedIdentity: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' computes: [ { - name: 'DefaultCPU' - location: 'westeurope' computeLocation: 'westeurope' - sku: 'Basic' - systemAssignedIdentity: false - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } + computeType: 'AmlCompute' description: 'Default CPU Cluster' disableLocalAuth: false - computeType: 'AmlCompute' + location: 'westeurope' + name: 'DefaultCPU' properties: { enableNodePublicIp: true isolatedNetwork: false @@ -508,27 +490,45 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' vmPriority: 'Dedicated' vmSize: 'STANDARD_DS11_V2' } + sku: 'Basic' + systemAssignedIdentity: false + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } } ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] + description: 'The cake is a lie.' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + discoveryUrl: 'http://example.com' + encryptionIdentity: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' + encryptionKeyIdentifier: 'https://adp-carml-az-kv-nopr-002.vault.azure.net/keys/keyEncryptionKey/5263fcde203347baa7cda35d074073b2' + encryptionKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-carml-az-kv-nopr-002' + imageBuildCompute: 'testcompute' + lock: 'CanNotDelete' + primaryUserAssignedIdentity: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' privateEndpoints: [ { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' service: 'amlworkspace' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' } ] + publicNetworkAccess: 'Enabled' + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] + systemAssignedIdentity: false + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } } } ``` diff --git a/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md b/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md index 6a91106aa3..659db990a9 100644 --- a/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md +++ b/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md @@ -152,14 +152,14 @@ tags: { module userAssignedIdentities './Microsoft.ManagedIdentity/userAssignedIdentities/deploy.bicep' = { name: '${uniqueString(deployment().name)}-userAssignedIdentities' params: { - name: '<>-az-msi-x-001' lock: 'CanNotDelete' + name: '<>-az-msi-x-001' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md b/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md index 1a2fbfed32..ec566a42e5 100644 --- a/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md +++ b/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md @@ -175,9 +175,6 @@ There are a couple of limitations that you should be aware of with Lighthouse: module registrationDefinitions './Microsoft.ManagedServices/registrationDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-registrationDefinitions' params: { - name: 'Component Validation - Subscription assignment' - registrationDescription: 'Managed by Lighthouse' - managedByTenantId: '195ee85d-2f10-4764-8352-a3c99aa772fb' authorizations: [ { principalId: 'e87a249c-b53b-4685-94fe-863af522e4ee' @@ -195,6 +192,9 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti roleDefinitionId: '91c1777a-f3dc-4fae-b103-61d183457e46' } ] + managedByTenantId: '195ee85d-2f10-4764-8352-a3c99aa772fb' + name: 'Component Validation - Subscription assignment' + registrationDescription: 'Managed by Lighthouse' } } ``` @@ -256,10 +256,6 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti module registrationDefinitions './Microsoft.ManagedServices/registrationDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-registrationDefinitions' params: { - name: 'Component Validation - Resource group assignment' - registrationDescription: 'Managed by Lighthouse' - managedByTenantId: '195ee85d-2f10-4764-8352-a3c99aa772fb' - resourceGroupName: 'validation-rg' authorizations: [ { principalId: 'e87a249c-b53b-4685-94fe-863af522e4ee' @@ -277,6 +273,10 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti roleDefinitionId: '91c1777a-f3dc-4fae-b103-61d183457e46' } ] + managedByTenantId: '195ee85d-2f10-4764-8352-a3c99aa772fb' + name: 'Component Validation - Resource group assignment' + registrationDescription: 'Managed by Lighthouse' + resourceGroupName: 'validation-rg' } } ``` diff --git a/modules/Microsoft.NetApp/netAppAccounts/readme.md b/modules/Microsoft.NetApp/netAppAccounts/readme.md index d3b5c0f953..ea66f1e765 100644 --- a/modules/Microsoft.NetApp/netAppAccounts/readme.md +++ b/modules/Microsoft.NetApp/netAppAccounts/readme.md @@ -202,87 +202,87 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-netAppAccounts' params: { name: '<>-az-anf-nfs3-001' - lock: 'CanNotDelete' capacityPools: [ { name: '<>-az-anfcp-x-001' + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] serviceLevel: 'Premium' size: 4398046511104 volumes: [ { - name: 'anf3-vol01-nfsv3' - usageThreshold: 107374182400 - protocolTypes: [ - 'NFSv3' - ] exportPolicyRules: [ { + allowedClients: '0.0.0.0/0' + nfsv3: true + nfsv41: false ruleIndex: 1 unixReadOnly: false unixReadWrite: true - nfsv3: true - nfsv41: false - allowedClients: '0.0.0.0/0' } ] - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004' + name: 'anf3-vol01-nfsv3' + protocolTypes: [ + 'NFSv3' + ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004' + usageThreshold: 107374182400 } { name: 'anf3-vol02-nfsv3' - usageThreshold: 107374182400 protocolTypes: [ 'NFSv3' ] subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004' - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] + usageThreshold: 107374182400 } ] } { name: '<>-az-anfcp-x-002' - serviceLevel: 'Premium' - size: 4398046511104 - volumes: [] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + serviceLevel: 'Premium' + size: 4398046511104 + volumes: [] } ] + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] tags: { - Environment: 'Non-Prod' Contact: 'test.user@testcompany.com' - PurchaseOrder: '1234' CostCenter: '7890' - ServiceName: 'DeploymentValidation' + Environment: 'Non-Prod' + PurchaseOrder: '1234' Role: 'DeploymentValidation' + ServiceName: 'DeploymentValidation' } } } @@ -414,93 +414,93 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { capacityPools: [ { name: '<>-az-anfcp-x-001' + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] serviceLevel: 'Premium' size: 4398046511104 volumes: [ { - name: 'anf4-vol01-nfsv41' - usageThreshold: 107374182400 - protocolTypes: [ - 'NFSv4.1' - ] exportPolicyRules: [ { + allowedClients: '0.0.0.0/0' + nfsv3: false + nfsv41: true ruleIndex: 1 unixReadOnly: false unixReadWrite: true - nfsv3: false - nfsv41: true - allowedClients: '0.0.0.0/0' } ] - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004' + name: 'anf4-vol01-nfsv41' + protocolTypes: [ + 'NFSv4.1' + ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004' + usageThreshold: 107374182400 } { - name: 'anf4-vol02-nfsv41' - usageThreshold: 107374182400 - protocolTypes: [ - 'NFSv4.1' - ] exportPolicyRules: [ { + allowedClients: '0.0.0.0/0' + nfsv3: false + nfsv41: true ruleIndex: 1 unixReadOnly: false unixReadWrite: true - nfsv3: false - nfsv41: true - allowedClients: '0.0.0.0/0' } ] - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004' - } - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' + name: 'anf4-vol02-nfsv41' + protocolTypes: [ + 'NFSv4.1' ] + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004' + usageThreshold: 107374182400 } ] } { name: '<>-az-anfcp-x-002' - serviceLevel: 'Premium' - size: 4398046511104 - volumes: [] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + serviceLevel: 'Premium' + size: 4398046511104 + volumes: [] } ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] tags: { - Environment: 'Non-Prod' Contact: 'test.user@testcompany.com' - PurchaseOrder: '1234' CostCenter: '7890' - ServiceName: 'DeploymentValidation' + Environment: 'Non-Prod' + PurchaseOrder: '1234' Role: 'DeploymentValidation' + ServiceName: 'DeploymentValidation' } } } diff --git a/modules/Microsoft.Network/applicationGateways/readme.md b/modules/Microsoft.Network/applicationGateways/readme.md index f58cad586a..c128e0d706 100644 --- a/modules/Microsoft.Network/applicationGateways/readme.md +++ b/modules/Microsoft.Network/applicationGateways/readme.md @@ -233,21 +233,6 @@ module applicationGateways './Microsoft.Network/applicationGateways/deploy.bicep name: '${uniqueString(deployment().name)}-applicationGateways' params: { name: '<>-az-apgw-x-001' - lock: 'CanNotDelete' - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - webApplicationFirewallConfiguration: { - enabled: true - firewallMode: 'Detection' - ruleSetType: 'OWASP' - ruleSetVersion: '3.0' - disabledRuleGroups: [] - requestBodyCheck: true - maxRequestBodySizeInKb: 128 - fileUploadLimitInMb: 100 - } - enableHttp2: true backendAddressPools: [ { name: 'appServiceBackendPool' @@ -274,27 +259,33 @@ module applicationGateways './Microsoft.Network/applicationGateways/deploy.bicep { name: 'appServiceBackendHttpsSetting' properties: { - port: 443 - protocol: 'Https' cookieBasedAffinity: 'Disabled' pickHostNameFromBackendAddress: true + port: 443 + protocol: 'Https' requestTimeout: 30 } } { name: 'privateVmHttpSetting' properties: { - port: 80 - protocol: 'Http' cookieBasedAffinity: 'Disabled' pickHostNameFromBackendAddress: false - requestTimeout: 30 + port: 80 probe: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/probes/privateVmHttpSettingProbe' } + protocol: 'Http' + requestTimeout: 30 } } ] + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + enableHttp2: true frontendIPConfigurations: [ { name: 'private' @@ -342,6 +333,16 @@ module applicationGateways './Microsoft.Network/applicationGateways/deploy.bicep } } ] + gatewayIPConfigurations: [ + { + name: 'apw-ip-configuration' + properties: { + subnet: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-007' + } + } + } + ] httpListeners: [ { name: 'public443' @@ -352,12 +353,12 @@ module applicationGateways './Microsoft.Network/applicationGateways/deploy.bicep frontendPort: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port443' } + hostNames: [] + protocol: 'https' + requireServerNameIndication: false sslCertificate: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/sslCertificates/<>-az-apgw-x-001-ssl-certificate' } - protocol: 'https' - hostNames: [] - requireServerNameIndication: false } } { @@ -369,12 +370,12 @@ module applicationGateways './Microsoft.Network/applicationGateways/deploy.bicep frontendPort: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port4433' } + hostNames: [] + protocol: 'https' + requireServerNameIndication: false sslCertificate: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/sslCertificates/<>-az-apgw-x-001-ssl-certificate' } - protocol: 'https' - hostNames: [] - requireServerNameIndication: false } } { @@ -386,8 +387,8 @@ module applicationGateways './Microsoft.Network/applicationGateways/deploy.bicep frontendPort: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port80' } - protocol: 'Http' hostNames: [] + protocol: 'Http' requireServerNameIndication: false } } @@ -400,40 +401,31 @@ module applicationGateways './Microsoft.Network/applicationGateways/deploy.bicep frontendPort: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port8080' } - protocol: 'Http' hostNames: [] + protocol: 'Http' requireServerNameIndication: false } } ] - gatewayIPConfigurations: [ - { - name: 'apw-ip-configuration' - properties: { - subnet: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-007' - } - } - } - ] + lock: 'CanNotDelete' probes: [ { name: 'privateVmHttpSettingProbe' properties: { - protocol: 'Http' host: '10.0.0.4' - path: '/' interval: 60 - timeout: 15 - unhealthyThreshold: 5 - pickHostNameFromBackendHttpSettings: false - minServers: 3 match: { statusCodes: [ '200' '401' ] } + minServers: 3 + path: '/' + pickHostNameFromBackendHttpSettings: false + protocol: 'Http' + timeout: 15 + unhealthyThreshold: 5 } } ] @@ -441,33 +433,33 @@ module applicationGateways './Microsoft.Network/applicationGateways/deploy.bicep { name: 'httpRedirect80' properties: { - redirectType: 'Permanent' - targetListener: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/public443' - } includePath: true includeQueryString: true + redirectType: 'Permanent' requestRoutingRules: [ { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/requestRoutingRules/httpRedirect80-public443' } ] + targetListener: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/public443' + } } } { name: 'httpRedirect8080' properties: { - redirectType: 'Permanent' - targetListener: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/private4433' - } includePath: true includeQueryString: true + redirectType: 'Permanent' requestRoutingRules: [ { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/requestRoutingRules/httpRedirect8080-private4433' } ] + targetListener: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/private4433' + } } } ] @@ -475,58 +467,66 @@ module applicationGateways './Microsoft.Network/applicationGateways/deploy.bicep { name: 'public443-appServiceBackendHttpsSetting-appServiceBackendHttpsSetting' properties: { - ruleType: 'Basic' - httpListener: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/public443' - } backendAddressPool: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendAddressPools/appServiceBackendPool' } backendHttpSettings: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendHttpSettingsCollection/appServiceBackendHttpsSetting' } + httpListener: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/public443' + } + ruleType: 'Basic' } } { name: 'private4433-privateVmHttpSetting-privateVmHttpSetting' properties: { - ruleType: 'Basic' - httpListener: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/private4433' - } backendAddressPool: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendAddressPools/privateVmBackendPool' } backendHttpSettings: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendHttpSettingsCollection/privateVmHttpSetting' } + httpListener: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/private4433' + } + ruleType: 'Basic' } } { name: 'httpRedirect80-public443' properties: { - ruleType: 'Basic' httpListener: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/httpRedirect80' } redirectConfiguration: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/redirectConfigurations/httpRedirect80' } + ruleType: 'Basic' } } { name: 'httpRedirect8080-private4433' properties: { - ruleType: 'Basic' httpListener: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/httpRedirect8080' } redirectConfiguration: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/redirectConfigurations/httpRedirect8080' } + ruleType: 'Basic' } } ] + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] sku: 'WAF_v2' sslCertificates: [ { @@ -536,19 +536,19 @@ module applicationGateways './Microsoft.Network/applicationGateways/deploy.bicep } } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + webApplicationFirewallConfiguration: { + disabledRuleGroups: [] + enabled: true + fileUploadLimitInMb: 100 + firewallMode: 'Detection' + maxRequestBodySizeInKb: 128 + requestBodyCheck: true + ruleSetType: 'OWASP' + ruleSetVersion: '3.0' + } } } ``` diff --git a/modules/Microsoft.Network/applicationSecurityGroups/readme.md b/modules/Microsoft.Network/applicationSecurityGroups/readme.md index 8137012bc1..48f8ee4c2e 100644 --- a/modules/Microsoft.Network/applicationSecurityGroups/readme.md +++ b/modules/Microsoft.Network/applicationSecurityGroups/readme.md @@ -159,10 +159,10 @@ module applicationSecurityGroups './Microsoft.Network/applicationSecurityGroups/ lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.Network/azureFirewalls/readme.md b/modules/Microsoft.Network/azureFirewalls/readme.md index f65f091e74..d7adc6c54e 100644 --- a/modules/Microsoft.Network/azureFirewalls/readme.md +++ b/modules/Microsoft.Network/azureFirewalls/readme.md @@ -367,27 +367,27 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { name: '<>-az-fw-custompip-001' vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-azfw' publicIPAddressObject: { + diagnosticLogCategoriesToEnable: [ + 'DDoSMitigationFlowLogs' + 'DDoSMitigationReports' + 'DDoSProtectionNotifications' + ] + diagnosticMetricsToEnable: [ + 'AllMetrics' + ] name: 'adp-<>-az-pip-custom-x-fw' - publicIPPrefixResourceId: '' publicIPAllocationMethod: 'Static' - skuName: 'Standard' - skuTier: 'Regional' + publicIPPrefixResourceId: '' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticMetricsToEnable: [ - 'AllMetrics' - ] - diagnosticLogCategoriesToEnable: [ - 'DDoSProtectionNotifications' - 'DDoSMitigationFlowLogs' - 'DDoSMitigationReports' - ] + skuName: 'Standard' + skuTier: 'Regional' } } } @@ -495,58 +495,51 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { name: '${uniqueString(deployment().name)}-azureFirewalls' params: { name: '<>-az-fw-x-001' - lock: 'CanNotDelete' - zones: [ - '1' - '2' - '3' - ] vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-azfw' - azureFirewallSubnetPublicIpId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-fw' applicationRuleCollections: [ { name: 'allow-app-rules' properties: { - priority: 100 action: { type: 'allow' } + priority: 100 rules: [ { - name: 'allow-ase-tags' - sourceAddresses: [ - '*' + fqdnTags: [ + 'AppServiceEnvironment' + 'WindowsUpdate' ] + name: 'allow-ase-tags' protocols: [ { - protocolType: 'HTTP' port: '80' + protocolType: 'HTTP' } { - protocolType: 'HTTPS' port: '443' + protocolType: 'HTTPS' } ] - fqdnTags: [ - 'AppServiceEnvironment' - 'WindowsUpdate' + sourceAddresses: [ + '*' ] } { name: 'allow-ase-management' - sourceAddresses: [ - '*' - ] protocols: [ { - protocolType: 'HTTP' port: '80' + protocolType: 'HTTP' } { - protocolType: 'HTTPS' port: '443' + protocolType: 'HTTPS' } ] + sourceAddresses: [ + '*' + ] targetFqdns: [ 'management.azure.com' ] @@ -555,30 +548,37 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { } } ] + azureFirewallSubnetPublicIpId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-fw' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + lock: 'CanNotDelete' networkRuleCollections: [ { name: 'allow-network-rules' properties: { - priority: 100 action: { type: 'allow' } + priority: 100 rules: [ { - name: 'allow-ntp' - sourceAddresses: [ - '*' - ] destinationAddresses: [ '*' ] destinationPorts: [ - '123' '12000' + '123' ] + name: 'allow-ntp' protocols: [ 'Any' ] + sourceAddresses: [ + '*' + ] } ] } @@ -586,17 +586,17 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + zones: [ + '1' + '2' + '3' + ] } } ``` diff --git a/modules/Microsoft.Network/bastionHosts/readme.md b/modules/Microsoft.Network/bastionHosts/readme.md index b7ddce67c8..b9517156e6 100644 --- a/modules/Microsoft.Network/bastionHosts/readme.md +++ b/modules/Microsoft.Network/bastionHosts/readme.md @@ -351,27 +351,27 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { name: '<>-az-bas-custompip-001' vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-bas' publicIPAddressObject: { + diagnosticLogCategoriesToEnable: [ + 'DDoSMitigationFlowLogs' + 'DDoSMitigationReports' + 'DDoSProtectionNotifications' + ] + diagnosticMetricsToEnable: [ + 'AllMetrics' + ] name: 'adp-<>-az-pip-custom-x-bas' - publicIPPrefixResourceId: '' publicIPAllocationMethod: 'Static' - skuName: 'Standard' - skuTier: 'Regional' + publicIPPrefixResourceId: '' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticMetricsToEnable: [ - 'AllMetrics' - ] - diagnosticLogCategoriesToEnable: [ - 'DDoSProtectionNotifications' - 'DDoSMitigationFlowLogs' - 'DDoSMitigationReports' - ] + skuName: 'Standard' + skuTier: 'Regional' } } } @@ -479,24 +479,24 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-bastionHosts' params: { name: '<>-az-bas-x-001' - lock: 'CanNotDelete' vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' azureBastionSubnetPublicIpId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-bas' - skuType: 'Standard' - scaleUnits: 4 + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + scaleUnits: 4 + skuType: 'Standard' } } ``` diff --git a/modules/Microsoft.Network/connections/readme.md b/modules/Microsoft.Network/connections/readme.md index 4aa9eb2102..f06dfd8a24 100644 --- a/modules/Microsoft.Network/connections/readme.md +++ b/modules/Microsoft.Network/connections/readme.md @@ -320,17 +320,17 @@ module connections './Microsoft.Network/connections/deploy.bicep' = { name: '${uniqueString(deployment().name)}-connections' params: { name: '<>-az-vnetgwc-x-001' - lock: 'CanNotDelete' virtualNetworkGateway1: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworkGateways/<>-az-vnet-vpn-gw-p-001' } + enableBgp: false + location: 'eastus' + lock: 'CanNotDelete' virtualNetworkGateway2: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworkGateways/<>-az-vnet-vpn-gw-p-002' } - vpnSharedKey: kv1.getSecret('vpnSharedKey') virtualNetworkGatewayConnectionType: 'Vnet2Vnet' - enableBgp: false - location: 'eastus' + vpnSharedKey: kv1.getSecret('vpnSharedKey') } } ``` diff --git a/modules/Microsoft.Network/ddosProtectionPlans/readme.md b/modules/Microsoft.Network/ddosProtectionPlans/readme.md index ce87c173fa..d7d1c1b041 100644 --- a/modules/Microsoft.Network/ddosProtectionPlans/readme.md +++ b/modules/Microsoft.Network/ddosProtectionPlans/readme.md @@ -155,14 +155,14 @@ tags: { module ddosProtectionPlans './Microsoft.Network/ddosProtectionPlans/deploy.bicep' = { name: '${uniqueString(deployment().name)}-ddosProtectionPlans' params: { - name: '<>-az-ddos-x-001' lock: 'CanNotDelete' + name: '<>-az-ddos-x-001' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.Network/expressRouteCircuits/readme.md b/modules/Microsoft.Network/expressRouteCircuits/readme.md index 5276e798da..12aba56a4a 100644 --- a/modules/Microsoft.Network/expressRouteCircuits/readme.md +++ b/modules/Microsoft.Network/expressRouteCircuits/readme.md @@ -177,26 +177,26 @@ tags: { module expressRouteCircuits './Microsoft.Network/expressRouteCircuits/deploy.bicep' = { name: '${uniqueString(deployment().name)}-expressRouteCircuits' params: { + bandwidthInMbps: 50 name: '<>-az-erc-x-001' - lock: 'CanNotDelete' - serviceProviderName: 'Equinix' peeringLocation: 'Amsterdam' - bandwidthInMbps: 50 - skuTier: 'Standard' - skuFamily: 'MeteredData' + serviceProviderName: 'Equinix' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + skuFamily: 'MeteredData' + skuTier: 'Standard' } } ``` diff --git a/modules/Microsoft.Network/firewallPolicies/readme.md b/modules/Microsoft.Network/firewallPolicies/readme.md index 88aec80bd7..985ca3adf7 100644 --- a/modules/Microsoft.Network/firewallPolicies/readme.md +++ b/modules/Microsoft.Network/firewallPolicies/readme.md @@ -190,34 +190,34 @@ module firewallPolicies './Microsoft.Network/firewallPolicies/deploy.bicep' = { priority: 5000 ruleCollections: [ { - name: 'collection002' - priority: 5555 action: { type: 'Allow' } + name: 'collection002' + priority: 5555 + ruleCollectionType: 'FirewallPolicyFilterRuleCollection' rules: [ { - name: 'rule002' - ipProtocols: [ - 'TCP' - 'UDP' + destinationAddresses: [ + '*' ] + destinationFqdns: [] + destinationIpGroups: [] destinationPorts: [ '80' ] - sourceAddresses: [ - '*' + ipProtocols: [ + 'TCP' + 'UDP' ] - sourceIpGroups: [] + name: 'rule002' ruleType: 'NetworkRule' - destinationIpGroups: [] - destinationAddresses: [ + sourceAddresses: [ '*' ] - destinationFqdns: [] + sourceIpGroups: [] } ] - ruleCollectionType: 'FirewallPolicyFilterRuleCollection' } ] } diff --git a/modules/Microsoft.Network/frontDoors/readme.md b/modules/Microsoft.Network/frontDoors/readme.md index 4871f9720b..61f4299364 100644 --- a/modules/Microsoft.Network/frontDoors/readme.md +++ b/modules/Microsoft.Network/frontDoors/readme.md @@ -173,7 +173,6 @@ module frontDoors './Microsoft.Network/frontDoors/deploy.bicep' = { name: '${uniqueString(deployment().name)}-frontDoors' params: { name: '<>-az-fd-x-001' - lock: 'CanNotDelete' backendPools: [ { name: 'backendPool' @@ -182,28 +181,27 @@ module frontDoors './Microsoft.Network/frontDoors/deploy.bicep' = { { address: 'biceptest.local' backendHostHeader: 'backendAddress' + enabledState: 'Enabled' httpPort: 80 httpsPort: 443 - weight: 50 priority: 1 - enabledState: 'Enabled' - privateLinkAlias: '' - privateLinkApprovalMessage: '' - privateLinkLocation: '' - privateLinkResourceId: '' + privateLinkAlias: {} + privateLinkApprovalMessage: {} + privateLinkLocation: {} + privateLinkResourceId: {} + weight: 50 } ] - LoadBalancingSettings: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/LoadBalancingSettings/loadBalancer' - } HealthProbeSettings: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/HealthProbeSettings/heathProbe' } + LoadBalancingSettings: { + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/LoadBalancingSettings/loadBalancer' + } } } ] enforceCertificateNameCheck: 'Disabled' - sendRecvTimeoutSeconds: 10 frontendEndpoints: [ { name: 'frontEnd' @@ -218,8 +216,8 @@ module frontDoors './Microsoft.Network/frontDoors/deploy.bicep' = { { name: 'heathProbe' properties: { - enabledState: '' - healthProbeMethod: '' + enabledState: {} + healthProbeMethod: {} intervalInSeconds: 60 path: '/' protocol: 'Https' @@ -236,6 +234,7 @@ module frontDoors './Microsoft.Network/frontDoors/deploy.bicep' = { } } ] + lock: 'CanNotDelete' routingRules: [ { name: 'routingRule' @@ -255,14 +254,15 @@ module frontDoors './Microsoft.Network/frontDoors/deploy.bicep' = { ] routeConfiguration: { '@odata.type': '#Microsoft.Azure.FrontDoor.Models.FrontdoorForwardingConfiguration' - forwardingProtocol: 'MatchRequest' backendPool: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/BackendPools/backendPool' } + forwardingProtocol: 'MatchRequest' } } } ] + sendRecvTimeoutSeconds: 10 } } ``` diff --git a/modules/Microsoft.Network/ipGroups/readme.md b/modules/Microsoft.Network/ipGroups/readme.md index 659b4eb61d..6e89e226c1 100644 --- a/modules/Microsoft.Network/ipGroups/readme.md +++ b/modules/Microsoft.Network/ipGroups/readme.md @@ -157,17 +157,17 @@ module ipGroups './Microsoft.Network/ipGroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-ipGroups' params: { name: 'iacsGroup-servers' - lock: 'CanNotDelete' ipAddresses: [ '10.0.0.1' '10.0.0.2' ] + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.Network/loadBalancers/readme.md b/modules/Microsoft.Network/loadBalancers/readme.md index 956a453a04..98fbd059fb 100644 --- a/modules/Microsoft.Network/loadBalancers/readme.md +++ b/modules/Microsoft.Network/loadBalancers/readme.md @@ -469,75 +469,75 @@ tags: { module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-loadBalancers' params: { - name: '<>-az-lb-internal-001' - loadBalancerSku: 'Standard' frontendIPConfigurations: [ { name: 'privateIPConfig1' subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' } ] + name: '<>-az-lb-internal-001' backendAddressPools: [ { name: 'servers' } ] - probes: [ + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + inboundNatRules: [ { - name: 'probe1' + backendPort: 443 + enableFloatingIP: false + enableTcpReset: false + frontendIPConfigurationName: 'privateIPConfig1' + frontendPort: 443 + idleTimeoutInMinutes: 4 + name: 'inboundNatRule1' protocol: 'Tcp' - port: '62000' - intervalInSeconds: 5 - numberOfProbes: 2 + } + { + backendPort: 3389 + frontendIPConfigurationName: 'privateIPConfig1' + frontendPort: 3389 + name: 'inboundNatRule2' } ] + loadBalancerSku: 'Standard' loadBalancingRules: [ { - name: 'privateIPLBRule1' - frontendIPConfigurationName: 'privateIPConfig1' - frontendPort: 0 + backendAddressPoolName: 'servers' backendPort: 0 + disableOutboundSnat: true enableFloatingIP: true + enableTcpReset: false + frontendIPConfigurationName: 'privateIPConfig1' + frontendPort: 0 idleTimeoutInMinutes: 4 - protocol: 'All' loadDistribution: 'Default' + name: 'privateIPLBRule1' probeName: 'probe1' - disableOutboundSnat: true - enableTcpReset: false - backendAddressPoolName: 'servers' + protocol: 'All' } ] - inboundNatRules: [ + probes: [ { - name: 'inboundNatRule1' - frontendIPConfigurationName: 'privateIPConfig1' - frontendPort: 443 - backendPort: 443 - enableFloatingIP: false - idleTimeoutInMinutes: 4 + intervalInSeconds: 5 + name: 'probe1' + numberOfProbes: 2 + port: '62000' protocol: 'Tcp' - enableTcpReset: false - } - { - name: 'inboundNatRule2' - frontendIPConfigurationName: 'privateIPConfig1' - frontendPort: 3389 - backendPort: 3389 } ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -666,13 +666,13 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-loadBalancers' params: { - name: '<>-az-lb-min-001' frontendIPConfigurations: [ { name: 'publicIPConfig1' publicIPAddressId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-min-lb' } ] + name: '<>-az-lb-min-001' } } ``` @@ -717,14 +717,13 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-loadBalancers' params: { - name: '<>-az-lb-x-001' - lock: 'CanNotDelete' frontendIPConfigurations: [ { name: 'publicIPConfig1' publicIPAddressId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-lb' } ] + name: '<>-az-lb-x-001' backendAddressPools: [ { name: 'backendAddressPool1' @@ -733,85 +732,86 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { name: 'backendAddressPool2' } ] - loadBalancingRules: [ + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + inboundNatRules: [ { - name: 'publicIPLBRule1' - frontendIPConfigurationName: 'publicIPConfig1' - frontendPort: 80 - backendPort: 80 + backendPort: 443 enableFloatingIP: false - idleTimeoutInMinutes: 5 - protocol: 'Tcp' enableTcpReset: false - loadDistribution: 'Default' - disableOutboundSnat: true - probeName: 'probe1' - backendAddressPoolName: 'backendAddressPool1' + frontendIPConfigurationName: 'publicIPConfig1' + frontendPort: 443 + idleTimeoutInMinutes: 4 + name: 'inboundNatRule1' + protocol: 'Tcp' } { - name: 'publicIPLBRule2' + backendPort: 3389 frontendIPConfigurationName: 'publicIPConfig1' - frontendPort: 8080 - backendPort: 8080 - loadDistribution: 'Default' - probeName: 'probe2' - backendAddressPoolName: 'backendAddressPool2' + frontendPort: 3389 + name: 'inboundNatRule2' } ] - inboundNatRules: [ + loadBalancingRules: [ { - name: 'inboundNatRule1' - frontendIPConfigurationName: 'publicIPConfig1' - frontendPort: 443 - backendPort: 443 + backendAddressPoolName: 'backendAddressPool1' + backendPort: 80 + disableOutboundSnat: true enableFloatingIP: false - idleTimeoutInMinutes: 4 - protocol: 'Tcp' enableTcpReset: false + frontendIPConfigurationName: 'publicIPConfig1' + frontendPort: 80 + idleTimeoutInMinutes: 5 + loadDistribution: 'Default' + name: 'publicIPLBRule1' + probeName: 'probe1' + protocol: 'Tcp' } { - name: 'inboundNatRule2' + backendAddressPoolName: 'backendAddressPool2' + backendPort: 8080 frontendIPConfigurationName: 'publicIPConfig1' - frontendPort: 3389 - backendPort: 3389 + frontendPort: 8080 + loadDistribution: 'Default' + name: 'publicIPLBRule2' + probeName: 'probe2' } ] + lock: 'CanNotDelete' outboundRules: [ { - name: 'outboundRule1' - frontendIPConfigurationName: 'publicIPConfig1' - backendAddressPoolName: 'backendAddressPool1' allocatedOutboundPorts: 63984 + backendAddressPoolName: 'backendAddressPool1' + frontendIPConfigurationName: 'publicIPConfig1' + name: 'outboundRule1' } ] probes: [ { - name: 'probe1' - protocol: 'Tcp' - port: 80 intervalInSeconds: 10 + name: 'probe1' numberOfProbes: 5 + port: 80 + protocol: 'Tcp' } { name: 'probe2' - protocol: 'Https' port: 443 + protocol: 'Https' requestPath: '/' } ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` diff --git a/modules/Microsoft.Network/localNetworkGateways/readme.md b/modules/Microsoft.Network/localNetworkGateways/readme.md index 208d71aef1..a404b53018 100644 --- a/modules/Microsoft.Network/localNetworkGateways/readme.md +++ b/modules/Microsoft.Network/localNetworkGateways/readme.md @@ -161,20 +161,20 @@ tags: { module localNetworkGateways './Microsoft.Network/localNetworkGateways/deploy.bicep' = { name: '${uniqueString(deployment().name)}-localNetworkGateways' params: { - name: '<>-az-lng-x-001' - lock: 'CanNotDelete' localAddressPrefixes: [ '192.168.1.0/24' ] localGatewayPublicIpAddress: '8.8.8.8' + name: '<>-az-lng-x-001' localAsn: '65123' localBgpPeeringAddress: '192.168.1.5' + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.Network/natGateways/readme.md b/modules/Microsoft.Network/natGateways/readme.md index 17679f2825..85db9985cb 100644 --- a/modules/Microsoft.Network/natGateways/readme.md +++ b/modules/Microsoft.Network/natGateways/readme.md @@ -174,21 +174,21 @@ module natGateways './Microsoft.Network/natGateways/deploy.bicep' = { name: '${uniqueString(deployment().name)}-natGateways' params: { name: '<>-az-ngw-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' lock: 'CanNotDelete' natGatewayPublicIpAddress: true roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` diff --git a/modules/Microsoft.Network/networkInterfaces/readme.md b/modules/Microsoft.Network/networkInterfaces/readme.md index 74ffe548cb..d2a992b606 100644 --- a/modules/Microsoft.Network/networkInterfaces/readme.md +++ b/modules/Microsoft.Network/networkInterfaces/readme.md @@ -189,13 +189,13 @@ tags: { module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-networkInterfaces' params: { - name: '<>-az-nic-min-001' ipConfigurations: [ { name: 'ipconfig01' subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' } ] + name: '<>-az-nic-min-001' } } ``` @@ -240,37 +240,37 @@ module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-networkInterfaces' params: { - name: '<>-az-nic-x-001' - lock: 'CanNotDelete' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] ipConfigurations: [ { - name: 'ipconfig01' - subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' - loadBalancerBackendAddressPools: [ + applicationSecurityGroups: [ { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers' + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' } ] - applicationSecurityGroups: [ + loadBalancerBackendAddressPools: [ { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers' } ] + name: 'ipconfig01' + subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' } ] + name: '<>-az-nic-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + lock: 'CanNotDelete' + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] } } ``` diff --git a/modules/Microsoft.Network/networkSecurityGroups/readme.md b/modules/Microsoft.Network/networkSecurityGroups/readme.md index b96e860979..569f613c46 100644 --- a/modules/Microsoft.Network/networkSecurityGroups/readme.md +++ b/modules/Microsoft.Network/networkSecurityGroups/readme.md @@ -203,84 +203,84 @@ module networkSecurityGroups './Microsoft.Network/networkSecurityGroups/deploy.b name: '${uniqueString(deployment().name)}-networkSecurityGroups' params: { name: '<>-az-nsg-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' lock: 'CanNotDelete' + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] securityRules: [ { name: 'Specific' properties: { + access: 'Allow' description: 'Tests specific IPs and ports' - protocol: '*' - sourcePortRange: '*' - destinationPortRange: '8080' - sourceAddressPrefix: '*' destinationAddressPrefix: '*' - access: 'Allow' - priority: 100 + destinationPortRange: '8080' direction: 'Inbound' + priority: 100 + protocol: '*' + sourceAddressPrefix: '*' + sourcePortRange: '*' } } { name: 'Ranges' properties: { - description: 'Tests Ranges' - protocol: '*' access: 'Allow' - priority: 101 - direction: 'Inbound' - sourcePortRanges: [ - '80' - '81' + description: 'Tests Ranges' + destinationAddressPrefixes: [ + '10.2.0.0/16' + '10.3.0.0/16' ] destinationPortRanges: [ '90' '91' ] + direction: 'Inbound' + priority: 101 + protocol: '*' sourceAddressPrefixes: [ '10.0.0.0/16' '10.1.0.0/16' ] - destinationAddressPrefixes: [ - '10.2.0.0/16' - '10.3.0.0/16' + sourcePortRanges: [ + '80' + '81' ] } } { name: 'Port_8082' properties: { - description: 'Allow inbound access on TCP 8082' - protocol: '*' - sourcePortRange: '*' - destinationPortRange: '8082' access: 'Allow' - priority: 102 - direction: 'Inbound' - sourceApplicationSecurityGroups: [ + description: 'Allow inbound access on TCP 8082' + destinationApplicationSecurityGroups: [ { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' } ] - destinationApplicationSecurityGroups: [ + destinationPortRange: '8082' + direction: 'Inbound' + priority: 102 + protocol: '*' + sourceApplicationSecurityGroups: [ { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001' } ] + sourcePortRange: '*' } } ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` diff --git a/modules/Microsoft.Network/networkWatchers/readme.md b/modules/Microsoft.Network/networkWatchers/readme.md index 977f57ec3d..a5f2b6931e 100644 --- a/modules/Microsoft.Network/networkWatchers/readme.md +++ b/modules/Microsoft.Network/networkWatchers/readme.md @@ -196,82 +196,82 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-networkWatchers' params: { - name: 'adp-<>-az-nw-x-001' - flowLogs: [ - { - targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001' - storageId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - enabled: false - } - { - name: 'adp-<>-az-nsg-x-apgw-flowlog' - targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-apgw' - storageId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - formatVersion: 1 - trafficAnalyticsInterval: 10 - retentionInDays: 8 - } - ] connectionMonitors: [ { - name: 'adp-<>-az-conn-mon-x-001' endpoints: [ { name: '<>-az-subnet-x-001(validation-rg)' - type: 'AzureVM' resourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/virtualMachines/adp-<>-vm-01' + type: 'AzureVM' } { + address: 'www.office.com' name: 'Office Portal' type: 'ExternalAddress' - address: 'www.office.com' } ] + name: 'adp-<>-az-conn-mon-x-001' testConfigurations: [ { - name: 'HTTP Test' - testFrequencySec: 30 - protocol: 'Http' httpConfiguration: { - port: 80 method: 'Get' + port: 80 + preferHTTPS: false requestHeaders: [] validStatusCodeRanges: [ '200' ] - preferHTTPS: false } + name: 'HTTP Test' + protocol: 'Http' successThreshold: { checksFailedPercent: 5 roundTripTimeMs: 100 } + testFrequencySec: 30 } ] testGroups: [ { - name: 'TestHTTPBing' - disable: false - testConfigurations: [ - 'HTTP Test' + destinations: [ + 'Office Portal' ] + disable: false + name: 'TestHTTPBing' sources: [ '<>-az-subnet-x-001(validation-rg)' ] - destinations: [ - 'Office Portal' + testConfigurations: [ + 'HTTP Test' ] } ] workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' } ] + flowLogs: [ + { + enabled: false + storageId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001' + } + { + formatVersion: 1 + name: 'adp-<>-az-nsg-x-apgw-flowlog' + retentionInDays: 8 + storageId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-apgw' + trafficAnalyticsInterval: 10 + workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + } + ] + name: 'adp-<>-az-nw-x-001' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.Network/privateDnsZones/readme.md b/modules/Microsoft.Network/privateDnsZones/readme.md index deaf1e40ad..43c672edee 100644 --- a/modules/Microsoft.Network/privateDnsZones/readme.md +++ b/modules/Microsoft.Network/privateDnsZones/readme.md @@ -211,86 +211,77 @@ module privateDnsZones './Microsoft.Network/privateDnsZones/deploy.bicep' = { name: '${uniqueString(deployment().name)}-privateDnsZones' params: { name: '<>-az-privdns-x-002.com' - lock: 'CanNotDelete' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - AAAA: [ - { - name: 'AAAA_2001_0db8_85a3_0000_0000_8a2e_0370_7334' - ttl: 3600 - aaaaRecords: [ - { - ipv6Address: '2001:0db8:85a3:0000:0000:8a2e:0370:7334' - } - ] - } - ] A: [ { - name: 'A_10.240.4.4' - ttl: 3600 aRecords: [ { ipv4Address: '10.240.4.4' } ] + name: 'A_10.240.4.4' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + ttl: 3600 } ] - CNAME: [ + AAAA: [ { - name: 'CNAME_test' + aaaaRecords: [ + { + ipv6Address: '2001:0db8:85a3:0000:0000:8a2e:0370:7334' + } + ] + name: 'AAAA_2001_0db8_85a3_0000_0000_8a2e_0370_7334' ttl: 3600 + } + ] + CNAME: [ + { cnameRecord: { cname: 'test' } + name: 'CNAME_test' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + ttl: 3600 } ] + lock: 'CanNotDelete' MX: [ { - name: 'MX_contoso' - ttl: 3600 mxRecords: [ { exchange: 'contoso.com' preference: 100 } ] + name: 'MX_contoso' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + ttl: 3600 } ] PTR: [ { name: 'PTR_contoso' - ttl: 3600 ptrRecords: [ { ptrdname: 'contoso.com' @@ -298,18 +289,34 @@ module privateDnsZones './Microsoft.Network/privateDnsZones/deploy.bicep' = { ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + ttl: 3600 + } + ] + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' } ] SOA: [ { name: '@' - ttl: 3600 + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] soaRecord: { email: 'azureprivatedns-host.microsoft.com' expireTime: 2419200 @@ -319,20 +326,20 @@ module privateDnsZones './Microsoft.Network/privateDnsZones/deploy.bicep' = { retryTime: 300 serialNumber: '1' } + ttl: 3600 + } + ] + SRV: [ + { + name: 'SRV_contoso' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - } - ] - SRV: [ - { - name: 'SRV_contoso' - ttl: 3600 srvRecords: [ { port: 9332 @@ -341,19 +348,20 @@ module privateDnsZones './Microsoft.Network/privateDnsZones/deploy.bicep' = { weight: 0 } ] + ttl: 3600 + } + ] + TXT: [ + { + name: 'TXT_test' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - } - ] - TXT: [ - { - name: 'TXT_test' ttl: 3600 txtRecords: [ { @@ -362,20 +370,12 @@ module privateDnsZones './Microsoft.Network/privateDnsZones/deploy.bicep' = { ] } ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] } ] virtualNetworkLinks: [ { - virtualNetworkResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' registrationEnabled: true + virtualNetworkResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' } ] } diff --git a/modules/Microsoft.Network/privateEndpoints/readme.md b/modules/Microsoft.Network/privateEndpoints/readme.md index ce047557bc..7dcbdf5ed4 100644 --- a/modules/Microsoft.Network/privateEndpoints/readme.md +++ b/modules/Microsoft.Network/privateEndpoints/readme.md @@ -172,12 +172,12 @@ roleAssignments: [ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { name: '${uniqueString(deployment().name)}-privateEndpoints' params: { - name: '<>-az-pe-kvlt-min-001' - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - serviceResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-pe' groupIds: [ 'vault' ] + name: '<>-az-pe-kvlt-min-001' + serviceResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-pe' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' } } ``` @@ -225,13 +225,13 @@ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { name: '${uniqueString(deployment().name)}-privateEndpoints' params: { - name: '<>-az-pe-kvlt-001' - lock: 'CanNotDelete' - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - serviceResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-pe' groupIds: [ 'vault' ] + name: '<>-az-pe-kvlt-001' + serviceResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-pe' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + lock: 'CanNotDelete' privateDnsZoneGroups: [ { privateDNSResourceIds: [ @@ -241,10 +241,10 @@ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.Network/publicIPAddresses/readme.md b/modules/Microsoft.Network/publicIPAddresses/readme.md index b0aa070850..bafeee5980 100644 --- a/modules/Microsoft.Network/publicIPAddresses/readme.md +++ b/modules/Microsoft.Network/publicIPAddresses/readme.md @@ -170,27 +170,27 @@ module publicIPAddresses './Microsoft.Network/publicIPAddresses/deploy.bicep' = name: '${uniqueString(deployment().name)}-publicIPAddresses' params: { name: '<>-az-pip-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' lock: 'CanNotDelete' - skuName: 'Standard' publicIPAllocationMethod: 'Static' - zones: [ - '1' - '2' - '3' - ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + skuName: 'Standard' + zones: [ + '1' + '2' + '3' + ] } } ``` diff --git a/modules/Microsoft.Network/publicIPPrefixes/readme.md b/modules/Microsoft.Network/publicIPPrefixes/readme.md index 56a363f126..118c43ccf9 100644 --- a/modules/Microsoft.Network/publicIPPrefixes/readme.md +++ b/modules/Microsoft.Network/publicIPPrefixes/readme.md @@ -157,14 +157,14 @@ module publicIPPrefixes './Microsoft.Network/publicIPPrefixes/deploy.bicep' = { name: '${uniqueString(deployment().name)}-publicIPPrefixes' params: { name: '<>-az-pippfx-x-001' - lock: 'CanNotDelete' prefixLength: 28 + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.Network/routeTables/readme.md b/modules/Microsoft.Network/routeTables/readme.md index ef7f7458da..5deef64bed 100644 --- a/modules/Microsoft.Network/routeTables/readme.md +++ b/modules/Microsoft.Network/routeTables/readme.md @@ -248,24 +248,24 @@ module routeTables './Microsoft.Network/routeTables/deploy.bicep' = { params: { name: '<>-az-udr-x-001' lock: 'CanNotDelete' + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] routes: [ { name: 'default' properties: { addressPrefix: '0.0.0.0/0' - nextHopType: 'VirtualAppliance' nextHopIpAddress: '172.16.0.20' + nextHopType: 'VirtualAppliance' } } ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] } } ``` diff --git a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md index d4c49749b4..ea92ea8a1d 100644 --- a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md +++ b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md @@ -261,21 +261,21 @@ module trafficmanagerprofiles './Microsoft.Network/trafficmanagerprofiles/deploy name: '${uniqueString(deployment().name)}-trafficmanagerprofiles' params: { name: 'tm-000001' - lock: 'CanNotDelete' relativeName: 'tm-000001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` diff --git a/modules/Microsoft.Network/virtualHubs/readme.md b/modules/Microsoft.Network/virtualHubs/readme.md index 4d259fec26..cdad996671 100644 --- a/modules/Microsoft.Network/virtualHubs/readme.md +++ b/modules/Microsoft.Network/virtualHubs/readme.md @@ -113,8 +113,8 @@ tags: { module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualHubs' params: { - name: '<>-az-vhub-min-001' addressPrefix: '10.0.0.0/16' + name: '<>-az-vhub-min-001' virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001' } } @@ -158,9 +158,8 @@ module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualHubs' params: { - name: '<>-az-vhub-x-001' - lock: 'CanNotDelete' addressPrefix: '10.1.0.0/16' + name: '<>-az-vhub-x-001' virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001' hubRouteTables: [ { @@ -188,6 +187,7 @@ module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { } } ] + lock: 'CanNotDelete' } } ``` diff --git a/modules/Microsoft.Network/virtualNetworkGateways/readme.md b/modules/Microsoft.Network/virtualNetworkGateways/readme.md index cd9fd51604..3973d3fb5c 100644 --- a/modules/Microsoft.Network/virtualNetworkGateways/readme.md +++ b/modules/Microsoft.Network/virtualNetworkGateways/readme.md @@ -251,34 +251,34 @@ module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy name: '${uniqueString(deployment().name)}-virtualNetworkGateways' params: { name: '<>-az-gw-er-001' - gatewayPipName: '<>-az-gw-er-001-pip' + virtualNetworkGatewaySku: 'ErGw1AZ' + virtualNetworkGatewayType: 'ExpressRoute' + vNetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' domainNameLabel: [ '<>-az-gw-er-dm-001' ] - virtualNetworkGatewayType: 'ExpressRoute' - virtualNetworkGatewaySku: 'ErGw1AZ' - vNetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' - tags: { - Environment: 'Validation' - Contact: 'test.user@testcompany.com' - PurchaseOrder: '' - CostCenter: '' - ServiceName: 'DeploymentValidation' - Role: 'DeploymentValidation' - } + gatewayPipName: '<>-az-gw-er-001-pip' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + tags: { + Contact: 'test.user@testcompany.com' + CostCenter: '' + Environment: 'Validation' + PurchaseOrder: '' + Role: 'DeploymentValidation' + ServiceName: 'DeploymentValidation' + } } } ``` @@ -368,31 +368,31 @@ module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy name: '${uniqueString(deployment().name)}-virtualNetworkGateways' params: { name: '<>-az-gw-vpn-001' - lock: 'CanNotDelete' + virtualNetworkGatewaySku: 'VpnGw1AZ' + virtualNetworkGatewayType: 'Vpn' + vNetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' + activeActive: true + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' domainNameLabel: [ '<>-az-gw-vpn-dm-001' ] - virtualNetworkGatewayType: 'Vpn' - virtualNetworkGatewaySku: 'VpnGw1AZ' + lock: 'CanNotDelete' publicIpZones: [ '1' ] - vpnType: 'RouteBased' - activeActive: true - vNetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + vpnType: 'RouteBased' } } ``` diff --git a/modules/Microsoft.Network/virtualNetworks/readme.md b/modules/Microsoft.Network/virtualNetworks/readme.md index 2dce305a9d..96b65f7cce 100644 --- a/modules/Microsoft.Network/virtualNetworks/readme.md +++ b/modules/Microsoft.Network/virtualNetworks/readme.md @@ -358,10 +358,10 @@ The network security group and route table resources must reside in the same res module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualNetworks' params: { - name: '<>-az-vnet-min-001' addressPrefixes: [ '10.0.0.0/16' ] + name: '<>-az-vnet-min-001' } } ``` @@ -403,40 +403,56 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualNetworks' params: { - name: '<>-az-vnet-x-001' - lock: 'CanNotDelete' addressPrefixes: [ '10.0.0.0/16' ] + name: '<>-az-vnet-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + dnsServers: [ + '10.0.1.4' + '10.0.1.5' + ] + lock: 'CanNotDelete' + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] subnets: [ { - name: 'GatewaySubnet' addressPrefix: '10.0.255.0/24' + name: 'GatewaySubnet' } { - name: '<>-az-subnet-x-001' addressPrefix: '10.0.0.0/24' + name: '<>-az-subnet-x-001' networkSecurityGroupId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001' - serviceEndpoints: [ - { - service: 'Microsoft.Storage' - } - { - service: 'Microsoft.Sql' - } - ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] routeTableId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/routeTables/adp-<>-az-udr-x-001' + serviceEndpoints: [ + { + service: 'Microsoft.Storage' + } + { + service: 'Microsoft.Sql' + } + ] } { - name: '<>-az-subnet-x-002' addressPrefix: '10.0.3.0/24' delegations: [ { @@ -446,31 +462,15 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { } } ] + name: '<>-az-subnet-x-002' } { - name: '<>-az-subnet-x-003' addressPrefix: '10.0.6.0/24' + name: '<>-az-subnet-x-003' privateEndpointNetworkPolicies: 'Disabled' privateLinkServiceNetworkPolicies: 'Enabled' } ] - dnsServers: [ - '10.0.1.4' - '10.0.1.5' - ] - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -594,34 +594,34 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualNetworks' params: { - name: '<>-az-vnet-peer-001' addressPrefixes: [ '10.0.0.0/24' ] + name: '<>-az-vnet-peer-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' subnets: [ { - name: 'GatewaySubnet' addressPrefix: '10.0.0.0/26' + name: 'GatewaySubnet' } ] virtualNetworkPeerings: [ { - remoteVirtualNetworkId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-peer01' allowForwardedTraffic: true allowGatewayTransit: false allowVirtualNetworkAccess: true - useRemoteGateways: false + remotePeeringAllowForwardedTraffic: true + remotePeeringAllowVirtualNetworkAccess: true remotePeeringEnabled: true remotePeeringName: 'customName' - remotePeeringAllowVirtualNetworkAccess: true - remotePeeringAllowForwardedTraffic: true + remoteVirtualNetworkId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-peer01' + useRemoteGateways: false } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` diff --git a/modules/Microsoft.Network/virtualWans/readme.md b/modules/Microsoft.Network/virtualWans/readme.md index fb6553219a..e1feb7774e 100644 --- a/modules/Microsoft.Network/virtualWans/readme.md +++ b/modules/Microsoft.Network/virtualWans/readme.md @@ -197,19 +197,19 @@ module virtualWans './Microsoft.Network/virtualWans/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualWans' params: { name: '<>-az-vw-x-001' - lock: 'CanNotDelete' - type: 'Basic' allowBranchToBranchTraffic: true allowVnetToVnetTraffic: true disableVpnEncryption: true + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + type: 'Basic' } } ``` diff --git a/modules/Microsoft.Network/vpnGateways/readme.md b/modules/Microsoft.Network/vpnGateways/readme.md index 86474e7ba5..9b4e652847 100644 --- a/modules/Microsoft.Network/vpnGateways/readme.md +++ b/modules/Microsoft.Network/vpnGateways/readme.md @@ -222,7 +222,6 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { name: '${uniqueString(deployment().name)}-vpnGateways' params: { name: '<>-az-vpngw-x-001' - lock: 'CanNotDelete' virtualHubResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001' bgpSettings: { asn: 65515 @@ -230,45 +229,46 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { } connections: [ { - name: 'Connection-<>-az-vsite-x-001' connectionBandwidth: 10 enableBgp: true + name: 'Connection-<>-az-vsite-x-001' + remoteVpnSiteResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/<>-az-vsite-x-001' routingConfiguration: { associatedRouteTable: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable' } propagatedRouteTables: { - labels: [ - 'default' - ] ids: [ { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable' } ] + labels: [ + 'default' + ] } vnetRoutes: { staticRoutes: [] } } - remoteVpnSiteResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/<>-az-vsite-x-001' } ] + lock: 'CanNotDelete' natRules: [ { - name: 'natRule1' - internalMappings: [ + externalMappings: [ { - addressSpace: '10.4.0.0/24' + addressSpace: '192.168.21.0/24' } ] - externalMappings: [ + internalMappings: [ { - addressSpace: '192.168.21.0/24' + addressSpace: '10.4.0.0/24' } ] - type: 'Static' mode: 'EgressSnat' + name: 'natRule1' + type: 'Static' } ] } diff --git a/modules/Microsoft.Network/vpnSites/readme.md b/modules/Microsoft.Network/vpnSites/readme.md index 0e15b731d6..d9a8f9e1b2 100644 --- a/modules/Microsoft.Network/vpnSites/readme.md +++ b/modules/Microsoft.Network/vpnSites/readme.md @@ -329,11 +329,11 @@ module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-vpnSites' params: { name: '<>-az-vSite-min-001' + virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001' addressPrefixes: [ '10.0.0.0/16' ] ipAddress: '1.2.3.4' - virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001' } } ``` @@ -382,15 +382,30 @@ module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-vpnSites' params: { name: '<>-az-vSite-x-001' + virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001' + deviceProperties: { + linkSpeedInMbps: 0 + } lock: 'CanNotDelete' + o365Policy: { + breakOutCategories: { + allow: true + default: true + optimize: true + } + } + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] tags: { tagA: 'valueA' tagB: 'valueB' } - deviceProperties: { - linkSpeedInMbps: 0 - } - virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001' vpnSiteLinks: [ { name: '<>-az-vSite-x-001' @@ -421,21 +436,6 @@ module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { } } ] - o365Policy: { - breakOutCategories: { - optimize: true - allow: true - default: true - } - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] } } ``` diff --git a/modules/Microsoft.OperationalInsights/workspaces/readme.md b/modules/Microsoft.OperationalInsights/workspaces/readme.md index c8acfaf7af..2df3b4e380 100644 --- a/modules/Microsoft.OperationalInsights/workspaces/readme.md +++ b/modules/Microsoft.OperationalInsights/workspaces/readme.md @@ -488,39 +488,9 @@ module workspaces './Microsoft.OperationalInsights/workspaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-workspaces' params: { name: '<>-az-law-x-001' - lock: 'CanNotDelete' - publicNetworkAccessForIngestion: 'Disabled' - publicNetworkAccessForQuery: 'Disabled' dailyQuotaGb: 10 - storageInsightsConfigs: [ - { - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsalaw001' - tables: [ - 'WADWindowsEventLogsTable' - 'WADETWEventTable' - 'WADServiceFabric*EventTable' - 'LinuxsyslogVer2v0' - ] - } - ] - linkedServices: [ - { - name: 'Automation' - resourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Automation/automationAccounts/adp-<>-az-aut-x-001' - } - ] - savedSearches: [ - { - name: 'VMSSQueries' - displayName: 'VMSS Instance Count2' - category: 'VDC Saved Searches' - query: 'Event | where Source == 'ServiceFabricNodeBootstrapAgent' | summarize AggregatedValue = count() by Computer' - } - ] dataSources: [ { - name: 'applicationEvent' - kind: 'WindowsEvent' eventLogName: 'Application' eventTypes: [ { @@ -533,23 +503,25 @@ module workspaces './Microsoft.OperationalInsights/workspaces/deploy.bicep' = { eventType: 'Information' } ] + kind: 'WindowsEvent' + name: 'applicationEvent' } { - name: 'windowsPerfCounter1' - kind: 'WindowsPerformanceCounter' - objectName: 'Processor' + counterName: '% Processor Time' instanceName: '*' intervalSeconds: 60 - counterName: '% Processor Time' + kind: 'WindowsPerformanceCounter' + name: 'windowsPerfCounter1' + objectName: 'Processor' } { - name: 'sampleIISLog1' kind: 'IISLogs' + name: 'sampleIISLog1' state: 'OnPremiseEnabled' } { - name: 'sampleSyslog1' kind: 'LinuxSyslog' + name: 'sampleSyslog1' syslogName: 'kern' syslogSeverities: [ { @@ -570,13 +542,16 @@ module workspaces './Microsoft.OperationalInsights/workspaces/deploy.bicep' = { ] } { - name: 'sampleSyslogCollection1' kind: 'LinuxSyslogCollection' + name: 'sampleSyslogCollection1' state: 'Enabled' } { - name: 'sampleLinuxPerf1' + instanceName: '*' + intervalSeconds: 10 kind: 'LinuxPerformanceObject' + name: 'sampleLinuxPerf1' + objectName: 'Logical Disk' syslogSeverities: [ { counterName: '% Used Inodes' @@ -597,16 +572,18 @@ module workspaces './Microsoft.OperationalInsights/workspaces/deploy.bicep' = { counterName: 'Disk Writes/sec' } ] - objectName: 'Logical Disk' - instanceName: '*' - intervalSeconds: 10 } { - name: 'sampleLinuxPerfCollection1' kind: 'LinuxPerformanceCollection' + name: 'sampleLinuxPerfCollection1' state: 'Enabled' } ] + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' gallerySolutions: [ { name: 'AzureAutomation' @@ -614,12 +591,35 @@ module workspaces './Microsoft.OperationalInsights/workspaces/deploy.bicep' = { publisher: 'Microsoft' } ] + linkedServices: [ + { + name: 'Automation' + resourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Automation/automationAccounts/adp-<>-az-aut-x-001' + } + ] + lock: 'CanNotDelete' + publicNetworkAccessForIngestion: 'Disabled' + publicNetworkAccessForQuery: 'Disabled' + savedSearches: [ + { + category: 'VDC Saved Searches' + displayName: 'VMSS Instance Count2' + name: 'VMSSQueries' + query: 'Event | where Source == 'ServiceFabricNodeBootstrapAgent' | summarize AggregatedValue = count() by Computer' + } + ] + storageInsightsConfigs: [ + { + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsalaw001' + tables: [ + 'LinuxsyslogVer2v0' + 'WADETWEventTable' + 'WADServiceFabric*EventTable' + 'WADWindowsEventLogsTable' + ] + } + ] useResourcePermissions: true - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` diff --git a/modules/Microsoft.OperationsManagement/solutions/readme.md b/modules/Microsoft.OperationsManagement/solutions/readme.md index 3b3f41942a..3f616d9d53 100644 --- a/modules/Microsoft.OperationsManagement/solutions/readme.md +++ b/modules/Microsoft.OperationsManagement/solutions/readme.md @@ -53,8 +53,8 @@ This module deploys OperationsManagement Solutions. module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-solutions' params: { - name: 'Updates' logAnalyticsWorkspaceName: 'adp-<>-az-law-sol-001' + name: 'Updates' } } ``` @@ -94,8 +94,8 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-solutions' params: { - name: 'AzureAutomation' logAnalyticsWorkspaceName: 'adp-<>-az-law-sol-001' + name: 'AzureAutomation' product: 'OMSGallery' publisher: 'Microsoft' } @@ -143,8 +143,8 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-solutions' params: { - name: 'nonmsTestSolution' logAnalyticsWorkspaceName: 'adp-<>-az-law-sol-001' + name: 'nonmsTestSolution' product: 'nonmsTestSolutionProduct' publisher: 'nonmsTestSolutionPublisher' } diff --git a/modules/Microsoft.RecoveryServices/vaults/readme.md b/modules/Microsoft.RecoveryServices/vaults/readme.md index 8c0bbe16cd..cf821a0806 100644 --- a/modules/Microsoft.RecoveryServices/vaults/readme.md +++ b/modules/Microsoft.RecoveryServices/vaults/readme.md @@ -912,9 +912,9 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { name: 'ne-container1' replicationContainerMappings: [ { - targetProtectionContainerId: '/Subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.RecoveryServices/vaults/<>-az-rsv-min-001/replicationFabrics/NorthEurope/replicationProtectionContainers/ne-container2' policyName: 'Default_values' targetContainerName: 'pluto' + targetProtectionContainerId: '/Subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.RecoveryServices/vaults/<>-az-rsv-min-001/replicationFabrics/NorthEurope/replicationProtectionContainers/ne-container2' } ] } @@ -931,8 +931,8 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { ] } { - name: 'WE-2' location: 'WestEurope' + name: 'WE-2' replicationContainers: [ { name: 'we-container1' @@ -952,10 +952,10 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { name: 'Default_values' } { - name: 'Custom_values' appConsistentFrequencyInMinutes: 240 crashConsistentFrequencyInMinutes: 7 multiVmSyncStatus: 'Disable' + name: 'Custom_values' recoveryPointHistory: 2880 } ] @@ -1092,7 +1092,6 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { name: '${uniqueString(deployment().name)}-vaults' params: { name: '<>-az-rsv-x-001' - lock: 'CanNotDelete' backupConfig: { enhancedSecurityState: 'Disabled' softDeleteFeatureState: 'Disabled' @@ -1103,38 +1102,23 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { properties: { backupManagementType: 'AzureIaasVM' instantRPDetails: {} - schedulePolicy: { - schedulePolicyType: 'SimpleSchedulePolicy' - scheduleRunFrequency: 'Daily' - scheduleRunTimes: [ - '2019-11-07T07:00:00Z' - ] - scheduleWeeklyFrequency: 0 - } + instantRpRetentionRangeInDays: 2 + protectedItemsCount: 0 retentionPolicy: { - retentionPolicyType: 'LongTermRetentionPolicy' dailySchedule: { - retentionTimes: [ - '2019-11-07T07:00:00Z' - ] retentionDuration: { count: 180 durationType: 'Days' } - } - weeklySchedule: { - daysOfTheWeek: [ - 'Sunday' - ] retentionTimes: [ '2019-11-07T07:00:00Z' ] - retentionDuration: { - count: 12 - durationType: 'Weeks' - } } monthlySchedule: { + retentionDuration: { + count: 60 + durationType: 'Months' + } retentionScheduleFormatType: 'Weekly' retentionScheduleWeekly: { daysOfTheWeek: [ @@ -1147,16 +1131,29 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { retentionTimes: [ '2019-11-07T07:00:00Z' ] + } + retentionPolicyType: 'LongTermRetentionPolicy' + weeklySchedule: { + daysOfTheWeek: [ + 'Sunday' + ] retentionDuration: { - count: 60 - durationType: 'Months' + count: 12 + durationType: 'Weeks' } + retentionTimes: [ + '2019-11-07T07:00:00Z' + ] } yearlySchedule: { - retentionScheduleFormatType: 'Weekly' monthsOfYear: [ 'January' ] + retentionDuration: { + count: 10 + durationType: 'Years' + } + retentionScheduleFormatType: 'Weekly' retentionScheduleWeekly: { daysOfTheWeek: [ 'Sunday' @@ -1168,56 +1165,38 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { retentionTimes: [ '2019-11-07T07:00:00Z' ] - retentionDuration: { - count: 10 - durationType: 'Years' - } } } - instantRpRetentionRangeInDays: 2 + schedulePolicy: { + schedulePolicyType: 'SimpleSchedulePolicy' + scheduleRunFrequency: 'Daily' + scheduleRunTimes: [ + '2019-11-07T07:00:00Z' + ] + scheduleWeeklyFrequency: 0 + } timeZone: 'UTC' - protectedItemsCount: 0 } } { name: 'sqlpolicy' properties: { backupManagementType: 'AzureWorkload' - workLoadType: 'SQLDataBase' + protectedItemsCount: 0 settings: { - timeZone: 'UTC' - issqlcompression: true isCompression: true + issqlcompression: true + timeZone: 'UTC' } subProtectionPolicy: [ { policyType: 'Full' - schedulePolicy: { - schedulePolicyType: 'SimpleSchedulePolicy' - scheduleRunFrequency: 'Weekly' - scheduleRunDays: [ - 'Sunday' - ] - scheduleRunTimes: [ - '2019-11-07T22:00:00Z' - ] - scheduleWeeklyFrequency: 0 - } retentionPolicy: { - retentionPolicyType: 'LongTermRetentionPolicy' - weeklySchedule: { - daysOfTheWeek: [ - 'Sunday' - ] - retentionTimes: [ - '2019-11-07T22:00:00Z' - ] + monthlySchedule: { retentionDuration: { - count: 104 - durationType: 'Weeks' + count: 60 + durationType: 'Months' } - } - monthlySchedule: { retentionScheduleFormatType: 'Weekly' retentionScheduleWeekly: { daysOfTheWeek: [ @@ -1230,16 +1209,29 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { retentionTimes: [ '2019-11-07T22:00:00Z' ] + } + retentionPolicyType: 'LongTermRetentionPolicy' + weeklySchedule: { + daysOfTheWeek: [ + 'Sunday' + ] retentionDuration: { - count: 60 - durationType: 'Months' + count: 104 + durationType: 'Weeks' } + retentionTimes: [ + '2019-11-07T22:00:00Z' + ] } yearlySchedule: { - retentionScheduleFormatType: 'Weekly' monthsOfYear: [ 'January' ] + retentionDuration: { + count: 10 + durationType: 'Years' + } + retentionScheduleFormatType: 'Weekly' retentionScheduleWeekly: { daysOfTheWeek: [ 'Sunday' @@ -1251,105 +1243,113 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { retentionTimes: [ '2019-11-07T22:00:00Z' ] - retentionDuration: { - count: 10 - durationType: 'Years' - } } } - } - { - policyType: 'Differential' schedulePolicy: { schedulePolicyType: 'SimpleSchedulePolicy' - scheduleRunFrequency: 'Weekly' scheduleRunDays: [ - 'Monday' + 'Sunday' ] + scheduleRunFrequency: 'Weekly' scheduleRunTimes: [ - '2017-03-07T02:00:00Z' + '2019-11-07T22:00:00Z' ] scheduleWeeklyFrequency: 0 } + } + { + policyType: 'Differential' retentionPolicy: { - retentionPolicyType: 'SimpleRetentionPolicy' retentionDuration: { count: 30 durationType: 'Days' } + retentionPolicyType: 'SimpleRetentionPolicy' + } + schedulePolicy: { + schedulePolicyType: 'SimpleSchedulePolicy' + scheduleRunDays: [ + 'Monday' + ] + scheduleRunFrequency: 'Weekly' + scheduleRunTimes: [ + '2017-03-07T02:00:00Z' + ] + scheduleWeeklyFrequency: 0 } } { policyType: 'Log' - schedulePolicy: { - schedulePolicyType: 'LogSchedulePolicy' - scheduleFrequencyInMins: 120 - } retentionPolicy: { - retentionPolicyType: 'SimpleRetentionPolicy' retentionDuration: { count: 15 durationType: 'Days' } + retentionPolicyType: 'SimpleRetentionPolicy' + } + schedulePolicy: { + scheduleFrequencyInMins: 120 + schedulePolicyType: 'LogSchedulePolicy' } } ] - protectedItemsCount: 0 + workLoadType: 'SQLDataBase' } } { name: 'filesharepolicy' properties: { backupManagementType: 'AzureStorage' - workloadType: 'AzureFileShare' - schedulePolicy: { - schedulePolicyType: 'SimpleSchedulePolicy' - scheduleRunFrequency: 'Daily' - scheduleRunTimes: [ - '2019-11-07T04:30:00Z' - ] - scheduleWeeklyFrequency: 0 - } + protectedItemsCount: 0 retentionPolicy: { - retentionPolicyType: 'LongTermRetentionPolicy' dailySchedule: { - retentionTimes: [ - '2019-11-07T04:30:00Z' - ] retentionDuration: { count: 30 durationType: 'Days' } + retentionTimes: [ + '2019-11-07T04:30:00Z' + ] } + retentionPolicyType: 'LongTermRetentionPolicy' + } + schedulePolicy: { + schedulePolicyType: 'SimpleSchedulePolicy' + scheduleRunFrequency: 'Daily' + scheduleRunTimes: [ + '2019-11-07T04:30:00Z' + ] + scheduleWeeklyFrequency: 0 } timeZone: 'UTC' - protectedItemsCount: 0 + workloadType: 'AzureFileShare' } } ] backupStorageConfig: { - storageModelType: 'GeoRedundant' crossRegionRestoreFlag: true + storageModelType: 'GeoRedundant' } + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + lock: 'CanNotDelete' privateEndpoints: [ { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' service: 'AzureSiteRecovery' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' } ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' systemAssignedIdentity: true userAssignedIdentities: { '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} diff --git a/modules/Microsoft.Resources/deploymentScripts/readme.md b/modules/Microsoft.Resources/deploymentScripts/readme.md index 7d91399cd6..4ed39b0552 100644 --- a/modules/Microsoft.Resources/deploymentScripts/readme.md +++ b/modules/Microsoft.Resources/deploymentScripts/readme.md @@ -152,16 +152,16 @@ module deploymentScripts './Microsoft.Resources/deploymentScripts/deploy.bicep' name: '${uniqueString(deployment().name)}-deploymentScripts' params: { name: '<>-az-ds-cli-001' - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - kind: 'AzureCLI' azCliVersion: '2.15.0' - scriptContent: 'echo \'Hello from inside the script\'' + cleanupPreference: 'Always' + kind: 'AzureCLI' retentionInterval: 'P1D' runOnce: false - cleanupPreference: 'Always' + scriptContent: 'echo \'Hello from inside the script\'' timeout: 'PT30M' + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } } } ``` @@ -225,17 +225,17 @@ module deploymentScripts './Microsoft.Resources/deploymentScripts/deploy.bicep' name: '${uniqueString(deployment().name)}-deploymentScripts' params: { name: '<>-az-ds-ps-001' - lock: 'CanNotDelete' - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - kind: 'AzurePowerShell' azPowerShellVersion: '3.0' - scriptContent: 'Write-Host 'Running PowerShell from template'' + cleanupPreference: 'Always' + kind: 'AzurePowerShell' + lock: 'CanNotDelete' retentionInterval: 'P1D' runOnce: false - cleanupPreference: 'Always' + scriptContent: 'Write-Host 'Running PowerShell from template'' timeout: 'PT30M' + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } } } ``` diff --git a/modules/Microsoft.Resources/resourceGroups/readme.md b/modules/Microsoft.Resources/resourceGroups/readme.md index 4157ae1396..e0f2fedbec 100644 --- a/modules/Microsoft.Resources/resourceGroups/readme.md +++ b/modules/Microsoft.Resources/resourceGroups/readme.md @@ -161,17 +161,17 @@ module resourceGroups './Microsoft.Resources/resourceGroups/deploy.bicep' = { params: { name: '<>-az-rg-x-001' lock: 'CanNotDelete' - tags: { - Test: 'Yes' - } roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + tags: { + Test: 'Yes' + } } } ``` diff --git a/modules/Microsoft.Resources/tags/readme.md b/modules/Microsoft.Resources/tags/readme.md index ee29a1a259..5043f426ad 100644 --- a/modules/Microsoft.Resources/tags/readme.md +++ b/modules/Microsoft.Resources/tags/readme.md @@ -123,11 +123,11 @@ module tags './Microsoft.Resources/tags/deploy.bicep' = { name: '${uniqueString(deployment().name)}-tags' params: { onlyUpdate: false + resourceGroupName: 'validation-rg' tags: { Test: 'Yes' TestToo: 'No' } - resourceGroupName: 'validation-rg' } } ``` diff --git a/modules/Microsoft.Security/azureSecurityCenter/readme.md b/modules/Microsoft.Security/azureSecurityCenter/readme.md index 39c7c9e107..0f8fbfc4b5 100644 --- a/modules/Microsoft.Security/azureSecurityCenter/readme.md +++ b/modules/Microsoft.Security/azureSecurityCenter/readme.md @@ -107,13 +107,13 @@ module azureSecurityCenter './Microsoft.Security/azureSecurityCenter/deploy.bice name: '${uniqueString(deployment().name)}-azureSecurityCenter' params: { scope: '/subscriptions/<>' + workspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' securityContactProperties: { - email: 'foo@contoso.com' - phone: '+12345678' alertNotifications: 'Off' alertsToAdmins: 'Off' + email: 'foo@contoso.com' + phone: '+12345678' } - workspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' } } ``` diff --git a/modules/Microsoft.ServiceBus/namespaces/readme.md b/modules/Microsoft.ServiceBus/namespaces/readme.md index 2da7961107..7e2f529349 100644 --- a/modules/Microsoft.ServiceBus/namespaces/readme.md +++ b/modules/Microsoft.ServiceBus/namespaces/readme.md @@ -336,63 +336,52 @@ module namespaces './Microsoft.ServiceBus/namespaces/deploy.bicep' = { module namespaces './Microsoft.ServiceBus/namespaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-namespaces' params: { - name: '<>-az-sbn-x-002' - lock: 'CanNotDelete' - skuName: 'Premium' - tags: {} - roleAssignments: [ + authorizationRules: [ { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' + name: 'RootManageSharedAccessKey' + rights: [ + 'Listen' + 'Manage' + 'Send' + ] + } + { + name: 'AnotherKey' + rights: [ + 'Listen' + 'Send' ] } ] + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' disasterRecoveryConfigs: {} - migrationConfigurations: {} - virtualNetworkRules: [ - '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-003' - ] ipFilterRules: [ { + action: 'Accept' filterName: 'ipFilter1' ipMask: '10.0.1.0/32' - action: 'Accept' } { + action: 'Accept' filterName: 'ipFilter2' ipMask: '10.0.2.0/32' - action: 'Accept' } ] - authorizationRules: [ - { - name: 'RootManageSharedAccessKey' - rights: [ - 'Listen' - 'Manage' - 'Send' - ] - } + lock: 'CanNotDelete' + migrationConfigurations: {} + name: '<>-az-sbn-x-002' + privateEndpoints: [ { - name: 'AnotherKey' - rights: [ - 'Listen' - 'Send' - ] + service: 'namespace' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' } ] queues: [ { - name: '<>-az-sbq-x-002' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] authorizationRules: [ { name: 'RootManageSharedAccessKey' @@ -410,19 +399,30 @@ module namespaces './Microsoft.ServiceBus/namespaces/deploy.bicep' = { ] } ] - } - ] - topics: [ - { - name: '<>-az-sbt-x-001' + name: '<>-az-sbq-x-002' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + } + ] + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] + skuName: 'Premium' + systemAssignedIdentity: true + tags: {} + topics: [ + { authorizationRules: [ { name: 'RootManageSharedAccessKey' @@ -440,22 +440,22 @@ module namespaces './Microsoft.ServiceBus/namespaces/deploy.bicep' = { ] } ] + name: '<>-az-sbt-x-001' + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - systemAssignedIdentity: true userAssignedIdentities: { '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'namespace' - } + virtualNetworkRules: [ + '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-003' ] } } diff --git a/modules/Microsoft.ServiceFabric/clusters/readme.md b/modules/Microsoft.ServiceFabric/clusters/readme.md index ce8ce1915b..9ceb1afa02 100644 --- a/modules/Microsoft.ServiceFabric/clusters/readme.md +++ b/modules/Microsoft.ServiceFabric/clusters/readme.md @@ -238,13 +238,13 @@ tags: { module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { name: '${uniqueString(deployment().name)}-clusters' params: { - name: '<>-az-sfc-cert-001' managementEndpoint: 'https://<>-az-sfc-cert-001.westeurope.cloudapp.azure.com:19080' reliabilityLevel: 'None' certificate: { thumbprint: '0AC113D5E1D94C401DDEB0EE2B1B96CC130' x509StoreName: 'My' } + name: '<>-az-sfc-cert-001' nodeTypes: [ { applicationPorts: { @@ -329,19 +329,19 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { name: '${uniqueString(deployment().name)}-clusters' params: { - name: '<>-az-sfc-full-001' - lock: 'CanNotDelete' - tags: { - resourceType: 'Service Fabric' - clusterName: '<>-az-sfc-full-001' - } + managementEndpoint: 'https://<>-az-sfc-full-001.westeurope.cloudapp.azure.com:19080' + reliabilityLevel: 'Silver' addOnFeatures: [ - 'RepairManager' - 'DnsService' 'BackupRestoreService' + 'DnsService' + 'RepairManager' 'ResourceMonitorService' ] - maxUnusedVersionsToKeep: 2 + applicationTypes: [ + { + name: 'WordCount' + } + ] azureActiveDirectory: { clientApplication: '<>' clusterApplication: 'cf33fea8-b30f-424f-ab73-c48d99e0b222' @@ -405,7 +405,9 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { ] } ] - managementEndpoint: 'https://<>-az-sfc-full-001.westeurope.cloudapp.azure.com:19080' + lock: 'CanNotDelete' + maxUnusedVersionsToKeep: 2 + name: '<>-az-sfc-full-001' nodeTypes: [ { applicationPorts: { @@ -460,39 +462,37 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { ] } ] - upgradeDescription: { - forceRestart: false - upgradeReplicaSetCheckTimeout: '1.00:00:00' - healthCheckWaitDuration: '00:00:30' - healthCheckStableDuration: '00:01:00' - healthCheckRetryTimeout: '00:45:00' - upgradeTimeout: '02:00:00' - upgradeDomainTimeout: '02:00:00' - healthPolicy: { - maxPercentUnhealthyNodes: 0 - maxPercentUnhealthyApplications: 0 - } - deltaHealthPolicy: { - maxPercentDeltaUnhealthyNodes: 0 - maxPercentUpgradeDomainDeltaUnhealthyNodes: 0 - maxPercentDeltaUnhealthyApplications: 0 - } - } - reliabilityLevel: 'Silver' - vmImage: 'Linux' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - applicationTypes: [ - { - name: 'WordCount' + tags: { + clusterName: '<>-az-sfc-full-001' + resourceType: 'Service Fabric' + } + upgradeDescription: { + deltaHealthPolicy: { + maxPercentDeltaUnhealthyApplications: 0 + maxPercentDeltaUnhealthyNodes: 0 + maxPercentUpgradeDomainDeltaUnhealthyNodes: 0 } - ] + forceRestart: false + healthCheckRetryTimeout: '00:45:00' + healthCheckStableDuration: '00:01:00' + healthCheckWaitDuration: '00:00:30' + healthPolicy: { + maxPercentUnhealthyApplications: 0 + maxPercentUnhealthyNodes: 0 + } + upgradeDomainTimeout: '02:00:00' + upgradeReplicaSetCheckTimeout: '1.00:00:00' + upgradeTimeout: '02:00:00' + } + vmImage: 'Linux' } } ``` @@ -728,9 +728,9 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { name: '${uniqueString(deployment().name)}-clusters' params: { - name: '<>-az-sfc-min-001' managementEndpoint: 'https://<>-az-sfc-min-001.westeurope.cloudapp.azure.com:19080' reliabilityLevel: 'None' + name: '<>-az-sfc-min-001' nodeTypes: [ { applicationPorts: { diff --git a/modules/Microsoft.Sql/managedInstances/readme.md b/modules/Microsoft.Sql/managedInstances/readme.md index 31beeefaf5..8b0a43fb09 100644 --- a/modules/Microsoft.Sql/managedInstances/readme.md +++ b/modules/Microsoft.Sql/managedInstances/readme.md @@ -289,78 +289,8 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module managedInstances './Microsoft.Sql/managedInstances/deploy.bicep' = { name: '${uniqueString(deployment().name)}-managedInstances' params: { - name: '<>-az-sqlmi-x-002' - lock: 'CanNotDelete' - administratorLogin: kv1.getSecret('administratorLogin') - administratorLoginPassword: kv1.getSecret('administratorLoginPassword') - subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-sqlmi/subnets/<>-az-subnet-x-sqlmi' - skuName: 'GP_Gen5' - skuTier: 'GeneralPurpose' - storageSizeInGB: 32 - vCores: 4 - licenseType: 'LicenseIncluded' - hardwareFamily: 'Gen5' - servicePrincipal: 'SystemAssigned' - dnsZonePartner: '' - timezoneId: 'UTC' - collation: 'SQL_Latin1_General_CP1_CI_AS' - proxyOverride: 'Proxy' - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - primaryUserAssignedIdentityId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' - publicDataEndpointEnabled: false - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - keys: [ - { - name: 'adp-<>-az-kv-x-sqlmi_keyEncryptionKeySqlMi_4bf367f64c914d8ba698700fb598ad07' - uri: 'https://adp-<>-az-kv-x-sqlmi.vault.azure.net/keys/keyEncryptionKeySqlMi/4bf367f64c914d8ba698700fb598ad07' - serverKeyType: 'AzureKeyVault' - } - ] - encryptionProtectorObj: { - serverKeyName: 'adp-<>-az-kv-x-sqlmi_keyEncryptionKeySqlMi_4bf367f64c914d8ba698700fb598ad07' - serverKeyType: 'AzureKeyVault' - } - securityAlertPoliciesObj: { - name: 'default' - state: 'Enabled' - emailAccountAdmins: true - } - vulnerabilityAssessmentsObj: { - name: 'default' - emailSubscriptionAdmins: true - recurringScansIsEnabled: true - recurringScansEmails: [ - 'test1@contoso.com' - 'test2@contoso.com' - ] - vulnerabilityAssessmentsStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - } - databases: [ - { - name: '<>-az-sqlmidb-x-001' - backupShortTermRetentionPolicies: { - name: 'default' - } - backupLongTermRetentionPolicies: { - name: 'default' - } - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + + } } ``` diff --git a/modules/Microsoft.Sql/servers/readme.md b/modules/Microsoft.Sql/servers/readme.md index 7efe1e6199..c2523a7c16 100644 --- a/modules/Microsoft.Sql/servers/readme.md +++ b/modules/Microsoft.Sql/servers/readme.md @@ -332,8 +332,8 @@ module servers './Microsoft.Sql/servers/deploy.bicep' = { administrators: { azureADOnlyAuthentication: true login: 'myspn' - sid: '<>' principalType: 'Application' + sid: '<>' tenantId: '<>' } } @@ -387,70 +387,70 @@ module servers './Microsoft.Sql/servers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-servers' params: { name: '<>-az-sqlsrv-x-001' - lock: 'CanNotDelete' administratorLogin: kv1.getSecret('administratorLogin') administratorLoginPassword: kv1.getSecret('administratorLoginPassword') - location: 'westeurope' - minimalTlsVersion: '1.2' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - vulnerabilityAssessmentsObj: { - name: 'default' - emailSubscriptionAdmins: true - recurringScansIsEnabled: true - recurringScansEmails: [ - 'test1@contoso.com' - 'test2@contoso.com' - ] - vulnerabilityAssessmentsStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - } databases: [ { - name: '<>-az-sqldb-x-001' collation: 'SQL_Latin1_General_CP1_CI_AS' - skuTier: 'BusinessCritical' - skuName: 'BC_Gen5' - skuCapacity: 12 - skuFamily: 'Gen5' - maxSizeBytes: 34359738368 - licenseType: 'LicenseIncluded' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + licenseType: 'LicenseIncluded' + maxSizeBytes: 34359738368 + name: '<>-az-sqldb-x-001' + skuCapacity: 12 + skuFamily: 'Gen5' + skuName: 'BC_Gen5' + skuTier: 'BusinessCritical' } ] firewallRules: [ { - name: 'AllowAllWindowsAzureIps' endIpAddress: '0.0.0.0' + name: 'AllowAllWindowsAzureIps' startIpAddress: '0.0.0.0' } ] + location: 'westeurope' + lock: 'CanNotDelete' + minimalTlsVersion: '1.2' + privateEndpoints: [ + { + service: 'sqlServer' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + } + ] + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] securityAlertPolicies: [ { + emailAccountAdmins: true name: 'Default' state: 'Enabled' - emailAccountAdmins: true } ] systemAssignedIdentity: true userAssignedIdentities: { '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'sqlServer' - } - ] + vulnerabilityAssessmentsObj: { + emailSubscriptionAdmins: true + name: 'default' + recurringScansEmails: [ + 'test1@contoso.com' + 'test2@contoso.com' + ] + recurringScansIsEnabled: true + vulnerabilityAssessmentsStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + } } } ``` diff --git a/modules/Microsoft.Storage/storageAccounts/readme.md b/modules/Microsoft.Storage/storageAccounts/readme.md index 95641a3e73..d7e8f8bf60 100644 --- a/modules/Microsoft.Storage/storageAccounts/readme.md +++ b/modules/Microsoft.Storage/storageAccounts/readme.md @@ -374,18 +374,18 @@ The hierarchical namespace of the storage account (see parameter `enableHierarch module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-storageAccounts' params: { - name: '<>azsaencr001' - storageAccountSku: 'Standard_LRS' allowBlobPublicAccess: false + cMKKeyName: 'keyEncryptionKey' + cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' + cMKUserAssignedIdentityResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' + name: '<>azsaencr001' publicNetworkAccess: 'Disabled' requireInfrastructureEncryption: true + storageAccountSku: 'Standard_LRS' systemAssignedIdentity: false userAssignedIdentities: { '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } - cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' - cMKKeyName: 'keyEncryptionKey' - cMKUserAssignedIdentityResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' } } ``` @@ -488,36 +488,36 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-storageAccounts' params: { - name: '<>azsax002' - storageAccountSku: 'Premium_LRS' - storageAccountKind: 'FileStorage' allowBlobPublicAccess: false - supportsHttpsTrafficOnly: false + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' fileServices: { shares: [ { - name: 'nfsfileshare' enabledProtocols: 'NFS' + name: 'nfsfileshare' } ] } - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } + name: '<>azsax002' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + storageAccountKind: 'FileStorage' + storageAccountSku: 'Premium_LRS' + supportsHttpsTrafficOnly: false + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } } } ``` @@ -609,92 +609,58 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-storageAccounts' params: { - name: '<>azsax001' - storageAccountSku: 'Standard_LRS' allowBlobPublicAccess: false - publicNetworkAccess: 'Disabled' - requireInfrastructureEncryption: true - lock: 'CanNotDelete' - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'blob' - } - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'table' - } - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'queue' - } - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'file' - } - ] - networkAcls: { - bypass: 'AzureServices' - defaultAction: 'Deny' - virtualNetworkRules: [ - { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' - action: 'Allow' - } - ] - ipRules: [ - { - action: 'Allow' - value: '1.1.1.1' - } - ] - } blobServices: { - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' containers: [ { name: 'avdscripts' publicAccess: 'None' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } { + allowProtectedAppendWrites: false + enableWORM: true name: 'archivecontainer' publicAccess: 'None' - enableWORM: true WORMRetention: 666 - allowProtectedAppendWrites: false } ] - } - fileServices: { + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + } + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + fileServices: { diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' shares: [ { name: 'avdprofiles' - shareQuota: '5120' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + shareQuota: '5120' } { name: 'avdprofiles2' @@ -702,59 +668,93 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { } ] } - tableServices: { - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - tables: [ - 'table1' - 'table2' + lock: 'CanNotDelete' + name: '<>azsax001' + networkAcls: { + bypass: 'AzureServices' + defaultAction: 'Deny' + ipRules: [ + { + action: 'Allow' + value: '1.1.1.1' + } + ] + virtualNetworkRules: [ + { + action: 'Allow' + id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' + } ] } + privateEndpoints: [ + { + service: 'blob' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + } + { + service: 'table' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + } + { + service: 'queue' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + } + { + service: 'file' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + } + ] + publicNetworkAccess: 'Disabled' queueServices: { + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' queues: [ { - name: 'queue1' metadata: {} + name: 'queue1' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } { - name: 'queue2' metadata: {} + name: 'queue2' } ] } - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } + requireInfrastructureEncryption: true roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + storageAccountSku: 'Standard_LRS' + systemAssignedIdentity: true + tableServices: { + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + tables: [ + 'table1' + 'table2' + ] + } + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } } } ``` @@ -974,8 +974,8 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-storageAccounts' params: { - storageAccountKind: 'Storage' allowBlobPublicAccess: false + storageAccountKind: 'Storage' } } ``` diff --git a/modules/Microsoft.Synapse/privateLinkHubs/readme.md b/modules/Microsoft.Synapse/privateLinkHubs/readme.md index 9f2f2aa678..ed66c3ab74 100644 --- a/modules/Microsoft.Synapse/privateLinkHubs/readme.md +++ b/modules/Microsoft.Synapse/privateLinkHubs/readme.md @@ -274,24 +274,24 @@ module privateLinkHubs './Microsoft.Synapse/privateLinkHubs/deploy.bicep' = { params: { name: 'synplhstandard001' lock: 'CanNotDelete' + privateEndpoints: [ + { + service: 'Web' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + } + ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } { - roleDefinitionIdOrName: '/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c' principalIds: [ '<>' ] - } - ] - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'Web' + roleDefinitionIdOrName: '/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c' } ] } diff --git a/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md b/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md index fde584958d..317c32116d 100644 --- a/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md +++ b/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md @@ -270,39 +270,39 @@ roleAssignments: [ module imageTemplates './Microsoft.VirtualMachineImages/imageTemplates/deploy.bicep' = { name: '${uniqueString(deployment().name)}-imageTemplates' params: { - name: '<>-az-imgt-x-001' - lock: 'CanNotDelete' - userMsiName: 'adp-<>-az-msi-x-001' - userMsiResourceGroup: 'validation-rg' - buildTimeoutInMinutes: 0 - vmSize: 'Standard_D2s_v3' - osDiskSizeGB: 127 - subnetId: '' - imageSource: { - type: 'PlatformImage' - publisher: 'MicrosoftWindowsDesktop' - offer: 'Windows-10' - sku: '19h2-evd' - version: 'latest' - } customizationSteps: [ { - type: 'WindowsRestart' restartTimeout: '30m' + type: 'WindowsRestart' } ] - managedImageName: '<>-az-mi-x-001' - unManagedImageName: '<>-az-umi-x-001' - sigImageDefinitionId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/galleries/adp<>azsigweux001/images/adp-<>-az-imgd-x-001' + imageSource: { + offer: 'Windows-10' + publisher: 'MicrosoftWindowsDesktop' + sku: '19h2-evd' + type: 'PlatformImage' + version: 'latest' + } + name: '<>-az-imgt-x-001' + userMsiName: 'adp-<>-az-msi-x-001' + buildTimeoutInMinutes: 0 imageReplicationRegions: [] + lock: 'CanNotDelete' + managedImageName: '<>-az-mi-x-001' + osDiskSizeGB: 127 roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] + sigImageDefinitionId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/galleries/adp<>azsigweux001/images/adp-<>-az-imgd-x-001' + subnetId: '' + unManagedImageName: '<>-az-umi-x-001' + userMsiResourceGroup: 'validation-rg' + vmSize: 'Standard_D2s_v3' } } ``` diff --git a/modules/Microsoft.Web/connections/readme.md b/modules/Microsoft.Web/connections/readme.md index c34cc84760..71150f7873 100644 --- a/modules/Microsoft.Web/connections/readme.md +++ b/modules/Microsoft.Web/connections/readme.md @@ -163,18 +163,18 @@ tags: { module connections './Microsoft.Web/connections/deploy.bicep' = { name: '${uniqueString(deployment().name)}-connections' params: { - name: 'azuremonitor' - lock: 'CanNotDelete' displayName: 'azuremonitorlogs' + name: 'azuremonitor' connectionApi: { id: '/subscriptions/<>/providers/Microsoft.Web/locations/westeurope/managedApis/azuremonitorlogs' } + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.Web/hostingEnvironments/readme.md b/modules/Microsoft.Web/hostingEnvironments/readme.md index 7b007936cb..2f02a0e8ad 100644 --- a/modules/Microsoft.Web/hostingEnvironments/readme.md +++ b/modules/Microsoft.Web/hostingEnvironments/readme.md @@ -210,29 +210,29 @@ module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = name: '${uniqueString(deployment().name)}-hostingEnvironments' params: { name: '<>-az-appse-asev2-001' - kind: 'ASEv2' - multiSize: 'Standard_D1_V2' - ipsslAddressCount: 2 + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-008' clusterSettings: [ { name: 'DisableTls1.0' value: '1' } ] - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-008' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + ipsslAddressCount: 2 + kind: 'ASEv2' + multiSize: 'Standard_D1_V2' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' } } ``` @@ -315,27 +315,27 @@ module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = name: '${uniqueString(deployment().name)}-hostingEnvironments' params: { name: '<>-az-appse-asev3-001' - lock: 'CanNotDelete' subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-006' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 clusterSettings: [ { name: 'DisableTls1.0' value: '1' } ] - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + lock: 'CanNotDelete' + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] } } ``` diff --git a/modules/Microsoft.Web/serverfarms/readme.md b/modules/Microsoft.Web/serverfarms/readme.md index b64ca1362c..2763c6cf66 100644 --- a/modules/Microsoft.Web/serverfarms/readme.md +++ b/modules/Microsoft.Web/serverfarms/readme.md @@ -209,25 +209,25 @@ module serverfarms './Microsoft.Web/serverfarms/deploy.bicep' = { name: '${uniqueString(deployment().name)}-serverfarms' params: { name: '<>-az-asp-x-001' - lock: 'CanNotDelete' sku: { + capacity: '1' + family: 'S' name: 'S1' - tier: 'Standard' size: 'S1' - family: 'S' - capacity: '1' + tier: 'Standard' } + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + lock: 'CanNotDelete' roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] } diff --git a/modules/Microsoft.Web/sites/readme.md b/modules/Microsoft.Web/sites/readme.md index cdfabf74a7..22def226ee 100644 --- a/modules/Microsoft.Web/sites/readme.md +++ b/modules/Microsoft.Web/sites/readme.md @@ -402,8 +402,8 @@ userAssignedIdentities: { module sites './Microsoft.Web/sites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-sites' params: { - name: '<>-az-fa-min-001' kind: 'functionapp' + name: '<>-az-fa-min-001' serverFarmResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001' siteConfig: { alwaysOn: true @@ -455,22 +455,14 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { module sites './Microsoft.Web/sites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-sites' params: { - name: '<>-az-fa-x-001' - lock: 'CanNotDelete' kind: 'functionapp' - serverFarmResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001' - siteConfig: { - alwaysOn: true - use32BitWorkerProcess: false - } + name: '<>-az-fa-x-001' appInsightId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - setAzureWebJobsDashboard: true appSettingsKeyValuePairs: { - FUNCTIONS_EXTENSION_VERSION: '~4' - FUNCTIONS_WORKER_RUNTIME: 'dotnet' AzureFunctionsJobHost__logging__logLevel__default: 'Trace' EASYAUTH_SECRET: 'https://adp-<>-az-kv-x-001.vault.azure.net/secrets/Modules-Test-SP-Password' + FUNCTIONS_EXTENSION_VERSION: '~4' + FUNCTIONS_WORKER_RUNTIME: 'dotnet' } authSettingV2Configuration: { globalValidation: { @@ -493,9 +485,9 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { disableWWWAuthenticate: false } registration: { - openIdIssuer: 'https://sts.windows.net/<>/v2.0/' clientId: 'd874dd2f-2032-4db1-a053-f0ec243685aa' clientSecretSettingName: 'EASYAUTH_SECRET' + openIdIssuer: 'https://sts.windows.net/<>/v2.0/' } validation: { allowedAudiences: [ @@ -534,29 +526,37 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { runtimeVersion: '~1' } } - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + lock: 'CanNotDelete' privateEndpoints: [ { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' service: 'sites' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' } ] + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] + serverFarmResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001' + setAzureWebJobsDashboard: true + siteConfig: { + alwaysOn: true + use32BitWorkerProcess: false + } + storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } } } ``` @@ -730,8 +730,8 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { module sites './Microsoft.Web/sites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-sites' params: { - name: '<>-az-wa-min-001' kind: 'app' + name: '<>-az-wa-min-001' serverFarmResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001' } } @@ -775,42 +775,42 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { module sites './Microsoft.Web/sites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-sites' params: { - name: '<>-az-wa-x-001' kind: 'app' + name: '<>-az-wa-x-001' + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + httpsOnly: true + privateEndpoints: [ + { + service: 'sites' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + } + ] + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] serverFarmResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001' siteConfig: { + alwaysOn: true metadata: [ { name: 'CURRENT_STACK' value: 'dotnetcore' } ] - alwaysOn: true } - httpsOnly: true systemAssignedIdentity: true userAssignedIdentities: { '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} } - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'sites' - } - ] } } ``` diff --git a/modules/Microsoft.Web/staticSites/readme.md b/modules/Microsoft.Web/staticSites/readme.md index 654b13e6be..aac36467fd 100644 --- a/modules/Microsoft.Web/staticSites/readme.md +++ b/modules/Microsoft.Web/staticSites/readme.md @@ -319,29 +319,29 @@ module staticSites './Microsoft.Web/staticSites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-staticSites' params: { name: '<>-az-wss-x-001' - lock: 'CanNotDelete' - sku: 'Standard' - stagingEnvironmentPolicy: 'Enabled' allowConfigFileUpdates: true enterpriseGradeCdnStatus: 'Disabled' - systemAssignedIdentity: true - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } + lock: 'CanNotDelete' + privateEndpoints: [ + { + service: 'staticSites' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + } + ] roleAssignments: [ { - roleDefinitionIdOrName: 'Reader' principalIds: [ '<>' ] + roleDefinitionIdOrName: 'Reader' } ] - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'staticSites' - } - ] + sku: 'Standard' + stagingEnvironmentPolicy: 'Enabled' + systemAssignedIdentity: true + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } } } ``` From b6c36e8aaa2cf0209384f776a0cee5329133fc3f Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 5 Jul 2022 23:04:21 +0200 Subject: [PATCH 11/38] Resolved conflict --- utilities/tools/Set-ModuleReadMe.ps1 | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 92faa54e20..53bf81c42f 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -434,10 +434,11 @@ function Set-DeploymentExamplesSection { # Sort 'required' parameters to the front $requiredParameterNames = $TemplateFileContent.parameters.Keys | Where-Object { $TemplateFileContent.parameters[$_].Keys -notcontains 'defaultValue' } $orderedJSONParameters = [ordered]@{} - # Add required - $JSONParameters.Keys | Where-Object { $_ -in $requiredParameterNames } | ForEach-Object { $orderedJSONParameters[$_] = $JSONParametersWithoutValue[$_] } - # Add rest - $JSONParameters.Keys | Where-Object { $_ -notin $requiredParameterNames } | ForEach-Object { $orderedJSONParameters[$_] = $JSONParametersWithoutValue[$_] } + $orderedTopLevelParameterNames = $JSONParametersWithoutValue.psbase.Keys # We must use PS-Base to handle conflicts of HashTable properties & keys (e.g. for a key 'keys'). + # Add required parameters first + $orderedTopLevelParameterNames | Where-Object { $_ -in $requiredParameterNames } | ForEach-Object { $orderedJSONParameters[$_] = $JSONParametersWithoutValue[$_] } + # Add rest after + $orderedTopLevelParameterNames | Where-Object { $_ -notin $requiredParameterNames } | ForEach-Object { $orderedJSONParameters[$_] = $JSONParametersWithoutValue[$_] } if ($orderedJSONParameters.count -eq 0) { # Handle empty dictionaries (in case the parmaeter file was empty) From 7d513b3fc72244ff9568174bdae0894d3fd26c8d Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 5 Jul 2022 23:41:13 +0200 Subject: [PATCH 12/38] Added sorting for JSON example --- utilities/tools/Set-ModuleReadMe.ps1 | 45 ++++++++++++++++++++++++++-- 1 file changed, 42 insertions(+), 3 deletions(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 53bf81c42f..c503f3f690 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -363,6 +363,8 @@ function Set-DeploymentExamplesSection { $resourceType = $resourceTypeIdentifier.Split('/')[1] $parameterFiles = Get-ChildItem (Join-Path $moduleRoot '.test') -Filter '*parameters.json' -Recurse + $requiredParameterNames = $TemplateFileContent.parameters.Keys | Where-Object { $TemplateFileContent.parameters[$_].Keys -notcontains 'defaultValue' } + ############################ ## Process test files ## ############################ @@ -432,7 +434,6 @@ function Set-DeploymentExamplesSection { $JSONParametersWithoutValue = ConvertTo-OrderedHashtable -JSONInputObject ($JSONParametersWithoutValue | ConvertTo-Json -Depth 99) # Sort 'required' parameters to the front - $requiredParameterNames = $TemplateFileContent.parameters.Keys | Where-Object { $TemplateFileContent.parameters[$_].Keys -notcontains 'defaultValue' } $orderedJSONParameters = [ordered]@{} $orderedTopLevelParameterNames = $JSONParametersWithoutValue.psbase.Keys # We must use PS-Base to handle conflicts of HashTable properties & keys (e.g. for a key 'keys'). # Add required parameters first @@ -452,7 +453,7 @@ function Set-DeploymentExamplesSection { $contentInBicepFormat = $contentInBicepFormat -replace "'(\w+)':", '$1:' # Update any ['xyz': xyz] to [xyz: xyz] $contentInBicepFormat = $contentInBicepFormat -replace "'(.+.getSecret\('.+'\))'", '$1' # Update any [xyz: 'xyz.GetSecret()'] to [xyz: xyz.GetSecret()] - $bicepParamsArray = $contentInBicepFormat -split ('\n') + $bicepParamsArray = $contentInBicepFormat -split '\n' $bicepParamsArray = $bicepParamsArray[1..($bicepParamsArray.count - 2)] } @@ -478,6 +479,21 @@ function Set-DeploymentExamplesSection { } if ($addJson) { + $orderedContentInJSONFormat = ConvertTo-OrderedHashtable -JSONInputObject (($contentInJSONFormat | ConvertFrom-Json).parameters | ConvertTo-Json -Depth 99) + + # Sort 'required' parameters to the front + $orderedJSONParameters = [ordered]@{} + $orderedTopLevelParameterNames = $orderedContentInJSONFormat.psbase.Keys # We must use PS-Base to handle conflicts of HashTable properties & keys (e.g. for a key 'keys'). + # Add required parameters first + $orderedTopLevelParameterNames | Where-Object { $_ -in $requiredParameterNames } | ForEach-Object { $orderedJSONParameters[$_] = $orderedContentInJSONFormat[$_] } + # Add rest after + $orderedTopLevelParameterNames | Where-Object { $_ -notin $requiredParameterNames } | ForEach-Object { $orderedJSONParameters[$_] = $orderedContentInJSONFormat[$_] } + + if ($orderedJSONParameters.count -eq 0) { + # Handle empty dictionaries (in case the parmaeter file was empty) + $orderedJSONParameters = '' + } + $SectionContent += @( '', '

', @@ -485,12 +501,35 @@ function Set-DeploymentExamplesSection { 'via JSON Parameter file', '', '```json', - $contentInJSONFormat.TrimEnd(), + ([ordered]@{ + '$schema' = 'https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#' + contentVersion = '1.0.0.0' + parameters = (-not [String]::IsNullOrEmpty($orderedJSONParameters)) ? $orderedJSONParameters : @{} + } | ConvertTo-Json -Depth 99), '```', '', '
' '

' ) + # $SectionContent += @( + # '', + # '

', + # '', + # 'via JSON Parameter file', + # '', + # '```json', + # '{', + # ' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",', + # ' "contentVersion": "1.0.0.0",' + # ' "parameters": {' + # (-not [String]::IsNullOrEmpty($orderedJSONParameters)) ? ((($orderedJSONParameters | ConvertTo-Json -Depth 99) -split '\n') | ForEach-Object { " $_" }).TrimEnd() : '', + # ' }', + # '}', + # '```', + # '', + # '
' + # '

' + # ) } $SectionContent += @( From 85638e1396f546a9ac34f09d2ad6d55e10463552 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 5 Jul 2022 23:53:16 +0200 Subject: [PATCH 13/38] Updated docs --- .../Microsoft.AAD/DomainServices/readme.md | 100 +- .../servers/readme.md | 208 +-- .../Microsoft.ApiManagement/service/readme.md | 468 +++--- .../configurationStores/readme.md | 164 +-- .../Microsoft.Authorization/locks/readme.md | 24 +- .../policyAssignments/readme.md | 408 +++--- .../policyDefinitions/readme.md | 382 ++--- .../policyExemptions/readme.md | 234 +-- .../policySetDefinitions/readme.md | 318 ++-- .../roleAssignments/readme.md | 186 +-- .../roleDefinitions/readme.md | 336 ++--- .../automationAccounts/readme.md | 438 +++--- .../Microsoft.Batch/batchAccounts/readme.md | 96 +- .../accounts/readme.md | 260 ++-- .../availabilitySets/readme.md | 54 +- .../diskEncryptionSets/readme.md | 42 +- modules/Microsoft.Compute/disks/readme.md | 222 +-- modules/Microsoft.Compute/galleries/readme.md | 126 +- modules/Microsoft.Compute/images/readme.md | 66 +- .../proximityPlacementGroups/readme.md | 36 +- .../virtualMachineScaleSets/readme.md | 954 ++++++------ .../virtualMachines/readme.md | 1292 ++++++++--------- .../Microsoft.Consumption/budgets/readme.md | 40 +- .../containerGroups/readme.md | 66 +- .../registries/readme.md | 230 +-- .../managedClusters/readme.md | 458 +++--- .../Microsoft.DataFactory/factories/readme.md | 124 +- .../backupVaults/readme.md | 150 +- .../Microsoft.Databricks/workspaces/readme.md | 66 +- .../applicationgroups/readme.md | 158 +- .../hostpools/readme.md | 152 +- .../scalingplans/readme.md | 12 +- .../workspaces/readme.md | 94 +- .../databaseAccounts/readme.md | 674 ++++----- .../systemTopics/readme.md | 102 +- modules/Microsoft.EventGrid/topics/readme.md | 82 +- .../Microsoft.EventHub/namespaces/readme.md | 280 ++-- .../Microsoft.HealthBot/healthBots/readme.md | 36 +- .../Microsoft.Insights/actionGroups/readme.md | 80 +- .../activityLogAlerts/readme.md | 82 +- .../Microsoft.Insights/components/readme.md | 36 +- .../diagnosticSettings/readme.md | 42 +- .../Microsoft.Insights/metricAlerts/readme.md | 90 +- .../privateLinkScopes/readme.md | 68 +- .../scheduledQueryRules/readme.md | 132 +- modules/Microsoft.KeyVault/vaults/readme.md | 316 ++-- .../extensions/readme.md | 97 +- .../fluxConfigurations/readme.md | 134 +- modules/Microsoft.Logic/workflows/readme.md | 148 +- .../workspaces/readme.md | 272 ++-- .../userAssignedIdentities/readme.md | 36 +- .../registrationDefinitions/readme.md | 118 +- .../managementGroups/readme.md | 24 +- .../Microsoft.NetApp/netAppAccounts/readme.md | 380 ++--- .../applicationGateways/readme.md | 696 ++++----- .../applicationSecurityGroups/readme.md | 36 +- .../azureFirewalls/readme.md | 376 ++--- .../Microsoft.Network/bastionHosts/readme.md | 208 +-- .../Microsoft.Network/connections/readme.md | 70 +- .../ddosProtectionPlans/readme.md | 36 +- .../expressRouteCircuits/readme.md | 96 +- .../firewallPolicies/readme.md | 98 +- .../Microsoft.Network/frontDoors/readme.md | 234 +-- modules/Microsoft.Network/ipGroups/readme.md | 48 +- .../Microsoft.Network/loadBalancers/readme.md | 460 +++--- .../localNetworkGateways/readme.md | 64 +- .../Microsoft.Network/natGateways/readme.md | 72 +- .../networkInterfaces/readme.md | 128 +- .../networkSecurityGroups/readme.md | 204 +-- .../networkWatchers/readme.md | 186 +-- .../privateDnsZones/readme.md | 400 ++--- .../privateEndpoints/readme.md | 110 +- .../publicIPAddresses/readme.md | 92 +- .../publicIPPrefixes/readme.md | 42 +- .../Microsoft.Network/routeTables/readme.md | 60 +- .../trafficmanagerprofiles/readme.md | 72 +- .../Microsoft.Network/virtualHubs/readme.md | 108 +- .../virtualNetworkGateways/readme.md | 230 +-- .../virtualNetworks/readme.md | 296 ++-- .../Microsoft.Network/virtualWans/readme.md | 72 +- .../Microsoft.Network/vpnGateways/readme.md | 142 +- modules/Microsoft.Network/vpnSites/readme.md | 174 +-- .../workspaces/readme.md | 334 ++--- .../solutions/readme.md | 78 +- .../vaults/readme.md | 416 +++--- .../deploymentScripts/readme.md | 134 +- .../resourceGroups/readme.md | 46 +- modules/Microsoft.Resources/tags/readme.md | 60 +- .../azureSecurityCenter/readme.md | 34 +- .../Microsoft.ServiceBus/namespaces/readme.md | 326 ++--- .../clusters/readme.md | 524 +++---- .../Microsoft.Sql/managedInstances/readme.md | 362 +++-- modules/Microsoft.Sql/servers/readme.md | 236 +-- .../storageAccounts/readme.md | 584 ++++---- .../privateLinkHubs/readme.md | 74 +- .../imageTemplates/readme.md | 130 +- modules/Microsoft.Web/connections/readme.md | 52 +- .../hostingEnvironments/readme.md | 188 +-- modules/Microsoft.Web/serverfarms/readme.md | 84 +- modules/Microsoft.Web/sites/readme.md | 466 +++--- modules/Microsoft.Web/staticSites/readme.md | 104 +- 101 files changed, 10179 insertions(+), 10056 deletions(-) diff --git a/modules/Microsoft.AAD/DomainServices/readme.md b/modules/Microsoft.AAD/DomainServices/readme.md index e2f73b4f9a..0cc7952fa7 100644 --- a/modules/Microsoft.AAD/DomainServices/readme.md +++ b/modules/Microsoft.AAD/DomainServices/readme.md @@ -253,60 +253,60 @@ module DomainServices './Microsoft.AAD/DomainServices/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "domainName": { - "value": "<>.onmicrosoft.com" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "domainName": { + "value": "<>.onmicrosoft.com" + }, + "additionalRecipients": { + "value": [ + "<>@noreply.github.com" + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "pfxCertificate": { + "reference": { + "keyVault": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" }, - "sku": { - "value": "Standard" - }, - "lock": { - "value": "CanNotDelete" - }, - "replicaSets": { - "value": [ - { - "location": "WestEurope", - "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-aadds-001/subnets/AADDSSubnet" - } - ] - }, - "pfxCertificate": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "pfxBase64Certificate" - } - }, - "pfxCertificatePassword": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "pfxCertificatePassword" - } - }, - "additionalRecipients": { - "value": [ - "<>@noreply.github.com" - ] - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + "secretName": "pfxBase64Certificate" + } + }, + "pfxCertificatePassword": { + "reference": { + "keyVault": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "secretName": "pfxCertificatePassword" + } + }, + "replicaSets": { + "value": [ + { + "location": "WestEurope", + "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-aadds-001/subnets/AADDSSubnet" } + ] + }, + "sku": { + "value": "Standard" } + } } ``` diff --git a/modules/Microsoft.AnalysisServices/servers/readme.md b/modules/Microsoft.AnalysisServices/servers/readme.md index 832604436e..c08814bacc 100644 --- a/modules/Microsoft.AnalysisServices/servers/readme.md +++ b/modules/Microsoft.AnalysisServices/servers/readme.md @@ -214,70 +214,70 @@ module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>azasweumax001" - }, - "lock": { - "value": "CanNotDelete" - }, - "skuName": { - "value": "S0" - }, - "skuCapacity": { - "value": 1 - }, - "firewallSettings": { - "value": { - "firewallRules": [ - { - "firewallRuleName": "AllowFromAll", - "rangeStart": "0.0.0.0", - "rangeEnd": "255.255.255.255" - } - ], - "enablePowerBIService": true - } - }, - "diagnosticLogsRetentionInDays": { - "value": 365 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogCategoriesToEnable": { - "value": [ - "Engine", - "Service" - ] - }, - "diagnosticMetricsToEnable": { - "value": [ - "AllMetrics" - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>azasweumax001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogCategoriesToEnable": { + "value": [ + "Engine", + "Service" + ] + }, + "diagnosticLogsRetentionInDays": { + "value": 365 + }, + "diagnosticMetricsToEnable": { + "value": [ + "AllMetrics" + ] + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "firewallSettings": { + "value": { + "enablePowerBIService": true, + "firewallRules": [ + { + "firewallRuleName": "AllowFromAll", + "rangeEnd": "255.255.255.255", + "rangeStart": "0.0.0.0" + } + ] + } + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "skuCapacity": { + "value": 1 + }, + "skuName": { + "value": "S0" } + } } ``` @@ -308,13 +308,13 @@ module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>azasweumin001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>azasweumin001" } + } } ``` @@ -360,44 +360,44 @@ module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>azasweux001" - }, - "lock": { - "value": "CanNotDelete" - }, - "skuName": { - "value": "S0" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>azasweux001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "skuName": { + "value": "S0" } + } } ``` diff --git a/modules/Microsoft.ApiManagement/service/readme.md b/modules/Microsoft.ApiManagement/service/readme.md index f58c26fb40..dab187b86a 100644 --- a/modules/Microsoft.ApiManagement/service/readme.md +++ b/modules/Microsoft.ApiManagement/service/readme.md @@ -418,181 +418,181 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-apim-max-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "publisherEmail": { - "value": "apimgmt-noreply@mail.windowsazure.com" - }, - "publisherName": { - "value": "<>-az-amorg-x-001" - }, - "apis": { - "value": [ - { - "name": "echo-api", - "displayName": "Echo API", - "path": "echo", - "serviceUrl": "http://echoapi.cloudapp.net/api", - "apiVersionSet": { - "name": "echo-version-set", - "properties": { - "description": "echo-version-set", - "displayName": "echo-version-set", - "versioningScheme": "Segment" - } - } - } - ] - }, - "authorizationServers": { - "value": [ - { - "name": "AuthServer1", - "authorizationEndpoint": "https://login.microsoftonline.com/651b43ce-ccb8-4301-b551-b04dd872d401/oauth2/v2.0/authorize", - "grantTypes": [ - "authorizationCode" - ], - "clientCredentialsKeyVaultId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", - "clientIdSecretName": "apimclientid", - "clientSecretSecretName": "apimclientsecret", - "clientRegistrationEndpoint": "http://localhost", - "tokenEndpoint": "https://login.microsoftonline.com/651b43ce-ccb8-4301-b551-b04dd872d401/oauth2/v2.0/token" - } - ] - }, - "backends": { - "value": [ - { - "name": "backend", - "url": "http://echoapi.cloudapp.net/api", - "tls": { - "validateCertificateChain": false, - "validateCertificateName": false - } - } - ] - }, - "caches": { - "value": [ - { - "name": "westeurope", - "connectionString": "connectionstringtest", - "useFromLocation": "westeurope" - } - ] - }, - "identityProviders": { - "value": [ - { - "name": "aadProvider" - } - ] - }, - "namedValues": { - "value": [ - { - "name": "apimkey", - "displayName": "apimkey", - "secret": true - } - ] - }, - "policies": { - "value": [ - { - "value": " ", - "format": "xml" - } - ] - }, - "portalSettings": { - "value": [ - { - "name": "signin", - "properties": { - "enabled": false - } - }, - { - "name": "signup", - "properties": { - "enabled": false, - "termsOfService": { - "enabled": false, - "consentRequired": false - } - } - } - ] - }, - "products": { - "value": [ - { - "name": "Starter", - "subscriptionRequired": false, - "approvalRequired": false, - "apis": [ - { - "name": "echo-api" - } - ], - "groups": [ - { - "name": "developers" - } - ] - } - ] - }, - "subscriptions": { - "value": [ - { - "scope": "/apis", - "name": "testArmSubscriptionAllApis" - } - ] - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-apim-max-001" + }, + "publisherEmail": { + "value": "apimgmt-noreply@mail.windowsazure.com" + }, + "publisherName": { + "value": "<>-az-amorg-x-001" + }, + "apis": { + "value": [ + { + "apiVersionSet": { + "name": "echo-version-set", + "properties": { + "description": "echo-version-set", + "displayName": "echo-version-set", + "versioningScheme": "Segment" } + }, + "displayName": "Echo API", + "name": "echo-api", + "path": "echo", + "serviceUrl": "http://echoapi.cloudapp.net/api" + } + ] + }, + "authorizationServers": { + "value": [ + { + "authorizationEndpoint": "https://login.microsoftonline.com/651b43ce-ccb8-4301-b551-b04dd872d401/oauth2/v2.0/authorize", + "clientCredentialsKeyVaultId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", + "clientIdSecretName": "apimclientid", + "clientRegistrationEndpoint": "http://localhost", + "clientSecretSecretName": "apimclientsecret", + "grantTypes": [ + "authorizationCode" + ], + "name": "AuthServer1", + "tokenEndpoint": "https://login.microsoftonline.com/651b43ce-ccb8-4301-b551-b04dd872d401/oauth2/v2.0/token" + } + ] + }, + "backends": { + "value": [ + { + "name": "backend", + "tls": { + "validateCertificateChain": false, + "validateCertificateName": false + }, + "url": "http://echoapi.cloudapp.net/api" + } + ] + }, + "caches": { + "value": [ + { + "connectionString": "connectionstringtest", + "name": "westeurope", + "useFromLocation": "westeurope" + } + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "identityProviders": { + "value": [ + { + "name": "aadProvider" + } + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "namedValues": { + "value": [ + { + "displayName": "apimkey", + "name": "apimkey", + "secret": true + } + ] + }, + "policies": { + "value": [ + { + "format": "xml", + "value": " " + } + ] + }, + "portalSettings": { + "value": [ + { + "name": "signin", + "properties": { + "enabled": false + } }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + { + "name": "signup", + "properties": { + "enabled": false, + "termsOfService": { + "consentRequired": false, + "enabled": false + } + } } + ] + }, + "products": { + "value": [ + { + "apis": [ + { + "name": "echo-api" + } + ], + "approvalRequired": false, + "groups": [ + { + "name": "developers" + } + ], + "name": "Starter", + "subscriptionRequired": false + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "subscriptions": { + "value": [ + { + "name": "testArmSubscriptionAllApis", + "scope": "/apis" + } + ] + }, + "systemAssignedIdentity": { + "value": true + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` @@ -625,19 +625,19 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-apim-min-001" - }, - "publisherEmail": { - "value": "apimgmt-noreply@mail.windowsazure.com" - }, - "publisherName": { - "value": "<>-az-amorg-x-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-apim-min-001" + }, + "publisherEmail": { + "value": "apimgmt-noreply@mail.windowsazure.com" + }, + "publisherName": { + "value": "<>-az-amorg-x-001" } + } } ``` @@ -703,60 +703,60 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-apim-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "publisherEmail": { - "value": "apimgmt-noreply@mail.windowsazure.com" - }, - "publisherName": { - "value": "<>-az-amorg-x-001" - }, - "portalSettings": { - "value": [ - { - "name": "signin", - "properties": { - "enabled": false - } - }, - { - "name": "signup", - "properties": { - "enabled": false, - "termsOfService": { - "enabled": false, - "consentRequired": false - } - } - } - ] - }, - "policies": { - "value": [ - { - "value": " ", - "format": "xml" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-apim-x-001" + }, + "publisherEmail": { + "value": "apimgmt-noreply@mail.windowsazure.com" + }, + "publisherName": { + "value": "<>-az-amorg-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "policies": { + "value": [ + { + "format": "xml", + "value": " " + } + ] + }, + "portalSettings": { + "value": [ + { + "name": "signin", + "properties": { + "enabled": false + } }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + { + "name": "signup", + "properties": { + "enabled": false, + "termsOfService": { + "consentRequired": false, + "enabled": false + } + } } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] } + } } ``` diff --git a/modules/Microsoft.AppConfiguration/configurationStores/readme.md b/modules/Microsoft.AppConfiguration/configurationStores/readme.md index 1bed049eac..b7bdedfc3b 100644 --- a/modules/Microsoft.AppConfiguration/configurationStores/readme.md +++ b/modules/Microsoft.AppConfiguration/configurationStores/readme.md @@ -304,13 +304,13 @@ module configurationStores './Microsoft.AppConfiguration/configurationStores/dep ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-appcs-min-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-appcs-min-001" } + } } ``` @@ -382,84 +382,84 @@ module configurationStores './Microsoft.AppConfiguration/configurationStores/dep ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-appcs-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "systemAssignedIdentity": { - "value": true - }, - "keyValues": { - "value": [ - { - "name": "keyName", - "value": "valueName", - "contentType": "contentType", - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "createMode": { - "value": "Default" - }, - "disableLocalAuth": { - "value": false - }, - "enablePurgeProtection": { - "value": false - }, - "publicNetworkAccess": { - "value": "Enabled" - }, - "softDeleteRetentionInDays": { - "value": 1 - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "configurationStores" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-appcs-x-001" + }, + "createMode": { + "value": "Default" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "disableLocalAuth": { + "value": false + }, + "enablePurgeProtection": { + "value": false + }, + "keyValues": { + "value": [ + { + "contentType": "contentType", + "name": "keyName", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "value": "valueName" } + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "privateEndpoints": { + "value": [ + { + "service": "configurationStores", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + } + ] + }, + "publicNetworkAccess": { + "value": "Enabled" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "softDeleteRetentionInDays": { + "value": 1 + }, + "systemAssignedIdentity": { + "value": true } + } } ``` diff --git a/modules/Microsoft.Authorization/locks/readme.md b/modules/Microsoft.Authorization/locks/readme.md index 8d5b1772a9..a525e92f9b 100644 --- a/modules/Microsoft.Authorization/locks/readme.md +++ b/modules/Microsoft.Authorization/locks/readme.md @@ -68,19 +68,19 @@ module locks './Microsoft.Authorization/locks/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "level": { - "value": "CanNotDelete" - }, - "resourceGroupName": { - "value": "adp-<>-az-locks-rg-001" - }, - "subscriptionId": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "level": { + "value": "CanNotDelete" + }, + "resourceGroupName": { + "value": "adp-<>-az-locks-rg-001" + }, + "subscriptionId": { + "value": "<>" } + } } ``` diff --git a/modules/Microsoft.Authorization/policyAssignments/readme.md b/modules/Microsoft.Authorization/policyAssignments/readme.md index e6e0cf30bc..c02290b285 100644 --- a/modules/Microsoft.Authorization/policyAssignments/readme.md +++ b/modules/Microsoft.Authorization/policyAssignments/readme.md @@ -193,16 +193,16 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-min-mg-polAss" - }, - "policyDefinitionID": { - "value": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-min-mg-polAss" + }, + "policyDefinitionID": { + "value": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d" } + } } ``` @@ -259,63 +259,63 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-mg-polAss" + }, + "policyDefinitionId": { + "value": "/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26" + }, + "description": { + "value": "[Description] Policy Assignment at the management group scope" + }, + "displayName": { + "value": "[Display Name] Policy Assignment at the management group scope" + }, + "enforcementMode": { + "value": "DoNotEnforce" + }, + "identity": { + "value": "SystemAssigned" + }, + "location": { + "value": "australiaeast" + }, + "managementGroupId": { + "value": "<>" + }, + "metadata": { + "value": { + "category": "Security", + "version": "1.0" + } + }, + "nonComplianceMessage": { + "value": "Violated Policy Assignment - This is a Non Compliance Message" + }, + "notScopes": { + "value": [ + "/subscriptions/<>/resourceGroups/validation-rg" + ] + }, "parameters": { - "name": { - "value": "<>-mg-polAss" - }, - "displayName": { - "value": "[Display Name] Policy Assignment at the management group scope" - }, - "description": { - "value": "[Description] Policy Assignment at the management group scope" - }, - "policyDefinitionId": { - "value": "/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26" - }, - "parameters": { - "value": { - "tagName": { - "value": "env" - }, - "tagValue": { - "value": "prod" - } - } - }, - "nonComplianceMessage": { - "value": "Violated Policy Assignment - This is a Non Compliance Message" - }, - "enforcementMode": { - "value": "DoNotEnforce" - }, - "metadata": { - "value": { - "category": "Security", - "version": "1.0" - } - }, - "location": { - "value": "australiaeast" - }, - "notScopes": { - "value": [ - "/subscriptions/<>/resourceGroups/validation-rg" - ] - }, - "identity": { - "value": "SystemAssigned" + "value": { + "tagName": { + "value": "env" }, - "roleDefinitionIds": { - "value": [ - "/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ] - }, - "managementGroupId": { - "value": "<>" + "tagValue": { + "value": "prod" } + } + }, + "roleDefinitionIds": { + "value": [ + "/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ] } + } } ``` @@ -349,22 +349,22 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-min-rg-polAss" - }, - "policyDefinitionID": { - "value": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d" - }, - "subscriptionId": { - "value": "<>" - }, - "resourceGroupName": { - "value": "validation-rg" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-min-rg-polAss" + }, + "policyDefinitionID": { + "value": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d" + }, + "resourceGroupName": { + "value": "validation-rg" + }, + "subscriptionId": { + "value": "<>" } + } } ``` @@ -423,69 +423,69 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-rg-polAss" + }, + "policyDefinitionId": { + "value": "/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26" + }, + "description": { + "value": "[Description] Policy Assignment at the resource group scope" + }, + "displayName": { + "value": "[Display Name] Policy Assignment at the resource group scope" + }, + "enforcementMode": { + "value": "DoNotEnforce" + }, + "identity": { + "value": "UserAssigned" + }, + "location": { + "value": "australiaeast" + }, + "metadata": { + "value": { + "category": "Security", + "version": "1.0" + } + }, + "nonComplianceMessage": { + "value": "Violated Policy Assignment - This is a Non Compliance Message" + }, + "notScopes": { + "value": [ + "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" + ] + }, "parameters": { - "name": { - "value": "<>-rg-polAss" - }, - "displayName": { - "value": "[Display Name] Policy Assignment at the resource group scope" - }, - "description": { - "value": "[Description] Policy Assignment at the resource group scope" - }, - "policyDefinitionId": { - "value": "/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26" - }, - "parameters": { - "value": { - "tagName": { - "value": "env" - }, - "tagValue": { - "value": "prod" - } - } - }, - "nonComplianceMessage": { - "value": "Violated Policy Assignment - This is a Non Compliance Message" + "value": { + "tagName": { + "value": "env" }, - "enforcementMode": { - "value": "DoNotEnforce" - }, - "metadata": { - "value": { - "category": "Security", - "version": "1.0" - } - }, - "location": { - "value": "australiaeast" - }, - "notScopes": { - "value": [ - "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - ] - }, - "identity": { - "value": "UserAssigned" - }, - "userAssignedIdentityId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" - }, - "roleDefinitionIds": { - "value": [ - "/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ] - }, - "subscriptionId": { - "value": "<>" - }, - "resourceGroupName": { - "value": "validation-rg" + "tagValue": { + "value": "prod" } + } + }, + "resourceGroupName": { + "value": "validation-rg" + }, + "roleDefinitionIds": { + "value": [ + "/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ] + }, + "subscriptionId": { + "value": "<>" + }, + "userAssignedIdentityId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" } + } } ``` @@ -518,19 +518,19 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-min-sub-polAss" - }, - "policyDefinitionID": { - "value": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d" - }, - "subscriptionId": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-min-sub-polAss" + }, + "policyDefinitionID": { + "value": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d" + }, + "subscriptionId": { + "value": "<>" } + } } ``` @@ -588,66 +588,66 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-sub-polAss" + }, + "policyDefinitionId": { + "value": "/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26" + }, + "description": { + "value": "[Description] Policy Assignment at the subscription scope" + }, + "displayName": { + "value": "[Display Name] Policy Assignment at the subscription scope" + }, + "enforcementMode": { + "value": "DoNotEnforce" + }, + "identity": { + "value": "UserAssigned" + }, + "location": { + "value": "australiaeast" + }, + "metadata": { + "value": { + "category": "Security", + "version": "1.0" + } + }, + "nonComplianceMessage": { + "value": "Violated Policy Assignment - This is a Non Compliance Message" + }, + "notScopes": { + "value": [ + "/subscriptions/<>/resourceGroups/validation-rg" + ] + }, "parameters": { - "name": { - "value": "<>-sub-polAss" - }, - "displayName": { - "value": "[Display Name] Policy Assignment at the subscription scope" - }, - "description": { - "value": "[Description] Policy Assignment at the subscription scope" - }, - "policyDefinitionId": { - "value": "/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26" - }, - "parameters": { - "value": { - "tagName": { - "value": "env" - }, - "tagValue": { - "value": "prod" - } - } - }, - "nonComplianceMessage": { - "value": "Violated Policy Assignment - This is a Non Compliance Message" - }, - "enforcementMode": { - "value": "DoNotEnforce" - }, - "metadata": { - "value": { - "category": "Security", - "version": "1.0" - } + "value": { + "tagName": { + "value": "env" }, - "location": { - "value": "australiaeast" - }, - "notScopes": { - "value": [ - "/subscriptions/<>/resourceGroups/validation-rg" - ] - }, - "identity": { - "value": "UserAssigned" - }, - "userAssignedIdentityId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" - }, - "roleDefinitionIds": { - "value": [ - "/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ] - }, - "subscriptionId": { - "value": "<>" + "tagValue": { + "value": "prod" } + } + }, + "roleDefinitionIds": { + "value": [ + "/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ] + }, + "subscriptionId": { + "value": "<>" + }, + "userAssignedIdentityId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" } + } } ``` diff --git a/modules/Microsoft.Authorization/policyDefinitions/readme.md b/modules/Microsoft.Authorization/policyDefinitions/readme.md index 7019e64401..37c4149ac6 100644 --- a/modules/Microsoft.Authorization/policyDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policyDefinitions/readme.md @@ -172,39 +172,39 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-mg-min-policyDef" - }, - "policyRule": { - "value": { - "if": { - "allOf": [ - { - "equals": "Microsoft.KeyVault/vaults", - "field": "type" - } - ] - }, - "then": { - "effect": "[parameters('effect')]" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-mg-min-policyDef" + }, + "policyRule": { + "value": { + "if": { + "allOf": [ + { + "equals": "Microsoft.KeyVault/vaults", + "field": "type" } + ] }, - "parameters": { - "value": { - "effect": { - "allowedValues": [ - "Audit" - ], - "defaultValue": "Audit", - "type": "String" - } - } + "then": { + "effect": "[parameters('effect')]" + } + } + }, + "parameters": { + "value": { + "effect": { + "allowedValues": [ + "Audit" + ], + "defaultValue": "Audit", + "type": "String" } + } } + } } ``` @@ -286,76 +286,76 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-mg-policyDef" - }, - "displayName": { - "value": "[DisplayName] This policy definition is deployed at the management group scope" - }, - "description": { - "value": "[Description] This policy definition is deployed at the management group scope" - }, - "policyRule": { - "value": { - "if": { - "allOf": [ - { - "field": "type", - "equals": "Microsoft.Resources/subscriptions" - }, - { - "field": "[concat('tags[', parameters('tagName'), ']')]", - "exists": "false" - } - ] - }, - "then": { - "effect": "modify", - "details": { - "roleDefinitionIds": [ - "/providers/microsoft.authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f" - ], - "operations": [ - { - "operation": "add", - "field": "[concat('tags[', parameters('tagName'), ']')]", - "value": "[parameters('tagValue')]" - } - ] - } - } - } - }, - "parameters": { - "value": { - "tagName": { - "type": "String", - "metadata": { - "displayName": "Tag Name", - "description": "Name of the tag, such as 'environment'" - } - }, - "tagValue": { - "type": "String", - "metadata": { - "displayName": "Tag Value", - "description": "Value of the tag, such as 'production'" - } - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-mg-policyDef" + }, + "policyRule": { + "value": { + "if": { + "allOf": [ + { + "equals": "Microsoft.Resources/subscriptions", + "field": "type" + }, + { + "exists": "false", + "field": "[concat('tags[', parameters('tagName'), ']')]" } + ] }, - "metadata": { - "value": { - "category": "Security" - } + "then": { + "details": { + "operations": [ + { + "field": "[concat('tags[', parameters('tagName'), ']')]", + "operation": "add", + "value": "[parameters('tagValue')]" + } + ], + "roleDefinitionIds": [ + "/providers/microsoft.authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f" + ] + }, + "effect": "modify" + } + } + }, + "description": { + "value": "[Description] This policy definition is deployed at the management group scope" + }, + "displayName": { + "value": "[DisplayName] This policy definition is deployed at the management group scope" + }, + "managementGroupId": { + "value": "<>" + }, + "metadata": { + "value": { + "category": "Security" + } + }, + "parameters": { + "value": { + "tagName": { + "metadata": { + "description": "Name of the tag, such as 'environment'", + "displayName": "Tag Name" + }, + "type": "String" }, - "managementGroupId": { - "value": "<>" + "tagValue": { + "metadata": { + "description": "Value of the tag, such as 'production'", + "displayName": "Tag Value" + }, + "type": "String" } + } } + } } ``` @@ -409,42 +409,42 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-sub-min-policyDef" - }, - "policyRule": { - "value": { - "if": { - "allOf": [ - { - "equals": "Microsoft.KeyVault/vaults", - "field": "type" - } - ] - }, - "then": { - "effect": "[parameters('effect')]" - } - } - }, - "parameters": { - "value": { - "effect": { - "allowedValues": [ - "Audit" - ], - "defaultValue": "Audit", - "type": "String" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-sub-min-policyDef" + }, + "policyRule": { + "value": { + "if": { + "allOf": [ + { + "equals": "Microsoft.KeyVault/vaults", + "field": "type" } + ] }, - "subscriptionId": { - "value": "<>" + "then": { + "effect": "[parameters('effect')]" } + } + }, + "parameters": { + "value": { + "effect": { + "allowedValues": [ + "Audit" + ], + "defaultValue": "Audit", + "type": "String" + } + } + }, + "subscriptionId": { + "value": "<>" } + } } ``` @@ -526,76 +526,76 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-sub-policyDef" - }, - "displayName": { - "value": "[DisplayName] This policy definition is deployed at subscription scope" - }, - "description": { - "value": "[Description] This policy definition is deployed at subscription scope" - }, - "policyRule": { - "value": { - "if": { - "allOf": [ - { - "field": "type", - "equals": "Microsoft.Resources/subscriptions" - }, - { - "field": "[concat('tags[', parameters('tagName'), ']')]", - "exists": "false" - } - ] - }, - "then": { - "effect": "modify", - "details": { - "roleDefinitionIds": [ - "/providers/microsoft.authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f" - ], - "operations": [ - { - "operation": "add", - "field": "[concat('tags[', parameters('tagName'), ']')]", - "value": "[parameters('tagValue')]" - } - ] - } - } - } - }, - "parameters": { - "value": { - "tagName": { - "type": "String", - "metadata": { - "displayName": "Tag Name", - "description": "Name of the tag, such as 'environment'" - } - }, - "tagValue": { - "type": "String", - "metadata": { - "displayName": "Tag Value", - "description": "Value of the tag, such as 'production'" - } - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-sub-policyDef" + }, + "policyRule": { + "value": { + "if": { + "allOf": [ + { + "equals": "Microsoft.Resources/subscriptions", + "field": "type" + }, + { + "exists": "false", + "field": "[concat('tags[', parameters('tagName'), ']')]" } + ] }, - "metadata": { - "value": { - "category": "Security" - } + "then": { + "details": { + "operations": [ + { + "field": "[concat('tags[', parameters('tagName'), ']')]", + "operation": "add", + "value": "[parameters('tagValue')]" + } + ], + "roleDefinitionIds": [ + "/providers/microsoft.authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f" + ] + }, + "effect": "modify" + } + } + }, + "description": { + "value": "[Description] This policy definition is deployed at subscription scope" + }, + "displayName": { + "value": "[DisplayName] This policy definition is deployed at subscription scope" + }, + "metadata": { + "value": { + "category": "Security" + } + }, + "parameters": { + "value": { + "tagName": { + "metadata": { + "description": "Name of the tag, such as 'environment'", + "displayName": "Tag Name" + }, + "type": "String" }, - "subscriptionId": { - "value": "<>" + "tagValue": { + "metadata": { + "description": "Value of the tag, such as 'production'", + "displayName": "Tag Value" + }, + "type": "String" } + } + }, + "subscriptionId": { + "value": "<>" } + } } ``` diff --git a/modules/Microsoft.Authorization/policyExemptions/readme.md b/modules/Microsoft.Authorization/policyExemptions/readme.md index 8e113edf0d..ef4a4349c5 100644 --- a/modules/Microsoft.Authorization/policyExemptions/readme.md +++ b/modules/Microsoft.Authorization/policyExemptions/readme.md @@ -174,16 +174,16 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-min-mg-polexem" - }, - "policyAssignmentId": { - "value": "/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-min-mg-polexem" + }, + "policyAssignmentId": { + "value": "/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg" } + } } ``` @@ -222,33 +222,33 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-mg-polexem" - }, - "displayName": { - "value": "[Display Name] policy exempt (management group scope)" - }, - "policyAssignmentId": { - "value": "/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg" - }, - "exemptionCategory": { - "value": "Waiver" - }, - "metadata": { - "value": { - "category": "Security" - } - }, - "expiresOn": { - "value": "2025-10-02T03:57:00.000Z" - }, - "managementGroupId": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-mg-polexem" + }, + "policyAssignmentId": { + "value": "/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg" + }, + "displayName": { + "value": "[Display Name] policy exempt (management group scope)" + }, + "exemptionCategory": { + "value": "Waiver" + }, + "expiresOn": { + "value": "2025-10-02T03:57:00Z" + }, + "managementGroupId": { + "value": "<>" + }, + "metadata": { + "value": { + "category": "Security" + } } + } } ``` @@ -282,22 +282,22 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-min-rg-polexem" - }, - "policyAssignmentId": { - "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" - }, - "subscriptionId": { - "value": "<>" - }, - "resourceGroupName": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-min-rg-polexem" + }, + "policyAssignmentId": { + "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" + }, + "resourceGroupName": { + "value": "<>" + }, + "subscriptionId": { + "value": "<>" } + } } ``` @@ -337,36 +337,36 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-rg-polexem" - }, - "displayName": { - "value": "[Display Name] policy exempt (resource group scope)" - }, - "policyAssignmentId": { - "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" - }, - "exemptionCategory": { - "value": "Waiver" - }, - "metadata": { - "value": { - "category": "Security" - } - }, - "expiresOn": { - "value": "2025-10-02T03:57:00.000Z" - }, - "subscriptionId": { - "value": "<>" - }, - "resourceGroupName": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-rg-polexem" + }, + "policyAssignmentId": { + "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" + }, + "displayName": { + "value": "[Display Name] policy exempt (resource group scope)" + }, + "exemptionCategory": { + "value": "Waiver" + }, + "expiresOn": { + "value": "2025-10-02T03:57:00Z" + }, + "metadata": { + "value": { + "category": "Security" + } + }, + "resourceGroupName": { + "value": "<>" + }, + "subscriptionId": { + "value": "<>" } + } } ``` @@ -399,19 +399,19 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-min-sub-polexem" - }, - "policyAssignmentId": { - "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" - }, - "subscriptionId": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-min-sub-polexem" + }, + "policyAssignmentId": { + "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" + }, + "subscriptionId": { + "value": "<>" } + } } ``` @@ -450,33 +450,33 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-sub-polexem" - }, - "displayName": { - "value": "[Display Name] policy exempt (subscription scope)" - }, - "policyAssignmentId": { - "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" - }, - "exemptionCategory": { - "value": "Waiver" - }, - "metadata": { - "value": { - "category": "Security" - } - }, - "expiresOn": { - "value": "2025-10-02T03:57:00.000Z" - }, - "subscriptionId": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-sub-polexem" + }, + "policyAssignmentId": { + "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" + }, + "displayName": { + "value": "[Display Name] policy exempt (subscription scope)" + }, + "exemptionCategory": { + "value": "Waiver" + }, + "expiresOn": { + "value": "2025-10-02T03:57:00Z" + }, + "metadata": { + "value": { + "category": "Security" + } + }, + "subscriptionId": { + "value": "<>" } + } } ``` diff --git a/modules/Microsoft.Authorization/policySetDefinitions/readme.md b/modules/Microsoft.Authorization/policySetDefinitions/readme.md index a52f50840a..06f31b7138 100644 --- a/modules/Microsoft.Authorization/policySetDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policySetDefinitions/readme.md @@ -168,27 +168,27 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-mg-min-policySet" - }, - "policyDefinitions": { - "value": [ - { - "parameters": { - "listOfAllowedLocations": { - "value": [ - "australiaeast" - ] - } - }, - "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e56962a6-4747-49cd-b67b-bf8b01975c4c" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-mg-min-policySet" + }, + "policyDefinitions": { + "value": [ + { + "parameters": { + "listOfAllowedLocations": { + "value": [ + "australiaeast" + ] + } + }, + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e56962a6-4747-49cd-b67b-bf8b01975c4c" } + ] } + } } ``` @@ -264,70 +264,70 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-mg-policySet" - }, - "displayName": { - "value": "[DisplayName] This policy set definition is deployed at management group scope" - }, - "description": { - "value": "[Description] This policy set definition is deployed at management group scope" - }, - "policyDefinitionGroups": { - "value": [ - { - "name": "Network" - }, - { - "name": "ARM" - } - ] - }, - "policyDefinitions": { - "value": [ - { - "groupNames": [ - "ARM" - ], - "parameters": { - "listOfAllowedLocations": { - "value": [ - "australiaeast" - ] - } - }, - "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e56962a6-4747-49cd-b67b-bf8b01975c4c", - "policyDefinitionReferenceId": "Allowed locations_1" - }, - { - "groupNames": [ - "ARM" - ], - "parameters": { - "listOfAllowedLocations": { - "value": [ - "australiaeast" - ] - } - }, - "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e765b5de-1225-4ba3-bd56-1ac6695af988", - "policyDefinitionReferenceId": "Allowed locations for resource groups_1" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-mg-policySet" + }, + "policyDefinitions": { + "value": [ + { + "groupNames": [ + "ARM" + ], + "parameters": { + "listOfAllowedLocations": { + "value": [ + "australiaeast" + ] + } + }, + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e56962a6-4747-49cd-b67b-bf8b01975c4c", + "policyDefinitionReferenceId": "Allowed locations_1" }, - "metadata": { - "value": { - "category": "Security", - "version": "1" + { + "groupNames": [ + "ARM" + ], + "parameters": { + "listOfAllowedLocations": { + "value": [ + "australiaeast" + ] } + }, + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e765b5de-1225-4ba3-bd56-1ac6695af988", + "policyDefinitionReferenceId": "Allowed locations for resource groups_1" + } + ] + }, + "description": { + "value": "[Description] This policy set definition is deployed at management group scope" + }, + "displayName": { + "value": "[DisplayName] This policy set definition is deployed at management group scope" + }, + "managementGroupId": { + "value": "<>" + }, + "metadata": { + "value": { + "category": "Security", + "version": "1" + } + }, + "policyDefinitionGroups": { + "value": [ + { + "name": "Network" }, - "managementGroupId": { - "value": "<>" + { + "name": "ARM" } + ] } + } } ``` @@ -371,30 +371,30 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-sub-min-policySet" - }, - "policyDefinitions": { - "value": [ - { - "parameters": { - "listOfAllowedLocations": { - "value": [ - "australiaeast" - ] - } - }, - "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e56962a6-4747-49cd-b67b-bf8b01975c4c" - } - ] - }, - "subscriptionId": { - "value": "<>" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-sub-min-policySet" + }, + "policyDefinitions": { + "value": [ + { + "parameters": { + "listOfAllowedLocations": { + "value": [ + "australiaeast" + ] + } + }, + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e56962a6-4747-49cd-b67b-bf8b01975c4c" } + ] + }, + "subscriptionId": { + "value": "<>" } + } } ``` @@ -470,70 +470,70 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-sub-policySet" - }, - "displayName": { - "value": "[DisplayName] This policy set definition is deployed at subscription scope" - }, - "description": { - "value": "[Description] This policy set definition is deployed at subscription scope" - }, - "policyDefinitionGroups": { - "value": [ - { - "name": "Network" - }, - { - "name": "ARM" - } - ] - }, - "policyDefinitions": { - "value": [ - { - "groupNames": [ - "ARM" - ], - "parameters": { - "listOfAllowedLocations": { - "value": [ - "australiaeast" - ] - } - }, - "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e56962a6-4747-49cd-b67b-bf8b01975c4c", - "policyDefinitionReferenceId": "Allowed locations_1" - }, - { - "groupNames": [ - "ARM" - ], - "parameters": { - "listOfAllowedLocations": { - "value": [ - "australiaeast" - ] - } - }, - "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e765b5de-1225-4ba3-bd56-1ac6695af988", - "policyDefinitionReferenceId": "Allowed locations for resource groups_1" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-sub-policySet" + }, + "policyDefinitions": { + "value": [ + { + "groupNames": [ + "ARM" + ], + "parameters": { + "listOfAllowedLocations": { + "value": [ + "australiaeast" + ] + } + }, + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e56962a6-4747-49cd-b67b-bf8b01975c4c", + "policyDefinitionReferenceId": "Allowed locations_1" }, - "metadata": { - "value": { - "category": "Security", - "version": "1" + { + "groupNames": [ + "ARM" + ], + "parameters": { + "listOfAllowedLocations": { + "value": [ + "australiaeast" + ] } + }, + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e765b5de-1225-4ba3-bd56-1ac6695af988", + "policyDefinitionReferenceId": "Allowed locations for resource groups_1" + } + ] + }, + "description": { + "value": "[Description] This policy set definition is deployed at subscription scope" + }, + "displayName": { + "value": "[DisplayName] This policy set definition is deployed at subscription scope" + }, + "metadata": { + "value": { + "category": "Security", + "version": "1" + } + }, + "policyDefinitionGroups": { + "value": [ + { + "name": "Network" }, - "subscriptionId": { - "value": "<>" + { + "name": "ARM" } + ] + }, + "subscriptionId": { + "value": "<>" } + } } ``` diff --git a/modules/Microsoft.Authorization/roleAssignments/readme.md b/modules/Microsoft.Authorization/roleAssignments/readme.md index c7be8792fb..1b33804c1d 100644 --- a/modules/Microsoft.Authorization/roleAssignments/readme.md +++ b/modules/Microsoft.Authorization/roleAssignments/readme.md @@ -192,16 +192,16 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "roleDefinitionIdOrName": { - "value": "Storage Queue Data Reader" - }, - "principalId": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "principalId": { + "value": "<>" + }, + "roleDefinitionIdOrName": { + "value": "Storage Queue Data Reader" } + } } ``` @@ -236,25 +236,25 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "roleDefinitionIdOrName": { - "value": "Backup Reader" - }, - "description": { - "value": "Role Assignment (management group scope)" - }, - "principalId": { - "value": "<>" - }, - "principalType": { - "value": "ServicePrincipal" - }, - "managementGroupId": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "principalId": { + "value": "<>" + }, + "roleDefinitionIdOrName": { + "value": "Backup Reader" + }, + "description": { + "value": "Role Assignment (management group scope)" + }, + "managementGroupId": { + "value": "<>" + }, + "principalType": { + "value": "ServicePrincipal" } + } } ``` @@ -288,22 +288,22 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "roleDefinitionIdOrName": { - "value": "Storage Queue Data Reader" - }, - "principalId": { - "value": "<>" - }, - "subscriptionId": { - "value": "<>" - }, - "resourceGroupName": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "principalId": { + "value": "<>" + }, + "roleDefinitionIdOrName": { + "value": "Storage Queue Data Reader" + }, + "resourceGroupName": { + "value": "<>" + }, + "subscriptionId": { + "value": "<>" } + } } ``` @@ -339,28 +339,28 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "roleDefinitionIdOrName": { - "value": "Backup Reader" - }, - "description": { - "value": "Role Assignment (resource group scope)" - }, - "principalId": { - "value": "<>" - }, - "principalType": { - "value": "ServicePrincipal" - }, - "subscriptionId": { - "value": "<>" - }, - "resourceGroupName": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "principalId": { + "value": "<>" + }, + "roleDefinitionIdOrName": { + "value": "Backup Reader" + }, + "description": { + "value": "Role Assignment (resource group scope)" + }, + "principalType": { + "value": "ServicePrincipal" + }, + "resourceGroupName": { + "value": "<>" + }, + "subscriptionId": { + "value": "<>" } + } } ``` @@ -393,19 +393,19 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "roleDefinitionIdOrName": { - "value": "Storage Queue Data Reader" - }, - "principalId": { - "value": "<>" - }, - "subscriptionId": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "principalId": { + "value": "<>" + }, + "roleDefinitionIdOrName": { + "value": "Storage Queue Data Reader" + }, + "subscriptionId": { + "value": "<>" } + } } ``` @@ -440,25 +440,25 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "roleDefinitionIdOrName": { - "value": "Backup Reader" - }, - "description": { - "value": "Role Assignment (subscription scope)" - }, - "principalId": { - "value": "<>" - }, - "principalType": { - "value": "ServicePrincipal" - }, - "subscriptionId": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "principalId": { + "value": "<>" + }, + "roleDefinitionIdOrName": { + "value": "Backup Reader" + }, + "description": { + "value": "Role Assignment (subscription scope)" + }, + "principalType": { + "value": "ServicePrincipal" + }, + "subscriptionId": { + "value": "<>" } + } } ``` diff --git a/modules/Microsoft.Authorization/roleDefinitions/readme.md b/modules/Microsoft.Authorization/roleDefinitions/readme.md index 340451e904..7d33d65e0b 100644 --- a/modules/Microsoft.Authorization/roleDefinitions/readme.md +++ b/modules/Microsoft.Authorization/roleDefinitions/readme.md @@ -199,19 +199,19 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "roleName": { - "value": "<>-az-testRole-mg-min" - }, - "actions": { - "value": [ - "Microsoft.Compute/galleries/read", - "Microsoft.Compute/galleries/images/read" - ] - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "roleName": { + "value": "<>-az-testRole-mg-min" + }, + "actions": { + "value": [ + "Microsoft.Compute/galleries/images/read", + "Microsoft.Compute/galleries/read" + ] } + } } ``` @@ -262,47 +262,47 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "roleName": { - "value": "<>-az-testRole-mg" - }, - "description": { - "value": "Test Custom Role Definition Standard (management group scope)" - }, - "actions": { - "value": [ - "Microsoft.Compute/galleries/*", - "Microsoft.Network/virtualNetworks/read" - ] - }, - "notActions": { - "value": [ - "Microsoft.Compute/images/write", - "Microsoft.Compute/images/delete", - "Microsoft.Network/virtualNetworks/subnets/join/action" - ] - }, - "dataActions": { - "value": [ - "Microsoft.Storage/storageAccounts/blobServices/*/read" - ] - }, - "notDataActions": { - "value": [ - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read" - ] - }, - "assignableScopes": { - "value": [ - "/providers/Microsoft.Management/managementGroups/<>" - ] - }, - "managementGroupId": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "roleName": { + "value": "<>-az-testRole-mg" + }, + "actions": { + "value": [ + "Microsoft.Compute/galleries/*", + "Microsoft.Network/virtualNetworks/read" + ] + }, + "assignableScopes": { + "value": [ + "/providers/Microsoft.Management/managementGroups/<>" + ] + }, + "dataActions": { + "value": [ + "Microsoft.Storage/storageAccounts/blobServices/*/read" + ] + }, + "description": { + "value": "Test Custom Role Definition Standard (management group scope)" + }, + "managementGroupId": { + "value": "<>" + }, + "notActions": { + "value": [ + "Microsoft.Compute/images/delete", + "Microsoft.Compute/images/write", + "Microsoft.Network/virtualNetworks/subnets/join/action" + ] + }, + "notDataActions": { + "value": [ + "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read" + ] } + } } ``` @@ -339,25 +339,25 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "roleName": { - "value": "<>-az-testRole-rg-min" - }, - "actions": { - "value": [ - "Microsoft.Compute/galleries/read", - "Microsoft.Compute/galleries/images/read" - ] - }, - "subscriptionId": { - "value": "<>" - }, - "resourceGroupName": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "roleName": { + "value": "<>-az-testRole-rg-min" + }, + "actions": { + "value": [ + "Microsoft.Compute/galleries/images/read", + "Microsoft.Compute/galleries/read" + ] + }, + "resourceGroupName": { + "value": "<>" + }, + "subscriptionId": { + "value": "<>" } + } } ``` @@ -409,50 +409,50 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "roleName": { - "value": "<>-az-testRole-rg" - }, - "description": { - "value": "Test Custom Role Definition Standard (resource group scope)" - }, - "actions": { - "value": [ - "Microsoft.Compute/galleries/*", - "Microsoft.Network/virtualNetworks/read" - ] - }, - "notActions": { - "value": [ - "Microsoft.Compute/images/write", - "Microsoft.Compute/images/delete", - "Microsoft.Network/virtualNetworks/subnets/join/action" - ] - }, - "dataActions": { - "value": [ - "Microsoft.Storage/storageAccounts/blobServices/*/read" - ] - }, - "notDataActions": { - "value": [ - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read" - ] - }, - "assignableScopes": { - "value": [ - "/subscriptions/<>/resourceGroups/<>" - ] - }, - "subscriptionId": { - "value": "<>" - }, - "resourceGroupName": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "roleName": { + "value": "<>-az-testRole-rg" + }, + "actions": { + "value": [ + "Microsoft.Compute/galleries/*", + "Microsoft.Network/virtualNetworks/read" + ] + }, + "assignableScopes": { + "value": [ + "/subscriptions/<>/resourceGroups/<>" + ] + }, + "dataActions": { + "value": [ + "Microsoft.Storage/storageAccounts/blobServices/*/read" + ] + }, + "description": { + "value": "Test Custom Role Definition Standard (resource group scope)" + }, + "notActions": { + "value": [ + "Microsoft.Compute/images/delete", + "Microsoft.Compute/images/write", + "Microsoft.Network/virtualNetworks/subnets/join/action" + ] + }, + "notDataActions": { + "value": [ + "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read" + ] + }, + "resourceGroupName": { + "value": "<>" + }, + "subscriptionId": { + "value": "<>" } + } } ``` @@ -488,22 +488,22 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "roleName": { - "value": "<>-az-testRole-sub-min" - }, - "actions": { - "value": [ - "Microsoft.Compute/galleries/read", - "Microsoft.Compute/galleries/images/read" - ] - }, - "subscriptionId": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "roleName": { + "value": "<>-az-testRole-sub-min" + }, + "actions": { + "value": [ + "Microsoft.Compute/galleries/images/read", + "Microsoft.Compute/galleries/read" + ] + }, + "subscriptionId": { + "value": "<>" } + } } ``` @@ -554,47 +554,47 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "roleName": { - "value": "<>-az-testRole-sub" - }, - "description": { - "value": "Test Custom Role Definition Standard (subscription scope)" - }, - "actions": { - "value": [ - "Microsoft.Compute/galleries/*", - "Microsoft.Network/virtualNetworks/read" - ] - }, - "notActions": { - "value": [ - "Microsoft.Compute/images/write", - "Microsoft.Compute/images/delete", - "Microsoft.Network/virtualNetworks/subnets/join/action" - ] - }, - "dataActions": { - "value": [ - "Microsoft.Storage/storageAccounts/blobServices/*/read" - ] - }, - "notDataActions": { - "value": [ - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read" - ] - }, - "assignableScopes": { - "value": [ - "/subscriptions/<>" - ] - }, - "subscriptionId": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "roleName": { + "value": "<>-az-testRole-sub" + }, + "actions": { + "value": [ + "Microsoft.Compute/galleries/*", + "Microsoft.Network/virtualNetworks/read" + ] + }, + "assignableScopes": { + "value": [ + "/subscriptions/<>" + ] + }, + "dataActions": { + "value": [ + "Microsoft.Storage/storageAccounts/blobServices/*/read" + ] + }, + "description": { + "value": "Test Custom Role Definition Standard (subscription scope)" + }, + "notActions": { + "value": [ + "Microsoft.Compute/images/delete", + "Microsoft.Compute/images/write", + "Microsoft.Network/virtualNetworks/subnets/join/action" + ] + }, + "notDataActions": { + "value": [ + "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read" + ] + }, + "subscriptionId": { + "value": "<>" } + } } ``` diff --git a/modules/Microsoft.Automation/automationAccounts/readme.md b/modules/Microsoft.Automation/automationAccounts/readme.md index 8229af4de5..7b87003dca 100644 --- a/modules/Microsoft.Automation/automationAccounts/readme.md +++ b/modules/Microsoft.Automation/automationAccounts/readme.md @@ -377,33 +377,33 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-aut-encr-001" - }, - "encryptionKeySource": { - "value": "Microsoft.Keyvault" - }, - "encryptionUserAssignedIdentity": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" // this identity needs to be one of the identities defined in userAssignedIdentities section - }, - "keyName": { - "value": "keyEncryptionKey" - }, - "keyvaultUri": { - "value": "https://adp-<>-az-kv-nopr-002.vault.azure.net/" - }, - "keyVersion": { - "value": "9917c14be51d4d93b37218de7d326f60" - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-aut-encr-001" + }, + "encryptionKeySource": { + "value": "Microsoft.Keyvault" + }, + "encryptionUserAssignedIdentity": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" + }, + "keyName": { + "value": "keyEncryptionKey" + }, + "keyvaultUri": { + "value": "https://adp-<>-az-kv-nopr-002.vault.azure.net/" + }, + "keyVersion": { + "value": "9917c14be51d4d93b37218de7d326f60" + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` @@ -434,13 +434,13 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-aut-min-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-aut-min-001" } + } } ``` @@ -625,203 +625,203 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-aut-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "schedules": { - "value": [ - { - "name": "TestSchedule", - "startTime": "", - "expiryTime": "9999-12-31T13:00", - "interval": 15, - "frequency": "Minute", - "timeZone": "Europe/Berlin", - "advancedSchedule": {} - } - ] - }, - "modules": { - "value": [ - { - "name": "PSWindowsUpdate", - "version": "latest", - "uri": "https://www.powershellgallery.com/api/v2/package" - } - ] - }, - "runbooks": { - "value": [ - { - "name": "TestRunbook", - "runbookType": "PowerShell", - "description": "Test runbook", - "uri": "https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.automation/101-automation/scripts/AzureAutomationTutorial.ps1", - "version": "1.0.0.0" - } - ] - }, - "jobSchedules": { - "value": [ - { - "scheduleName": "TestSchedule", - "runbookName": "TestRunbook" - } - ] - }, - "variables": { - "value": [ - { - "name": "TestString", - "value": "\"TestString\"", - "description": "TestStringDescription" - }, - { - "name": "TestInteger", - "value": "500", - "description": "TestIntegerDescription" - }, - { - "name": "TestBoolean", - "value": "false", - "description": "TestBooleanDescription" - }, - { - "name": "TestDateTime", - "value": "\"\\/Date(1637934042656)\\/\"", - "description": "TestDateTimeDescription", - "isEncrypted": false - }, - { - "name": "TestEncryptedVariable", - "value": "\"TestEncryptedValue\"", - "description": "TestEncryptedDescription" - } - ] - }, - "linkedWorkspaceResourceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-aut-001" - }, - "gallerySolutions": { - "value": [ - { - "name": "Updates", - "product": "OMSGallery", - "publisher": "Microsoft" - } - ] - }, - "softwareUpdateConfigurations": { - "value": [ - { - "name": "Windows_ZeroDay", - "frequency": "Month", - "operatingSystem": "Windows", - "rebootSetting": "IfRequired", - "scopeByTags": { - "Update": [ - "Automatic-Wave1" - ] - }, - "maintenanceWindow": "PT4H", - "updateClassifications": [ - "Critical", - "Security", - "UpdateRollup", - "FeaturePack", - "ServicePack", - "Definition", - "Tools", - "Updates" - ], - "includeUpdates": [ - "654321" - ], - "excludeUpdates": [ - "123456" - ], - "interval": 1, - "monthlyOccurrences": [ - { - "occurrence": 3, - "day": "Friday" - } - ], - "startTime": "22:00" - }, - { - "name": "Linux_ZeroDay", - "frequency": "OneTime", - "operatingSystem": "Linux", - "rebootSetting": "IfRequired", - "maintenanceWindow": "PT4H", - "updateClassifications": [ - "Critical", - "Security", - "Other" - ], - "includeUpdates": [ - "kernel" - ], - "excludeUpdates": [ - "icacls" - ], - "startTime": "22:00" - } - ] - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "Webhook" - }, - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "DSCAndHybridWorker" - } - ] - }, - "systemAssignedIdentity": { - "value": true + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-aut-x-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "gallerySolutions": { + "value": [ + { + "name": "Updates", + "product": "OMSGallery", + "publisher": "Microsoft" + } + ] + }, + "jobSchedules": { + "value": [ + { + "runbookName": "TestRunbook", + "scheduleName": "TestSchedule" + } + ] + }, + "linkedWorkspaceResourceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-aut-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "modules": { + "value": [ + { + "name": "PSWindowsUpdate", + "uri": "https://www.powershellgallery.com/api/v2/package", + "version": "latest" + } + ] + }, + "privateEndpoints": { + "value": [ + { + "service": "Webhook", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + { + "service": "DSCAndHybridWorker", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "runbooks": { + "value": [ + { + "description": "Test runbook", + "name": "TestRunbook", + "runbookType": "PowerShell", + "uri": "https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.automation/101-automation/scripts/AzureAutomationTutorial.ps1", + "version": "1.0.0.0" + } + ] + }, + "schedules": { + "value": [ + { + "advancedSchedule": {}, + "expiryTime": "9999-12-31T13:00", + "frequency": "Minute", + "interval": 15, + "name": "TestSchedule", + "startTime": "", + "timeZone": "Europe/Berlin" + } + ] + }, + "softwareUpdateConfigurations": { + "value": [ + { + "excludeUpdates": [ + "123456" + ], + "frequency": "Month", + "includeUpdates": [ + "654321" + ], + "interval": 1, + "maintenanceWindow": "PT4H", + "monthlyOccurrences": [ + { + "day": "Friday", + "occurrence": 3 } - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } + ], + "name": "Windows_ZeroDay", + "operatingSystem": "Windows", + "rebootSetting": "IfRequired", + "scopeByTags": { + "Update": [ + "Automatic-Wave1" ] + }, + "startTime": "22:00", + "updateClassifications": [ + "Critical", + "Definition", + "FeaturePack", + "Security", + "ServicePack", + "Tools", + "UpdateRollup", + "Updates" + ] }, - "diagnosticLogsRetentionInDays": { - "value": 7 + { + "excludeUpdates": [ + "icacls" + ], + "frequency": "OneTime", + "includeUpdates": [ + "kernel" + ], + "maintenanceWindow": "PT4H", + "name": "Linux_ZeroDay", + "operatingSystem": "Linux", + "rebootSetting": "IfRequired", + "startTime": "22:00", + "updateClassifications": [ + "Critical", + "Other", + "Security" + ] + } + ] + }, + "systemAssignedIdentity": { + "value": true + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } + }, + "variables": { + "value": [ + { + "description": "TestStringDescription", + "name": "TestString", + "value": "\"TestString\"" }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + { + "description": "TestIntegerDescription", + "name": "TestInteger", + "value": "500" }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + { + "description": "TestBooleanDescription", + "name": "TestBoolean", + "value": "false" }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + { + "description": "TestDateTimeDescription", + "isEncrypted": false, + "name": "TestDateTime", + "value": "\"\\/Date(1637934042656)\\/\"" }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + { + "description": "TestEncryptedDescription", + "name": "TestEncryptedVariable", + "value": "\"TestEncryptedValue\"" } + ] } + } } ``` diff --git a/modules/Microsoft.Batch/batchAccounts/readme.md b/modules/Microsoft.Batch/batchAccounts/readme.md index a93ad421a7..494a6fd83e 100644 --- a/modules/Microsoft.Batch/batchAccounts/readme.md +++ b/modules/Microsoft.Batch/batchAccounts/readme.md @@ -165,16 +165,16 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>azbaweumin001" - }, - "storageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>azbaweumin001" + }, + "storageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" } + } } ``` @@ -216,46 +216,46 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>azbaweux001" - }, - "lock": { - "value": "CanNotDelete" - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "poolAllocationMode": { - "value": "BatchService" - }, - "storageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "systemAssignedIdentity": { - "value": true - }, - "storageAuthenticationMode": { - "value": "BatchAccountManagedIdentity" - }, - "storageAccessIdentity": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>azbaweux001" + }, + "storageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "poolAllocationMode": { + "value": "BatchService" + }, + "storageAccessIdentity": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" + }, + "storageAuthenticationMode": { + "value": "BatchAccountManagedIdentity" + }, + "systemAssignedIdentity": { + "value": true } + } } ``` diff --git a/modules/Microsoft.CognitiveServices/accounts/readme.md b/modules/Microsoft.CognitiveServices/accounts/readme.md index bc161ba146..ad13a8719c 100644 --- a/modules/Microsoft.CognitiveServices/accounts/readme.md +++ b/modules/Microsoft.CognitiveServices/accounts/readme.md @@ -443,38 +443,38 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-cgs-encr-001" - }, - "kind": { - "value": "SpeechServices" - }, - "sku": { - "value": "S0" - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "publicNetworkAccess": { - "value": "Enabled" - }, - "encryption": { - "value": { - "keySource": "Microsoft.KeyVault", - "keyVaultProperties": { - "identityClientId": "c907a696-36f4-49fe-b926-39e3aabba814", // ID must be updated for new identity - "keyVaultUri": "https://adp-<>-az-kv-nopr-002.vault.azure.net/", - "keyName": "keyEncryptionKey", - "keyversion": "4570a207ec394a0bbbe4fc9adc663a51" // Version must be updated for new keys - } - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "kind": { + "value": "SpeechServices" + }, + "name": { + "value": "<>-az-cgs-encr-001" + }, + "encryption": { + "value": { + "keySource": "Microsoft.KeyVault", + "keyVaultProperties": { + "identityClientId": "c907a696-36f4-49fe-b926-39e3aabba814", + "keyName": "keyEncryptionKey", + "keyVaultUri": "https://adp-<>-az-kv-nopr-002.vault.azure.net/", + "keyversion": "4570a207ec394a0bbbe4fc9adc663a51" } + } + }, + "publicNetworkAccess": { + "value": "Enabled" + }, + "sku": { + "value": "S0" + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` @@ -506,16 +506,16 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-cgs-min-001" - }, - "kind": { - "value": "SpeechServices" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "kind": { + "value": "SpeechServices" + }, + "name": { + "value": "<>-az-cgs-min-001" } + } } ``` @@ -576,69 +576,69 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-cgs-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "kind": { - "value": "Face" - }, - "sku": { - "value": "S0" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "networkAcls": { - "value": { - "defaultAction": "deny", - "virtualNetworkRules": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001", - "action": "Allow" - } - ] - } - }, - "customSubDomainName": { - "value": "<>xdomain" - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "kind": { + "value": "Face" + }, + "name": { + "value": "<>-az-cgs-x-001" + }, + "customSubDomainName": { + "value": "<>xdomain" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "networkAcls": { + "value": { + "defaultAction": "deny", + "virtualNetworkRules": [ + { + "action": "Allow", + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" + } + ] + } + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "sku": { + "value": "S0" + }, + "systemAssignedIdentity": { + "value": true + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` @@ -682,38 +682,38 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-cgs-speech-001" - }, - "kind": { - "value": "SpeechServices" - }, - "sku": { - "value": "S0" - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "customSubDomainName": { - "value": "<>speechdomain" - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "account" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "kind": { + "value": "SpeechServices" + }, + "name": { + "value": "<>-az-cgs-speech-001" + }, + "customSubDomainName": { + "value": "<>speechdomain" + }, + "privateEndpoints": { + "value": [ + { + "service": "account", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" } + ] + }, + "sku": { + "value": "S0" + }, + "systemAssignedIdentity": { + "value": true + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` diff --git a/modules/Microsoft.Compute/availabilitySets/readme.md b/modules/Microsoft.Compute/availabilitySets/readme.md index 2d1e24a7b1..2fabcc67dc 100644 --- a/modules/Microsoft.Compute/availabilitySets/readme.md +++ b/modules/Microsoft.Compute/availabilitySets/readme.md @@ -173,13 +173,13 @@ module availabilitySets './Microsoft.Compute/availabilitySets/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-avs-min-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-avs-min-001" } + } } ``` @@ -220,29 +220,29 @@ module availabilitySets './Microsoft.Compute/availabilitySets/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-avs-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "proximityPlacementGroupId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/proximityPlacementGroups/adp-<>-az-ppg-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-avs-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "proximityPlacementGroupId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/proximityPlacementGroups/adp-<>-az-ppg-x-001" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Compute/diskEncryptionSets/readme.md b/modules/Microsoft.Compute/diskEncryptionSets/readme.md index d105a2ac37..f097ea3ff1 100644 --- a/modules/Microsoft.Compute/diskEncryptionSets/readme.md +++ b/modules/Microsoft.Compute/diskEncryptionSets/readme.md @@ -185,29 +185,29 @@ module diskEncryptionSets './Microsoft.Compute/diskEncryptionSets/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-des-x-001" - }, - "keyVaultResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "keyName": { - "value": "keyEncryptionKey" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "keyName": { + "value": "keyEncryptionKey" + }, + "keyVaultResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" + }, + "name": { + "value": "<>-az-des-x-001" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Compute/disks/readme.md b/modules/Microsoft.Compute/disks/readme.md index c4290d0422..e0034812c7 100644 --- a/modules/Microsoft.Compute/disks/readme.md +++ b/modules/Microsoft.Compute/disks/readme.md @@ -200,32 +200,32 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-disk-image-001" - }, - "sku": { - "value": "Standard_LRS" - }, - "createOption": { - "value": "FromImage" - }, - "imageReferenceId": { - "value": "/Subscriptions/<>/Providers/Microsoft.Compute/Locations/westeurope/Publishers/MicrosoftWindowsServer/ArtifactTypes/VMImage/Offers/WindowsServer/Skus/2016-Datacenter/Versions/14393.4906.2112080838" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-disk-image-001" + }, + "sku": { + "value": "Standard_LRS" + }, + "createOption": { + "value": "FromImage" + }, + "imageReferenceId": { + "value": "/Subscriptions/<>/Providers/Microsoft.Compute/Locations/westeurope/Publishers/MicrosoftWindowsServer/ArtifactTypes/VMImage/Offers/WindowsServer/Skus/2016-Datacenter/Versions/14393.4906.2112080838" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` @@ -268,35 +268,35 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-disk-import-001" - }, - "sku": { - "value": "Standard_LRS" - }, - "createOption": { - "value": "Import" - }, - "sourceUri": { - "value": "https://adp<>azsax001.blob.core.windows.net/vhds/adp-<>-az-imgt-x-001.vhd" - }, - "storageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-disk-import-001" + }, + "sku": { + "value": "Standard_LRS" + }, + "createOption": { + "value": "Import" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "sourceUri": { + "value": "https://adp<>azsax001.blob.core.windows.net/vhds/adp-<>-az-imgt-x-001.vhd" + }, + "storageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" } + } } ``` @@ -337,29 +337,29 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-disk-min-001" - }, - "sku": { - "value": "Standard_LRS" - }, - "diskSizeGB": { - "value": 1 - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-disk-min-001" + }, + "sku": { + "value": "Standard_LRS" + }, + "diskSizeGB": { + "value": 1 + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` @@ -406,47 +406,47 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-disk-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "sku": { - "value": "UltraSSD_LRS" - }, - "diskSizeGB": { - "value": 128 - }, - "logicalSectorSize": { - "value": 512 - }, - "diskIOPSReadWrite": { - "value": 500 - }, - "diskMBpsReadWrite": { - "value": 60 - }, - "osType": { - "value": "Windows" - }, - "publicNetworkAccess": { - "value": "Enabled" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-disk-x-001" + }, + "sku": { + "value": "UltraSSD_LRS" + }, + "diskIOPSReadWrite": { + "value": 500 + }, + "diskMBpsReadWrite": { + "value": 60 + }, + "diskSizeGB": { + "value": 128 + }, + "lock": { + "value": "CanNotDelete" + }, + "logicalSectorSize": { + "value": 512 + }, + "osType": { + "value": "Windows" + }, + "publicNetworkAccess": { + "value": "Enabled" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Compute/galleries/readme.md b/modules/Microsoft.Compute/galleries/readme.md index 0be885c0ea..2c38c1cf8a 100644 --- a/modules/Microsoft.Compute/galleries/readme.md +++ b/modules/Microsoft.Compute/galleries/readme.md @@ -211,54 +211,54 @@ module galleries './Microsoft.Compute/galleries/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>azsigweuimages001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>azsigweuimages001" + }, + "images": { + "value": [ + { + "name": "<>-az-imgd-x-003" }, - "images": { - "value": [ - { - "name": "<>-az-imgd-x-003" - }, - { - "name": "<>-az-imgd-x-001", - "osType": "Windows", - "osState": "Generalized", - "publisher": "MicrosoftWindowsServer", - "offer": "WindowsServer", - "sku": "2022-datacenter-azure-edition", - "minRecommendedvCPUs": 2, - "maxRecommendedvCPUs": 8, - "minRecommendedMemory": 4, - "maxRecommendedMemory": 16, - "hyperVGeneration": "V1", - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - { - "name": "<>-az-imgd-x-002", - "osType": "Linux", - "osState": "Generalized", - "publisher": "canonical", - "offer": "0001-com-ubuntu-server-focal", - "sku": "20_04-lts-gen2", - "minRecommendedvCPUs": 1, - "maxRecommendedvCPUs": 4, - "minRecommendedMemory": 4, - "maxRecommendedMemory": 32, - "hyperVGeneration": "V2" - } - ] + { + "hyperVGeneration": "V1", + "maxRecommendedMemory": 16, + "maxRecommendedvCPUs": 8, + "minRecommendedMemory": 4, + "minRecommendedvCPUs": 2, + "name": "<>-az-imgd-x-001", + "offer": "WindowsServer", + "osState": "Generalized", + "osType": "Windows", + "publisher": "MicrosoftWindowsServer", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "sku": "2022-datacenter-azure-edition" + }, + { + "hyperVGeneration": "V2", + "maxRecommendedMemory": 32, + "maxRecommendedvCPUs": 4, + "minRecommendedMemory": 4, + "minRecommendedvCPUs": 1, + "name": "<>-az-imgd-x-002", + "offer": "0001-com-ubuntu-server-focal", + "osState": "Generalized", + "osType": "Linux", + "publisher": "canonical", + "sku": "20_04-lts-gen2" } + ] } + } } ``` @@ -298,26 +298,26 @@ module galleries './Microsoft.Compute/galleries/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>azsigweux001" - }, - "lock": { - "value": "CanNotDelete" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>azsigweux001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Compute/images/readme.md b/modules/Microsoft.Compute/images/readme.md index ab92ac6bea..01cbd2354d 100644 --- a/modules/Microsoft.Compute/images/readme.md +++ b/modules/Microsoft.Compute/images/readme.md @@ -187,41 +187,41 @@ module images './Microsoft.Compute/images/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-img-x-001" - }, - "osAccountType": { - "value": "Premium_LRS" - }, - "osType": { - "value": "Windows" - }, - "osDiskBlobUri": { - "value": "https://adp<>azsax001.blob.core.windows.net/vhds/adp-<>-az-imgt-x-001.vhd" - }, - "osDiskCaching": { - "value": "ReadWrite" - }, - "zoneResilient": { - "value": true - }, - "hyperVGeneration": { - "value": "V1" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-img-x-001" + }, + "osAccountType": { + "value": "Premium_LRS" + }, + "osDiskBlobUri": { + "value": "https://adp<>azsax001.blob.core.windows.net/vhds/adp-<>-az-imgt-x-001.vhd" + }, + "osDiskCaching": { + "value": "ReadWrite" + }, + "osType": { + "value": "Windows" + }, + "hyperVGeneration": { + "value": "V1" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "zoneResilient": { + "value": true } + } } ``` diff --git a/modules/Microsoft.Compute/proximityPlacementGroups/readme.md b/modules/Microsoft.Compute/proximityPlacementGroups/readme.md index 805d5662ef..15d114119d 100644 --- a/modules/Microsoft.Compute/proximityPlacementGroups/readme.md +++ b/modules/Microsoft.Compute/proximityPlacementGroups/readme.md @@ -179,26 +179,26 @@ module proximityPlacementGroups './Microsoft.Compute/proximityPlacementGroups/de ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-ppg-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "lock": { + "value": "CanNotDelete" + }, + "name": { + "value": "<>-az-ppg-x-001" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md index dd20341f14..e8762be151 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md @@ -935,67 +935,67 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-scaleset-linux-min-001" - }, - "osDisk": { - "value": { - "createOption": "fromImage", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "adminUsername": { + "value": "scaleSetAdmin" + }, + "imageReference": { + "value": { + "offer": "UbuntuServer", + "publisher": "Canonical", + "sku": "18.04-LTS", + "version": "latest" + } + }, + "name": { + "value": "<>-scaleset-linux-min-001" + }, + "osDisk": { + "value": { + "createOption": "fromImage", + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } + } + }, + "osType": { + "value": "Linux" + }, + "skuName": { + "value": "Standard_B2s" + }, + "disablePasswordAuthentication": { + "value": true + }, + "nicConfigurations": { + "value": [ + { + "ipConfigurations": [ + { + "name": "ipconfig1", + "properties": { + "subnet": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" } + } } - }, - "osType": { - "value": "Linux" - }, - "skuName": { - "value": "Standard_B2s" - }, - "imageReference": { - "value": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "18.04-LTS", - "version": "latest" - } - }, - "adminUsername": { - "value": "scaleSetAdmin" - }, - "disablePasswordAuthentication": { - "value": true - }, - "publicKeys": { - "value": [ - { - "path": "/home/scaleSetAdmin/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure" - } - ] - }, - "nicConfigurations": { - "value": [ - { - "nicSuffix": "-nic01", - "ipConfigurations": [ - { - "name": "ipconfig1", - "properties": { - "subnet": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" - } - } - } - ] - } - ] + ], + "nicSuffix": "-nic01" + } + ] + }, + "publicKeys": { + "value": [ + { + "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure", + "path": "/home/scaleSetAdmin/.ssh/authorized_keys" } + ] } + } } ``` @@ -1144,193 +1144,193 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-scaleset-linux-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "vmNamePrefix": { - "value": "vmsslinvm" - }, - "skuName": { - "value": "Standard_B2s" - }, - "skuCapacity": { - "value": 1 - }, - "upgradePolicyMode": { - "value": "Manual" - }, - "vmPriority": { - "value": "Regular" - }, - "osDisk": { - "value": { - "createOption": "fromImage", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - } - }, - "availabilityZones": { - "value": [ - "2" - ] - }, - "scaleSetFaultDomain": { - "value": 1 - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "bootDiagnosticStorageAccountName": { - "value": "adp<>azsax001" - }, - "osType": { - "value": "Linux" - }, - "encryptionAtHost": { - "value": false - }, - "imageReference": { - "value": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "18.04-LTS", - "version": "latest" - } - }, - "adminUsername": { - "value": "scaleSetAdmin" - }, - "disablePasswordAuthentication": { - "value": true - }, - "publicKeys": { - "value": [ - { - "path": "/home/scaleSetAdmin/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure" - } - ] - }, - "dataDisks": { - "value": [ - { - "caching": "ReadOnly", - "createOption": "Empty", - "diskSizeGB": "256", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - }, - { - "caching": "ReadOnly", - "createOption": "Empty", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - } - ] - }, - "nicConfigurations": { - "value": [ - { - "nicSuffix": "-nic01", - "ipConfigurations": [ - { - "name": "ipconfig1", - "properties": { - "subnet": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" - } - } - } - ] - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "extensionMonitoringAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionDependencyAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionNetworkWatcherAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionDiskEncryptionConfig": { - "value": { - "enabled": true, - "settings": { - "EncryptionOperation": "EnableEncryption", - "KeyVaultURL": "https://adp-<>-az-kv-x-001.vault.azure.net/", - "KeyVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", - "KeyEncryptionKeyURL": "https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5", // ID must be updated for new keys - "KekVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", - "KeyEncryptionAlgorithm": "RSA-OAEP", - "VolumeType": "All", - "ResizeOSDisk": "false" - } - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "adminUsername": { + "value": "scaleSetAdmin" + }, + "imageReference": { + "value": { + "offer": "UbuntuServer", + "publisher": "Canonical", + "sku": "18.04-LTS", + "version": "latest" + } + }, + "name": { + "value": "<>-scaleset-linux-001" + }, + "osDisk": { + "value": { + "createOption": "fromImage", + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } + } + }, + "osType": { + "value": "Linux" + }, + "skuName": { + "value": "Standard_B2s" + }, + "availabilityZones": { + "value": [ + "2" + ] + }, + "bootDiagnosticStorageAccountName": { + "value": "adp<>azsax001" + }, + "dataDisks": { + "value": [ + { + "caching": "ReadOnly", + "createOption": "Empty", + "diskSizeGB": "256", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } }, - "extensionCustomScriptConfig": { - "value": { - "enabled": true, - "fileData": [ - { - "uri": "https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1", - "storageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - } - ], - "protectedSettings": { - "commandToExecute": "sudo apt-get update" + { + "caching": "ReadOnly", + "createOption": "Empty", + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } + } + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "disablePasswordAuthentication": { + "value": true + }, + "encryptionAtHost": { + "value": false + }, + "extensionCustomScriptConfig": { + "value": { + "enabled": true, + "fileData": [ + { + "storageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", + "uri": "https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1" + } + ], + "protectedSettings": { + "commandToExecute": "sudo apt-get update" + } + } + }, + "extensionDependencyAgentConfig": { + "value": { + "enabled": true + } + }, + "extensionDiskEncryptionConfig": { + "value": { + "enabled": true, + "settings": { + "EncryptionOperation": "EnableEncryption", + "KekVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", + "KeyEncryptionAlgorithm": "RSA-OAEP", + "KeyEncryptionKeyURL": "https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5", + "KeyVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", + "KeyVaultURL": "https://adp-<>-az-kv-x-001.vault.azure.net/", + "ResizeOSDisk": "false", + "VolumeType": "All" + } + } + }, + "extensionMonitoringAgentConfig": { + "value": { + "enabled": true + } + }, + "extensionNetworkWatcherAgentConfig": { + "value": { + "enabled": true + } + }, + "lock": { + "value": "CanNotDelete" + }, + "nicConfigurations": { + "value": [ + { + "ipConfigurations": [ + { + "name": "ipconfig1", + "properties": { + "subnet": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" } + } } + ], + "nicSuffix": "-nic01" + } + ] + }, + "publicKeys": { + "value": [ + { + "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure", + "path": "/home/scaleSetAdmin/.ssh/authorized_keys" } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "scaleSetFaultDomain": { + "value": 1 + }, + "skuCapacity": { + "value": 1 + }, + "systemAssignedIdentity": { + "value": true + }, + "upgradePolicyMode": { + "value": "Manual" + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } + }, + "vmNamePrefix": { + "value": "vmsslinvm" + }, + "vmPriority": { + "value": "Regular" } + } } ``` @@ -1398,69 +1398,69 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-scaleset-win-min-001" - }, - "skuName": { - "value": "Standard_B2s" - }, - "osDisk": { - "value": { - "createOption": "fromImage", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "adminUsername": { + "reference": { + "keyVault": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" + }, + "secretName": "adminUsername" + } + }, + "imageReference": { + "value": { + "offer": "WindowsServer", + "publisher": "MicrosoftWindowsServer", + "sku": "2016-Datacenter", + "version": "latest" + } + }, + "name": { + "value": "<>-scaleset-win-min-001" + }, + "osDisk": { + "value": { + "createOption": "fromImage", + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } + } + }, + "osType": { + "value": "Windows" + }, + "skuName": { + "value": "Standard_B2s" + }, + "adminPassword": { + "reference": { + "keyVault": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" + }, + "secretName": "adminPassword" + } + }, + "nicConfigurations": { + "value": [ + { + "ipConfigurations": [ + { + "name": "ipconfig1", + "properties": { + "subnet": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" } + } } - }, - "osType": { - "value": "Windows" - }, - "imageReference": { - "value": { - "publisher": "MicrosoftWindowsServer", - "offer": "WindowsServer", - "sku": "2016-Datacenter", - "version": "latest" - } - }, - "adminUsername": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "adminUsername" - } - }, - "adminPassword": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "adminPassword" - } - }, - "nicConfigurations": { - "value": [ - { - "nicSuffix": "-nic01", - "ipConfigurations": [ - { - "name": "ipconfig1", - "properties": { - "subnet": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" - } - } - } - ] - } - ] + ], + "nicSuffix": "-nic01" } + ] } + } } ``` @@ -1606,189 +1606,189 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-scaleset-win-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "vmNamePrefix": { - "value": "vmsswinvm" - }, - "skuName": { - "value": "Standard_B2s" - }, - "skuCapacity": { - "value": 1 - }, - "upgradePolicyMode": { - "value": "Manual" - }, - "vmPriority": { - "value": "Regular" - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "osDisk": { - "value": { - "createOption": "fromImage", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - } - }, - "osType": { - "value": "Windows" - }, - "encryptionAtHost": { - "value": false - }, - "imageReference": { - "value": { - "publisher": "MicrosoftWindowsServer", - "offer": "WindowsServer", - "sku": "2016-Datacenter", - "version": "latest" - } - }, - "adminUsername": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "adminUsername" - } - }, - "adminPassword": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "adminPassword" - } - }, - "nicConfigurations": { - "value": [ - { - "nicSuffix": "-nic01", - "ipConfigurations": [ - { - "name": "ipconfig1", - "properties": { - "subnet": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" - } - } - } - ] - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "extensionAntiMalwareConfig": { - "value": { - "enabled": true, - "settings": { - "AntimalwareEnabled": true, - "Exclusions": { - "Extensions": ".log;.ldf", - "Paths": "D:\\IISlogs;D:\\DatabaseLogs", - "Processes": "mssence.svc" - }, - "RealtimeProtectionEnabled": true, - "ScheduledScanSettings": { - "isEnabled": "true", - "scanType": "Quick", - "day": "7", - "time": "120" - } - } - } - }, - "extensionMonitoringAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionDependencyAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionNetworkWatcherAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionDiskEncryptionConfig": { - "value": { - "enabled": true, - "settings": { - "EncryptionOperation": "EnableEncryption", - "KeyVaultURL": "https://adp-<>-az-kv-x-001.vault.azure.net/", - "KeyVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", - "KeyEncryptionKeyURL": "https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5", // ID must be updated for new keys - "KekVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", - "KeyEncryptionAlgorithm": "RSA-OAEP", - "VolumeType": "All", - "ResizeOSDisk": "false" - } - } - }, - "extensionDSCConfig": { - "value": { - "enabled": true - } - }, - "extensionCustomScriptConfig": { - "value": { - "enabled": true, - "fileData": [ - { - "uri": "https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1", - "storageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - } - ], - "protectedSettings": { - "commandToExecute": "powershell -ExecutionPolicy Unrestricted -Command \"& .\\scriptExtensionMasterInstaller.ps1\"" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "adminUsername": { + "reference": { + "keyVault": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" + }, + "secretName": "adminUsername" + } + }, + "imageReference": { + "value": { + "offer": "WindowsServer", + "publisher": "MicrosoftWindowsServer", + "sku": "2016-Datacenter", + "version": "latest" + } + }, + "name": { + "value": "<>-scaleset-win-001" + }, + "osDisk": { + "value": { + "createOption": "fromImage", + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } + } + }, + "osType": { + "value": "Windows" + }, + "skuName": { + "value": "Standard_B2s" + }, + "adminPassword": { + "reference": { + "keyVault": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" + }, + "secretName": "adminPassword" + } + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "encryptionAtHost": { + "value": false + }, + "extensionAntiMalwareConfig": { + "value": { + "enabled": true, + "settings": { + "AntimalwareEnabled": true, + "Exclusions": { + "Extensions": ".log;.ldf", + "Paths": "D:\\IISlogs;D:\\DatabaseLogs", + "Processes": "mssence.svc" + }, + "RealtimeProtectionEnabled": true, + "ScheduledScanSettings": { + "day": "7", + "isEnabled": "true", + "scanType": "Quick", + "time": "120" + } + } + } + }, + "extensionCustomScriptConfig": { + "value": { + "enabled": true, + "fileData": [ + { + "storageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", + "uri": "https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1" + } + ], + "protectedSettings": { + "commandToExecute": "powershell -ExecutionPolicy Unrestricted -Command \"& .\\scriptExtensionMasterInstaller.ps1\"" + } + } + }, + "extensionDependencyAgentConfig": { + "value": { + "enabled": true + } + }, + "extensionDiskEncryptionConfig": { + "value": { + "enabled": true, + "settings": { + "EncryptionOperation": "EnableEncryption", + "KekVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", + "KeyEncryptionAlgorithm": "RSA-OAEP", + "KeyEncryptionKeyURL": "https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5", + "KeyVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", + "KeyVaultURL": "https://adp-<>-az-kv-x-001.vault.azure.net/", + "ResizeOSDisk": "false", + "VolumeType": "All" + } + } + }, + "extensionDSCConfig": { + "value": { + "enabled": true + } + }, + "extensionMonitoringAgentConfig": { + "value": { + "enabled": true + } + }, + "extensionNetworkWatcherAgentConfig": { + "value": { + "enabled": true + } + }, + "lock": { + "value": "CanNotDelete" + }, + "nicConfigurations": { + "value": [ + { + "ipConfigurations": [ + { + "name": "ipconfig1", + "properties": { + "subnet": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" } + } } + ], + "nicSuffix": "-nic01" + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "skuCapacity": { + "value": 1 + }, + "systemAssignedIdentity": { + "value": true + }, + "upgradePolicyMode": { + "value": "Manual" + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } + }, + "vmNamePrefix": { + "value": "vmsswinvm" + }, + "vmPriority": { + "value": "Regular" } + } } ``` diff --git a/modules/Microsoft.Compute/virtualMachines/readme.md b/modules/Microsoft.Compute/virtualMachines/readme.md index b26ef958c6..1f57a20a90 100644 --- a/modules/Microsoft.Compute/virtualMachines/readme.md +++ b/modules/Microsoft.Compute/virtualMachines/readme.md @@ -1061,68 +1061,68 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-vm-linux-autmg-01" - }, - "osType": { - "value": "Linux" - }, - "imageReference": { - "value": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "18.04-LTS", - "version": "latest" - } - }, - "osDisk": { - "value": { - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "adminUsername": { + "value": "localAdminUser" + }, + "imageReference": { + "value": { + "offer": "UbuntuServer", + "publisher": "Canonical", + "sku": "18.04-LTS", + "version": "latest" + } + }, + "nicConfigurations": { + "value": [ + { + "ipConfigurations": [ + { + "name": "ipconfig01", + "pipConfiguration": { + "publicIpNameSuffix": "-pip-01" + }, + "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" } - }, - "vmSize": { - "value": "Standard_B12ms" - }, - "adminUsername": { - "value": "localAdminUser" - }, - "disablePasswordAuthentication": { - "value": true - }, - "publicKeys": { - "value": [ - { - "path": "/home/localAdminUser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure" - } - ] - }, - "nicConfigurations": { - "value": [ - { - "nicSuffix": "-nic-01", - "ipConfigurations": [ - { - "name": "ipconfig01", - "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001", - "pipConfiguration": { - "publicIpNameSuffix": "-pip-01" - } - } - ] - } - ] - }, - "configurationProfile": { - "value": "/providers/Microsoft.Automanage/bestPractices/AzureBestPracticesProduction" + ], + "nicSuffix": "-nic-01" + } + ] + }, + "osDisk": { + "value": { + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } + } + }, + "osType": { + "value": "Linux" + }, + "vmSize": { + "value": "Standard_B12ms" + }, + "configurationProfile": { + "value": "/providers/Microsoft.Automanage/bestPractices/AzureBestPracticesProduction" + }, + "disablePasswordAuthentication": { + "value": true + }, + "name": { + "value": "<>-vm-linux-autmg-01" + }, + "publicKeys": { + "value": [ + { + "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure", + "path": "/home/localAdminUser/.ssh/authorized_keys" } + ] } + } } ``` @@ -1189,65 +1189,65 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-vm-linux-min-01" - }, - "osType": { - "value": "Linux" - }, - "imageReference": { - "value": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "18.04-LTS", - "version": "latest" - } - }, - "osDisk": { - "value": { - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "adminUsername": { + "value": "localAdminUser" + }, + "imageReference": { + "value": { + "offer": "UbuntuServer", + "publisher": "Canonical", + "sku": "18.04-LTS", + "version": "latest" + } + }, + "nicConfigurations": { + "value": [ + { + "ipConfigurations": [ + { + "name": "ipconfig01", + "pipConfiguration": { + "publicIpNameSuffix": "-pip-01" + }, + "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" } - }, - "vmSize": { - "value": "Standard_B12ms" - }, - "adminUsername": { - "value": "localAdminUser" - }, - "disablePasswordAuthentication": { - "value": true - }, - "publicKeys": { - "value": [ - { - "path": "/home/localAdminUser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure" - } - ] - }, - "nicConfigurations": { - "value": [ - { - "nicSuffix": "-nic-01", - "ipConfigurations": [ - { - "name": "ipconfig01", - "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001", - "pipConfiguration": { - "publicIpNameSuffix": "-pip-01" - } - } - ] - } - ] + ], + "nicSuffix": "-nic-01" + } + ] + }, + "osDisk": { + "value": { + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } + } + }, + "osType": { + "value": "Linux" + }, + "vmSize": { + "value": "Standard_B12ms" + }, + "disablePasswordAuthentication": { + "value": true + }, + "name": { + "value": "<>-vm-linux-min-01" + }, + "publicKeys": { + "value": [ + { + "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure", + "path": "/home/localAdminUser/.ssh/authorized_keys" } + ] } + } } ``` @@ -1425,222 +1425,222 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-vm-linux-01" - }, - "lock": { - "value": "CanNotDelete" - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "osType": { - "value": "Linux" - }, - "encryptionAtHost": { - "value": false - }, - "availabilityZone": { - "value": 1 - }, - "vmSize": { - "value": "Standard_B12ms" - }, - "imageReference": { - "value": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "18.04-LTS", - "version": "latest" - } - }, - "osDisk": { - "value": { - "createOption": "fromImage", - "deleteOption": "Delete", - "caching": "ReadOnly", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - } - }, - "dataDisks": { - "value": [ - { - "createOption": "Empty", - "deleteOption": "Delete", - "caching": "ReadWrite", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - }, - { - "createOption": "Empty", - "deleteOption": "Delete", - "caching": "ReadWrite", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - } - ] - }, - "adminUsername": { - "value": "localAdminUser" - }, - "disablePasswordAuthentication": { - "value": true - }, - "publicKeys": { - "value": [ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "adminUsername": { + "value": "localAdminUser" + }, + "imageReference": { + "value": { + "offer": "UbuntuServer", + "publisher": "Canonical", + "sku": "18.04-LTS", + "version": "latest" + } + }, + "nicConfigurations": { + "value": [ + { + "deleteOption": "Delete", + "ipConfigurations": [ + { + "applicationSecurityGroups": [ { - "path": "/home/localAdminUser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure" + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001" } - ] - }, - "nicConfigurations": { - "value": [ + ], + "loadBalancerBackendAddressPools": [ { - "nicSuffix": "-nic-01", - "deleteOption": "Delete", - "ipConfigurations": [ - { - "name": "ipconfig01", - "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001", - "pipConfiguration": { - "publicIpNameSuffix": "-pip-01", - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "loadBalancerBackendAddressPools": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers" - } - ], - "applicationSecurityGroups": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001" - } - ] - } - ], - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers" } - ] - }, - "backupVaultName": { - "value": "adp-<>-az-rsv-x-001" - }, - "backupVaultResourceGroup": { - "value": "validation-rg" - }, - "backupPolicyName": { - "value": "VMpolicy" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", + ], + "name": "ipconfig01", + "pipConfiguration": { + "publicIpNameSuffix": "-pip-01", + "roleAssignments": [ + { "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "extensionMonitoringAgentConfig": { - "value": { - "enabled": true - } - }, - "monitoringWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "extensionDependencyAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionNetworkWatcherAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionDiskEncryptionConfig": { - "value": { - "enabled": true, - "settings": { - "EncryptionOperation": "EnableEncryption", - "KeyVaultURL": "https://adp-<>-az-kv-x-001.vault.azure.net/", - "KeyVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", - "KeyEncryptionKeyURL": "https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5", // ID must be updated for new keys - "KekVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", - "KeyEncryptionAlgorithm": "RSA-OAEP", - "VolumeType": "All", - "ResizeOSDisk": "false" - } - } - }, - "extensionDSCConfig": { - "value": { - "enabled": false - } - }, - "extensionCustomScriptConfig": { - "value": { - "enabled": true, - "fileData": [ - { - "uri": "https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1", - "storageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - } + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } ] + }, + "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" } - }, - "extensionCustomScriptProtectedSetting": { - "value": { - "commandToExecute": "sudo apt-get update" + ], + "nicSuffix": "-nic-01", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + } + ] + }, + "osDisk": { + "value": { + "caching": "ReadOnly", + "createOption": "fromImage", + "deleteOption": "Delete", + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } + } + }, + "osType": { + "value": "Linux" + }, + "vmSize": { + "value": "Standard_B12ms" + }, + "availabilityZone": { + "value": 1 + }, + "backupPolicyName": { + "value": "VMpolicy" + }, + "backupVaultName": { + "value": "adp-<>-az-rsv-x-001" + }, + "backupVaultResourceGroup": { + "value": "validation-rg" + }, + "dataDisks": { + "value": [ + { + "caching": "ReadWrite", + "createOption": "Empty", + "deleteOption": "Delete", + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } + }, + { + "caching": "ReadWrite", + "createOption": "Empty", + "deleteOption": "Delete", + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } + } + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "disablePasswordAuthentication": { + "value": true + }, + "encryptionAtHost": { + "value": false + }, + "extensionCustomScriptConfig": { + "value": { + "enabled": true, + "fileData": [ + { + "storageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", + "uri": "https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1" + } + ] + } + }, + "extensionCustomScriptProtectedSetting": { + "value": { + "commandToExecute": "sudo apt-get update" + } + }, + "extensionDependencyAgentConfig": { + "value": { + "enabled": true + } + }, + "extensionDiskEncryptionConfig": { + "value": { + "enabled": true, + "settings": { + "EncryptionOperation": "EnableEncryption", + "KekVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", + "KeyEncryptionAlgorithm": "RSA-OAEP", + "KeyEncryptionKeyURL": "https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5", + "KeyVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", + "KeyVaultURL": "https://adp-<>-az-kv-x-001.vault.azure.net/", + "ResizeOSDisk": "false", + "VolumeType": "All" + } + } + }, + "extensionDSCConfig": { + "value": { + "enabled": false + } + }, + "extensionMonitoringAgentConfig": { + "value": { + "enabled": true + } + }, + "extensionNetworkWatcherAgentConfig": { + "value": { + "enabled": true + } + }, + "lock": { + "value": "CanNotDelete" + }, + "monitoringWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "name": { + "value": "<>-vm-linux-01" + }, + "publicKeys": { + "value": [ + { + "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure", + "path": "/home/localAdminUser/.ssh/authorized_keys" + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "systemAssignedIdentity": { + "value": true + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` @@ -1704,62 +1704,62 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-vm-win-03" - }, - "imageReference": { - "value": { - "publisher": "MicrosoftWindowsServer", - "offer": "WindowsServer", - "sku": "2019-Datacenter", - "version": "latest" - } - }, - "osType": { - "value": "Windows" - }, - "vmSize": { - "value": "Standard_B12ms" - }, - "osDisk": { - "value": { - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - } - }, - "adminUsername": { - "value": "localAdminUser" - }, - "adminPassword": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "adminPassword" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "adminUsername": { + "value": "localAdminUser" + }, + "imageReference": { + "value": { + "offer": "WindowsServer", + "publisher": "MicrosoftWindowsServer", + "sku": "2019-Datacenter", + "version": "latest" + } + }, + "nicConfigurations": { + "value": [ + { + "ipConfigurations": [ + { + "name": "ipconfig01", + "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" } - }, - "nicConfigurations": { - "value": [ - { - "nicSuffix": "-nic-01", - "ipConfigurations": [ - { - "name": "ipconfig01", - "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" - } - ] - } - ] - }, - "configurationProfile": { - "value": "/providers/Microsoft.Automanage/bestPractices/AzureBestPracticesProduction" + ], + "nicSuffix": "-nic-01" + } + ] + }, + "osDisk": { + "value": { + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" } + } + }, + "osType": { + "value": "Windows" + }, + "vmSize": { + "value": "Standard_B12ms" + }, + "adminPassword": { + "reference": { + "keyVault": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" + }, + "secretName": "adminPassword" + } + }, + "configurationProfile": { + "value": "/providers/Microsoft.Automanage/bestPractices/AzureBestPracticesProduction" + }, + "name": { + "value": "<>-vm-win-03" } + } } ``` @@ -1822,59 +1822,59 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-vm-win-02" - }, - "imageReference": { - "value": { - "publisher": "MicrosoftWindowsServer", - "offer": "WindowsServer", - "sku": "2022-datacenter-azure-edition", - "version": "latest" - } - }, - "osType": { - "value": "Windows" - }, - "vmSize": { - "value": "Standard_B12ms" - }, - "osDisk": { - "value": { - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - } - }, - "adminUsername": { - "value": "localAdminUser" - }, - "adminPassword": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "adminPassword" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "adminUsername": { + "value": "localAdminUser" + }, + "imageReference": { + "value": { + "offer": "WindowsServer", + "publisher": "MicrosoftWindowsServer", + "sku": "2022-datacenter-azure-edition", + "version": "latest" + } + }, + "nicConfigurations": { + "value": [ + { + "ipConfigurations": [ + { + "name": "ipconfig01", + "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" } - }, - "nicConfigurations": { - "value": [ - { - "nicSuffix": "-nic-01", - "ipConfigurations": [ - { - "name": "ipconfig01", - "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" - } - ] - } - ] + ], + "nicSuffix": "-nic-01" + } + ] + }, + "osDisk": { + "value": { + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" } + } + }, + "osType": { + "value": "Windows" + }, + "vmSize": { + "value": "Standard_B12ms" + }, + "adminPassword": { + "reference": { + "keyVault": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" + }, + "secretName": "adminPassword" + } + }, + "name": { + "value": "<>-vm-win-02" } + } } ``` @@ -2069,239 +2069,239 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-vm-win-01" - }, - "lock": { - "value": "CanNotDelete" - }, - "encryptionAtHost": { - "value": false - }, - "imageReference": { - "value": { - "publisher": "MicrosoftWindowsServer", - "offer": "WindowsServer", - "sku": "2019-Datacenter", - "version": "latest" - } - }, - "osType": { - "value": "Windows" - }, - "vmSize": { - "value": "Standard_B12ms" - }, - "osDisk": { - "value": { - "createOption": "fromImage", - "deleteOption": "Delete", - "caching": "None", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - } - }, - "dataDisks": { - "value": [ - { - "createOption": "Empty", - "deleteOption": "Delete", - "caching": "None", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - }, + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "adminUsername": { + "value": "localAdminUser" + }, + "imageReference": { + "value": { + "offer": "WindowsServer", + "publisher": "MicrosoftWindowsServer", + "sku": "2019-Datacenter", + "version": "latest" + } + }, + "nicConfigurations": { + "value": [ + { + "deleteOption": "Delete", + "ipConfigurations": [ + { + "applicationSecurityGroups": [ { - "createOption": "Empty", - "deleteOption": "Delete", - "caching": "None", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001" } - ] - }, - "availabilityZone": { - "value": 2 - }, - "adminUsername": { - "value": "localAdminUser" - }, - "adminPassword": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "adminPassword" - } - }, - "nicConfigurations": { - "value": [ + ], + "loadBalancerBackendAddressPools": [ { - "nicSuffix": "-nic-01", - "deleteOption": "Delete", - "ipConfigurations": [ - { - "name": "ipconfig01", - "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001", - "pipConfiguration": { - "publicIpNameSuffix": "-pip-01", - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "loadBalancerBackendAddressPools": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers" - } - ], - "applicationSecurityGroups": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001" - } - ] - } - ], - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers" } - ] - }, - "backupVaultName": { - "value": "adp-<>-az-rsv-x-001" - }, - "backupVaultResourceGroup": { - "value": "validation-rg" - }, - "backupPolicyName": { - "value": "VMpolicy" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", + ], + "name": "ipconfig01", + "pipConfiguration": { + "publicIpNameSuffix": "-pip-01", + "roleAssignments": [ + { "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "extensionAntiMalwareConfig": { - "value": { - "enabled": true, - "settings": { - "AntimalwareEnabled": "true", - "Exclusions": { - "Extensions": ".ext1;.ext2", - "Paths": "c:\\excluded-path-1;c:\\excluded-path-2", - "Processes": "excludedproc1.exe;excludedproc2.exe" - }, - "RealtimeProtectionEnabled": "true", - "ScheduledScanSettings": { - "isEnabled": "true", - "scanType": "Quick", - "day": "7", - "time": "120" - } - } - } - }, - "extensionMonitoringAgentConfig": { - "value": { - "enabled": true - } - }, - "monitoringWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "extensionDependencyAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionNetworkWatcherAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionDiskEncryptionConfig": { - "value": { - "enabled": true, - "settings": { - "EncryptionOperation": "EnableEncryption", - "KeyVaultURL": "https://adp-<>-az-kv-x-001.vault.azure.net/", - "KeyVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", - "KeyEncryptionKeyURL": "https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5", // ID must be updated for new keys - "KekVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", - "KeyEncryptionAlgorithm": "RSA-OAEP", - "VolumeType": "All", - "ResizeOSDisk": "false" - } + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" } - }, - "extensionDSCConfig": { - "value": { - "enabled": true + ], + "nicSuffix": "-nic-01", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + } + ] + }, + "osDisk": { + "value": { + "caching": "None", + "createOption": "fromImage", + "deleteOption": "Delete", + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } + } + }, + "osType": { + "value": "Windows" + }, + "vmSize": { + "value": "Standard_B12ms" + }, + "adminPassword": { + "reference": { + "keyVault": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" }, - "extensionCustomScriptConfig": { - "value": { - "enabled": true, - "fileData": [ - { - "uri": "https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1", - "storageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - } - ] - } + "secretName": "adminPassword" + } + }, + "availabilityZone": { + "value": 2 + }, + "backupPolicyName": { + "value": "VMpolicy" + }, + "backupVaultName": { + "value": "adp-<>-az-rsv-x-001" + }, + "backupVaultResourceGroup": { + "value": "validation-rg" + }, + "dataDisks": { + "value": [ + { + "caching": "None", + "createOption": "Empty", + "deleteOption": "Delete", + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } }, - "extensionCustomScriptProtectedSetting": { - "value": { - "commandToExecute": "powershell -ExecutionPolicy Unrestricted -Command \"& .\\scriptExtensionMasterInstaller.ps1\"" - } + { + "caching": "None", + "createOption": "Empty", + "deleteOption": "Delete", + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } + } + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "encryptionAtHost": { + "value": false + }, + "extensionAntiMalwareConfig": { + "value": { + "enabled": true, + "settings": { + "AntimalwareEnabled": "true", + "Exclusions": { + "Extensions": ".ext1;.ext2", + "Paths": "c:\\excluded-path-1;c:\\excluded-path-2", + "Processes": "excludedproc1.exe;excludedproc2.exe" + }, + "RealtimeProtectionEnabled": "true", + "ScheduledScanSettings": { + "day": "7", + "isEnabled": "true", + "scanType": "Quick", + "time": "120" + } + } + } + }, + "extensionCustomScriptConfig": { + "value": { + "enabled": true, + "fileData": [ + { + "storageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", + "uri": "https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1" + } + ] + } + }, + "extensionCustomScriptProtectedSetting": { + "value": { + "commandToExecute": "powershell -ExecutionPolicy Unrestricted -Command \"& .\\scriptExtensionMasterInstaller.ps1\"" + } + }, + "extensionDependencyAgentConfig": { + "value": { + "enabled": true + } + }, + "extensionDiskEncryptionConfig": { + "value": { + "enabled": true, + "settings": { + "EncryptionOperation": "EnableEncryption", + "KekVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", + "KeyEncryptionAlgorithm": "RSA-OAEP", + "KeyEncryptionKeyURL": "https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5", + "KeyVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", + "KeyVaultURL": "https://adp-<>-az-kv-x-001.vault.azure.net/", + "ResizeOSDisk": "false", + "VolumeType": "All" + } + } + }, + "extensionDSCConfig": { + "value": { + "enabled": true + } + }, + "extensionMonitoringAgentConfig": { + "value": { + "enabled": true + } + }, + "extensionNetworkWatcherAgentConfig": { + "value": { + "enabled": true + } + }, + "lock": { + "value": "CanNotDelete" + }, + "monitoringWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "name": { + "value": "<>-vm-win-01" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "systemAssignedIdentity": { + "value": true + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` diff --git a/modules/Microsoft.Consumption/budgets/readme.md b/modules/Microsoft.Consumption/budgets/readme.md index ddf256599c..358b9b0ff0 100644 --- a/modules/Microsoft.Consumption/budgets/readme.md +++ b/modules/Microsoft.Consumption/budgets/readme.md @@ -82,27 +82,27 @@ module budgets './Microsoft.Consumption/budgets/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "amount": { - "value": 500 - }, - "thresholds": { - "value": [ - 50, - 75, - 90, - 100, - 110 - ] - }, - "contactEmails": { - "value": [ - "dummy@contoso.com" - ] - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "amount": { + "value": 500 + }, + "contactEmails": { + "value": [ + "dummy@contoso.com" + ] + }, + "thresholds": { + "value": [ + 50, + 75, + 90, + 100, + 110 + ] } + } } ``` diff --git a/modules/Microsoft.ContainerInstance/containerGroups/readme.md b/modules/Microsoft.ContainerInstance/containerGroups/readme.md index 4a3ae786ee..b01d3bb8e8 100644 --- a/modules/Microsoft.ContainerInstance/containerGroups/readme.md +++ b/modules/Microsoft.ContainerInstance/containerGroups/readme.md @@ -211,42 +211,42 @@ module containerGroups './Microsoft.ContainerInstance/containerGroups/deploy.bic ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-acg-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "containerName": { - "value": "<>-az-aci-x-001" - }, - "image": { - "value": "mcr.microsoft.com/azuredocs/aci-helloworld" - }, - "ports": { - "value": [ - { - "protocol": "Tcp", - "port": "80" - }, - { - "protocol": "Tcp", - "port": "443" - } - ] - }, - "systemAssignedIdentity": { - "value": true + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "containerName": { + "value": "<>-az-aci-x-001" + }, + "image": { + "value": "mcr.microsoft.com/azuredocs/aci-helloworld" + }, + "name": { + "value": "<>-az-acg-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "ports": { + "value": [ + { + "port": "80", + "protocol": "Tcp" }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } + { + "port": "443", + "protocol": "Tcp" } + ] + }, + "systemAssignedIdentity": { + "value": true + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` diff --git a/modules/Microsoft.ContainerRegistry/registries/readme.md b/modules/Microsoft.ContainerRegistry/registries/readme.md index be9d19d0a9..85acc8eefc 100644 --- a/modules/Microsoft.ContainerRegistry/registries/readme.md +++ b/modules/Microsoft.ContainerRegistry/registries/readme.md @@ -362,33 +362,33 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>azacrencr001" - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "publicNetworkAccess": { - "value": "Disabled" - }, - "acrSku": { - "value": "Premium" - }, - "cMKUserAssignedIdentityResourceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" - }, - "cMKKeyVaultResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002" - }, - "cMKKeyName": { - "value": "keyEncryptionKey" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>azacrencr001" + }, + "acrSku": { + "value": "Premium" + }, + "cMKKeyName": { + "value": "keyEncryptionKey" + }, + "cMKKeyVaultResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002" + }, + "cMKUserAssignedIdentityResourceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" + }, + "publicNetworkAccess": { + "value": "Disabled" + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` @@ -419,13 +419,13 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>azacrmin001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>azacrmin001" } + } } ``` @@ -498,91 +498,91 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>azacrx001" - }, - "lock": { - "value": "CanNotDelete" - }, - "acrAdminUserEnabled": { - "value": false - }, - "acrSku": { - "value": "Premium" - }, - "exportPolicyStatus": { - "value": "enabled" - }, - "quarantinePolicyStatus": { - "value": "enabled" - }, - "trustPolicyStatus": { - "value": "enabled" - }, - "replications": { - "value": [ - { - "name": "northeurope", - "location": "northeurope" - } - ] - }, - "webhooks": { - "value": [ - { - "name": "<>azacrx001webhook", - "serviceUri": "https://www.contoso.com/webhook" - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "publicNetworkAccess": { - "value": "Disabled" - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "registry" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>azacrx001" + }, + "acrAdminUserEnabled": { + "value": false + }, + "acrSku": { + "value": "Premium" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "exportPolicyStatus": { + "value": "enabled" + }, + "lock": { + "value": "CanNotDelete" + }, + "privateEndpoints": { + "value": [ + { + "service": "registry", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + } + ] + }, + "publicNetworkAccess": { + "value": "Disabled" + }, + "quarantinePolicyStatus": { + "value": "enabled" + }, + "replications": { + "value": [ + { + "location": "northeurope", + "name": "northeurope" } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "systemAssignedIdentity": { + "value": true + }, + "trustPolicyStatus": { + "value": "enabled" + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } + }, + "webhooks": { + "value": [ + { + "name": "<>azacrx001webhook", + "serviceUri": "https://www.contoso.com/webhook" + } + ] } + } } ``` diff --git a/modules/Microsoft.ContainerService/managedClusters/readme.md b/modules/Microsoft.ContainerService/managedClusters/readme.md index 13cee63a21..b20a3ff128 100644 --- a/modules/Microsoft.ContainerService/managedClusters/readme.md +++ b/modules/Microsoft.ContainerService/managedClusters/readme.md @@ -473,127 +473,127 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-aks-azure-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "diskEncryptionSetID": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/diskEncryptionSets/adp-<>-az-des-x-001" - }, - "primaryAgentPoolProfile": { - "value": [ - { - "name": "systempool", - "osDiskSizeGB": 0, - "count": 1, - "enableAutoScaling": true, - "minCount": 1, - "maxCount": 3, - "vmSize": "Standard_DS2_v2", - "osType": "Linux", - "storageProfile": "ManagedDisks", - "type": "VirtualMachineScaleSets", - "mode": "System", - "vnetSubnetID": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Primary", - "serviceCidr": "", - "maxPods": 30, - "availabilityZones": [ - "1" - ] - } - ] - }, - "aksClusterNetworkPlugin": { - "value": "azure" - }, - "agentPools": { - "value": [ - { - "name": "userpool1", - "vmSize": "Standard_DS2_v2", - "osDiskSizeGB": 128, - "count": 2, - "osType": "Linux", - "maxCount": 3, - "minCount": 1, - "enableAutoScaling": true, - "scaleSetPriority": "Regular", - "scaleSetEvictionPolicy": "Delete", - "nodeLabels": {}, - "nodeTaints": [ - "CriticalAddonsOnly=true:NoSchedule" - ], - "type": "VirtualMachineScaleSets", - "availabilityZones": [ - "1" - ], - "minPods": 2, - "maxPods": 30, - "storageProfile": "ManagedDisks", - "mode": "User", - "vnetSubnetID": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Secondary" - }, - { - "name": "userpool2", - "vmSize": "Standard_DS2_v2", - "osDiskSizeGB": 128, - "count": 2, - "osType": "Linux", - "maxCount": 3, - "minCount": 1, - "enableAutoScaling": true, - "scaleSetPriority": "Regular", - "scaleSetEvictionPolicy": "Delete", - "nodeLabels": {}, - "nodeTaints": [ - "CriticalAddonsOnly=true:NoSchedule" - ], - "type": "VirtualMachineScaleSets", - "availabilityZones": [ - "1" - ], - "minPods": 2, - "maxPods": 30, - "storageProfile": "ManagedDisks", - "mode": "User", - "vnetSubnetID": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Tertiary" - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-aks-azure-001" + }, + "primaryAgentPoolProfile": { + "value": [ + { + "availabilityZones": [ + "1" + ], + "count": 1, + "enableAutoScaling": true, + "maxCount": 3, + "maxPods": 30, + "minCount": 1, + "mode": "System", + "name": "systempool", + "osDiskSizeGB": 0, + "osType": "Linux", + "serviceCidr": "", + "storageProfile": "ManagedDisks", + "type": "VirtualMachineScaleSets", + "vmSize": "Standard_DS2_v2", + "vnetSubnetID": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Primary" + } + ] + }, + "agentPools": { + "value": [ + { + "availabilityZones": [ + "1" + ], + "count": 2, + "enableAutoScaling": true, + "maxCount": 3, + "maxPods": 30, + "minCount": 1, + "minPods": 2, + "mode": "User", + "name": "userpool1", + "nodeLabels": {}, + "nodeTaints": [ + "CriticalAddonsOnly=true:NoSchedule" + ], + "osDiskSizeGB": 128, + "osType": "Linux", + "scaleSetEvictionPolicy": "Delete", + "scaleSetPriority": "Regular", + "storageProfile": "ManagedDisks", + "type": "VirtualMachineScaleSets", + "vmSize": "Standard_DS2_v2", + "vnetSubnetID": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Secondary" }, - "systemAssignedIdentity": { - "value": true + { + "availabilityZones": [ + "1" + ], + "count": 2, + "enableAutoScaling": true, + "maxCount": 3, + "maxPods": 30, + "minCount": 1, + "minPods": 2, + "mode": "User", + "name": "userpool2", + "nodeLabels": {}, + "nodeTaints": [ + "CriticalAddonsOnly=true:NoSchedule" + ], + "osDiskSizeGB": 128, + "osType": "Linux", + "scaleSetEvictionPolicy": "Delete", + "scaleSetPriority": "Regular", + "storageProfile": "ManagedDisks", + "type": "VirtualMachineScaleSets", + "vmSize": "Standard_DS2_v2", + "vnetSubnetID": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Tertiary" } + ] + }, + "aksClusterNetworkPlugin": { + "value": "azure" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "diskEncryptionSetID": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/diskEncryptionSets/adp-<>-az-des-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "systemAssignedIdentity": { + "value": true } + } } ``` @@ -711,120 +711,120 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-aks-kubenet-001" - }, - "primaryAgentPoolProfile": { - "value": [ - { - "name": "systempool", - "osDiskSizeGB": 0, - "count": 1, - "enableAutoScaling": true, - "minCount": 1, - "maxCount": 3, - "vmSize": "Standard_DS2_v2", - "osType": "Linux", - "storageProfile": "ManagedDisks", - "type": "VirtualMachineScaleSets", - "mode": "System", - "serviceCidr": "", - "maxPods": 30, - "availabilityZones": [ - "1" - ] - } - ] - }, - "aksClusterNetworkPlugin": { - "value": "kubenet" - }, - "agentPools": { - "value": [ - { - "name": "userpool1", - "vmSize": "Standard_DS2_v2", - "osDiskSizeGB": 128, - "count": 2, - "osType": "Linux", - "maxCount": 3, - "minCount": 1, - "enableAutoScaling": true, - "scaleSetPriority": "Regular", - "scaleSetEvictionPolicy": "Delete", - "nodeLabels": {}, - "nodeTaints": [ - "CriticalAddonsOnly=true:NoSchedule" - ], - "type": "VirtualMachineScaleSets", - "availabilityZones": [ - "1" - ], - "minPods": 2, - "maxPods": 30, - "storageProfile": "ManagedDisks", - "mode": "User" - }, - { - "name": "userpool2", - "vmSize": "Standard_DS2_v2", - "osDiskSizeGB": 128, - "count": 2, - "osType": "Linux", - "maxCount": 3, - "minCount": 1, - "enableAutoScaling": true, - "scaleSetPriority": "Regular", - "scaleSetEvictionPolicy": "Delete", - "nodeLabels": {}, - "nodeTaints": [ - "CriticalAddonsOnly=true:NoSchedule" - ], - "type": "VirtualMachineScaleSets", - "availabilityZones": [ - "1" - ], - "minPods": 2, - "maxPods": 30, - "storageProfile": "ManagedDisks", - "mode": "User" - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-aks-kubenet-001" + }, + "primaryAgentPoolProfile": { + "value": [ + { + "availabilityZones": [ + "1" + ], + "count": 1, + "enableAutoScaling": true, + "maxCount": 3, + "maxPods": 30, + "minCount": 1, + "mode": "System", + "name": "systempool", + "osDiskSizeGB": 0, + "osType": "Linux", + "serviceCidr": "", + "storageProfile": "ManagedDisks", + "type": "VirtualMachineScaleSets", + "vmSize": "Standard_DS2_v2" + } + ] + }, + "agentPools": { + "value": [ + { + "availabilityZones": [ + "1" + ], + "count": 2, + "enableAutoScaling": true, + "maxCount": 3, + "maxPods": 30, + "minCount": 1, + "minPods": 2, + "mode": "User", + "name": "userpool1", + "nodeLabels": {}, + "nodeTaints": [ + "CriticalAddonsOnly=true:NoSchedule" + ], + "osDiskSizeGB": 128, + "osType": "Linux", + "scaleSetEvictionPolicy": "Delete", + "scaleSetPriority": "Regular", + "storageProfile": "ManagedDisks", + "type": "VirtualMachineScaleSets", + "vmSize": "Standard_DS2_v2" }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } + { + "availabilityZones": [ + "1" + ], + "count": 2, + "enableAutoScaling": true, + "maxCount": 3, + "maxPods": 30, + "minCount": 1, + "minPods": 2, + "mode": "User", + "name": "userpool2", + "nodeLabels": {}, + "nodeTaints": [ + "CriticalAddonsOnly=true:NoSchedule" + ], + "osDiskSizeGB": 128, + "osType": "Linux", + "scaleSetEvictionPolicy": "Delete", + "scaleSetPriority": "Regular", + "storageProfile": "ManagedDisks", + "type": "VirtualMachineScaleSets", + "vmSize": "Standard_DS2_v2" + } + ] + }, + "aksClusterNetworkPlugin": { + "value": "kubenet" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` diff --git a/modules/Microsoft.DataFactory/factories/readme.md b/modules/Microsoft.DataFactory/factories/readme.md index 8108d9b41d..781f4b956c 100644 --- a/modules/Microsoft.DataFactory/factories/readme.md +++ b/modules/Microsoft.DataFactory/factories/readme.md @@ -332,70 +332,70 @@ module factories './Microsoft.DataFactory/factories/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-adf-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "managedVirtualNetworkName": { - "value": "default" - }, - "integrationRuntime": { - "value": { - "name": "AutoResolveIntegrationRuntime", - "type": "Managed", - "managedVirtualNetworkName": "default", - "typeProperties": { - "computeProperties": { - "location": "AutoResolve" - } - } - } - }, - "publicNetworkAccess": { - "value": true - }, - "gitConfigureLater": { - "value": true - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-adf-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "gitConfigureLater": { + "value": true + }, + "integrationRuntime": { + "value": { + "managedVirtualNetworkName": "default", + "name": "AutoResolveIntegrationRuntime", + "type": "Managed", + "typeProperties": { + "computeProperties": { + "location": "AutoResolve" + } + } + } + }, + "lock": { + "value": "CanNotDelete" + }, + "managedVirtualNetworkName": { + "value": "default" + }, + "publicNetworkAccess": { + "value": true + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "systemAssignedIdentity": { + "value": true + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` diff --git a/modules/Microsoft.DataProtection/backupVaults/readme.md b/modules/Microsoft.DataProtection/backupVaults/readme.md index 9066ccdf77..f77c81a356 100644 --- a/modules/Microsoft.DataProtection/backupVaults/readme.md +++ b/modules/Microsoft.DataProtection/backupVaults/readme.md @@ -356,13 +356,13 @@ module backupVaults './Microsoft.DataProtection/backupVaults/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-bv-min-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-bv-min-001" } + } } ``` @@ -456,80 +456,80 @@ module backupVaults './Microsoft.DataProtection/backupVaults/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-bv-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "backupPolicies": { - "value": [ - { - "name": "DefaultPolicy", - "properties": { - "policyRules": [ - { - "backupParameters": { - "backupType": "Incremental", - "objectType": "AzureBackupParams" - }, - "trigger": { - "schedule": { - "repeatingTimeIntervals": [ - "R/2022-05-31T23:30:00+01:00/P1D" - ], - "timeZone": "W. Europe Standard Time" - }, - "taggingCriteria": [ - { - "tagInfo": { - "tagName": "Default", - "id": "Default_" - }, - "taggingPriority": 99, - "isDefault": true - } - ], - "objectType": "ScheduleBasedTriggerContext" - }, - "dataStore": { - "dataStoreType": "OperationalStore", - "objectType": "DataStoreInfoBase" - }, - "name": "BackupDaily", - "objectType": "AzureBackupRule" - }, - { - "lifecycles": [ - { - "deleteAfter": { - "objectType": "AbsoluteDeleteOption", - "duration": "P7D" - }, - "targetDataStoreCopySettings": [], - "sourceDataStore": { - "dataStoreType": "OperationalStore", - "objectType": "DataStoreInfoBase" - } - } - ], - "isDefault": true, - "name": "Default", - "objectType": "AzureRetentionRule" - } - ], - "datasourceTypes": [ - "Microsoft.Compute/disks" - ], - "objectType": "BackupPolicy" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-bv-x-001" + }, + "backupPolicies": { + "value": [ + { + "name": "DefaultPolicy", + "properties": { + "datasourceTypes": [ + "Microsoft.Compute/disks" + ], + "objectType": "BackupPolicy", + "policyRules": [ + { + "backupParameters": { + "backupType": "Incremental", + "objectType": "AzureBackupParams" + }, + "dataStore": { + "dataStoreType": "OperationalStore", + "objectType": "DataStoreInfoBase" + }, + "name": "BackupDaily", + "objectType": "AzureBackupRule", + "trigger": { + "objectType": "ScheduleBasedTriggerContext", + "schedule": { + "repeatingTimeIntervals": [ + "R/2022-05-31T23:30:00+01:00/P1D" + ], + "timeZone": "W. Europe Standard Time" + }, + "taggingCriteria": [ + { + "isDefault": true, + "taggingPriority": 99, + "tagInfo": { + "id": "Default_", + "tagName": "Default" + } } + ] } + }, + { + "isDefault": true, + "lifecycles": [ + { + "deleteAfter": { + "duration": "P7D", + "objectType": "AbsoluteDeleteOption" + }, + "sourceDataStore": { + "dataStoreType": "OperationalStore", + "objectType": "DataStoreInfoBase" + }, + "targetDataStoreCopySettings": [] + } + ], + "name": "Default", + "objectType": "AzureRetentionRule" + } ] + } } + ] + }, + "lock": { + "value": "CanNotDelete" } + } } ``` diff --git a/modules/Microsoft.Databricks/workspaces/readme.md b/modules/Microsoft.Databricks/workspaces/readme.md index 8c9fcb2f53..25efa18299 100644 --- a/modules/Microsoft.Databricks/workspaces/readme.md +++ b/modules/Microsoft.Databricks/workspaces/readme.md @@ -257,41 +257,41 @@ module workspaces './Microsoft.Databricks/workspaces/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-adb-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-adb-x-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md index a6c1c7910f..656ffb6c1a 100644 --- a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md +++ b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md @@ -185,19 +185,19 @@ module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/de ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-avdag-min-001" - }, - "applicationGroupType": { - "value": "RemoteApp" - }, - "hostpoolName": { - "value": "adp-<>-az-avdhp-x-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "applicationGroupType": { + "value": "RemoteApp" + }, + "hostpoolName": { + "value": "adp-<>-az-avdhp-x-001" + }, + "name": { + "value": "<>-az-avdag-min-001" } + } } ``` @@ -265,76 +265,76 @@ module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/de ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-avdag-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "location": { - "value": "westeurope" - }, - "applicationGroupType": { - "value": "RemoteApp" - }, - "hostpoolName": { - "value": "adp-<>-az-avdhp-x-001" - }, - "friendlyName": { - "value": "Remote Applications 1" - }, - "description": { - "value": "This is my first Remote Applications bundle" - }, - "applications": { - "value": [ - { - "name": "notepad", - "description": "Notepad by ARM template", - "friendlyName": "Notepad", - "filePath": "C:\\Windows\\System32\\notepad.exe", - "commandLineSetting": "DoNotAllow", - "commandLineArguments": "", - "showInPortal": true, - "iconPath": "C:\\Windows\\System32\\notepad.exe", - "iconIndex": 0 - }, - { - "name": "wordpad", - "filePath": "C:\\Program Files\\Windows NT\\Accessories\\wordpad.exe", - "friendlyName": "Wordpad" - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "applicationGroupType": { + "value": "RemoteApp" + }, + "hostpoolName": { + "value": "adp-<>-az-avdhp-x-001" + }, + "name": { + "value": "<>-az-avdag-x-001" + }, + "applications": { + "value": [ + { + "commandLineArguments": "", + "commandLineSetting": "DoNotAllow", + "description": "Notepad by ARM template", + "filePath": "C:\\Windows\\System32\\notepad.exe", + "friendlyName": "Notepad", + "iconIndex": 0, + "iconPath": "C:\\Windows\\System32\\notepad.exe", + "name": "notepad", + "showInPortal": true }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + { + "filePath": "C:\\Program Files\\Windows NT\\Accessories\\wordpad.exe", + "friendlyName": "Wordpad", + "name": "wordpad" } + ] + }, + "description": { + "value": "This is my first Remote Applications bundle" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "friendlyName": { + "value": "Remote Applications 1" + }, + "location": { + "value": "westeurope" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] } + } } ``` diff --git a/modules/Microsoft.DesktopVirtualization/hostpools/readme.md b/modules/Microsoft.DesktopVirtualization/hostpools/readme.md index 2eb86a0f4e..2d42f43142 100644 --- a/modules/Microsoft.DesktopVirtualization/hostpools/readme.md +++ b/modules/Microsoft.DesktopVirtualization/hostpools/readme.md @@ -318,84 +318,84 @@ module hostpools './Microsoft.DesktopVirtualization/hostpools/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-avdhp-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "location": { - "value": "westeurope" - }, - "hostpoolFriendlyName": { - "value": "AVDv2" - }, - "hostpoolDescription": { - "value": "My first AVD Host Pool" - }, - "hostpoolType": { - "value": "Pooled" - }, - "personalDesktopAssignmentType": { - "value": "Automatic" - }, - "maxSessionLimit": { - "value": 99999 - }, - "loadBalancerType": { - "value": "BreadthFirst" - }, - "customRdpProperty": { - "value": "audiocapturemode:i:1;audiomode:i:0;drivestoredirect:s:;redirectclipboard:i:1;redirectcomports:i:1;redirectprinters:i:1;redirectsmartcards:i:1;screen mode id:i:2;" - }, - "vmTemplate": { - "value": { - "domain": "domainname.onmicrosoft.com", - "galleryImageOffer": "office-365", - "galleryImagePublisher": "microsoftwindowsdesktop", - "galleryImageSKU": "20h1-evd-o365pp", - "imageType": "Gallery", - "imageUri": null, - "customImageId": null, - "namePrefix": "avdv2", - "osDiskType": "StandardSSD_LRS", - "useManagedDisks": true, - "vmSize": { - "id": "Standard_D2s_v3", - "cores": 2, - "ram": 8 - } - } - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-avdhp-x-001" + }, + "customRdpProperty": { + "value": "audiocapturemode:i:1;audiomode:i:0;drivestoredirect:s:;redirectclipboard:i:1;redirectcomports:i:1;redirectprinters:i:1;redirectsmartcards:i:1;screen mode id:i:2;" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "hostpoolDescription": { + "value": "My first AVD Host Pool" + }, + "hostpoolFriendlyName": { + "value": "AVDv2" + }, + "hostpoolType": { + "value": "Pooled" + }, + "loadBalancerType": { + "value": "BreadthFirst" + }, + "location": { + "value": "westeurope" + }, + "lock": { + "value": "CanNotDelete" + }, + "maxSessionLimit": { + "value": 99999 + }, + "personalDesktopAssignmentType": { + "value": "Automatic" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "vmTemplate": { + "value": { + "customImageId": null, + "domain": "domainname.onmicrosoft.com", + "galleryImageOffer": "office-365", + "galleryImagePublisher": "microsoftwindowsdesktop", + "galleryImageSKU": "20h1-evd-o365pp", + "imageType": "Gallery", + "imageUri": null, + "namePrefix": "avdv2", + "osDiskType": "StandardSSD_LRS", + "useManagedDisks": true, + "vmSize": { + "cores": 2, + "id": "Standard_D2s_v3", + "ram": 8 } + } } + } } ``` diff --git a/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md b/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md index 71e7097075..25cff56f29 100644 --- a/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md +++ b/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md @@ -281,13 +281,13 @@ module scalingplans './Microsoft.DesktopVirtualization/scalingplans/deploy.bicep ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-avdsp-x-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-avdsp-x-001" } + } } ``` diff --git a/modules/Microsoft.DesktopVirtualization/workspaces/readme.md b/modules/Microsoft.DesktopVirtualization/workspaces/readme.md index cb5a18742e..02ddec5b87 100644 --- a/modules/Microsoft.DesktopVirtualization/workspaces/readme.md +++ b/modules/Microsoft.DesktopVirtualization/workspaces/readme.md @@ -200,55 +200,55 @@ module workspaces './Microsoft.DesktopVirtualization/workspaces/deploy.bicep' = ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-avdws-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "location": { - "value": "westeurope" - }, - "appGroupResourceIds": { - "value": [ - "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.DesktopVirtualization/applicationgroups/adp-<>-az-avdag-x-001" - ] - }, - "workspaceFriendlyName": { - "value": "My first AVD Workspace" - }, - "workspaceDescription": { - "value": "This is my first AVD Workspace" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-avdws-x-001" + }, + "appGroupResourceIds": { + "value": [ + "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.DesktopVirtualization/applicationgroups/adp-<>-az-avdag-x-001" + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "location": { + "value": "westeurope" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "workspaceDescription": { + "value": "This is my first AVD Workspace" + }, + "workspaceFriendlyName": { + "value": "My first AVD Workspace" } + } } ``` diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md index ed9680f703..d2a11c9571 100644 --- a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md +++ b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md @@ -691,244 +691,244 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-cdb-mongodb-001" - }, - "location": { - "value": "West Europe" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "locations": { + "value": [ + { + "failoverPriority": 0, + "isZoneRedundant": false, + "locationName": "West Europe" }, - "locations": { - "value": [ + { + "failoverPriority": 1, + "isZoneRedundant": false, + "locationName": "North Europe" + } + ] + }, + "name": { + "value": "<>-az-cdb-mongodb-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "location": { + "value": "West Europe" + }, + "mongodbDatabases": { + "value": [ + { + "collections": [ + { + "indexes": [ { - "locationName": "West Europe", - "failoverPriority": 0, - "isZoneRedundant": false + "key": { + "keys": [ + "_id" + ] + } }, { - "locationName": "North Europe", - "failoverPriority": 1, - "isZoneRedundant": false + "key": { + "keys": [ + "$**" + ] + } + }, + { + "key": { + "keys": [ + "car_id", + "car_model" + ] + }, + "options": { + "unique": true + } + }, + { + "key": { + "keys": [ + "_ts" + ] + }, + "options": { + "expireAfterSeconds": 2629746 + } } - ] - }, - "roleAssignments": { - "value": [ + ], + "name": "car_collection", + "shardKey": { + "car_id": "Hash" + } + }, + { + "indexes": [ + { + "key": { + "keys": [ + "_id" + ] + } + }, + { + "key": { + "keys": [ + "$**" + ] + } + }, { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" + "key": { + "keys": [ + "truck_id", + "truck_model" ] + }, + "options": { + "unique": true + } + }, + { + "key": { + "keys": [ + "_ts" + ] + }, + "options": { + "expireAfterSeconds": 2629746 + } } - ] + ], + "name": "truck_collection", + "shardKey": { + "truck_id": "Hash" + } + } + ], + "name": "<>-az-mdb-x-001" }, - "mongodbDatabases": { - "value": [ + { + "collections": [ + { + "indexes": [ { - "name": "<>-az-mdb-x-001", - "collections": [ - { - "name": "car_collection", - "indexes": [ - { - "key": { - "keys": [ - "_id" - ] - } - }, - { - "key": { - "keys": [ - "$**" - ] - } - }, - { - "key": { - "keys": [ - "car_id", - "car_model" - ] - }, - "options": { - "unique": true - } - }, - { - "key": { - "keys": [ - "_ts" - ] - }, - "options": { - "expireAfterSeconds": 2629746 - } - } - ], - "shardKey": { - "car_id": "Hash" - } - }, - { - "name": "truck_collection", - "indexes": [ - { - "key": { - "keys": [ - "_id" - ] - } - }, - { - "key": { - "keys": [ - "$**" - ] - } - }, - { - "key": { - "keys": [ - "truck_id", - "truck_model" - ] - }, - "options": { - "unique": true - } - }, - { - "key": { - "keys": [ - "_ts" - ] - }, - "options": { - "expireAfterSeconds": 2629746 - } - } - ], - "shardKey": { - "truck_id": "Hash" - } - } + "key": { + "keys": [ + "_id" ] + } }, { - "name": "<>-az-mdb-x-002", - "collections": [ - { - "name": "bike_collection", - "indexes": [ - { - "key": { - "keys": [ - "_id" - ] - } - }, - { - "key": { - "keys": [ - "$**" - ] - } - }, - { - "key": { - "keys": [ - "bike_id", - "bike_model" - ] - }, - "options": { - "unique": true - } - }, - { - "key": { - "keys": [ - "_ts" - ] - }, - "options": { - "expireAfterSeconds": 2629746 - } - } - ], - "shardKey": { - "bike_id": "Hash" - } - }, - { - "name": "bicycle_collection", - "indexes": [ - { - "key": { - "keys": [ - "_id" - ] - } - }, - { - "key": { - "keys": [ - "$**" - ] - } - }, - { - "key": { - "keys": [ - "bicycle_id", - "bicycle_model" - ] - }, - "options": { - "unique": true - } - }, - { - "key": { - "keys": [ - "_ts" - ] - }, - "options": { - "expireAfterSeconds": 2629746 - } - } - ], - "shardKey": { - "bicycle_id": "Hash" - } - } + "key": { + "keys": [ + "$**" ] + } + }, + { + "key": { + "keys": [ + "bike_id", + "bike_model" + ] + }, + "options": { + "unique": true + } + }, + { + "key": { + "keys": [ + "_ts" + ] + }, + "options": { + "expireAfterSeconds": 2629746 + } } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "systemAssignedIdentity": { - "value": true + ], + "name": "bike_collection", + "shardKey": { + "bike_id": "Hash" + } + }, + { + "indexes": [ + { + "key": { + "keys": [ + "_id" + ] + } + }, + { + "key": { + "keys": [ + "$**" + ] + } + }, + { + "key": { + "keys": [ + "bicycle_id", + "bicycle_model" + ] + }, + "options": { + "unique": true + } + }, + { + "key": { + "keys": [ + "_ts" + ] + }, + "options": { + "expireAfterSeconds": 2629746 + } + } + ], + "name": "bicycle_collection", + "shardKey": { + "bicycle_id": "Hash" + } + } + ], + "name": "<>-az-mdb-x-002" } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "systemAssignedIdentity": { + "value": true } + } } ``` @@ -985,55 +985,55 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-cdb-plain-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "locations": { - "value": [ - { - "locationName": "West Europe", - "failoverPriority": 0, - "isZoneRedundant": false - }, - { - "locationName": "North Europe", - "failoverPriority": 1, - "isZoneRedundant": false - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "locations": { + "value": [ + { + "failoverPriority": 0, + "isZoneRedundant": false, + "locationName": "West Europe" }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + { + "failoverPriority": 1, + "isZoneRedundant": false, + "locationName": "North Europe" + } + ] + }, + "name": { + "value": "<>-az-cdb-plain-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` @@ -1111,80 +1111,80 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-cdb-sqldb-001" - }, - "location": { - "value": "West Europe" - }, - "locations": { - "value": [ - { - "locationName": "West Europe", - "failoverPriority": 0, - "isZoneRedundant": false - }, - { - "locationName": "North Europe", - "failoverPriority": 1, - "isZoneRedundant": false - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "sqlDatabases": { - "value": [ - { - "name": "<>-az-sql-x-001", - "containers": [ - { - "name": "container-001", - "paths": [ - "/myPartitionKey" - ], - "kind": "Hash" - } - ] - }, - { - "name": "<>-az-sql-x-002", - "containers": [] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "locations": { + "value": [ + { + "failoverPriority": 0, + "isZoneRedundant": false, + "locationName": "West Europe" }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + { + "failoverPriority": 1, + "isZoneRedundant": false, + "locationName": "North Europe" + } + ] + }, + "name": { + "value": "<>-az-cdb-sqldb-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "location": { + "value": "West Europe" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "sqlDatabases": { + "value": [ + { + "containers": [ + { + "kind": "Hash", + "name": "container-001", + "paths": [ + "/myPartitionKey" + ] } + ], + "name": "<>-az-sql-x-001" + }, + { + "containers": [], + "name": "<>-az-sql-x-002" } + ] + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` diff --git a/modules/Microsoft.EventGrid/systemTopics/readme.md b/modules/Microsoft.EventGrid/systemTopics/readme.md index cc5658c116..ca074cb9e1 100644 --- a/modules/Microsoft.EventGrid/systemTopics/readme.md +++ b/modules/Microsoft.EventGrid/systemTopics/readme.md @@ -295,19 +295,19 @@ module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-egstn-x-002" - }, - "source": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "topicType": { - "value": "Microsoft.Storage.StorageAccounts" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-egstn-x-002" + }, + "source": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "topicType": { + "value": "Microsoft.Storage.StorageAccounts" } + } } ``` @@ -354,47 +354,47 @@ module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-egstn-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "source": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "topicType": { - "value": "Microsoft.Storage.StorageAccounts" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-egstn-x-001" + }, + "source": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "topicType": { + "value": "Microsoft.Storage.StorageAccounts" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.EventGrid/topics/readme.md b/modules/Microsoft.EventGrid/topics/readme.md index 302ec7cb94..0e76b80366 100644 --- a/modules/Microsoft.EventGrid/topics/readme.md +++ b/modules/Microsoft.EventGrid/topics/readme.md @@ -280,49 +280,49 @@ module topics './Microsoft.EventGrid/topics/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-egtn-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "topic" - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-egtn-x-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "privateEndpoints": { + "value": [ + { + "service": "topic", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.EventHub/namespaces/readme.md b/modules/Microsoft.EventHub/namespaces/readme.md index 74cad65799..2c0a8fed33 100644 --- a/modules/Microsoft.EventHub/namespaces/readme.md +++ b/modules/Microsoft.EventHub/namespaces/readme.md @@ -305,9 +305,9 @@ module namespaces './Microsoft.EventHub/namespaces/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": {} + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": {} } ``` @@ -448,149 +448,149 @@ module namespaces './Microsoft.EventHub/namespaces/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-evnsp-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "authorizationRules": { - "value": [ - { - "name": "RootManageSharedAccessKey", - "rights": [ - "Listen", - "Manage", - "Send" - ] - }, - { - "name": "SendListenAccess", - "rights": [ - "Listen", - "Send" - ] - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "eventHubs": { - "value": [ - { - "name": "<>-az-evh-x-001" - }, - { - "name": "<>-az-evh-x-002", - "authorizationRules": [ - { - "name": "RootManageSharedAccessKey", - "rights": [ - "Listen", - "Manage", - "Send" - ] - }, - { - "name": "SendListenAccess", - "rights": [ - "Listen", - "Send" - ] - } - ], - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ], - "messageRetentionInDays": 1, - "partitionCount": 2, - "status": "Active", - "captureDescriptionEnabled": true, - "captureDescriptionEncoding": "Avro", - "captureDescriptionIntervalInSeconds": 300, - "captureDescriptionSizeLimitInBytes": 314572800, - "captureDescriptionDestinationName": "EventHubArchive.AzureBlockBlob", - "captureDescriptionDestinationStorageAccountResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", - "captureDescriptionDestinationBlobContainer": "eventhub", - "captureDescriptionDestinationArchiveNameFormat": "{Namespace}/{EventHub}/{PartitionId}/{Year}/{Month}/{Day}/{Hour}/{Minute}/{Second}", - "captureDescriptionSkipEmptyArchives": true, - "consumerGroups": [ - { - "name": "custom", - "userMetadata": "customMetadata" - } - ] - } - ] - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "namespace" - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "authorizationRules": { + "value": [ + { + "name": "RootManageSharedAccessKey", + "rights": [ + "Listen", + "Manage", + "Send" + ] }, - "systemAssignedIdentity": { - "value": true + { + "name": "SendListenAccess", + "rights": [ + "Listen", + "Send" + ] + } + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "eventHubs": { + "value": [ + { + "name": "<>-az-evh-x-001" }, - "networkRuleSets": { - "value": { - "defaultAction": "Deny", - "ipRules": [ - { - "action": "Allow", - "ipMask": "10.10.10.10" - } - ], - "virtualNetworkRules": [ - { - "subnet": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" - }, - "ignoreMissingVnetServiceEndpoint": true - } - ], - "trustedServiceAccessEnabled": false + { + "authorizationRules": [ + { + "name": "RootManageSharedAccessKey", + "rights": [ + "Listen", + "Manage", + "Send" + ] + }, + { + "name": "SendListenAccess", + "rights": [ + "Listen", + "Send" + ] } - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + ], + "captureDescriptionDestinationArchiveNameFormat": "{Namespace}/{EventHub}/{PartitionId}/{Year}/{Month}/{Day}/{Hour}/{Minute}/{Second}", + "captureDescriptionDestinationBlobContainer": "eventhub", + "captureDescriptionDestinationName": "EventHubArchive.AzureBlockBlob", + "captureDescriptionDestinationStorageAccountResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", + "captureDescriptionEnabled": true, + "captureDescriptionEncoding": "Avro", + "captureDescriptionIntervalInSeconds": 300, + "captureDescriptionSizeLimitInBytes": 314572800, + "captureDescriptionSkipEmptyArchives": true, + "consumerGroups": [ + { + "name": "custom", + "userMetadata": "customMetadata" + } + ], + "messageRetentionInDays": 1, + "name": "<>-az-evh-x-002", + "partitionCount": 2, + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "status": "Active" + } + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "name": { + "value": "<>-az-evnsp-x-001" + }, + "networkRuleSets": { + "value": { + "defaultAction": "Deny", + "ipRules": [ + { + "action": "Allow", + "ipMask": "10.10.10.10" + } + ], + "trustedServiceAccessEnabled": false, + "virtualNetworkRules": [ + { + "ignoreMissingVnetServiceEndpoint": true, + "subnet": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" } + } + ] + } + }, + "privateEndpoints": { + "value": [ + { + "service": "namespace", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "systemAssignedIdentity": { + "value": true + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` diff --git a/modules/Microsoft.HealthBot/healthBots/readme.md b/modules/Microsoft.HealthBot/healthBots/readme.md index a38e4411b9..364460b896 100644 --- a/modules/Microsoft.HealthBot/healthBots/readme.md +++ b/modules/Microsoft.HealthBot/healthBots/readme.md @@ -179,26 +179,26 @@ module healthBots './Microsoft.HealthBot/healthBots/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-ahb-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-ahb-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Insights/actionGroups/readme.md b/modules/Microsoft.Insights/actionGroups/readme.md index 522bebc0ac..8fffb75a5a 100644 --- a/modules/Microsoft.Insights/actionGroups/readme.md +++ b/modules/Microsoft.Insights/actionGroups/readme.md @@ -284,49 +284,49 @@ module actionGroups './Microsoft.Insights/actionGroups/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-ag-x-001" - }, - "groupShortName": { - "value": "azagweux001" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "emailReceivers": { - "value": [ - { - "name": "TestUser_-EmailAction-", - "emailAddress": "test.user@testcompany.com", - "useCommonAlertSchema": true - }, - { - "name": "TestUser2", - "emailAddress": "test.user2@testcompany.com", - "useCommonAlertSchema": true - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "groupShortName": { + "value": "azagweux001" + }, + "name": { + "value": "<>-az-ag-x-001" + }, + "emailReceivers": { + "value": [ + { + "emailAddress": "test.user@testcompany.com", + "name": "TestUser_-EmailAction-", + "useCommonAlertSchema": true }, - "smsReceivers": { - "value": [ - { - "name": "TestUser_-SMSAction-", - "countryCode": "1", - "phoneNumber": "2345678901" - } - ] + { + "emailAddress": "test.user2@testcompany.com", + "name": "TestUser2", + "useCommonAlertSchema": true + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "smsReceivers": { + "value": [ + { + "countryCode": "1", + "name": "TestUser_-SMSAction-", + "phoneNumber": "2345678901" + } + ] } + } } ``` diff --git a/modules/Microsoft.Insights/activityLogAlerts/readme.md b/modules/Microsoft.Insights/activityLogAlerts/readme.md index be47b92174..45dddceeab 100644 --- a/modules/Microsoft.Insights/activityLogAlerts/readme.md +++ b/modules/Microsoft.Insights/activityLogAlerts/readme.md @@ -448,51 +448,51 @@ module activityLogAlerts './Microsoft.Insights/activityLogAlerts/deploy.bicep' = ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-ala-x-001" - }, - "scopes": { - "value": [ - "/subscriptions/<>" - ] - }, - "conditions": { - "value": [ - { - "field": "category", - "equals": "Administrative" - }, - { - "field": "resourceType", - "equals": "microsoft.compute/virtualmachines" - }, - { - "field": "operationName", - "equals": "Microsoft.Compute/virtualMachines/performMaintenance/action" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "conditions": { + "value": [ + { + "equals": "Administrative", + "field": "category" }, - "actions": { - "value": [ - { - "actionGroupId": "/subscriptions/<>/resourceGroups/validation-rg/providers/microsoft.insights/actiongroups/adp-<>-az-ag-x-001" - } - ] + { + "equals": "microsoft.compute/virtualmachines", + "field": "resourceType" }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + { + "equals": "Microsoft.Compute/virtualMachines/performMaintenance/action", + "field": "operationName" + } + ] + }, + "name": { + "value": "<>-az-ala-x-001" + }, + "actions": { + "value": [ + { + "actionGroupId": "/subscriptions/<>/resourceGroups/validation-rg/providers/microsoft.insights/actiongroups/adp-<>-az-ag-x-001" } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "scopes": { + "value": [ + "/subscriptions/<>" + ] } + } } ``` diff --git a/modules/Microsoft.Insights/components/readme.md b/modules/Microsoft.Insights/components/readme.md index 3fdd5c3639..5daa7cc917 100644 --- a/modules/Microsoft.Insights/components/readme.md +++ b/modules/Microsoft.Insights/components/readme.md @@ -183,26 +183,26 @@ module components './Microsoft.Insights/components/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-appi-x-001" - }, - "workspaceResourceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-appi-001" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-appi-x-001" + }, + "workspaceResourceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-appi-001" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Insights/diagnosticSettings/readme.md b/modules/Microsoft.Insights/diagnosticSettings/readme.md index f6707a28b5..d1a45839bb 100644 --- a/modules/Microsoft.Insights/diagnosticSettings/readme.md +++ b/modules/Microsoft.Insights/diagnosticSettings/readme.md @@ -70,28 +70,28 @@ module diagnosticSettings './Microsoft.Insights/diagnosticSettings/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-diag-x-001" - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "name": { + "value": "<>-az-diag-x-001" } + } } ``` diff --git a/modules/Microsoft.Insights/metricAlerts/readme.md b/modules/Microsoft.Insights/metricAlerts/readme.md index d2cf3b54a0..584eef5990 100644 --- a/modules/Microsoft.Insights/metricAlerts/readme.md +++ b/modules/Microsoft.Insights/metricAlerts/readme.md @@ -425,53 +425,53 @@ module metricAlerts './Microsoft.Insights/metricAlerts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-ma-x-001" - }, - "windowSize": { - "value": "PT15M" - }, - "actions": { - "value": [ - "/subscriptions/<>/resourceGroups/validation-rg/providers/microsoft.insights/actiongroups/adp-<>-az-ag-x-001" - ] - }, - "targetResourceType": { - "value": "microsoft.compute/virtualmachines" - }, - "targetResourceRegion": { - "value": "westeurope" - }, - "criterias": { - "value": [ - { - "criterionType": "StaticThresholdCriterion", - "metricName": "Percentage CPU", - "metricNamespace": "microsoft.compute/virtualmachines", - "name": "HighCPU", - "operator": "GreaterThan", - "threshold": "90", - "timeAggregation": "Average" - } - ] - }, - "alertCriteriaType": { - "value": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "criterias": { + "value": [ + { + "criterionType": "StaticThresholdCriterion", + "metricName": "Percentage CPU", + "metricNamespace": "microsoft.compute/virtualmachines", + "name": "HighCPU", + "operator": "GreaterThan", + "threshold": "90", + "timeAggregation": "Average" } + ] + }, + "name": { + "value": "<>-az-ma-x-001" + }, + "actions": { + "value": [ + "/subscriptions/<>/resourceGroups/validation-rg/providers/microsoft.insights/actiongroups/adp-<>-az-ag-x-001" + ] + }, + "alertCriteriaType": { + "value": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "targetResourceRegion": { + "value": "westeurope" + }, + "targetResourceType": { + "value": "microsoft.compute/virtualmachines" + }, + "windowSize": { + "value": "PT15M" } + } } ``` diff --git a/modules/Microsoft.Insights/privateLinkScopes/readme.md b/modules/Microsoft.Insights/privateLinkScopes/readme.md index 988cdc485f..fdd35277da 100644 --- a/modules/Microsoft.Insights/privateLinkScopes/readme.md +++ b/modules/Microsoft.Insights/privateLinkScopes/readme.md @@ -272,42 +272,42 @@ module privateLinkScopes './Microsoft.Insights/privateLinkScopes/deploy.bicep' = ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-pls-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "scopedResources": { - "value": [ - { - "name": "scoped1", - "linkedResourceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "azuremonitor" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-pls-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "privateEndpoints": { + "value": [ + { + "service": "azuremonitor", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "scopedResources": { + "value": [ + { + "linkedResourceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001", + "name": "scoped1" + } + ] } + } } ``` diff --git a/modules/Microsoft.Insights/scheduledQueryRules/readme.md b/modules/Microsoft.Insights/scheduledQueryRules/readme.md index 542ff823b1..076cd01af3 100644 --- a/modules/Microsoft.Insights/scheduledQueryRules/readme.md +++ b/modules/Microsoft.Insights/scheduledQueryRules/readme.md @@ -225,75 +225,75 @@ module scheduledQueryRules './Microsoft.Insights/scheduledQueryRules/deploy.bice ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "myAlert01" - }, - "alertDescription": { - "value": "My sample Alert" - }, - "scopes": { - "value": [ - "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - ] - }, - "evaluationFrequency": { - "value": "PT5M" - }, - "windowSize": { - "value": "PT5M" - }, - "suppressForMinutes": { - "value": "PT5M" - }, - "queryTimeRange": { - "value": "PT5M" - }, - "autoMitigate": { - "value": false - }, - "criterias": { - "value": { - "allOf": [ - { - "query": "Perf | where ObjectName == \"LogicalDisk\" | where CounterName == \"% Free Space\" | where InstanceName <> \"HarddiskVolume1\" and InstanceName <> \"_Total\" | summarize AggregatedValue = min(CounterValue) by Computer, InstanceName, bin(TimeGenerated,5m)", - "timeAggregation": "Average", - "metricMeasureColumn": "AggregatedValue", - "dimensions": [ - { - "name": "Computer", - "operator": "Include", - "values": [ - "*" - ] - }, - { - "name": "InstanceName", - "operator": "Include", - "values": [ - "*" - ] - } - ], - "operator": "GreaterThan", - "threshold": 0 - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "myAlert01" + }, + "alertDescription": { + "value": "My sample Alert" + }, + "autoMitigate": { + "value": false + }, + "criterias": { + "value": { + "allOf": [ + { + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": [ + "*" ] - } - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + }, + { + "name": "InstanceName", + "operator": "Include", + "values": [ + "*" + ] + } + ], + "metricMeasureColumn": "AggregatedValue", + "operator": "GreaterThan", + "query": "Perf | where ObjectName == \"LogicalDisk\" | where CounterName == \"% Free Space\" | where InstanceName <> \"HarddiskVolume1\" and InstanceName <> \"_Total\" | summarize AggregatedValue = min(CounterValue) by Computer, InstanceName, bin(TimeGenerated,5m)", + "threshold": 0, + "timeAggregation": "Average" + } + ] + } + }, + "evaluationFrequency": { + "value": "PT5M" + }, + "queryTimeRange": { + "value": "PT5M" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "scopes": { + "value": [ + "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + ] + }, + "suppressForMinutes": { + "value": "PT5M" + }, + "windowSize": { + "value": "PT5M" } + } } ``` diff --git a/modules/Microsoft.KeyVault/vaults/readme.md b/modules/Microsoft.KeyVault/vaults/readme.md index 0cf57a655d..b6a7bd53e3 100644 --- a/modules/Microsoft.KeyVault/vaults/readme.md +++ b/modules/Microsoft.KeyVault/vaults/readme.md @@ -404,9 +404,9 @@ module vaults './Microsoft.KeyVault/vaults/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": {} + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": {} } ``` @@ -423,8 +423,6 @@ module vaults './Microsoft.KeyVault/vaults/deploy.bicep' = { module vaults './Microsoft.KeyVault/vaults/deploy.bicep' = { name: '${uniqueString(deployment().name)}-vaults' params: { - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' accessPolicies: [ { objectId: '<>' @@ -454,28 +452,12 @@ module vaults './Microsoft.KeyVault/vaults/deploy.bicep' = { } } ] + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 - secrets: { - secureList: [ - { - attributesExp: 1702648632 - attributesNbf: 10000 - contentType: 'Something' - name: 'secretName' - roleAssignments: [ - { - principalIds: [ - '<>' - ] - roleDefinitionIdOrName: 'Reader' - } - ] - value: 'secretValue' - } - ] - } + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - lock: 'CanNotDelete' + enableRbacAuthorization: false keys: [ { attributesExp: 1702648632 @@ -491,6 +473,7 @@ module vaults './Microsoft.KeyVault/vaults/deploy.bicep' = { ] } ] + lock: 'CanNotDelete' name: '<>-az-kv-x-002' networkAcls: { bypass: 'AzureServices' @@ -503,6 +486,12 @@ module vaults './Microsoft.KeyVault/vaults/deploy.bicep' = { } ] } + privateEndpoints: [ + { + service: 'vault' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + } + ] roleAssignments: [ { principalIds: [ @@ -511,15 +500,26 @@ module vaults './Microsoft.KeyVault/vaults/deploy.bicep' = { roleDefinitionIdOrName: 'Reader' } ] - enableRbacAuthorization: false + secrets: { + secureList: [ + { + attributesExp: 1702648632 + attributesNbf: 10000 + contentType: 'Something' + name: 'secretName' + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] + value: 'secretValue' + } + ] + } softDeleteRetentionInDays: 7 - privateEndpoints: [ - { - service: 'vault' - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - } - ] - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' } } ``` @@ -533,137 +533,137 @@ module vaults './Microsoft.KeyVault/vaults/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-kv-x-002" - }, - "lock": { - "value": "CanNotDelete" - }, - "softDeleteRetentionInDays": { - "value": 7 - }, - "enableRbacAuthorization": { - "value": false - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "vault" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "accessPolicies": { + "value": [ + { + "objectId": "<>", + "permissions": { + "keys": [ + "get", + "list", + "update" + ], + "secrets": [ + "all" ] + }, + "tenantId": "<>" }, - "networkAcls": { - "value": { - "bypass": "AzureServices", - "defaultAction": "Deny", - "virtualNetworkRules": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001", - "action": "Allow" - } - ], - "ipRules": [] - } - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } + { + "objectId": "<>", + "permissions": { + "certificates": [ + "backup", + "create", + "delete" + ], + "secrets": [ + "all" ] - }, - "secrets": { - "value": { - "secureList": [ - { - "name": "secretName", - "value": "secretValue", - "contentType": "Something", - "attributesExp": 1702648632, - "attributesNbf": 10000, - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - } - ] + } + } + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "enableRbacAuthorization": { + "value": false + }, + "keys": { + "value": [ + { + "attributesExp": 1702648632, + "attributesNbf": 10000, + "name": "keyName", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } - }, - "keys": { - "value": [ - { - "name": "keyName", - "attributesExp": 1702648632, - "attributesNbf": 10000, - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - } - ] - }, - "accessPolicies": { - "value": [ - { - "objectId": "<>", - "permissions": { - "keys": [ - "get", - "list", - "update" - ], - "secrets": [ - "all" - ] - }, - "tenantId": "<>" - }, - { - "objectId": "<>", - "permissions": { - "certificates": [ - "backup", - "create", - "delete" - ], - "secrets": [ - "all" - ] - } - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + ] + } + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "name": { + "value": "<>-az-kv-x-002" + }, + "networkAcls": { + "value": { + "bypass": "AzureServices", + "defaultAction": "Deny", + "ipRules": [], + "virtualNetworkRules": [ + { + "action": "Allow", + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" + } + ] + } + }, + "privateEndpoints": { + "value": [ + { + "service": "vault", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "secrets": { + "value": { + "secureList": [ + { + "attributesExp": 1702648632, + "attributesNbf": 10000, + "contentType": "Something", + "name": "secretName", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "value": "secretValue" + } + ] + } + }, + "softDeleteRetentionInDays": { + "value": 7 } + } } ``` diff --git a/modules/Microsoft.KubernetesConfiguration/extensions/readme.md b/modules/Microsoft.KubernetesConfiguration/extensions/readme.md index b8ac3510cf..e4428e455d 100644 --- a/modules/Microsoft.KubernetesConfiguration/extensions/readme.md +++ b/modules/Microsoft.KubernetesConfiguration/extensions/readme.md @@ -93,25 +93,25 @@ module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "flux" - }, - "extensionType": { - "value": "microsoft.flux" - }, - "clusterName": { - "value": "<>-az-aks-kubenet-001" - }, - "releaseTrain": { - "value": "Stable" - }, - "releaseNamespace": { - "value": "flux-system" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "clusterName": { + "value": "<>-az-aks-kubenet-001" + }, + "extensionType": { + "value": "microsoft.flux" + }, + "name": { + "value": "flux" + }, + "releaseNamespace": { + "value": "flux-system" + }, + "releaseTrain": { + "value": "Stable" } + } } ``` @@ -154,38 +154,37 @@ module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "flux" - }, - "extensionType": { - "value": "microsoft.flux" - }, - "clusterName": { - "value": "<>-az-aks-kubenet-001" - }, - "releaseTrain": { - "value": "Stable" - }, - "releaseNamespace": { - "value": "flux-system" - }, - "version": { - "value": "0.5.2" - }, - "configurationSettings": { - "value": { - // "helm-controller.enabled": "false", - "source-controller.enabled": "true", - "kustomize-controller.enabled": "true", - "notification-controller.enabled": "false", - "image-automation-controller.enabled": "false", - "image-reflector-controller.enabled": "false" - } - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "clusterName": { + "value": "<>-az-aks-kubenet-001" + }, + "extensionType": { + "value": "microsoft.flux" + }, + "name": { + "value": "flux" + }, + "configurationSettings": { + "value": { + "image-automation-controller.enabled": "false", + "image-reflector-controller.enabled": "false", + "kustomize-controller.enabled": "true", + "notification-controller.enabled": "false", + "source-controller.enabled": "true" + } + }, + "releaseNamespace": { + "value": "flux-system" + }, + "releaseTrain": { + "value": "Stable" + }, + "version": { + "value": "0.5.2" } + } } ``` diff --git a/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md b/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md index 9072b9f713..42c398a142 100644 --- a/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md +++ b/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md @@ -104,36 +104,36 @@ module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfiguration ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "flux2" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "clusterName": { + "value": "<>-az-aks-kubenet-001" + }, + "name": { + "value": "flux2" + }, + "namespace": { + "value": "flux-system" + }, + "scope": { + "value": "cluster" + }, + "sourceKind": { + "value": "GitRepository" + }, + "gitRepository": { + "value": { + "repositoryRef": { + "branch": "main" }, - "scope": { - "value": "cluster" - }, - "clusterName": { - "value": "<>-az-aks-kubenet-001" - }, - "namespace": { - "value": "flux-system" - }, - "sourceKind": { - "value": "GitRepository" - }, - "gitRepository": { - "value": { - "url": "https://github.com/mspnp/aks-baseline", - "timeoutInSeconds": 180, - "syncIntervalInSeconds": 300, - "repositoryRef": { - "branch": "main" - }, - "sshKnownHosts": "" - } - } + "sshKnownHosts": "", + "syncIntervalInSeconds": 300, + "timeoutInSeconds": 180, + "url": "https://github.com/mspnp/aks-baseline" + } } + } } ``` @@ -187,48 +187,48 @@ module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfiguration ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "flux2" - }, - "scope": { - "value": "cluster" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "clusterName": { + "value": "<>-az-aks-kubenet-001" + }, + "name": { + "value": "flux2" + }, + "namespace": { + "value": "flux-system" + }, + "scope": { + "value": "cluster" + }, + "sourceKind": { + "value": "GitRepository" + }, + "gitRepository": { + "value": { + "repositoryRef": { + "branch": "main" }, - "clusterName": { - "value": "<>-az-aks-kubenet-001" - }, - "namespace": { - "value": "flux-system" - }, - "sourceKind": { - "value": "GitRepository" - }, - "gitRepository": { - "value": { - "url": "https://github.com/mspnp/aks-baseline", - "timeoutInSeconds": 180, - "syncIntervalInSeconds": 300, - "repositoryRef": { - "branch": "main" - }, - "sshKnownHosts": "" - } - }, - "kustomizations": { - "value": { - "unified": { - "path": "./cluster-manifests", - "dependsOn": [], - "timeoutInSeconds": 300, - "syncIntervalInSeconds": 300, - "prune": true, - "force": false - } - } + "sshKnownHosts": "", + "syncIntervalInSeconds": 300, + "timeoutInSeconds": 180, + "url": "https://github.com/mspnp/aks-baseline" + } + }, + "kustomizations": { + "value": { + "unified": { + "dependsOn": [], + "force": false, + "path": "./cluster-manifests", + "prune": true, + "syncIntervalInSeconds": 300, + "timeoutInSeconds": 300 } + } } + } } ``` diff --git a/modules/Microsoft.Logic/workflows/readme.md b/modules/Microsoft.Logic/workflows/readme.md index 60de020b43..58b1cf7a49 100644 --- a/modules/Microsoft.Logic/workflows/readme.md +++ b/modules/Microsoft.Logic/workflows/readme.md @@ -384,82 +384,82 @@ module workflows './Microsoft.Logic/workflows/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-lga-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "tags": { - "value": {} - }, - "workflowActions": { - "value": { - "HTTP": { - "type": "Http", - "inputs": { - "method": "POST", - "uri": "https://testStringForValidation.com", - "body": { - "HostPoolName": "[HostPoolName]", - "LAWorkspaceName": "[LAWorkspaceName]", - "LimitSecondsToForceLogOffUser": "[LimitSecondsToForceLogOffUser]", - "EndPeakTime": "[EndPeakTime]", - "BeginPeakTime": "[BeginPeakTime]", - "UtcOffset": "[UtcOffset]", - "LogOffMessageBody": "[LogOffMessageBody]", - "LogOffMessageTitle": "[LogOffMessageTitle]", - "MinimumNumberOfRDSH": 1, - "SessionThresholdPerCPU": 1, - "ResourceGroupName": "[ResourceGroupName]" - } - } - } - } - }, - "workflowTriggers": { - "value": { - "Recurrence": { - "recurrence": { - "frequency": "Minute", - "interval": 15 - }, - "type": "Recurrence" - } - } - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "systemAssignedIdentity": { - "value": true + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-lga-x-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "systemAssignedIdentity": { + "value": true + }, + "tags": { + "value": {} + }, + "workflowActions": { + "value": { + "HTTP": { + "inputs": { + "body": { + "BeginPeakTime": "[BeginPeakTime]", + "EndPeakTime": "[EndPeakTime]", + "HostPoolName": "[HostPoolName]", + "LAWorkspaceName": "[LAWorkspaceName]", + "LimitSecondsToForceLogOffUser": "[LimitSecondsToForceLogOffUser]", + "LogOffMessageBody": "[LogOffMessageBody]", + "LogOffMessageTitle": "[LogOffMessageTitle]", + "MinimumNumberOfRDSH": 1, + "ResourceGroupName": "[ResourceGroupName]", + "SessionThresholdPerCPU": 1, + "UtcOffset": "[UtcOffset]" + }, + "method": "POST", + "uri": "https://testStringForValidation.com" + }, + "type": "Http" + } + } + }, + "workflowTriggers": { + "value": { + "Recurrence": { + "recurrence": { + "frequency": "Minute", + "interval": 15 + }, + "type": "Recurrence" + } + } } + } } ``` diff --git a/modules/Microsoft.MachineLearningServices/workspaces/readme.md b/modules/Microsoft.MachineLearningServices/workspaces/readme.md index 7bb74cc9db..02a601a273 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/readme.md +++ b/modules/Microsoft.MachineLearningServices/workspaces/readme.md @@ -426,28 +426,28 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-mls-min-001" - }, - "sku": { - "value": "Basic" - }, - "associatedStorageAccountResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "associatedKeyVaultResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "associatedApplicationInsightsResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001" - }, - "systemAssignedIdentity": { - "value": true - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "associatedApplicationInsightsResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001" + }, + "associatedKeyVaultResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" + }, + "associatedStorageAccountResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "name": { + "value": "<>-az-mls-min-001" + }, + "sku": { + "value": "Basic" + }, + "systemAssignedIdentity": { + "value": true } + } } ``` @@ -542,123 +542,123 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-mls-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "sku": { - "value": "Basic" - }, - "associatedStorageAccountResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "associatedKeyVaultResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "associatedApplicationInsightsResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001" - }, - "systemAssignedIdentity": { - "value": false // Must be false if `primaryUserAssignedIdentity` is provided - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "description": { - "value": "The cake is a lie." - }, - "discoveryUrl": { - "value": "http://example.com" - }, - "encryptionIdentity": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" - }, - "encryptionKeyIdentifier": { - "value": "https://adp-carml-az-kv-nopr-002.vault.azure.net/keys/keyEncryptionKey/5263fcde203347baa7cda35d074073b2" // ID must be updated for new keys - }, - "encryptionKeyVaultResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-carml-az-kv-nopr-002" - }, - "imageBuildCompute": { - "value": "testcompute" - }, - "publicNetworkAccess": { - "value": "Enabled" - }, - "primaryUserAssignedIdentity": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" - }, - "computes": { - "value": [ - { - "name": "DefaultCPU", - "location": "westeurope", - "computeLocation": "westeurope", - "sku": "Basic", - "systemAssignedIdentity": false, - "userAssignedIdentities": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - }, - "description": "Default CPU Cluster", - "disableLocalAuth": false, - "computeType": "AmlCompute", - "properties": { - "enableNodePublicIp": true, - "isolatedNetwork": false, - "osType": "Linux", - "remoteLoginPortPublicAccess": "Disabled", - "scaleSettings": { - "maxNodeCount": 3, - "minNodeCount": 0, - "nodeIdleTimeBeforeScaleDown": "PT5M" - }, - "vmPriority": "Dedicated", - "vmSize": "STANDARD_DS11_V2" - } - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "amlworkspace" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "associatedApplicationInsightsResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001" + }, + "associatedKeyVaultResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" + }, + "associatedStorageAccountResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "name": { + "value": "<>-az-mls-x-001" + }, + "sku": { + "value": "Basic" + }, + "computes": { + "value": [ + { + "computeLocation": "westeurope", + "computeType": "AmlCompute", + "description": "Default CPU Cluster", + "disableLocalAuth": false, + "location": "westeurope", + "name": "DefaultCPU", + "properties": { + "enableNodePublicIp": true, + "isolatedNetwork": false, + "osType": "Linux", + "remoteLoginPortPublicAccess": "Disabled", + "scaleSettings": { + "maxNodeCount": 3, + "minNodeCount": 0, + "nodeIdleTimeBeforeScaleDown": "PT5M" + }, + "vmPriority": "Dedicated", + "vmSize": "STANDARD_DS11_V2" + }, + "sku": "Basic", + "systemAssignedIdentity": false, + "userAssignedIdentities": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + ] + }, + "description": { + "value": "The cake is a lie." + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "discoveryUrl": { + "value": "http://example.com" + }, + "encryptionIdentity": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" + }, + "encryptionKeyIdentifier": { + "value": "https://adp-carml-az-kv-nopr-002.vault.azure.net/keys/keyEncryptionKey/5263fcde203347baa7cda35d074073b2" + }, + "encryptionKeyVaultResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-carml-az-kv-nopr-002" + }, + "imageBuildCompute": { + "value": "testcompute" + }, + "lock": { + "value": "CanNotDelete" + }, + "primaryUserAssignedIdentity": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" + }, + "privateEndpoints": { + "value": [ + { + "service": "amlworkspace", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + } + ] + }, + "publicNetworkAccess": { + "value": "Enabled" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "systemAssignedIdentity": { + "value": false + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` diff --git a/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md b/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md index 659db990a9..cba68604a8 100644 --- a/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md +++ b/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md @@ -175,26 +175,26 @@ module userAssignedIdentities './Microsoft.ManagedIdentity/userAssignedIdentitie ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-msi-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "lock": { + "value": "CanNotDelete" + }, + "name": { + "value": "<>-az-msi-x-001" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md b/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md index ec566a42e5..4ff62f9a21 100644 --- a/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md +++ b/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md @@ -208,38 +208,38 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "Component Validation - Subscription assignment" - }, - "registrationDescription": { - "value": "Managed by Lighthouse" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "authorizations": { + "value": [ + { + "principalId": "e87a249c-b53b-4685-94fe-863af522e4ee", + "principalIdDisplayName": "ResourceModules-Reader", + "roleDefinitionId": "acdd72a7-3385-48ef-bd42-f606fba81ae7" }, - "managedByTenantId": { - "value": "195ee85d-2f10-4764-8352-a3c99aa772fb" + { + "principalId": "e2f126a7-136e-443f-b39f-f73ddfd146b1", + "principalIdDisplayName": "ResourceModules-Contributor", + "roleDefinitionId": "b24988ac-6180-42a0-ab88-20f7382dd24c" }, - "authorizations": { - "value": [ - { - "principalId": "e87a249c-b53b-4685-94fe-863af522e4ee", - "principalIdDisplayName": "ResourceModules-Reader", - "roleDefinitionId": "acdd72a7-3385-48ef-bd42-f606fba81ae7" - }, - { - "principalId": "e2f126a7-136e-443f-b39f-f73ddfd146b1", - "principalIdDisplayName": "ResourceModules-Contributor", - "roleDefinitionId": "b24988ac-6180-42a0-ab88-20f7382dd24c" - }, - { - "principalId": "87813317-fb25-4c76-91fe-783af429d109", - "principalIdDisplayName": "ResourceModules-LHManagement", - "roleDefinitionId": "91c1777a-f3dc-4fae-b103-61d183457e46" - } - ] + { + "principalId": "87813317-fb25-4c76-91fe-783af429d109", + "principalIdDisplayName": "ResourceModules-LHManagement", + "roleDefinitionId": "91c1777a-f3dc-4fae-b103-61d183457e46" } + ] + }, + "managedByTenantId": { + "value": "195ee85d-2f10-4764-8352-a3c99aa772fb" + }, + "name": { + "value": "Component Validation - Subscription assignment" + }, + "registrationDescription": { + "value": "Managed by Lighthouse" } + } } ``` @@ -290,41 +290,41 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "Component Validation - Resource group assignment" - }, - "registrationDescription": { - "value": "Managed by Lighthouse" - }, - "managedByTenantId": { - "value": "195ee85d-2f10-4764-8352-a3c99aa772fb" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "authorizations": { + "value": [ + { + "principalId": "e87a249c-b53b-4685-94fe-863af522e4ee", + "principalIdDisplayName": "ResourceModules-Reader", + "roleDefinitionId": "acdd72a7-3385-48ef-bd42-f606fba81ae7" }, - "resourceGroupName": { - "value": "validation-rg" + { + "principalId": "e2f126a7-136e-443f-b39f-f73ddfd146b1", + "principalIdDisplayName": "ResourceModules-Contributor", + "roleDefinitionId": "b24988ac-6180-42a0-ab88-20f7382dd24c" }, - "authorizations": { - "value": [ - { - "principalId": "e87a249c-b53b-4685-94fe-863af522e4ee", - "principalIdDisplayName": "ResourceModules-Reader", - "roleDefinitionId": "acdd72a7-3385-48ef-bd42-f606fba81ae7" - }, - { - "principalId": "e2f126a7-136e-443f-b39f-f73ddfd146b1", - "principalIdDisplayName": "ResourceModules-Contributor", - "roleDefinitionId": "b24988ac-6180-42a0-ab88-20f7382dd24c" - }, - { - "principalId": "87813317-fb25-4c76-91fe-783af429d109", - "principalIdDisplayName": "ResourceModules-LHManagement", - "roleDefinitionId": "91c1777a-f3dc-4fae-b103-61d183457e46" - } - ] + { + "principalId": "87813317-fb25-4c76-91fe-783af429d109", + "principalIdDisplayName": "ResourceModules-LHManagement", + "roleDefinitionId": "91c1777a-f3dc-4fae-b103-61d183457e46" } + ] + }, + "managedByTenantId": { + "value": "195ee85d-2f10-4764-8352-a3c99aa772fb" + }, + "name": { + "value": "Component Validation - Resource group assignment" + }, + "registrationDescription": { + "value": "Managed by Lighthouse" + }, + "resourceGroupName": { + "value": "validation-rg" } + } } ``` diff --git a/modules/Microsoft.Management/managementGroups/readme.md b/modules/Microsoft.Management/managementGroups/readme.md index 5b44577143..308f8c16b9 100644 --- a/modules/Microsoft.Management/managementGroups/readme.md +++ b/modules/Microsoft.Management/managementGroups/readme.md @@ -149,19 +149,19 @@ module managementGroups './Microsoft.Management/managementGroups/deploy.bicep' = ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "testMG" - }, - "displayName": { - "value": "Test MG" - }, - "parentId": { - "value": "<>" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "testMG" + }, + "displayName": { + "value": "Test MG" + }, + "parentId": { + "value": "<>" } + } } ``` diff --git a/modules/Microsoft.NetApp/netAppAccounts/readme.md b/modules/Microsoft.NetApp/netAppAccounts/readme.md index ea66f1e765..8b6fe2aa72 100644 --- a/modules/Microsoft.NetApp/netAppAccounts/readme.md +++ b/modules/Microsoft.NetApp/netAppAccounts/readme.md @@ -178,13 +178,13 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-anf-min-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-anf-min-001" } + } } ``` @@ -297,103 +297,103 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-anf-nfs3-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "capacityPools": { - "value": [ - { - "name": "<>-az-anfcp-x-001", - "serviceLevel": "Premium", - "size": 4398046511104, - "volumes": [ - { - "name": "anf3-vol01-nfsv3", - "usageThreshold": 107374182400, - "protocolTypes": [ - "NFSv3" - ], - "exportPolicyRules": [ - { - "ruleIndex": 1, - "unixReadOnly": false, - "unixReadWrite": true, - "nfsv3": true, - "nfsv41": false, - "allowedClients": "0.0.0.0/0" - } - ], - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004", - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - { - "name": "anf3-vol02-nfsv3", - "usageThreshold": 107374182400, - "protocolTypes": [ - "NFSv3" - ], - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004" - } - ], - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-anf-nfs3-001" + }, + "capacityPools": { + "value": [ + { + "name": "<>-az-anfcp-x-001", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "serviceLevel": "Premium", + "size": 4398046511104, + "volumes": [ + { + "exportPolicyRules": [ { - "name": "<>-az-anfcp-x-002", - "serviceLevel": "Premium", - "size": 4398046511104, - "volumes": [], - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "allowedClients": "0.0.0.0/0", + "nfsv3": true, + "nfsv41": false, + "ruleIndex": 1, + "unixReadOnly": false, + "unixReadWrite": true } - ] - }, - "roleAssignments": { - "value": [ + ], + "name": "anf3-vol01-nfsv3", + "protocolTypes": [ + "NFSv3" + ], + "roleAssignments": [ { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } - ] + ], + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004", + "usageThreshold": 107374182400 + }, + { + "name": "anf3-vol02-nfsv3", + "protocolTypes": [ + "NFSv3" + ], + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004", + "usageThreshold": 107374182400 + } + ] }, - "tags": { - "value": { - "Environment": "Non-Prod", - "Contact": "test.user@testcompany.com", - "PurchaseOrder": "1234", - "CostCenter": "7890", - "ServiceName": "DeploymentValidation", - "Role": "DeploymentValidation" + { + "name": "<>-az-anfcp-x-002", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ], + "serviceLevel": "Premium", + "size": 4398046511104, + "volumes": [] } + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "tags": { + "value": { + "Contact": "test.user@testcompany.com", + "CostCenter": "7890", + "Environment": "Non-Prod", + "PurchaseOrder": "1234", + "Role": "DeploymentValidation", + "ServiceName": "DeploymentValidation" + } } + } } ``` @@ -515,110 +515,110 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-anf-nfs41-001" - }, - "capacityPools": { - "value": [ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-anf-nfs41-001" + }, + "capacityPools": { + "value": [ + { + "name": "<>-az-anfcp-x-001", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "serviceLevel": "Premium", + "size": 4398046511104, + "volumes": [ + { + "exportPolicyRules": [ { - "name": "<>-az-anfcp-x-001", - "serviceLevel": "Premium", - "size": 4398046511104, - "volumes": [ - { - "name": "anf4-vol01-nfsv41", - "usageThreshold": 107374182400, - "protocolTypes": [ - "NFSv4.1" - ], - "exportPolicyRules": [ - { - "ruleIndex": 1, - "unixReadOnly": false, - "unixReadWrite": true, - "nfsv3": false, - "nfsv41": true, - "allowedClients": "0.0.0.0/0" - } - ], - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004", - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - { - "name": "anf4-vol02-nfsv41", - "usageThreshold": 107374182400, - "protocolTypes": [ - "NFSv4.1" - ], - "exportPolicyRules": [ - { - "ruleIndex": 1, - "unixReadOnly": false, - "unixReadWrite": true, - "nfsv3": false, - "nfsv41": true, - "allowedClients": "0.0.0.0/0" - } - ], - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004" - } - ], - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, + "allowedClients": "0.0.0.0/0", + "nfsv3": false, + "nfsv41": true, + "ruleIndex": 1, + "unixReadOnly": false, + "unixReadWrite": true + } + ], + "name": "anf4-vol01-nfsv41", + "protocolTypes": [ + "NFSv4.1" + ], + "roleAssignments": [ { - "name": "<>-az-anfcp-x-002", - "serviceLevel": "Premium", - "size": 4398046511104, - "volumes": [], - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } - ] - }, - "roleAssignments": { - "value": [ + ], + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004", + "usageThreshold": 107374182400 + }, + { + "exportPolicyRules": [ { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] + "allowedClients": "0.0.0.0/0", + "nfsv3": false, + "nfsv41": true, + "ruleIndex": 1, + "unixReadOnly": false, + "unixReadWrite": true } - ] + ], + "name": "anf4-vol02-nfsv41", + "protocolTypes": [ + "NFSv4.1" + ], + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-004", + "usageThreshold": 107374182400 + } + ] }, - "tags": { - "value": { - "Environment": "Non-Prod", - "Contact": "test.user@testcompany.com", - "PurchaseOrder": "1234", - "CostCenter": "7890", - "ServiceName": "DeploymentValidation", - "Role": "DeploymentValidation" + { + "name": "<>-az-anfcp-x-002", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ], + "serviceLevel": "Premium", + "size": 4398046511104, + "volumes": [] + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "tags": { + "value": { + "Contact": "test.user@testcompany.com", + "CostCenter": "7890", + "Environment": "Non-Prod", + "PurchaseOrder": "1234", + "Role": "DeploymentValidation", + "ServiceName": "DeploymentValidation" + } } + } } ``` diff --git a/modules/Microsoft.Network/applicationGateways/readme.md b/modules/Microsoft.Network/applicationGateways/readme.md index c128e0d706..2fd6de4b45 100644 --- a/modules/Microsoft.Network/applicationGateways/readme.md +++ b/modules/Microsoft.Network/applicationGateways/readme.md @@ -562,371 +562,371 @@ module applicationGateways './Microsoft.Network/applicationGateways/deploy.bicep ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-apgw-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "webApplicationFirewallConfiguration": { - "value": { - "enabled": true, - "firewallMode": "Detection", - "ruleSetType": "OWASP", - "ruleSetVersion": "3.0", - "disabledRuleGroups": [], - "requestBodyCheck": true, - "maxRequestBodySizeInKb": 128, - "fileUploadLimitInMb": 100 - } - }, - "enableHttp2": { - "value": true - }, - "backendAddressPools": { - "value": [ - { - "name": "appServiceBackendPool", - "properties": { - "backendAddresses": [ - { - "fqdn": "aghapp.azurewebsites.net" - } - ] - } - }, - { - "name": "privateVmBackendPool", - "properties": { - "backendAddresses": [ - { - "ipAddress": "10.0.0.4" - } - ] - } - } - ] - }, - "backendHttpSettingsCollection": { - "value": [ - { - "name": "appServiceBackendHttpsSetting", - "properties": { - "port": 443, - "protocol": "Https", - "cookieBasedAffinity": "Disabled", - "pickHostNameFromBackendAddress": true, - "requestTimeout": 30 - } - }, - { - "name": "privateVmHttpSetting", - "properties": { - "port": 80, - "protocol": "Http", - "cookieBasedAffinity": "Disabled", - "pickHostNameFromBackendAddress": false, - "requestTimeout": 30, - "probe": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/probes/privateVmHttpSettingProbe" - } - } - } - ] - }, - "frontendIPConfigurations": { - "value": [ - { - "name": "private", - "properties": { - "privateIPAddress": "10.0.8.6", - "privateIPAllocationMethod": "Static", - "subnet": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-007" - } - } - }, - { - "name": "public", - "properties": { - "privateIPAllocationMethod": "Dynamic", - "publicIPAddress": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-apgw" - } - } - } - ] - }, - "frontendPorts": { - "value": [ - { - "name": "port443", - "properties": { - "port": 443 - } - }, - { - "name": "port4433", - "properties": { - "port": 4433 - } - }, - { - "name": "port80", - "properties": { - "port": 80 - } - }, - { - "name": "port8080", - "properties": { - "port": 8080 - } - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-apgw-x-001" + }, + "backendAddressPools": { + "value": [ + { + "name": "appServiceBackendPool", + "properties": { + "backendAddresses": [ + { + "fqdn": "aghapp.azurewebsites.net" + } ] + } }, - "httpListeners": { - "value": [ - { - "name": "public443", - "properties": { - "frontendIPConfiguration": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/public" - }, - "frontendPort": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port443" - }, - "sslCertificate": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/sslCertificates/<>-az-apgw-x-001-ssl-certificate" - }, - "protocol": "https", - "hostNames": [], - "requireServerNameIndication": false - } - }, - { - "name": "private4433", - "properties": { - "frontendIPConfiguration": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/private" - }, - "frontendPort": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port4433" - }, - "sslCertificate": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/sslCertificates/<>-az-apgw-x-001-ssl-certificate" - }, - "protocol": "https", - "hostNames": [], - "requireServerNameIndication": false - } - }, - { - "name": "httpRedirect80", - "properties": { - "frontendIPConfiguration": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/public" - }, - "frontendPort": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port80" - }, - "protocol": "Http", - "hostNames": [], - "requireServerNameIndication": false - } - }, - { - "name": "httpRedirect8080", - "properties": { - "frontendIPConfiguration": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/private" - }, - "frontendPort": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port8080" - }, - "protocol": "Http", - "hostNames": [], - "requireServerNameIndication": false - } - } + { + "name": "privateVmBackendPool", + "properties": { + "backendAddresses": [ + { + "ipAddress": "10.0.0.4" + } ] + } + } + ] + }, + "backendHttpSettingsCollection": { + "value": [ + { + "name": "appServiceBackendHttpsSetting", + "properties": { + "cookieBasedAffinity": "Disabled", + "pickHostNameFromBackendAddress": true, + "port": 443, + "protocol": "Https", + "requestTimeout": 30 + } }, - "gatewayIPConfigurations": { - "value": [ - { - "name": "apw-ip-configuration", - "properties": { - "subnet": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-007" - } - } - } - ] + { + "name": "privateVmHttpSetting", + "properties": { + "cookieBasedAffinity": "Disabled", + "pickHostNameFromBackendAddress": false, + "port": 80, + "probe": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/probes/privateVmHttpSettingProbe" + }, + "protocol": "Http", + "requestTimeout": 30 + } + } + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "enableHttp2": { + "value": true + }, + "frontendIPConfigurations": { + "value": [ + { + "name": "private", + "properties": { + "privateIPAddress": "10.0.8.6", + "privateIPAllocationMethod": "Static", + "subnet": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-007" + } + } }, - "probes": { - "value": [ - { - "name": "privateVmHttpSettingProbe", - "properties": { - "protocol": "Http", - "host": "10.0.0.4", - "path": "/", - "interval": 60, - "timeout": 15, - "unhealthyThreshold": 5, - "pickHostNameFromBackendHttpSettings": false, - "minServers": 3, - "match": { - "statusCodes": [ - "200", - "401" - ] - } - } - } - ] + { + "name": "public", + "properties": { + "privateIPAllocationMethod": "Dynamic", + "publicIPAddress": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-apgw" + } + } + } + ] + }, + "frontendPorts": { + "value": [ + { + "name": "port443", + "properties": { + "port": 443 + } }, - "redirectConfigurations": { - "value": [ - { - "name": "httpRedirect80", - "properties": { - "redirectType": "Permanent", - "targetListener": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/public443" - }, - "includePath": true, - "includeQueryString": true, - "requestRoutingRules": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/requestRoutingRules/httpRedirect80-public443" - } - ] - } - }, - { - "name": "httpRedirect8080", - "properties": { - "redirectType": "Permanent", - "targetListener": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/private4433" - }, - "includePath": true, - "includeQueryString": true, - "requestRoutingRules": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/requestRoutingRules/httpRedirect8080-private4433" - } - ] - } - } - ] + { + "name": "port4433", + "properties": { + "port": 4433 + } }, - "requestRoutingRules": { - "value": [ - { - "name": "public443-appServiceBackendHttpsSetting-appServiceBackendHttpsSetting", - "properties": { - "ruleType": "Basic", - "httpListener": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/public443" - }, - "backendAddressPool": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendAddressPools/appServiceBackendPool" - }, - "backendHttpSettings": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendHttpSettingsCollection/appServiceBackendHttpsSetting" - } - } - }, - { - "name": "private4433-privateVmHttpSetting-privateVmHttpSetting", - "properties": { - "ruleType": "Basic", - "httpListener": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/private4433" - }, - "backendAddressPool": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendAddressPools/privateVmBackendPool" - }, - "backendHttpSettings": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendHttpSettingsCollection/privateVmHttpSetting" - } - } - }, - { - "name": "httpRedirect80-public443", - "properties": { - "ruleType": "Basic", - "httpListener": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/httpRedirect80" - }, - "redirectConfiguration": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/redirectConfigurations/httpRedirect80" - } - } - }, - { - "name": "httpRedirect8080-private4433", - "properties": { - "ruleType": "Basic", - "httpListener": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/httpRedirect8080" - }, - "redirectConfiguration": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/redirectConfigurations/httpRedirect8080" - } - } - } - ] + { + "name": "port80", + "properties": { + "port": 80 + } }, - "sku": { - "value": "WAF_v2" + { + "name": "port8080", + "properties": { + "port": 8080 + } + } + ] + }, + "gatewayIPConfigurations": { + "value": [ + { + "name": "apw-ip-configuration", + "properties": { + "subnet": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-007" + } + } + } + ] + }, + "httpListeners": { + "value": [ + { + "name": "public443", + "properties": { + "frontendIPConfiguration": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/public" + }, + "frontendPort": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port443" + }, + "hostNames": [], + "protocol": "https", + "requireServerNameIndication": false, + "sslCertificate": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/sslCertificates/<>-az-apgw-x-001-ssl-certificate" + } + } }, - "sslCertificates": { - "value": [ - { - "name": "<>-az-apgw-x-001-ssl-certificate", - "properties": { - "keyVaultSecretId": "https://adp-<>-az-kv-x-001.vault.azure.net/secrets/applicationGatewaySslCertificate" - } - } - ] + { + "name": "private4433", + "properties": { + "frontendIPConfiguration": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/private" + }, + "frontendPort": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port4433" + }, + "hostNames": [], + "protocol": "https", + "requireServerNameIndication": false, + "sslCertificate": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/sslCertificates/<>-az-apgw-x-001-ssl-certificate" + } + } }, - "diagnosticLogsRetentionInDays": { - "value": 7 + { + "name": "httpRedirect80", + "properties": { + "frontendIPConfiguration": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/public" + }, + "frontendPort": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port80" + }, + "hostNames": [], + "protocol": "Http", + "requireServerNameIndication": false + } }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + { + "name": "httpRedirect8080", + "properties": { + "frontendIPConfiguration": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendIPConfigurations/private" + }, + "frontendPort": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/frontendPorts/port8080" + }, + "hostNames": [], + "protocol": "Http", + "requireServerNameIndication": false + } + } + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "probes": { + "value": [ + { + "name": "privateVmHttpSettingProbe", + "properties": { + "host": "10.0.0.4", + "interval": 60, + "match": { + "statusCodes": [ + "200", + "401" + ] + }, + "minServers": 3, + "path": "/", + "pickHostNameFromBackendHttpSettings": false, + "protocol": "Http", + "timeout": 15, + "unhealthyThreshold": 5 + } + } + ] + }, + "redirectConfigurations": { + "value": [ + { + "name": "httpRedirect80", + "properties": { + "includePath": true, + "includeQueryString": true, + "redirectType": "Permanent", + "requestRoutingRules": [ + { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/requestRoutingRules/httpRedirect80-public443" + } + ], + "targetListener": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/public443" + } + } }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + { + "name": "httpRedirect8080", + "properties": { + "includePath": true, + "includeQueryString": true, + "redirectType": "Permanent", + "requestRoutingRules": [ + { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/requestRoutingRules/httpRedirect8080-private4433" + } + ], + "targetListener": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/private4433" + } + } + } + ] + }, + "requestRoutingRules": { + "value": [ + { + "name": "public443-appServiceBackendHttpsSetting-appServiceBackendHttpsSetting", + "properties": { + "backendAddressPool": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendAddressPools/appServiceBackendPool" + }, + "backendHttpSettings": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendHttpSettingsCollection/appServiceBackendHttpsSetting" + }, + "httpListener": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/public443" + }, + "ruleType": "Basic" + } }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + { + "name": "private4433-privateVmHttpSetting-privateVmHttpSetting", + "properties": { + "backendAddressPool": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendAddressPools/privateVmBackendPool" + }, + "backendHttpSettings": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/backendHttpSettingsCollection/privateVmHttpSetting" + }, + "httpListener": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/private4433" + }, + "ruleType": "Basic" + } }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + { + "name": "httpRedirect80-public443", + "properties": { + "httpListener": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/httpRedirect80" + }, + "redirectConfiguration": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/redirectConfigurations/httpRedirect80" + }, + "ruleType": "Basic" + } }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + { + "name": "httpRedirect8080-private4433", + "properties": { + "httpListener": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/httpListeners/httpRedirect8080" + }, + "redirectConfiguration": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationGateways/<>-az-apgw-x-001/redirectConfigurations/httpRedirect8080" + }, + "ruleType": "Basic" + } } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "sku": { + "value": "WAF_v2" + }, + "sslCertificates": { + "value": [ + { + "name": "<>-az-apgw-x-001-ssl-certificate", + "properties": { + "keyVaultSecretId": "https://adp-<>-az-kv-x-001.vault.azure.net/secrets/applicationGatewaySslCertificate" + } + } + ] + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } + }, + "webApplicationFirewallConfiguration": { + "value": { + "disabledRuleGroups": [], + "enabled": true, + "fileUploadLimitInMb": 100, + "firewallMode": "Detection", + "maxRequestBodySizeInKb": 128, + "requestBodyCheck": true, + "ruleSetType": "OWASP", + "ruleSetVersion": "3.0" + } } + } } ``` diff --git a/modules/Microsoft.Network/applicationSecurityGroups/readme.md b/modules/Microsoft.Network/applicationSecurityGroups/readme.md index 48f8ee4c2e..b856fe8918 100644 --- a/modules/Microsoft.Network/applicationSecurityGroups/readme.md +++ b/modules/Microsoft.Network/applicationSecurityGroups/readme.md @@ -178,26 +178,26 @@ module applicationSecurityGroups './Microsoft.Network/applicationSecurityGroups/ ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-asg-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-asg-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Network/azureFirewalls/readme.md b/modules/Microsoft.Network/azureFirewalls/readme.md index d7adc6c54e..899294a842 100644 --- a/modules/Microsoft.Network/azureFirewalls/readme.md +++ b/modules/Microsoft.Network/azureFirewalls/readme.md @@ -330,24 +330,24 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-fw-add-001" - }, - "vNetId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-add-azfw" - }, - "additionalPublicIpConfigurations": { - "value": [ - { - "name": "ipConfig01", - "publicIPAddressResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-additional-fw" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-fw-add-001" + }, + "vNetId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-add-azfw" + }, + "additionalPublicIpConfigurations": { + "value": [ + { + "name": "ipConfig01", + "publicIPAddressResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-additional-fw" } + ] } + } } ``` @@ -402,41 +402,41 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-fw-custompip-001" - }, - "vNetId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-azfw" - }, - "publicIPAddressObject": { - "value": { - "name": "adp-<>-az-pip-custom-x-fw", - "publicIPPrefixResourceId": "", - "publicIPAllocationMethod": "Static", - "skuName": "Standard", - "skuTier": "Regional", - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ], - "diagnosticMetricsToEnable": [ - "AllMetrics" - ], - "diagnosticLogCategoriesToEnable": [ - "DDoSProtectionNotifications", - "DDoSMitigationFlowLogs", - "DDoSMitigationReports" - ] - } - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-fw-custompip-001" + }, + "vNetId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-azfw" + }, + "publicIPAddressObject": { + "value": { + "diagnosticLogCategoriesToEnable": [ + "DDoSMitigationFlowLogs", + "DDoSMitigationReports", + "DDoSProtectionNotifications" + ], + "diagnosticMetricsToEnable": [ + "AllMetrics" + ], + "name": "adp-<>-az-pip-custom-x-fw", + "publicIPAllocationMethod": "Static", + "publicIPPrefixResourceId": "", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "skuName": "Standard", + "skuTier": "Regional" + } } + } } ``` @@ -468,16 +468,16 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-fw-min-001" - }, - "vNetId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-min-azfw" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-fw-min-001" + }, + "vNetId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-min-azfw" } + } } ``` @@ -610,139 +610,139 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-fw-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "zones": { - "value": [ - "1", - "2", - "3" - ] - }, - "vNetId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-azfw" - }, - "azureFirewallSubnetPublicIpId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-fw" - }, - "applicationRuleCollections": { - "value": [ - { - "name": "allow-app-rules", - "properties": { - "priority": 100, - "action": { - "type": "allow" - }, - "rules": [ - { - "name": "allow-ase-tags", - "sourceAddresses": [ - "*" - ], - "protocols": [ - { - "protocolType": "HTTP", - "port": "80" - }, - { - "protocolType": "HTTPS", - "port": "443" - } - ], - "fqdnTags": [ - "AppServiceEnvironment", - "WindowsUpdate" - ] - }, - { - "name": "allow-ase-management", - "sourceAddresses": [ - "*" - ], - "protocols": [ - { - "protocolType": "HTTP", - "port": "80" - }, - { - "protocolType": "HTTPS", - "port": "443" - } - ], - "targetFqdns": [ - "management.azure.com" - ] - } - ] - } - } - ] - }, - "networkRuleCollections": { - "value": [ - { - "name": "allow-network-rules", - "properties": { - "priority": 100, - "action": { - "type": "allow" - }, - "rules": [ - { - "name": "allow-ntp", - "sourceAddresses": [ - "*" - ], - "destinationAddresses": [ - "*" - ], - "destinationPorts": [ - "123", - "12000" - ], - "protocols": [ - "Any" - ] - } - ] - } - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-fw-x-001" + }, + "vNetId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-azfw" + }, + "applicationRuleCollections": { + "value": [ + { + "name": "allow-app-rules", + "properties": { + "action": { + "type": "allow" + }, + "priority": 100, + "rules": [ + { + "fqdnTags": [ + "AppServiceEnvironment", + "WindowsUpdate" + ], + "name": "allow-ase-tags", + "protocols": [ + { + "port": "80", + "protocolType": "HTTP" + }, + { + "port": "443", + "protocolType": "HTTPS" + } + ], + "sourceAddresses": [ + "*" + ] + }, + { + "name": "allow-ase-management", + "protocols": [ + { + "port": "80", + "protocolType": "HTTP" + }, + { + "port": "443", + "protocolType": "HTTPS" + } + ], + "sourceAddresses": [ + "*" + ], + "targetFqdns": [ + "management.azure.com" + ] + } ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } + } + } + ] + }, + "azureFirewallSubnetPublicIpId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-fw" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "networkRuleCollections": { + "value": [ + { + "name": "allow-network-rules", + "properties": { + "action": { + "type": "allow" + }, + "priority": 100, + "rules": [ + { + "destinationAddresses": [ + "*" + ], + "destinationPorts": [ + "12000", + "123" + ], + "name": "allow-ntp", + "protocols": [ + "Any" + ], + "sourceAddresses": [ + "*" + ] + } ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + } } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "zones": { + "value": [ + "1", + "2", + "3" + ] } + } } ``` diff --git a/modules/Microsoft.Network/bastionHosts/readme.md b/modules/Microsoft.Network/bastionHosts/readme.md index b9517156e6..db5ff7d79f 100644 --- a/modules/Microsoft.Network/bastionHosts/readme.md +++ b/modules/Microsoft.Network/bastionHosts/readme.md @@ -314,24 +314,24 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-bas-add-001" - }, - "vNetId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-add-bas" - }, - "additionalPublicIpConfigurations": { - "value": [ - { - "name": "ipConfig01", - "publicIPAddressResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-additional-bas" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-bas-add-001" + }, + "vNetId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-add-bas" + }, + "additionalPublicIpConfigurations": { + "value": [ + { + "name": "ipConfig01", + "publicIPAddressResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-additional-bas" } + ] } + } } ``` @@ -386,41 +386,41 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-bas-custompip-001" - }, - "vNetId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-bas" - }, - "publicIPAddressObject": { - "value": { - "name": "adp-<>-az-pip-custom-x-bas", - "publicIPPrefixResourceId": "", - "publicIPAllocationMethod": "Static", - "skuName": "Standard", - "skuTier": "Regional", - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ], - "diagnosticMetricsToEnable": [ - "AllMetrics" - ], - "diagnosticLogCategoriesToEnable": [ - "DDoSProtectionNotifications", - "DDoSMitigationFlowLogs", - "DDoSMitigationReports" - ] - } - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-bas-custompip-001" + }, + "vNetId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-bas" + }, + "publicIPAddressObject": { + "value": { + "diagnosticLogCategoriesToEnable": [ + "DDoSMitigationFlowLogs", + "DDoSMitigationReports", + "DDoSProtectionNotifications" + ], + "diagnosticMetricsToEnable": [ + "AllMetrics" + ], + "name": "adp-<>-az-pip-custom-x-bas", + "publicIPAllocationMethod": "Static", + "publicIPPrefixResourceId": "", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "skuName": "Standard", + "skuTier": "Regional" + } } + } } ``` @@ -452,16 +452,16 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-bas-min-001" - }, - "vNetId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-002" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-bas-min-001" + }, + "vNetId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-002" } + } } ``` @@ -510,53 +510,53 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-bas-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "vNetId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001" - }, - "azureBastionSubnetPublicIpId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-bas" - }, - "skuType": { - "value": "Standard" - }, - "scaleUnits": { - "value": 4 - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-bas-x-001" + }, + "vNetId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001" + }, + "azureBastionSubnetPublicIpId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-bas" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "scaleUnits": { + "value": 4 + }, + "skuType": { + "value": "Standard" } + } } ``` diff --git a/modules/Microsoft.Network/connections/readme.md b/modules/Microsoft.Network/connections/readme.md index f06dfd8a24..2b3512d25a 100644 --- a/modules/Microsoft.Network/connections/readme.md +++ b/modules/Microsoft.Network/connections/readme.md @@ -344,43 +344,43 @@ module connections './Microsoft.Network/connections/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-vnetgwc-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-vnetgwc-x-001" + }, + "virtualNetworkGateway1": { + "value": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworkGateways/<>-az-vnet-vpn-gw-p-001" + } + }, + "enableBgp": { + "value": false + }, + "location": { + "value": "eastus" + }, + "lock": { + "value": "CanNotDelete" + }, + "virtualNetworkGateway2": { + "value": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworkGateways/<>-az-vnet-vpn-gw-p-002" + } + }, + "virtualNetworkGatewayConnectionType": { + "value": "Vnet2Vnet" + }, + "vpnSharedKey": { + "reference": { + "keyVault": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" }, - "lock": { - "value": "CanNotDelete" - }, - "virtualNetworkGateway1": { - "value": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworkGateways/<>-az-vnet-vpn-gw-p-001" - } - }, - "virtualNetworkGateway2": { - "value": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworkGateways/<>-az-vnet-vpn-gw-p-002" - } - }, - "vpnSharedKey": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "vpnSharedKey" - } - }, - "virtualNetworkGatewayConnectionType": { - "value": "Vnet2Vnet" - }, - "enableBgp": { - "value": false - }, - "location": { - "value": "eastus" - } + "secretName": "vpnSharedKey" + } } + } } ``` diff --git a/modules/Microsoft.Network/ddosProtectionPlans/readme.md b/modules/Microsoft.Network/ddosProtectionPlans/readme.md index d7d1c1b041..40d75bae51 100644 --- a/modules/Microsoft.Network/ddosProtectionPlans/readme.md +++ b/modules/Microsoft.Network/ddosProtectionPlans/readme.md @@ -178,26 +178,26 @@ module ddosProtectionPlans './Microsoft.Network/ddosProtectionPlans/deploy.bicep ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-ddos-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "lock": { + "value": "CanNotDelete" + }, + "name": { + "value": "<>-az-ddos-x-001" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Network/expressRouteCircuits/readme.md b/modules/Microsoft.Network/expressRouteCircuits/readme.md index 12aba56a4a..c3115e79e2 100644 --- a/modules/Microsoft.Network/expressRouteCircuits/readme.md +++ b/modules/Microsoft.Network/expressRouteCircuits/readme.md @@ -210,56 +210,56 @@ module expressRouteCircuits './Microsoft.Network/expressRouteCircuits/deploy.bic ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-erc-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "serviceProviderName": { - "value": "Equinix" - }, - "peeringLocation": { - "value": "Amsterdam" - }, - "bandwidthInMbps": { - "value": 50 - }, - "skuTier": { - "value": "Standard" - }, - "skuFamily": { - "value": "MeteredData" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "bandwidthInMbps": { + "value": 50 + }, + "name": { + "value": "<>-az-erc-x-001" + }, + "peeringLocation": { + "value": "Amsterdam" + }, + "serviceProviderName": { + "value": "Equinix" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "skuFamily": { + "value": "MeteredData" + }, + "skuTier": { + "value": "Standard" } + } } ``` diff --git a/modules/Microsoft.Network/firewallPolicies/readme.md b/modules/Microsoft.Network/firewallPolicies/readme.md index 985ca3adf7..2613109f6b 100644 --- a/modules/Microsoft.Network/firewallPolicies/readme.md +++ b/modules/Microsoft.Network/firewallPolicies/readme.md @@ -160,13 +160,13 @@ module firewallPolicies './Microsoft.Network/firewallPolicies/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-fwpol-min-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-fwpol-min-001" } + } } ``` @@ -235,53 +235,53 @@ module firewallPolicies './Microsoft.Network/firewallPolicies/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-fwpol-x-002" - }, - "ruleCollectionGroups": { - "value": [ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-fwpol-x-002" + }, + "ruleCollectionGroups": { + "value": [ + { + "name": "<>-rule-001", + "priority": 5000, + "ruleCollections": [ + { + "action": { + "type": "Allow" + }, + "name": "collection002", + "priority": 5555, + "ruleCollectionType": "FirewallPolicyFilterRuleCollection", + "rules": [ { - "name": "<>-rule-001", - "priority": 5000, - "ruleCollections": [ - { - "name": "collection002", - "priority": 5555, - "action": { - "type": "Allow" - }, - "rules": [ - { - "name": "rule002", - "ipProtocols": [ - "TCP", - "UDP" - ], - "destinationPorts": [ - "80" - ], - "sourceAddresses": [ - "*" - ], - "sourceIpGroups": [], - "ruleType": "NetworkRule", - "destinationIpGroups": [], - "destinationAddresses": [ - "*" - ], - "destinationFqdns": [] - } - ], - "ruleCollectionType": "FirewallPolicyFilterRuleCollection" - } - ] + "destinationAddresses": [ + "*" + ], + "destinationFqdns": [], + "destinationIpGroups": [], + "destinationPorts": [ + "80" + ], + "ipProtocols": [ + "TCP", + "UDP" + ], + "name": "rule002", + "ruleType": "NetworkRule", + "sourceAddresses": [ + "*" + ], + "sourceIpGroups": [] } - ] + ] + } + ] } + ] } + } } ``` diff --git a/modules/Microsoft.Network/frontDoors/readme.md b/modules/Microsoft.Network/frontDoors/readme.md index 61f4299364..c53a436e8a 100644 --- a/modules/Microsoft.Network/frontDoors/readme.md +++ b/modules/Microsoft.Network/frontDoors/readme.md @@ -185,10 +185,10 @@ module frontDoors './Microsoft.Network/frontDoors/deploy.bicep' = { httpPort: 80 httpsPort: 443 priority: 1 - privateLinkAlias: {} - privateLinkApprovalMessage: {} - privateLinkLocation: {} - privateLinkResourceId: {} + privateLinkAlias: '' + privateLinkApprovalMessage: '' + privateLinkLocation: '' + privateLinkResourceId: '' weight: 50 } ] @@ -216,8 +216,8 @@ module frontDoors './Microsoft.Network/frontDoors/deploy.bicep' = { { name: 'heathProbe' properties: { - enabledState: {} - healthProbeMethod: {} + enabledState: '' + healthProbeMethod: '' intervalInSeconds: 60 path: '/' protocol: 'Https' @@ -276,119 +276,119 @@ module frontDoors './Microsoft.Network/frontDoors/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-fd-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "backendPools": { - "value": [ - { - "name": "backendPool", - "properties": { - "backends": [ - { - "address": "biceptest.local", - "backendHostHeader": "backendAddress", - "httpPort": 80, - "httpsPort": 443, - "weight": 50, - "priority": 1, - "enabledState": "Enabled", - "privateLinkAlias": "", - "privateLinkApprovalMessage": "", - "privateLinkLocation": "", - "privateLinkResourceId": "" - } - ], - "LoadBalancingSettings": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/LoadBalancingSettings/loadBalancer" - }, - "HealthProbeSettings": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/HealthProbeSettings/heathProbe" - } - } - } - ] - }, - "enforceCertificateNameCheck": { - "value": "Disabled" - }, - "sendRecvTimeoutSeconds": { - "value": 10 - }, - "frontendEndpoints": { - "value": [ - { - "name": "frontEnd", - "properties": { - "hostName": "<>-az-fd-x-001.azurefd.net", - "sessionAffinityEnabledState": "Disabled", - "sessionAffinityTtlSeconds": 60 - } - } - ] - }, - "healthProbeSettings": { - "value": [ - { - "name": "heathProbe", - "properties": { - "enabledState": "", - "healthProbeMethod": "", - "intervalInSeconds": 60, - "path": "/", - "protocol": "Https" - } - } - ] - }, - "loadBalancingSettings": { - "value": [ - { - "name": "loadBalancer", - "properties": { - "additionalLatencyMilliseconds": 0, - "sampleSize": 50, - "successfulSamplesRequired": 1 - } - } - ] - }, - "routingRules": { - "value": [ - { - "name": "routingRule", - "properties": { - "acceptedProtocols": [ - "Http", - "Https" - ], - "enabledState": "Enabled", - "frontendEndpoints": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/FrontendEndpoints/frontEnd" - } - ], - "patternsToMatch": [ - "/*" - ], - "routeConfiguration": { - "@odata.type": "#Microsoft.Azure.FrontDoor.Models.FrontdoorForwardingConfiguration", - "forwardingProtocol": "MatchRequest", - "backendPool": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/BackendPools/backendPool" - } - } - } - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-fd-x-001" + }, + "backendPools": { + "value": [ + { + "name": "backendPool", + "properties": { + "backends": [ + { + "address": "biceptest.local", + "backendHostHeader": "backendAddress", + "enabledState": "Enabled", + "httpPort": 80, + "httpsPort": 443, + "priority": 1, + "privateLinkAlias": "", + "privateLinkApprovalMessage": "", + "privateLinkLocation": "", + "privateLinkResourceId": "", + "weight": 50 + } + ], + "HealthProbeSettings": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/HealthProbeSettings/heathProbe" + }, + "LoadBalancingSettings": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/LoadBalancingSettings/loadBalancer" + } + } } + ] + }, + "enforceCertificateNameCheck": { + "value": "Disabled" + }, + "frontendEndpoints": { + "value": [ + { + "name": "frontEnd", + "properties": { + "hostName": "<>-az-fd-x-001.azurefd.net", + "sessionAffinityEnabledState": "Disabled", + "sessionAffinityTtlSeconds": 60 + } + } + ] + }, + "healthProbeSettings": { + "value": [ + { + "name": "heathProbe", + "properties": { + "enabledState": "", + "healthProbeMethod": "", + "intervalInSeconds": 60, + "path": "/", + "protocol": "Https" + } + } + ] + }, + "loadBalancingSettings": { + "value": [ + { + "name": "loadBalancer", + "properties": { + "additionalLatencyMilliseconds": 0, + "sampleSize": 50, + "successfulSamplesRequired": 1 + } + } + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "routingRules": { + "value": [ + { + "name": "routingRule", + "properties": { + "acceptedProtocols": [ + "Http", + "Https" + ], + "enabledState": "Enabled", + "frontendEndpoints": [ + { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/FrontendEndpoints/frontEnd" + } + ], + "patternsToMatch": [ + "/*" + ], + "routeConfiguration": { + "@odata.type": "#Microsoft.Azure.FrontDoor.Models.FrontdoorForwardingConfiguration", + "backendPool": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/frontDoors/<>-az-fd-x-001/BackendPools/backendPool" + }, + "forwardingProtocol": "MatchRequest" + } + } + } + ] + }, + "sendRecvTimeoutSeconds": { + "value": 10 } + } } ``` diff --git a/modules/Microsoft.Network/ipGroups/readme.md b/modules/Microsoft.Network/ipGroups/readme.md index 6e89e226c1..a529059d04 100644 --- a/modules/Microsoft.Network/ipGroups/readme.md +++ b/modules/Microsoft.Network/ipGroups/readme.md @@ -183,32 +183,32 @@ module ipGroups './Microsoft.Network/ipGroups/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "iacsGroup-servers" - }, - "lock": { - "value": "CanNotDelete" - }, - "ipAddresses": { - "value": [ - "10.0.0.1", - "10.0.0.2" - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "iacsGroup-servers" + }, + "ipAddresses": { + "value": [ + "10.0.0.1", + "10.0.0.2" + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Network/loadBalancers/readme.md b/modules/Microsoft.Network/loadBalancers/readme.md index 98fbd059fb..4d967e023d 100644 --- a/modules/Microsoft.Network/loadBalancers/readme.md +++ b/modules/Microsoft.Network/loadBalancers/readme.md @@ -551,105 +551,105 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-lb-internal-001" - }, - "loadBalancerSku": { - "value": "Standard" - }, - "frontendIPConfigurations": { - "value": [ - { - "name": "privateIPConfig1", - "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" - } - ] - }, - "backendAddressPools": { - "value": [ - { - "name": "servers" - } - ] - }, - "probes": { - "value": [ - { - "name": "probe1", - "protocol": "Tcp", - "port": "62000", - "intervalInSeconds": 5, - "numberOfProbes": 2 - } - ] - }, - "loadBalancingRules": { - "value": [ - { - "name": "privateIPLBRule1", - "frontendIPConfigurationName": "privateIPConfig1", - "frontendPort": 0, - "backendPort": 0, - "enableFloatingIP": true, - "idleTimeoutInMinutes": 4, - "protocol": "All", - "loadDistribution": "Default", - "probeName": "probe1", - "disableOutboundSnat": true, - "enableTcpReset": false, - "backendAddressPoolName": "servers" - } - ] - }, - "inboundNatRules": { - "value": [ - { - "name": "inboundNatRule1", - "frontendIPConfigurationName": "privateIPConfig1", - "frontendPort": 443, - "backendPort": 443, - "enableFloatingIP": false, - "idleTimeoutInMinutes": 4, - "protocol": "Tcp", - "enableTcpReset": false - }, - { - "name": "inboundNatRule2", - "frontendIPConfigurationName": "privateIPConfig1", - "frontendPort": 3389, - "backendPort": 3389 - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "frontendIPConfigurations": { + "value": [ + { + "name": "privateIPConfig1", + "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" + } + ] + }, + "name": { + "value": "<>-az-lb-internal-001" + }, + "backendAddressPools": { + "value": [ + { + "name": "servers" + } + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "inboundNatRules": { + "value": [ + { + "backendPort": 443, + "enableFloatingIP": false, + "enableTcpReset": false, + "frontendIPConfigurationName": "privateIPConfig1", + "frontendPort": 443, + "idleTimeoutInMinutes": 4, + "name": "inboundNatRule1", + "protocol": "Tcp" }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + { + "backendPort": 3389, + "frontendIPConfigurationName": "privateIPConfig1", + "frontendPort": 3389, + "name": "inboundNatRule2" } + ] + }, + "loadBalancerSku": { + "value": "Standard" + }, + "loadBalancingRules": { + "value": [ + { + "backendAddressPoolName": "servers", + "backendPort": 0, + "disableOutboundSnat": true, + "enableFloatingIP": true, + "enableTcpReset": false, + "frontendIPConfigurationName": "privateIPConfig1", + "frontendPort": 0, + "idleTimeoutInMinutes": 4, + "loadDistribution": "Default", + "name": "privateIPLBRule1", + "probeName": "probe1", + "protocol": "All" + } + ] + }, + "probes": { + "value": [ + { + "intervalInSeconds": 5, + "name": "probe1", + "numberOfProbes": 2, + "port": "62000", + "protocol": "Tcp" + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] } + } } ``` @@ -686,21 +686,21 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-lb-min-001" - }, - "frontendIPConfigurations": { - "value": [ - { - "name": "publicIPConfig1", - "publicIPAddressId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-min-lb" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "frontendIPConfigurations": { + "value": [ + { + "name": "publicIPConfig1", + "publicIPAddressId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-min-lb" } + ] + }, + "name": { + "value": "<>-az-lb-min-001" } + } } ``` @@ -825,133 +825,133 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-lb-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "frontendIPConfigurations": { - "value": [ - { - "name": "publicIPConfig1", - "publicIPAddressId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-lb" - } - ] - }, - "backendAddressPools": { - "value": [ - { - "name": "backendAddressPool1" - }, - { - "name": "backendAddressPool2" - } - ] - }, - "loadBalancingRules": { - "value": [ - { - "name": "publicIPLBRule1", - "frontendIPConfigurationName": "publicIPConfig1", - "frontendPort": 80, - "backendPort": 80, - "enableFloatingIP": false, - "idleTimeoutInMinutes": 5, - "protocol": "Tcp", - "enableTcpReset": false, - "loadDistribution": "Default", - "disableOutboundSnat": true, - "probeName": "probe1", - "backendAddressPoolName": "backendAddressPool1" - }, - { - "name": "publicIPLBRule2", - "frontendIPConfigurationName": "publicIPConfig1", - "frontendPort": 8080, - "backendPort": 8080, - "loadDistribution": "Default", - "probeName": "probe2", - "backendAddressPoolName": "backendAddressPool2" - } - ] - }, - "inboundNatRules": { - "value": [ - { - "name": "inboundNatRule1", - "frontendIPConfigurationName": "publicIPConfig1", - "frontendPort": 443, - "backendPort": 443, - "enableFloatingIP": false, - "idleTimeoutInMinutes": 4, - "protocol": "Tcp", - "enableTcpReset": false - }, - { - "name": "inboundNatRule2", - "frontendIPConfigurationName": "publicIPConfig1", - "frontendPort": 3389, - "backendPort": 3389 - } - ] - }, - "outboundRules": { - "value": [ - { - "name": "outboundRule1", - "frontendIPConfigurationName": "publicIPConfig1", - "backendAddressPoolName": "backendAddressPool1", - "allocatedOutboundPorts": 63984 - } - ] - }, - "probes": { - "value": [ - { - "name": "probe1", - "protocol": "Tcp", - "port": 80, - "intervalInSeconds": 10, - "numberOfProbes": 5 - }, - { - "name": "probe2", - "protocol": "Https", - "port": 443, - "requestPath": "/" - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "frontendIPConfigurations": { + "value": [ + { + "name": "publicIPConfig1", + "publicIPAddressId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-lb" + } + ] + }, + "name": { + "value": "<>-az-lb-x-001" + }, + "backendAddressPools": { + "value": [ + { + "name": "backendAddressPool1" }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + { + "name": "backendAddressPool2" + } + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "inboundNatRules": { + "value": [ + { + "backendPort": 443, + "enableFloatingIP": false, + "enableTcpReset": false, + "frontendIPConfigurationName": "publicIPConfig1", + "frontendPort": 443, + "idleTimeoutInMinutes": 4, + "name": "inboundNatRule1", + "protocol": "Tcp" }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + { + "backendPort": 3389, + "frontendIPConfigurationName": "publicIPConfig1", + "frontendPort": 3389, + "name": "inboundNatRule2" + } + ] + }, + "loadBalancingRules": { + "value": [ + { + "backendAddressPoolName": "backendAddressPool1", + "backendPort": 80, + "disableOutboundSnat": true, + "enableFloatingIP": false, + "enableTcpReset": false, + "frontendIPConfigurationName": "publicIPConfig1", + "frontendPort": 80, + "idleTimeoutInMinutes": 5, + "loadDistribution": "Default", + "name": "publicIPLBRule1", + "probeName": "probe1", + "protocol": "Tcp" }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + { + "backendAddressPoolName": "backendAddressPool2", + "backendPort": 8080, + "frontendIPConfigurationName": "publicIPConfig1", + "frontendPort": 8080, + "loadDistribution": "Default", + "name": "publicIPLBRule2", + "probeName": "probe2" + } + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "outboundRules": { + "value": [ + { + "allocatedOutboundPorts": 63984, + "backendAddressPoolName": "backendAddressPool1", + "frontendIPConfigurationName": "publicIPConfig1", + "name": "outboundRule1" + } + ] + }, + "probes": { + "value": [ + { + "intervalInSeconds": 10, + "name": "probe1", + "numberOfProbes": 5, + "port": 80, + "protocol": "Tcp" }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + { + "name": "probe2", + "port": 443, + "protocol": "Https", + "requestPath": "/" } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] } + } } ``` diff --git a/modules/Microsoft.Network/localNetworkGateways/readme.md b/modules/Microsoft.Network/localNetworkGateways/readme.md index a404b53018..33406ede41 100644 --- a/modules/Microsoft.Network/localNetworkGateways/readme.md +++ b/modules/Microsoft.Network/localNetworkGateways/readme.md @@ -190,40 +190,40 @@ module localNetworkGateways './Microsoft.Network/localNetworkGateways/deploy.bic ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-lng-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "localAddressPrefixes": { - "value": [ - "192.168.1.0/24" - ] - }, - "localGatewayPublicIpAddress": { - "value": "8.8.8.8" - }, - "localAsn": { - "value": "65123" - }, - "localBgpPeeringAddress": { - "value": "192.168.1.5" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "localAddressPrefixes": { + "value": [ + "192.168.1.0/24" + ] + }, + "localGatewayPublicIpAddress": { + "value": "8.8.8.8" + }, + "name": { + "value": "<>-az-lng-x-001" + }, + "localAsn": { + "value": "65123" + }, + "localBgpPeeringAddress": { + "value": "192.168.1.5" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Network/natGateways/readme.md b/modules/Microsoft.Network/natGateways/readme.md index 85db9985cb..595c28b302 100644 --- a/modules/Microsoft.Network/natGateways/readme.md +++ b/modules/Microsoft.Network/natGateways/readme.md @@ -202,44 +202,44 @@ module natGateways './Microsoft.Network/natGateways/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-ngw-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "natGatewayPublicIpAddress": { - "value": true - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-ngw-x-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "natGatewayPublicIpAddress": { + "value": true + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Network/networkInterfaces/readme.md b/modules/Microsoft.Network/networkInterfaces/readme.md index d2a992b606..6317f304c5 100644 --- a/modules/Microsoft.Network/networkInterfaces/readme.md +++ b/modules/Microsoft.Network/networkInterfaces/readme.md @@ -209,21 +209,21 @@ module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-nic-min-001" - }, - "ipConfigurations": { - "value": [ - { - "name": "ipconfig01", - "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "ipConfigurations": { + "value": [ + { + "name": "ipconfig01", + "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" } + ] + }, + "name": { + "value": "<>-az-nic-min-001" } + } } ``` @@ -284,59 +284,59 @@ module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-nic-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "ipConfigurations": { - "value": [ - { - "name": "ipconfig01", - "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001", - "loadBalancerBackendAddressPools": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers" - } - ], - "applicationSecurityGroups": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001" - } - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "ipConfigurations": { + "value": [ + { + "applicationSecurityGroups": [ + { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001" + } + ], + "loadBalancerBackendAddressPools": [ + { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/loadBalancers/adp-<>-az-lb-internal-001/backendAddressPools/servers" + } + ], + "name": "ipconfig01", + "subnetId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" + } + ] + }, + "name": { + "value": "<>-az-nic-x-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Network/networkSecurityGroups/readme.md b/modules/Microsoft.Network/networkSecurityGroups/readme.md index 569f613c46..004f8b5b43 100644 --- a/modules/Microsoft.Network/networkSecurityGroups/readme.md +++ b/modules/Microsoft.Network/networkSecurityGroups/readme.md @@ -179,13 +179,13 @@ module networkSecurityGroups './Microsoft.Network/networkSecurityGroups/deploy.b ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-nsg-min-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-nsg-min-001" } + } } ``` @@ -294,107 +294,107 @@ module networkSecurityGroups './Microsoft.Network/networkSecurityGroups/deploy.b ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-nsg-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "securityRules": { - "value": [ - { - "name": "Specific", - "properties": { - "description": "Tests specific IPs and ports", - "protocol": "*", - "sourcePortRange": "*", - "destinationPortRange": "8080", - "sourceAddressPrefix": "*", - "destinationAddressPrefix": "*", - "access": "Allow", - "priority": 100, - "direction": "Inbound" - } - }, - { - "name": "Ranges", - "properties": { - "description": "Tests Ranges", - "protocol": "*", - "access": "Allow", - "priority": 101, - "direction": "Inbound", - "sourcePortRanges": [ - "80", - "81" - ], - "destinationPortRanges": [ - "90", - "91" - ], - "sourceAddressPrefixes": [ - "10.0.0.0/16", - "10.1.0.0/16" - ], - "destinationAddressPrefixes": [ - "10.2.0.0/16", - "10.3.0.0/16" - ] - } - }, - { - "name": "Port_8082", - "properties": { - "description": "Allow inbound access on TCP 8082", - "protocol": "*", - "sourcePortRange": "*", - "destinationPortRange": "8082", - "access": "Allow", - "priority": 102, - "direction": "Inbound", - "sourceApplicationSecurityGroups": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001" - } - ], - "destinationApplicationSecurityGroups": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001" - } - ] - } - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-nsg-x-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "securityRules": { + "value": [ + { + "name": "Specific", + "properties": { + "access": "Allow", + "description": "Tests specific IPs and ports", + "destinationAddressPrefix": "*", + "destinationPortRange": "8080", + "direction": "Inbound", + "priority": 100, + "protocol": "*", + "sourceAddressPrefix": "*", + "sourcePortRange": "*" + } }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } + { + "name": "Ranges", + "properties": { + "access": "Allow", + "description": "Tests Ranges", + "destinationAddressPrefixes": [ + "10.2.0.0/16", + "10.3.0.0/16" + ], + "destinationPortRanges": [ + "90", + "91" + ], + "direction": "Inbound", + "priority": 101, + "protocol": "*", + "sourceAddressPrefixes": [ + "10.0.0.0/16", + "10.1.0.0/16" + ], + "sourcePortRanges": [ + "80", + "81" ] + } }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + { + "name": "Port_8082", + "properties": { + "access": "Allow", + "description": "Allow inbound access on TCP 8082", + "destinationApplicationSecurityGroups": [ + { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001" + } + ], + "destinationPortRange": "8082", + "direction": "Inbound", + "priority": 102, + "protocol": "*", + "sourceApplicationSecurityGroups": [ + { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/applicationSecurityGroups/adp-<>-az-asg-x-001" + } + ], + "sourcePortRange": "*" + } } + ] } + } } ``` diff --git a/modules/Microsoft.Network/networkWatchers/readme.md b/modules/Microsoft.Network/networkWatchers/readme.md index a5f2b6931e..3dd8abdb4d 100644 --- a/modules/Microsoft.Network/networkWatchers/readme.md +++ b/modules/Microsoft.Network/networkWatchers/readme.md @@ -173,13 +173,13 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "location": { - "value": "northeurope" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "location": { + "value": "northeurope" } + } } ``` @@ -287,96 +287,96 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "adp-<>-az-nw-x-001" - }, - "flowLogs": { - "value": [ - { - "targetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001", - "storageId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", - "enabled": false - }, - { - "name": "adp-<>-az-nsg-x-apgw-flowlog", - "targetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-apgw", - "storageId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", - "workspaceResourceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001", - "formatVersion": 1, - "trafficAnalyticsInterval": 10, - "retentionInDays": 8 - } - ] - }, - "connectionMonitors": { - "value": [ - { - "name": "adp-<>-az-conn-mon-x-001", - "endpoints": [ - { - "name": "<>-az-subnet-x-001(validation-rg)", - "type": "AzureVM", - "resourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/virtualMachines/adp-<>-vm-01" - }, - { - "name": "Office Portal", - "type": "ExternalAddress", - "address": "www.office.com" - } - ], - "testConfigurations": [ - { - "name": "HTTP Test", - "testFrequencySec": 30, - "protocol": "Http", - "httpConfiguration": { - "port": 80, - "method": "Get", - "requestHeaders": [], - "validStatusCodeRanges": [ - "200" - ], - "preferHTTPS": false - }, - "successThreshold": { - "checksFailedPercent": 5, - "roundTripTimeMs": 100 - } - } - ], - "testGroups": [ - { - "name": "TestHTTPBing", - "disable": false, - "testConfigurations": [ - "HTTP Test" - ], - "sources": [ - "<>-az-subnet-x-001(validation-rg)" - ], - "destinations": [ - "Office Portal" - ] - } - ], - "workspaceResourceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "connectionMonitors": { + "value": [ + { + "endpoints": [ + { + "name": "<>-az-subnet-x-001(validation-rg)", + "resourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/virtualMachines/adp-<>-vm-01", + "type": "AzureVM" + }, + { + "address": "www.office.com", + "name": "Office Portal", + "type": "ExternalAddress" + } + ], + "name": "adp-<>-az-conn-mon-x-001", + "testConfigurations": [ + { + "httpConfiguration": { + "method": "Get", + "port": 80, + "preferHTTPS": false, + "requestHeaders": [], + "validStatusCodeRanges": [ + "200" + ] + }, + "name": "HTTP Test", + "protocol": "Http", + "successThreshold": { + "checksFailedPercent": 5, + "roundTripTimeMs": 100 + }, + "testFrequencySec": 30 + } + ], + "testGroups": [ + { + "destinations": [ + "Office Portal" + ], + "disable": false, + "name": "TestHTTPBing", + "sources": [ + "<>-az-subnet-x-001(validation-rg)" + ], + "testConfigurations": [ + "HTTP Test" + ] + } + ], + "workspaceResourceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + } + ] + }, + "flowLogs": { + "value": [ + { + "enabled": false, + "storageId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", + "targetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001" }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + { + "formatVersion": 1, + "name": "adp-<>-az-nsg-x-apgw-flowlog", + "retentionInDays": 8, + "storageId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", + "targetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-apgw", + "trafficAnalyticsInterval": 10, + "workspaceResourceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + } + ] + }, + "name": { + "value": "adp-<>-az-nw-x-001" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Network/privateDnsZones/readme.md b/modules/Microsoft.Network/privateDnsZones/readme.md index 43c672edee..0bf4eff43e 100644 --- a/modules/Microsoft.Network/privateDnsZones/readme.md +++ b/modules/Microsoft.Network/privateDnsZones/readme.md @@ -187,13 +187,13 @@ module privateDnsZones './Microsoft.Network/privateDnsZones/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-privdns-x-001.com" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-privdns-x-001.com" } + } } ``` @@ -391,202 +391,202 @@ module privateDnsZones './Microsoft.Network/privateDnsZones/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-privdns-x-002.com" - }, - "lock": { - "value": "CanNotDelete" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "AAAA": { - "value": [ - { - "name": "AAAA_2001_0db8_85a3_0000_0000_8a2e_0370_7334", - "ttl": 3600, - "aaaaRecords": [ - { - "ipv6Address": "2001:0db8:85a3:0000:0000:8a2e:0370:7334" - } - ] - } - ] - }, - "A": { - "value": [ - { - "name": "A_10.240.4.4", - "ttl": 3600, - "aRecords": [ - { - "ipv4Address": "10.240.4.4" - } - ], - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - } - ] - }, - "CNAME": { - "value": [ - { - "name": "CNAME_test", - "ttl": 3600, - "cnameRecord": { - "cname": "test" - }, - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - } - ] - }, - "MX": { - "value": [ - { - "name": "MX_contoso", - "ttl": 3600, - "mxRecords": [ - { - "exchange": "contoso.com", - "preference": 100 - } - ], - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - } - ] - }, - "PTR": { - "value": [ - { - "name": "PTR_contoso", - "ttl": 3600, - "ptrRecords": [ - { - "ptrdname": "contoso.com" - } - ], - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - } - ] - }, - "SOA": { - "value": [ - { - "name": "@", - "ttl": 3600, - "soaRecord": { - "email": "azureprivatedns-host.microsoft.com", - "expireTime": 2419200, - "host": "azureprivatedns.net", - "minimumTtl": 10, - "refreshTime": 3600, - "retryTime": 300, - "serialNumber": "1" - }, - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - } - ] - }, - "SRV": { - "value": [ - { - "name": "SRV_contoso", - "ttl": 3600, - "srvRecords": [ - { - "port": 9332, - "priority": 0, - "target": "test.contoso.com", - "weight": 0 - } - ], - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - } - ] - }, - "TXT": { - "value": [ - { - "name": "TXT_test", - "ttl": 3600, - "txtRecords": [ - { - "value": [ - "test" - ] - } - ], - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - } - ] - }, - "virtualNetworkLinks": { - "value": [ - { - "virtualNetworkResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001", - "registrationEnabled": true - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-privdns-x-002.com" + }, + "A": { + "value": [ + { + "aRecords": [ + { + "ipv4Address": "10.240.4.4" + } + ], + "name": "A_10.240.4.4", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "ttl": 3600 + } + ] + }, + "AAAA": { + "value": [ + { + "aaaaRecords": [ + { + "ipv6Address": "2001:0db8:85a3:0000:0000:8a2e:0370:7334" + } + ], + "name": "AAAA_2001_0db8_85a3_0000_0000_8a2e_0370_7334", + "ttl": 3600 + } + ] + }, + "CNAME": { + "value": [ + { + "cnameRecord": { + "cname": "test" + }, + "name": "CNAME_test", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "ttl": 3600 } + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "MX": { + "value": [ + { + "mxRecords": [ + { + "exchange": "contoso.com", + "preference": 100 + } + ], + "name": "MX_contoso", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "ttl": 3600 + } + ] + }, + "PTR": { + "value": [ + { + "name": "PTR_contoso", + "ptrRecords": [ + { + "ptrdname": "contoso.com" + } + ], + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "ttl": 3600 + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "SOA": { + "value": [ + { + "name": "@", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "soaRecord": { + "email": "azureprivatedns-host.microsoft.com", + "expireTime": 2419200, + "host": "azureprivatedns.net", + "minimumTtl": 10, + "refreshTime": 3600, + "retryTime": 300, + "serialNumber": "1" + }, + "ttl": 3600 + } + ] + }, + "SRV": { + "value": [ + { + "name": "SRV_contoso", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "srvRecords": [ + { + "port": 9332, + "priority": 0, + "target": "test.contoso.com", + "weight": 0 + } + ], + "ttl": 3600 + } + ] + }, + "TXT": { + "value": [ + { + "name": "TXT_test", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "ttl": 3600, + "txtRecords": [ + { + "value": [ + "test" + ] + } + ] + } + ] + }, + "virtualNetworkLinks": { + "value": [ + { + "registrationEnabled": true, + "virtualNetworkResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001" + } + ] } + } } ``` diff --git a/modules/Microsoft.Network/privateEndpoints/readme.md b/modules/Microsoft.Network/privateEndpoints/readme.md index 7dcbdf5ed4..1827f3c7f9 100644 --- a/modules/Microsoft.Network/privateEndpoints/readme.md +++ b/modules/Microsoft.Network/privateEndpoints/readme.md @@ -191,24 +191,24 @@ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-pe-kvlt-min-001" - }, - "subnetResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" - }, - "serviceResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-pe" - }, - "groupIds": { - "value": [ - "vault" - ] - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "groupIds": { + "value": [ + "vault" + ] + }, + "name": { + "value": "<>-az-pe-kvlt-min-001" + }, + "serviceResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-pe" + }, + "subnetResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" } + } } ``` @@ -260,46 +260,46 @@ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-pe-kvlt-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "subnetResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" - }, - "serviceResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-pe" - }, - "groupIds": { - "value": [ - "vault" - ] - }, - "privateDnsZoneGroups": { - "value": [ - { - "privateDNSResourceIds": [ - "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/privateDnsZones/privatelink.vaultcore.azure.net" - ] - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "groupIds": { + "value": [ + "vault" + ] + }, + "name": { + "value": "<>-az-pe-kvlt-001" + }, + "serviceResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-pe" + }, + "subnetResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + }, + "lock": { + "value": "CanNotDelete" + }, + "privateDnsZoneGroups": { + "value": [ + { + "privateDNSResourceIds": [ + "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/privateDnsZones/privatelink.vaultcore.azure.net" + ] + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Network/publicIPAddresses/readme.md b/modules/Microsoft.Network/publicIPAddresses/readme.md index bafeee5980..8bac9c5513 100644 --- a/modules/Microsoft.Network/publicIPAddresses/readme.md +++ b/modules/Microsoft.Network/publicIPAddresses/readme.md @@ -204,54 +204,54 @@ module publicIPAddresses './Microsoft.Network/publicIPAddresses/deploy.bicep' = ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-pip-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "skuName": { - "value": "Standard" - }, - "publicIPAllocationMethod": { - "value": "Static" - }, - "zones": { - "value": [ - "1", - "2", - "3" - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-pip-x-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "publicIPAllocationMethod": { + "value": "Static" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "skuName": { + "value": "Standard" + }, + "zones": { + "value": [ + "1", + "2", + "3" + ] } + } } ``` diff --git a/modules/Microsoft.Network/publicIPPrefixes/readme.md b/modules/Microsoft.Network/publicIPPrefixes/readme.md index 118c43ccf9..3ccb2f159c 100644 --- a/modules/Microsoft.Network/publicIPPrefixes/readme.md +++ b/modules/Microsoft.Network/publicIPPrefixes/readme.md @@ -180,29 +180,29 @@ module publicIPPrefixes './Microsoft.Network/publicIPPrefixes/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-pippfx-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "prefixLength": { - "value": 28 - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-pippfx-x-001" + }, + "prefixLength": { + "value": 28 + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Network/routeTables/readme.md b/modules/Microsoft.Network/routeTables/readme.md index 5deef64bed..cabeaad4a3 100644 --- a/modules/Microsoft.Network/routeTables/readme.md +++ b/modules/Microsoft.Network/routeTables/readme.md @@ -279,38 +279,38 @@ module routeTables './Microsoft.Network/routeTables/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-udr-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "routes": { - "value": [ - { - "name": "default", - "properties": { - "addressPrefix": "0.0.0.0/0", - "nextHopType": "VirtualAppliance", - "nextHopIpAddress": "172.16.0.20" - } - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-udr-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "routes": { + "value": [ + { + "name": "default", + "properties": { + "addressPrefix": "0.0.0.0/0", + "nextHopIpAddress": "172.16.0.20", + "nextHopType": "VirtualAppliance" + } } + ] } + } } ``` diff --git a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md index ea92ea8a1d..c7c437b492 100644 --- a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md +++ b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md @@ -289,44 +289,44 @@ module trafficmanagerprofiles './Microsoft.Network/trafficmanagerprofiles/deploy ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "tm-000001" - }, - "lock": { - "value": "CanNotDelete" - }, - "relativeName": { - "value": "tm-000001" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "tm-000001" + }, + "relativeName": { + "value": "tm-000001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Network/virtualHubs/readme.md b/modules/Microsoft.Network/virtualHubs/readme.md index cdad996671..e11b58400b 100644 --- a/modules/Microsoft.Network/virtualHubs/readme.md +++ b/modules/Microsoft.Network/virtualHubs/readme.md @@ -129,19 +129,19 @@ module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-vhub-min-001" - }, - "addressPrefix": { - "value": "10.0.0.0/16" - }, - "virtualWanId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "addressPrefix": { + "value": "10.0.0.0/16" + }, + "name": { + "value": "<>-az-vhub-min-001" + }, + "virtualWanId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001" } + } } ``` @@ -201,52 +201,52 @@ module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-vhub-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "addressPrefix": { - "value": "10.1.0.0/16" - }, - "virtualWanId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001" - }, - "hubRouteTables": { - "value": [ - { - "name": "routeTable1" - } - ] - }, - "hubVirtualNetworkConnections": { - "value": [ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "addressPrefix": { + "value": "10.1.0.0/16" + }, + "name": { + "value": "<>-az-vhub-x-001" + }, + "virtualWanId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001" + }, + "hubRouteTables": { + "value": [ + { + "name": "routeTable1" + } + ] + }, + "hubVirtualNetworkConnections": { + "value": [ + { + "name": "connection1", + "remoteVirtualNetworkId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-vhub", + "routingConfiguration": { + "associatedRouteTable": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vHub-x-001/hubRouteTables/routeTable1" + }, + "propagatedRouteTables": { + "ids": [ { - "name": "connection1", - "remoteVirtualNetworkId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-vhub", - "routingConfiguration": { - "associatedRouteTable": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vHub-x-001/hubRouteTables/routeTable1" - }, - "propagatedRouteTables": { - "ids": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vHub-x-001/hubRouteTables/routeTable1" - } - ], - "labels": [ - "none" - ] - } - } + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vHub-x-001/hubRouteTables/routeTable1" } - ] + ], + "labels": [ + "none" + ] + } + } } + ] + }, + "lock": { + "value": "CanNotDelete" } + } } ``` diff --git a/modules/Microsoft.Network/virtualNetworkGateways/readme.md b/modules/Microsoft.Network/virtualNetworkGateways/readme.md index 3973d3fb5c..777b88defb 100644 --- a/modules/Microsoft.Network/virtualNetworkGateways/readme.md +++ b/modules/Microsoft.Network/virtualNetworkGateways/readme.md @@ -292,65 +292,65 @@ module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-gw-er-001" - }, - "gatewayPipName": { - "value": "<>-az-gw-er-001-pip" - }, - "domainNameLabel": { - "value": [ - "<>-az-gw-er-dm-001" - ] - }, - "virtualNetworkGatewayType": { - "value": "ExpressRoute" - }, - "virtualNetworkGatewaySku": { - "value": "ErGw1AZ" - }, - "vNetResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001" - }, - "tags": { - "value": { - "Environment": "Validation", - "Contact": "test.user@testcompany.com", - "PurchaseOrder": "", - "CostCenter": "", - "ServiceName": "DeploymentValidation", - "Role": "DeploymentValidation" - } - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-gw-er-001" + }, + "virtualNetworkGatewaySku": { + "value": "ErGw1AZ" + }, + "virtualNetworkGatewayType": { + "value": "ExpressRoute" + }, + "vNetResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "domainNameLabel": { + "value": [ + "<>-az-gw-er-dm-001" + ] + }, + "gatewayPipName": { + "value": "<>-az-gw-er-001-pip" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "tags": { + "value": { + "Contact": "test.user@testcompany.com", + "CostCenter": "", + "Environment": "Validation", + "PurchaseOrder": "", + "Role": "DeploymentValidation", + "ServiceName": "DeploymentValidation" + } } + } } ``` @@ -406,66 +406,66 @@ module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-gw-vpn-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "domainNameLabel": { - "value": [ - "<>-az-gw-vpn-dm-001" - ] - }, - "virtualNetworkGatewayType": { - "value": "Vpn" - }, - "virtualNetworkGatewaySku": { - "value": "VpnGw1AZ" - }, - "publicIpZones": { - "value": [ - "1" - ] - }, - "vpnType": { - "value": "RouteBased" - }, - "activeActive": { - "value": true - }, - "vNetResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-gw-vpn-001" + }, + "virtualNetworkGatewaySku": { + "value": "VpnGw1AZ" + }, + "virtualNetworkGatewayType": { + "value": "Vpn" + }, + "vNetResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001" + }, + "activeActive": { + "value": true + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "domainNameLabel": { + "value": [ + "<>-az-gw-vpn-dm-001" + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "publicIpZones": { + "value": [ + "1" + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "vpnType": { + "value": "RouteBased" } + } } ``` diff --git a/modules/Microsoft.Network/virtualNetworks/readme.md b/modules/Microsoft.Network/virtualNetworks/readme.md index 96b65f7cce..d6d2a1f85f 100644 --- a/modules/Microsoft.Network/virtualNetworks/readme.md +++ b/modules/Microsoft.Network/virtualNetworks/readme.md @@ -375,18 +375,18 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-vnet-min-001" - }, - "addressPrefixes": { - "value": [ - "10.0.0.0/16" - ] - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "addressPrefixes": { + "value": [ + "10.0.0.0/16" + ] + }, + "name": { + "value": "<>-az-vnet-min-001" } + } } ``` @@ -484,100 +484,100 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-vnet-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "addressPrefixes": { - "value": [ - "10.0.0.0/16" - ] - }, - "subnets": { - "value": [ - { - "name": "GatewaySubnet", - "addressPrefix": "10.0.255.0/24" - }, - { - "name": "<>-az-subnet-x-001", - "addressPrefix": "10.0.0.0/24", - "networkSecurityGroupId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001", - "serviceEndpoints": [ - { - "service": "Microsoft.Storage" - }, - { - "service": "Microsoft.Sql" - } - ], - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ], - "routeTableId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/routeTables/adp-<>-az-udr-x-001" - }, - { - "name": "<>-az-subnet-x-002", - "addressPrefix": "10.0.3.0/24", - "delegations": [ - { - "name": "netappDel", - "properties": { - "serviceName": "Microsoft.Netapp/volumes" - } - } - ] - }, - { - "name": "<>-az-subnet-x-003", - "addressPrefix": "10.0.6.0/24", - "privateEndpointNetworkPolicies": "Disabled", - "privateLinkServiceNetworkPolicies": "Enabled" - } - ] - }, - "dnsServers": { - "value": [ - "10.0.1.4", - "10.0.1.5" - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "addressPrefixes": { + "value": [ + "10.0.0.0/16" + ] + }, + "name": { + "value": "<>-az-vnet-x-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "dnsServers": { + "value": [ + "10.0.1.4", + "10.0.1.5" + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "subnets": { + "value": [ + { + "addressPrefix": "10.0.255.0/24", + "name": "GatewaySubnet" }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + { + "addressPrefix": "10.0.0.0/24", + "name": "<>-az-subnet-x-001", + "networkSecurityGroupId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ], + "routeTableId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/routeTables/adp-<>-az-udr-x-001", + "serviceEndpoints": [ + { + "service": "Microsoft.Storage" + }, + { + "service": "Microsoft.Sql" + } + ] }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + { + "addressPrefix": "10.0.3.0/24", + "delegations": [ + { + "name": "netappDel", + "properties": { + "serviceName": "Microsoft.Netapp/volumes" + } + } + ], + "name": "<>-az-subnet-x-002" }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + { + "addressPrefix": "10.0.6.0/24", + "name": "<>-az-subnet-x-003", + "privateEndpointNetworkPolicies": "Disabled", + "privateLinkServiceNetworkPolicies": "Enabled" } + ] } + } } ``` @@ -635,56 +635,56 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-vnet-peer-001" - }, - "addressPrefixes": { - "value": [ - "10.0.0.0/24" - ] - }, - "subnets": { - "value": [ - { - "name": "GatewaySubnet", - "addressPrefix": "10.0.0.0/26" - } - ] - }, - "virtualNetworkPeerings": { - "value": [ - { - "remoteVirtualNetworkId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-peer01", - "allowForwardedTraffic": true, - "allowGatewayTransit": false, - "allowVirtualNetworkAccess": true, - "useRemoteGateways": false, - "remotePeeringEnabled": true, - "remotePeeringName": "customName", - "remotePeeringAllowVirtualNetworkAccess": true, - "remotePeeringAllowForwardedTraffic": true - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "addressPrefixes": { + "value": [ + "10.0.0.0/24" + ] + }, + "name": { + "value": "<>-az-vnet-peer-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "subnets": { + "value": [ + { + "addressPrefix": "10.0.0.0/26", + "name": "GatewaySubnet" } + ] + }, + "virtualNetworkPeerings": { + "value": [ + { + "allowForwardedTraffic": true, + "allowGatewayTransit": false, + "allowVirtualNetworkAccess": true, + "remotePeeringAllowForwardedTraffic": true, + "remotePeeringAllowVirtualNetworkAccess": true, + "remotePeeringEnabled": true, + "remotePeeringName": "customName", + "remoteVirtualNetworkId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-peer01", + "useRemoteGateways": false + } + ] } + } } ``` diff --git a/modules/Microsoft.Network/virtualWans/readme.md b/modules/Microsoft.Network/virtualWans/readme.md index e1feb7774e..17c2ce2c10 100644 --- a/modules/Microsoft.Network/virtualWans/readme.md +++ b/modules/Microsoft.Network/virtualWans/readme.md @@ -173,13 +173,13 @@ module virtualWans './Microsoft.Network/virtualWans/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-vw-min-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-vw-min-001" } + } } ``` @@ -223,38 +223,38 @@ module virtualWans './Microsoft.Network/virtualWans/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-vw-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "type": { - "value": "Basic" - }, - "allowBranchToBranchTraffic": { - "value": true - }, - "allowVnetToVnetTraffic": { - "value": true - }, - "disableVpnEncryption": { - "value": true - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-vw-x-001" + }, + "allowBranchToBranchTraffic": { + "value": true + }, + "allowVnetToVnetTraffic": { + "value": true + }, + "disableVpnEncryption": { + "value": true + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "type": { + "value": "Basic" } + } } ``` diff --git a/modules/Microsoft.Network/vpnGateways/readme.md b/modules/Microsoft.Network/vpnGateways/readme.md index 9b4e652847..638d97001b 100644 --- a/modules/Microsoft.Network/vpnGateways/readme.md +++ b/modules/Microsoft.Network/vpnGateways/readme.md @@ -195,16 +195,16 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-vpngw-min-001" - }, - "virtualHubResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-min-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-vpngw-min-001" + }, + "virtualHubResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-min-001" } + } } ``` @@ -284,72 +284,72 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-vpngw-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "virtualHubResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001" - }, - "bgpSettings": { - "value": { - "asn": 65515, - "peerWeight": 0 - } - }, - "connections": { - "value": [ - { - "name": "Connection-<>-az-vsite-x-001", - "connectionBandwidth": 10, - "enableBgp": true, - "routingConfiguration": { - "associatedRouteTable": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable" - }, - "propagatedRouteTables": { - "labels": [ - "default" - ], - "ids": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable" - } - ] - }, - "vnetRoutes": { - "staticRoutes": [] - } - }, - "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/<>-az-vsite-x-001" - } - ] - }, - "natRules": { - "value": [ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-vpngw-x-001" + }, + "virtualHubResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001" + }, + "bgpSettings": { + "value": { + "asn": 65515, + "peerWeight": 0 + } + }, + "connections": { + "value": [ + { + "connectionBandwidth": 10, + "enableBgp": true, + "name": "Connection-<>-az-vsite-x-001", + "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/<>-az-vsite-x-001", + "routingConfiguration": { + "associatedRouteTable": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable" + }, + "propagatedRouteTables": { + "ids": [ { - "name": "natRule1", - "internalMappings": [ - { - "addressSpace": "10.4.0.0/24" - } - ], - "externalMappings": [ - { - "addressSpace": "192.168.21.0/24" - } - ], - "type": "Static", - "mode": "EgressSnat" + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable" } - ] + ], + "labels": [ + "default" + ] + }, + "vnetRoutes": { + "staticRoutes": [] + } + } } + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "natRules": { + "value": [ + { + "externalMappings": [ + { + "addressSpace": "192.168.21.0/24" + } + ], + "internalMappings": [ + { + "addressSpace": "10.4.0.0/24" + } + ], + "mode": "EgressSnat", + "name": "natRule1", + "type": "Static" + } + ] } + } } ``` diff --git a/modules/Microsoft.Network/vpnSites/readme.md b/modules/Microsoft.Network/vpnSites/readme.md index d9a8f9e1b2..4200237c75 100644 --- a/modules/Microsoft.Network/vpnSites/readme.md +++ b/modules/Microsoft.Network/vpnSites/readme.md @@ -347,24 +347,24 @@ module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-vSite-min-001" - }, - "addressPrefixes": { - "value": [ - "10.0.0.0/16" - ] - }, - "ipAddress": { - "value": "1.2.3.4" - }, - "virtualWanId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-vSite-min-001" + }, + "virtualWanId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001" + }, + "addressPrefixes": { + "value": [ + "10.0.0.0/16" + ] + }, + "ipAddress": { + "value": "1.2.3.4" } + } } ``` @@ -449,81 +449,81 @@ module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-vSite-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "tags": { - "value": { - "tagA": "valueA", - "tagB": "valueB" - } - }, - "deviceProperties": { - "value": { - "linkSpeedInMbps": 0 + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-vSite-x-001" + }, + "virtualWanId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001" + }, + "deviceProperties": { + "value": { + "linkSpeedInMbps": 0 + } + }, + "lock": { + "value": "CanNotDelete" + }, + "o365Policy": { + "value": { + "breakOutCategories": { + "allow": true, + "default": true, + "optimize": true + } + } + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "tags": { + "value": { + "tagA": "valueA", + "tagB": "valueB" + } + }, + "vpnSiteLinks": { + "value": [ + { + "name": "<>-az-vSite-x-001", + "properties": { + "bgpProperties": { + "asn": 65010, + "bgpPeeringAddress": "1.1.1.1" + }, + "ipAddress": "1.2.3.4", + "linkProperties": { + "linkProviderName": "contoso", + "linkSpeedInMbps": 5 } + } }, - "virtualWanId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001" - }, - "vpnSiteLinks": { - "value": [ - { - "name": "<>-az-vSite-x-001", - "properties": { - "bgpProperties": { - "asn": 65010, - "bgpPeeringAddress": "1.1.1.1" - }, - "ipAddress": "1.2.3.4", - "linkProperties": { - "linkProviderName": "contoso", - "linkSpeedInMbps": 5 - } - } - }, - { - "name": "Link1", - "properties": { - "bgpProperties": { - "asn": 65020, - "bgpPeeringAddress": "192.168.1.0" - }, - "ipAddress": "2.2.2.2", - "linkProperties": { - "linkProviderName": "contoso", - "linkSpeedInMbps": 5 - } - } - } - ] - }, - "o365Policy": { - "value": { - "breakOutCategories": { - "optimize": true, - "allow": true, - "default": true - } + { + "name": "Link1", + "properties": { + "bgpProperties": { + "asn": 65020, + "bgpPeeringAddress": "192.168.1.0" + }, + "ipAddress": "2.2.2.2", + "linkProperties": { + "linkProviderName": "contoso", + "linkSpeedInMbps": 5 } - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + } } + ] } + } } ``` diff --git a/modules/Microsoft.OperationalInsights/workspaces/readme.md b/modules/Microsoft.OperationalInsights/workspaces/readme.md index 2df3b4e380..cf162c6829 100644 --- a/modules/Microsoft.OperationalInsights/workspaces/readme.md +++ b/modules/Microsoft.OperationalInsights/workspaces/readme.md @@ -464,13 +464,13 @@ module workspaces './Microsoft.OperationalInsights/workspaces/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-law-min-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-law-min-001" } + } } ``` @@ -633,175 +633,175 @@ module workspaces './Microsoft.OperationalInsights/workspaces/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-law-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "publicNetworkAccessForIngestion": { - "value": "Disabled" - }, - "publicNetworkAccessForQuery": { - "value": "Disabled" - }, - "dailyQuotaGb": { - "value": 10 - }, - "storageInsightsConfigs": { - "value": [ - { - "storageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsalaw001", - "tables": [ - "WADWindowsEventLogsTable", - "WADETWEventTable", - "WADServiceFabric*EventTable", - "LinuxsyslogVer2v0" - ] - } - ] - }, - "linkedServices": { - "value": [ - { - "name": "Automation", - "resourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Automation/automationAccounts/adp-<>-az-aut-x-001" - } - ] - }, - "savedSearches": { - "value": [ - { - "name": "VMSSQueries", - "displayName": "VMSS Instance Count2", - "category": "VDC Saved Searches", - "query": "Event | where Source == 'ServiceFabricNodeBootstrapAgent' | summarize AggregatedValue = count() by Computer" - } - ] - }, - "dataSources": { - "value": [ - { - "name": "applicationEvent", - "kind": "WindowsEvent", - "eventLogName": "Application", - "eventTypes": [ - { - "eventType": "Error" - }, - { - "eventType": "Warning" - }, - { - "eventType": "Information" - } - ] - }, - { - "name": "windowsPerfCounter1", - "kind": "WindowsPerformanceCounter", - "objectName": "Processor", - "instanceName": "*", - "intervalSeconds": 60, - "counterName": "% Processor Time" - }, - { - "name": "sampleIISLog1", - "kind": "IISLogs", - "state": "OnPremiseEnabled" - }, - { - "name": "sampleSyslog1", - "kind": "LinuxSyslog", - "syslogName": "kern", - "syslogSeverities": [ - { - "severity": "emerg" - }, - { - "severity": "alert" - }, - { - "severity": "crit" - }, - { - "severity": "err" - }, - { - "severity": "warning" - } - ] - }, - { - "name": "sampleSyslogCollection1", - "kind": "LinuxSyslogCollection", - "state": "Enabled" - }, - { - "name": "sampleLinuxPerf1", - "kind": "LinuxPerformanceObject", - "syslogSeverities": [ - { - "counterName": "% Used Inodes" - }, - { - "counterName": "Free Megabytes" - }, - { - "counterName": "% Used Space" - }, - { - "counterName": "Disk Transfers/sec" - }, - { - "counterName": "Disk Reads/sec" - }, - { - "counterName": "Disk Writes/sec" - } - ], - "objectName": "Logical Disk", - "instanceName": "*", - "intervalSeconds": 10 - }, - { - "name": "sampleLinuxPerfCollection1", - "kind": "LinuxPerformanceCollection", - "state": "Enabled" - } - ] - }, - "gallerySolutions": { - "value": [ - { - "name": "AzureAutomation", - "product": "OMSGallery", - "publisher": "Microsoft" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-law-x-001" + }, + "dailyQuotaGb": { + "value": 10 + }, + "dataSources": { + "value": [ + { + "eventLogName": "Application", + "eventTypes": [ + { + "eventType": "Error" + }, + { + "eventType": "Warning" + }, + { + "eventType": "Information" + } + ], + "kind": "WindowsEvent", + "name": "applicationEvent" }, - "useResourcePermissions": { - "value": true + { + "counterName": "% Processor Time", + "instanceName": "*", + "intervalSeconds": 60, + "kind": "WindowsPerformanceCounter", + "name": "windowsPerfCounter1", + "objectName": "Processor" }, - "diagnosticLogsRetentionInDays": { - "value": 7 + { + "kind": "IISLogs", + "name": "sampleIISLog1", + "state": "OnPremiseEnabled" }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + { + "kind": "LinuxSyslog", + "name": "sampleSyslog1", + "syslogName": "kern", + "syslogSeverities": [ + { + "severity": "emerg" + }, + { + "severity": "alert" + }, + { + "severity": "crit" + }, + { + "severity": "err" + }, + { + "severity": "warning" + } + ] }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + { + "kind": "LinuxSyslogCollection", + "name": "sampleSyslogCollection1", + "state": "Enabled" }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + { + "instanceName": "*", + "intervalSeconds": 10, + "kind": "LinuxPerformanceObject", + "name": "sampleLinuxPerf1", + "objectName": "Logical Disk", + "syslogSeverities": [ + { + "counterName": "% Used Inodes" + }, + { + "counterName": "Free Megabytes" + }, + { + "counterName": "% Used Space" + }, + { + "counterName": "Disk Transfers/sec" + }, + { + "counterName": "Disk Reads/sec" + }, + { + "counterName": "Disk Writes/sec" + } + ] }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + { + "kind": "LinuxPerformanceCollection", + "name": "sampleLinuxPerfCollection1", + "state": "Enabled" + } + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "gallerySolutions": { + "value": [ + { + "name": "AzureAutomation", + "product": "OMSGallery", + "publisher": "Microsoft" + } + ] + }, + "linkedServices": { + "value": [ + { + "name": "Automation", + "resourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Automation/automationAccounts/adp-<>-az-aut-x-001" + } + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "publicNetworkAccessForIngestion": { + "value": "Disabled" + }, + "publicNetworkAccessForQuery": { + "value": "Disabled" + }, + "savedSearches": { + "value": [ + { + "category": "VDC Saved Searches", + "displayName": "VMSS Instance Count2", + "name": "VMSSQueries", + "query": "Event | where Source == 'ServiceFabricNodeBootstrapAgent' | summarize AggregatedValue = count() by Computer" + } + ] + }, + "storageInsightsConfigs": { + "value": [ + { + "storageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsalaw001", + "tables": [ + "LinuxsyslogVer2v0", + "WADETWEventTable", + "WADServiceFabric*EventTable", + "WADWindowsEventLogsTable" + ] } + ] + }, + "useResourcePermissions": { + "value": true } + } } ``` diff --git a/modules/Microsoft.OperationsManagement/solutions/readme.md b/modules/Microsoft.OperationsManagement/solutions/readme.md index 3f616d9d53..fb00cd0187 100644 --- a/modules/Microsoft.OperationsManagement/solutions/readme.md +++ b/modules/Microsoft.OperationsManagement/solutions/readme.md @@ -68,16 +68,16 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "Updates" - }, - "logAnalyticsWorkspaceName": { - "value": "adp-<>-az-law-sol-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "logAnalyticsWorkspaceName": { + "value": "adp-<>-az-law-sol-001" + }, + "name": { + "value": "Updates" } + } } ``` @@ -111,22 +111,22 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "AzureAutomation" - }, - "logAnalyticsWorkspaceName": { - "value": "adp-<>-az-law-sol-001" - }, - "product": { - "value": "OMSGallery" - }, - "publisher": { - "value": "Microsoft" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "logAnalyticsWorkspaceName": { + "value": "adp-<>-az-law-sol-001" + }, + "name": { + "value": "AzureAutomation" + }, + "product": { + "value": "OMSGallery" + }, + "publisher": { + "value": "Microsoft" } + } } ``` @@ -160,22 +160,22 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "nonmsTestSolution" - }, - "logAnalyticsWorkspaceName": { - "value": "adp-<>-az-law-sol-001" - }, - "product": { - "value": "nonmsTestSolutionProduct" - }, - "publisher": { - "value": "nonmsTestSolutionPublisher" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "logAnalyticsWorkspaceName": { + "value": "adp-<>-az-law-sol-001" + }, + "name": { + "value": "nonmsTestSolution" + }, + "product": { + "value": "nonmsTestSolutionProduct" + }, + "publisher": { + "value": "nonmsTestSolutionPublisher" } + } } ``` diff --git a/modules/Microsoft.RecoveryServices/vaults/readme.md b/modules/Microsoft.RecoveryServices/vaults/readme.md index cf821a0806..79fb266502 100644 --- a/modules/Microsoft.RecoveryServices/vaults/readme.md +++ b/modules/Microsoft.RecoveryServices/vaults/readme.md @@ -972,72 +972,72 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-rsv-dr-001" - }, - "replicationFabrics": { - "value": [ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-rsv-dr-001" + }, + "replicationFabrics": { + "value": [ + { + "location": "NorthEurope", + "replicationContainers": [ + { + "name": "ne-container1", + "replicationContainerMappings": [ { - "location": "NorthEurope", - "replicationContainers": [ - { - "name": "ne-container1", - "replicationContainerMappings": [ - { - "targetProtectionContainerId": "/Subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.RecoveryServices/vaults/<>-az-rsv-min-001/replicationFabrics/NorthEurope/replicationProtectionContainers/ne-container2", - "policyName": "Default_values", - "targetContainerName": "pluto" - } - ] - }, - { - "name": "ne-container2", - "replicationContainerMappings": [ - { - "policyName": "Default_values", - "targetContainerFabricName": "WE-2", - "targetContainerName": "we-container1" - } - ] - } - ] - }, + "policyName": "Default_values", + "targetContainerName": "pluto", + "targetProtectionContainerId": "/Subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.RecoveryServices/vaults/<>-az-rsv-min-001/replicationFabrics/NorthEurope/replicationProtectionContainers/ne-container2" + } + ] + }, + { + "name": "ne-container2", + "replicationContainerMappings": [ { - "name": "WE-2", - "location": "WestEurope", - "replicationContainers": [ - { - "name": "we-container1", - "replicationContainerMappings": [ - { - "policyName": "Default_values", - "targetContainerFabricName": "NorthEurope", - "targetContainerName": "ne-container2" - } - ] - } - ] + "policyName": "Default_values", + "targetContainerFabricName": "WE-2", + "targetContainerName": "we-container1" } - ] + ] + } + ] }, - "replicationPolicies": { - "value": [ - { - "name": "Default_values" - }, + { + "location": "WestEurope", + "name": "WE-2", + "replicationContainers": [ + { + "name": "we-container1", + "replicationContainerMappings": [ { - "name": "Custom_values", - "appConsistentFrequencyInMinutes": 240, - "crashConsistentFrequencyInMinutes": 7, - "multiVmSyncStatus": "Disable", - "recoveryPointHistory": 2880 + "policyName": "Default_values", + "targetContainerFabricName": "NorthEurope", + "targetContainerName": "ne-container2" } - ] + ] + } + ] } + ] + }, + "replicationPolicies": { + "value": [ + { + "name": "Default_values" + }, + { + "appConsistentFrequencyInMinutes": 240, + "crashConsistentFrequencyInMinutes": 7, + "multiVmSyncStatus": "Disable", + "name": "Custom_values", + "recoveryPointHistory": 2880 + } + ] } + } } ``` @@ -1068,13 +1068,13 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-rsv-min-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-rsv-min-001" } + } } ``` @@ -1373,9 +1373,6 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { "name": { "value": "<>-az-rsv-x-001" }, - "lock": { - "value": "CanNotDelete" - }, "backupConfig": { "value": { "enhancedSecurityState": "Disabled", @@ -1389,200 +1386,242 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { "properties": { "backupManagementType": "AzureIaasVM", "instantRPDetails": {}, - "schedulePolicy": { - "schedulePolicyType": "SimpleSchedulePolicy", - "scheduleRunFrequency": "Daily", - "scheduleRunTimes": ["2019-11-07T07:00:00Z"], - "scheduleWeeklyFrequency": 0 - }, + "instantRpRetentionRangeInDays": 2, + "protectedItemsCount": 0, "retentionPolicy": { - "retentionPolicyType": "LongTermRetentionPolicy", "dailySchedule": { - "retentionTimes": ["2019-11-07T07:00:00Z"], "retentionDuration": { "count": 180, "durationType": "Days" - } - }, - "weeklySchedule": { - "daysOfTheWeek": ["Sunday"], - "retentionTimes": ["2019-11-07T07:00:00Z"], - "retentionDuration": { - "count": 12, - "durationType": "Weeks" - } + }, + "retentionTimes": [ + "2019-11-07T07:00:00Z" + ] }, "monthlySchedule": { - "retentionScheduleFormatType": "Weekly", - "retentionScheduleWeekly": { - "daysOfTheWeek": ["Sunday"], - "weeksOfTheMonth": ["First"] - }, - "retentionTimes": ["2019-11-07T07:00:00Z"], "retentionDuration": { "count": 60, "durationType": "Months" - } - }, - "yearlySchedule": { + }, "retentionScheduleFormatType": "Weekly", - "monthsOfYear": ["January"], "retentionScheduleWeekly": { - "daysOfTheWeek": ["Sunday"], - "weeksOfTheMonth": ["First"] + "daysOfTheWeek": [ + "Sunday" + ], + "weeksOfTheMonth": [ + "First" + ] }, - "retentionTimes": ["2019-11-07T07:00:00Z"], + "retentionTimes": [ + "2019-11-07T07:00:00Z" + ] + }, + "retentionPolicyType": "LongTermRetentionPolicy", + "weeklySchedule": { + "daysOfTheWeek": [ + "Sunday" + ], + "retentionDuration": { + "count": 12, + "durationType": "Weeks" + }, + "retentionTimes": [ + "2019-11-07T07:00:00Z" + ] + }, + "yearlySchedule": { + "monthsOfYear": [ + "January" + ], "retentionDuration": { "count": 10, "durationType": "Years" - } + }, + "retentionScheduleFormatType": "Weekly", + "retentionScheduleWeekly": { + "daysOfTheWeek": [ + "Sunday" + ], + "weeksOfTheMonth": [ + "First" + ] + }, + "retentionTimes": [ + "2019-11-07T07:00:00Z" + ] } }, - "instantRpRetentionRangeInDays": 2, - "timeZone": "UTC", - "protectedItemsCount": 0 + "schedulePolicy": { + "schedulePolicyType": "SimpleSchedulePolicy", + "scheduleRunFrequency": "Daily", + "scheduleRunTimes": [ + "2019-11-07T07:00:00Z" + ], + "scheduleWeeklyFrequency": 0 + }, + "timeZone": "UTC" } }, { "name": "sqlpolicy", "properties": { "backupManagementType": "AzureWorkload", - "workLoadType": "SQLDataBase", + "protectedItemsCount": 0, "settings": { - "timeZone": "UTC", + "isCompression": true, "issqlcompression": true, - "isCompression": true + "timeZone": "UTC" }, "subProtectionPolicy": [ { "policyType": "Full", - "schedulePolicy": { - "schedulePolicyType": "SimpleSchedulePolicy", - "scheduleRunFrequency": "Weekly", - "scheduleRunDays": ["Sunday"], - "scheduleRunTimes": ["2019-11-07T22:00:00Z"], - "scheduleWeeklyFrequency": 0 - }, "retentionPolicy": { + "monthlySchedule": { + "retentionDuration": { + "count": 60, + "durationType": "Months" + }, + "retentionScheduleFormatType": "Weekly", + "retentionScheduleWeekly": { + "daysOfTheWeek": [ + "Sunday" + ], + "weeksOfTheMonth": [ + "First" + ] + }, + "retentionTimes": [ + "2019-11-07T22:00:00Z" + ] + }, "retentionPolicyType": "LongTermRetentionPolicy", "weeklySchedule": { - "daysOfTheWeek": ["Sunday"], - "retentionTimes": ["2019-11-07T22:00:00Z"], + "daysOfTheWeek": [ + "Sunday" + ], "retentionDuration": { "count": 104, "durationType": "Weeks" - } - }, - "monthlySchedule": { - "retentionScheduleFormatType": "Weekly", - "retentionScheduleWeekly": { - "daysOfTheWeek": ["Sunday"], - "weeksOfTheMonth": ["First"] }, - "retentionTimes": ["2019-11-07T22:00:00Z"], - "retentionDuration": { - "count": 60, - "durationType": "Months" - } + "retentionTimes": [ + "2019-11-07T22:00:00Z" + ] }, "yearlySchedule": { - "retentionScheduleFormatType": "Weekly", - "monthsOfYear": ["January"], - "retentionScheduleWeekly": { - "daysOfTheWeek": ["Sunday"], - "weeksOfTheMonth": ["First"] - }, - "retentionTimes": ["2019-11-07T22:00:00Z"], + "monthsOfYear": [ + "January" + ], "retentionDuration": { "count": 10, "durationType": "Years" - } + }, + "retentionScheduleFormatType": "Weekly", + "retentionScheduleWeekly": { + "daysOfTheWeek": [ + "Sunday" + ], + "weeksOfTheMonth": [ + "First" + ] + }, + "retentionTimes": [ + "2019-11-07T22:00:00Z" + ] } - } - }, - { - "policyType": "Differential", + }, "schedulePolicy": { "schedulePolicyType": "SimpleSchedulePolicy", + "scheduleRunDays": [ + "Sunday" + ], "scheduleRunFrequency": "Weekly", - "scheduleRunDays": ["Monday"], - "scheduleRunTimes": ["2017-03-07T02:00:00Z"], + "scheduleRunTimes": [ + "2019-11-07T22:00:00Z" + ], "scheduleWeeklyFrequency": 0 - }, + } + }, + { + "policyType": "Differential", "retentionPolicy": { - "retentionPolicyType": "SimpleRetentionPolicy", "retentionDuration": { "count": 30, "durationType": "Days" - } + }, + "retentionPolicyType": "SimpleRetentionPolicy" + }, + "schedulePolicy": { + "schedulePolicyType": "SimpleSchedulePolicy", + "scheduleRunDays": [ + "Monday" + ], + "scheduleRunFrequency": "Weekly", + "scheduleRunTimes": [ + "2017-03-07T02:00:00Z" + ], + "scheduleWeeklyFrequency": 0 } }, { "policyType": "Log", - "schedulePolicy": { - "schedulePolicyType": "LogSchedulePolicy", - "scheduleFrequencyInMins": 120 - }, "retentionPolicy": { - "retentionPolicyType": "SimpleRetentionPolicy", "retentionDuration": { "count": 15, "durationType": "Days" - } + }, + "retentionPolicyType": "SimpleRetentionPolicy" + }, + "schedulePolicy": { + "scheduleFrequencyInMins": 120, + "schedulePolicyType": "LogSchedulePolicy" } } ], - "protectedItemsCount": 0 + "workLoadType": "SQLDataBase" } }, { "name": "filesharepolicy", "properties": { "backupManagementType": "AzureStorage", - "workloadType": "AzureFileShare", - "schedulePolicy": { - "schedulePolicyType": "SimpleSchedulePolicy", - "scheduleRunFrequency": "Daily", - "scheduleRunTimes": ["2019-11-07T04:30:00Z"], - "scheduleWeeklyFrequency": 0 - }, + "protectedItemsCount": 0, "retentionPolicy": { - "retentionPolicyType": "LongTermRetentionPolicy", "dailySchedule": { - "retentionTimes": ["2019-11-07T04:30:00Z"], "retentionDuration": { "count": 30, "durationType": "Days" - } - } + }, + "retentionTimes": [ + "2019-11-07T04:30:00Z" + ] + }, + "retentionPolicyType": "LongTermRetentionPolicy" + }, + "schedulePolicy": { + "schedulePolicyType": "SimpleSchedulePolicy", + "scheduleRunFrequency": "Daily", + "scheduleRunTimes": [ + "2019-11-07T04:30:00Z" + ], + "scheduleWeeklyFrequency": 0 }, "timeZone": "UTC", - "protectedItemsCount": 0 + "workloadType": "AzureFileShare" } } ] }, "backupStorageConfig": { "value": { - "storageModelType": "GeoRedundant", - "crossRegionRestoreFlag": true + "crossRegionRestoreFlag": true, + "storageModelType": "GeoRedundant" } }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "AzureSiteRecovery" - } - ] + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": ["<>"] - } - ] + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" }, "diagnosticLogsRetentionInDays": { "value": 7 @@ -1593,11 +1632,26 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { "diagnosticWorkspaceId": { "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + "lock": { + "value": "CanNotDelete" }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "privateEndpoints": { + "value": [ + { + "service": "AzureSiteRecovery", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] }, "systemAssignedIdentity": { "value": true diff --git a/modules/Microsoft.Resources/deploymentScripts/readme.md b/modules/Microsoft.Resources/deploymentScripts/readme.md index 4ed39b0552..760bd5e237 100644 --- a/modules/Microsoft.Resources/deploymentScripts/readme.md +++ b/modules/Microsoft.Resources/deploymentScripts/readme.md @@ -175,39 +175,39 @@ module deploymentScripts './Microsoft.Resources/deploymentScripts/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-ds-cli-001" - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "kind": { - "value": "AzureCLI" - }, - "azCliVersion": { - "value": "2.15.0" - }, - "scriptContent": { - "value": "echo \"Hello from inside the script\"" - }, - "retentionInterval": { - "value": "P1D" - }, - "runOnce": { - "value": false - }, - "cleanupPreference": { - "value": "Always" - }, - "timeout": { - "value": "PT30M" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-ds-cli-001" + }, + "azCliVersion": { + "value": "2.15.0" + }, + "cleanupPreference": { + "value": "Always" + }, + "kind": { + "value": "AzureCLI" + }, + "retentionInterval": { + "value": "P1D" + }, + "runOnce": { + "value": false + }, + "scriptContent": { + "value": "echo \"Hello from inside the script\"" + }, + "timeout": { + "value": "PT30M" + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` @@ -249,42 +249,42 @@ module deploymentScripts './Microsoft.Resources/deploymentScripts/deploy.bicep' ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-ds-ps-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "kind": { - "value": "AzurePowerShell" - }, - "azPowerShellVersion": { - "value": "3.0" - }, - "scriptContent": { - "value": "Write-Host 'Running PowerShell from template'" - }, - "retentionInterval": { - "value": "P1D" - }, - "runOnce": { - "value": false - }, - "cleanupPreference": { - "value": "Always" - }, - "timeout": { - "value": "PT30M" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-ds-ps-001" + }, + "azPowerShellVersion": { + "value": "3.0" + }, + "cleanupPreference": { + "value": "Always" + }, + "kind": { + "value": "AzurePowerShell" + }, + "lock": { + "value": "CanNotDelete" + }, + "retentionInterval": { + "value": "P1D" + }, + "runOnce": { + "value": false + }, + "scriptContent": { + "value": "Write-Host 'Running PowerShell from template'" + }, + "timeout": { + "value": "PT30M" + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` diff --git a/modules/Microsoft.Resources/resourceGroups/readme.md b/modules/Microsoft.Resources/resourceGroups/readme.md index e0f2fedbec..03f38afb17 100644 --- a/modules/Microsoft.Resources/resourceGroups/readme.md +++ b/modules/Microsoft.Resources/resourceGroups/readme.md @@ -185,31 +185,31 @@ module resourceGroups './Microsoft.Resources/resourceGroups/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-rg-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "tags": { - "value": { - "Test": "Yes" - } - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-rg-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "tags": { + "value": { + "Test": "Yes" + } } + } } ``` diff --git a/modules/Microsoft.Resources/tags/readme.md b/modules/Microsoft.Resources/tags/readme.md index 5043f426ad..29f7cc50ab 100644 --- a/modules/Microsoft.Resources/tags/readme.md +++ b/modules/Microsoft.Resources/tags/readme.md @@ -103,9 +103,9 @@ module tags './Microsoft.Resources/tags/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": {} + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": {} } ``` @@ -141,22 +141,22 @@ module tags './Microsoft.Resources/tags/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "onlyUpdate": { - "value": false - }, - "tags": { - "value": { - "Test": "Yes", - "TestToo": "No" - } - }, - "resourceGroupName": { - "value": "validation-rg" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "onlyUpdate": { + "value": false + }, + "resourceGroupName": { + "value": "validation-rg" + }, + "tags": { + "value": { + "Test": "Yes", + "TestToo": "No" + } } + } } ``` @@ -191,19 +191,19 @@ module tags './Microsoft.Resources/tags/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "onlyUpdate": { - "value": true - }, - "tags": { - "value": { - "Test": "Yes", - "TestToo": "No" - } - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "onlyUpdate": { + "value": true + }, + "tags": { + "value": { + "Test": "Yes", + "TestToo": "No" + } } + } } ``` diff --git a/modules/Microsoft.Security/azureSecurityCenter/readme.md b/modules/Microsoft.Security/azureSecurityCenter/readme.md index 0f8fbfc4b5..4e7f896bdc 100644 --- a/modules/Microsoft.Security/azureSecurityCenter/readme.md +++ b/modules/Microsoft.Security/azureSecurityCenter/readme.md @@ -127,24 +127,24 @@ module azureSecurityCenter './Microsoft.Security/azureSecurityCenter/deploy.bice ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "scope": { - "value": "/subscriptions/<>" - }, - "securityContactProperties": { - "value": { - "email": "foo@contoso.com", - "phone": "+12345678", - "alertNotifications": "Off", - "alertsToAdmins": "Off" - } - }, - "workspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "scope": { + "value": "/subscriptions/<>" + }, + "workspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "securityContactProperties": { + "value": { + "alertNotifications": "Off", + "alertsToAdmins": "Off", + "email": "foo@contoso.com", + "phone": "+12345678" + } } + } } ``` diff --git a/modules/Microsoft.ServiceBus/namespaces/readme.md b/modules/Microsoft.ServiceBus/namespaces/readme.md index 7e2f529349..929ffbfa93 100644 --- a/modules/Microsoft.ServiceBus/namespaces/readme.md +++ b/modules/Microsoft.ServiceBus/namespaces/readme.md @@ -317,9 +317,9 @@ module namespaces './Microsoft.ServiceBus/namespaces/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": {} + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": {} } ``` @@ -470,171 +470,171 @@ module namespaces './Microsoft.ServiceBus/namespaces/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-sbn-x-002" - }, - "lock": { - "value": "CanNotDelete" - }, - "skuName": { - "value": "Premium" - }, - "tags": { - "value": {} - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "disasterRecoveryConfigs": { - "value": {} - }, - "migrationConfigurations": { - "value": {} - }, - "virtualNetworkRules": { - "value": [ - "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-003" - ] - }, - "ipFilterRules": { - "value": [ - { - "filterName": "ipFilter1", - "ipMask": "10.0.1.0/32", - "action": "Accept" - }, - { - "filterName": "ipFilter2", - "ipMask": "10.0.2.0/32", - "action": "Accept" - } - ] - }, - "authorizationRules": { - "value": [ - { - "name": "RootManageSharedAccessKey", - "rights": [ - "Listen", - "Manage", - "Send" - ] - }, - { - "name": "AnotherKey", - "rights": [ - "Listen", - "Send" - ] - } - ] - }, - "queues": { - "value": [ - { - "name": "<>-az-sbq-x-002", - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ], - "authorizationRules": [ - { - "name": "RootManageSharedAccessKey", - "rights": [ - "Listen", - "Manage", - "Send" - ] - }, - { - "name": "AnotherKey", - "rights": [ - "Listen", - "Send" - ] - } - ] - } - ] - }, - "topics": { - "value": [ - { - "name": "<>-az-sbt-x-001", - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ], - "authorizationRules": [ - { - "name": "RootManageSharedAccessKey", - "rights": [ - "Listen", - "Manage", - "Send" - ] - }, - { - "name": "AnotherKey", - "rights": [ - "Listen", - "Send" - ] - } - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "authorizationRules": { + "value": [ + { + "name": "RootManageSharedAccessKey", + "rights": [ + "Listen", + "Manage", + "Send" + ] }, - "systemAssignedIdentity": { - "value": true + { + "name": "AnotherKey", + "rights": [ + "Listen", + "Send" + ] + } + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "disasterRecoveryConfigs": { + "value": {} + }, + "ipFilterRules": { + "value": [ + { + "action": "Accept", + "filterName": "ipFilter1", + "ipMask": "10.0.1.0/32" }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + { + "action": "Accept", + "filterName": "ipFilter2", + "ipMask": "10.0.2.0/32" + } + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "migrationConfigurations": { + "value": {} + }, + "name": { + "value": "<>-az-sbn-x-002" + }, + "privateEndpoints": { + "value": [ + { + "service": "namespace", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + } + ] + }, + "queues": { + "value": [ + { + "authorizationRules": [ + { + "name": "RootManageSharedAccessKey", + "rights": [ + "Listen", + "Manage", + "Send" + ] + }, + { + "name": "AnotherKey", + "rights": [ + "Listen", + "Send" + ] } - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "namespace" - } - ] + ], + "name": "<>-az-sbq-x-002", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "skuName": { + "value": "Premium" + }, + "systemAssignedIdentity": { + "value": true + }, + "tags": { + "value": {} + }, + "topics": { + "value": [ + { + "authorizationRules": [ + { + "name": "RootManageSharedAccessKey", + "rights": [ + "Listen", + "Manage", + "Send" + ] + }, + { + "name": "AnotherKey", + "rights": [ + "Listen", + "Send" + ] + } + ], + "name": "<>-az-sbt-x-001", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] } + ] + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } + }, + "virtualNetworkRules": { + "value": [ + "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-003" + ] } + } } ``` diff --git a/modules/Microsoft.ServiceFabric/clusters/readme.md b/modules/Microsoft.ServiceFabric/clusters/readme.md index 9ceb1afa02..1e37b4d9e9 100644 --- a/modules/Microsoft.ServiceFabric/clusters/readme.md +++ b/modules/Microsoft.ServiceFabric/clusters/readme.md @@ -275,44 +275,44 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-sfc-cert-001" - }, - "managementEndpoint": { - "value": "https://<>-az-sfc-cert-001.westeurope.cloudapp.azure.com:19080" - }, - "reliabilityLevel": { - "value": "None" - }, - "certificate": { - "value": { - "thumbprint": "0AC113D5E1D94C401DDEB0EE2B1B96CC130", // Mutual exclusive with the other cert specs - "x509StoreName": "My" - } - }, - "nodeTypes": { - "value": [ - { - "applicationPorts": { - "endPort": 30000, - "startPort": 20000 - }, - "clientConnectionEndpointPort": 19000, - "durabilityLevel": "Bronze", - "ephemeralPorts": { - "endPort": 65534, - "startPort": 49152 - }, - "httpGatewayEndpointPort": 19080, - "isPrimary": true, - "name": "Node01" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "managementEndpoint": { + "value": "https://<>-az-sfc-cert-001.westeurope.cloudapp.azure.com:19080" + }, + "reliabilityLevel": { + "value": "None" + }, + "certificate": { + "value": { + "thumbprint": "0AC113D5E1D94C401DDEB0EE2B1B96CC130", + "x509StoreName": "My" + } + }, + "name": { + "value": "<>-az-sfc-cert-001" + }, + "nodeTypes": { + "value": [ + { + "applicationPorts": { + "endPort": 30000, + "startPort": 20000 + }, + "clientConnectionEndpointPort": 19000, + "durabilityLevel": "Bronze", + "ephemeralPorts": { + "endPort": 65534, + "startPort": 49152 + }, + "httpGatewayEndpointPort": 19080, + "isPrimary": true, + "name": "Node01" } + ] } + } } ``` @@ -506,212 +506,212 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-sfc-full-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "tags": { - "value": { - "resourceType": "Service Fabric", - "clusterName": "<>-az-sfc-full-001" - } - }, - "addOnFeatures": { - "value": [ - "RepairManager", - "DnsService", - "BackupRestoreService", - "ResourceMonitorService" - ] - }, - "maxUnusedVersionsToKeep": { - "value": 2 + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "managementEndpoint": { + "value": "https://<>-az-sfc-full-001.westeurope.cloudapp.azure.com:19080" + }, + "reliabilityLevel": { + "value": "Silver" + }, + "addOnFeatures": { + "value": [ + "BackupRestoreService", + "DnsService", + "RepairManager", + "ResourceMonitorService" + ] + }, + "applicationTypes": { + "value": [ + { + "name": "WordCount" + } + ] + }, + "azureActiveDirectory": { + "value": { + "clientApplication": "<>", + "clusterApplication": "cf33fea8-b30f-424f-ab73-c48d99e0b222", + "tenantId": "<>" + } + }, + "certificateCommonNames": { + "value": { + "commonNames": [ + { + "certificateCommonName": "certcommon", + "certificateIssuerThumbprint": "0AC113D5E1D94C401DDEB0EE2B1B96CC130" + } + ], + "x509StoreName": "" + } + }, + "clientCertificateCommonNames": { + "value": [ + { + "certificateCommonName": "clientcommoncert1", + "certificateIssuerThumbprint": "0AC113D5E1D94C401DDEB0EE2B1B96CC130", + "isAdmin": false }, - "azureActiveDirectory": { - "value": { - "clientApplication": "<>", - "clusterApplication": "cf33fea8-b30f-424f-ab73-c48d99e0b222", - "tenantId": "<>" - } + { + "certificateCommonName": "clientcommoncert2", + "certificateIssuerThumbprint": "0AC113D5E1D94C401DDEB0EE2B1B96CC131", + "isAdmin": false + } + ] + }, + "clientCertificateThumbprints": { + "value": [ + { + "certificateThumbprint": "0AC113D5E1D94C401DDEB0EE2B1B96CC130", + "isAdmin": false }, - "certificateCommonNames": { - "value": { - "commonNames": [ - { - "certificateCommonName": "certcommon", - "certificateIssuerThumbprint": "0AC113D5E1D94C401DDEB0EE2B1B96CC130" - } - ], - "x509StoreName": "" + { + "certificateThumbprint": "0AC113D5E1D94C401DDEB0EE2B1B96CC131", + "isAdmin": false + } + ] + }, + "diagnosticsStorageAccountConfig": { + "value": { + "blobEndpoint": "https://adp<>azsaweux001.blob.core.windows.net/", + "protectedAccountKeyName": "StorageAccountKey1", + "queueEndpoint": "https://adp<>azsaweux001.queue.core.windows.net/", + "storageAccountName": "adp<>azsaweux001", + "tableEndpoint": "https://adp<>azsaweux001.table.core.windows.net/" + } + }, + "fabricSettings": { + "value": [ + { + "name": "Security", + "parameters": [ + { + "name": "ClusterProtectionLevel", + "value": "EncryptAndSign" } + ] }, - "clientCertificateCommonNames": { - "value": [ - { - "certificateCommonName": "clientcommoncert1", - "certificateIssuerThumbprint": "0AC113D5E1D94C401DDEB0EE2B1B96CC130", - "isAdmin": false - }, - { - "certificateCommonName": "clientcommoncert2", - "certificateIssuerThumbprint": "0AC113D5E1D94C401DDEB0EE2B1B96CC131", - "isAdmin": false - } - ] - }, - "clientCertificateThumbprints": { - "value": [ - { - "certificateThumbprint": "0AC113D5E1D94C401DDEB0EE2B1B96CC130", - "isAdmin": false - }, - { - "certificateThumbprint": "0AC113D5E1D94C401DDEB0EE2B1B96CC131", - "isAdmin": false - } - ] - }, - "diagnosticsStorageAccountConfig": { - "value": { - "blobEndpoint": "https://adp<>azsaweux001.blob.core.windows.net/", - "protectedAccountKeyName": "StorageAccountKey1", - "queueEndpoint": "https://adp<>azsaweux001.queue.core.windows.net/", - "storageAccountName": "adp<>azsaweux001", - "tableEndpoint": "https://adp<>azsaweux001.table.core.windows.net/" + { + "name": "UpgradeService", + "parameters": [ + { + "name": "AppPollIntervalInSeconds", + "value": "60" } + ] + } + ] + }, + "lock": { + "value": "CanNotDelete" + }, + "maxUnusedVersionsToKeep": { + "value": 2 + }, + "name": { + "value": "<>-az-sfc-full-001" + }, + "nodeTypes": { + "value": [ + { + "applicationPorts": { + "endPort": 30000, + "startPort": 20000 + }, + "capacities": {}, + "clientConnectionEndpointPort": 19000, + "durabilityLevel": "Silver", + "ephemeralPorts": { + "endPort": 65534, + "startPort": 49152 + }, + "httpGatewayEndpointPort": 19080, + "isPrimary": true, + "isStateless": false, + "multipleAvailabilityZones": false, + "name": "Node01", + "placementProperties": {}, + "reverseProxyEndpointPort": "", + "vmInstanceCount": 5 }, - "fabricSettings": { - "value": [ - { - "name": "Security", - "parameters": [ - { - "name": "ClusterProtectionLevel", - "value": "EncryptAndSign" - } - ] - }, - { - "name": "UpgradeService", - "parameters": [ - { - "name": "AppPollIntervalInSeconds", - "value": "60" - } - ] - } - ] - }, - "managementEndpoint": { - "value": "https://<>-az-sfc-full-001.westeurope.cloudapp.azure.com:19080" - }, - "nodeTypes": { - "value": [ - { - "applicationPorts": { - "endPort": 30000, - "startPort": 20000 - }, - "capacities": {}, - "clientConnectionEndpointPort": 19000, - "durabilityLevel": "Silver", - "ephemeralPorts": { - "endPort": 65534, - "startPort": 49152 - }, - "httpGatewayEndpointPort": 19080, - "isPrimary": true, - "isStateless": false, - "multipleAvailabilityZones": false, - "name": "Node01", - "placementProperties": {}, - "reverseProxyEndpointPort": "", - "vmInstanceCount": 5 - }, - { - "applicationPorts": { - "endPort": 30000, - "startPort": 20000 - }, - "clientConnectionEndpointPort": 19000, - "durabilityLevel": "Bronze", - "ephemeralPorts": { - "endPort": 64000, - "startPort": 49000 - }, - "httpGatewayEndpointPort": 19007, - "isPrimary": true, - "name": "Node02", - "vmInstanceCount": 5 - } - ] - }, - "notifications": { - "value": [ - { - "isEnabled": true, - "notificationCategory": "WaveProgress", - "notificationLevel": "Critical", - "notificationTargets": [ - { - "notificationChannel": "EmailUser", - "receivers": [ - "SomeReceiver" - ] - } - ] - } - ] - }, - "upgradeDescription": { - "value": { - "forceRestart": false, - "upgradeReplicaSetCheckTimeout": "1.00:00:00", - "healthCheckWaitDuration": "00:00:30", - "healthCheckStableDuration": "00:01:00", - "healthCheckRetryTimeout": "00:45:00", - "upgradeTimeout": "02:00:00", - "upgradeDomainTimeout": "02:00:00", - "healthPolicy": { - "maxPercentUnhealthyNodes": 0, - "maxPercentUnhealthyApplications": 0 - }, - "deltaHealthPolicy": { - "maxPercentDeltaUnhealthyNodes": 0, - "maxPercentUpgradeDomainDeltaUnhealthyNodes": 0, - "maxPercentDeltaUnhealthyApplications": 0 - } + { + "applicationPorts": { + "endPort": 30000, + "startPort": 20000 + }, + "clientConnectionEndpointPort": 19000, + "durabilityLevel": "Bronze", + "ephemeralPorts": { + "endPort": 64000, + "startPort": 49000 + }, + "httpGatewayEndpointPort": 19007, + "isPrimary": true, + "name": "Node02", + "vmInstanceCount": 5 + } + ] + }, + "notifications": { + "value": [ + { + "isEnabled": true, + "notificationCategory": "WaveProgress", + "notificationLevel": "Critical", + "notificationTargets": [ + { + "notificationChannel": "EmailUser", + "receivers": [ + "SomeReceiver" + ] } + ] + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "tags": { + "value": { + "clusterName": "<>-az-sfc-full-001", + "resourceType": "Service Fabric" + } + }, + "upgradeDescription": { + "value": { + "deltaHealthPolicy": { + "maxPercentDeltaUnhealthyApplications": 0, + "maxPercentDeltaUnhealthyNodes": 0, + "maxPercentUpgradeDomainDeltaUnhealthyNodes": 0 }, - "reliabilityLevel": { - "value": "Silver" - }, - "vmImage": { - "value": "Linux" + "forceRestart": false, + "healthCheckRetryTimeout": "00:45:00", + "healthCheckStableDuration": "00:01:00", + "healthCheckWaitDuration": "00:00:30", + "healthPolicy": { + "maxPercentUnhealthyApplications": 0, + "maxPercentUnhealthyNodes": 0 }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "applicationTypes": { - "value": [ - { - "name": "WordCount" // not idempotent - } - ] - } + "upgradeDomainTimeout": "02:00:00", + "upgradeReplicaSetCheckTimeout": "1.00:00:00", + "upgradeTimeout": "02:00:00" + } + }, + "vmImage": { + "value": "Linux" } + } } ``` @@ -761,38 +761,38 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-sfc-min-001" - }, - "managementEndpoint": { - "value": "https://<>-az-sfc-min-001.westeurope.cloudapp.azure.com:19080" - }, - "reliabilityLevel": { - "value": "None" - }, - "nodeTypes": { - "value": [ - { - "applicationPorts": { - "endPort": 30000, - "startPort": 20000 - }, - "clientConnectionEndpointPort": 19000, - "durabilityLevel": "Bronze", - "ephemeralPorts": { - "endPort": 65534, - "startPort": 49152 - }, - "httpGatewayEndpointPort": 19080, - "isPrimary": true, - "name": "Node01" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "managementEndpoint": { + "value": "https://<>-az-sfc-min-001.westeurope.cloudapp.azure.com:19080" + }, + "reliabilityLevel": { + "value": "None" + }, + "name": { + "value": "<>-az-sfc-min-001" + }, + "nodeTypes": { + "value": [ + { + "applicationPorts": { + "endPort": 30000, + "startPort": 20000 + }, + "clientConnectionEndpointPort": 19000, + "durabilityLevel": "Bronze", + "ephemeralPorts": { + "endPort": 65534, + "startPort": 49152 + }, + "httpGatewayEndpointPort": 19080, + "isPrimary": true, + "name": "Node01" } + ] } + } } ``` diff --git a/modules/Microsoft.Sql/managedInstances/readme.md b/modules/Microsoft.Sql/managedInstances/readme.md index 8b0a43fb09..d9125d8b3a 100644 --- a/modules/Microsoft.Sql/managedInstances/readme.md +++ b/modules/Microsoft.Sql/managedInstances/readme.md @@ -289,8 +289,78 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module managedInstances './Microsoft.Sql/managedInstances/deploy.bicep' = { name: '${uniqueString(deployment().name)}-managedInstances' params: { - - + administratorLogin: kv1.getSecret('administratorLogin') + administratorLoginPassword: kv1.getSecret('administratorLoginPassword') + name: '<>-az-sqlmi-x-002' + subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-sqlmi/subnets/<>-az-subnet-x-sqlmi' + collation: 'SQL_Latin1_General_CP1_CI_AS' + databases: [ + { + backupLongTermRetentionPolicies: { + name: 'default' + } + backupShortTermRetentionPolicies: { + name: 'default' + } + name: '<>-az-sqlmidb-x-001' + } + ] + diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' + diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + dnsZonePartner: '' + encryptionProtectorObj: { + serverKeyName: 'adp-<>-az-kv-x-sqlmi_keyEncryptionKeySqlMi_4bf367f64c914d8ba698700fb598ad07' + serverKeyType: 'AzureKeyVault' + } + hardwareFamily: 'Gen5' + keys: [ + { + name: 'adp-<>-az-kv-x-sqlmi_keyEncryptionKeySqlMi_4bf367f64c914d8ba698700fb598ad07' + serverKeyType: 'AzureKeyVault' + uri: 'https://adp-<>-az-kv-x-sqlmi.vault.azure.net/keys/keyEncryptionKeySqlMi/4bf367f64c914d8ba698700fb598ad07' + } + ] + licenseType: 'LicenseIncluded' + lock: 'CanNotDelete' + primaryUserAssignedIdentityId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' + proxyOverride: 'Proxy' + publicDataEndpointEnabled: false + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] + securityAlertPoliciesObj: { + emailAccountAdmins: true + name: 'default' + state: 'Enabled' + } + servicePrincipal: 'SystemAssigned' + skuName: 'GP_Gen5' + skuTier: 'GeneralPurpose' + storageSizeInGB: 32 + systemAssignedIdentity: true + timezoneId: 'UTC' + userAssignedIdentities: { + '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + } + vCores: 4 + vulnerabilityAssessmentsObj: { + emailSubscriptionAdmins: true + name: 'default' + recurringScansEmails: [ + 'test1@contoso.com' + 'test2@contoso.com' + ] + recurringScansIsEnabled: true + vulnerabilityAssessmentsStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + } } } ``` @@ -304,154 +374,154 @@ module managedInstances './Microsoft.Sql/managedInstances/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-sqlmi-x-002" - }, - "lock": { - "value": "CanNotDelete" - }, - "administratorLogin": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "administratorLogin" - } - }, - "administratorLoginPassword": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "administratorLoginPassword" - } - }, - "subnetId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-sqlmi/subnets/<>-az-subnet-x-sqlmi" - }, - "skuName": { - "value": "GP_Gen5" - }, - "skuTier": { - "value": "GeneralPurpose" - }, - "storageSizeInGB": { - "value": 32 - }, - "vCores": { - "value": 4 - }, - "licenseType": { - "value": "LicenseIncluded" - }, - "hardwareFamily": { - "value": "Gen5" - }, - "servicePrincipal": { - "value": "SystemAssigned" - }, - "dnsZonePartner": { - "value": "" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "administratorLogin": { + "reference": { + "keyVault": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" }, - "timezoneId": { - "value": "UTC" + "secretName": "administratorLogin" + } + }, + "administratorLoginPassword": { + "reference": { + "keyVault": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" }, - "collation": { - "value": "SQL_Latin1_General_CP1_CI_AS" - }, - "proxyOverride": { - "value": "Proxy" - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "primaryUserAssignedIdentityId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" - }, - "publicDataEndpointEnabled": { - "value": false - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "keys": { - "value": [ - { - "name": "adp-<>-az-kv-x-sqlmi_keyEncryptionKeySqlMi_4bf367f64c914d8ba698700fb598ad07", // ID must be updated for new keys - "uri": "https://adp-<>-az-kv-x-sqlmi.vault.azure.net/keys/keyEncryptionKeySqlMi/4bf367f64c914d8ba698700fb598ad07", // ID must be updated for new keys - "serverKeyType": "AzureKeyVault" - } - ] - }, - "encryptionProtectorObj": { - "value": { - "serverKeyName": "adp-<>-az-kv-x-sqlmi_keyEncryptionKeySqlMi_4bf367f64c914d8ba698700fb598ad07", // ID must be updated for new keys - "serverKeyType": "AzureKeyVault" - } - }, - "securityAlertPoliciesObj": { - "value": { - "name": "default", - "state": "Enabled", - "emailAccountAdmins": true - } - }, - "vulnerabilityAssessmentsObj": { - "value": { - "name": "default", - "emailSubscriptionAdmins": true, - "recurringScansIsEnabled": true, - "recurringScansEmails": [ - "test1@contoso.com", - "test2@contoso.com" - ], - "vulnerabilityAssessmentsStorageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - } - }, - "databases": { - "value": [ - { - "name": "<>-az-sqlmidb-x-001", - "backupShortTermRetentionPolicies": { - "name": "default" - }, - "backupLongTermRetentionPolicies": { - "name": "default" - } - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "secretName": "administratorLoginPassword" + } + }, + "name": { + "value": "<>-az-sqlmi-x-002" + }, + "subnetId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-sqlmi/subnets/<>-az-subnet-x-sqlmi" + }, + "collation": { + "value": "SQL_Latin1_General_CP1_CI_AS" + }, + "databases": { + "value": [ + { + "backupLongTermRetentionPolicies": { + "name": "default" + }, + "backupShortTermRetentionPolicies": { + "name": "default" + }, + "name": "<>-az-sqlmidb-x-001" + } + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "dnsZonePartner": { + "value": "" + }, + "encryptionProtectorObj": { + "value": { + "serverKeyName": "adp-<>-az-kv-x-sqlmi_keyEncryptionKeySqlMi_4bf367f64c914d8ba698700fb598ad07", + "serverKeyType": "AzureKeyVault" + } + }, + "hardwareFamily": { + "value": "Gen5" + }, + "keys": { + "value": [ + { + "name": "adp-<>-az-kv-x-sqlmi_keyEncryptionKeySqlMi_4bf367f64c914d8ba698700fb598ad07", + "serverKeyType": "AzureKeyVault", + "uri": "https://adp-<>-az-kv-x-sqlmi.vault.azure.net/keys/keyEncryptionKeySqlMi/4bf367f64c914d8ba698700fb598ad07" } + ] + }, + "licenseType": { + "value": "LicenseIncluded" + }, + "lock": { + "value": "CanNotDelete" + }, + "primaryUserAssignedIdentityId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" + }, + "proxyOverride": { + "value": "Proxy" + }, + "publicDataEndpointEnabled": { + "value": false + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "securityAlertPoliciesObj": { + "value": { + "emailAccountAdmins": true, + "name": "default", + "state": "Enabled" + } + }, + "servicePrincipal": { + "value": "SystemAssigned" + }, + "skuName": { + "value": "GP_Gen5" + }, + "skuTier": { + "value": "GeneralPurpose" + }, + "storageSizeInGB": { + "value": 32 + }, + "systemAssignedIdentity": { + "value": true + }, + "timezoneId": { + "value": "UTC" + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } + }, + "vCores": { + "value": 4 + }, + "vulnerabilityAssessmentsObj": { + "value": { + "emailSubscriptionAdmins": true, + "name": "default", + "recurringScansEmails": [ + "test1@contoso.com", + "test2@contoso.com" + ], + "recurringScansIsEnabled": true, + "vulnerabilityAssessmentsStorageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + } } + } } ``` diff --git a/modules/Microsoft.Sql/servers/readme.md b/modules/Microsoft.Sql/servers/readme.md index c2523a7c16..58d0e36e90 100644 --- a/modules/Microsoft.Sql/servers/readme.md +++ b/modules/Microsoft.Sql/servers/readme.md @@ -349,22 +349,22 @@ module servers './Microsoft.Sql/servers/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-sqlsrv-admin-001" - }, - "administrators": { - "value": { - "azureADOnlyAuthentication": true, - "login": "myspn", - "sid": "<>", - "principalType": "Application", - "tenantId": "<>" - } - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-sqlsrv-admin-001" + }, + "administrators": { + "value": { + "azureADOnlyAuthentication": true, + "login": "myspn", + "principalType": "Application", + "sid": "<>", + "tenantId": "<>" + } } + } } ``` @@ -464,113 +464,113 @@ module servers './Microsoft.Sql/servers/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-sqlsrv-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "administratorLogin": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/<>/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "administratorLogin" - } - }, - "administratorLoginPassword": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/<>/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "administratorLoginPassword" - } - }, - "location": { - "value": "westeurope" - }, - "minimalTlsVersion": { - "value": "1.2" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "vulnerabilityAssessmentsObj": { - "value": { - "name": "default", - "emailSubscriptionAdmins": true, - "recurringScansIsEnabled": true, - "recurringScansEmails": [ - "test1@contoso.com", - "test2@contoso.com" - ], - "vulnerabilityAssessmentsStorageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - } - }, - "databases": { - "value": [ - { - "name": "<>-az-sqldb-x-001", - "collation": "SQL_Latin1_General_CP1_CI_AS", - "skuTier": "BusinessCritical", - "skuName": "BC_Gen5", - "skuCapacity": 12, - "skuFamily": "Gen5", - "maxSizeBytes": 34359738368, - "licenseType": "LicenseIncluded", - "diagnosticLogsRetentionInDays": 7, - "diagnosticStorageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", - "diagnosticWorkspaceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001", - "diagnosticEventHubAuthorizationRuleId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey", - "diagnosticEventHubName": "adp-<>-az-evh-x-001" - } - ] - }, - "firewallRules": { - "value": [ - { - "name": "AllowAllWindowsAzureIps", - "endIpAddress": "0.0.0.0", - "startIpAddress": "0.0.0.0" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-sqlsrv-x-001" + }, + "administratorLogin": { + "reference": { + "keyVault": { + "id": "/subscriptions/<>/resourceGroups/<>/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" }, - "securityAlertPolicies": { - "value": [ - { - "name": "Default", - "state": "Enabled", - "emailAccountAdmins": true - } - ] - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } + "secretName": "administratorLogin" + } + }, + "administratorLoginPassword": { + "reference": { + "keyVault": { + "id": "/subscriptions/<>/resourceGroups/<>/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "sqlServer" - } - ] + "secretName": "administratorLoginPassword" + } + }, + "databases": { + "value": [ + { + "collation": "SQL_Latin1_General_CP1_CI_AS", + "diagnosticEventHubAuthorizationRuleId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey", + "diagnosticEventHubName": "adp-<>-az-evh-x-001", + "diagnosticLogsRetentionInDays": 7, + "diagnosticStorageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", + "diagnosticWorkspaceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001", + "licenseType": "LicenseIncluded", + "maxSizeBytes": 34359738368, + "name": "<>-az-sqldb-x-001", + "skuCapacity": 12, + "skuFamily": "Gen5", + "skuName": "BC_Gen5", + "skuTier": "BusinessCritical" + } + ] + }, + "firewallRules": { + "value": [ + { + "endIpAddress": "0.0.0.0", + "name": "AllowAllWindowsAzureIps", + "startIpAddress": "0.0.0.0" + } + ] + }, + "location": { + "value": "westeurope" + }, + "lock": { + "value": "CanNotDelete" + }, + "minimalTlsVersion": { + "value": "1.2" + }, + "privateEndpoints": { + "value": [ + { + "service": "sqlServer", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "securityAlertPolicies": { + "value": [ + { + "emailAccountAdmins": true, + "name": "Default", + "state": "Enabled" + } + ] + }, + "systemAssignedIdentity": { + "value": true + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } + }, + "vulnerabilityAssessmentsObj": { + "value": { + "emailSubscriptionAdmins": true, + "name": "default", + "recurringScansEmails": [ + "test1@contoso.com", + "test2@contoso.com" + ], + "recurringScansIsEnabled": true, + "vulnerabilityAssessmentsStorageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + } } + } } ``` diff --git a/modules/Microsoft.Storage/storageAccounts/readme.md b/modules/Microsoft.Storage/storageAccounts/readme.md index d7e8f8bf60..54593c64c5 100644 --- a/modules/Microsoft.Storage/storageAccounts/readme.md +++ b/modules/Microsoft.Storage/storageAccounts/readme.md @@ -399,42 +399,42 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>azsaencr001" - }, - "storageAccountSku": { - "value": "Standard_LRS" - }, - "allowBlobPublicAccess": { - "value": false - }, - "publicNetworkAccess": { - "value": "Disabled" - }, - "requireInfrastructureEncryption": { - "value": true - }, - "systemAssignedIdentity": { - "value": false - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "cMKKeyVaultResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002" - }, - "cMKKeyName": { - "value": "keyEncryptionKey" - }, - "cMKUserAssignedIdentityResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "allowBlobPublicAccess": { + "value": false + }, + "cMKKeyName": { + "value": "keyEncryptionKey" + }, + "cMKKeyVaultResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002" + }, + "cMKUserAssignedIdentityResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" + }, + "name": { + "value": "<>azsaencr001" + }, + "publicNetworkAccess": { + "value": "Disabled" + }, + "requireInfrastructureEncryption": { + "value": true + }, + "storageAccountSku": { + "value": "Standard_LRS" + }, + "systemAssignedIdentity": { + "value": false + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` @@ -465,13 +465,13 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "allowBlobPublicAccess": { - "value": false - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "allowBlobPublicAccess": { + "value": false } + } } ``` @@ -531,68 +531,68 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>azsax002" - }, - "storageAccountSku": { - "value": "Premium_LRS" - }, - "storageAccountKind": { - "value": "FileStorage" - }, - "allowBlobPublicAccess": { - "value": false - }, - "supportsHttpsTrafficOnly": { - "value": false - }, - "fileServices": { - "value": { - "shares": [ - { - "name": "nfsfileshare", - "enabledProtocols": "NFS" - } - ] - } - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "allowBlobPublicAccess": { + "value": false + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "fileServices": { + "value": { + "shares": [ + { + "enabledProtocols": "NFS", + "name": "nfsfileshare" + } + ] + } + }, + "name": { + "value": "<>azsax002" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "storageAccountKind": { + "value": "FileStorage" + }, + "storageAccountSku": { + "value": "Premium_LRS" + }, + "supportsHttpsTrafficOnly": { + "value": false + }, + "systemAssignedIdentity": { + "value": true + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` @@ -768,196 +768,196 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>azsax001" - }, - "storageAccountSku": { - "value": "Standard_LRS" - }, - "allowBlobPublicAccess": { - "value": false - }, - "publicNetworkAccess": { - "value": "Disabled" - }, - "requireInfrastructureEncryption": { - "value": true - }, - "lock": { - "value": "CanNotDelete" - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "blob" - }, - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "table" - }, - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "queue" - }, - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "file" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "allowBlobPublicAccess": { + "value": false + }, + "blobServices": { + "value": { + "containers": [ + { + "name": "avdscripts", + "publicAccess": "None", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } ] - }, - "networkAcls": { - "value": { - "bypass": "AzureServices", - "defaultAction": "Deny", - "virtualNetworkRules": [ - { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001", - "action": "Allow" - } + }, + { + "allowProtectedAppendWrites": false, + "enableWORM": true, + "name": "archivecontainer", + "publicAccess": "None", + "WORMRetention": 666 + } + ], + "diagnosticEventHubAuthorizationRuleId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey", + "diagnosticEventHubName": "adp-<>-az-evh-x-001", + "diagnosticLogsRetentionInDays": 7, + "diagnosticStorageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", + "diagnosticWorkspaceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + } + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "fileServices": { + "value": { + "diagnosticEventHubAuthorizationRuleId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey", + "diagnosticEventHubName": "adp-<>-az-evh-x-001", + "diagnosticLogsRetentionInDays": 7, + "diagnosticStorageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", + "diagnosticWorkspaceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001", + "shares": [ + { + "name": "avdprofiles", + "roleAssignments": [ + { + "principalIds": [ + "<>" ], - "ipRules": [ - { - "action": "Allow", - "value": "1.1.1.1" - } - ] - } - }, - "blobServices": { - "value": { - "diagnosticLogsRetentionInDays": 7, - "diagnosticStorageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", - "diagnosticWorkspaceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001", - "diagnosticEventHubAuthorizationRuleId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey", - "diagnosticEventHubName": "adp-<>-az-evh-x-001", - "containers": [ - { - "name": "avdscripts", - "publicAccess": "None", - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - { - "name": "archivecontainer", - "publicAccess": "None", - "enableWORM": true, - "WORMRetention": 666, - "allowProtectedAppendWrites": false - } - ] - } - }, - "fileServices": { - "value": { - "diagnosticLogsRetentionInDays": 7, - "diagnosticStorageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", - "diagnosticWorkspaceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001", - "diagnosticEventHubAuthorizationRuleId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey", - "diagnosticEventHubName": "adp-<>-az-evh-x-001", - "shares": [ - { - "name": "avdprofiles", - "shareQuota": "5120", - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - { - "name": "avdprofiles2", - "shareQuota": "5120" - } - ] - } - }, - "tableServices": { - "value": { - "diagnosticLogsRetentionInDays": 7, - "diagnosticStorageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", - "diagnosticWorkspaceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001", - "diagnosticEventHubAuthorizationRuleId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey", - "diagnosticEventHubName": "adp-<>-az-evh-x-001", - "tables": [ - "table1", - "table2" - ] - } - }, - "queueServices": { - "value": { - "diagnosticLogsRetentionInDays": 7, - "diagnosticStorageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", - "diagnosticWorkspaceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001", - "diagnosticEventHubAuthorizationRuleId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey", - "diagnosticEventHubName": "adp-<>-az-evh-x-001", - "queues": [ - { - "name": "queue1", - "metadata": {}, - "roleAssignments": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - { - "name": "queue2", - "metadata": {} - } - ] - } + "roleDefinitionIdOrName": "Reader" + } + ], + "shareQuota": "5120" + }, + { + "name": "avdprofiles2", + "shareQuota": "5120" + } + ] + } + }, + "lock": { + "value": "CanNotDelete" + }, + "name": { + "value": "<>azsax001" + }, + "networkAcls": { + "value": { + "bypass": "AzureServices", + "defaultAction": "Deny", + "ipRules": [ + { + "action": "Allow", + "value": "1.1.1.1" + } + ], + "virtualNetworkRules": [ + { + "action": "Allow", + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001" + } + ] + } + }, + "privateEndpoints": { + "value": [ + { + "service": "blob", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" }, - "systemAssignedIdentity": { - "value": true + { + "service": "table", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } + { + "service": "queue", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } + { + "service": "file", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + } + ] + }, + "publicNetworkAccess": { + "value": "Disabled" + }, + "queueServices": { + "value": { + "diagnosticEventHubAuthorizationRuleId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey", + "diagnosticEventHubName": "adp-<>-az-evh-x-001", + "diagnosticLogsRetentionInDays": 7, + "diagnosticStorageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", + "diagnosticWorkspaceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001", + "queues": [ + { + "metadata": {}, + "name": "queue1", + "roleAssignments": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + }, + { + "metadata": {}, + "name": "queue2" + } + ] + } + }, + "requireInfrastructureEncryption": { + "value": true + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "storageAccountSku": { + "value": "Standard_LRS" + }, + "systemAssignedIdentity": { + "value": true + }, + "tableServices": { + "value": { + "diagnosticEventHubAuthorizationRuleId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey", + "diagnosticEventHubName": "adp-<>-az-evh-x-001", + "diagnosticLogsRetentionInDays": 7, + "diagnosticStorageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", + "diagnosticWorkspaceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001", + "tables": [ + "table1", + "table2" + ] + } + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` @@ -989,16 +989,16 @@ module storageAccounts './Microsoft.Storage/storageAccounts/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "storageAccountKind": { - "value": "Storage" - }, - "allowBlobPublicAccess": { - "value": false - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "allowBlobPublicAccess": { + "value": false + }, + "storageAccountKind": { + "value": "Storage" } + } } ``` diff --git a/modules/Microsoft.Synapse/privateLinkHubs/readme.md b/modules/Microsoft.Synapse/privateLinkHubs/readme.md index ed66c3ab74..047be7562d 100644 --- a/modules/Microsoft.Synapse/privateLinkHubs/readme.md +++ b/modules/Microsoft.Synapse/privateLinkHubs/readme.md @@ -249,13 +249,13 @@ module privateLinkHubs './Microsoft.Synapse/privateLinkHubs/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "synplhmin001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "synplhmin001" } + } } ``` @@ -307,40 +307,40 @@ module privateLinkHubs './Microsoft.Synapse/privateLinkHubs/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "synplhstandard001" - }, - "lock": { - "value": "CanNotDelete" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - }, - { - "roleDefinitionIdOrName": "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "synplhstandard001" + }, + "lock": { + "value": "CanNotDelete" + }, + "privateEndpoints": { + "value": [ + { + "service": "Web", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "Web" - } - ] + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" } + ] } + } } ``` diff --git a/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md b/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md index 317c32116d..5d1fec06bb 100644 --- a/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md +++ b/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md @@ -316,73 +316,73 @@ module imageTemplates './Microsoft.VirtualMachineImages/imageTemplates/deploy.bi ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-imgt-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "userMsiName": { - "value": "adp-<>-az-msi-x-001" - }, - "userMsiResourceGroup": { - "value": "validation-rg" - }, - "buildTimeoutInMinutes": { - "value": 0 - }, - "vmSize": { - "value": "Standard_D2s_v3" - }, - "osDiskSizeGB": { - "value": 127 - }, - "subnetId": { - "value": "" - }, - "imageSource": { - "value": { - "type": "PlatformImage", - "publisher": "MicrosoftWindowsDesktop", - "offer": "Windows-10", - "sku": "19h2-evd", - "version": "latest" - } - }, - "customizationSteps": { - "value": [ - { - "type": "WindowsRestart", - "restartTimeout": "30m" - } - ] - }, - "managedImageName": { - "value": "<>-az-mi-x-001" - }, - "unManagedImageName": { - "value": "<>-az-umi-x-001" - }, - "sigImageDefinitionId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/galleries/adp<>azsigweux001/images/adp-<>-az-imgd-x-001" - }, - "imageReplicationRegions": { - "value": [] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "customizationSteps": { + "value": [ + { + "restartTimeout": "30m", + "type": "WindowsRestart" } + ] + }, + "imageSource": { + "value": { + "offer": "Windows-10", + "publisher": "MicrosoftWindowsDesktop", + "sku": "19h2-evd", + "type": "PlatformImage", + "version": "latest" + } + }, + "name": { + "value": "<>-az-imgt-x-001" + }, + "userMsiName": { + "value": "adp-<>-az-msi-x-001" + }, + "buildTimeoutInMinutes": { + "value": 0 + }, + "imageReplicationRegions": { + "value": [] + }, + "lock": { + "value": "CanNotDelete" + }, + "managedImageName": { + "value": "<>-az-mi-x-001" + }, + "osDiskSizeGB": { + "value": 127 + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "sigImageDefinitionId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/galleries/adp<>azsigweux001/images/adp-<>-az-imgd-x-001" + }, + "subnetId": { + "value": "" + }, + "unManagedImageName": { + "value": "<>-az-umi-x-001" + }, + "userMsiResourceGroup": { + "value": "validation-rg" + }, + "vmSize": { + "value": "Standard_D2s_v3" } + } } ``` diff --git a/modules/Microsoft.Web/connections/readme.md b/modules/Microsoft.Web/connections/readme.md index 71150f7873..f1788cdfdb 100644 --- a/modules/Microsoft.Web/connections/readme.md +++ b/modules/Microsoft.Web/connections/readme.md @@ -190,34 +190,34 @@ module connections './Microsoft.Web/connections/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "azuremonitor" - }, - "lock": { - "value": "CanNotDelete" - }, - "displayName": { - "value": "azuremonitorlogs" - }, - "connectionApi": { - "value": { - "id": "/subscriptions/<>/providers/Microsoft.Web/locations/westeurope/managedApis/azuremonitorlogs" - } - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "displayName": { + "value": "azuremonitorlogs" + }, + "name": { + "value": "azuremonitor" + }, + "connectionApi": { + "value": { + "id": "/subscriptions/<>/providers/Microsoft.Web/locations/westeurope/managedApis/azuremonitorlogs" + } + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Web/hostingEnvironments/readme.md b/modules/Microsoft.Web/hostingEnvironments/readme.md index 2f02a0e8ad..0f1cee5ca9 100644 --- a/modules/Microsoft.Web/hostingEnvironments/readme.md +++ b/modules/Microsoft.Web/hostingEnvironments/readme.md @@ -246,58 +246,58 @@ module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-appse-asev2-001" - }, - "kind": { - "value": "ASEv2" - }, - "multiSize": { - "value": "Standard_D1_V2" - }, - "ipsslAddressCount": { - "value": 2 - }, - "clusterSettings": { - "value": [ - { - "name": "DisableTls1.0", - "value": "1" - } - ] - }, - "subnetResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-008" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-appse-asev2-001" + }, + "subnetResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-008" + }, + "clusterSettings": { + "value": [ + { + "name": "DisableTls1.0", + "value": "1" + } + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "ipsslAddressCount": { + "value": 2 + }, + "kind": { + "value": "ASEv2" + }, + "multiSize": { + "value": "Standard_D1_V2" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` @@ -349,52 +349,52 @@ module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-appse-asev3-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "subnetResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-006" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "clusterSettings": { - "value": [ - { - "name": "DisableTls1.0", - "value": "1" - } - ] - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-appse-asev3-001" + }, + "subnetResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-006" + }, + "clusterSettings": { + "value": [ + { + "name": "DisableTls1.0", + "value": "1" + } + ] + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Web/serverfarms/readme.md b/modules/Microsoft.Web/serverfarms/readme.md index 2763c6cf66..d691a0f3f7 100644 --- a/modules/Microsoft.Web/serverfarms/readme.md +++ b/modules/Microsoft.Web/serverfarms/readme.md @@ -243,50 +243,50 @@ module serverfarms './Microsoft.Web/serverfarms/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-asp-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "sku": { - "value": { - "name": "S1", - "tier": "Standard", - "size": "S1", - "family": "S", - "capacity": "1" - } - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-asp-x-001" + }, + "sku": { + "value": { + "capacity": "1", + "family": "S", + "name": "S1", + "size": "S1", + "tier": "Standard" + } + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] } + } } ``` diff --git a/modules/Microsoft.Web/sites/readme.md b/modules/Microsoft.Web/sites/readme.md index 22def226ee..27249879ff 100644 --- a/modules/Microsoft.Web/sites/readme.md +++ b/modules/Microsoft.Web/sites/readme.md @@ -421,24 +421,24 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-fa-min-001" - }, - "kind": { - "value": "functionapp" - }, - "serverFarmResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001" - }, - "siteConfig": { - "value": { - "alwaysOn": true - } - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "kind": { + "value": "functionapp" + }, + "name": { + "value": "<>-az-fa-min-001" + }, + "serverFarmResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001" + }, + "siteConfig": { + "value": { + "alwaysOn": true + } } + } } ``` @@ -570,150 +570,150 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-fa-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "kind": { - "value": "functionapp" - }, - "serverFarmResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001" - }, - "siteConfig": { - "value": { - "alwaysOn": true, - "use32BitWorkerProcess": false - } - }, - "appInsightId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001" - }, - "storageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "setAzureWebJobsDashboard": { - "value": true - }, - "appSettingsKeyValuePairs": { - "value": { - "FUNCTIONS_EXTENSION_VERSION": "~4", - "FUNCTIONS_WORKER_RUNTIME": "dotnet", - "AzureFunctionsJobHost__logging__logLevel__default": "Trace", - "EASYAUTH_SECRET": "https://adp-<>-az-kv-x-001.vault.azure.net/secrets/Modules-Test-SP-Password" - } - }, - "authSettingV2Configuration": { - "value": { - "globalValidation": { - "requireAuthentication": true, - "unauthenticatedClientAction": "Return401" - }, - "httpSettings": { - "forwardProxy": { - "convention": "NoProxy" - }, - "requireHttps": true, - "routes": { - "apiPrefix": "/.auth" - } - }, - "identityProviders": { - "azureActiveDirectory": { - "enabled": true, - "login": { - "disableWWWAuthenticate": false - }, - "registration": { - "openIdIssuer": "https://sts.windows.net/<>/v2.0/", - "clientId": "d874dd2f-2032-4db1-a053-f0ec243685aa", - "clientSecretSettingName": "EASYAUTH_SECRET" - }, - "validation": { - "allowedAudiences": [ - "api://d874dd2f-2032-4db1-a053-f0ec243685aa" - ], - "defaultAuthorizationPolicy": { - "allowedPrincipals": {} - }, - "jwtClaimChecks": {} - } - } - }, - "login": { - "allowedExternalRedirectUrls": [ - "string" - ], - "cookieExpiration": { - "convention": "FixedTime", - "timeToExpiration": "08:00:00" - }, - "nonce": { - "nonceExpirationInterval": "00:05:00", - "validateNonce": true - }, - "preserveUrlFragmentsForLogins": false, - "routes": {}, - "tokenStore": { - "azureBlobStorage": {}, - "enabled": true, - "fileSystem": {}, - "tokenRefreshExtensionHours": 72 - } - }, - "platform": { - "enabled": true, - "runtimeVersion": "~1" - } - } - }, - "systemAssignedIdentity": { - "value": true + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "kind": { + "value": "functionapp" + }, + "name": { + "value": "<>-az-fa-x-001" + }, + "appInsightId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001" + }, + "appSettingsKeyValuePairs": { + "value": { + "AzureFunctionsJobHost__logging__logLevel__default": "Trace", + "EASYAUTH_SECRET": "https://adp-<>-az-kv-x-001.vault.azure.net/secrets/Modules-Test-SP-Password", + "FUNCTIONS_EXTENSION_VERSION": "~4", + "FUNCTIONS_WORKER_RUNTIME": "dotnet" + } + }, + "authSettingV2Configuration": { + "value": { + "globalValidation": { + "requireAuthentication": true, + "unauthenticatedClientAction": "Return401" + }, + "httpSettings": { + "forwardProxy": { + "convention": "NoProxy" + }, + "requireHttps": true, + "routes": { + "apiPrefix": "/.auth" + } }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + "identityProviders": { + "azureActiveDirectory": { + "enabled": true, + "login": { + "disableWWWAuthenticate": false + }, + "registration": { + "clientId": "d874dd2f-2032-4db1-a053-f0ec243685aa", + "clientSecretSettingName": "EASYAUTH_SECRET", + "openIdIssuer": "https://sts.windows.net/<>/v2.0/" + }, + "validation": { + "allowedAudiences": [ + "api://d874dd2f-2032-4db1-a053-f0ec243685aa" + ], + "defaultAuthorizationPolicy": { + "allowedPrincipals": {} + }, + "jwtClaimChecks": {} } + } }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "login": { + "allowedExternalRedirectUrls": [ + "string" + ], + "cookieExpiration": { + "convention": "FixedTime", + "timeToExpiration": "08:00:00" + }, + "nonce": { + "nonceExpirationInterval": "00:05:00", + "validateNonce": true + }, + "preserveUrlFragmentsForLogins": false, + "routes": {}, + "tokenStore": { + "azureBlobStorage": {}, + "enabled": true, + "fileSystem": {}, + "tokenRefreshExtensionHours": 72 + } }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "sites" - } - ] + "platform": { + "enabled": true, + "runtimeVersion": "~1" } + } + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "lock": { + "value": "CanNotDelete" + }, + "privateEndpoints": { + "value": [ + { + "service": "sites", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "serverFarmResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001" + }, + "setAzureWebJobsDashboard": { + "value": true + }, + "siteConfig": { + "value": { + "alwaysOn": true, + "use32BitWorkerProcess": false + } + }, + "storageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "systemAssignedIdentity": { + "value": true + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` @@ -746,19 +746,19 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-wa-min-001" - }, - "kind": { - "value": "app" - }, - "serverFarmResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "kind": { + "value": "app" + }, + "name": { + "value": "<>-az-wa-min-001" + }, + "serverFarmResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001" } + } } ``` @@ -824,74 +824,74 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-wa-x-001" - }, - "kind": { - "value": "app" - }, - "serverFarmResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001" - }, - "siteConfig": { - "value": { - "metadata": [ - { - "name": "CURRENT_STACK", - "value": "dotnetcore" - } - ], - "alwaysOn": true - } - }, - "httpsOnly": { - "value": true - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "sites" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "kind": { + "value": "app" + }, + "name": { + "value": "<>-az-wa-x-001" + }, + "diagnosticEventHubAuthorizationRuleId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + }, + "diagnosticEventHubName": { + "value": "adp-<>-az-evh-x-001" + }, + "diagnosticLogsRetentionInDays": { + "value": 7 + }, + "diagnosticStorageAccountId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + }, + "diagnosticWorkspaceId": { + "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + }, + "httpsOnly": { + "value": true + }, + "privateEndpoints": { + "value": [ + { + "service": "sites", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" + } + ] + }, + "serverFarmResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001" + }, + "siteConfig": { + "value": { + "alwaysOn": true, + "metadata": [ + { + "name": "CURRENT_STACK", + "value": "dotnetcore" + } + ] + } + }, + "systemAssignedIdentity": { + "value": true + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` diff --git a/modules/Microsoft.Web/staticSites/readme.md b/modules/Microsoft.Web/staticSites/readme.md index aac36467fd..1637e905bb 100644 --- a/modules/Microsoft.Web/staticSites/readme.md +++ b/modules/Microsoft.Web/staticSites/readme.md @@ -295,13 +295,13 @@ module staticSites './Microsoft.Web/staticSites/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-wss-min-001" - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-wss-min-001" } + } } ``` @@ -355,54 +355,54 @@ module staticSites './Microsoft.Web/staticSites/deploy.bicep' = { ```json { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-wss-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "sku": { - "value": "Standard" - }, - "stagingEnvironmentPolicy": { - "value": "Enabled" - }, - "allowConfigFileUpdates": { - "value": true - }, - "enterpriseGradeCdnStatus": { - "value": "Disabled" - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "staticSites" - } - ] + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-wss-x-001" + }, + "allowConfigFileUpdates": { + "value": true + }, + "enterpriseGradeCdnStatus": { + "value": "Disabled" + }, + "lock": { + "value": "CanNotDelete" + }, + "privateEndpoints": { + "value": [ + { + "service": "staticSites", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + } + ] + }, + "roleAssignments": { + "value": [ + { + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } + ] + }, + "sku": { + "value": "Standard" + }, + "stagingEnvironmentPolicy": { + "value": "Enabled" + }, + "systemAssignedIdentity": { + "value": true + }, + "userAssignedIdentities": { + "value": { + "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + } } + } } ``` From f92f761a292f1b77bac7570fcd3ba5af7ca619b0 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Thu, 7 Jul 2022 18:46:50 +0200 Subject: [PATCH 14/38] Added disclaimer to the deployment examples --- modules/Microsoft.AAD/DomainServices/readme.md | 2 ++ modules/Microsoft.AnalysisServices/servers/readme.md | 2 ++ modules/Microsoft.ApiManagement/service/readme.md | 2 ++ .../configurationStores/keyValues/readme.md | 2 ++ .../Microsoft.AppConfiguration/configurationStores/readme.md | 2 ++ modules/Microsoft.Authorization/locks/readme.md | 2 ++ modules/Microsoft.Authorization/policyAssignments/readme.md | 2 ++ modules/Microsoft.Authorization/policyDefinitions/readme.md | 2 ++ modules/Microsoft.Authorization/policyExemptions/readme.md | 2 ++ modules/Microsoft.Authorization/policySetDefinitions/readme.md | 2 ++ modules/Microsoft.Authorization/roleAssignments/readme.md | 2 ++ modules/Microsoft.Authorization/roleDefinitions/readme.md | 2 ++ modules/Microsoft.Automation/automationAccounts/readme.md | 2 ++ modules/Microsoft.Batch/batchAccounts/readme.md | 2 ++ modules/Microsoft.CognitiveServices/accounts/readme.md | 2 ++ modules/Microsoft.Compute/availabilitySets/readme.md | 2 ++ modules/Microsoft.Compute/diskEncryptionSets/readme.md | 2 ++ modules/Microsoft.Compute/disks/readme.md | 2 ++ modules/Microsoft.Compute/galleries/readme.md | 2 ++ modules/Microsoft.Compute/images/readme.md | 2 ++ modules/Microsoft.Compute/proximityPlacementGroups/readme.md | 2 ++ modules/Microsoft.Compute/virtualMachineScaleSets/readme.md | 2 ++ modules/Microsoft.Compute/virtualMachines/readme.md | 2 ++ modules/Microsoft.Consumption/budgets/readme.md | 2 ++ modules/Microsoft.ContainerInstance/containerGroups/readme.md | 2 ++ modules/Microsoft.ContainerRegistry/registries/readme.md | 2 ++ modules/Microsoft.ContainerService/managedClusters/readme.md | 2 ++ modules/Microsoft.DataFactory/factories/readme.md | 2 ++ modules/Microsoft.DataProtection/backupVaults/readme.md | 2 ++ modules/Microsoft.Databricks/workspaces/readme.md | 2 ++ .../Microsoft.DesktopVirtualization/applicationgroups/readme.md | 2 ++ modules/Microsoft.DesktopVirtualization/hostpools/readme.md | 2 ++ modules/Microsoft.DesktopVirtualization/scalingplans/readme.md | 2 ++ modules/Microsoft.DesktopVirtualization/workspaces/readme.md | 2 ++ modules/Microsoft.DocumentDB/databaseAccounts/readme.md | 2 ++ modules/Microsoft.EventGrid/systemTopics/readme.md | 2 ++ modules/Microsoft.EventGrid/topics/readme.md | 2 ++ modules/Microsoft.EventHub/namespaces/readme.md | 2 ++ modules/Microsoft.HealthBot/healthBots/readme.md | 2 ++ modules/Microsoft.Insights/actionGroups/readme.md | 2 ++ modules/Microsoft.Insights/activityLogAlerts/readme.md | 2 ++ modules/Microsoft.Insights/components/readme.md | 2 ++ modules/Microsoft.Insights/diagnosticSettings/readme.md | 2 ++ modules/Microsoft.Insights/metricAlerts/readme.md | 2 ++ modules/Microsoft.Insights/privateLinkScopes/readme.md | 2 ++ modules/Microsoft.Insights/scheduledQueryRules/readme.md | 2 ++ modules/Microsoft.KeyVault/vaults/readme.md | 2 ++ modules/Microsoft.KubernetesConfiguration/extensions/readme.md | 2 ++ .../fluxConfigurations/readme.md | 2 ++ modules/Microsoft.Logic/workflows/readme.md | 2 ++ modules/Microsoft.MachineLearningServices/workspaces/readme.md | 2 ++ .../Microsoft.ManagedIdentity/userAssignedIdentities/readme.md | 2 ++ .../Microsoft.ManagedServices/registrationDefinitions/readme.md | 2 ++ modules/Microsoft.Management/managementGroups/readme.md | 2 ++ modules/Microsoft.NetApp/netAppAccounts/readme.md | 2 ++ modules/Microsoft.Network/applicationGateways/readme.md | 2 ++ modules/Microsoft.Network/applicationSecurityGroups/readme.md | 2 ++ modules/Microsoft.Network/azureFirewalls/readme.md | 2 ++ modules/Microsoft.Network/bastionHosts/readme.md | 2 ++ modules/Microsoft.Network/connections/readme.md | 2 ++ modules/Microsoft.Network/ddosProtectionPlans/readme.md | 2 ++ modules/Microsoft.Network/expressRouteCircuits/readme.md | 2 ++ modules/Microsoft.Network/firewallPolicies/readme.md | 2 ++ modules/Microsoft.Network/frontDoors/readme.md | 2 ++ modules/Microsoft.Network/ipGroups/readme.md | 2 ++ modules/Microsoft.Network/loadBalancers/readme.md | 2 ++ modules/Microsoft.Network/localNetworkGateways/readme.md | 2 ++ modules/Microsoft.Network/natGateways/readme.md | 2 ++ modules/Microsoft.Network/networkInterfaces/readme.md | 2 ++ modules/Microsoft.Network/networkSecurityGroups/readme.md | 2 ++ modules/Microsoft.Network/networkWatchers/readme.md | 2 ++ modules/Microsoft.Network/privateDnsZones/readme.md | 2 ++ modules/Microsoft.Network/privateEndpoints/readme.md | 2 ++ modules/Microsoft.Network/publicIPAddresses/readme.md | 2 ++ modules/Microsoft.Network/publicIPPrefixes/readme.md | 2 ++ modules/Microsoft.Network/routeTables/readme.md | 2 ++ modules/Microsoft.Network/trafficmanagerprofiles/readme.md | 2 ++ modules/Microsoft.Network/virtualHubs/readme.md | 2 ++ modules/Microsoft.Network/virtualNetworkGateways/readme.md | 2 ++ modules/Microsoft.Network/virtualNetworks/readme.md | 2 ++ modules/Microsoft.Network/virtualWans/readme.md | 2 ++ modules/Microsoft.Network/vpnGateways/readme.md | 2 ++ modules/Microsoft.Network/vpnSites/readme.md | 2 ++ modules/Microsoft.OperationalInsights/workspaces/readme.md | 2 ++ modules/Microsoft.OperationsManagement/solutions/readme.md | 2 ++ modules/Microsoft.RecoveryServices/vaults/readme.md | 2 ++ modules/Microsoft.Resources/deploymentScripts/readme.md | 2 ++ modules/Microsoft.Resources/resourceGroups/readme.md | 2 ++ modules/Microsoft.Resources/tags/readme.md | 2 ++ modules/Microsoft.Security/azureSecurityCenter/readme.md | 2 ++ modules/Microsoft.ServiceBus/namespaces/readme.md | 2 ++ modules/Microsoft.ServiceFabric/clusters/readme.md | 2 ++ modules/Microsoft.Sql/managedInstances/readme.md | 2 ++ modules/Microsoft.Sql/servers/readme.md | 2 ++ modules/Microsoft.Storage/storageAccounts/readme.md | 2 ++ modules/Microsoft.Synapse/privateLinkHubs/readme.md | 2 ++ modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md | 2 ++ modules/Microsoft.Web/connections/readme.md | 2 ++ modules/Microsoft.Web/hostingEnvironments/readme.md | 2 ++ modules/Microsoft.Web/serverfarms/readme.md | 2 ++ modules/Microsoft.Web/sites/readme.md | 2 ++ modules/Microsoft.Web/staticSites/readme.md | 2 ++ 102 files changed, 204 insertions(+) diff --git a/modules/Microsoft.AAD/DomainServices/readme.md b/modules/Microsoft.AAD/DomainServices/readme.md index 0cc7952fa7..53d42f9c95 100644 --- a/modules/Microsoft.AAD/DomainServices/readme.md +++ b/modules/Microsoft.AAD/DomainServices/readme.md @@ -207,6 +207,8 @@ $pfxCertificate = [System.Convert]::ToBase64String($rawCertByteStream) ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.AnalysisServices/servers/readme.md b/modules/Microsoft.AnalysisServices/servers/readme.md index c08814bacc..3ccc2c1781 100644 --- a/modules/Microsoft.AnalysisServices/servers/readme.md +++ b/modules/Microsoft.AnalysisServices/servers/readme.md @@ -157,6 +157,8 @@ roleAssignments: [ ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Max

diff --git a/modules/Microsoft.ApiManagement/service/readme.md b/modules/Microsoft.ApiManagement/service/readme.md index dab187b86a..72d07af45d 100644 --- a/modules/Microsoft.ApiManagement/service/readme.md +++ b/modules/Microsoft.ApiManagement/service/readme.md @@ -268,6 +268,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Max

diff --git a/modules/Microsoft.AppConfiguration/configurationStores/keyValues/readme.md b/modules/Microsoft.AppConfiguration/configurationStores/keyValues/readme.md index f70de3d865..7a90139326 100644 --- a/modules/Microsoft.AppConfiguration/configurationStores/keyValues/readme.md +++ b/modules/Microsoft.AppConfiguration/configurationStores/keyValues/readme.md @@ -258,6 +258,8 @@ privateEndpoints: [ ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1

diff --git a/modules/Microsoft.AppConfiguration/configurationStores/readme.md b/modules/Microsoft.AppConfiguration/configurationStores/readme.md index fe756a2b25..df730c9350 100644 --- a/modules/Microsoft.AppConfiguration/configurationStores/readme.md +++ b/modules/Microsoft.AppConfiguration/configurationStores/readme.md @@ -280,6 +280,8 @@ privateEndpoints: [ ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Authorization/locks/readme.md b/modules/Microsoft.Authorization/locks/readme.md index a525e92f9b..5ef54c2a28 100644 --- a/modules/Microsoft.Authorization/locks/readme.md +++ b/modules/Microsoft.Authorization/locks/readme.md @@ -42,6 +42,8 @@ This module deploys Authorization Locks. ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Rg

diff --git a/modules/Microsoft.Authorization/policyAssignments/readme.md b/modules/Microsoft.Authorization/policyAssignments/readme.md index c02290b285..6c147e6db9 100644 --- a/modules/Microsoft.Authorization/policyAssignments/readme.md +++ b/modules/Microsoft.Authorization/policyAssignments/readme.md @@ -168,6 +168,8 @@ module policyassignment 'yourpath/modules/Microsoft.Authorization.policyAssignme ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Mg Min

diff --git a/modules/Microsoft.Authorization/policyDefinitions/readme.md b/modules/Microsoft.Authorization/policyDefinitions/readme.md index 37c4149ac6..5cc642ac6a 100644 --- a/modules/Microsoft.Authorization/policyDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policyDefinitions/readme.md @@ -126,6 +126,8 @@ module policydefinition 'yourpath/modules/Microsoft.Authorization.policyDefiniti ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Mg Min

diff --git a/modules/Microsoft.Authorization/policyExemptions/readme.md b/modules/Microsoft.Authorization/policyExemptions/readme.md index ef4a4349c5..3cdfdc154f 100644 --- a/modules/Microsoft.Authorization/policyExemptions/readme.md +++ b/modules/Microsoft.Authorization/policyExemptions/readme.md @@ -149,6 +149,8 @@ module policyexemption 'yourpath/modules/Microsoft.Authorization.policyExemption ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Mg Min

diff --git a/modules/Microsoft.Authorization/policySetDefinitions/readme.md b/modules/Microsoft.Authorization/policySetDefinitions/readme.md index 06f31b7138..8a1e74043a 100644 --- a/modules/Microsoft.Authorization/policySetDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policySetDefinitions/readme.md @@ -132,6 +132,8 @@ module policysetdefinition 'yourpath/modules/Microsoft.Authorization.policySetDe ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Mg Min

diff --git a/modules/Microsoft.Authorization/roleAssignments/readme.md b/modules/Microsoft.Authorization/roleAssignments/readme.md index 1b33804c1d..0d022a44a9 100644 --- a/modules/Microsoft.Authorization/roleAssignments/readme.md +++ b/modules/Microsoft.Authorization/roleAssignments/readme.md @@ -167,6 +167,8 @@ This module can be deployed at the management group, subscription or resource gr ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Mg Min

diff --git a/modules/Microsoft.Authorization/roleDefinitions/readme.md b/modules/Microsoft.Authorization/roleDefinitions/readme.md index 7d33d65e0b..08e0f10288 100644 --- a/modules/Microsoft.Authorization/roleDefinitions/readme.md +++ b/modules/Microsoft.Authorization/roleDefinitions/readme.md @@ -171,6 +171,8 @@ This module can be deployed both at subscription or resource group level: ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Mg Min

diff --git a/modules/Microsoft.Automation/automationAccounts/readme.md b/modules/Microsoft.Automation/automationAccounts/readme.md index ace674eb8b..aa98c9a10b 100644 --- a/modules/Microsoft.Automation/automationAccounts/readme.md +++ b/modules/Microsoft.Automation/automationAccounts/readme.md @@ -344,6 +344,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Encr

diff --git a/modules/Microsoft.Batch/batchAccounts/readme.md b/modules/Microsoft.Batch/batchAccounts/readme.md index 0443a7f3b9..6c9a8eb0b3 100644 --- a/modules/Microsoft.Batch/batchAccounts/readme.md +++ b/modules/Microsoft.Batch/batchAccounts/readme.md @@ -140,6 +140,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Encr

diff --git a/modules/Microsoft.CognitiveServices/accounts/readme.md b/modules/Microsoft.CognitiveServices/accounts/readme.md index d6989b0ddc..8bb490a62d 100644 --- a/modules/Microsoft.CognitiveServices/accounts/readme.md +++ b/modules/Microsoft.CognitiveServices/accounts/readme.md @@ -404,6 +404,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Encr

diff --git a/modules/Microsoft.Compute/availabilitySets/readme.md b/modules/Microsoft.Compute/availabilitySets/readme.md index 2fabcc67dc..c36f02f019 100644 --- a/modules/Microsoft.Compute/availabilitySets/readme.md +++ b/modules/Microsoft.Compute/availabilitySets/readme.md @@ -149,6 +149,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Compute/diskEncryptionSets/readme.md b/modules/Microsoft.Compute/diskEncryptionSets/readme.md index f097ea3ff1..8a7daee7e5 100644 --- a/modules/Microsoft.Compute/diskEncryptionSets/readme.md +++ b/modules/Microsoft.Compute/diskEncryptionSets/readme.md @@ -151,6 +151,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Compute/disks/readme.md b/modules/Microsoft.Compute/disks/readme.md index e0034812c7..42275eabd8 100644 --- a/modules/Microsoft.Compute/disks/readme.md +++ b/modules/Microsoft.Compute/disks/readme.md @@ -165,6 +165,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Image

diff --git a/modules/Microsoft.Compute/galleries/readme.md b/modules/Microsoft.Compute/galleries/readme.md index 2c38c1cf8a..c6d3204efd 100644 --- a/modules/Microsoft.Compute/galleries/readme.md +++ b/modules/Microsoft.Compute/galleries/readme.md @@ -148,6 +148,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Images

diff --git a/modules/Microsoft.Compute/images/readme.md b/modules/Microsoft.Compute/images/readme.md index 01cbd2354d..5b3cc9f8c7 100644 --- a/modules/Microsoft.Compute/images/readme.md +++ b/modules/Microsoft.Compute/images/readme.md @@ -149,6 +149,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Compute/proximityPlacementGroups/readme.md b/modules/Microsoft.Compute/proximityPlacementGroups/readme.md index 15d114119d..86ecd47a4f 100644 --- a/modules/Microsoft.Compute/proximityPlacementGroups/readme.md +++ b/modules/Microsoft.Compute/proximityPlacementGroups/readme.md @@ -146,6 +146,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md index e8762be151..2c03736235 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md @@ -873,6 +873,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Linux Min

diff --git a/modules/Microsoft.Compute/virtualMachines/readme.md b/modules/Microsoft.Compute/virtualMachines/readme.md index 1f57a20a90..4f53827ae8 100644 --- a/modules/Microsoft.Compute/virtualMachines/readme.md +++ b/modules/Microsoft.Compute/virtualMachines/readme.md @@ -1000,6 +1000,8 @@ For further details on automanage please refer to [Automanage virtual machines]( ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Linux Autmg

diff --git a/modules/Microsoft.Consumption/budgets/readme.md b/modules/Microsoft.Consumption/budgets/readme.md index 358b9b0ff0..c493befd0b 100644 --- a/modules/Microsoft.Consumption/budgets/readme.md +++ b/modules/Microsoft.Consumption/budgets/readme.md @@ -48,6 +48,8 @@ This module deploys budgets for subscriptions. ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.ContainerInstance/containerGroups/readme.md b/modules/Microsoft.ContainerInstance/containerGroups/readme.md index b01d3bb8e8..9d578aa730 100644 --- a/modules/Microsoft.ContainerInstance/containerGroups/readme.md +++ b/modules/Microsoft.ContainerInstance/containerGroups/readme.md @@ -170,6 +170,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.ContainerRegistry/registries/readme.md b/modules/Microsoft.ContainerRegistry/registries/readme.md index 788724b696..015aaa8ea5 100644 --- a/modules/Microsoft.ContainerRegistry/registries/readme.md +++ b/modules/Microsoft.ContainerRegistry/registries/readme.md @@ -331,6 +331,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Encr

diff --git a/modules/Microsoft.ContainerService/managedClusters/readme.md b/modules/Microsoft.ContainerService/managedClusters/readme.md index b20a3ff128..3e34d6df14 100644 --- a/modules/Microsoft.ContainerService/managedClusters/readme.md +++ b/modules/Microsoft.ContainerService/managedClusters/readme.md @@ -359,6 +359,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Azure

diff --git a/modules/Microsoft.DataFactory/factories/readme.md b/modules/Microsoft.DataFactory/factories/readme.md index 107c9bf18e..fd0b37b714 100644 --- a/modules/Microsoft.DataFactory/factories/readme.md +++ b/modules/Microsoft.DataFactory/factories/readme.md @@ -282,6 +282,8 @@ privateEndpoints: [ ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.DataProtection/backupVaults/readme.md b/modules/Microsoft.DataProtection/backupVaults/readme.md index f77c81a356..d37f1cf71c 100644 --- a/modules/Microsoft.DataProtection/backupVaults/readme.md +++ b/modules/Microsoft.DataProtection/backupVaults/readme.md @@ -332,6 +332,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Databricks/workspaces/readme.md b/modules/Microsoft.Databricks/workspaces/readme.md index 25efa18299..e905c1e37e 100644 --- a/modules/Microsoft.Databricks/workspaces/readme.md +++ b/modules/Microsoft.Databricks/workspaces/readme.md @@ -219,6 +219,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md index 656ffb6c1a..f1c4e8fc67 100644 --- a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md +++ b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md @@ -159,6 +159,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.DesktopVirtualization/hostpools/readme.md b/modules/Microsoft.DesktopVirtualization/hostpools/readme.md index 2d42f43142..44936c4e3f 100644 --- a/modules/Microsoft.DesktopVirtualization/hostpools/readme.md +++ b/modules/Microsoft.DesktopVirtualization/hostpools/readme.md @@ -255,6 +255,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md b/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md index 25cff56f29..a672042f7b 100644 --- a/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md +++ b/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md @@ -257,6 +257,8 @@ roleAssignments: [ ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.DesktopVirtualization/workspaces/readme.md b/modules/Microsoft.DesktopVirtualization/workspaces/readme.md index 02ddec5b87..fdf8347aba 100644 --- a/modules/Microsoft.DesktopVirtualization/workspaces/readme.md +++ b/modules/Microsoft.DesktopVirtualization/workspaces/readme.md @@ -156,6 +156,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md index 8dbdd172e1..a4abaf91b6 100644 --- a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md +++ b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md @@ -532,6 +532,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Gremlindb

diff --git a/modules/Microsoft.EventGrid/systemTopics/readme.md b/modules/Microsoft.EventGrid/systemTopics/readme.md index ca074cb9e1..ebaec3a623 100644 --- a/modules/Microsoft.EventGrid/systemTopics/readme.md +++ b/modules/Microsoft.EventGrid/systemTopics/readme.md @@ -269,6 +269,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.EventGrid/topics/readme.md b/modules/Microsoft.EventGrid/topics/readme.md index 7c627272f9..55ae03e7db 100644 --- a/modules/Microsoft.EventGrid/topics/readme.md +++ b/modules/Microsoft.EventGrid/topics/readme.md @@ -236,6 +236,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.EventHub/namespaces/readme.md b/modules/Microsoft.EventHub/namespaces/readme.md index 25bc06dbf4..32a4dadef6 100644 --- a/modules/Microsoft.EventHub/namespaces/readme.md +++ b/modules/Microsoft.EventHub/namespaces/readme.md @@ -281,6 +281,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.HealthBot/healthBots/readme.md b/modules/Microsoft.HealthBot/healthBots/readme.md index 364460b896..7dbbb393e9 100644 --- a/modules/Microsoft.HealthBot/healthBots/readme.md +++ b/modules/Microsoft.HealthBot/healthBots/readme.md @@ -146,6 +146,8 @@ roleAssignments: [ ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Insights/actionGroups/readme.md b/modules/Microsoft.Insights/actionGroups/readme.md index 8fffb75a5a..5e207db10d 100644 --- a/modules/Microsoft.Insights/actionGroups/readme.md +++ b/modules/Microsoft.Insights/actionGroups/readme.md @@ -232,6 +232,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Insights/activityLogAlerts/readme.md b/modules/Microsoft.Insights/activityLogAlerts/readme.md index 45dddceeab..db13917c7a 100644 --- a/modules/Microsoft.Insights/activityLogAlerts/readme.md +++ b/modules/Microsoft.Insights/activityLogAlerts/readme.md @@ -394,6 +394,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Insights/components/readme.md b/modules/Microsoft.Insights/components/readme.md index 5daa7cc917..0e9921257f 100644 --- a/modules/Microsoft.Insights/components/readme.md +++ b/modules/Microsoft.Insights/components/readme.md @@ -150,6 +150,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Insights/diagnosticSettings/readme.md b/modules/Microsoft.Insights/diagnosticSettings/readme.md index d1a45839bb..99e98d9c78 100644 --- a/modules/Microsoft.Insights/diagnosticSettings/readme.md +++ b/modules/Microsoft.Insights/diagnosticSettings/readme.md @@ -41,6 +41,8 @@ This module deploys a subscription wide export of the activity log. ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Insights/metricAlerts/readme.md b/modules/Microsoft.Insights/metricAlerts/readme.md index 584eef5990..ba04d8b633 100644 --- a/modules/Microsoft.Insights/metricAlerts/readme.md +++ b/modules/Microsoft.Insights/metricAlerts/readme.md @@ -375,6 +375,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Insights/privateLinkScopes/readme.md b/modules/Microsoft.Insights/privateLinkScopes/readme.md index 37ed0e79ad..b826b47b3b 100644 --- a/modules/Microsoft.Insights/privateLinkScopes/readme.md +++ b/modules/Microsoft.Insights/privateLinkScopes/readme.md @@ -227,6 +227,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Insights/scheduledQueryRules/readme.md b/modules/Microsoft.Insights/scheduledQueryRules/readme.md index 076cd01af3..f0e032d238 100644 --- a/modules/Microsoft.Insights/scheduledQueryRules/readme.md +++ b/modules/Microsoft.Insights/scheduledQueryRules/readme.md @@ -157,6 +157,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.KeyVault/vaults/readme.md b/modules/Microsoft.KeyVault/vaults/readme.md index 25bd46f335..b3236b13a9 100644 --- a/modules/Microsoft.KeyVault/vaults/readme.md +++ b/modules/Microsoft.KeyVault/vaults/readme.md @@ -380,6 +380,8 @@ privateEndpoints: [ ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.KubernetesConfiguration/extensions/readme.md b/modules/Microsoft.KubernetesConfiguration/extensions/readme.md index e4428e455d..0aa08b79a2 100644 --- a/modules/Microsoft.KubernetesConfiguration/extensions/readme.md +++ b/modules/Microsoft.KubernetesConfiguration/extensions/readme.md @@ -65,6 +65,8 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md b/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md index 42c398a142..5e455b53d5 100644 --- a/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md +++ b/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md @@ -67,6 +67,8 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Logic/workflows/readme.md b/modules/Microsoft.Logic/workflows/readme.md index 58b1cf7a49..20a292cb40 100644 --- a/modules/Microsoft.Logic/workflows/readme.md +++ b/modules/Microsoft.Logic/workflows/readme.md @@ -313,6 +313,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.MachineLearningServices/workspaces/readme.md b/modules/Microsoft.MachineLearningServices/workspaces/readme.md index ccfa46a6c8..2de895454c 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/readme.md +++ b/modules/Microsoft.MachineLearningServices/workspaces/readme.md @@ -398,6 +398,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Encr

diff --git a/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md b/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md index cba68604a8..4eb42ea0d7 100644 --- a/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md +++ b/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md @@ -142,6 +142,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md b/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md index 4ff62f9a21..382d87fdd5 100644 --- a/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md +++ b/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md @@ -165,6 +165,8 @@ There are a couple of limitations that you should be aware of with Lighthouse: ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Management/managementGroups/readme.md b/modules/Microsoft.Management/managementGroups/readme.md index 308f8c16b9..40a241cb4f 100644 --- a/modules/Microsoft.Management/managementGroups/readme.md +++ b/modules/Microsoft.Management/managementGroups/readme.md @@ -123,6 +123,8 @@ New-AzRoleAssignment -ObjectId $PrincipalID -Scope "/providers/Microsoft.Managem ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.NetApp/netAppAccounts/readme.md b/modules/Microsoft.NetApp/netAppAccounts/readme.md index 8b6fe2aa72..92f4043c57 100644 --- a/modules/Microsoft.NetApp/netAppAccounts/readme.md +++ b/modules/Microsoft.NetApp/netAppAccounts/readme.md @@ -154,6 +154,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Network/applicationGateways/readme.md b/modules/Microsoft.Network/applicationGateways/readme.md index 2fd6de4b45..1955644640 100644 --- a/modules/Microsoft.Network/applicationGateways/readme.md +++ b/modules/Microsoft.Network/applicationGateways/readme.md @@ -222,6 +222,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Network/applicationSecurityGroups/readme.md b/modules/Microsoft.Network/applicationSecurityGroups/readme.md index b856fe8918..96650f98a6 100644 --- a/modules/Microsoft.Network/applicationSecurityGroups/readme.md +++ b/modules/Microsoft.Network/applicationSecurityGroups/readme.md @@ -145,6 +145,8 @@ roleAssignments: [ ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Network/azureFirewalls/readme.md b/modules/Microsoft.Network/azureFirewalls/readme.md index 899294a842..c609b86f06 100644 --- a/modules/Microsoft.Network/azureFirewalls/readme.md +++ b/modules/Microsoft.Network/azureFirewalls/readme.md @@ -299,6 +299,8 @@ The `networkRuleCollections` parameter accepts a JSON Array of AzureFirewallNetw ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Addpip

diff --git a/modules/Microsoft.Network/bastionHosts/readme.md b/modules/Microsoft.Network/bastionHosts/readme.md index db5ff7d79f..2f29c0a932 100644 --- a/modules/Microsoft.Network/bastionHosts/readme.md +++ b/modules/Microsoft.Network/bastionHosts/readme.md @@ -283,6 +283,8 @@ roleAssignments: [ ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Addpip

diff --git a/modules/Microsoft.Network/connections/readme.md b/modules/Microsoft.Network/connections/readme.md index 2b3512d25a..55552b0e02 100644 --- a/modules/Microsoft.Network/connections/readme.md +++ b/modules/Microsoft.Network/connections/readme.md @@ -304,6 +304,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Vnet2vnet

diff --git a/modules/Microsoft.Network/ddosProtectionPlans/readme.md b/modules/Microsoft.Network/ddosProtectionPlans/readme.md index 40d75bae51..f2dd53b7dc 100644 --- a/modules/Microsoft.Network/ddosProtectionPlans/readme.md +++ b/modules/Microsoft.Network/ddosProtectionPlans/readme.md @@ -145,6 +145,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Network/expressRouteCircuits/readme.md b/modules/Microsoft.Network/expressRouteCircuits/readme.md index c3115e79e2..115a12a94b 100644 --- a/modules/Microsoft.Network/expressRouteCircuits/readme.md +++ b/modules/Microsoft.Network/expressRouteCircuits/readme.md @@ -167,6 +167,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Network/firewallPolicies/readme.md b/modules/Microsoft.Network/firewallPolicies/readme.md index 2613109f6b..dce25299eb 100644 --- a/modules/Microsoft.Network/firewallPolicies/readme.md +++ b/modules/Microsoft.Network/firewallPolicies/readme.md @@ -136,6 +136,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Network/frontDoors/readme.md b/modules/Microsoft.Network/frontDoors/readme.md index c53a436e8a..27dd80e58e 100644 --- a/modules/Microsoft.Network/frontDoors/readme.md +++ b/modules/Microsoft.Network/frontDoors/readme.md @@ -162,6 +162,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Network/ipGroups/readme.md b/modules/Microsoft.Network/ipGroups/readme.md index a529059d04..21f43b9ccd 100644 --- a/modules/Microsoft.Network/ipGroups/readme.md +++ b/modules/Microsoft.Network/ipGroups/readme.md @@ -146,6 +146,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Network/loadBalancers/readme.md b/modules/Microsoft.Network/loadBalancers/readme.md index 4d967e023d..2263f86e40 100644 --- a/modules/Microsoft.Network/loadBalancers/readme.md +++ b/modules/Microsoft.Network/loadBalancers/readme.md @@ -459,6 +459,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Internal

diff --git a/modules/Microsoft.Network/localNetworkGateways/readme.md b/modules/Microsoft.Network/localNetworkGateways/readme.md index 33406ede41..18c668de3f 100644 --- a/modules/Microsoft.Network/localNetworkGateways/readme.md +++ b/modules/Microsoft.Network/localNetworkGateways/readme.md @@ -151,6 +151,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Network/natGateways/readme.md b/modules/Microsoft.Network/natGateways/readme.md index 595c28b302..6e286c93e0 100644 --- a/modules/Microsoft.Network/natGateways/readme.md +++ b/modules/Microsoft.Network/natGateways/readme.md @@ -163,6 +163,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Network/networkInterfaces/readme.md b/modules/Microsoft.Network/networkInterfaces/readme.md index 6317f304c5..32cc055c67 100644 --- a/modules/Microsoft.Network/networkInterfaces/readme.md +++ b/modules/Microsoft.Network/networkInterfaces/readme.md @@ -179,6 +179,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Network/networkSecurityGroups/readme.md b/modules/Microsoft.Network/networkSecurityGroups/readme.md index 004f8b5b43..1ae1d22898 100644 --- a/modules/Microsoft.Network/networkSecurityGroups/readme.md +++ b/modules/Microsoft.Network/networkSecurityGroups/readme.md @@ -155,6 +155,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Network/networkWatchers/readme.md b/modules/Microsoft.Network/networkWatchers/readme.md index 3dd8abdb4d..8ab14b735e 100644 --- a/modules/Microsoft.Network/networkWatchers/readme.md +++ b/modules/Microsoft.Network/networkWatchers/readme.md @@ -149,6 +149,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Network/privateDnsZones/readme.md b/modules/Microsoft.Network/privateDnsZones/readme.md index 0bf4eff43e..d8ad43ed68 100644 --- a/modules/Microsoft.Network/privateDnsZones/readme.md +++ b/modules/Microsoft.Network/privateDnsZones/readme.md @@ -163,6 +163,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Network/privateEndpoints/readme.md b/modules/Microsoft.Network/privateEndpoints/readme.md index 1827f3c7f9..52bcb05816 100644 --- a/modules/Microsoft.Network/privateEndpoints/readme.md +++ b/modules/Microsoft.Network/privateEndpoints/readme.md @@ -162,6 +162,8 @@ roleAssignments: [ ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Network/publicIPAddresses/readme.md b/modules/Microsoft.Network/publicIPAddresses/readme.md index 8bac9c5513..916b7e478d 100644 --- a/modules/Microsoft.Network/publicIPAddresses/readme.md +++ b/modules/Microsoft.Network/publicIPAddresses/readme.md @@ -159,6 +159,8 @@ roleAssignments: [ ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Network/publicIPPrefixes/readme.md b/modules/Microsoft.Network/publicIPPrefixes/readme.md index 3ccb2f159c..71faed1998 100644 --- a/modules/Microsoft.Network/publicIPPrefixes/readme.md +++ b/modules/Microsoft.Network/publicIPPrefixes/readme.md @@ -146,6 +146,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Network/routeTables/readme.md b/modules/Microsoft.Network/routeTables/readme.md index cabeaad4a3..a120ed4a4d 100644 --- a/modules/Microsoft.Network/routeTables/readme.md +++ b/modules/Microsoft.Network/routeTables/readme.md @@ -236,6 +236,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md index c7c437b492..7df100d085 100644 --- a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md +++ b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md @@ -250,6 +250,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Network/virtualHubs/readme.md b/modules/Microsoft.Network/virtualHubs/readme.md index e11b58400b..00f5a11405 100644 --- a/modules/Microsoft.Network/virtualHubs/readme.md +++ b/modules/Microsoft.Network/virtualHubs/readme.md @@ -103,6 +103,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Network/virtualNetworkGateways/readme.md b/modules/Microsoft.Network/virtualNetworkGateways/readme.md index 777b88defb..c4a5087ace 100644 --- a/modules/Microsoft.Network/virtualNetworkGateways/readme.md +++ b/modules/Microsoft.Network/virtualNetworkGateways/readme.md @@ -240,6 +240,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Expressroute

diff --git a/modules/Microsoft.Network/virtualNetworks/readme.md b/modules/Microsoft.Network/virtualNetworks/readme.md index d6d2a1f85f..88c3dff5f9 100644 --- a/modules/Microsoft.Network/virtualNetworks/readme.md +++ b/modules/Microsoft.Network/virtualNetworks/readme.md @@ -348,6 +348,8 @@ The network security group and route table resources must reside in the same res ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Network/virtualWans/readme.md b/modules/Microsoft.Network/virtualWans/readme.md index 17c2ce2c10..9ecacf8607 100644 --- a/modules/Microsoft.Network/virtualWans/readme.md +++ b/modules/Microsoft.Network/virtualWans/readme.md @@ -149,6 +149,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Network/vpnGateways/readme.md b/modules/Microsoft.Network/vpnGateways/readme.md index 638d97001b..fc97b3743c 100644 --- a/modules/Microsoft.Network/vpnGateways/readme.md +++ b/modules/Microsoft.Network/vpnGateways/readme.md @@ -170,6 +170,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Network/vpnSites/readme.md b/modules/Microsoft.Network/vpnSites/readme.md index 4200237c75..8fdd29fca5 100644 --- a/modules/Microsoft.Network/vpnSites/readme.md +++ b/modules/Microsoft.Network/vpnSites/readme.md @@ -318,6 +318,8 @@ roleAssignments: [ ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.OperationalInsights/workspaces/readme.md b/modules/Microsoft.OperationalInsights/workspaces/readme.md index cf162c6829..ae5f21bb9f 100644 --- a/modules/Microsoft.OperationalInsights/workspaces/readme.md +++ b/modules/Microsoft.OperationalInsights/workspaces/readme.md @@ -440,6 +440,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.OperationsManagement/solutions/readme.md b/modules/Microsoft.OperationsManagement/solutions/readme.md index fb00cd0187..26ff3eac4d 100644 --- a/modules/Microsoft.OperationsManagement/solutions/readme.md +++ b/modules/Microsoft.OperationsManagement/solutions/readme.md @@ -43,6 +43,8 @@ This module deploys OperationsManagement Solutions. ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.RecoveryServices/vaults/readme.md b/modules/Microsoft.RecoveryServices/vaults/readme.md index 8cec83029e..84a116c258 100644 --- a/modules/Microsoft.RecoveryServices/vaults/readme.md +++ b/modules/Microsoft.RecoveryServices/vaults/readme.md @@ -893,6 +893,8 @@ privateEndpoints: [ ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Dr

diff --git a/modules/Microsoft.Resources/deploymentScripts/readme.md b/modules/Microsoft.Resources/deploymentScripts/readme.md index 760bd5e237..73d18ab848 100644 --- a/modules/Microsoft.Resources/deploymentScripts/readme.md +++ b/modules/Microsoft.Resources/deploymentScripts/readme.md @@ -141,6 +141,8 @@ This module requires a User Assigned Identity (MSI, managed service identity) to ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Cli

diff --git a/modules/Microsoft.Resources/resourceGroups/readme.md b/modules/Microsoft.Resources/resourceGroups/readme.md index 03f38afb17..98f3c8fe8f 100644 --- a/modules/Microsoft.Resources/resourceGroups/readme.md +++ b/modules/Microsoft.Resources/resourceGroups/readme.md @@ -149,6 +149,8 @@ This module requires a User Assigned Identity (MSI, managed service identity) to ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Resources/tags/readme.md b/modules/Microsoft.Resources/tags/readme.md index 29f7cc50ab..2e94e3b1ca 100644 --- a/modules/Microsoft.Resources/tags/readme.md +++ b/modules/Microsoft.Resources/tags/readme.md @@ -79,6 +79,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.Security/azureSecurityCenter/readme.md b/modules/Microsoft.Security/azureSecurityCenter/readme.md index 4e7f896bdc..9d362b5f17 100644 --- a/modules/Microsoft.Security/azureSecurityCenter/readme.md +++ b/modules/Microsoft.Security/azureSecurityCenter/readme.md @@ -96,6 +96,8 @@ securityContactProperties: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.ServiceBus/namespaces/readme.md b/modules/Microsoft.ServiceBus/namespaces/readme.md index 108f0d5bce..5e96f831af 100644 --- a/modules/Microsoft.ServiceBus/namespaces/readme.md +++ b/modules/Microsoft.ServiceBus/namespaces/readme.md @@ -331,6 +331,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.ServiceFabric/clusters/readme.md b/modules/Microsoft.ServiceFabric/clusters/readme.md index 1e37b4d9e9..92fb23e1c2 100644 --- a/modules/Microsoft.ServiceFabric/clusters/readme.md +++ b/modules/Microsoft.ServiceFabric/clusters/readme.md @@ -228,6 +228,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Cert

diff --git a/modules/Microsoft.Sql/managedInstances/readme.md b/modules/Microsoft.Sql/managedInstances/readme.md index d9125d8b3a..c82810e69a 100644 --- a/modules/Microsoft.Sql/managedInstances/readme.md +++ b/modules/Microsoft.Sql/managedInstances/readme.md @@ -274,6 +274,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Sql/servers/readme.md b/modules/Microsoft.Sql/servers/readme.md index f5486e6fad..5470c78e16 100644 --- a/modules/Microsoft.Sql/servers/readme.md +++ b/modules/Microsoft.Sql/servers/readme.md @@ -318,6 +318,8 @@ privateEndpoints: [ ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Admin

diff --git a/modules/Microsoft.Storage/storageAccounts/readme.md b/modules/Microsoft.Storage/storageAccounts/readme.md index 5bc6d491a4..4db691e4ee 100644 --- a/modules/Microsoft.Storage/storageAccounts/readme.md +++ b/modules/Microsoft.Storage/storageAccounts/readme.md @@ -364,6 +364,8 @@ The hierarchical namespace of the storage account (see parameter `enableHierarch ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Encr

diff --git a/modules/Microsoft.Synapse/privateLinkHubs/readme.md b/modules/Microsoft.Synapse/privateLinkHubs/readme.md index 25f7ef954f..f98c3fcd85 100644 --- a/modules/Microsoft.Synapse/privateLinkHubs/readme.md +++ b/modules/Microsoft.Synapse/privateLinkHubs/readme.md @@ -225,6 +225,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

diff --git a/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md b/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md index 5d1fec06bb..28a9976286 100644 --- a/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md +++ b/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md @@ -260,6 +260,8 @@ roleAssignments: [ ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Web/connections/readme.md b/modules/Microsoft.Web/connections/readme.md index f1788cdfdb..207f3e213c 100644 --- a/modules/Microsoft.Web/connections/readme.md +++ b/modules/Microsoft.Web/connections/readme.md @@ -153,6 +153,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Web/hostingEnvironments/readme.md b/modules/Microsoft.Web/hostingEnvironments/readme.md index 0f1cee5ca9..98c9137061 100644 --- a/modules/Microsoft.Web/hostingEnvironments/readme.md +++ b/modules/Microsoft.Web/hostingEnvironments/readme.md @@ -199,6 +199,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Asev2

diff --git a/modules/Microsoft.Web/serverfarms/readme.md b/modules/Microsoft.Web/serverfarms/readme.md index d691a0f3f7..a45b809a03 100644 --- a/modules/Microsoft.Web/serverfarms/readme.md +++ b/modules/Microsoft.Web/serverfarms/readme.md @@ -198,6 +198,8 @@ tags: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Parameters

diff --git a/modules/Microsoft.Web/sites/readme.md b/modules/Microsoft.Web/sites/readme.md index 11bedc60c3..d5b1fff86f 100644 --- a/modules/Microsoft.Web/sites/readme.md +++ b/modules/Microsoft.Web/sites/readme.md @@ -392,6 +392,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Fa Min

diff --git a/modules/Microsoft.Web/staticSites/readme.md b/modules/Microsoft.Web/staticSites/readme.md index 31c8c6b94c..51fd503e21 100644 --- a/modules/Microsoft.Web/staticSites/readme.md +++ b/modules/Microsoft.Web/staticSites/readme.md @@ -271,6 +271,8 @@ userAssignedIdentities: { ## Deployment examples +Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +

Example 1: Min

From dbb511a456bca1781729073f849e8d4110332b3a Mon Sep 17 00:00:00 2001 From: MrMCake Date: Thu, 7 Jul 2022 21:20:17 +0200 Subject: [PATCH 15/38] latest draft --- utilities/tools/Set-ModuleReadMe.ps1 | 32 +++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index c503f3f690..88e5a271a7 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -446,6 +446,8 @@ function Set-DeploymentExamplesSection { $orderedJSONParameters = @{} } + ## TODO: Add comment 'Required parameters' vs 'Non-required parameters' + $templateParameterObject = $orderedJSONParameters | ConvertTo-Json -Depth 99 if ($templateParameterObject -ne '{}') { $contentInBicepFormat = $templateParameterObject -replace '"', "'" # Update any [xyz: "xyz"] to [xyz: 'xyz'] @@ -494,6 +496,30 @@ function Set-DeploymentExamplesSection { $orderedJSONParameters = '' } + $jsonExample = ([ordered]@{ + '$schema' = 'https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#' + contentVersion = '1.0.0.0' + parameters = (-not [String]::IsNullOrEmpty($orderedJSONParameters)) ? $orderedJSONParameters : @{} + } | ConvertTo-Json -Depth 99) + + ## TODO: Add comment 'Required parameters' vs 'Non-required parameters' + if ($requiredParameterNames -is [string]) { + $requiredParameterNames = @($requiredParameterNames) + } + if ($requiredParameterNames.Count -ge 1 && $orderedJSONParameters.Count -ge 2) { + # If we have at least one required and one other parameter we want to add a comment + $parameterToSplitAt = $requiredParameterNames[-1] + + + $jsonExampleArray = $jsonExample -split '\n' + $parameterStartIndex = $jsonExampleArray | Select-String '.*"parameters": \{.*' | ForEach-Object { $_.LineNumber - 1 } + $requiredParameterStartIndex = $jsonExampleArray | Select-String ".*`"$parameterToSplitAt`": \{.*" | ForEach-Object { $_.LineNumber - 1 } + $requiredParameterEndIndex = 0 # TODO: Search + + $jsonExampleArray = $jsonExampleArray[0..$parameterStartIndex] + ' // Required parameters' + $jsonExampleArray[(($parameterStartIndex + 1) .. ($jsonExampleArray.Count))] + $jsonExampleArray = $jsonExampleArray[0..$requiredParameterEndIndex] + ' // Non-required parameters' + $jsonExampleArray[(($requiredParameterEndIndex + 1) .. ($jsonExampleArray.Count))] + } + $SectionContent += @( '', '
', @@ -501,11 +527,7 @@ function Set-DeploymentExamplesSection { 'via JSON Parameter file', '', '```json', - ([ordered]@{ - '$schema' = 'https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#' - contentVersion = '1.0.0.0' - parameters = (-not [String]::IsNullOrEmpty($orderedJSONParameters)) ? $orderedJSONParameters : @{} - } | ConvertTo-Json -Depth 99), + $jsonExample, '```', '', '
' From 54b55b8e812c13b15e32189fa257acb0ea1bcb64 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 05:19:27 +0200 Subject: [PATCH 16/38] Updated set readme script with comments --- .../servers/readme.md | 8 +++ utilities/tools/Set-ModuleReadMe.ps1 | 71 +++++++++++-------- 2 files changed, 49 insertions(+), 30 deletions(-) diff --git a/modules/Microsoft.AnalysisServices/servers/readme.md b/modules/Microsoft.AnalysisServices/servers/readme.md index 3ccc2c1781..1bdafb8be2 100644 --- a/modules/Microsoft.AnalysisServices/servers/readme.md +++ b/modules/Microsoft.AnalysisServices/servers/readme.md @@ -169,7 +169,9 @@ Below is a collection of examples of how this module can be used. These examples module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-servers' params: { + // Required parameters name: '<>azasweumax001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogCategoriesToEnable: [ @@ -219,9 +221,11 @@ module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>azasweumax001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, @@ -333,7 +337,9 @@ module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-servers' params: { + // Required parameters name: '<>azasweux001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -365,9 +371,11 @@ module servers './Microsoft.AnalysisServices/servers/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>azasweux001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 88e5a271a7..7415e74c62 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -356,7 +356,10 @@ function Set-DeploymentExamplesSection { . (Join-Path $PSScriptRoot 'helper' 'ConvertTo-OrderedHashtable.ps1') # Process content - $SectionContent = [System.Collections.ArrayList]@() + $SectionContent = [System.Collections.ArrayList]@( + 'Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order.', + '' + ) $moduleRoot = Split-Path $TemplateFilePath -Parent $resourceTypeIdentifier = $moduleRoot.Replace('\', '/').Split('/modules/')[1].TrimStart('/') @@ -446,8 +449,6 @@ function Set-DeploymentExamplesSection { $orderedJSONParameters = @{} } - ## TODO: Add comment 'Required parameters' vs 'Non-required parameters' - $templateParameterObject = $orderedJSONParameters | ConvertTo-Json -Depth 99 if ($templateParameterObject -ne '{}') { $contentInBicepFormat = $templateParameterObject -replace '"', "'" # Update any [xyz: "xyz"] to [xyz: 'xyz'] @@ -459,6 +460,30 @@ function Set-DeploymentExamplesSection { $bicepParamsArray = $bicepParamsArray[1..($bicepParamsArray.count - 2)] } + # Format params with indent + $bicepExample = $bicepParamsArray | ForEach-Object { " $_" } + + # Optional: Add comment where required & optional parameters start + if ($requiredParameterNames -is [string]) { + $requiredParameterNames = @($requiredParameterNames) + } + if ($requiredParameterNames.Count -ge 1 -and $orderedJSONParameters.Keys.Count -ge 2) { + # If we have at least one required and one other parameter we want to add a comment + $parameterToSplitAt = $requiredParameterNames[-1] + + $bicepExampleArray = $bicepExample -split '\n' + + $requiredParameterIndent = ([regex]::Match($bicepExampleArray[0], '^(\s+).*')).Captures.Groups[1].Value.Length + + # Search in rest of array for the next closing bracket with the same indent - and then add the initial index count back in (+1 for the first added comment) + $requiredParameterEndIndex = ($bicepExampleArray[0..($bicepExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}" | ForEach-Object { $_.LineNumber - 1 })[0] + 1 + + $bicepExampleArray = @('{0}// Required parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(0 .. ($bicepExampleArray.Count))] + $bicepExampleArray = $bicepExampleArray[0..$requiredParameterEndIndex] + ('{0}// Non-required parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(($requiredParameterEndIndex + 1) .. ($bicepExampleArray.Count))] + + $bicepExample = $bicepExampleArray | Out-String + } + $SectionContent += @( '', '
' @@ -470,7 +495,7 @@ function Set-DeploymentExamplesSection { "module $resourceType './$resourceTypeIdentifier/deploy.bicep' = {" " name: '`${uniqueString(deployment().name)}-$resourceType'" ' params: {' - ($bicepParamsArray | ForEach-Object { " $_" }).TrimEnd(), + $bicepExample.TrimEnd(), ' }' '}' '```', @@ -502,22 +527,27 @@ function Set-DeploymentExamplesSection { parameters = (-not [String]::IsNullOrEmpty($orderedJSONParameters)) ? $orderedJSONParameters : @{} } | ConvertTo-Json -Depth 99) - ## TODO: Add comment 'Required parameters' vs 'Non-required parameters' + # Optional: Add comment where required & optional parameters start if ($requiredParameterNames -is [string]) { $requiredParameterNames = @($requiredParameterNames) } - if ($requiredParameterNames.Count -ge 1 && $orderedJSONParameters.Count -ge 2) { + if ($requiredParameterNames.Count -ge 1 -and $orderedJSONParameters.Keys.Count -ge 2) { # If we have at least one required and one other parameter we want to add a comment $parameterToSplitAt = $requiredParameterNames[-1] - $jsonExampleArray = $jsonExample -split '\n' $parameterStartIndex = $jsonExampleArray | Select-String '.*"parameters": \{.*' | ForEach-Object { $_.LineNumber - 1 } $requiredParameterStartIndex = $jsonExampleArray | Select-String ".*`"$parameterToSplitAt`": \{.*" | ForEach-Object { $_.LineNumber - 1 } - $requiredParameterEndIndex = 0 # TODO: Search - $jsonExampleArray = $jsonExampleArray[0..$parameterStartIndex] + ' // Required parameters' + $jsonExampleArray[(($parameterStartIndex + 1) .. ($jsonExampleArray.Count))] - $jsonExampleArray = $jsonExampleArray[0..$requiredParameterEndIndex] + ' // Non-required parameters' + $jsonExampleArray[(($requiredParameterEndIndex + 1) .. ($jsonExampleArray.Count))] + $requiredParameterIndent = ([regex]::Match($jsonExampleArray[$requiredParameterStartIndex], '^(\s+).*')).Captures.Groups[1].Value.Length + + # Search in rest of array for the next closing bracket with the same indent - and then add the initial index count back in (+1 for the first added comment) + $requiredParameterEndIndex = ($jsonExampleArray[$requiredParameterStartIndex..($jsonExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}\}" | ForEach-Object { $_.LineNumber - 1 })[0] + $requiredParameterStartIndex + 1 + + $jsonExampleArray = $jsonExampleArray[0..$parameterStartIndex] + ('{0}// Required parameters' -f (' ' * $requiredParameterIndent)) + $jsonExampleArray[(($parameterStartIndex + 1) .. ($jsonExampleArray.Count))] + $jsonExampleArray = $jsonExampleArray[0..$requiredParameterEndIndex] + ('{0}// Non-required parameters' -f (' ' * $requiredParameterIndent)) + $jsonExampleArray[(($requiredParameterEndIndex + 1) .. ($jsonExampleArray.Count))] + + $jsonExample = $jsonExampleArray | Out-String } $SectionContent += @( @@ -527,31 +557,12 @@ function Set-DeploymentExamplesSection { 'via JSON Parameter file', '', '```json', - $jsonExample, + $jsonExample.TrimEnd(), '```', '', '
' '

' ) - # $SectionContent += @( - # '', - # '

', - # '', - # 'via JSON Parameter file', - # '', - # '```json', - # '{', - # ' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",', - # ' "contentVersion": "1.0.0.0",' - # ' "parameters": {' - # (-not [String]::IsNullOrEmpty($orderedJSONParameters)) ? ((($orderedJSONParameters | ConvertTo-Json -Depth 99) -split '\n') | ForEach-Object { " $_" }).TrimEnd() : '', - # ' }', - # '}', - # '```', - # '', - # '
' - # '

' - # ) } $SectionContent += @( From e41881475b69f8ca3b95bec4fc49879a4e62f2d9 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 05:23:35 +0200 Subject: [PATCH 17/38] Updated additional readme --- .../Microsoft.AAD/DomainServices/readme.md | 4 ++++ .../Microsoft.ApiManagement/service/readme.md | 12 +++++++++++ .../configurationStores/readme.md | 4 ++++ .../Microsoft.Authorization/locks/readme.md | 4 ++++ .../policyAssignments/readme.md | 21 +++++++++++++++++++ .../policyDefinitions/readme.md | 12 +++++++++++ 6 files changed, 57 insertions(+) diff --git a/modules/Microsoft.AAD/DomainServices/readme.md b/modules/Microsoft.AAD/DomainServices/readme.md index 53d42f9c95..e6c4fa3e62 100644 --- a/modules/Microsoft.AAD/DomainServices/readme.md +++ b/modules/Microsoft.AAD/DomainServices/readme.md @@ -224,7 +224,9 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module DomainServices './Microsoft.AAD/DomainServices/deploy.bicep' = { name: '${uniqueString(deployment().name)}-DomainServices' params: { + // Required parameters domainName: '<>.onmicrosoft.com' + // Non-required parameters additionalRecipients: [ '<>@noreply.github.com' ] @@ -258,9 +260,11 @@ module DomainServices './Microsoft.AAD/DomainServices/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "domainName": { "value": "<>.onmicrosoft.com" }, + // Non-required parameters "additionalRecipients": { "value": [ "<>@noreply.github.com" diff --git a/modules/Microsoft.ApiManagement/service/readme.md b/modules/Microsoft.ApiManagement/service/readme.md index 72d07af45d..93dec8374e 100644 --- a/modules/Microsoft.ApiManagement/service/readme.md +++ b/modules/Microsoft.ApiManagement/service/readme.md @@ -280,7 +280,9 @@ Below is a collection of examples of how this module can be used. These examples module service './Microsoft.ApiManagement/service/deploy.bicep' = { name: '${uniqueString(deployment().name)}-service' params: { + // Required parameters name: '<>-az-apim-max-001' + // Non-required parameters publisherEmail: 'apimgmt-noreply@mail.windowsazure.com' publisherName: '<>-az-amorg-x-001' apis: [ @@ -423,9 +425,11 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-apim-max-001" }, + // Non-required parameters "publisherEmail": { "value": "apimgmt-noreply@mail.windowsazure.com" }, @@ -611,7 +615,9 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { module service './Microsoft.ApiManagement/service/deploy.bicep' = { name: '${uniqueString(deployment().name)}-service' params: { + // Required parameters name: '<>-az-apim-min-001' + // Non-required parameters publisherEmail: 'apimgmt-noreply@mail.windowsazure.com' publisherName: '<>-az-amorg-x-001' } @@ -630,9 +636,11 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-apim-min-001" }, + // Non-required parameters "publisherEmail": { "value": "apimgmt-noreply@mail.windowsazure.com" }, @@ -656,7 +664,9 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { module service './Microsoft.ApiManagement/service/deploy.bicep' = { name: '${uniqueString(deployment().name)}-service' params: { + // Required parameters name: '<>-az-apim-x-001' + // Non-required parameters publisherEmail: 'apimgmt-noreply@mail.windowsazure.com' publisherName: '<>-az-amorg-x-001' lock: 'CanNotDelete' @@ -708,9 +718,11 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-apim-x-001" }, + // Non-required parameters "publisherEmail": { "value": "apimgmt-noreply@mail.windowsazure.com" }, diff --git a/modules/Microsoft.AppConfiguration/configurationStores/readme.md b/modules/Microsoft.AppConfiguration/configurationStores/readme.md index df730c9350..57b21f160f 100644 --- a/modules/Microsoft.AppConfiguration/configurationStores/readme.md +++ b/modules/Microsoft.AppConfiguration/configurationStores/readme.md @@ -329,7 +329,9 @@ module configurationStores './Microsoft.AppConfiguration/configurationStores/dep module configurationStores './Microsoft.AppConfiguration/configurationStores/deploy.bicep' = { name: '${uniqueString(deployment().name)}-configurationStores' params: { + // Required parameters name: '<>-az-appcs-x-001' + // Non-required parameters createMode: 'Default' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' @@ -387,9 +389,11 @@ module configurationStores './Microsoft.AppConfiguration/configurationStores/dep "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-appcs-x-001" }, + // Non-required parameters "createMode": { "value": "Default" }, diff --git a/modules/Microsoft.Authorization/locks/readme.md b/modules/Microsoft.Authorization/locks/readme.md index 5ef54c2a28..5cfbc79146 100644 --- a/modules/Microsoft.Authorization/locks/readme.md +++ b/modules/Microsoft.Authorization/locks/readme.md @@ -54,7 +54,9 @@ Below is a collection of examples of how this module can be used. These examples module locks './Microsoft.Authorization/locks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-locks' params: { + // Required parameters level: 'CanNotDelete' + // Non-required parameters resourceGroupName: 'adp-<>-az-locks-rg-001' subscriptionId: '<>' } @@ -73,9 +75,11 @@ module locks './Microsoft.Authorization/locks/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "level": { "value": "CanNotDelete" }, + // Non-required parameters "resourceGroupName": { "value": "adp-<>-az-locks-rg-001" }, diff --git a/modules/Microsoft.Authorization/policyAssignments/readme.md b/modules/Microsoft.Authorization/policyAssignments/readme.md index 6c147e6db9..0bded4f55c 100644 --- a/modules/Microsoft.Authorization/policyAssignments/readme.md +++ b/modules/Microsoft.Authorization/policyAssignments/readme.md @@ -180,7 +180,9 @@ Below is a collection of examples of how this module can be used. These examples module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyAssignments' params: { + // Required parameters name: '<>-min-mg-polAss' + // Non-required parameters policyDefinitionID: '/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d' } } @@ -198,12 +200,14 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-min-mg-polAss" }, "policyDefinitionID": { "value": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d" } + // Non-required parameters } } ``` @@ -221,7 +225,9 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyAssignments' params: { + // Required parameters name: '<>-mg-polAss' + // Non-required parameters policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26' description: '[Description] Policy Assignment at the management group scope' displayName: '[Display Name] Policy Assignment at the management group scope' @@ -271,6 +277,7 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "value": "/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26" }, "description": { + // Non-required parameters "value": "[Description] Policy Assignment at the management group scope" }, "displayName": { @@ -334,7 +341,9 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyAssignments' params: { + // Required parameters name: '<>-min-rg-polAss' + // Non-required parameters policyDefinitionID: '/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d' resourceGroupName: 'validation-rg' subscriptionId: '<>' @@ -354,12 +363,14 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-min-rg-polAss" }, "policyDefinitionID": { "value": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d" }, + // Non-required parameters "resourceGroupName": { "value": "validation-rg" }, @@ -383,7 +394,9 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyAssignments' params: { + // Required parameters name: '<>-rg-polAss' + // Non-required parameters policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26' description: '[Description] Policy Assignment at the resource group scope' displayName: '[Display Name] Policy Assignment at the resource group scope' @@ -435,6 +448,7 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "value": "/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26" }, "description": { + // Non-required parameters "value": "[Description] Policy Assignment at the resource group scope" }, "displayName": { @@ -504,7 +518,9 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyAssignments' params: { + // Required parameters name: '<>-min-sub-polAss' + // Non-required parameters policyDefinitionID: '/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d' subscriptionId: '<>' } @@ -523,12 +539,14 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-min-sub-polAss" }, "policyDefinitionID": { "value": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d" }, + // Non-required parameters "subscriptionId": { "value": "<>" } @@ -549,7 +567,9 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyAssignments' params: { + // Required parameters name: '<>-sub-polAss' + // Non-required parameters policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26' description: '[Description] Policy Assignment at the subscription scope' displayName: '[Display Name] Policy Assignment at the subscription scope' @@ -600,6 +620,7 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "value": "/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26" }, "description": { + // Non-required parameters "value": "[Description] Policy Assignment at the subscription scope" }, "displayName": { diff --git a/modules/Microsoft.Authorization/policyDefinitions/readme.md b/modules/Microsoft.Authorization/policyDefinitions/readme.md index 5cc642ac6a..25f481dded 100644 --- a/modules/Microsoft.Authorization/policyDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policyDefinitions/readme.md @@ -138,7 +138,9 @@ Below is a collection of examples of how this module can be used. These examples module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyDefinitions' params: { + // Required parameters name: '<>-mg-min-policyDef' + // Non-required parameters policyRule: { if: { allOf: [ @@ -196,6 +198,7 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic } }, "parameters": { + // Non-required parameters "value": { "effect": { "allowedValues": [ @@ -223,7 +226,9 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyDefinitions' params: { + // Required parameters name: '<>-mg-policyDef' + // Non-required parameters policyRule: { if: { allOf: [ @@ -326,6 +331,7 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic } }, "description": { + // Non-required parameters "value": "[Description] This policy definition is deployed at the management group scope" }, "displayName": { @@ -374,7 +380,9 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyDefinitions' params: { + // Required parameters name: '<>-sub-min-policyDef' + // Non-required parameters policyRule: { if: { allOf: [ @@ -433,6 +441,7 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic } }, "parameters": { + // Non-required parameters "value": { "effect": { "allowedValues": [ @@ -463,7 +472,9 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyDefinitions' params: { + // Required parameters name: '<>-sub-policyDef' + // Non-required parameters policyRule: { if: { allOf: [ @@ -566,6 +577,7 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic } }, "description": { + // Non-required parameters "value": "[Description] This policy definition is deployed at subscription scope" }, "displayName": { From 9b9ce7878fc7c96cf7232a5c8cf6a8ecbd3d5964 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 05:33:41 +0200 Subject: [PATCH 18/38] Robustness update --- .../policyAssignments/readme.md | 15 +++++++----- .../roleAssignments/readme.md | 24 +++++++++++++++++++ utilities/tools/Set-ModuleReadMe.ps1 | 4 ++-- 3 files changed, 35 insertions(+), 8 deletions(-) diff --git a/modules/Microsoft.Authorization/policyAssignments/readme.md b/modules/Microsoft.Authorization/policyAssignments/readme.md index 0bded4f55c..02e909cda9 100644 --- a/modules/Microsoft.Authorization/policyAssignments/readme.md +++ b/modules/Microsoft.Authorization/policyAssignments/readme.md @@ -204,10 +204,10 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "name": { "value": "<>-min-mg-polAss" }, + // Non-required parameters "policyDefinitionID": { "value": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d" } - // Non-required parameters } } ``` @@ -270,14 +270,15 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-mg-polAss" }, + // Non-required parameters "policyDefinitionId": { "value": "/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26" }, "description": { - // Non-required parameters "value": "[Description] Policy Assignment at the management group scope" }, "displayName": { @@ -367,10 +368,10 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "name": { "value": "<>-min-rg-polAss" }, + // Non-required parameters "policyDefinitionID": { "value": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d" }, - // Non-required parameters "resourceGroupName": { "value": "validation-rg" }, @@ -441,14 +442,15 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-rg-polAss" }, + // Non-required parameters "policyDefinitionId": { "value": "/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26" }, "description": { - // Non-required parameters "value": "[Description] Policy Assignment at the resource group scope" }, "displayName": { @@ -543,10 +545,10 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "name": { "value": "<>-min-sub-polAss" }, + // Non-required parameters "policyDefinitionID": { "value": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d" }, - // Non-required parameters "subscriptionId": { "value": "<>" } @@ -613,14 +615,15 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-sub-polAss" }, + // Non-required parameters "policyDefinitionId": { "value": "/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26" }, "description": { - // Non-required parameters "value": "[Description] Policy Assignment at the subscription scope" }, "displayName": { diff --git a/modules/Microsoft.Authorization/roleAssignments/readme.md b/modules/Microsoft.Authorization/roleAssignments/readme.md index 0d022a44a9..9b9d1e9df8 100644 --- a/modules/Microsoft.Authorization/roleAssignments/readme.md +++ b/modules/Microsoft.Authorization/roleAssignments/readme.md @@ -179,7 +179,9 @@ Below is a collection of examples of how this module can be used. These examples module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { + // Required parameters principalId: '<>' + // Non-required parameters roleDefinitionIdOrName: 'Storage Queue Data Reader' } } @@ -197,9 +199,11 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "principalId": { "value": "<>" }, + // Non-required parameters "roleDefinitionIdOrName": { "value": "Storage Queue Data Reader" } @@ -220,7 +224,9 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { + // Required parameters principalId: '<>' + // Non-required parameters roleDefinitionIdOrName: 'Backup Reader' description: 'Role Assignment (management group scope)' managementGroupId: '<>' @@ -241,9 +247,11 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "principalId": { "value": "<>" }, + // Non-required parameters "roleDefinitionIdOrName": { "value": "Backup Reader" }, @@ -273,7 +281,9 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { + // Required parameters principalId: '<>' + // Non-required parameters roleDefinitionIdOrName: 'Storage Queue Data Reader' resourceGroupName: '<>' subscriptionId: '<>' @@ -293,9 +303,11 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "principalId": { "value": "<>" }, + // Non-required parameters "roleDefinitionIdOrName": { "value": "Storage Queue Data Reader" }, @@ -322,7 +334,9 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { + // Required parameters principalId: '<>' + // Non-required parameters roleDefinitionIdOrName: 'Backup Reader' description: 'Role Assignment (resource group scope)' principalType: 'ServicePrincipal' @@ -344,9 +358,11 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "principalId": { "value": "<>" }, + // Non-required parameters "roleDefinitionIdOrName": { "value": "Backup Reader" }, @@ -379,7 +395,9 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { + // Required parameters principalId: '<>' + // Non-required parameters roleDefinitionIdOrName: 'Storage Queue Data Reader' subscriptionId: '<>' } @@ -398,9 +416,11 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "principalId": { "value": "<>" }, + // Non-required parameters "roleDefinitionIdOrName": { "value": "Storage Queue Data Reader" }, @@ -424,7 +444,9 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleAssignments' params: { + // Required parameters principalId: '<>' + // Non-required parameters roleDefinitionIdOrName: 'Backup Reader' description: 'Role Assignment (subscription scope)' principalType: 'ServicePrincipal' @@ -445,9 +467,11 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "principalId": { "value": "<>" }, + // Non-required parameters "roleDefinitionIdOrName": { "value": "Backup Reader" }, diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 7415e74c62..85b263d26c 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -536,8 +536,8 @@ function Set-DeploymentExamplesSection { $parameterToSplitAt = $requiredParameterNames[-1] $jsonExampleArray = $jsonExample -split '\n' - $parameterStartIndex = $jsonExampleArray | Select-String '.*"parameters": \{.*' | ForEach-Object { $_.LineNumber - 1 } - $requiredParameterStartIndex = $jsonExampleArray | Select-String ".*`"$parameterToSplitAt`": \{.*" | ForEach-Object { $_.LineNumber - 1 } + $parameterStartIndex = ($jsonExampleArray | Select-String '.*"parameters": \{.*' | ForEach-Object { $_.LineNumber - 1 })[0] + $requiredParameterStartIndex = ($jsonExampleArray | Select-String ".*`"$parameterToSplitAt`": \{.*" | ForEach-Object { $_.LineNumber - 1 })[0] $requiredParameterIndent = ([regex]::Match($jsonExampleArray[$requiredParameterStartIndex], '^(\s+).*')).Captures.Groups[1].Value.Length From 4cee1f43c519acd6c01f4a41938c8a65bc4f67d8 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 05:47:30 +0200 Subject: [PATCH 19/38] Updated readmes --- .../Microsoft.AAD/DomainServices/deploy.bicep | 2 +- .../Microsoft.AAD/DomainServices/readme.md | 2 +- .../policyAssignments/deploy.bicep | 2 +- .../managementGroup/deploy.bicep | 2 +- .../policyAssignments/readme.md | 2 +- .../resourceGroup/deploy.bicep | 2 +- .../subscription/deploy.bicep | 2 +- .../policyDefinitions/readme.md | 12 ++++++---- .../policyExemptions/readme.md | 24 +++++++++++++++++++ .../policySetDefinitions/readme.md | 16 +++++++++++++ .../roleDefinitions/readme.md | 24 +++++++++++++++++++ .../automationAccounts/readme.md | 8 +++++++ .../Microsoft.Batch/batchAccounts/readme.md | 12 ++++++++++ .../accounts/readme.md | 16 +++++++++++++ .../availabilitySets/readme.md | 4 ++++ .../diskEncryptionSets/readme.md | 4 ++++ modules/Microsoft.Compute/disks/readme.md | 16 +++++++++++++ modules/Microsoft.Compute/galleries/readme.md | 8 +++++++ modules/Microsoft.Compute/images/readme.md | 4 ++++ .../virtualMachineScaleSets/readme.md | 16 +++++++++++++ .../virtualMachines/readme.md | 24 +++++++++++++++++++ .../Microsoft.Consumption/budgets/readme.md | 4 ++++ .../containerGroups/readme.md | 4 ++++ .../registries/readme.md | 8 +++++++ .../managedClusters/readme.md | 8 +++++++ .../Microsoft.DataFactory/factories/readme.md | 4 ++++ .../backupVaults/readme.md | 4 ++++ .../Microsoft.Databricks/workspaces/readme.md | 4 ++++ .../applicationgroups/readme.md | 8 +++++++ .../hostpools/readme.md | 4 ++++ .../workspaces/readme.md | 4 ++++ .../databaseAccounts/readme.md | 16 +++++++++++++ .../systemTopics/readme.md | 8 +++++++ modules/Microsoft.EventGrid/topics/readme.md | 4 ++++ .../Microsoft.HealthBot/healthBots/readme.md | 4 ++++ .../Microsoft.Insights/actionGroups/readme.md | 4 ++++ .../activityLogAlerts/readme.md | 4 ++++ .../Microsoft.Insights/components/readme.md | 4 ++++ .../Microsoft.Insights/metricAlerts/readme.md | 4 ++++ .../privateLinkScopes/readme.md | 4 ++++ .../scheduledQueryRules/readme.md | 4 ++++ .../extensions/readme.md | 8 +++++++ .../fluxConfigurations/readme.md | 8 +++++++ modules/Microsoft.Logic/workflows/readme.md | 4 ++++ .../workspaces/readme.md | 12 ++++++++++ .../registrationDefinitions/readme.md | 8 +++++++ .../managementGroups/readme.md | 4 ++++ .../Microsoft.NetApp/netAppAccounts/readme.md | 8 +++++++ .../applicationGateways/readme.md | 4 ++++ .../applicationSecurityGroups/readme.md | 4 ++++ .../azureFirewalls/readme.md | 16 +++++++++++++ .../Microsoft.Network/bastionHosts/readme.md | 16 +++++++++++++ .../Microsoft.Network/connections/readme.md | 4 ++++ .../expressRouteCircuits/readme.md | 4 ++++ .../firewallPolicies/readme.md | 4 ++++ .../Microsoft.Network/frontDoors/readme.md | 4 ++++ modules/Microsoft.Network/ipGroups/readme.md | 4 ++++ .../Microsoft.Network/loadBalancers/readme.md | 14 ++++++++++- .../localNetworkGateways/readme.md | 4 ++++ .../Microsoft.Network/natGateways/readme.md | 4 ++++ .../networkInterfaces/readme.md | 8 +++++++ .../networkSecurityGroups/readme.md | 4 ++++ .../privateDnsZones/readme.md | 4 ++++ .../privateEndpoints/readme.md | 8 +++++++ .../publicIPAddresses/readme.md | 4 ++++ .../publicIPPrefixes/readme.md | 4 ++++ .../Microsoft.Network/routeTables/readme.md | 4 ++++ .../trafficmanagerprofiles/readme.md | 4 ++++ .../Microsoft.Network/virtualHubs/readme.md | 8 +++++++ .../virtualNetworkGateways/readme.md | 8 +++++++ .../virtualNetworks/readme.md | 12 ++++++++++ .../Microsoft.Network/virtualWans/readme.md | 4 ++++ .../Microsoft.Network/vpnGateways/readme.md | 8 +++++++ modules/Microsoft.Network/vpnSites/readme.md | 10 +++++++- .../workspaces/readme.md | 4 ++++ .../solutions/readme.md | 12 ++++++++++ .../vaults/readme.md | 8 +++++++ .../deploymentScripts/readme.md | 8 +++++++ .../resourceGroups/readme.md | 4 ++++ .../azureSecurityCenter/readme.md | 4 ++++ .../clusters/readme.md | 12 ++++++++++ modules/Microsoft.Sql/servers/readme.md | 8 +++++++ .../privateLinkHubs/readme.md | 4 ++++ .../imageTemplates/readme.md | 4 ++++ modules/Microsoft.Web/connections/readme.md | 4 ++++ .../hostingEnvironments/readme.md | 8 +++++++ modules/Microsoft.Web/serverfarms/readme.md | 4 ++++ modules/Microsoft.Web/sites/readme.md | 18 +++++++++++++- modules/Microsoft.Web/staticSites/readme.md | 4 ++++ 89 files changed, 626 insertions(+), 14 deletions(-) diff --git a/modules/Microsoft.AAD/DomainServices/deploy.bicep b/modules/Microsoft.AAD/DomainServices/deploy.bicep index 4ebf3faacb..6dd0d3441b 100644 --- a/modules/Microsoft.AAD/DomainServices/deploy.bicep +++ b/modules/Microsoft.AAD/DomainServices/deploy.bicep @@ -35,7 +35,7 @@ param additionalRecipients array = [] ]) param domainConfigurationType string = 'FullySynced' -@description('Optional. The value is to synchronise scoped users and groups.') +@description('Optional. The value is to synchronize scoped users and groups.') param filteredSync string = 'Enabled' @description('Optional. The value is to enable clients making request using TLSv1.') diff --git a/modules/Microsoft.AAD/DomainServices/readme.md b/modules/Microsoft.AAD/DomainServices/readme.md index e6c4fa3e62..19a09a95e6 100644 --- a/modules/Microsoft.AAD/DomainServices/readme.md +++ b/modules/Microsoft.AAD/DomainServices/readme.md @@ -44,7 +44,7 @@ This template deploys Azure Active Directory Domain Services (AADDS). | `domainConfigurationType` | string | `'FullySynced'` | `[FullySynced, ResourceTrusting]` | The value is to provide domain configuration type. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via the Customer Usage Attribution ID (GUID). | | `externalAccess` | string | `'Enabled'` | `[Enabled, Disabled]` | The value is to enable the Secure LDAP for external services of Azure ADDS Services. | -| `filteredSync` | string | `'Enabled'` | | The value is to synchronise scoped users and groups. | +| `filteredSync` | string | `'Enabled'` | | The value is to synchronize scoped users and groups. | | `kerberosArmoring` | string | `'Enabled'` | `[Enabled, Disabled]` | The value is to enable to provide a protected channel between the Kerberos client and the KDC. | | `kerberosRc4Encryption` | string | `'Enabled'` | `[Enabled, Disabled]` | The value is to enable Kerberos requests that use RC4 encryption. | | `ldaps` | string | `'Enabled'` | `[Enabled, Disabled]` | A flag to determine whether or not Secure LDAP is enabled or disabled. | diff --git a/modules/Microsoft.Authorization/policyAssignments/deploy.bicep b/modules/Microsoft.Authorization/policyAssignments/deploy.bicep index 764383db90..9ea9d430cd 100644 --- a/modules/Microsoft.Authorization/policyAssignments/deploy.bicep +++ b/modules/Microsoft.Authorization/policyAssignments/deploy.bicep @@ -27,7 +27,7 @@ param identity string = 'SystemAssigned' @sys.description('Optional. The Resource ID for the user assigned identity to assign to the policy assignment.') param userAssignedIdentityId string = '' -@sys.description('Required. The IDs Of the Azure Role Definition list that is used to assign permissions to the identity. You need to provide either the fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.. See https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles for the list IDs for built-in Roles. They must match on what is on the policy definition.') +@sys.description('Optional. The IDs Of the Azure Role Definition list that is used to assign permissions to the identity. You need to provide either the fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.. See https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles for the list IDs for built-in Roles. They must match on what is on the policy definition.') param roleDefinitionIds array = [] @sys.description('Optional. The policy assignment metadata. Metadata is an open ended object and is typically a collection of key-value pairs.') diff --git a/modules/Microsoft.Authorization/policyAssignments/managementGroup/deploy.bicep b/modules/Microsoft.Authorization/policyAssignments/managementGroup/deploy.bicep index 70c6e10a0d..4893de5875 100644 --- a/modules/Microsoft.Authorization/policyAssignments/managementGroup/deploy.bicep +++ b/modules/Microsoft.Authorization/policyAssignments/managementGroup/deploy.bicep @@ -28,7 +28,7 @@ param identity string = 'SystemAssigned' @sys.description('Optional. The Resource ID for the user assigned identity to assign to the policy assignment.') param userAssignedIdentityId string = '' -@sys.description('Required. The IDs Of the Azure Role Definition list that is used to assign permissions to the identity. You need to provide either the fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.. See https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles for the list IDs for built-in Roles. They must match on what is on the policy definition.') +@sys.description('Optional. The IDs Of the Azure Role Definition list that is used to assign permissions to the identity. You need to provide either the fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.. See https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles for the list IDs for built-in Roles. They must match on what is on the policy definition.') param roleDefinitionIds array = [] @sys.description('Optional. The policy assignment metadata. Metadata is an open ended object and is typically a collection of key-value pairs.') diff --git a/modules/Microsoft.Authorization/policyAssignments/readme.md b/modules/Microsoft.Authorization/policyAssignments/readme.md index 02e909cda9..41aa6f4794 100644 --- a/modules/Microsoft.Authorization/policyAssignments/readme.md +++ b/modules/Microsoft.Authorization/policyAssignments/readme.md @@ -24,7 +24,6 @@ With this module you can perform policy assignments across the management group, | :-- | :-- | :-- | | `name` | string | Specifies the name of the policy assignment. Maximum length is 24 characters for management group scope, 64 characters for subscription and resource group scopes. | | `policyDefinitionId` | string | Specifies the ID of the policy definition or policy set definition being assigned. | -| `roleDefinitionIds` | array | The IDs Of the Azure Role Definition list that is used to assign permissions to the identity. You need to provide either the fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'.. See https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles for the list IDs for built-in Roles. They must match on what is on the policy definition. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | @@ -41,6 +40,7 @@ With this module you can perform policy assignments across the management group, | `notScopes` | array | `[]` | | The policy excluded scopes. | | `parameters` | object | `{object}` | | Parameters for the policy assignment if needed. | | `resourceGroupName` | string | `''` | | The Target Scope for the Policy. The name of the resource group for the policy assignment. | +| `roleDefinitionIds` | array | `[]` | | The IDs Of the Azure Role Definition list that is used to assign permissions to the identity. You need to provide either the fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'.. See https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles for the list IDs for built-in Roles. They must match on what is on the policy definition. | | `subscriptionId` | string | `''` | | The Target Scope for the Policy. The subscription ID of the subscription for the policy assignment. | | `userAssignedIdentityId` | string | `''` | | The Resource ID for the user assigned identity to assign to the policy assignment. | diff --git a/modules/Microsoft.Authorization/policyAssignments/resourceGroup/deploy.bicep b/modules/Microsoft.Authorization/policyAssignments/resourceGroup/deploy.bicep index 0b7c233715..250d2ce79d 100644 --- a/modules/Microsoft.Authorization/policyAssignments/resourceGroup/deploy.bicep +++ b/modules/Microsoft.Authorization/policyAssignments/resourceGroup/deploy.bicep @@ -28,7 +28,7 @@ param identity string = 'SystemAssigned' @sys.description('Optional. The Resource ID for the user assigned identity to assign to the policy assignment.') param userAssignedIdentityId string = '' -@sys.description('Required. The IDs Of the Azure Role Definition list that is used to assign permissions to the identity. You need to provide either the fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.. See https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles for the list IDs for built-in Roles. They must match on what is on the policy definition.') +@sys.description('Optional. The IDs Of the Azure Role Definition list that is used to assign permissions to the identity. You need to provide either the fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.. See https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles for the list IDs for built-in Roles. They must match on what is on the policy definition.') param roleDefinitionIds array = [] @sys.description('Optional. The policy assignment metadata. Metadata is an open ended object and is typically a collection of key-value pairs.') diff --git a/modules/Microsoft.Authorization/policyAssignments/subscription/deploy.bicep b/modules/Microsoft.Authorization/policyAssignments/subscription/deploy.bicep index 8d5bfe0b39..7b4323125a 100644 --- a/modules/Microsoft.Authorization/policyAssignments/subscription/deploy.bicep +++ b/modules/Microsoft.Authorization/policyAssignments/subscription/deploy.bicep @@ -28,7 +28,7 @@ param identity string = 'SystemAssigned' @sys.description('Optional. The Resource ID for the user assigned identity to assign to the policy assignment.') param userAssignedIdentityId string = '' -@sys.description('Required. The IDs Of the Azure Role Definition list that is used to assign permissions to the identity. You need to provide either the fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.. See https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles for the list IDs for built-in Roles. They must match on what is on the policy definition.') +@sys.description('Optional. The IDs Of the Azure Role Definition list that is used to assign permissions to the identity. You need to provide either the fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.. See https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles for the list IDs for built-in Roles. They must match on what is on the policy definition.') param roleDefinitionIds array = [] @sys.description('Optional. The policy assignment metadata. Metadata is an open ended object and is typically a collection of key-value pairs.') diff --git a/modules/Microsoft.Authorization/policyDefinitions/readme.md b/modules/Microsoft.Authorization/policyDefinitions/readme.md index 25f481dded..45dc6ec66a 100644 --- a/modules/Microsoft.Authorization/policyDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policyDefinitions/readme.md @@ -179,6 +179,7 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-mg-min-policyDef" }, @@ -197,8 +198,8 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic } } }, - "parameters": { // Non-required parameters + "parameters": { "value": { "effect": { "allowedValues": [ @@ -296,6 +297,7 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-mg-policyDef" }, @@ -330,8 +332,8 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic } } }, - "description": { // Non-required parameters + "description": { "value": "[Description] This policy definition is deployed at the management group scope" }, "displayName": { @@ -422,6 +424,7 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-sub-min-policyDef" }, @@ -440,8 +443,8 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic } } }, - "parameters": { // Non-required parameters + "parameters": { "value": { "effect": { "allowedValues": [ @@ -542,6 +545,7 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-sub-policyDef" }, @@ -576,8 +580,8 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic } } }, - "description": { // Non-required parameters + "description": { "value": "[Description] This policy definition is deployed at subscription scope" }, "displayName": { diff --git a/modules/Microsoft.Authorization/policyExemptions/readme.md b/modules/Microsoft.Authorization/policyExemptions/readme.md index 3cdfdc154f..987027c177 100644 --- a/modules/Microsoft.Authorization/policyExemptions/readme.md +++ b/modules/Microsoft.Authorization/policyExemptions/readme.md @@ -161,7 +161,9 @@ Below is a collection of examples of how this module can be used. These examples module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyExemptions' params: { + // Required parameters name: '<>-min-mg-polexem' + // Non-required parameters policyAssignmentId: '/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg' } } @@ -179,9 +181,11 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-min-mg-polexem" }, + // Non-required parameters "policyAssignmentId": { "value": "/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg" } @@ -202,7 +206,9 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyExemptions' params: { + // Required parameters name: '<>-mg-polexem' + // Non-required parameters policyAssignmentId: '/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg' displayName: '[Display Name] policy exempt (management group scope)' exemptionCategory: 'Waiver' @@ -227,9 +233,11 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-mg-polexem" }, + // Non-required parameters "policyAssignmentId": { "value": "/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg" }, @@ -267,7 +275,9 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyExemptions' params: { + // Required parameters name: '<>-min-rg-polexem' + // Non-required parameters policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' resourceGroupName: '<>' subscriptionId: '<>' @@ -287,9 +297,11 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-min-rg-polexem" }, + // Non-required parameters "policyAssignmentId": { "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" }, @@ -316,7 +328,9 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyExemptions' params: { + // Required parameters name: '<>-rg-polexem' + // Non-required parameters policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' displayName: '[Display Name] policy exempt (resource group scope)' exemptionCategory: 'Waiver' @@ -342,9 +356,11 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-rg-polexem" }, + // Non-required parameters "policyAssignmentId": { "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" }, @@ -385,7 +401,9 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyExemptions' params: { + // Required parameters name: '<>-min-sub-polexem' + // Non-required parameters policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' subscriptionId: '<>' } @@ -404,9 +422,11 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-min-sub-polexem" }, + // Non-required parameters "policyAssignmentId": { "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" }, @@ -430,7 +450,9 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policyExemptions' params: { + // Required parameters name: '<>-sub-polexem' + // Non-required parameters policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' displayName: '[Display Name] policy exempt (subscription scope)' exemptionCategory: 'Waiver' @@ -455,9 +477,11 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-sub-polexem" }, + // Non-required parameters "policyAssignmentId": { "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" }, diff --git a/modules/Microsoft.Authorization/policySetDefinitions/readme.md b/modules/Microsoft.Authorization/policySetDefinitions/readme.md index 8a1e74043a..35ba473a52 100644 --- a/modules/Microsoft.Authorization/policySetDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policySetDefinitions/readme.md @@ -144,7 +144,9 @@ Below is a collection of examples of how this module can be used. These examples module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policySetDefinitions' params: { + // Required parameters name: '<>-mg-min-policySet' + // Non-required parameters policyDefinitions: [ { parameters: { @@ -173,9 +175,11 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-mg-min-policySet" }, + // Non-required parameters "policyDefinitions": { "value": [ { @@ -207,7 +211,9 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policySetDefinitions' params: { + // Required parameters name: '<>-mg-policySet' + // Non-required parameters policyDefinitions: [ { groupNames: [ @@ -269,9 +275,11 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-mg-policySet" }, + // Non-required parameters "policyDefinitions": { "value": [ { @@ -346,7 +354,9 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policySetDefinitions' params: { + // Required parameters name: '<>-sub-min-policySet' + // Non-required parameters policyDefinitions: [ { parameters: { @@ -376,9 +386,11 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-sub-min-policySet" }, + // Non-required parameters "policyDefinitions": { "value": [ { @@ -413,7 +425,9 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-policySetDefinitions' params: { + // Required parameters name: '<>-sub-policySet' + // Non-required parameters policyDefinitions: [ { groupNames: [ @@ -475,9 +489,11 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-sub-policySet" }, + // Non-required parameters "policyDefinitions": { "value": [ { diff --git a/modules/Microsoft.Authorization/roleDefinitions/readme.md b/modules/Microsoft.Authorization/roleDefinitions/readme.md index 08e0f10288..5298d49452 100644 --- a/modules/Microsoft.Authorization/roleDefinitions/readme.md +++ b/modules/Microsoft.Authorization/roleDefinitions/readme.md @@ -183,7 +183,9 @@ Below is a collection of examples of how this module can be used. These examples module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleDefinitions' params: { + // Required parameters roleName: '<>-az-testRole-mg-min' + // Non-required parameters actions: [ 'Microsoft.Compute/galleries/images/read' 'Microsoft.Compute/galleries/read' @@ -204,9 +206,11 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "roleName": { "value": "<>-az-testRole-mg-min" }, + // Non-required parameters "actions": { "value": [ "Microsoft.Compute/galleries/images/read", @@ -230,7 +234,9 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleDefinitions' params: { + // Required parameters roleName: '<>-az-testRole-mg' + // Non-required parameters actions: [ 'Microsoft.Compute/galleries/*' 'Microsoft.Network/virtualNetworks/read' @@ -267,9 +273,11 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "roleName": { "value": "<>-az-testRole-mg" }, + // Non-required parameters "actions": { "value": [ "Microsoft.Compute/galleries/*", @@ -321,7 +329,9 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleDefinitions' params: { + // Required parameters roleName: '<>-az-testRole-rg-min' + // Non-required parameters actions: [ 'Microsoft.Compute/galleries/images/read' 'Microsoft.Compute/galleries/read' @@ -344,9 +354,11 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "roleName": { "value": "<>-az-testRole-rg-min" }, + // Non-required parameters "actions": { "value": [ "Microsoft.Compute/galleries/images/read", @@ -376,7 +388,9 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleDefinitions' params: { + // Required parameters roleName: '<>-az-testRole-rg' + // Non-required parameters actions: [ 'Microsoft.Compute/galleries/*' 'Microsoft.Network/virtualNetworks/read' @@ -414,9 +428,11 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "roleName": { "value": "<>-az-testRole-rg" }, + // Non-required parameters "actions": { "value": [ "Microsoft.Compute/galleries/*", @@ -471,7 +487,9 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleDefinitions' params: { + // Required parameters roleName: '<>-az-testRole-sub-min' + // Non-required parameters actions: [ 'Microsoft.Compute/galleries/images/read' 'Microsoft.Compute/galleries/read' @@ -493,9 +511,11 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "roleName": { "value": "<>-az-testRole-sub-min" }, + // Non-required parameters "actions": { "value": [ "Microsoft.Compute/galleries/images/read", @@ -522,7 +542,9 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-roleDefinitions' params: { + // Required parameters roleName: '<>-az-testRole-sub' + // Non-required parameters actions: [ 'Microsoft.Compute/galleries/*' 'Microsoft.Network/virtualNetworks/read' @@ -559,9 +581,11 @@ module roleDefinitions './Microsoft.Authorization/roleDefinitions/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "roleName": { "value": "<>-az-testRole-sub" }, + // Non-required parameters "actions": { "value": [ "Microsoft.Compute/galleries/*", diff --git a/modules/Microsoft.Automation/automationAccounts/readme.md b/modules/Microsoft.Automation/automationAccounts/readme.md index aa98c9a10b..915e23f26c 100644 --- a/modules/Microsoft.Automation/automationAccounts/readme.md +++ b/modules/Microsoft.Automation/automationAccounts/readme.md @@ -356,7 +356,9 @@ Below is a collection of examples of how this module can be used. These examples module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-automationAccounts' params: { + // Required parameters name: '<>-az-aut-encr-001' + // Non-required parameters cMKKeyName: 'keyEncryptionKey' cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' cMKUserAssignedIdentityResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' @@ -379,9 +381,11 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-aut-encr-001" }, + // Non-required parameters "cMKKeyName": { "value": "keyEncryptionKey" }, @@ -450,7 +454,9 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-automationAccounts' params: { + // Required parameters name: '<>-az-aut-x-001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -621,9 +627,11 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-aut-x-001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/modules/Microsoft.Batch/batchAccounts/readme.md b/modules/Microsoft.Batch/batchAccounts/readme.md index 6c9a8eb0b3..6039a7ebf7 100644 --- a/modules/Microsoft.Batch/batchAccounts/readme.md +++ b/modules/Microsoft.Batch/batchAccounts/readme.md @@ -152,7 +152,9 @@ Below is a collection of examples of how this module can be used. These examples module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-batchAccounts' params: { + // Required parameters name: '<>azbaweuencr001' + // Non-required parameters storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' cMKKeyName: 'keyEncryptionKey' cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' @@ -178,9 +180,11 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>azbaweuencr001" }, + // Non-required parameters "storageAccountId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" }, @@ -221,7 +225,9 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-batchAccounts' params: { + // Required parameters name: '<>azbaweumin001' + // Non-required parameters storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' } } @@ -239,9 +245,11 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>azbaweumin001" }, + // Non-required parameters "storageAccountId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" } @@ -262,7 +270,9 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-batchAccounts' params: { + // Required parameters name: '<>azbaweux001' + // Non-required parameters storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' @@ -290,9 +300,11 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>azbaweux001" }, + // Non-required parameters "storageAccountId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" }, diff --git a/modules/Microsoft.CognitiveServices/accounts/readme.md b/modules/Microsoft.CognitiveServices/accounts/readme.md index 8bb490a62d..af2637d44d 100644 --- a/modules/Microsoft.CognitiveServices/accounts/readme.md +++ b/modules/Microsoft.CognitiveServices/accounts/readme.md @@ -416,7 +416,9 @@ Below is a collection of examples of how this module can be used. These examples module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-accounts' params: { + // Required parameters kind: 'SpeechServices' + // Non-required parameters name: '<>-az-cgs-encr-001' encryption: { keySource: 'Microsoft.KeyVault' @@ -448,9 +450,11 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "kind": { "value": "SpeechServices" }, + // Non-required parameters "name": { "value": "<>-az-cgs-encr-001" }, @@ -493,7 +497,9 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-accounts' params: { + // Required parameters kind: 'SpeechServices' + // Non-required parameters name: '<>-az-cgs-min-001' } } @@ -511,9 +517,11 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "kind": { "value": "SpeechServices" }, + // Non-required parameters "name": { "value": "<>-az-cgs-min-001" } @@ -534,7 +542,9 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-accounts' params: { + // Required parameters kind: 'Face' + // Non-required parameters name: '<>-az-cgs-x-001' customSubDomainName: '<>xdomain' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' @@ -581,9 +591,11 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "kind": { "value": "Face" }, + // Non-required parameters "name": { "value": "<>-az-cgs-x-001" }, @@ -657,7 +669,9 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-accounts' params: { + // Required parameters kind: 'SpeechServices' + // Non-required parameters name: '<>-az-cgs-speech-001' customSubDomainName: '<>speechdomain' privateEndpoints: [ @@ -687,9 +701,11 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "kind": { "value": "SpeechServices" }, + // Non-required parameters "name": { "value": "<>-az-cgs-speech-001" }, diff --git a/modules/Microsoft.Compute/availabilitySets/readme.md b/modules/Microsoft.Compute/availabilitySets/readme.md index c36f02f019..3002190daa 100644 --- a/modules/Microsoft.Compute/availabilitySets/readme.md +++ b/modules/Microsoft.Compute/availabilitySets/readme.md @@ -198,7 +198,9 @@ module availabilitySets './Microsoft.Compute/availabilitySets/deploy.bicep' = { module availabilitySets './Microsoft.Compute/availabilitySets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-availabilitySets' params: { + // Required parameters name: '<>-az-avs-x-001' + // Non-required parameters lock: 'CanNotDelete' proximityPlacementGroupId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/proximityPlacementGroups/adp-<>-az-ppg-x-001' roleAssignments: [ @@ -225,9 +227,11 @@ module availabilitySets './Microsoft.Compute/availabilitySets/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-avs-x-001" }, + // Non-required parameters "lock": { "value": "CanNotDelete" }, diff --git a/modules/Microsoft.Compute/diskEncryptionSets/readme.md b/modules/Microsoft.Compute/diskEncryptionSets/readme.md index 8a7daee7e5..f48e488ff5 100644 --- a/modules/Microsoft.Compute/diskEncryptionSets/readme.md +++ b/modules/Microsoft.Compute/diskEncryptionSets/readme.md @@ -163,7 +163,9 @@ Below is a collection of examples of how this module can be used. These examples module diskEncryptionSets './Microsoft.Compute/diskEncryptionSets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-diskEncryptionSets' params: { + // Required parameters keyName: 'keyEncryptionKey' + // Non-required parameters keyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' name: '<>-az-des-x-001' roleAssignments: [ @@ -190,6 +192,7 @@ module diskEncryptionSets './Microsoft.Compute/diskEncryptionSets/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "keyName": { "value": "keyEncryptionKey" }, @@ -199,6 +202,7 @@ module diskEncryptionSets './Microsoft.Compute/diskEncryptionSets/deploy.bicep' "name": { "value": "<>-az-des-x-001" }, + // Non-required parameters "roleAssignments": { "value": [ { diff --git a/modules/Microsoft.Compute/disks/readme.md b/modules/Microsoft.Compute/disks/readme.md index 42275eabd8..bd531ebf6a 100644 --- a/modules/Microsoft.Compute/disks/readme.md +++ b/modules/Microsoft.Compute/disks/readme.md @@ -177,7 +177,9 @@ Below is a collection of examples of how this module can be used. These examples module disks './Microsoft.Compute/disks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-disks' params: { + // Required parameters name: '<>-az-disk-image-001' + // Non-required parameters sku: 'Standard_LRS' createOption: 'FromImage' imageReferenceId: '/Subscriptions/<>/Providers/Microsoft.Compute/Locations/westeurope/Publishers/MicrosoftWindowsServer/ArtifactTypes/VMImage/Offers/WindowsServer/Skus/2016-Datacenter/Versions/14393.4906.2112080838' @@ -205,12 +207,14 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-disk-image-001" }, "sku": { "value": "Standard_LRS" }, + // Non-required parameters "createOption": { "value": "FromImage" }, @@ -244,7 +248,9 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { module disks './Microsoft.Compute/disks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-disks' params: { + // Required parameters name: '<>-az-disk-import-001' + // Non-required parameters sku: 'Standard_LRS' createOption: 'Import' roleAssignments: [ @@ -273,12 +279,14 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-disk-import-001" }, "sku": { "value": "Standard_LRS" }, + // Non-required parameters "createOption": { "value": "Import" }, @@ -315,7 +323,9 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { module disks './Microsoft.Compute/disks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-disks' params: { + // Required parameters name: '<>-az-disk-min-001' + // Non-required parameters sku: 'Standard_LRS' diskSizeGB: 1 roleAssignments: [ @@ -342,12 +352,14 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-disk-min-001" }, "sku": { "value": "Standard_LRS" }, + // Non-required parameters "diskSizeGB": { "value": 1 }, @@ -378,7 +390,9 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { module disks './Microsoft.Compute/disks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-disks' params: { + // Required parameters name: '<>-az-disk-x-001' + // Non-required parameters sku: 'UltraSSD_LRS' diskIOPSReadWrite: 500 diskMBpsReadWrite: 60 @@ -411,12 +425,14 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-disk-x-001" }, "sku": { "value": "UltraSSD_LRS" }, + // Non-required parameters "diskIOPSReadWrite": { "value": 500 }, diff --git a/modules/Microsoft.Compute/galleries/readme.md b/modules/Microsoft.Compute/galleries/readme.md index c6d3204efd..ea53839a6f 100644 --- a/modules/Microsoft.Compute/galleries/readme.md +++ b/modules/Microsoft.Compute/galleries/readme.md @@ -160,7 +160,9 @@ Below is a collection of examples of how this module can be used. These examples module galleries './Microsoft.Compute/galleries/deploy.bicep' = { name: '${uniqueString(deployment().name)}-galleries' params: { + // Required parameters name: '<>azsigweuimages001' + // Non-required parameters images: [ { name: '<>-az-imgd-x-003' @@ -216,9 +218,11 @@ module galleries './Microsoft.Compute/galleries/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>azsigweuimages001" }, + // Non-required parameters "images": { "value": [ { @@ -277,7 +281,9 @@ module galleries './Microsoft.Compute/galleries/deploy.bicep' = { module galleries './Microsoft.Compute/galleries/deploy.bicep' = { name: '${uniqueString(deployment().name)}-galleries' params: { + // Required parameters name: '<>azsigweux001' + // Non-required parameters lock: 'CanNotDelete' roleAssignments: [ { @@ -303,9 +309,11 @@ module galleries './Microsoft.Compute/galleries/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>azsigweux001" }, + // Non-required parameters "lock": { "value": "CanNotDelete" }, diff --git a/modules/Microsoft.Compute/images/readme.md b/modules/Microsoft.Compute/images/readme.md index 5b3cc9f8c7..4784f067fb 100644 --- a/modules/Microsoft.Compute/images/readme.md +++ b/modules/Microsoft.Compute/images/readme.md @@ -161,7 +161,9 @@ Below is a collection of examples of how this module can be used. These examples module images './Microsoft.Compute/images/deploy.bicep' = { name: '${uniqueString(deployment().name)}-images' params: { + // Required parameters name: '<>-az-img-x-001' + // Non-required parameters osAccountType: 'Premium_LRS' osDiskBlobUri: 'https://adp<>azsax001.blob.core.windows.net/vhds/adp-<>-az-imgt-x-001.vhd' osDiskCaching: 'ReadWrite' @@ -192,6 +194,7 @@ module images './Microsoft.Compute/images/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-img-x-001" }, @@ -207,6 +210,7 @@ module images './Microsoft.Compute/images/deploy.bicep' = { "osType": { "value": "Windows" }, + // Non-required parameters "hyperVGeneration": { "value": "V1" }, diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md index 2c03736235..2f943dbe7f 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md @@ -885,7 +885,9 @@ Below is a collection of examples of how this module can be used. These examples module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachineScaleSets' params: { + // Required parameters adminUsername: 'scaleSetAdmin' + // Non-required parameters imageReference: { offer: 'UbuntuServer' publisher: 'Canonical' @@ -940,6 +942,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "adminUsername": { "value": "scaleSetAdmin" }, @@ -966,6 +969,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "osType": { "value": "Linux" }, + // Non-required parameters "skuName": { "value": "Standard_B2s" }, @@ -1014,7 +1018,9 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachineScaleSets' params: { + // Required parameters adminUsername: 'scaleSetAdmin' + // Non-required parameters imageReference: { offer: 'UbuntuServer' publisher: 'Canonical' @@ -1149,6 +1155,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "adminUsername": { "value": "scaleSetAdmin" }, @@ -1175,6 +1182,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "osType": { "value": "Linux" }, + // Non-required parameters "skuName": { "value": "Standard_B2s" }, @@ -1354,7 +1362,9 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachineScaleSets' params: { + // Required parameters adminUsername: kv1.getSecret('adminUsername') + // Non-required parameters imageReference: { offer: 'WindowsServer' publisher: 'MicrosoftWindowsServer' @@ -1403,6 +1413,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "adminUsername": { "reference": { "keyVault": { @@ -1434,6 +1445,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "osType": { "value": "Windows" }, + // Non-required parameters "skuName": { "value": "Standard_B2s" }, @@ -1484,7 +1496,9 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachineScaleSets' params: { + // Required parameters adminUsername: kv1.getSecret('adminUsername') + // Non-required parameters imageReference: { offer: 'WindowsServer' publisher: 'MicrosoftWindowsServer' @@ -1611,6 +1625,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "adminUsername": { "reference": { "keyVault": { @@ -1642,6 +1657,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "osType": { "value": "Windows" }, + // Non-required parameters "skuName": { "value": "Standard_B2s" }, diff --git a/modules/Microsoft.Compute/virtualMachines/readme.md b/modules/Microsoft.Compute/virtualMachines/readme.md index 4f53827ae8..4c3ed7d0f5 100644 --- a/modules/Microsoft.Compute/virtualMachines/readme.md +++ b/modules/Microsoft.Compute/virtualMachines/readme.md @@ -1012,7 +1012,9 @@ Below is a collection of examples of how this module can be used. These examples module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { + // Required parameters adminUsername: 'localAdminUser' + // Non-required parameters imageReference: { offer: 'UbuntuServer' publisher: 'Canonical' @@ -1066,6 +1068,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "adminUsername": { "value": "localAdminUser" }, @@ -1077,6 +1080,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "version": "latest" } }, + // Non-required parameters "nicConfigurations": { "value": [ { @@ -1141,7 +1145,9 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { + // Required parameters adminUsername: 'localAdminUser' + // Non-required parameters imageReference: { offer: 'UbuntuServer' publisher: 'Canonical' @@ -1194,6 +1200,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "adminUsername": { "value": "localAdminUser" }, @@ -1205,6 +1212,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "version": "latest" } }, + // Non-required parameters "nicConfigurations": { "value": [ { @@ -1266,7 +1274,9 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { + // Required parameters adminUsername: 'localAdminUser' + // Non-required parameters imageReference: { offer: 'UbuntuServer' publisher: 'Canonical' @@ -1430,6 +1440,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "adminUsername": { "value": "localAdminUser" }, @@ -1441,6 +1452,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "version": "latest" } }, + // Non-required parameters "nicConfigurations": { "value": [ { @@ -1664,7 +1676,9 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { + // Required parameters adminUsername: 'localAdminUser' + // Non-required parameters imageReference: { offer: 'WindowsServer' publisher: 'MicrosoftWindowsServer' @@ -1709,6 +1723,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "adminUsername": { "value": "localAdminUser" }, @@ -1720,6 +1735,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "version": "latest" } }, + // Non-required parameters "nicConfigurations": { "value": [ { @@ -1783,7 +1799,9 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { + // Required parameters adminUsername: 'localAdminUser' + // Non-required parameters imageReference: { offer: 'WindowsServer' publisher: 'MicrosoftWindowsServer' @@ -1827,6 +1845,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "adminUsername": { "value": "localAdminUser" }, @@ -1838,6 +1857,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "version": "latest" } }, + // Non-required parameters "nicConfigurations": { "value": [ { @@ -1898,7 +1918,9 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualMachines' params: { + // Required parameters adminUsername: 'localAdminUser' + // Non-required parameters imageReference: { offer: 'WindowsServer' publisher: 'MicrosoftWindowsServer' @@ -2074,6 +2096,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "adminUsername": { "value": "localAdminUser" }, @@ -2085,6 +2108,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "version": "latest" } }, + // Non-required parameters "nicConfigurations": { "value": [ { diff --git a/modules/Microsoft.Consumption/budgets/readme.md b/modules/Microsoft.Consumption/budgets/readme.md index c493befd0b..17a74496eb 100644 --- a/modules/Microsoft.Consumption/budgets/readme.md +++ b/modules/Microsoft.Consumption/budgets/readme.md @@ -60,7 +60,9 @@ Below is a collection of examples of how this module can be used. These examples module budgets './Microsoft.Consumption/budgets/deploy.bicep' = { name: '${uniqueString(deployment().name)}-budgets' params: { + // Required parameters amount: 500 + // Non-required parameters contactEmails: [ 'dummy@contoso.com' ] @@ -87,9 +89,11 @@ module budgets './Microsoft.Consumption/budgets/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "amount": { "value": 500 }, + // Non-required parameters "contactEmails": { "value": [ "dummy@contoso.com" diff --git a/modules/Microsoft.ContainerInstance/containerGroups/readme.md b/modules/Microsoft.ContainerInstance/containerGroups/readme.md index 9d578aa730..9665c52899 100644 --- a/modules/Microsoft.ContainerInstance/containerGroups/readme.md +++ b/modules/Microsoft.ContainerInstance/containerGroups/readme.md @@ -182,7 +182,9 @@ Below is a collection of examples of how this module can be used. These examples module containerGroups './Microsoft.ContainerInstance/containerGroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-containerGroups' params: { + // Required parameters containerName: '<>-az-aci-x-001' + // Non-required parameters image: 'mcr.microsoft.com/azuredocs/aci-helloworld' name: '<>-az-acg-x-001' lock: 'CanNotDelete' @@ -216,9 +218,11 @@ module containerGroups './Microsoft.ContainerInstance/containerGroups/deploy.bic "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "containerName": { "value": "<>-az-aci-x-001" }, + // Non-required parameters "image": { "value": "mcr.microsoft.com/azuredocs/aci-helloworld" }, diff --git a/modules/Microsoft.ContainerRegistry/registries/readme.md b/modules/Microsoft.ContainerRegistry/registries/readme.md index 015aaa8ea5..f495b9361c 100644 --- a/modules/Microsoft.ContainerRegistry/registries/readme.md +++ b/modules/Microsoft.ContainerRegistry/registries/readme.md @@ -343,7 +343,9 @@ Below is a collection of examples of how this module can be used. These examples module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { name: '${uniqueString(deployment().name)}-registries' params: { + // Required parameters name: '<>azacrencr001' + // Non-required parameters acrSku: 'Premium' cMKKeyName: 'keyEncryptionKey' cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' @@ -368,9 +370,11 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>azacrencr001" }, + // Non-required parameters "acrSku": { "value": "Premium" }, @@ -445,7 +449,9 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { name: '${uniqueString(deployment().name)}-registries' params: { + // Required parameters name: '<>azacrx001' + // Non-required parameters acrAdminUserEnabled: false acrSku: 'Premium' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' @@ -504,9 +510,11 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>azacrx001" }, + // Non-required parameters "acrAdminUserEnabled": { "value": false }, diff --git a/modules/Microsoft.ContainerService/managedClusters/readme.md b/modules/Microsoft.ContainerService/managedClusters/readme.md index 3e34d6df14..5b7ec454eb 100644 --- a/modules/Microsoft.ContainerService/managedClusters/readme.md +++ b/modules/Microsoft.ContainerService/managedClusters/readme.md @@ -371,7 +371,9 @@ Below is a collection of examples of how this module can be used. These examples module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bicep' = { name: '${uniqueString(deployment().name)}-managedClusters' params: { + // Required parameters name: '<>-az-aks-azure-001' + // Non-required parameters primaryAgentPoolProfile: [ { availabilityZones: [ @@ -478,9 +480,11 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-aks-azure-001" }, + // Non-required parameters "primaryAgentPoolProfile": { "value": [ { @@ -612,7 +616,9 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bicep' = { name: '${uniqueString(deployment().name)}-managedClusters' params: { + // Required parameters name: '<>-az-aks-kubenet-001' + // Non-required parameters primaryAgentPoolProfile: [ { availabilityZones: [ @@ -716,9 +722,11 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-aks-kubenet-001" }, + // Non-required parameters "primaryAgentPoolProfile": { "value": [ { diff --git a/modules/Microsoft.DataFactory/factories/readme.md b/modules/Microsoft.DataFactory/factories/readme.md index fd0b37b714..9e3c5373b9 100644 --- a/modules/Microsoft.DataFactory/factories/readme.md +++ b/modules/Microsoft.DataFactory/factories/readme.md @@ -294,7 +294,9 @@ Below is a collection of examples of how this module can be used. These examples module factories './Microsoft.DataFactory/factories/deploy.bicep' = { name: '${uniqueString(deployment().name)}-factories' params: { + // Required parameters name: '<>-adf-001' + // Non-required parameters cMKKeyName: 'keyEncryptionKey' cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' cMKUserAssignedIdentityResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' @@ -351,9 +353,11 @@ module factories './Microsoft.DataFactory/factories/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-adf-001" }, + // Non-required parameters "cMKKeyName": { "value": "keyEncryptionKey" }, diff --git a/modules/Microsoft.DataProtection/backupVaults/readme.md b/modules/Microsoft.DataProtection/backupVaults/readme.md index d37f1cf71c..ad4a84db7c 100644 --- a/modules/Microsoft.DataProtection/backupVaults/readme.md +++ b/modules/Microsoft.DataProtection/backupVaults/readme.md @@ -381,7 +381,9 @@ module backupVaults './Microsoft.DataProtection/backupVaults/deploy.bicep' = { module backupVaults './Microsoft.DataProtection/backupVaults/deploy.bicep' = { name: '${uniqueString(deployment().name)}-backupVaults' params: { + // Required parameters name: '<>-az-bv-x-001' + // Non-required parameters backupPolicies: [ { name: 'DefaultPolicy' @@ -461,9 +463,11 @@ module backupVaults './Microsoft.DataProtection/backupVaults/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-bv-x-001" }, + // Non-required parameters "backupPolicies": { "value": [ { diff --git a/modules/Microsoft.Databricks/workspaces/readme.md b/modules/Microsoft.Databricks/workspaces/readme.md index e905c1e37e..62b23a8fa0 100644 --- a/modules/Microsoft.Databricks/workspaces/readme.md +++ b/modules/Microsoft.Databricks/workspaces/readme.md @@ -231,7 +231,9 @@ Below is a collection of examples of how this module can be used. These examples module workspaces './Microsoft.Databricks/workspaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-workspaces' params: { + // Required parameters name: '<>-az-adb-x-001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -262,9 +264,11 @@ module workspaces './Microsoft.Databricks/workspaces/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-adb-x-001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md index f1c4e8fc67..fee2029d36 100644 --- a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md +++ b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md @@ -171,7 +171,9 @@ Below is a collection of examples of how this module can be used. These examples module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-applicationgroups' params: { + // Required parameters applicationGroupType: 'RemoteApp' + // Non-required parameters hostpoolName: 'adp-<>-az-avdhp-x-001' name: '<>-az-avdag-min-001' } @@ -190,6 +192,7 @@ module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/de "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "applicationGroupType": { "value": "RemoteApp" }, @@ -199,6 +202,7 @@ module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/de "name": { "value": "<>-az-avdag-min-001" } + // Non-required parameters } } ``` @@ -216,7 +220,9 @@ module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/de module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-applicationgroups' params: { + // Required parameters applicationGroupType: 'RemoteApp' + // Non-required parameters hostpoolName: 'adp-<>-az-avdhp-x-001' name: '<>-az-avdag-x-001' applications: [ @@ -270,6 +276,7 @@ module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/de "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "applicationGroupType": { "value": "RemoteApp" }, @@ -279,6 +286,7 @@ module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/de "name": { "value": "<>-az-avdag-x-001" }, + // Non-required parameters "applications": { "value": [ { diff --git a/modules/Microsoft.DesktopVirtualization/hostpools/readme.md b/modules/Microsoft.DesktopVirtualization/hostpools/readme.md index 44936c4e3f..5c238b33c1 100644 --- a/modules/Microsoft.DesktopVirtualization/hostpools/readme.md +++ b/modules/Microsoft.DesktopVirtualization/hostpools/readme.md @@ -267,7 +267,9 @@ Below is a collection of examples of how this module can be used. These examples module hostpools './Microsoft.DesktopVirtualization/hostpools/deploy.bicep' = { name: '${uniqueString(deployment().name)}-hostpools' params: { + // Required parameters name: '<>-az-avdhp-x-001' + // Non-required parameters customRdpProperty: 'audiocapturemode:i:1;audiomode:i:0;drivestoredirect:s:;redirectclipboard:i:1;redirectcomports:i:1;redirectprinters:i:1;redirectsmartcards:i:1;screen mode id:i:2;' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' @@ -323,9 +325,11 @@ module hostpools './Microsoft.DesktopVirtualization/hostpools/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-avdhp-x-001" }, + // Non-required parameters "customRdpProperty": { "value": "audiocapturemode:i:1;audiomode:i:0;drivestoredirect:s:;redirectclipboard:i:1;redirectcomports:i:1;redirectprinters:i:1;redirectsmartcards:i:1;screen mode id:i:2;" }, diff --git a/modules/Microsoft.DesktopVirtualization/workspaces/readme.md b/modules/Microsoft.DesktopVirtualization/workspaces/readme.md index fdf8347aba..c7b5a334d0 100644 --- a/modules/Microsoft.DesktopVirtualization/workspaces/readme.md +++ b/modules/Microsoft.DesktopVirtualization/workspaces/readme.md @@ -168,7 +168,9 @@ Below is a collection of examples of how this module can be used. These examples module workspaces './Microsoft.DesktopVirtualization/workspaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-workspaces' params: { + // Required parameters name: '<>-az-avdws-x-001' + // Non-required parameters appGroupResourceIds: [ '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.DesktopVirtualization/applicationgroups/adp-<>-az-avdag-x-001' ] @@ -205,9 +207,11 @@ module workspaces './Microsoft.DesktopVirtualization/workspaces/deploy.bicep' = "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-avdws-x-001" }, + // Non-required parameters "appGroupResourceIds": { "value": [ "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.DesktopVirtualization/applicationgroups/adp-<>-az-avdag-x-001" diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md index a4abaf91b6..d45a5f37b6 100644 --- a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md +++ b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md @@ -544,7 +544,9 @@ Below is a collection of examples of how this module can be used. These examples module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-databaseAccounts' params: { + // Required parameters locations: [ + // Non-required parameters { failoverPriority: 0 isZoneRedundant: false @@ -631,6 +633,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "locations": { "value": [ { @@ -645,6 +648,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } ] }, + // Non-required parameters "name": { "value": "<>-az-cdb-gremlindb-001" }, @@ -743,7 +747,9 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-databaseAccounts' params: { + // Required parameters locations: [ + // Non-required parameters { failoverPriority: 0 isZoneRedundant: false @@ -971,6 +977,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "locations": { "value": [ { @@ -985,6 +992,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } ] }, + // Non-required parameters "name": { "value": "<>-az-cdb-mongodb-001" }, @@ -1222,7 +1230,9 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-databaseAccounts' params: { + // Required parameters locations: [ + // Non-required parameters { failoverPriority: 0 isZoneRedundant: false @@ -1265,6 +1275,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "locations": { "value": [ { @@ -1279,6 +1290,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } ] }, + // Non-required parameters "name": { "value": "<>-az-cdb-plain-001" }, @@ -1327,7 +1339,9 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-databaseAccounts' params: { + // Required parameters locations: [ + // Non-required parameters { failoverPriority: 0 isZoneRedundant: false @@ -1391,6 +1405,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "locations": { "value": [ { @@ -1405,6 +1420,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } ] }, + // Non-required parameters "name": { "value": "<>-az-cdb-sqldb-001" }, diff --git a/modules/Microsoft.EventGrid/systemTopics/readme.md b/modules/Microsoft.EventGrid/systemTopics/readme.md index ebaec3a623..a6a1566809 100644 --- a/modules/Microsoft.EventGrid/systemTopics/readme.md +++ b/modules/Microsoft.EventGrid/systemTopics/readme.md @@ -281,7 +281,9 @@ Below is a collection of examples of how this module can be used. These examples module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { name: '${uniqueString(deployment().name)}-systemTopics' params: { + // Required parameters name: '<>-az-egstn-x-002' + // Non-required parameters source: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' topicType: 'Microsoft.Storage.StorageAccounts' } @@ -300,9 +302,11 @@ module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-egstn-x-002" }, + // Non-required parameters "source": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" }, @@ -326,7 +330,9 @@ module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { name: '${uniqueString(deployment().name)}-systemTopics' params: { + // Required parameters name: '<>-az-egstn-x-001' + // Non-required parameters source: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' topicType: 'Microsoft.Storage.StorageAccounts' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' @@ -359,9 +365,11 @@ module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-egstn-x-001" }, + // Non-required parameters "source": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" }, diff --git a/modules/Microsoft.EventGrid/topics/readme.md b/modules/Microsoft.EventGrid/topics/readme.md index 55ae03e7db..7b9743b32f 100644 --- a/modules/Microsoft.EventGrid/topics/readme.md +++ b/modules/Microsoft.EventGrid/topics/readme.md @@ -248,7 +248,9 @@ Below is a collection of examples of how this module can be used. These examples module topics './Microsoft.EventGrid/topics/deploy.bicep' = { name: '${uniqueString(deployment().name)}-topics' params: { + // Required parameters name: '<>-az-egtn-x-001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -285,9 +287,11 @@ module topics './Microsoft.EventGrid/topics/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-egtn-x-001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/modules/Microsoft.HealthBot/healthBots/readme.md b/modules/Microsoft.HealthBot/healthBots/readme.md index 7dbbb393e9..dda239a02d 100644 --- a/modules/Microsoft.HealthBot/healthBots/readme.md +++ b/modules/Microsoft.HealthBot/healthBots/readme.md @@ -158,7 +158,9 @@ Below is a collection of examples of how this module can be used. These examples module healthBots './Microsoft.HealthBot/healthBots/deploy.bicep' = { name: '${uniqueString(deployment().name)}-healthBots' params: { + // Required parameters name: '<>-az-ahb-x-001' + // Non-required parameters lock: 'CanNotDelete' roleAssignments: [ { @@ -184,9 +186,11 @@ module healthBots './Microsoft.HealthBot/healthBots/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-ahb-x-001" }, + // Non-required parameters "lock": { "value": "CanNotDelete" }, diff --git a/modules/Microsoft.Insights/actionGroups/readme.md b/modules/Microsoft.Insights/actionGroups/readme.md index 5e207db10d..f2ef49fe60 100644 --- a/modules/Microsoft.Insights/actionGroups/readme.md +++ b/modules/Microsoft.Insights/actionGroups/readme.md @@ -244,7 +244,9 @@ Below is a collection of examples of how this module can be used. These examples module actionGroups './Microsoft.Insights/actionGroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-actionGroups' params: { + // Required parameters groupShortName: 'azagweux001' + // Non-required parameters name: '<>-az-ag-x-001' emailReceivers: [ { @@ -289,9 +291,11 @@ module actionGroups './Microsoft.Insights/actionGroups/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "groupShortName": { "value": "azagweux001" }, + // Non-required parameters "name": { "value": "<>-az-ag-x-001" }, diff --git a/modules/Microsoft.Insights/activityLogAlerts/readme.md b/modules/Microsoft.Insights/activityLogAlerts/readme.md index db13917c7a..30e0b922b9 100644 --- a/modules/Microsoft.Insights/activityLogAlerts/readme.md +++ b/modules/Microsoft.Insights/activityLogAlerts/readme.md @@ -406,7 +406,9 @@ Below is a collection of examples of how this module can be used. These examples module activityLogAlerts './Microsoft.Insights/activityLogAlerts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-activityLogAlerts' params: { + // Required parameters conditions: [ + // Non-required parameters { equals: 'Administrative' field: 'category' @@ -453,6 +455,7 @@ module activityLogAlerts './Microsoft.Insights/activityLogAlerts/deploy.bicep' = "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "conditions": { "value": [ { @@ -469,6 +472,7 @@ module activityLogAlerts './Microsoft.Insights/activityLogAlerts/deploy.bicep' = } ] }, + // Non-required parameters "name": { "value": "<>-az-ala-x-001" }, diff --git a/modules/Microsoft.Insights/components/readme.md b/modules/Microsoft.Insights/components/readme.md index 0e9921257f..792290d47e 100644 --- a/modules/Microsoft.Insights/components/readme.md +++ b/modules/Microsoft.Insights/components/readme.md @@ -162,7 +162,9 @@ Below is a collection of examples of how this module can be used. These examples module components './Microsoft.Insights/components/deploy.bicep' = { name: '${uniqueString(deployment().name)}-components' params: { + // Required parameters name: '<>-az-appi-x-001' + // Non-required parameters workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-appi-001' roleAssignments: [ { @@ -188,9 +190,11 @@ module components './Microsoft.Insights/components/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-appi-x-001" }, + // Non-required parameters "workspaceResourceId": { "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-appi-001" }, diff --git a/modules/Microsoft.Insights/metricAlerts/readme.md b/modules/Microsoft.Insights/metricAlerts/readme.md index ba04d8b633..b448e6dac6 100644 --- a/modules/Microsoft.Insights/metricAlerts/readme.md +++ b/modules/Microsoft.Insights/metricAlerts/readme.md @@ -387,7 +387,9 @@ Below is a collection of examples of how this module can be used. These examples module metricAlerts './Microsoft.Insights/metricAlerts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-metricAlerts' params: { + // Required parameters criterias: [ + // Non-required parameters { criterionType: 'StaticThresholdCriterion' metricName: 'Percentage CPU' @@ -430,6 +432,7 @@ module metricAlerts './Microsoft.Insights/metricAlerts/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "criterias": { "value": [ { @@ -446,6 +449,7 @@ module metricAlerts './Microsoft.Insights/metricAlerts/deploy.bicep' = { "name": { "value": "<>-az-ma-x-001" }, + // Non-required parameters "actions": { "value": [ "/subscriptions/<>/resourceGroups/validation-rg/providers/microsoft.insights/actiongroups/adp-<>-az-ag-x-001" diff --git a/modules/Microsoft.Insights/privateLinkScopes/readme.md b/modules/Microsoft.Insights/privateLinkScopes/readme.md index b826b47b3b..73103b90d9 100644 --- a/modules/Microsoft.Insights/privateLinkScopes/readme.md +++ b/modules/Microsoft.Insights/privateLinkScopes/readme.md @@ -239,7 +239,9 @@ Below is a collection of examples of how this module can be used. These examples module privateLinkScopes './Microsoft.Insights/privateLinkScopes/deploy.bicep' = { name: '${uniqueString(deployment().name)}-privateLinkScopes' params: { + // Required parameters name: '<>-az-pls-x-001' + // Non-required parameters lock: 'CanNotDelete' privateEndpoints: [ { @@ -277,9 +279,11 @@ module privateLinkScopes './Microsoft.Insights/privateLinkScopes/deploy.bicep' = "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-pls-x-001" }, + // Non-required parameters "lock": { "value": "CanNotDelete" }, diff --git a/modules/Microsoft.Insights/scheduledQueryRules/readme.md b/modules/Microsoft.Insights/scheduledQueryRules/readme.md index f0e032d238..b01f33a5be 100644 --- a/modules/Microsoft.Insights/scheduledQueryRules/readme.md +++ b/modules/Microsoft.Insights/scheduledQueryRules/readme.md @@ -169,7 +169,9 @@ Below is a collection of examples of how this module can be used. These examples module scheduledQueryRules './Microsoft.Insights/scheduledQueryRules/deploy.bicep' = { name: '${uniqueString(deployment().name)}-scheduledQueryRules' params: { + // Required parameters name: 'myAlert01' + // Non-required parameters alertDescription: 'My sample Alert' autoMitigate: false criterias: { @@ -230,9 +232,11 @@ module scheduledQueryRules './Microsoft.Insights/scheduledQueryRules/deploy.bice "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "myAlert01" }, + // Non-required parameters "alertDescription": { "value": "My sample Alert" }, diff --git a/modules/Microsoft.KubernetesConfiguration/extensions/readme.md b/modules/Microsoft.KubernetesConfiguration/extensions/readme.md index 0aa08b79a2..bd30d7a753 100644 --- a/modules/Microsoft.KubernetesConfiguration/extensions/readme.md +++ b/modules/Microsoft.KubernetesConfiguration/extensions/readme.md @@ -77,7 +77,9 @@ Below is a collection of examples of how this module can be used. These examples module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-extensions' params: { + // Required parameters clusterName: '<>-az-aks-kubenet-001' + // Non-required parameters extensionType: 'microsoft.flux' name: 'flux' releaseNamespace: 'flux-system' @@ -98,6 +100,7 @@ module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "clusterName": { "value": "<>-az-aks-kubenet-001" }, @@ -107,6 +110,7 @@ module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' "name": { "value": "flux" }, + // Non-required parameters "releaseNamespace": { "value": "flux-system" }, @@ -130,7 +134,9 @@ module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-extensions' params: { + // Required parameters clusterName: '<>-az-aks-kubenet-001' + // Non-required parameters extensionType: 'microsoft.flux' name: 'flux' configurationSettings: { @@ -159,6 +165,7 @@ module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "clusterName": { "value": "<>-az-aks-kubenet-001" }, @@ -168,6 +175,7 @@ module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' "name": { "value": "flux" }, + // Non-required parameters "configurationSettings": { "value": { "image-automation-controller.enabled": "false", diff --git a/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md b/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md index 5e455b53d5..a0dc6f0942 100644 --- a/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md +++ b/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md @@ -79,7 +79,9 @@ Below is a collection of examples of how this module can be used. These examples module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfigurations/deploy.bicep' = { name: '${uniqueString(deployment().name)}-fluxConfigurations' params: { + // Required parameters clusterName: '<>-az-aks-kubenet-001' + // Non-required parameters name: 'flux2' namespace: 'flux-system' scope: 'cluster' @@ -109,6 +111,7 @@ module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfiguration "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "clusterName": { "value": "<>-az-aks-kubenet-001" }, @@ -118,6 +121,7 @@ module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfiguration "namespace": { "value": "flux-system" }, + // Non-required parameters "scope": { "value": "cluster" }, @@ -152,7 +156,9 @@ module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfiguration module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfigurations/deploy.bicep' = { name: '${uniqueString(deployment().name)}-fluxConfigurations' params: { + // Required parameters clusterName: '<>-az-aks-kubenet-001' + // Non-required parameters name: 'flux2' namespace: 'flux-system' scope: 'cluster' @@ -192,6 +198,7 @@ module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfiguration "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "clusterName": { "value": "<>-az-aks-kubenet-001" }, @@ -201,6 +208,7 @@ module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfiguration "namespace": { "value": "flux-system" }, + // Non-required parameters "scope": { "value": "cluster" }, diff --git a/modules/Microsoft.Logic/workflows/readme.md b/modules/Microsoft.Logic/workflows/readme.md index 20a292cb40..69d55dd2ab 100644 --- a/modules/Microsoft.Logic/workflows/readme.md +++ b/modules/Microsoft.Logic/workflows/readme.md @@ -325,7 +325,9 @@ Below is a collection of examples of how this module can be used. These examples module workflows './Microsoft.Logic/workflows/deploy.bicep' = { name: '${uniqueString(deployment().name)}-workflows' params: { + // Required parameters name: '<>-az-lga-x-001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -389,9 +391,11 @@ module workflows './Microsoft.Logic/workflows/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-lga-x-001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/modules/Microsoft.MachineLearningServices/workspaces/readme.md b/modules/Microsoft.MachineLearningServices/workspaces/readme.md index 2de895454c..626597af2e 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/readme.md +++ b/modules/Microsoft.MachineLearningServices/workspaces/readme.md @@ -410,7 +410,9 @@ Below is a collection of examples of how this module can be used. These examples module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-workspaces' params: { + // Required parameters associatedApplicationInsightsResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' + // Non-required parameters associatedKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' associatedStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' name: '<>-az-mls-encr-001' @@ -445,6 +447,7 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "associatedApplicationInsightsResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001" }, @@ -460,6 +463,7 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' "sku": { "value": "Basic" }, + // Non-required parameters "cMKKeyName": { "value": "keyEncryptionKey" }, @@ -505,7 +509,9 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-workspaces' params: { + // Required parameters associatedApplicationInsightsResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' + // Non-required parameters associatedKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' associatedStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' name: '<>-az-mls-min-001' @@ -527,6 +533,7 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "associatedApplicationInsightsResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001" }, @@ -542,6 +549,7 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' "sku": { "value": "Basic" }, + // Non-required parameters "systemAssignedIdentity": { "value": true } @@ -562,7 +570,9 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-workspaces' params: { + // Required parameters associatedApplicationInsightsResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' + // Non-required parameters associatedKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' associatedStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' name: '<>-az-mls-x-001' @@ -640,6 +650,7 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "associatedApplicationInsightsResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001" }, @@ -655,6 +666,7 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' "sku": { "value": "Basic" }, + // Non-required parameters "computes": { "value": [ { diff --git a/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md b/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md index 382d87fdd5..3036a59b6c 100644 --- a/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md +++ b/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md @@ -177,7 +177,9 @@ Below is a collection of examples of how this module can be used. These examples module registrationDefinitions './Microsoft.ManagedServices/registrationDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-registrationDefinitions' params: { + // Required parameters authorizations: [ + // Non-required parameters { principalId: 'e87a249c-b53b-4685-94fe-863af522e4ee' principalIdDisplayName: 'ResourceModules-Reader' @@ -213,6 +215,7 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "authorizations": { "value": [ { @@ -241,6 +244,7 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti "registrationDescription": { "value": "Managed by Lighthouse" } + // Non-required parameters } } ``` @@ -258,7 +262,9 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti module registrationDefinitions './Microsoft.ManagedServices/registrationDefinitions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-registrationDefinitions' params: { + // Required parameters authorizations: [ + // Non-required parameters { principalId: 'e87a249c-b53b-4685-94fe-863af522e4ee' principalIdDisplayName: 'ResourceModules-Reader' @@ -295,6 +301,7 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "authorizations": { "value": [ { @@ -323,6 +330,7 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti "registrationDescription": { "value": "Managed by Lighthouse" }, + // Non-required parameters "resourceGroupName": { "value": "validation-rg" } diff --git a/modules/Microsoft.Management/managementGroups/readme.md b/modules/Microsoft.Management/managementGroups/readme.md index 40a241cb4f..189d96e78b 100644 --- a/modules/Microsoft.Management/managementGroups/readme.md +++ b/modules/Microsoft.Management/managementGroups/readme.md @@ -135,7 +135,9 @@ Below is a collection of examples of how this module can be used. These examples module managementGroups './Microsoft.Management/managementGroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-managementGroups' params: { + // Required parameters name: 'testMG' + // Non-required parameters displayName: 'Test MG' parentId: '<>' } @@ -154,9 +156,11 @@ module managementGroups './Microsoft.Management/managementGroups/deploy.bicep' = "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "testMG" }, + // Non-required parameters "displayName": { "value": "Test MG" }, diff --git a/modules/Microsoft.NetApp/netAppAccounts/readme.md b/modules/Microsoft.NetApp/netAppAccounts/readme.md index 92f4043c57..b2d46894a5 100644 --- a/modules/Microsoft.NetApp/netAppAccounts/readme.md +++ b/modules/Microsoft.NetApp/netAppAccounts/readme.md @@ -203,7 +203,9 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-netAppAccounts' params: { + // Required parameters name: '<>-az-anf-nfs3-001' + // Non-required parameters capacityPools: [ { name: '<>-az-anfcp-x-001' @@ -302,9 +304,11 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-anf-nfs3-001" }, + // Non-required parameters "capacityPools": { "value": [ { @@ -412,7 +416,9 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-netAppAccounts' params: { + // Required parameters name: '<>-az-anf-nfs41-001' + // Non-required parameters capacityPools: [ { name: '<>-az-anfcp-x-001' @@ -520,9 +526,11 @@ module netAppAccounts './Microsoft.NetApp/netAppAccounts/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-anf-nfs41-001" }, + // Non-required parameters "capacityPools": { "value": [ { diff --git a/modules/Microsoft.Network/applicationGateways/readme.md b/modules/Microsoft.Network/applicationGateways/readme.md index 1955644640..4f885c517c 100644 --- a/modules/Microsoft.Network/applicationGateways/readme.md +++ b/modules/Microsoft.Network/applicationGateways/readme.md @@ -234,7 +234,9 @@ Below is a collection of examples of how this module can be used. These examples module applicationGateways './Microsoft.Network/applicationGateways/deploy.bicep' = { name: '${uniqueString(deployment().name)}-applicationGateways' params: { + // Required parameters name: '<>-az-apgw-x-001' + // Non-required parameters backendAddressPools: [ { name: 'appServiceBackendPool' @@ -567,9 +569,11 @@ module applicationGateways './Microsoft.Network/applicationGateways/deploy.bicep "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-apgw-x-001" }, + // Non-required parameters "backendAddressPools": { "value": [ { diff --git a/modules/Microsoft.Network/applicationSecurityGroups/readme.md b/modules/Microsoft.Network/applicationSecurityGroups/readme.md index 96650f98a6..a14cfddc88 100644 --- a/modules/Microsoft.Network/applicationSecurityGroups/readme.md +++ b/modules/Microsoft.Network/applicationSecurityGroups/readme.md @@ -157,7 +157,9 @@ Below is a collection of examples of how this module can be used. These examples module applicationSecurityGroups './Microsoft.Network/applicationSecurityGroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-applicationSecurityGroups' params: { + // Required parameters name: '<>-az-asg-x-001' + // Non-required parameters lock: 'CanNotDelete' roleAssignments: [ { @@ -183,9 +185,11 @@ module applicationSecurityGroups './Microsoft.Network/applicationSecurityGroups/ "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-asg-x-001" }, + // Non-required parameters "lock": { "value": "CanNotDelete" }, diff --git a/modules/Microsoft.Network/azureFirewalls/readme.md b/modules/Microsoft.Network/azureFirewalls/readme.md index c609b86f06..66a275f806 100644 --- a/modules/Microsoft.Network/azureFirewalls/readme.md +++ b/modules/Microsoft.Network/azureFirewalls/readme.md @@ -311,7 +311,9 @@ Below is a collection of examples of how this module can be used. These examples module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { name: '${uniqueString(deployment().name)}-azureFirewalls' params: { + // Required parameters name: '<>-az-fw-add-001' + // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-add-azfw' additionalPublicIpConfigurations: [ { @@ -335,12 +337,14 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-fw-add-001" }, "vNetId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-add-azfw" }, + // Non-required parameters "additionalPublicIpConfigurations": { "value": [ { @@ -366,7 +370,9 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { name: '${uniqueString(deployment().name)}-azureFirewalls' params: { + // Required parameters name: '<>-az-fw-custompip-001' + // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-azfw' publicIPAddressObject: { diagnosticLogCategoriesToEnable: [ @@ -407,12 +413,14 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-fw-custompip-001" }, "vNetId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-azfw" }, + // Non-required parameters "publicIPAddressObject": { "value": { "diagnosticLogCategoriesToEnable": [ @@ -455,7 +463,9 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { name: '${uniqueString(deployment().name)}-azureFirewalls' params: { + // Required parameters name: '<>-az-fw-min-001' + // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-min-azfw' } } @@ -473,12 +483,14 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-fw-min-001" }, "vNetId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-min-azfw" } + // Non-required parameters } } ``` @@ -496,7 +508,9 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { name: '${uniqueString(deployment().name)}-azureFirewalls' params: { + // Required parameters name: '<>-az-fw-x-001' + // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-azfw' applicationRuleCollections: [ { @@ -615,12 +629,14 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-fw-x-001" }, "vNetId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-azfw" }, + // Non-required parameters "applicationRuleCollections": { "value": [ { diff --git a/modules/Microsoft.Network/bastionHosts/readme.md b/modules/Microsoft.Network/bastionHosts/readme.md index 2f29c0a932..c78163f459 100644 --- a/modules/Microsoft.Network/bastionHosts/readme.md +++ b/modules/Microsoft.Network/bastionHosts/readme.md @@ -295,7 +295,9 @@ Below is a collection of examples of how this module can be used. These examples module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-bastionHosts' params: { + // Required parameters name: '<>-az-bas-add-001' + // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-add-bas' additionalPublicIpConfigurations: [ { @@ -319,9 +321,11 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-bas-add-001" }, + // Non-required parameters "vNetId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-add-bas" }, @@ -350,7 +354,9 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-bastionHosts' params: { + // Required parameters name: '<>-az-bas-custompip-001' + // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-bas' publicIPAddressObject: { diagnosticLogCategoriesToEnable: [ @@ -391,9 +397,11 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-bas-custompip-001" }, + // Non-required parameters "vNetId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-bas" }, @@ -439,7 +447,9 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-bastionHosts' params: { + // Required parameters name: '<>-az-bas-min-001' + // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-002' } } @@ -457,9 +467,11 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-bas-min-001" }, + // Non-required parameters "vNetId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-002" } @@ -480,7 +492,9 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-bastionHosts' params: { + // Required parameters name: '<>-az-bas-x-001' + // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' azureBastionSubnetPublicIpId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-bas' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' @@ -515,9 +529,11 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-bas-x-001" }, + // Non-required parameters "vNetId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001" }, diff --git a/modules/Microsoft.Network/connections/readme.md b/modules/Microsoft.Network/connections/readme.md index 55552b0e02..f008d22f00 100644 --- a/modules/Microsoft.Network/connections/readme.md +++ b/modules/Microsoft.Network/connections/readme.md @@ -321,7 +321,9 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module connections './Microsoft.Network/connections/deploy.bicep' = { name: '${uniqueString(deployment().name)}-connections' params: { + // Required parameters name: '<>-az-vnetgwc-x-001' + // Non-required parameters virtualNetworkGateway1: { id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworkGateways/<>-az-vnet-vpn-gw-p-001' } @@ -349,6 +351,7 @@ module connections './Microsoft.Network/connections/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-vnetgwc-x-001" }, @@ -357,6 +360,7 @@ module connections './Microsoft.Network/connections/deploy.bicep' = { "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworkGateways/<>-az-vnet-vpn-gw-p-001" } }, + // Non-required parameters "enableBgp": { "value": false }, diff --git a/modules/Microsoft.Network/expressRouteCircuits/readme.md b/modules/Microsoft.Network/expressRouteCircuits/readme.md index 115a12a94b..d959a93fc7 100644 --- a/modules/Microsoft.Network/expressRouteCircuits/readme.md +++ b/modules/Microsoft.Network/expressRouteCircuits/readme.md @@ -179,7 +179,9 @@ Below is a collection of examples of how this module can be used. These examples module expressRouteCircuits './Microsoft.Network/expressRouteCircuits/deploy.bicep' = { name: '${uniqueString(deployment().name)}-expressRouteCircuits' params: { + // Required parameters bandwidthInMbps: 50 + // Non-required parameters name: '<>-az-erc-x-001' peeringLocation: 'Amsterdam' serviceProviderName: 'Equinix' @@ -215,6 +217,7 @@ module expressRouteCircuits './Microsoft.Network/expressRouteCircuits/deploy.bic "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "bandwidthInMbps": { "value": 50 }, @@ -227,6 +230,7 @@ module expressRouteCircuits './Microsoft.Network/expressRouteCircuits/deploy.bic "serviceProviderName": { "value": "Equinix" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/modules/Microsoft.Network/firewallPolicies/readme.md b/modules/Microsoft.Network/firewallPolicies/readme.md index dce25299eb..c864e490e1 100644 --- a/modules/Microsoft.Network/firewallPolicies/readme.md +++ b/modules/Microsoft.Network/firewallPolicies/readme.md @@ -185,7 +185,9 @@ module firewallPolicies './Microsoft.Network/firewallPolicies/deploy.bicep' = { module firewallPolicies './Microsoft.Network/firewallPolicies/deploy.bicep' = { name: '${uniqueString(deployment().name)}-firewallPolicies' params: { + // Required parameters name: '<>-az-fwpol-x-002' + // Non-required parameters ruleCollectionGroups: [ { name: '<>-rule-001' @@ -240,9 +242,11 @@ module firewallPolicies './Microsoft.Network/firewallPolicies/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-fwpol-x-002" }, + // Non-required parameters "ruleCollectionGroups": { "value": [ { diff --git a/modules/Microsoft.Network/frontDoors/readme.md b/modules/Microsoft.Network/frontDoors/readme.md index 27dd80e58e..775de25999 100644 --- a/modules/Microsoft.Network/frontDoors/readme.md +++ b/modules/Microsoft.Network/frontDoors/readme.md @@ -174,7 +174,9 @@ Below is a collection of examples of how this module can be used. These examples module frontDoors './Microsoft.Network/frontDoors/deploy.bicep' = { name: '${uniqueString(deployment().name)}-frontDoors' params: { + // Required parameters name: '<>-az-fd-x-001' + // Non-required parameters backendPools: [ { name: 'backendPool' @@ -281,9 +283,11 @@ module frontDoors './Microsoft.Network/frontDoors/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-fd-x-001" }, + // Non-required parameters "backendPools": { "value": [ { diff --git a/modules/Microsoft.Network/ipGroups/readme.md b/modules/Microsoft.Network/ipGroups/readme.md index 21f43b9ccd..75d1fe9916 100644 --- a/modules/Microsoft.Network/ipGroups/readme.md +++ b/modules/Microsoft.Network/ipGroups/readme.md @@ -158,7 +158,9 @@ Below is a collection of examples of how this module can be used. These examples module ipGroups './Microsoft.Network/ipGroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-ipGroups' params: { + // Required parameters name: 'iacsGroup-servers' + // Non-required parameters ipAddresses: [ '10.0.0.1' '10.0.0.2' @@ -188,9 +190,11 @@ module ipGroups './Microsoft.Network/ipGroups/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "iacsGroup-servers" }, + // Non-required parameters "ipAddresses": { "value": [ "10.0.0.1", diff --git a/modules/Microsoft.Network/loadBalancers/readme.md b/modules/Microsoft.Network/loadBalancers/readme.md index 2263f86e40..e3ebaf1105 100644 --- a/modules/Microsoft.Network/loadBalancers/readme.md +++ b/modules/Microsoft.Network/loadBalancers/readme.md @@ -14,7 +14,7 @@ This module deploys a load balancer. | Resource Type | API Version | | :-- | :-- | | `Microsoft.Authorization/locks` | [2017-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) | -| `Microsoft.Authorization/roleAssignments` | [2020-10-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2020-10-01-preview/roleAssignments) | +| `Microsoft.Authorization/roleAssignments` | [2020-10-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/roleAssignments) | | `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) | | `Microsoft.Network/loadBalancers` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/loadBalancers) | | `Microsoft.Network/loadBalancers/backendAddressPools` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/loadBalancers/backendAddressPools) | @@ -471,7 +471,9 @@ Below is a collection of examples of how this module can be used. These examples module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-loadBalancers' params: { + // Required parameters frontendIPConfigurations: [ + // Non-required parameters { name: 'privateIPConfig1' subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' @@ -556,6 +558,7 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "frontendIPConfigurations": { "value": [ { @@ -567,6 +570,7 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { "name": { "value": "<>-az-lb-internal-001" }, + // Non-required parameters "backendAddressPools": { "value": [ { @@ -668,7 +672,9 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-loadBalancers' params: { + // Required parameters frontendIPConfigurations: [ + // Non-required parameters { name: 'publicIPConfig1' publicIPAddressId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-min-lb' @@ -691,6 +697,7 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "frontendIPConfigurations": { "value": [ { @@ -702,6 +709,7 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { "name": { "value": "<>-az-lb-min-001" } + // Non-required parameters } } ``` @@ -719,7 +727,9 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-loadBalancers' params: { + // Required parameters frontendIPConfigurations: [ + // Non-required parameters { name: 'publicIPConfig1' publicIPAddressId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-lb' @@ -830,6 +840,7 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "frontendIPConfigurations": { "value": [ { @@ -841,6 +852,7 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { "name": { "value": "<>-az-lb-x-001" }, + // Non-required parameters "backendAddressPools": { "value": [ { diff --git a/modules/Microsoft.Network/localNetworkGateways/readme.md b/modules/Microsoft.Network/localNetworkGateways/readme.md index 18c668de3f..7ee02e5527 100644 --- a/modules/Microsoft.Network/localNetworkGateways/readme.md +++ b/modules/Microsoft.Network/localNetworkGateways/readme.md @@ -163,7 +163,9 @@ Below is a collection of examples of how this module can be used. These examples module localNetworkGateways './Microsoft.Network/localNetworkGateways/deploy.bicep' = { name: '${uniqueString(deployment().name)}-localNetworkGateways' params: { + // Required parameters localAddressPrefixes: [ + // Non-required parameters '192.168.1.0/24' ] localGatewayPublicIpAddress: '8.8.8.8' @@ -195,6 +197,7 @@ module localNetworkGateways './Microsoft.Network/localNetworkGateways/deploy.bic "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "localAddressPrefixes": { "value": [ "192.168.1.0/24" @@ -206,6 +209,7 @@ module localNetworkGateways './Microsoft.Network/localNetworkGateways/deploy.bic "name": { "value": "<>-az-lng-x-001" }, + // Non-required parameters "localAsn": { "value": "65123" }, diff --git a/modules/Microsoft.Network/natGateways/readme.md b/modules/Microsoft.Network/natGateways/readme.md index 6e286c93e0..8980c0e1e3 100644 --- a/modules/Microsoft.Network/natGateways/readme.md +++ b/modules/Microsoft.Network/natGateways/readme.md @@ -175,7 +175,9 @@ Below is a collection of examples of how this module can be used. These examples module natGateways './Microsoft.Network/natGateways/deploy.bicep' = { name: '${uniqueString(deployment().name)}-natGateways' params: { + // Required parameters name: '<>-az-ngw-x-001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -207,9 +209,11 @@ module natGateways './Microsoft.Network/natGateways/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-ngw-x-001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/modules/Microsoft.Network/networkInterfaces/readme.md b/modules/Microsoft.Network/networkInterfaces/readme.md index 32cc055c67..626f9bebc5 100644 --- a/modules/Microsoft.Network/networkInterfaces/readme.md +++ b/modules/Microsoft.Network/networkInterfaces/readme.md @@ -191,7 +191,9 @@ Below is a collection of examples of how this module can be used. These examples module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-networkInterfaces' params: { + // Required parameters ipConfigurations: [ + // Non-required parameters { name: 'ipconfig01' subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' @@ -214,6 +216,7 @@ module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "ipConfigurations": { "value": [ { @@ -225,6 +228,7 @@ module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = "name": { "value": "<>-az-nic-min-001" } + // Non-required parameters } } ``` @@ -242,7 +246,9 @@ module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-networkInterfaces' params: { + // Required parameters ipConfigurations: [ + // Non-required parameters { applicationSecurityGroups: [ { @@ -289,6 +295,7 @@ module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "ipConfigurations": { "value": [ { @@ -310,6 +317,7 @@ module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = "name": { "value": "<>-az-nic-x-001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/modules/Microsoft.Network/networkSecurityGroups/readme.md b/modules/Microsoft.Network/networkSecurityGroups/readme.md index 1ae1d22898..aa12797a7c 100644 --- a/modules/Microsoft.Network/networkSecurityGroups/readme.md +++ b/modules/Microsoft.Network/networkSecurityGroups/readme.md @@ -204,7 +204,9 @@ module networkSecurityGroups './Microsoft.Network/networkSecurityGroups/deploy.b module networkSecurityGroups './Microsoft.Network/networkSecurityGroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-networkSecurityGroups' params: { + // Required parameters name: '<>-az-nsg-x-001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -299,9 +301,11 @@ module networkSecurityGroups './Microsoft.Network/networkSecurityGroups/deploy.b "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-nsg-x-001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/modules/Microsoft.Network/privateDnsZones/readme.md b/modules/Microsoft.Network/privateDnsZones/readme.md index d8ad43ed68..6cda79bf6e 100644 --- a/modules/Microsoft.Network/privateDnsZones/readme.md +++ b/modules/Microsoft.Network/privateDnsZones/readme.md @@ -212,7 +212,9 @@ module privateDnsZones './Microsoft.Network/privateDnsZones/deploy.bicep' = { module privateDnsZones './Microsoft.Network/privateDnsZones/deploy.bicep' = { name: '${uniqueString(deployment().name)}-privateDnsZones' params: { + // Required parameters name: '<>-az-privdns-x-002.com' + // Non-required parameters A: [ { aRecords: [ @@ -396,9 +398,11 @@ module privateDnsZones './Microsoft.Network/privateDnsZones/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-privdns-x-002.com" }, + // Non-required parameters "A": { "value": [ { diff --git a/modules/Microsoft.Network/privateEndpoints/readme.md b/modules/Microsoft.Network/privateEndpoints/readme.md index 52bcb05816..f2e31d5a17 100644 --- a/modules/Microsoft.Network/privateEndpoints/readme.md +++ b/modules/Microsoft.Network/privateEndpoints/readme.md @@ -174,7 +174,9 @@ Below is a collection of examples of how this module can be used. These examples module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { name: '${uniqueString(deployment().name)}-privateEndpoints' params: { + // Required parameters groupIds: [ + // Non-required parameters 'vault' ] name: '<>-az-pe-kvlt-min-001' @@ -196,6 +198,7 @@ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "groupIds": { "value": [ "vault" @@ -210,6 +213,7 @@ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { "subnetResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" } + // Non-required parameters } } ``` @@ -227,7 +231,9 @@ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { name: '${uniqueString(deployment().name)}-privateEndpoints' params: { + // Required parameters groupIds: [ + // Non-required parameters 'vault' ] name: '<>-az-pe-kvlt-001' @@ -265,6 +271,7 @@ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "groupIds": { "value": [ "vault" @@ -279,6 +286,7 @@ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { "subnetResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" }, + // Non-required parameters "lock": { "value": "CanNotDelete" }, diff --git a/modules/Microsoft.Network/publicIPAddresses/readme.md b/modules/Microsoft.Network/publicIPAddresses/readme.md index 916b7e478d..2cf7f754ef 100644 --- a/modules/Microsoft.Network/publicIPAddresses/readme.md +++ b/modules/Microsoft.Network/publicIPAddresses/readme.md @@ -171,7 +171,9 @@ Below is a collection of examples of how this module can be used. These examples module publicIPAddresses './Microsoft.Network/publicIPAddresses/deploy.bicep' = { name: '${uniqueString(deployment().name)}-publicIPAddresses' params: { + // Required parameters name: '<>-az-pip-x-001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -209,9 +211,11 @@ module publicIPAddresses './Microsoft.Network/publicIPAddresses/deploy.bicep' = "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-pip-x-001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/modules/Microsoft.Network/publicIPPrefixes/readme.md b/modules/Microsoft.Network/publicIPPrefixes/readme.md index 71faed1998..7856a770e2 100644 --- a/modules/Microsoft.Network/publicIPPrefixes/readme.md +++ b/modules/Microsoft.Network/publicIPPrefixes/readme.md @@ -158,7 +158,9 @@ Below is a collection of examples of how this module can be used. These examples module publicIPPrefixes './Microsoft.Network/publicIPPrefixes/deploy.bicep' = { name: '${uniqueString(deployment().name)}-publicIPPrefixes' params: { + // Required parameters name: '<>-az-pippfx-x-001' + // Non-required parameters prefixLength: 28 lock: 'CanNotDelete' roleAssignments: [ @@ -185,12 +187,14 @@ module publicIPPrefixes './Microsoft.Network/publicIPPrefixes/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-pippfx-x-001" }, "prefixLength": { "value": 28 }, + // Non-required parameters "lock": { "value": "CanNotDelete" }, diff --git a/modules/Microsoft.Network/routeTables/readme.md b/modules/Microsoft.Network/routeTables/readme.md index a120ed4a4d..511ae4b607 100644 --- a/modules/Microsoft.Network/routeTables/readme.md +++ b/modules/Microsoft.Network/routeTables/readme.md @@ -248,7 +248,9 @@ Below is a collection of examples of how this module can be used. These examples module routeTables './Microsoft.Network/routeTables/deploy.bicep' = { name: '${uniqueString(deployment().name)}-routeTables' params: { + // Required parameters name: '<>-az-udr-x-001' + // Non-required parameters lock: 'CanNotDelete' roleAssignments: [ { @@ -284,9 +286,11 @@ module routeTables './Microsoft.Network/routeTables/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-udr-x-001" }, + // Non-required parameters "lock": { "value": "CanNotDelete" }, diff --git a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md index 7df100d085..ee48ced853 100644 --- a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md +++ b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md @@ -262,7 +262,9 @@ Below is a collection of examples of how this module can be used. These examples module trafficmanagerprofiles './Microsoft.Network/trafficmanagerprofiles/deploy.bicep' = { name: '${uniqueString(deployment().name)}-trafficmanagerprofiles' params: { + // Required parameters name: 'tm-000001' + // Non-required parameters relativeName: 'tm-000001' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' @@ -294,12 +296,14 @@ module trafficmanagerprofiles './Microsoft.Network/trafficmanagerprofiles/deploy "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "tm-000001" }, "relativeName": { "value": "tm-000001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/modules/Microsoft.Network/virtualHubs/readme.md b/modules/Microsoft.Network/virtualHubs/readme.md index 00f5a11405..2171a6499e 100644 --- a/modules/Microsoft.Network/virtualHubs/readme.md +++ b/modules/Microsoft.Network/virtualHubs/readme.md @@ -115,7 +115,9 @@ Below is a collection of examples of how this module can be used. These examples module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualHubs' params: { + // Required parameters addressPrefix: '10.0.0.0/16' + // Non-required parameters name: '<>-az-vhub-min-001' virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001' } @@ -134,6 +136,7 @@ module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "addressPrefix": { "value": "10.0.0.0/16" }, @@ -143,6 +146,7 @@ module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { "virtualWanId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001" } + // Non-required parameters } } ``` @@ -160,7 +164,9 @@ module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualHubs' params: { + // Required parameters addressPrefix: '10.1.0.0/16' + // Non-required parameters name: '<>-az-vhub-x-001' virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001' hubRouteTables: [ @@ -206,6 +212,7 @@ module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "addressPrefix": { "value": "10.1.0.0/16" }, @@ -215,6 +222,7 @@ module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { "virtualWanId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001" }, + // Non-required parameters "hubRouteTables": { "value": [ { diff --git a/modules/Microsoft.Network/virtualNetworkGateways/readme.md b/modules/Microsoft.Network/virtualNetworkGateways/readme.md index c4a5087ace..52c92860fa 100644 --- a/modules/Microsoft.Network/virtualNetworkGateways/readme.md +++ b/modules/Microsoft.Network/virtualNetworkGateways/readme.md @@ -252,7 +252,9 @@ Below is a collection of examples of how this module can be used. These examples module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualNetworkGateways' params: { + // Required parameters name: '<>-az-gw-er-001' + // Non-required parameters virtualNetworkGatewaySku: 'ErGw1AZ' virtualNetworkGatewayType: 'ExpressRoute' vNetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' @@ -297,6 +299,7 @@ module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-gw-er-001" }, @@ -309,6 +312,7 @@ module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy "vNetResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, @@ -369,7 +373,9 @@ module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualNetworkGateways' params: { + // Required parameters name: '<>-az-gw-vpn-001' + // Non-required parameters virtualNetworkGatewaySku: 'VpnGw1AZ' virtualNetworkGatewayType: 'Vpn' vNetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' @@ -411,6 +417,7 @@ module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-gw-vpn-001" }, @@ -423,6 +430,7 @@ module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy "vNetResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001" }, + // Non-required parameters "activeActive": { "value": true }, diff --git a/modules/Microsoft.Network/virtualNetworks/readme.md b/modules/Microsoft.Network/virtualNetworks/readme.md index 88c3dff5f9..592046c66c 100644 --- a/modules/Microsoft.Network/virtualNetworks/readme.md +++ b/modules/Microsoft.Network/virtualNetworks/readme.md @@ -360,7 +360,9 @@ Below is a collection of examples of how this module can be used. These examples module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualNetworks' params: { + // Required parameters addressPrefixes: [ + // Non-required parameters '10.0.0.0/16' ] name: '<>-az-vnet-min-001' @@ -380,6 +382,7 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "addressPrefixes": { "value": [ "10.0.0.0/16" @@ -388,6 +391,7 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { "name": { "value": "<>-az-vnet-min-001" } + // Non-required parameters } } ``` @@ -405,7 +409,9 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualNetworks' params: { + // Required parameters addressPrefixes: [ + // Non-required parameters '10.0.0.0/16' ] name: '<>-az-vnet-x-001' @@ -489,6 +495,7 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "addressPrefixes": { "value": [ "10.0.0.0/16" @@ -497,6 +504,7 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { "name": { "value": "<>-az-vnet-x-001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, @@ -596,7 +604,9 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualNetworks' params: { + // Required parameters addressPrefixes: [ + // Non-required parameters '10.0.0.0/24' ] name: '<>-az-vnet-peer-001' @@ -640,6 +650,7 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "addressPrefixes": { "value": [ "10.0.0.0/24" @@ -648,6 +659,7 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { "name": { "value": "<>-az-vnet-peer-001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/modules/Microsoft.Network/virtualWans/readme.md b/modules/Microsoft.Network/virtualWans/readme.md index 9ecacf8607..3371035601 100644 --- a/modules/Microsoft.Network/virtualWans/readme.md +++ b/modules/Microsoft.Network/virtualWans/readme.md @@ -198,7 +198,9 @@ module virtualWans './Microsoft.Network/virtualWans/deploy.bicep' = { module virtualWans './Microsoft.Network/virtualWans/deploy.bicep' = { name: '${uniqueString(deployment().name)}-virtualWans' params: { + // Required parameters name: '<>-az-vw-x-001' + // Non-required parameters allowBranchToBranchTraffic: true allowVnetToVnetTraffic: true disableVpnEncryption: true @@ -228,9 +230,11 @@ module virtualWans './Microsoft.Network/virtualWans/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-vw-x-001" }, + // Non-required parameters "allowBranchToBranchTraffic": { "value": true }, diff --git a/modules/Microsoft.Network/vpnGateways/readme.md b/modules/Microsoft.Network/vpnGateways/readme.md index fc97b3743c..0a9fcec80b 100644 --- a/modules/Microsoft.Network/vpnGateways/readme.md +++ b/modules/Microsoft.Network/vpnGateways/readme.md @@ -182,7 +182,9 @@ Below is a collection of examples of how this module can be used. These examples module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { name: '${uniqueString(deployment().name)}-vpnGateways' params: { + // Required parameters name: '<>-az-vpngw-min-001' + // Non-required parameters virtualHubResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-min-001' } } @@ -200,12 +202,14 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-vpngw-min-001" }, "virtualHubResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-min-001" } + // Non-required parameters } } ``` @@ -223,7 +227,9 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { name: '${uniqueString(deployment().name)}-vpnGateways' params: { + // Required parameters name: '<>-az-vpngw-x-001' + // Non-required parameters virtualHubResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001' bgpSettings: { asn: 65515 @@ -289,12 +295,14 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-vpngw-x-001" }, "virtualHubResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001" }, + // Non-required parameters "bgpSettings": { "value": { "asn": 65515, diff --git a/modules/Microsoft.Network/vpnSites/readme.md b/modules/Microsoft.Network/vpnSites/readme.md index 8fdd29fca5..b377780de3 100644 --- a/modules/Microsoft.Network/vpnSites/readme.md +++ b/modules/Microsoft.Network/vpnSites/readme.md @@ -15,7 +15,7 @@ This module deploys a VPN Site. | :-- | :-- | | `Microsoft.Authorization/locks` | [2017-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) | | `Microsoft.Authorization/roleAssignments` | [2020-10-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2020-10-01-preview/roleAssignments) | -| `Microsoft.Network/vpnSites` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/vpnSites) | +| `Microsoft.Network/vpnSites` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/vpnSites) | ## Parameters @@ -330,7 +330,9 @@ Below is a collection of examples of how this module can be used. These examples module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-vpnSites' params: { + // Required parameters name: '<>-az-vSite-min-001' + // Non-required parameters virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001' addressPrefixes: [ '10.0.0.0/16' @@ -352,9 +354,11 @@ module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-vSite-min-001" }, + // Non-required parameters "virtualWanId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001" }, @@ -383,7 +387,9 @@ module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-vpnSites' params: { + // Required parameters name: '<>-az-vSite-x-001' + // Non-required parameters virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001' deviceProperties: { linkSpeedInMbps: 0 @@ -454,9 +460,11 @@ module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-vSite-x-001" }, + // Non-required parameters "virtualWanId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001" }, diff --git a/modules/Microsoft.OperationalInsights/workspaces/readme.md b/modules/Microsoft.OperationalInsights/workspaces/readme.md index ae5f21bb9f..4f921f4c5a 100644 --- a/modules/Microsoft.OperationalInsights/workspaces/readme.md +++ b/modules/Microsoft.OperationalInsights/workspaces/readme.md @@ -489,7 +489,9 @@ module workspaces './Microsoft.OperationalInsights/workspaces/deploy.bicep' = { module workspaces './Microsoft.OperationalInsights/workspaces/deploy.bicep' = { name: '${uniqueString(deployment().name)}-workspaces' params: { + // Required parameters name: '<>-az-law-x-001' + // Non-required parameters dailyQuotaGb: 10 dataSources: [ { @@ -638,9 +640,11 @@ module workspaces './Microsoft.OperationalInsights/workspaces/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-law-x-001" }, + // Non-required parameters "dailyQuotaGb": { "value": 10 }, diff --git a/modules/Microsoft.OperationsManagement/solutions/readme.md b/modules/Microsoft.OperationsManagement/solutions/readme.md index 26ff3eac4d..b55b98eb5e 100644 --- a/modules/Microsoft.OperationsManagement/solutions/readme.md +++ b/modules/Microsoft.OperationsManagement/solutions/readme.md @@ -55,7 +55,9 @@ Below is a collection of examples of how this module can be used. These examples module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-solutions' params: { + // Required parameters logAnalyticsWorkspaceName: 'adp-<>-az-law-sol-001' + // Non-required parameters name: 'Updates' } } @@ -73,12 +75,14 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "logAnalyticsWorkspaceName": { "value": "adp-<>-az-law-sol-001" }, "name": { "value": "Updates" } + // Non-required parameters } } ``` @@ -96,7 +100,9 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-solutions' params: { + // Required parameters logAnalyticsWorkspaceName: 'adp-<>-az-law-sol-001' + // Non-required parameters name: 'AzureAutomation' product: 'OMSGallery' publisher: 'Microsoft' @@ -116,12 +122,14 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "logAnalyticsWorkspaceName": { "value": "adp-<>-az-law-sol-001" }, "name": { "value": "AzureAutomation" }, + // Non-required parameters "product": { "value": "OMSGallery" }, @@ -145,7 +153,9 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { name: '${uniqueString(deployment().name)}-solutions' params: { + // Required parameters logAnalyticsWorkspaceName: 'adp-<>-az-law-sol-001' + // Non-required parameters name: 'nonmsTestSolution' product: 'nonmsTestSolutionProduct' publisher: 'nonmsTestSolutionPublisher' @@ -165,12 +175,14 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "logAnalyticsWorkspaceName": { "value": "adp-<>-az-law-sol-001" }, "name": { "value": "nonmsTestSolution" }, + // Non-required parameters "product": { "value": "nonmsTestSolutionProduct" }, diff --git a/modules/Microsoft.RecoveryServices/vaults/readme.md b/modules/Microsoft.RecoveryServices/vaults/readme.md index 84a116c258..9f0274d306 100644 --- a/modules/Microsoft.RecoveryServices/vaults/readme.md +++ b/modules/Microsoft.RecoveryServices/vaults/readme.md @@ -905,7 +905,9 @@ Below is a collection of examples of how this module can be used. These examples module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { name: '${uniqueString(deployment().name)}-vaults' params: { + // Required parameters name: '<>-az-rsv-dr-001' + // Non-required parameters replicationFabrics: [ { location: 'NorthEurope' @@ -977,9 +979,11 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-rsv-dr-001" }, + // Non-required parameters "replicationFabrics": { "value": [ { @@ -1093,7 +1097,9 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { name: '${uniqueString(deployment().name)}-vaults' params: { + // Required parameters name: '<>-az-rsv-x-001' + // Non-required parameters backupConfig: { enhancedSecurityState: 'Disabled' softDeleteFeatureState: 'Disabled' @@ -1372,9 +1378,11 @@ module vaults './Microsoft.RecoveryServices/vaults/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-rsv-x-001" }, + // Non-required parameters "backupConfig": { "value": { "enhancedSecurityState": "Disabled", diff --git a/modules/Microsoft.Resources/deploymentScripts/readme.md b/modules/Microsoft.Resources/deploymentScripts/readme.md index 73d18ab848..1a5b4f295f 100644 --- a/modules/Microsoft.Resources/deploymentScripts/readme.md +++ b/modules/Microsoft.Resources/deploymentScripts/readme.md @@ -153,7 +153,9 @@ Below is a collection of examples of how this module can be used. These examples module deploymentScripts './Microsoft.Resources/deploymentScripts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-deploymentScripts' params: { + // Required parameters name: '<>-az-ds-cli-001' + // Non-required parameters azCliVersion: '2.15.0' cleanupPreference: 'Always' kind: 'AzureCLI' @@ -180,9 +182,11 @@ module deploymentScripts './Microsoft.Resources/deploymentScripts/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-ds-cli-001" }, + // Non-required parameters "azCliVersion": { "value": "2.15.0" }, @@ -226,7 +230,9 @@ module deploymentScripts './Microsoft.Resources/deploymentScripts/deploy.bicep' module deploymentScripts './Microsoft.Resources/deploymentScripts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-deploymentScripts' params: { + // Required parameters name: '<>-az-ds-ps-001' + // Non-required parameters azPowerShellVersion: '3.0' cleanupPreference: 'Always' kind: 'AzurePowerShell' @@ -254,9 +260,11 @@ module deploymentScripts './Microsoft.Resources/deploymentScripts/deploy.bicep' "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-ds-ps-001" }, + // Non-required parameters "azPowerShellVersion": { "value": "3.0" }, diff --git a/modules/Microsoft.Resources/resourceGroups/readme.md b/modules/Microsoft.Resources/resourceGroups/readme.md index 98f3c8fe8f..73e9993806 100644 --- a/modules/Microsoft.Resources/resourceGroups/readme.md +++ b/modules/Microsoft.Resources/resourceGroups/readme.md @@ -161,7 +161,9 @@ Below is a collection of examples of how this module can be used. These examples module resourceGroups './Microsoft.Resources/resourceGroups/deploy.bicep' = { name: '${uniqueString(deployment().name)}-resourceGroups' params: { + // Required parameters name: '<>-az-rg-x-001' + // Non-required parameters lock: 'CanNotDelete' roleAssignments: [ { @@ -190,9 +192,11 @@ module resourceGroups './Microsoft.Resources/resourceGroups/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-rg-x-001" }, + // Non-required parameters "lock": { "value": "CanNotDelete" }, diff --git a/modules/Microsoft.Security/azureSecurityCenter/readme.md b/modules/Microsoft.Security/azureSecurityCenter/readme.md index 9d362b5f17..a532ca0e86 100644 --- a/modules/Microsoft.Security/azureSecurityCenter/readme.md +++ b/modules/Microsoft.Security/azureSecurityCenter/readme.md @@ -108,7 +108,9 @@ Below is a collection of examples of how this module can be used. These examples module azureSecurityCenter './Microsoft.Security/azureSecurityCenter/deploy.bicep' = { name: '${uniqueString(deployment().name)}-azureSecurityCenter' params: { + // Required parameters scope: '/subscriptions/<>' + // Non-required parameters workspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' securityContactProperties: { alertNotifications: 'Off' @@ -132,9 +134,11 @@ module azureSecurityCenter './Microsoft.Security/azureSecurityCenter/deploy.bice "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "scope": { "value": "/subscriptions/<>" }, + // Non-required parameters "workspaceId": { "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" }, diff --git a/modules/Microsoft.ServiceFabric/clusters/readme.md b/modules/Microsoft.ServiceFabric/clusters/readme.md index 92fb23e1c2..6ba637900e 100644 --- a/modules/Microsoft.ServiceFabric/clusters/readme.md +++ b/modules/Microsoft.ServiceFabric/clusters/readme.md @@ -240,7 +240,9 @@ Below is a collection of examples of how this module can be used. These examples module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { name: '${uniqueString(deployment().name)}-clusters' params: { + // Required parameters managementEndpoint: 'https://<>-az-sfc-cert-001.westeurope.cloudapp.azure.com:19080' + // Non-required parameters reliabilityLevel: 'None' certificate: { thumbprint: '0AC113D5E1D94C401DDEB0EE2B1B96CC130' @@ -280,12 +282,14 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "managementEndpoint": { "value": "https://<>-az-sfc-cert-001.westeurope.cloudapp.azure.com:19080" }, "reliabilityLevel": { "value": "None" }, + // Non-required parameters "certificate": { "value": { "thumbprint": "0AC113D5E1D94C401DDEB0EE2B1B96CC130", @@ -331,7 +335,9 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { name: '${uniqueString(deployment().name)}-clusters' params: { + // Required parameters managementEndpoint: 'https://<>-az-sfc-full-001.westeurope.cloudapp.azure.com:19080' + // Non-required parameters reliabilityLevel: 'Silver' addOnFeatures: [ 'BackupRestoreService' @@ -511,12 +517,14 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "managementEndpoint": { "value": "https://<>-az-sfc-full-001.westeurope.cloudapp.azure.com:19080" }, "reliabilityLevel": { "value": "Silver" }, + // Non-required parameters "addOnFeatures": { "value": [ "BackupRestoreService", @@ -730,7 +738,9 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { name: '${uniqueString(deployment().name)}-clusters' params: { + // Required parameters managementEndpoint: 'https://<>-az-sfc-min-001.westeurope.cloudapp.azure.com:19080' + // Non-required parameters reliabilityLevel: 'None' name: '<>-az-sfc-min-001' nodeTypes: [ @@ -766,12 +776,14 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "managementEndpoint": { "value": "https://<>-az-sfc-min-001.westeurope.cloudapp.azure.com:19080" }, "reliabilityLevel": { "value": "None" }, + // Non-required parameters "name": { "value": "<>-az-sfc-min-001" }, diff --git a/modules/Microsoft.Sql/servers/readme.md b/modules/Microsoft.Sql/servers/readme.md index 5470c78e16..afc620b190 100644 --- a/modules/Microsoft.Sql/servers/readme.md +++ b/modules/Microsoft.Sql/servers/readme.md @@ -330,7 +330,9 @@ Below is a collection of examples of how this module can be used. These examples module servers './Microsoft.Sql/servers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-servers' params: { + // Required parameters name: '<>-az-sqlsrv-admin-001' + // Non-required parameters administrators: { azureADOnlyAuthentication: true login: 'myspn' @@ -354,9 +356,11 @@ module servers './Microsoft.Sql/servers/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-sqlsrv-admin-001" }, + // Non-required parameters "administrators": { "value": { "azureADOnlyAuthentication": true, @@ -388,7 +392,9 @@ resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { module servers './Microsoft.Sql/servers/deploy.bicep' = { name: '${uniqueString(deployment().name)}-servers' params: { + // Required parameters name: '<>-az-sqlsrv-x-001' + // Non-required parameters administratorLogin: kv1.getSecret('administratorLogin') administratorLoginPassword: kv1.getSecret('administratorLoginPassword') databases: [ @@ -469,9 +475,11 @@ module servers './Microsoft.Sql/servers/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-sqlsrv-x-001" }, + // Non-required parameters "administratorLogin": { "reference": { "keyVault": { diff --git a/modules/Microsoft.Synapse/privateLinkHubs/readme.md b/modules/Microsoft.Synapse/privateLinkHubs/readme.md index f98c3fcd85..3aca50136d 100644 --- a/modules/Microsoft.Synapse/privateLinkHubs/readme.md +++ b/modules/Microsoft.Synapse/privateLinkHubs/readme.md @@ -274,7 +274,9 @@ module privateLinkHubs './Microsoft.Synapse/privateLinkHubs/deploy.bicep' = { module privateLinkHubs './Microsoft.Synapse/privateLinkHubs/deploy.bicep' = { name: '${uniqueString(deployment().name)}-privateLinkHubs' params: { + // Required parameters name: 'synplhstandard001' + // Non-required parameters lock: 'CanNotDelete' privateEndpoints: [ { @@ -312,9 +314,11 @@ module privateLinkHubs './Microsoft.Synapse/privateLinkHubs/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "synplhstandard001" }, + // Non-required parameters "lock": { "value": "CanNotDelete" }, diff --git a/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md b/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md index 28a9976286..8f61aa16bc 100644 --- a/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md +++ b/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md @@ -272,7 +272,9 @@ Below is a collection of examples of how this module can be used. These examples module imageTemplates './Microsoft.VirtualMachineImages/imageTemplates/deploy.bicep' = { name: '${uniqueString(deployment().name)}-imageTemplates' params: { + // Required parameters customizationSteps: [ + // Non-required parameters { restartTimeout: '30m' type: 'WindowsRestart' @@ -321,6 +323,7 @@ module imageTemplates './Microsoft.VirtualMachineImages/imageTemplates/deploy.bi "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "customizationSteps": { "value": [ { @@ -341,6 +344,7 @@ module imageTemplates './Microsoft.VirtualMachineImages/imageTemplates/deploy.bi "name": { "value": "<>-az-imgt-x-001" }, + // Non-required parameters "userMsiName": { "value": "adp-<>-az-msi-x-001" }, diff --git a/modules/Microsoft.Web/connections/readme.md b/modules/Microsoft.Web/connections/readme.md index 207f3e213c..e5ef33d61a 100644 --- a/modules/Microsoft.Web/connections/readme.md +++ b/modules/Microsoft.Web/connections/readme.md @@ -165,7 +165,9 @@ Below is a collection of examples of how this module can be used. These examples module connections './Microsoft.Web/connections/deploy.bicep' = { name: '${uniqueString(deployment().name)}-connections' params: { + // Required parameters displayName: 'azuremonitorlogs' + // Non-required parameters name: 'azuremonitor' connectionApi: { id: '/subscriptions/<>/providers/Microsoft.Web/locations/westeurope/managedApis/azuremonitorlogs' @@ -195,12 +197,14 @@ module connections './Microsoft.Web/connections/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "displayName": { "value": "azuremonitorlogs" }, "name": { "value": "azuremonitor" }, + // Non-required parameters "connectionApi": { "value": { "id": "/subscriptions/<>/providers/Microsoft.Web/locations/westeurope/managedApis/azuremonitorlogs" diff --git a/modules/Microsoft.Web/hostingEnvironments/readme.md b/modules/Microsoft.Web/hostingEnvironments/readme.md index 98c9137061..c099cad13e 100644 --- a/modules/Microsoft.Web/hostingEnvironments/readme.md +++ b/modules/Microsoft.Web/hostingEnvironments/readme.md @@ -211,7 +211,9 @@ Below is a collection of examples of how this module can be used. These examples module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-hostingEnvironments' params: { + // Required parameters name: '<>-az-appse-asev2-001' + // Non-required parameters subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-008' clusterSettings: [ { @@ -251,12 +253,14 @@ module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-appse-asev2-001" }, "subnetResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-008" }, + // Non-required parameters "clusterSettings": { "value": [ { @@ -316,7 +320,9 @@ module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = { name: '${uniqueString(deployment().name)}-hostingEnvironments' params: { + // Required parameters name: '<>-az-appse-asev3-001' + // Non-required parameters subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-006' clusterSettings: [ { @@ -354,12 +360,14 @@ module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-appse-asev3-001" }, "subnetResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-006" }, + // Non-required parameters "clusterSettings": { "value": [ { diff --git a/modules/Microsoft.Web/serverfarms/readme.md b/modules/Microsoft.Web/serverfarms/readme.md index a45b809a03..b55f87175e 100644 --- a/modules/Microsoft.Web/serverfarms/readme.md +++ b/modules/Microsoft.Web/serverfarms/readme.md @@ -210,7 +210,9 @@ Below is a collection of examples of how this module can be used. These examples module serverfarms './Microsoft.Web/serverfarms/deploy.bicep' = { name: '${uniqueString(deployment().name)}-serverfarms' params: { + // Required parameters name: '<>-az-asp-x-001' + // Non-required parameters sku: { capacity: '1' family: 'S' @@ -248,6 +250,7 @@ module serverfarms './Microsoft.Web/serverfarms/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-asp-x-001" }, @@ -260,6 +263,7 @@ module serverfarms './Microsoft.Web/serverfarms/deploy.bicep' = { "tier": "Standard" } }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/modules/Microsoft.Web/sites/readme.md b/modules/Microsoft.Web/sites/readme.md index d5b1fff86f..5e66da1ccc 100644 --- a/modules/Microsoft.Web/sites/readme.md +++ b/modules/Microsoft.Web/sites/readme.md @@ -18,7 +18,7 @@ This module deploys a web or function app. | `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) | | `Microsoft.Network/privateEndpoints` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/privateEndpoints) | | `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/privateEndpoints/privateDnsZoneGroups) | -| `Microsoft.Web/sites` | [2021-03-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Web/2021-03-01/sites) | +| `Microsoft.Web/sites` | [2021-03-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Web/sites) | | `Microsoft.Web/sites/config` | [2020-12-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Web/sites) | ## Parameters @@ -404,7 +404,9 @@ Below is a collection of examples of how this module can be used. These examples module sites './Microsoft.Web/sites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-sites' params: { + // Required parameters kind: 'functionapp' + // Non-required parameters name: '<>-az-fa-min-001' serverFarmResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001' siteConfig: { @@ -426,9 +428,11 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "kind": { "value": "functionapp" }, + // Non-required parameters "name": { "value": "<>-az-fa-min-001" }, @@ -457,7 +461,9 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { module sites './Microsoft.Web/sites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-sites' params: { + // Required parameters kind: 'functionapp' + // Non-required parameters name: '<>-az-fa-x-001' appInsightId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' appSettingsKeyValuePairs: { @@ -575,9 +581,11 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "kind": { "value": "functionapp" }, + // Non-required parameters "name": { "value": "<>-az-fa-x-001" }, @@ -732,7 +740,9 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { module sites './Microsoft.Web/sites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-sites' params: { + // Required parameters kind: 'app' + // Non-required parameters name: '<>-az-wa-min-001' serverFarmResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001' } @@ -751,9 +761,11 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "kind": { "value": "app" }, + // Non-required parameters "name": { "value": "<>-az-wa-min-001" }, @@ -777,7 +789,9 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { module sites './Microsoft.Web/sites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-sites' params: { + // Required parameters kind: 'app' + // Non-required parameters name: '<>-az-wa-x-001' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' @@ -829,9 +843,11 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "kind": { "value": "app" }, + // Non-required parameters "name": { "value": "<>-az-wa-x-001" }, diff --git a/modules/Microsoft.Web/staticSites/readme.md b/modules/Microsoft.Web/staticSites/readme.md index 51fd503e21..5e4bdcd2f8 100644 --- a/modules/Microsoft.Web/staticSites/readme.md +++ b/modules/Microsoft.Web/staticSites/readme.md @@ -320,7 +320,9 @@ module staticSites './Microsoft.Web/staticSites/deploy.bicep' = { module staticSites './Microsoft.Web/staticSites/deploy.bicep' = { name: '${uniqueString(deployment().name)}-staticSites' params: { + // Required parameters name: '<>-az-wss-x-001' + // Non-required parameters allowConfigFileUpdates: true enterpriseGradeCdnStatus: 'Disabled' lock: 'CanNotDelete' @@ -360,9 +362,11 @@ module staticSites './Microsoft.Web/staticSites/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { + // Required parameters "name": { "value": "<>-az-wss-x-001" }, + // Non-required parameters "allowConfigFileUpdates": { "value": true }, From 7d03399fa96fe599f1dad9f9762da52d59b4f2f2 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 05:52:51 +0200 Subject: [PATCH 20/38] Updated APIs --- modules/Microsoft.Network/vpnSites/readme.md | 2 +- modules/Microsoft.Web/sites/readme.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/Microsoft.Network/vpnSites/readme.md b/modules/Microsoft.Network/vpnSites/readme.md index b377780de3..c7b820eff2 100644 --- a/modules/Microsoft.Network/vpnSites/readme.md +++ b/modules/Microsoft.Network/vpnSites/readme.md @@ -15,7 +15,7 @@ This module deploys a VPN Site. | :-- | :-- | | `Microsoft.Authorization/locks` | [2017-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) | | `Microsoft.Authorization/roleAssignments` | [2020-10-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2020-10-01-preview/roleAssignments) | -| `Microsoft.Network/vpnSites` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/vpnSites) | +| `Microsoft.Network/vpnSites` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/vpnSites) | ## Parameters diff --git a/modules/Microsoft.Web/sites/readme.md b/modules/Microsoft.Web/sites/readme.md index 5e66da1ccc..df9f2f57ce 100644 --- a/modules/Microsoft.Web/sites/readme.md +++ b/modules/Microsoft.Web/sites/readme.md @@ -18,7 +18,7 @@ This module deploys a web or function app. | `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) | | `Microsoft.Network/privateEndpoints` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/privateEndpoints) | | `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/privateEndpoints/privateDnsZoneGroups) | -| `Microsoft.Web/sites` | [2021-03-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Web/sites) | +| `Microsoft.Web/sites` | [2021-03-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Web/2021-03-01/sites) | | `Microsoft.Web/sites/config` | [2020-12-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Web/sites) | ## Parameters From e3f51ba3e38ab9cdf0f587e2491ec82696a9fa86 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 06:03:05 +0200 Subject: [PATCH 21/38] Fixed readme --- .../configurationStores/keyValues/readme.md | 232 ------------------ 1 file changed, 232 deletions(-) diff --git a/modules/Microsoft.AppConfiguration/configurationStores/keyValues/readme.md b/modules/Microsoft.AppConfiguration/configurationStores/keyValues/readme.md index 7a90139326..e1b3cade81 100644 --- a/modules/Microsoft.AppConfiguration/configurationStores/keyValues/readme.md +++ b/modules/Microsoft.AppConfiguration/configurationStores/keyValues/readme.md @@ -7,7 +7,6 @@ This module deploys an App Configuration Store. - [Resource types](#Resource-types) - [Parameters](#Parameters) - [Outputs](#Outputs) -- [Deployment examples](#Deployment-examples) ## Resource types @@ -169,85 +168,6 @@ roleAssignments: [

-======= -### Parameter Usage: `privateEndpoints` - -To use Private Endpoint the following dependencies must be deployed: - -- Destination subnet must be created with the following configuration option - `"privateEndpointNetworkPolicies": "Disabled"`. Setting this option acknowledges that NSG rules are not applied to Private Endpoints (this capability is coming soon). A full example is available in the Virtual Network Module. -- Although not strictly required, it is highly recommended to first create a private DNS Zone to host Private Endpoint DNS records. See [Azure Private Endpoint DNS configuration](https://docs.microsoft.com/en-us/azure/private-link/private-endpoint-dns) for more information. - -

- -Parameter JSON format - -```json -"privateEndpoints": { - "value": [ - // Example showing all available fields - { - "name": "sxx-az-pe", // Optional: Name will be automatically generated if one is not provided here - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/sxx-az-vnet-x-001/subnets/sxx-az-subnet-x-001", - "service": "<>", // e.g. vault, registry, file, blob, queue, table etc. - "privateDnsZoneResourceIds": [ // Optional: No DNS record will be created if a private DNS zone Resource ID is not specified - "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/privateDnsZones/privatelink.blob.core.windows.net" - ], - "customDnsConfigs": [ // Optional - { - "fqdn": "customname.test.local", - "ipAddresses": [ - "10.10.10.10" - ] - } - ] - }, - // Example showing only mandatory fields - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/sxx-az-vnet-x-001/subnets/sxx-az-subnet-x-001", - "service": "<>" // e.g. vault, registry, file, blob, queue, table etc. - } - ] -} -``` - -
- -
- -Bicep format - -```bicep -privateEndpoints: [ - // Example showing all available fields - { - name: 'sxx-az-pe' // Optional: Name will be automatically generated if one is not provided here - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/sxx-az-vnet-x-001/subnets/sxx-az-subnet-x-001' - service: '<>' // e.g. vault registry file blob queue table etc. - privateDnsZoneResourceIds: [ // Optional: No DNS record will be created if a private DNS zone Resource ID is not specified - '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/privateDnsZones/privatelink.blob.core.windows.net' - ] - // Optional - customDnsConfigs: [ - { - fqdn: 'customname.test.local' - ipAddresses: [ - '10.10.10.10' - ] - } - ] - } - // Example showing only mandatory fields - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/sxx-az-vnet-x-001/subnets/sxx-az-subnet-x-001' - service: '<>' // e.g. vault registry file blob queue table etc. - } -] -``` - -
-

- ->>>>>>> 3c13c7e234f0efcae26a25417453c58843d2002d ## Outputs | Output Name | Type | Description | @@ -255,155 +175,3 @@ privateEndpoints: [ | `name` | string | The name of the key values. | | `resourceGroupName` | string | The resource group the batch account was deployed into. | | `resourceId` | string | The resource ID of the key values. | - -## Deployment examples - -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. - -

Example 1

- -
- -via JSON Parameter file - -```json -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-appcs-min-001" - } - } -} - -``` - -
- -
- -via Bicep module - -```bicep -module configurationStores './Microsoft.AppConfiguration/configurationStores/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-configurationStores' - params: { - name: '<>-az-appcs-min-001' - } -``` - -
-

- -

Example 2

- -
- -via JSON Parameter file - -```json -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-appcs-x-001" - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "systemAssignedIdentity": { - "value": true - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "createMode": { - "value": "Default" - }, - "disableLocalAuth": { - "value": false - }, - "enablePurgeProtection": { - "value": false - }, - "publicNetworkAccess": { - "value": "Enabled" - }, - "softDeleteRetentionInDays": { - "value": 1 - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "configurationStores" - } - ] - } - } -} - -``` - -
- -
- -via Bicep module - -```bicep -module configurationStores './Microsoft.AppConfiguration/configurationStores/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-configurationStores' - params: { - name: '<>-az-appcs-x-001' - diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' - systemAssignedIdentity: true - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - createMode: 'Default' - disableLocalAuth: false - enablePurgeProtection: false - publicNetworkAccess: 'Enabled' - softDeleteRetentionInDays: 1 - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'configurationStores' - } - ] - } -``` - -
-

From 3a7da549f9fd684fc2f06c01e25289d815e1f209 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 06:04:46 +0200 Subject: [PATCH 22/38] Fixed readme --- .../Microsoft.AppConfiguration/configurationStores/readme.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/modules/Microsoft.AppConfiguration/configurationStores/readme.md b/modules/Microsoft.AppConfiguration/configurationStores/readme.md index 57b21f160f..ced0dfd98e 100644 --- a/modules/Microsoft.AppConfiguration/configurationStores/readme.md +++ b/modules/Microsoft.AppConfiguration/configurationStores/readme.md @@ -189,7 +189,6 @@ roleAssignments: [

-======= ### Parameter Usage: `privateEndpoints` To use Private Endpoint the following dependencies must be deployed: @@ -267,7 +266,6 @@ privateEndpoints: [

->>>>>>> 3c13c7e234f0efcae26a25417453c58843d2002d ## Outputs | Output Name | Type | Description | From 0291fe616f916e0ab4624832a2bbaf436a4f5e67 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 06:54:40 +0200 Subject: [PATCH 23/38] Fixed required end search --- utilities/tools/Set-ModuleReadMe.ps1 | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 85b263d26c..6652fe5734 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -473,10 +473,12 @@ function Set-DeploymentExamplesSection { $bicepExampleArray = $bicepExample -split '\n' - $requiredParameterIndent = ([regex]::Match($bicepExampleArray[0], '^(\s+).*')).Captures.Groups[1].Value.Length + $requiredParameterStartIndex = ($bicepExampleArray | Select-String ('.*{0}:.+' -f $parameterToSplitAt) | ForEach-Object { $_.LineNumber - 1 })[0] - # Search in rest of array for the next closing bracket with the same indent - and then add the initial index count back in (+1 for the first added comment) - $requiredParameterEndIndex = ($bicepExampleArray[0..($bicepExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}" | ForEach-Object { $_.LineNumber - 1 })[0] + 1 + $requiredParameterIndent = ([regex]::Match($bicepExampleArray[$requiredParameterStartIndex], '^(\s+).*')).Captures.Groups[1].Value.Length + + # Search in rest of array for the next closing bracket with the same indent - and then add the search index (1), initial index (1) count back in add another empty index (1() for the 'required' comment + $requiredParameterEndIndex = ($bicepExampleArray[($requiredParameterStartIndex + 1)..($bicepExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}\S+" | ForEach-Object { $_.LineNumber - 1 })[0] + 1 + $requiredParameterStartIndex + 1 $bicepExampleArray = @('{0}// Required parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(0 .. ($bicepExampleArray.Count))] $bicepExampleArray = $bicepExampleArray[0..$requiredParameterEndIndex] + ('{0}// Non-required parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(($requiredParameterEndIndex + 1) .. ($bicepExampleArray.Count))] @@ -541,8 +543,8 @@ function Set-DeploymentExamplesSection { $requiredParameterIndent = ([regex]::Match($jsonExampleArray[$requiredParameterStartIndex], '^(\s+).*')).Captures.Groups[1].Value.Length - # Search in rest of array for the next closing bracket with the same indent - and then add the initial index count back in (+1 for the first added comment) - $requiredParameterEndIndex = ($jsonExampleArray[$requiredParameterStartIndex..($jsonExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}\}" | ForEach-Object { $_.LineNumber - 1 })[0] + $requiredParameterStartIndex + 1 + # Search in rest of array for the next closing bracket with the same indent - and then add the search index (1), initial index (1) count back in add another empty index (1() for the 'required' comment + $requiredParameterEndIndex = ($jsonExampleArray[($requiredParameterStartIndex + 1)..($jsonExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}\}" | ForEach-Object { $_.LineNumber - 1 })[0] + 1 + $requiredParameterStartIndex + 1 $jsonExampleArray = $jsonExampleArray[0..$parameterStartIndex] + ('{0}// Required parameters' -f (' ' * $requiredParameterIndent)) + $jsonExampleArray[(($parameterStartIndex + 1) .. ($jsonExampleArray.Count))] $jsonExampleArray = $jsonExampleArray[0..$requiredParameterEndIndex] + ('{0}// Non-required parameters' -f (' ' * $requiredParameterIndent)) + $jsonExampleArray[(($requiredParameterEndIndex + 1) .. ($jsonExampleArray.Count))] From 52318b1ef97cc31b922b7a6ae023cb325c3dd80d Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 07:20:32 +0200 Subject: [PATCH 24/38] Added special case handling for bicep single line param --- utilities/tools/Set-ModuleReadMe.ps1 | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 6652fe5734..5bbcec8257 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -366,7 +366,7 @@ function Set-DeploymentExamplesSection { $resourceType = $resourceTypeIdentifier.Split('/')[1] $parameterFiles = Get-ChildItem (Join-Path $moduleRoot '.test') -Filter '*parameters.json' -Recurse - $requiredParameterNames = $TemplateFileContent.parameters.Keys | Where-Object { $TemplateFileContent.parameters[$_].Keys -notcontains 'defaultValue' } + $requiredParameterNames = $TemplateFileContent.parameters.Keys | Where-Object { $TemplateFileContent.parameters[$_].Keys -notcontains 'defaultValue' } | Sort-Object ############################ ## Process test files ## @@ -477,8 +477,15 @@ function Set-DeploymentExamplesSection { $requiredParameterIndent = ([regex]::Match($bicepExampleArray[$requiredParameterStartIndex], '^(\s+).*')).Captures.Groups[1].Value.Length - # Search in rest of array for the next closing bracket with the same indent - and then add the search index (1), initial index (1) count back in add another empty index (1() for the 'required' comment - $requiredParameterEndIndex = ($bicepExampleArray[($requiredParameterStartIndex + 1)..($bicepExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}\S+" | ForEach-Object { $_.LineNumber - 1 })[0] + 1 + $requiredParameterStartIndex + 1 + + $nextLineIndent = ([regex]::Match($bicepExampleArray[$requiredParameterStartIndex + 1], '^(\s+).*')).Captures.Groups[1].Value.Length + if ($nextLineIndent -gt $requiredParameterIndent) { + # Case Param is object/array: Search in rest of array for the next closing bracket with the same indent - and then add the search index (1), initial index (1) count back in add another index (1) for the 'required' comment + $requiredParameterEndIndex = ($bicepExampleArray[($requiredParameterStartIndex + 1)..($bicepExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}\S+" | ForEach-Object { $_.LineNumber - 1 })[0] + 1 + $requiredParameterStartIndex + 1 + } else { + # Case Param is single line bool/string/int: Add an index (1) for the 'required' comment + $requiredParameterEndIndex = $requiredParameterStartIndex + 1 + } $bicepExampleArray = @('{0}// Required parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(0 .. ($bicepExampleArray.Count))] $bicepExampleArray = $bicepExampleArray[0..$requiredParameterEndIndex] + ('{0}// Non-required parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(($requiredParameterEndIndex + 1) .. ($bicepExampleArray.Count))] @@ -543,7 +550,7 @@ function Set-DeploymentExamplesSection { $requiredParameterIndent = ([regex]::Match($jsonExampleArray[$requiredParameterStartIndex], '^(\s+).*')).Captures.Groups[1].Value.Length - # Search in rest of array for the next closing bracket with the same indent - and then add the search index (1), initial index (1) count back in add another empty index (1() for the 'required' comment + # Search in rest of array for the next closing bracket with the same indent - and then add the search index (1), initial index (1) count back in add another index (1) for the 'required' comment $requiredParameterEndIndex = ($jsonExampleArray[($requiredParameterStartIndex + 1)..($jsonExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}\}" | ForEach-Object { $_.LineNumber - 1 })[0] + 1 + $requiredParameterStartIndex + 1 $jsonExampleArray = $jsonExampleArray[0..$parameterStartIndex] + ('{0}// Required parameters' -f (' ' * $requiredParameterIndent)) + $jsonExampleArray[(($parameterStartIndex + 1) .. ($jsonExampleArray.Count))] From 620561dce80f81545738ab18fe153dc289e48833 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 07:40:35 +0200 Subject: [PATCH 25/38] Restructured commenting --- utilities/tools/Set-ModuleReadMe.ps1 | 56 ++++++++++++++++++---------- 1 file changed, 36 insertions(+), 20 deletions(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 5bbcec8257..3032cbf88e 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -464,32 +464,39 @@ function Set-DeploymentExamplesSection { $bicepExample = $bicepParamsArray | ForEach-Object { " $_" } # Optional: Add comment where required & optional parameters start + # ---------------------------------------------------------------- if ($requiredParameterNames -is [string]) { $requiredParameterNames = @($requiredParameterNames) } + + # If we have at least one required and one other parameter we want to add a comment if ($requiredParameterNames.Count -ge 1 -and $orderedJSONParameters.Keys.Count -ge 2) { - # If we have at least one required and one other parameter we want to add a comment - $parameterToSplitAt = $requiredParameterNames[-1] $bicepExampleArray = $bicepExample -split '\n' + # Check where the 'last' required parameter is located in the example (and what its indent is) + $parameterToSplitAt = $requiredParameterNames[-1] $requiredParameterStartIndex = ($bicepExampleArray | Select-String ('.*{0}:.+' -f $parameterToSplitAt) | ForEach-Object { $_.LineNumber - 1 })[0] - $requiredParameterIndent = ([regex]::Match($bicepExampleArray[$requiredParameterStartIndex], '^(\s+).*')).Captures.Groups[1].Value.Length + # Add a comment where the required parameters start + $bicepExampleArray = @('{0}// Required parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(0 .. ($bicepExampleArray.Count))] + + # If we have more than only required parameters, let's add a corresponding comment + if ($orderedJSONParameters.Keys.Count -gt $requiredParameterNames.Count ) { + $nextLineIndent = ([regex]::Match($bicepExampleArray[$requiredParameterStartIndex + 1], '^(\s+).*')).Captures.Groups[1].Value.Length + if ($nextLineIndent -gt $requiredParameterIndent) { + # Case Param is object/array: Search in rest of array for the next closing bracket with the same indent - and then add the search index (1) & initial index (1) count back in + $requiredParameterEndIndex = ($bicepExampleArray[($requiredParameterStartIndex + 1)..($bicepExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}\S+" | ForEach-Object { $_.LineNumber - 1 })[0] + 1 + $requiredParameterStartIndex + } else { + # Case Param is single line bool/string/int: Add an index (1) for the 'required' comment + $requiredParameterEndIndex = $requiredParameterStartIndex + } - $nextLineIndent = ([regex]::Match($bicepExampleArray[$requiredParameterStartIndex + 1], '^(\s+).*')).Captures.Groups[1].Value.Length - if ($nextLineIndent -gt $requiredParameterIndent) { - # Case Param is object/array: Search in rest of array for the next closing bracket with the same indent - and then add the search index (1), initial index (1) count back in add another index (1) for the 'required' comment - $requiredParameterEndIndex = ($bicepExampleArray[($requiredParameterStartIndex + 1)..($bicepExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}\S+" | ForEach-Object { $_.LineNumber - 1 })[0] + 1 + $requiredParameterStartIndex + 1 - } else { - # Case Param is single line bool/string/int: Add an index (1) for the 'required' comment - $requiredParameterEndIndex = $requiredParameterStartIndex + 1 + # Add a comment where the non-required parameters start + $bicepExampleArray = $bicepExampleArray[0..$requiredParameterEndIndex] + ('{0}// Non-required parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(($requiredParameterEndIndex + 1) .. ($bicepExampleArray.Count))] } - $bicepExampleArray = @('{0}// Required parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(0 .. ($bicepExampleArray.Count))] - $bicepExampleArray = $bicepExampleArray[0..$requiredParameterEndIndex] + ('{0}// Non-required parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(($requiredParameterEndIndex + 1) .. ($bicepExampleArray.Count))] - $bicepExample = $bicepExampleArray | Out-String } @@ -537,24 +544,33 @@ function Set-DeploymentExamplesSection { } | ConvertTo-Json -Depth 99) # Optional: Add comment where required & optional parameters start + # ---------------------------------------------------------------- if ($requiredParameterNames -is [string]) { $requiredParameterNames = @($requiredParameterNames) } + + # If we have at least one required and one other parameter we want to add a comment if ($requiredParameterNames.Count -ge 1 -and $orderedJSONParameters.Keys.Count -ge 2) { - # If we have at least one required and one other parameter we want to add a comment - $parameterToSplitAt = $requiredParameterNames[-1] $jsonExampleArray = $jsonExample -split '\n' + + # Check where the 'last' required parameter is located in the example (and what its indent is) + $parameterToSplitAt = $requiredParameterNames[-1] $parameterStartIndex = ($jsonExampleArray | Select-String '.*"parameters": \{.*' | ForEach-Object { $_.LineNumber - 1 })[0] $requiredParameterStartIndex = ($jsonExampleArray | Select-String ".*`"$parameterToSplitAt`": \{.*" | ForEach-Object { $_.LineNumber - 1 })[0] - $requiredParameterIndent = ([regex]::Match($jsonExampleArray[$requiredParameterStartIndex], '^(\s+).*')).Captures.Groups[1].Value.Length - # Search in rest of array for the next closing bracket with the same indent - and then add the search index (1), initial index (1) count back in add another index (1) for the 'required' comment - $requiredParameterEndIndex = ($jsonExampleArray[($requiredParameterStartIndex + 1)..($jsonExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}\}" | ForEach-Object { $_.LineNumber - 1 })[0] + 1 + $requiredParameterStartIndex + 1 - + # Add a comment where the required parameters start $jsonExampleArray = $jsonExampleArray[0..$parameterStartIndex] + ('{0}// Required parameters' -f (' ' * $requiredParameterIndent)) + $jsonExampleArray[(($parameterStartIndex + 1) .. ($jsonExampleArray.Count))] - $jsonExampleArray = $jsonExampleArray[0..$requiredParameterEndIndex] + ('{0}// Non-required parameters' -f (' ' * $requiredParameterIndent)) + $jsonExampleArray[(($requiredParameterEndIndex + 1) .. ($jsonExampleArray.Count))] + + # If we have more than only required parameters, let's add a corresponding comment + if ($orderedJSONParameters.Keys.Count -gt $requiredParameterNames.Count ) { + # Search in rest of array for the next closing bracket with the same indent - and then add the search index (1) & initial index (1) count back in + $requiredParameterEndIndex = ($jsonExampleArray[($requiredParameterStartIndex + 1)..($jsonExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}\}" | ForEach-Object { $_.LineNumber - 1 })[0] + 1 + $requiredParameterStartIndex + + # Add a comment where the non-required parameters start + $jsonExampleArray = $jsonExampleArray[0..$requiredParameterEndIndex] + ('{0}// Non-required parameters' -f (' ' * $requiredParameterIndent)) + $jsonExampleArray[(($requiredParameterEndIndex + 1) .. ($jsonExampleArray.Count))] + } $jsonExample = $jsonExampleArray | Out-String } From 4498cbc45cca07ecccc9e773f5bd8bdab17eca46 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 08:09:43 +0200 Subject: [PATCH 26/38] Improved regex --- utilities/tools/Set-ModuleReadMe.ps1 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 3032cbf88e..3306228b38 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -476,21 +476,21 @@ function Set-DeploymentExamplesSection { # Check where the 'last' required parameter is located in the example (and what its indent is) $parameterToSplitAt = $requiredParameterNames[-1] - $requiredParameterStartIndex = ($bicepExampleArray | Select-String ('.*{0}:.+' -f $parameterToSplitAt) | ForEach-Object { $_.LineNumber - 1 })[0] + $requiredParameterStartIndex = ($bicepExampleArray | Select-String ('^\s*{0}:.+' -f $parameterToSplitAt) | ForEach-Object { $_.LineNumber - 1 })[0] $requiredParameterIndent = ([regex]::Match($bicepExampleArray[$requiredParameterStartIndex], '^(\s+).*')).Captures.Groups[1].Value.Length # Add a comment where the required parameters start $bicepExampleArray = @('{0}// Required parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(0 .. ($bicepExampleArray.Count))] # If we have more than only required parameters, let's add a corresponding comment - if ($orderedJSONParameters.Keys.Count -gt $requiredParameterNames.Count ) { + if ($orderedJSONParameters.Keys.Count -gt $requiredParameterNames.Count) { $nextLineIndent = ([regex]::Match($bicepExampleArray[$requiredParameterStartIndex + 1], '^(\s+).*')).Captures.Groups[1].Value.Length if ($nextLineIndent -gt $requiredParameterIndent) { # Case Param is object/array: Search in rest of array for the next closing bracket with the same indent - and then add the search index (1) & initial index (1) count back in $requiredParameterEndIndex = ($bicepExampleArray[($requiredParameterStartIndex + 1)..($bicepExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}\S+" | ForEach-Object { $_.LineNumber - 1 })[0] + 1 + $requiredParameterStartIndex } else { # Case Param is single line bool/string/int: Add an index (1) for the 'required' comment - $requiredParameterEndIndex = $requiredParameterStartIndex + $requiredParameterEndIndex = $requiredParameterStartIndex + 1 } # Add a comment where the non-required parameters start @@ -557,7 +557,7 @@ function Set-DeploymentExamplesSection { # Check where the 'last' required parameter is located in the example (and what its indent is) $parameterToSplitAt = $requiredParameterNames[-1] $parameterStartIndex = ($jsonExampleArray | Select-String '.*"parameters": \{.*' | ForEach-Object { $_.LineNumber - 1 })[0] - $requiredParameterStartIndex = ($jsonExampleArray | Select-String ".*`"$parameterToSplitAt`": \{.*" | ForEach-Object { $_.LineNumber - 1 })[0] + $requiredParameterStartIndex = ($jsonExampleArray | Select-String "\s*`"$parameterToSplitAt`": \{.*" | ForEach-Object { $_.LineNumber - 1 })[0] $requiredParameterIndent = ([regex]::Match($jsonExampleArray[$requiredParameterStartIndex], '^(\s+).*')).Captures.Groups[1].Value.Length # Add a comment where the required parameters start From f43990e89e235a81e9ac11a66d48578310f1fc1d Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 08:37:25 +0200 Subject: [PATCH 27/38] Further updates --- utilities/tools/Set-ModuleReadMe.ps1 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 3306228b38..46000f2935 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -476,8 +476,8 @@ function Set-DeploymentExamplesSection { # Check where the 'last' required parameter is located in the example (and what its indent is) $parameterToSplitAt = $requiredParameterNames[-1] - $requiredParameterStartIndex = ($bicepExampleArray | Select-String ('^\s*{0}:.+' -f $parameterToSplitAt) | ForEach-Object { $_.LineNumber - 1 })[0] - $requiredParameterIndent = ([regex]::Match($bicepExampleArray[$requiredParameterStartIndex], '^(\s+).*')).Captures.Groups[1].Value.Length + $requiredParameterIndent = ([regex]::Match($bicepExampleArray[0], '^(\s+).*')).Captures.Groups[1].Value.Length + $requiredParameterStartIndex = ($bicepExampleArray | Select-String ('^[\s]{0}{1}:.+' -f "{$requiredParameterIndent}", $parameterToSplitAt) | ForEach-Object { $_.LineNumber - 1 })[0] # Add a comment where the required parameters start $bicepExampleArray = @('{0}// Required parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(0 .. ($bicepExampleArray.Count))] @@ -557,8 +557,8 @@ function Set-DeploymentExamplesSection { # Check where the 'last' required parameter is located in the example (and what its indent is) $parameterToSplitAt = $requiredParameterNames[-1] $parameterStartIndex = ($jsonExampleArray | Select-String '.*"parameters": \{.*' | ForEach-Object { $_.LineNumber - 1 })[0] - $requiredParameterStartIndex = ($jsonExampleArray | Select-String "\s*`"$parameterToSplitAt`": \{.*" | ForEach-Object { $_.LineNumber - 1 })[0] - $requiredParameterIndent = ([regex]::Match($jsonExampleArray[$requiredParameterStartIndex], '^(\s+).*')).Captures.Groups[1].Value.Length + $requiredParameterIndent = ([regex]::Match($jsonExampleArray[($parameterStartIndex + 1)], '^(\s+).*')).Captures.Groups[1].Value.Length + $requiredParameterStartIndex = ($jsonExampleArray | Select-String "^[\s]{$requiredParameterIndent}`"$parameterToSplitAt`": \{.*" | ForEach-Object { $_.LineNumber - 1 })[0] # Add a comment where the required parameters start $jsonExampleArray = $jsonExampleArray[0..$parameterStartIndex] + ('{0}// Required parameters' -f (' ' * $requiredParameterIndent)) + $jsonExampleArray[(($parameterStartIndex + 1) .. ($jsonExampleArray.Count))] From 1990908bb3de164818eefbf79fceb38482d9e22d Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 08:49:52 +0200 Subject: [PATCH 28/38] Updated readmes --- .../Microsoft.ApiManagement/service/readme.md | 10 ++++---- .../policyAssignments/readme.md | 22 ++++++++--------- .../policyDefinitions/readme.md | 8 +++---- .../policyExemptions/readme.md | 22 ++++++++--------- .../policySetDefinitions/readme.md | 14 +++++------ .../roleAssignments/readme.md | 22 ++++++++--------- .../Microsoft.Batch/batchAccounts/readme.md | 10 ++++---- .../accounts/readme.md | 14 +++++------ .../diskEncryptionSets/readme.md | 2 +- modules/Microsoft.Compute/disks/readme.md | 8 +++---- modules/Microsoft.Compute/images/readme.md | 2 +- .../virtualMachineScaleSets/readme.md | 16 ++++++------- .../virtualMachines/readme.md | 24 +++++++++---------- .../containerGroups/readme.md | 4 ++-- .../managedClusters/readme.md | 8 +++---- .../applicationgroups/readme.md | 4 +--- .../databaseAccounts/readme.md | 16 ++++++------- .../systemTopics/readme.md | 6 ++--- .../Microsoft.Insights/actionGroups/readme.md | 4 ++-- .../activityLogAlerts/readme.md | 4 ++-- .../Microsoft.Insights/components/readme.md | 4 ++-- .../Microsoft.Insights/metricAlerts/readme.md | 2 +- .../extensions/readme.md | 4 ++-- .../fluxConfigurations/readme.md | 8 +++---- .../workspaces/readme.md | 6 ++--- .../registrationDefinitions/readme.md | 4 +--- .../azureFirewalls/readme.md | 8 +++---- .../Microsoft.Network/bastionHosts/readme.md | 14 +++++------ .../Microsoft.Network/connections/readme.md | 2 +- .../expressRouteCircuits/readme.md | 2 +- .../Microsoft.Network/loadBalancers/readme.md | 8 +++---- .../localNetworkGateways/readme.md | 2 +- .../networkInterfaces/readme.md | 4 +--- .../privateEndpoints/readme.md | 4 +--- .../publicIPPrefixes/readme.md | 2 +- .../trafficmanagerprofiles/readme.md | 2 +- .../Microsoft.Network/virtualHubs/readme.md | 4 +--- .../virtualNetworkGateways/readme.md | 4 ++-- .../virtualNetworks/readme.md | 6 ++--- .../Microsoft.Network/vpnGateways/readme.md | 4 +--- modules/Microsoft.Network/vpnSites/readme.md | 8 +++---- .../solutions/readme.md | 6 ++--- .../azureSecurityCenter/readme.md | 4 ++-- .../clusters/readme.md | 6 ++--- .../imageTemplates/readme.md | 4 ++-- modules/Microsoft.Web/connections/readme.md | 2 +- .../hostingEnvironments/readme.md | 4 ++-- modules/Microsoft.Web/serverfarms/readme.md | 2 +- modules/Microsoft.Web/sites/readme.md | 16 ++++++------- 49 files changed, 164 insertions(+), 202 deletions(-) diff --git a/modules/Microsoft.ApiManagement/service/readme.md b/modules/Microsoft.ApiManagement/service/readme.md index 93dec8374e..a7773d45a0 100644 --- a/modules/Microsoft.ApiManagement/service/readme.md +++ b/modules/Microsoft.ApiManagement/service/readme.md @@ -282,9 +282,9 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { params: { // Required parameters name: '<>-az-apim-max-001' - // Non-required parameters publisherEmail: 'apimgmt-noreply@mail.windowsazure.com' publisherName: '<>-az-amorg-x-001' + // Non-required parameters apis: [ { apiVersionSet: { @@ -429,13 +429,13 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { "name": { "value": "<>-az-apim-max-001" }, - // Non-required parameters "publisherEmail": { "value": "apimgmt-noreply@mail.windowsazure.com" }, "publisherName": { "value": "<>-az-amorg-x-001" }, + // Non-required parameters "apis": { "value": [ { @@ -617,7 +617,6 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { params: { // Required parameters name: '<>-az-apim-min-001' - // Non-required parameters publisherEmail: 'apimgmt-noreply@mail.windowsazure.com' publisherName: '<>-az-amorg-x-001' } @@ -640,7 +639,6 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { "name": { "value": "<>-az-apim-min-001" }, - // Non-required parameters "publisherEmail": { "value": "apimgmt-noreply@mail.windowsazure.com" }, @@ -666,9 +664,9 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { params: { // Required parameters name: '<>-az-apim-x-001' - // Non-required parameters publisherEmail: 'apimgmt-noreply@mail.windowsazure.com' publisherName: '<>-az-amorg-x-001' + // Non-required parameters lock: 'CanNotDelete' policies: [ { @@ -722,13 +720,13 @@ module service './Microsoft.ApiManagement/service/deploy.bicep' = { "name": { "value": "<>-az-apim-x-001" }, - // Non-required parameters "publisherEmail": { "value": "apimgmt-noreply@mail.windowsazure.com" }, "publisherName": { "value": "<>-az-amorg-x-001" }, + // Non-required parameters "lock": { "value": "CanNotDelete" }, diff --git a/modules/Microsoft.Authorization/policyAssignments/readme.md b/modules/Microsoft.Authorization/policyAssignments/readme.md index 41aa6f4794..397a1ce0f8 100644 --- a/modules/Microsoft.Authorization/policyAssignments/readme.md +++ b/modules/Microsoft.Authorization/policyAssignments/readme.md @@ -182,7 +182,6 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic params: { // Required parameters name: '<>-min-mg-polAss' - // Non-required parameters policyDefinitionID: '/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d' } } @@ -204,7 +203,6 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "name": { "value": "<>-min-mg-polAss" }, - // Non-required parameters "policyDefinitionID": { "value": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d" } @@ -227,8 +225,8 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic params: { // Required parameters name: '<>-mg-polAss' - // Non-required parameters policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26' + // Non-required parameters description: '[Description] Policy Assignment at the management group scope' displayName: '[Display Name] Policy Assignment at the management group scope' enforcementMode: 'DoNotEnforce' @@ -274,10 +272,10 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "name": { "value": "<>-mg-polAss" }, - // Non-required parameters "policyDefinitionId": { "value": "/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26" }, + // Non-required parameters "description": { "value": "[Description] Policy Assignment at the management group scope" }, @@ -344,8 +342,8 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic params: { // Required parameters name: '<>-min-rg-polAss' - // Non-required parameters policyDefinitionID: '/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d' + // Non-required parameters resourceGroupName: 'validation-rg' subscriptionId: '<>' } @@ -368,10 +366,10 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "name": { "value": "<>-min-rg-polAss" }, - // Non-required parameters "policyDefinitionID": { "value": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d" }, + // Non-required parameters "resourceGroupName": { "value": "validation-rg" }, @@ -397,8 +395,8 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic params: { // Required parameters name: '<>-rg-polAss' - // Non-required parameters policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26' + // Non-required parameters description: '[Description] Policy Assignment at the resource group scope' displayName: '[Display Name] Policy Assignment at the resource group scope' enforcementMode: 'DoNotEnforce' @@ -446,10 +444,10 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "name": { "value": "<>-rg-polAss" }, - // Non-required parameters "policyDefinitionId": { "value": "/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26" }, + // Non-required parameters "description": { "value": "[Description] Policy Assignment at the resource group scope" }, @@ -522,8 +520,8 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic params: { // Required parameters name: '<>-min-sub-polAss' - // Non-required parameters policyDefinitionID: '/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d' + // Non-required parameters subscriptionId: '<>' } } @@ -545,10 +543,10 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "name": { "value": "<>-min-sub-polAss" }, - // Non-required parameters "policyDefinitionID": { "value": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a4d" }, + // Non-required parameters "subscriptionId": { "value": "<>" } @@ -571,8 +569,8 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic params: { // Required parameters name: '<>-sub-polAss' - // Non-required parameters policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26' + // Non-required parameters description: '[Description] Policy Assignment at the subscription scope' displayName: '[Display Name] Policy Assignment at the subscription scope' enforcementMode: 'DoNotEnforce' @@ -619,10 +617,10 @@ module policyAssignments './Microsoft.Authorization/policyAssignments/deploy.bic "name": { "value": "<>-sub-polAss" }, - // Non-required parameters "policyDefinitionId": { "value": "/providers/Microsoft.Authorization/policyDefinitions/4f9dc7db-30c1-420c-b61a-e1d640128d26" }, + // Non-required parameters "description": { "value": "[Description] Policy Assignment at the subscription scope" }, diff --git a/modules/Microsoft.Authorization/policyDefinitions/readme.md b/modules/Microsoft.Authorization/policyDefinitions/readme.md index 45dc6ec66a..14ad10a874 100644 --- a/modules/Microsoft.Authorization/policyDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policyDefinitions/readme.md @@ -140,8 +140,8 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic params: { // Required parameters name: '<>-mg-min-policyDef' - // Non-required parameters policyRule: { + // Non-required parameters if: { allOf: [ { @@ -229,8 +229,8 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic params: { // Required parameters name: '<>-mg-policyDef' - // Non-required parameters policyRule: { + // Non-required parameters if: { allOf: [ { @@ -384,8 +384,8 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic params: { // Required parameters name: '<>-sub-min-policyDef' - // Non-required parameters policyRule: { + // Non-required parameters if: { allOf: [ { @@ -477,8 +477,8 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic params: { // Required parameters name: '<>-sub-policyDef' - // Non-required parameters policyRule: { + // Non-required parameters if: { allOf: [ { diff --git a/modules/Microsoft.Authorization/policyExemptions/readme.md b/modules/Microsoft.Authorization/policyExemptions/readme.md index 987027c177..0dadcae0e0 100644 --- a/modules/Microsoft.Authorization/policyExemptions/readme.md +++ b/modules/Microsoft.Authorization/policyExemptions/readme.md @@ -163,7 +163,6 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep params: { // Required parameters name: '<>-min-mg-polexem' - // Non-required parameters policyAssignmentId: '/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg' } } @@ -185,7 +184,6 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep "name": { "value": "<>-min-mg-polexem" }, - // Non-required parameters "policyAssignmentId": { "value": "/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg" } @@ -208,8 +206,8 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep params: { // Required parameters name: '<>-mg-polexem' - // Non-required parameters policyAssignmentId: '/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg' + // Non-required parameters displayName: '[Display Name] policy exempt (management group scope)' exemptionCategory: 'Waiver' expiresOn: '2025-10-02T03:57:00Z' @@ -237,10 +235,10 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep "name": { "value": "<>-mg-polexem" }, - // Non-required parameters "policyAssignmentId": { "value": "/providers/Microsoft.Management/managementGroups/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-mg-pass-loc-rg" }, + // Non-required parameters "displayName": { "value": "[Display Name] policy exempt (management group scope)" }, @@ -277,8 +275,8 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep params: { // Required parameters name: '<>-min-rg-polexem' - // Non-required parameters policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' + // Non-required parameters resourceGroupName: '<>' subscriptionId: '<>' } @@ -301,10 +299,10 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep "name": { "value": "<>-min-rg-polexem" }, - // Non-required parameters "policyAssignmentId": { "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" }, + // Non-required parameters "resourceGroupName": { "value": "<>" }, @@ -330,8 +328,8 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep params: { // Required parameters name: '<>-rg-polexem' - // Non-required parameters policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' + // Non-required parameters displayName: '[Display Name] policy exempt (resource group scope)' exemptionCategory: 'Waiver' expiresOn: '2025-10-02T03:57:00Z' @@ -360,10 +358,10 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep "name": { "value": "<>-rg-polexem" }, - // Non-required parameters "policyAssignmentId": { "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" }, + // Non-required parameters "displayName": { "value": "[Display Name] policy exempt (resource group scope)" }, @@ -403,8 +401,8 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep params: { // Required parameters name: '<>-min-sub-polexem' - // Non-required parameters policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' + // Non-required parameters subscriptionId: '<>' } } @@ -426,10 +424,10 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep "name": { "value": "<>-min-sub-polexem" }, - // Non-required parameters "policyAssignmentId": { "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" }, + // Non-required parameters "subscriptionId": { "value": "<>" } @@ -452,8 +450,8 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep params: { // Required parameters name: '<>-sub-polexem' - // Non-required parameters policyAssignmentId: '/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg' + // Non-required parameters displayName: '[Display Name] policy exempt (subscription scope)' exemptionCategory: 'Waiver' expiresOn: '2025-10-02T03:57:00Z' @@ -481,10 +479,10 @@ module policyExemptions './Microsoft.Authorization/policyExemptions/deploy.bicep "name": { "value": "<>-sub-polexem" }, - // Non-required parameters "policyAssignmentId": { "value": "/subscriptions/<>/providers/Microsoft.Authorization/policyAssignments/adp-<>-sb-pass-loc-rg" }, + // Non-required parameters "displayName": { "value": "[Display Name] policy exempt (subscription scope)" }, diff --git a/modules/Microsoft.Authorization/policySetDefinitions/readme.md b/modules/Microsoft.Authorization/policySetDefinitions/readme.md index 35ba473a52..3e22f06c53 100644 --- a/modules/Microsoft.Authorization/policySetDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policySetDefinitions/readme.md @@ -146,7 +146,6 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl params: { // Required parameters name: '<>-mg-min-policySet' - // Non-required parameters policyDefinitions: [ { parameters: { @@ -179,7 +178,6 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl "name": { "value": "<>-mg-min-policySet" }, - // Non-required parameters "policyDefinitions": { "value": [ { @@ -213,8 +211,8 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl params: { // Required parameters name: '<>-mg-policySet' - // Non-required parameters policyDefinitions: [ + // Non-required parameters { groupNames: [ 'ARM' @@ -279,7 +277,6 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl "name": { "value": "<>-mg-policySet" }, - // Non-required parameters "policyDefinitions": { "value": [ { @@ -312,6 +309,7 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl } ] }, + // Non-required parameters "description": { "value": "[Description] This policy set definition is deployed at management group scope" }, @@ -356,8 +354,8 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl params: { // Required parameters name: '<>-sub-min-policySet' - // Non-required parameters policyDefinitions: [ + // Non-required parameters { parameters: { listOfAllowedLocations: { @@ -390,7 +388,6 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl "name": { "value": "<>-sub-min-policySet" }, - // Non-required parameters "policyDefinitions": { "value": [ { @@ -405,6 +402,7 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl } ] }, + // Non-required parameters "subscriptionId": { "value": "<>" } @@ -427,8 +425,8 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl params: { // Required parameters name: '<>-sub-policySet' - // Non-required parameters policyDefinitions: [ + // Non-required parameters { groupNames: [ 'ARM' @@ -493,7 +491,6 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl "name": { "value": "<>-sub-policySet" }, - // Non-required parameters "policyDefinitions": { "value": [ { @@ -526,6 +523,7 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl } ] }, + // Non-required parameters "description": { "value": "[Description] This policy set definition is deployed at subscription scope" }, diff --git a/modules/Microsoft.Authorization/roleAssignments/readme.md b/modules/Microsoft.Authorization/roleAssignments/readme.md index 9b9d1e9df8..4cbb85514d 100644 --- a/modules/Microsoft.Authorization/roleAssignments/readme.md +++ b/modules/Microsoft.Authorization/roleAssignments/readme.md @@ -181,7 +181,6 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' params: { // Required parameters principalId: '<>' - // Non-required parameters roleDefinitionIdOrName: 'Storage Queue Data Reader' } } @@ -203,7 +202,6 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' "principalId": { "value": "<>" }, - // Non-required parameters "roleDefinitionIdOrName": { "value": "Storage Queue Data Reader" } @@ -226,8 +224,8 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' params: { // Required parameters principalId: '<>' - // Non-required parameters roleDefinitionIdOrName: 'Backup Reader' + // Non-required parameters description: 'Role Assignment (management group scope)' managementGroupId: '<>' principalType: 'ServicePrincipal' @@ -251,10 +249,10 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' "principalId": { "value": "<>" }, - // Non-required parameters "roleDefinitionIdOrName": { "value": "Backup Reader" }, + // Non-required parameters "description": { "value": "Role Assignment (management group scope)" }, @@ -283,8 +281,8 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' params: { // Required parameters principalId: '<>' - // Non-required parameters roleDefinitionIdOrName: 'Storage Queue Data Reader' + // Non-required parameters resourceGroupName: '<>' subscriptionId: '<>' } @@ -307,10 +305,10 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' "principalId": { "value": "<>" }, - // Non-required parameters "roleDefinitionIdOrName": { "value": "Storage Queue Data Reader" }, + // Non-required parameters "resourceGroupName": { "value": "<>" }, @@ -336,8 +334,8 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' params: { // Required parameters principalId: '<>' - // Non-required parameters roleDefinitionIdOrName: 'Backup Reader' + // Non-required parameters description: 'Role Assignment (resource group scope)' principalType: 'ServicePrincipal' resourceGroupName: '<>' @@ -362,10 +360,10 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' "principalId": { "value": "<>" }, - // Non-required parameters "roleDefinitionIdOrName": { "value": "Backup Reader" }, + // Non-required parameters "description": { "value": "Role Assignment (resource group scope)" }, @@ -397,8 +395,8 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' params: { // Required parameters principalId: '<>' - // Non-required parameters roleDefinitionIdOrName: 'Storage Queue Data Reader' + // Non-required parameters subscriptionId: '<>' } } @@ -420,10 +418,10 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' "principalId": { "value": "<>" }, - // Non-required parameters "roleDefinitionIdOrName": { "value": "Storage Queue Data Reader" }, + // Non-required parameters "subscriptionId": { "value": "<>" } @@ -446,8 +444,8 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' params: { // Required parameters principalId: '<>' - // Non-required parameters roleDefinitionIdOrName: 'Backup Reader' + // Non-required parameters description: 'Role Assignment (subscription scope)' principalType: 'ServicePrincipal' subscriptionId: '<>' @@ -471,10 +469,10 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' "principalId": { "value": "<>" }, - // Non-required parameters "roleDefinitionIdOrName": { "value": "Backup Reader" }, + // Non-required parameters "description": { "value": "Role Assignment (subscription scope)" }, diff --git a/modules/Microsoft.Batch/batchAccounts/readme.md b/modules/Microsoft.Batch/batchAccounts/readme.md index 6039a7ebf7..ea181991e4 100644 --- a/modules/Microsoft.Batch/batchAccounts/readme.md +++ b/modules/Microsoft.Batch/batchAccounts/readme.md @@ -154,8 +154,8 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { params: { // Required parameters name: '<>azbaweuencr001' - // Non-required parameters storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + // Non-required parameters cMKKeyName: 'keyEncryptionKey' cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' poolAllocationMode: 'BatchService' @@ -184,10 +184,10 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { "name": { "value": "<>azbaweuencr001" }, - // Non-required parameters "storageAccountId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" }, + // Non-required parameters "cMKKeyName": { "value": "keyEncryptionKey" }, @@ -227,7 +227,6 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { params: { // Required parameters name: '<>azbaweumin001' - // Non-required parameters storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' } } @@ -249,7 +248,6 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { "name": { "value": "<>azbaweumin001" }, - // Non-required parameters "storageAccountId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" } @@ -272,8 +270,8 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { params: { // Required parameters name: '<>azbaweux001' - // Non-required parameters storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -304,10 +302,10 @@ module batchAccounts './Microsoft.Batch/batchAccounts/deploy.bicep' = { "name": { "value": "<>azbaweux001" }, - // Non-required parameters "storageAccountId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/modules/Microsoft.CognitiveServices/accounts/readme.md b/modules/Microsoft.CognitiveServices/accounts/readme.md index af2637d44d..0b627f1831 100644 --- a/modules/Microsoft.CognitiveServices/accounts/readme.md +++ b/modules/Microsoft.CognitiveServices/accounts/readme.md @@ -418,8 +418,8 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { params: { // Required parameters kind: 'SpeechServices' - // Non-required parameters name: '<>-az-cgs-encr-001' + // Non-required parameters encryption: { keySource: 'Microsoft.KeyVault' keyVaultProperties: { @@ -454,10 +454,10 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { "kind": { "value": "SpeechServices" }, - // Non-required parameters "name": { "value": "<>-az-cgs-encr-001" }, + // Non-required parameters "encryption": { "value": { "keySource": "Microsoft.KeyVault", @@ -499,7 +499,6 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { params: { // Required parameters kind: 'SpeechServices' - // Non-required parameters name: '<>-az-cgs-min-001' } } @@ -521,7 +520,6 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { "kind": { "value": "SpeechServices" }, - // Non-required parameters "name": { "value": "<>-az-cgs-min-001" } @@ -544,8 +542,8 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { params: { // Required parameters kind: 'Face' - // Non-required parameters name: '<>-az-cgs-x-001' + // Non-required parameters customSubDomainName: '<>xdomain' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' @@ -595,10 +593,10 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { "kind": { "value": "Face" }, - // Non-required parameters "name": { "value": "<>-az-cgs-x-001" }, + // Non-required parameters "customSubDomainName": { "value": "<>xdomain" }, @@ -671,8 +669,8 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { params: { // Required parameters kind: 'SpeechServices' - // Non-required parameters name: '<>-az-cgs-speech-001' + // Non-required parameters customSubDomainName: '<>speechdomain' privateEndpoints: [ { @@ -705,10 +703,10 @@ module accounts './Microsoft.CognitiveServices/accounts/deploy.bicep' = { "kind": { "value": "SpeechServices" }, - // Non-required parameters "name": { "value": "<>-az-cgs-speech-001" }, + // Non-required parameters "customSubDomainName": { "value": "<>speechdomain" }, diff --git a/modules/Microsoft.Compute/diskEncryptionSets/readme.md b/modules/Microsoft.Compute/diskEncryptionSets/readme.md index f48e488ff5..3685788b25 100644 --- a/modules/Microsoft.Compute/diskEncryptionSets/readme.md +++ b/modules/Microsoft.Compute/diskEncryptionSets/readme.md @@ -165,9 +165,9 @@ module diskEncryptionSets './Microsoft.Compute/diskEncryptionSets/deploy.bicep' params: { // Required parameters keyName: 'keyEncryptionKey' - // Non-required parameters keyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' name: '<>-az-des-x-001' + // Non-required parameters roleAssignments: [ { principalIds: [ diff --git a/modules/Microsoft.Compute/disks/readme.md b/modules/Microsoft.Compute/disks/readme.md index bd531ebf6a..28c6402f09 100644 --- a/modules/Microsoft.Compute/disks/readme.md +++ b/modules/Microsoft.Compute/disks/readme.md @@ -179,8 +179,8 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { params: { // Required parameters name: '<>-az-disk-image-001' - // Non-required parameters sku: 'Standard_LRS' + // Non-required parameters createOption: 'FromImage' imageReferenceId: '/Subscriptions/<>/Providers/Microsoft.Compute/Locations/westeurope/Publishers/MicrosoftWindowsServer/ArtifactTypes/VMImage/Offers/WindowsServer/Skus/2016-Datacenter/Versions/14393.4906.2112080838' roleAssignments: [ @@ -250,8 +250,8 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { params: { // Required parameters name: '<>-az-disk-import-001' - // Non-required parameters sku: 'Standard_LRS' + // Non-required parameters createOption: 'Import' roleAssignments: [ { @@ -325,8 +325,8 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { params: { // Required parameters name: '<>-az-disk-min-001' - // Non-required parameters sku: 'Standard_LRS' + // Non-required parameters diskSizeGB: 1 roleAssignments: [ { @@ -392,8 +392,8 @@ module disks './Microsoft.Compute/disks/deploy.bicep' = { params: { // Required parameters name: '<>-az-disk-x-001' - // Non-required parameters sku: 'UltraSSD_LRS' + // Non-required parameters diskIOPSReadWrite: 500 diskMBpsReadWrite: 60 diskSizeGB: 128 diff --git a/modules/Microsoft.Compute/images/readme.md b/modules/Microsoft.Compute/images/readme.md index 4784f067fb..4936f44af1 100644 --- a/modules/Microsoft.Compute/images/readme.md +++ b/modules/Microsoft.Compute/images/readme.md @@ -163,11 +163,11 @@ module images './Microsoft.Compute/images/deploy.bicep' = { params: { // Required parameters name: '<>-az-img-x-001' - // Non-required parameters osAccountType: 'Premium_LRS' osDiskBlobUri: 'https://adp<>azsax001.blob.core.windows.net/vhds/adp-<>-az-imgt-x-001.vhd' osDiskCaching: 'ReadWrite' osType: 'Windows' + // Non-required parameters hyperVGeneration: 'V1' roleAssignments: [ { diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md index 2f943dbe7f..8f3eedff15 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md @@ -887,7 +887,6 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl params: { // Required parameters adminUsername: 'scaleSetAdmin' - // Non-required parameters imageReference: { offer: 'UbuntuServer' publisher: 'Canonical' @@ -904,6 +903,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } osType: 'Linux' skuName: 'Standard_B2s' + // Non-required parameters disablePasswordAuthentication: true nicConfigurations: [ { @@ -969,10 +969,10 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "osType": { "value": "Linux" }, - // Non-required parameters "skuName": { "value": "Standard_B2s" }, + // Non-required parameters "disablePasswordAuthentication": { "value": true }, @@ -1020,7 +1020,6 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl params: { // Required parameters adminUsername: 'scaleSetAdmin' - // Non-required parameters imageReference: { offer: 'UbuntuServer' publisher: 'Canonical' @@ -1037,6 +1036,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } osType: 'Linux' skuName: 'Standard_B2s' + // Non-required parameters availabilityZones: [ '2' ] @@ -1182,10 +1182,10 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "osType": { "value": "Linux" }, - // Non-required parameters "skuName": { "value": "Standard_B2s" }, + // Non-required parameters "availabilityZones": { "value": [ "2" @@ -1364,7 +1364,6 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl params: { // Required parameters adminUsername: kv1.getSecret('adminUsername') - // Non-required parameters imageReference: { offer: 'WindowsServer' publisher: 'MicrosoftWindowsServer' @@ -1381,6 +1380,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } osType: 'Windows' skuName: 'Standard_B2s' + // Non-required parameters adminPassword: kv1.getSecret('adminPassword') nicConfigurations: [ { @@ -1445,10 +1445,10 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "osType": { "value": "Windows" }, - // Non-required parameters "skuName": { "value": "Standard_B2s" }, + // Non-required parameters "adminPassword": { "reference": { "keyVault": { @@ -1498,7 +1498,6 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl params: { // Required parameters adminUsername: kv1.getSecret('adminUsername') - // Non-required parameters imageReference: { offer: 'WindowsServer' publisher: 'MicrosoftWindowsServer' @@ -1515,6 +1514,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } osType: 'Windows' skuName: 'Standard_B2s' + // Non-required parameters adminPassword: kv1.getSecret('adminPassword') diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' @@ -1657,10 +1657,10 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "osType": { "value": "Windows" }, - // Non-required parameters "skuName": { "value": "Standard_B2s" }, + // Non-required parameters "adminPassword": { "reference": { "keyVault": { diff --git a/modules/Microsoft.Compute/virtualMachines/readme.md b/modules/Microsoft.Compute/virtualMachines/readme.md index 4c3ed7d0f5..2819829786 100644 --- a/modules/Microsoft.Compute/virtualMachines/readme.md +++ b/modules/Microsoft.Compute/virtualMachines/readme.md @@ -1014,7 +1014,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { params: { // Required parameters adminUsername: 'localAdminUser' - // Non-required parameters imageReference: { offer: 'UbuntuServer' publisher: 'Canonical' @@ -1043,6 +1042,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { } osType: 'Linux' vmSize: 'Standard_B12ms' + // Non-required parameters configurationProfile: '/providers/Microsoft.Automanage/bestPractices/AzureBestPracticesProduction' disablePasswordAuthentication: true name: '<>-vm-linux-autmg-01' @@ -1080,7 +1080,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "version": "latest" } }, - // Non-required parameters "nicConfigurations": { "value": [ { @@ -1111,6 +1110,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "vmSize": { "value": "Standard_B12ms" }, + // Non-required parameters "configurationProfile": { "value": "/providers/Microsoft.Automanage/bestPractices/AzureBestPracticesProduction" }, @@ -1147,7 +1147,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { params: { // Required parameters adminUsername: 'localAdminUser' - // Non-required parameters imageReference: { offer: 'UbuntuServer' publisher: 'Canonical' @@ -1176,6 +1175,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { } osType: 'Linux' vmSize: 'Standard_B12ms' + // Non-required parameters disablePasswordAuthentication: true name: '<>-vm-linux-min-01' publicKeys: [ @@ -1212,7 +1212,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "version": "latest" } }, - // Non-required parameters "nicConfigurations": { "value": [ { @@ -1243,6 +1242,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "vmSize": { "value": "Standard_B12ms" }, + // Non-required parameters "disablePasswordAuthentication": { "value": true }, @@ -1276,7 +1276,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { params: { // Required parameters adminUsername: 'localAdminUser' - // Non-required parameters imageReference: { offer: 'UbuntuServer' publisher: 'Canonical' @@ -1335,6 +1334,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { } osType: 'Linux' vmSize: 'Standard_B12ms' + // Non-required parameters availabilityZone: 1 backupPolicyName: 'VMpolicy' backupVaultName: 'adp-<>-az-rsv-x-001' @@ -1452,7 +1452,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "version": "latest" } }, - // Non-required parameters "nicConfigurations": { "value": [ { @@ -1513,6 +1512,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "vmSize": { "value": "Standard_B12ms" }, + // Non-required parameters "availabilityZone": { "value": 1 }, @@ -1678,7 +1678,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { params: { // Required parameters adminUsername: 'localAdminUser' - // Non-required parameters imageReference: { offer: 'WindowsServer' publisher: 'MicrosoftWindowsServer' @@ -1704,6 +1703,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { } osType: 'Windows' vmSize: 'Standard_B12ms' + // Non-required parameters adminPassword: kv1.getSecret('adminPassword') configurationProfile: '/providers/Microsoft.Automanage/bestPractices/AzureBestPracticesProduction' name: '<>-vm-win-03' @@ -1735,7 +1735,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "version": "latest" } }, - // Non-required parameters "nicConfigurations": { "value": [ { @@ -1763,6 +1762,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "vmSize": { "value": "Standard_B12ms" }, + // Non-required parameters "adminPassword": { "reference": { "keyVault": { @@ -1801,7 +1801,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { params: { // Required parameters adminUsername: 'localAdminUser' - // Non-required parameters imageReference: { offer: 'WindowsServer' publisher: 'MicrosoftWindowsServer' @@ -1827,6 +1826,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { } osType: 'Windows' vmSize: 'Standard_B12ms' + // Non-required parameters adminPassword: kv1.getSecret('adminPassword') name: '<>-vm-win-02' } @@ -1857,7 +1857,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "version": "latest" } }, - // Non-required parameters "nicConfigurations": { "value": [ { @@ -1885,6 +1884,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "vmSize": { "value": "Standard_B12ms" }, + // Non-required parameters "adminPassword": { "reference": { "keyVault": { @@ -1920,7 +1920,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { params: { // Required parameters adminUsername: 'localAdminUser' - // Non-required parameters imageReference: { offer: 'WindowsServer' publisher: 'MicrosoftWindowsServer' @@ -1979,6 +1978,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { } osType: 'Windows' vmSize: 'Standard_B12ms' + // Non-required parameters adminPassword: kv1.getSecret('adminPassword') availabilityZone: 2 backupPolicyName: 'VMpolicy' @@ -2108,7 +2108,6 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "version": "latest" } }, - // Non-required parameters "nicConfigurations": { "value": [ { @@ -2169,6 +2168,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { "vmSize": { "value": "Standard_B12ms" }, + // Non-required parameters "adminPassword": { "reference": { "keyVault": { diff --git a/modules/Microsoft.ContainerInstance/containerGroups/readme.md b/modules/Microsoft.ContainerInstance/containerGroups/readme.md index 9665c52899..e42a6195ec 100644 --- a/modules/Microsoft.ContainerInstance/containerGroups/readme.md +++ b/modules/Microsoft.ContainerInstance/containerGroups/readme.md @@ -184,9 +184,9 @@ module containerGroups './Microsoft.ContainerInstance/containerGroups/deploy.bic params: { // Required parameters containerName: '<>-az-aci-x-001' - // Non-required parameters image: 'mcr.microsoft.com/azuredocs/aci-helloworld' name: '<>-az-acg-x-001' + // Non-required parameters lock: 'CanNotDelete' ports: [ { @@ -222,13 +222,13 @@ module containerGroups './Microsoft.ContainerInstance/containerGroups/deploy.bic "containerName": { "value": "<>-az-aci-x-001" }, - // Non-required parameters "image": { "value": "mcr.microsoft.com/azuredocs/aci-helloworld" }, "name": { "value": "<>-az-acg-x-001" }, + // Non-required parameters "lock": { "value": "CanNotDelete" }, diff --git a/modules/Microsoft.ContainerService/managedClusters/readme.md b/modules/Microsoft.ContainerService/managedClusters/readme.md index 5b7ec454eb..53f19d621b 100644 --- a/modules/Microsoft.ContainerService/managedClusters/readme.md +++ b/modules/Microsoft.ContainerService/managedClusters/readme.md @@ -373,8 +373,8 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice params: { // Required parameters name: '<>-az-aks-azure-001' - // Non-required parameters primaryAgentPoolProfile: [ + // Non-required parameters { availabilityZones: [ '1' @@ -484,7 +484,6 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice "name": { "value": "<>-az-aks-azure-001" }, - // Non-required parameters "primaryAgentPoolProfile": { "value": [ { @@ -508,6 +507,7 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice } ] }, + // Non-required parameters "agentPools": { "value": [ { @@ -618,8 +618,8 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice params: { // Required parameters name: '<>-az-aks-kubenet-001' - // Non-required parameters primaryAgentPoolProfile: [ + // Non-required parameters { availabilityZones: [ '1' @@ -726,7 +726,6 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice "name": { "value": "<>-az-aks-kubenet-001" }, - // Non-required parameters "primaryAgentPoolProfile": { "value": [ { @@ -749,6 +748,7 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice } ] }, + // Non-required parameters "agentPools": { "value": [ { diff --git a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md index fee2029d36..946c0f9a3d 100644 --- a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md +++ b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md @@ -173,7 +173,6 @@ module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/de params: { // Required parameters applicationGroupType: 'RemoteApp' - // Non-required parameters hostpoolName: 'adp-<>-az-avdhp-x-001' name: '<>-az-avdag-min-001' } @@ -202,7 +201,6 @@ module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/de "name": { "value": "<>-az-avdag-min-001" } - // Non-required parameters } } ``` @@ -222,9 +220,9 @@ module applicationgroups './Microsoft.DesktopVirtualization/applicationgroups/de params: { // Required parameters applicationGroupType: 'RemoteApp' - // Non-required parameters hostpoolName: 'adp-<>-az-avdhp-x-001' name: '<>-az-avdag-x-001' + // Non-required parameters applications: [ { commandLineArguments: '' diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md index d45a5f37b6..cb3246907c 100644 --- a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md +++ b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md @@ -546,7 +546,6 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = params: { // Required parameters locations: [ - // Non-required parameters { failoverPriority: 0 isZoneRedundant: false @@ -559,6 +558,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } ] name: '<>-az-cdb-gremlindb-001' + // Non-required parameters capabilitiesToAdd: [ 'EnableGremlin' ] @@ -648,10 +648,10 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } ] }, - // Non-required parameters "name": { "value": "<>-az-cdb-gremlindb-001" }, + // Non-required parameters "capabilitiesToAdd": { "value": [ "EnableGremlin" @@ -749,7 +749,6 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = params: { // Required parameters locations: [ - // Non-required parameters { failoverPriority: 0 isZoneRedundant: false @@ -762,6 +761,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } ] name: '<>-az-cdb-mongodb-001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -992,10 +992,10 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } ] }, - // Non-required parameters "name": { "value": "<>-az-cdb-mongodb-001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, @@ -1232,7 +1232,6 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = params: { // Required parameters locations: [ - // Non-required parameters { failoverPriority: 0 isZoneRedundant: false @@ -1245,6 +1244,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } ] name: '<>-az-cdb-plain-001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -1290,10 +1290,10 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } ] }, - // Non-required parameters "name": { "value": "<>-az-cdb-plain-001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, @@ -1341,7 +1341,6 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = params: { // Required parameters locations: [ - // Non-required parameters { failoverPriority: 0 isZoneRedundant: false @@ -1354,6 +1353,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } ] name: '<>-az-cdb-sqldb-001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -1420,10 +1420,10 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } ] }, - // Non-required parameters "name": { "value": "<>-az-cdb-sqldb-001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/modules/Microsoft.EventGrid/systemTopics/readme.md b/modules/Microsoft.EventGrid/systemTopics/readme.md index a6a1566809..430343e805 100644 --- a/modules/Microsoft.EventGrid/systemTopics/readme.md +++ b/modules/Microsoft.EventGrid/systemTopics/readme.md @@ -283,7 +283,6 @@ module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { params: { // Required parameters name: '<>-az-egstn-x-002' - // Non-required parameters source: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' topicType: 'Microsoft.Storage.StorageAccounts' } @@ -306,7 +305,6 @@ module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { "name": { "value": "<>-az-egstn-x-002" }, - // Non-required parameters "source": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" }, @@ -332,9 +330,9 @@ module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { params: { // Required parameters name: '<>-az-egstn-x-001' - // Non-required parameters source: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' topicType: 'Microsoft.Storage.StorageAccounts' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -369,13 +367,13 @@ module systemTopics './Microsoft.EventGrid/systemTopics/deploy.bicep' = { "name": { "value": "<>-az-egstn-x-001" }, - // Non-required parameters "source": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" }, "topicType": { "value": "Microsoft.Storage.StorageAccounts" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, diff --git a/modules/Microsoft.Insights/actionGroups/readme.md b/modules/Microsoft.Insights/actionGroups/readme.md index f2ef49fe60..bad1ff7f29 100644 --- a/modules/Microsoft.Insights/actionGroups/readme.md +++ b/modules/Microsoft.Insights/actionGroups/readme.md @@ -246,8 +246,8 @@ module actionGroups './Microsoft.Insights/actionGroups/deploy.bicep' = { params: { // Required parameters groupShortName: 'azagweux001' - // Non-required parameters name: '<>-az-ag-x-001' + // Non-required parameters emailReceivers: [ { emailAddress: 'test.user@testcompany.com' @@ -295,10 +295,10 @@ module actionGroups './Microsoft.Insights/actionGroups/deploy.bicep' = { "groupShortName": { "value": "azagweux001" }, - // Non-required parameters "name": { "value": "<>-az-ag-x-001" }, + // Non-required parameters "emailReceivers": { "value": [ { diff --git a/modules/Microsoft.Insights/activityLogAlerts/readme.md b/modules/Microsoft.Insights/activityLogAlerts/readme.md index 30e0b922b9..ca4b16cba8 100644 --- a/modules/Microsoft.Insights/activityLogAlerts/readme.md +++ b/modules/Microsoft.Insights/activityLogAlerts/readme.md @@ -408,7 +408,6 @@ module activityLogAlerts './Microsoft.Insights/activityLogAlerts/deploy.bicep' = params: { // Required parameters conditions: [ - // Non-required parameters { equals: 'Administrative' field: 'category' @@ -423,6 +422,7 @@ module activityLogAlerts './Microsoft.Insights/activityLogAlerts/deploy.bicep' = } ] name: '<>-az-ala-x-001' + // Non-required parameters actions: [ { actionGroupId: '/subscriptions/<>/resourceGroups/validation-rg/providers/microsoft.insights/actiongroups/adp-<>-az-ag-x-001' @@ -472,10 +472,10 @@ module activityLogAlerts './Microsoft.Insights/activityLogAlerts/deploy.bicep' = } ] }, - // Non-required parameters "name": { "value": "<>-az-ala-x-001" }, + // Non-required parameters "actions": { "value": [ { diff --git a/modules/Microsoft.Insights/components/readme.md b/modules/Microsoft.Insights/components/readme.md index 792290d47e..b6c7604661 100644 --- a/modules/Microsoft.Insights/components/readme.md +++ b/modules/Microsoft.Insights/components/readme.md @@ -164,8 +164,8 @@ module components './Microsoft.Insights/components/deploy.bicep' = { params: { // Required parameters name: '<>-az-appi-x-001' - // Non-required parameters workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-appi-001' + // Non-required parameters roleAssignments: [ { principalIds: [ @@ -194,10 +194,10 @@ module components './Microsoft.Insights/components/deploy.bicep' = { "name": { "value": "<>-az-appi-x-001" }, - // Non-required parameters "workspaceResourceId": { "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-appi-001" }, + // Non-required parameters "roleAssignments": { "value": [ { diff --git a/modules/Microsoft.Insights/metricAlerts/readme.md b/modules/Microsoft.Insights/metricAlerts/readme.md index b448e6dac6..8ad192b4f3 100644 --- a/modules/Microsoft.Insights/metricAlerts/readme.md +++ b/modules/Microsoft.Insights/metricAlerts/readme.md @@ -389,7 +389,6 @@ module metricAlerts './Microsoft.Insights/metricAlerts/deploy.bicep' = { params: { // Required parameters criterias: [ - // Non-required parameters { criterionType: 'StaticThresholdCriterion' metricName: 'Percentage CPU' @@ -401,6 +400,7 @@ module metricAlerts './Microsoft.Insights/metricAlerts/deploy.bicep' = { } ] name: '<>-az-ma-x-001' + // Non-required parameters actions: [ '/subscriptions/<>/resourceGroups/validation-rg/providers/microsoft.insights/actiongroups/adp-<>-az-ag-x-001' ] diff --git a/modules/Microsoft.KubernetesConfiguration/extensions/readme.md b/modules/Microsoft.KubernetesConfiguration/extensions/readme.md index bd30d7a753..33d096e87d 100644 --- a/modules/Microsoft.KubernetesConfiguration/extensions/readme.md +++ b/modules/Microsoft.KubernetesConfiguration/extensions/readme.md @@ -79,9 +79,9 @@ module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' params: { // Required parameters clusterName: '<>-az-aks-kubenet-001' - // Non-required parameters extensionType: 'microsoft.flux' name: 'flux' + // Non-required parameters releaseNamespace: 'flux-system' releaseTrain: 'Stable' } @@ -136,9 +136,9 @@ module extensions './Microsoft.KubernetesConfiguration/extensions/deploy.bicep' params: { // Required parameters clusterName: '<>-az-aks-kubenet-001' - // Non-required parameters extensionType: 'microsoft.flux' name: 'flux' + // Non-required parameters configurationSettings: { 'image-automation-controller.enabled': 'false' 'image-reflector-controller.enabled': 'false' diff --git a/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md b/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md index a0dc6f0942..a8a10442ce 100644 --- a/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md +++ b/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md @@ -81,11 +81,11 @@ module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfiguration params: { // Required parameters clusterName: '<>-az-aks-kubenet-001' - // Non-required parameters name: 'flux2' namespace: 'flux-system' scope: 'cluster' sourceKind: 'GitRepository' + // Non-required parameters gitRepository: { repositoryRef: { branch: 'main' @@ -121,13 +121,13 @@ module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfiguration "namespace": { "value": "flux-system" }, - // Non-required parameters "scope": { "value": "cluster" }, "sourceKind": { "value": "GitRepository" }, + // Non-required parameters "gitRepository": { "value": { "repositoryRef": { @@ -158,11 +158,11 @@ module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfiguration params: { // Required parameters clusterName: '<>-az-aks-kubenet-001' - // Non-required parameters name: 'flux2' namespace: 'flux-system' scope: 'cluster' sourceKind: 'GitRepository' + // Non-required parameters gitRepository: { repositoryRef: { branch: 'main' @@ -208,13 +208,13 @@ module fluxConfigurations './Microsoft.KubernetesConfiguration/fluxConfiguration "namespace": { "value": "flux-system" }, - // Non-required parameters "scope": { "value": "cluster" }, "sourceKind": { "value": "GitRepository" }, + // Non-required parameters "gitRepository": { "value": { "repositoryRef": { diff --git a/modules/Microsoft.MachineLearningServices/workspaces/readme.md b/modules/Microsoft.MachineLearningServices/workspaces/readme.md index 626597af2e..54a4001425 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/readme.md +++ b/modules/Microsoft.MachineLearningServices/workspaces/readme.md @@ -412,11 +412,11 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' params: { // Required parameters associatedApplicationInsightsResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' - // Non-required parameters associatedKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' associatedStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' name: '<>-az-mls-encr-001' sku: 'Basic' + // Non-required parameters cMKKeyName: 'keyEncryptionKey' cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' cMKUserAssignedIdentityResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' @@ -511,11 +511,11 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' params: { // Required parameters associatedApplicationInsightsResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' - // Non-required parameters associatedKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' associatedStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' name: '<>-az-mls-min-001' sku: 'Basic' + // Non-required parameters systemAssignedIdentity: true } } @@ -572,11 +572,11 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' params: { // Required parameters associatedApplicationInsightsResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' - // Non-required parameters associatedKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' associatedStorageAccountResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' name: '<>-az-mls-x-001' sku: 'Basic' + // Non-required parameters computes: [ { computeLocation: 'westeurope' diff --git a/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md b/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md index 3036a59b6c..811647a049 100644 --- a/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md +++ b/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md @@ -179,7 +179,6 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti params: { // Required parameters authorizations: [ - // Non-required parameters { principalId: 'e87a249c-b53b-4685-94fe-863af522e4ee' principalIdDisplayName: 'ResourceModules-Reader' @@ -244,7 +243,6 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti "registrationDescription": { "value": "Managed by Lighthouse" } - // Non-required parameters } } ``` @@ -264,7 +262,6 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti params: { // Required parameters authorizations: [ - // Non-required parameters { principalId: 'e87a249c-b53b-4685-94fe-863af522e4ee' principalIdDisplayName: 'ResourceModules-Reader' @@ -284,6 +281,7 @@ module registrationDefinitions './Microsoft.ManagedServices/registrationDefiniti managedByTenantId: '195ee85d-2f10-4764-8352-a3c99aa772fb' name: 'Component Validation - Resource group assignment' registrationDescription: 'Managed by Lighthouse' + // Non-required parameters resourceGroupName: 'validation-rg' } } diff --git a/modules/Microsoft.Network/azureFirewalls/readme.md b/modules/Microsoft.Network/azureFirewalls/readme.md index 66a275f806..14b432ca91 100644 --- a/modules/Microsoft.Network/azureFirewalls/readme.md +++ b/modules/Microsoft.Network/azureFirewalls/readme.md @@ -313,8 +313,8 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { params: { // Required parameters name: '<>-az-fw-add-001' - // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-add-azfw' + // Non-required parameters additionalPublicIpConfigurations: [ { name: 'ipConfig01' @@ -372,8 +372,8 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { params: { // Required parameters name: '<>-az-fw-custompip-001' - // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-azfw' + // Non-required parameters publicIPAddressObject: { diagnosticLogCategoriesToEnable: [ 'DDoSMitigationFlowLogs' @@ -465,7 +465,6 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { params: { // Required parameters name: '<>-az-fw-min-001' - // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-min-azfw' } } @@ -490,7 +489,6 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { "vNetId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-min-azfw" } - // Non-required parameters } } ``` @@ -510,8 +508,8 @@ module azureFirewalls './Microsoft.Network/azureFirewalls/deploy.bicep' = { params: { // Required parameters name: '<>-az-fw-x-001' - // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-azfw' + // Non-required parameters applicationRuleCollections: [ { name: 'allow-app-rules' diff --git a/modules/Microsoft.Network/bastionHosts/readme.md b/modules/Microsoft.Network/bastionHosts/readme.md index c78163f459..0e65d70d63 100644 --- a/modules/Microsoft.Network/bastionHosts/readme.md +++ b/modules/Microsoft.Network/bastionHosts/readme.md @@ -297,8 +297,8 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { params: { // Required parameters name: '<>-az-bas-add-001' - // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-add-bas' + // Non-required parameters additionalPublicIpConfigurations: [ { name: 'ipConfig01' @@ -325,10 +325,10 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { "name": { "value": "<>-az-bas-add-001" }, - // Non-required parameters "vNetId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-add-bas" }, + // Non-required parameters "additionalPublicIpConfigurations": { "value": [ { @@ -356,8 +356,8 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { params: { // Required parameters name: '<>-az-bas-custompip-001' - // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-bas' + // Non-required parameters publicIPAddressObject: { diagnosticLogCategoriesToEnable: [ 'DDoSMitigationFlowLogs' @@ -401,10 +401,10 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { "name": { "value": "<>-az-bas-custompip-001" }, - // Non-required parameters "vNetId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-custompip-bas" }, + // Non-required parameters "publicIPAddressObject": { "value": { "diagnosticLogCategoriesToEnable": [ @@ -449,7 +449,6 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { params: { // Required parameters name: '<>-az-bas-min-001' - // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-002' } } @@ -471,7 +470,6 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { "name": { "value": "<>-az-bas-min-001" }, - // Non-required parameters "vNetId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-002" } @@ -494,8 +492,8 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { params: { // Required parameters name: '<>-az-bas-x-001' - // Non-required parameters vNetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' + // Non-required parameters azureBastionSubnetPublicIpId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-bas' diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' @@ -533,10 +531,10 @@ module bastionHosts './Microsoft.Network/bastionHosts/deploy.bicep' = { "name": { "value": "<>-az-bas-x-001" }, - // Non-required parameters "vNetId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001" }, + // Non-required parameters "azureBastionSubnetPublicIpId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-bas" }, diff --git a/modules/Microsoft.Network/connections/readme.md b/modules/Microsoft.Network/connections/readme.md index f008d22f00..823cbe3936 100644 --- a/modules/Microsoft.Network/connections/readme.md +++ b/modules/Microsoft.Network/connections/readme.md @@ -323,8 +323,8 @@ module connections './Microsoft.Network/connections/deploy.bicep' = { params: { // Required parameters name: '<>-az-vnetgwc-x-001' - // Non-required parameters virtualNetworkGateway1: { + // Non-required parameters id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworkGateways/<>-az-vnet-vpn-gw-p-001' } enableBgp: false diff --git a/modules/Microsoft.Network/expressRouteCircuits/readme.md b/modules/Microsoft.Network/expressRouteCircuits/readme.md index d959a93fc7..8bd0c3b8b0 100644 --- a/modules/Microsoft.Network/expressRouteCircuits/readme.md +++ b/modules/Microsoft.Network/expressRouteCircuits/readme.md @@ -181,10 +181,10 @@ module expressRouteCircuits './Microsoft.Network/expressRouteCircuits/deploy.bic params: { // Required parameters bandwidthInMbps: 50 - // Non-required parameters name: '<>-az-erc-x-001' peeringLocation: 'Amsterdam' serviceProviderName: 'Equinix' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diff --git a/modules/Microsoft.Network/loadBalancers/readme.md b/modules/Microsoft.Network/loadBalancers/readme.md index e3ebaf1105..3894a733ed 100644 --- a/modules/Microsoft.Network/loadBalancers/readme.md +++ b/modules/Microsoft.Network/loadBalancers/readme.md @@ -14,7 +14,7 @@ This module deploys a load balancer. | Resource Type | API Version | | :-- | :-- | | `Microsoft.Authorization/locks` | [2017-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) | -| `Microsoft.Authorization/roleAssignments` | [2020-10-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/roleAssignments) | +| `Microsoft.Authorization/roleAssignments` | [2020-10-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2020-10-01-preview/roleAssignments) | | `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) | | `Microsoft.Network/loadBalancers` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/loadBalancers) | | `Microsoft.Network/loadBalancers/backendAddressPools` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/loadBalancers/backendAddressPools) | @@ -473,13 +473,13 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { params: { // Required parameters frontendIPConfigurations: [ - // Non-required parameters { name: 'privateIPConfig1' subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' } ] name: '<>-az-lb-internal-001' + // Non-required parameters backendAddressPools: [ { name: 'servers' @@ -674,7 +674,6 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { params: { // Required parameters frontendIPConfigurations: [ - // Non-required parameters { name: 'publicIPConfig1' publicIPAddressId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-min-lb' @@ -709,7 +708,6 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { "name": { "value": "<>-az-lb-min-001" } - // Non-required parameters } } ``` @@ -729,13 +727,13 @@ module loadBalancers './Microsoft.Network/loadBalancers/deploy.bicep' = { params: { // Required parameters frontendIPConfigurations: [ - // Non-required parameters { name: 'publicIPConfig1' publicIPAddressId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/publicIPAddresses/adp-<>-az-pip-x-lb' } ] name: '<>-az-lb-x-001' + // Non-required parameters backendAddressPools: [ { name: 'backendAddressPool1' diff --git a/modules/Microsoft.Network/localNetworkGateways/readme.md b/modules/Microsoft.Network/localNetworkGateways/readme.md index 7ee02e5527..b766471bbf 100644 --- a/modules/Microsoft.Network/localNetworkGateways/readme.md +++ b/modules/Microsoft.Network/localNetworkGateways/readme.md @@ -165,11 +165,11 @@ module localNetworkGateways './Microsoft.Network/localNetworkGateways/deploy.bic params: { // Required parameters localAddressPrefixes: [ - // Non-required parameters '192.168.1.0/24' ] localGatewayPublicIpAddress: '8.8.8.8' name: '<>-az-lng-x-001' + // Non-required parameters localAsn: '65123' localBgpPeeringAddress: '192.168.1.5' lock: 'CanNotDelete' diff --git a/modules/Microsoft.Network/networkInterfaces/readme.md b/modules/Microsoft.Network/networkInterfaces/readme.md index 626f9bebc5..e71b773fb9 100644 --- a/modules/Microsoft.Network/networkInterfaces/readme.md +++ b/modules/Microsoft.Network/networkInterfaces/readme.md @@ -193,7 +193,6 @@ module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = params: { // Required parameters ipConfigurations: [ - // Non-required parameters { name: 'ipconfig01' subnetId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-001' @@ -228,7 +227,6 @@ module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = "name": { "value": "<>-az-nic-min-001" } - // Non-required parameters } } ``` @@ -248,7 +246,6 @@ module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = params: { // Required parameters ipConfigurations: [ - // Non-required parameters { applicationSecurityGroups: [ { @@ -265,6 +262,7 @@ module networkInterfaces './Microsoft.Network/networkInterfaces/deploy.bicep' = } ] name: '<>-az-nic-x-001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diff --git a/modules/Microsoft.Network/privateEndpoints/readme.md b/modules/Microsoft.Network/privateEndpoints/readme.md index f2e31d5a17..98f045db67 100644 --- a/modules/Microsoft.Network/privateEndpoints/readme.md +++ b/modules/Microsoft.Network/privateEndpoints/readme.md @@ -176,7 +176,6 @@ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { params: { // Required parameters groupIds: [ - // Non-required parameters 'vault' ] name: '<>-az-pe-kvlt-min-001' @@ -213,7 +212,6 @@ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { "subnetResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" } - // Non-required parameters } } ``` @@ -233,12 +231,12 @@ module privateEndpoints './Microsoft.Network/privateEndpoints/deploy.bicep' = { params: { // Required parameters groupIds: [ - // Non-required parameters 'vault' ] name: '<>-az-pe-kvlt-001' serviceResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-pe' subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + // Non-required parameters lock: 'CanNotDelete' privateDnsZoneGroups: [ { diff --git a/modules/Microsoft.Network/publicIPPrefixes/readme.md b/modules/Microsoft.Network/publicIPPrefixes/readme.md index 7856a770e2..eabaa2bc8c 100644 --- a/modules/Microsoft.Network/publicIPPrefixes/readme.md +++ b/modules/Microsoft.Network/publicIPPrefixes/readme.md @@ -160,8 +160,8 @@ module publicIPPrefixes './Microsoft.Network/publicIPPrefixes/deploy.bicep' = { params: { // Required parameters name: '<>-az-pippfx-x-001' - // Non-required parameters prefixLength: 28 + // Non-required parameters lock: 'CanNotDelete' roleAssignments: [ { diff --git a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md index ee48ced853..ffda0ec91e 100644 --- a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md +++ b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md @@ -264,8 +264,8 @@ module trafficmanagerprofiles './Microsoft.Network/trafficmanagerprofiles/deploy params: { // Required parameters name: 'tm-000001' - // Non-required parameters relativeName: 'tm-000001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diff --git a/modules/Microsoft.Network/virtualHubs/readme.md b/modules/Microsoft.Network/virtualHubs/readme.md index 2171a6499e..9af9b79a9e 100644 --- a/modules/Microsoft.Network/virtualHubs/readme.md +++ b/modules/Microsoft.Network/virtualHubs/readme.md @@ -117,7 +117,6 @@ module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { params: { // Required parameters addressPrefix: '10.0.0.0/16' - // Non-required parameters name: '<>-az-vhub-min-001' virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001' } @@ -146,7 +145,6 @@ module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { "virtualWanId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001" } - // Non-required parameters } } ``` @@ -166,9 +164,9 @@ module virtualHubs './Microsoft.Network/virtualHubs/deploy.bicep' = { params: { // Required parameters addressPrefix: '10.1.0.0/16' - // Non-required parameters name: '<>-az-vhub-x-001' virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/adp-<>-az-vw-x-001' + // Non-required parameters hubRouteTables: [ { name: 'routeTable1' diff --git a/modules/Microsoft.Network/virtualNetworkGateways/readme.md b/modules/Microsoft.Network/virtualNetworkGateways/readme.md index 52c92860fa..2dc8f6baa7 100644 --- a/modules/Microsoft.Network/virtualNetworkGateways/readme.md +++ b/modules/Microsoft.Network/virtualNetworkGateways/readme.md @@ -254,10 +254,10 @@ module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy params: { // Required parameters name: '<>-az-gw-er-001' - // Non-required parameters virtualNetworkGatewaySku: 'ErGw1AZ' virtualNetworkGatewayType: 'ExpressRoute' vNetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -375,10 +375,10 @@ module virtualNetworkGateways './Microsoft.Network/virtualNetworkGateways/deploy params: { // Required parameters name: '<>-az-gw-vpn-001' - // Non-required parameters virtualNetworkGatewaySku: 'VpnGw1AZ' virtualNetworkGatewayType: 'Vpn' vNetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001' + // Non-required parameters activeActive: true diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diff --git a/modules/Microsoft.Network/virtualNetworks/readme.md b/modules/Microsoft.Network/virtualNetworks/readme.md index 592046c66c..4a932781df 100644 --- a/modules/Microsoft.Network/virtualNetworks/readme.md +++ b/modules/Microsoft.Network/virtualNetworks/readme.md @@ -362,7 +362,6 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { params: { // Required parameters addressPrefixes: [ - // Non-required parameters '10.0.0.0/16' ] name: '<>-az-vnet-min-001' @@ -391,7 +390,6 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { "name": { "value": "<>-az-vnet-min-001" } - // Non-required parameters } } ``` @@ -411,10 +409,10 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { params: { // Required parameters addressPrefixes: [ - // Non-required parameters '10.0.0.0/16' ] name: '<>-az-vnet-x-001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -606,10 +604,10 @@ module virtualNetworks './Microsoft.Network/virtualNetworks/deploy.bicep' = { params: { // Required parameters addressPrefixes: [ - // Non-required parameters '10.0.0.0/24' ] name: '<>-az-vnet-peer-001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 diff --git a/modules/Microsoft.Network/vpnGateways/readme.md b/modules/Microsoft.Network/vpnGateways/readme.md index 0a9fcec80b..767976c644 100644 --- a/modules/Microsoft.Network/vpnGateways/readme.md +++ b/modules/Microsoft.Network/vpnGateways/readme.md @@ -184,7 +184,6 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { params: { // Required parameters name: '<>-az-vpngw-min-001' - // Non-required parameters virtualHubResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-min-001' } } @@ -209,7 +208,6 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { "virtualHubResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-min-001" } - // Non-required parameters } } ``` @@ -229,8 +227,8 @@ module vpnGateways './Microsoft.Network/vpnGateways/deploy.bicep' = { params: { // Required parameters name: '<>-az-vpngw-x-001' - // Non-required parameters virtualHubResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001' + // Non-required parameters bgpSettings: { asn: 65515 peerWeight: 0 diff --git a/modules/Microsoft.Network/vpnSites/readme.md b/modules/Microsoft.Network/vpnSites/readme.md index c7b820eff2..b748790702 100644 --- a/modules/Microsoft.Network/vpnSites/readme.md +++ b/modules/Microsoft.Network/vpnSites/readme.md @@ -332,8 +332,8 @@ module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { params: { // Required parameters name: '<>-az-vSite-min-001' - // Non-required parameters virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001' + // Non-required parameters addressPrefixes: [ '10.0.0.0/16' ] @@ -358,10 +358,10 @@ module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { "name": { "value": "<>-az-vSite-min-001" }, - // Non-required parameters "virtualWanId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001" }, + // Non-required parameters "addressPrefixes": { "value": [ "10.0.0.0/16" @@ -389,8 +389,8 @@ module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { params: { // Required parameters name: '<>-az-vSite-x-001' - // Non-required parameters virtualWanId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001' + // Non-required parameters deviceProperties: { linkSpeedInMbps: 0 } @@ -464,10 +464,10 @@ module vpnSites './Microsoft.Network/vpnSites/deploy.bicep' = { "name": { "value": "<>-az-vSite-x-001" }, - // Non-required parameters "virtualWanId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualWans/apd-<>-az-vw-x-001" }, + // Non-required parameters "deviceProperties": { "value": { "linkSpeedInMbps": 0 diff --git a/modules/Microsoft.OperationsManagement/solutions/readme.md b/modules/Microsoft.OperationsManagement/solutions/readme.md index b55b98eb5e..50fa4a7682 100644 --- a/modules/Microsoft.OperationsManagement/solutions/readme.md +++ b/modules/Microsoft.OperationsManagement/solutions/readme.md @@ -57,7 +57,6 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { params: { // Required parameters logAnalyticsWorkspaceName: 'adp-<>-az-law-sol-001' - // Non-required parameters name: 'Updates' } } @@ -82,7 +81,6 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { "name": { "value": "Updates" } - // Non-required parameters } } ``` @@ -102,8 +100,8 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { params: { // Required parameters logAnalyticsWorkspaceName: 'adp-<>-az-law-sol-001' - // Non-required parameters name: 'AzureAutomation' + // Non-required parameters product: 'OMSGallery' publisher: 'Microsoft' } @@ -155,8 +153,8 @@ module solutions './Microsoft.OperationsManagement/solutions/deploy.bicep' = { params: { // Required parameters logAnalyticsWorkspaceName: 'adp-<>-az-law-sol-001' - // Non-required parameters name: 'nonmsTestSolution' + // Non-required parameters product: 'nonmsTestSolutionProduct' publisher: 'nonmsTestSolutionPublisher' } diff --git a/modules/Microsoft.Security/azureSecurityCenter/readme.md b/modules/Microsoft.Security/azureSecurityCenter/readme.md index a532ca0e86..f0b63604b0 100644 --- a/modules/Microsoft.Security/azureSecurityCenter/readme.md +++ b/modules/Microsoft.Security/azureSecurityCenter/readme.md @@ -110,8 +110,8 @@ module azureSecurityCenter './Microsoft.Security/azureSecurityCenter/deploy.bice params: { // Required parameters scope: '/subscriptions/<>' - // Non-required parameters workspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + // Non-required parameters securityContactProperties: { alertNotifications: 'Off' alertsToAdmins: 'Off' @@ -138,10 +138,10 @@ module azureSecurityCenter './Microsoft.Security/azureSecurityCenter/deploy.bice "scope": { "value": "/subscriptions/<>" }, - // Non-required parameters "workspaceId": { "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" }, + // Non-required parameters "securityContactProperties": { "value": { "alertNotifications": "Off", diff --git a/modules/Microsoft.ServiceFabric/clusters/readme.md b/modules/Microsoft.ServiceFabric/clusters/readme.md index 6ba637900e..a1196b8c26 100644 --- a/modules/Microsoft.ServiceFabric/clusters/readme.md +++ b/modules/Microsoft.ServiceFabric/clusters/readme.md @@ -242,8 +242,8 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { params: { // Required parameters managementEndpoint: 'https://<>-az-sfc-cert-001.westeurope.cloudapp.azure.com:19080' - // Non-required parameters reliabilityLevel: 'None' + // Non-required parameters certificate: { thumbprint: '0AC113D5E1D94C401DDEB0EE2B1B96CC130' x509StoreName: 'My' @@ -337,8 +337,8 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { params: { // Required parameters managementEndpoint: 'https://<>-az-sfc-full-001.westeurope.cloudapp.azure.com:19080' - // Non-required parameters reliabilityLevel: 'Silver' + // Non-required parameters addOnFeatures: [ 'BackupRestoreService' 'DnsService' @@ -740,8 +740,8 @@ module clusters './Microsoft.ServiceFabric/clusters/deploy.bicep' = { params: { // Required parameters managementEndpoint: 'https://<>-az-sfc-min-001.westeurope.cloudapp.azure.com:19080' - // Non-required parameters reliabilityLevel: 'None' + // Non-required parameters name: '<>-az-sfc-min-001' nodeTypes: [ { diff --git a/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md b/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md index 8f61aa16bc..e25d1856b4 100644 --- a/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md +++ b/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md @@ -274,7 +274,6 @@ module imageTemplates './Microsoft.VirtualMachineImages/imageTemplates/deploy.bi params: { // Required parameters customizationSteps: [ - // Non-required parameters { restartTimeout: '30m' type: 'WindowsRestart' @@ -289,6 +288,7 @@ module imageTemplates './Microsoft.VirtualMachineImages/imageTemplates/deploy.bi } name: '<>-az-imgt-x-001' userMsiName: 'adp-<>-az-msi-x-001' + // Non-required parameters buildTimeoutInMinutes: 0 imageReplicationRegions: [] lock: 'CanNotDelete' @@ -344,10 +344,10 @@ module imageTemplates './Microsoft.VirtualMachineImages/imageTemplates/deploy.bi "name": { "value": "<>-az-imgt-x-001" }, - // Non-required parameters "userMsiName": { "value": "adp-<>-az-msi-x-001" }, + // Non-required parameters "buildTimeoutInMinutes": { "value": 0 }, diff --git a/modules/Microsoft.Web/connections/readme.md b/modules/Microsoft.Web/connections/readme.md index e5ef33d61a..6c109723bc 100644 --- a/modules/Microsoft.Web/connections/readme.md +++ b/modules/Microsoft.Web/connections/readme.md @@ -167,8 +167,8 @@ module connections './Microsoft.Web/connections/deploy.bicep' = { params: { // Required parameters displayName: 'azuremonitorlogs' - // Non-required parameters name: 'azuremonitor' + // Non-required parameters connectionApi: { id: '/subscriptions/<>/providers/Microsoft.Web/locations/westeurope/managedApis/azuremonitorlogs' } diff --git a/modules/Microsoft.Web/hostingEnvironments/readme.md b/modules/Microsoft.Web/hostingEnvironments/readme.md index c099cad13e..790af40e02 100644 --- a/modules/Microsoft.Web/hostingEnvironments/readme.md +++ b/modules/Microsoft.Web/hostingEnvironments/readme.md @@ -213,8 +213,8 @@ module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = params: { // Required parameters name: '<>-az-appse-asev2-001' - // Non-required parameters subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-008' + // Non-required parameters clusterSettings: [ { name: 'DisableTls1.0' @@ -322,8 +322,8 @@ module hostingEnvironments './Microsoft.Web/hostingEnvironments/deploy.bicep' = params: { // Required parameters name: '<>-az-appse-asev3-001' - // Non-required parameters subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-006' + // Non-required parameters clusterSettings: [ { name: 'DisableTls1.0' diff --git a/modules/Microsoft.Web/serverfarms/readme.md b/modules/Microsoft.Web/serverfarms/readme.md index b55f87175e..e0484b1e55 100644 --- a/modules/Microsoft.Web/serverfarms/readme.md +++ b/modules/Microsoft.Web/serverfarms/readme.md @@ -212,8 +212,8 @@ module serverfarms './Microsoft.Web/serverfarms/deploy.bicep' = { params: { // Required parameters name: '<>-az-asp-x-001' - // Non-required parameters sku: { + // Non-required parameters capacity: '1' family: 'S' name: 'S1' diff --git a/modules/Microsoft.Web/sites/readme.md b/modules/Microsoft.Web/sites/readme.md index df9f2f57ce..a6b74d0830 100644 --- a/modules/Microsoft.Web/sites/readme.md +++ b/modules/Microsoft.Web/sites/readme.md @@ -406,8 +406,8 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { params: { // Required parameters kind: 'functionapp' - // Non-required parameters name: '<>-az-fa-min-001' + // Non-required parameters serverFarmResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001' siteConfig: { alwaysOn: true @@ -432,10 +432,10 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { "kind": { "value": "functionapp" }, - // Non-required parameters "name": { "value": "<>-az-fa-min-001" }, + // Non-required parameters "serverFarmResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001" }, @@ -463,8 +463,8 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { params: { // Required parameters kind: 'functionapp' - // Non-required parameters name: '<>-az-fa-x-001' + // Non-required parameters appInsightId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001' appSettingsKeyValuePairs: { AzureFunctionsJobHost__logging__logLevel__default: 'Trace' @@ -585,10 +585,10 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { "kind": { "value": "functionapp" }, - // Non-required parameters "name": { "value": "<>-az-fa-x-001" }, + // Non-required parameters "appInsightId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-<>-az-appi-x-001" }, @@ -742,8 +742,8 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { params: { // Required parameters kind: 'app' - // Non-required parameters name: '<>-az-wa-min-001' + // Non-required parameters serverFarmResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001' } } @@ -765,10 +765,10 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { "kind": { "value": "app" }, - // Non-required parameters "name": { "value": "<>-az-wa-min-001" }, + // Non-required parameters "serverFarmResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Web/serverFarms/adp-<>-az-asp-x-001" } @@ -791,8 +791,8 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { params: { // Required parameters kind: 'app' - // Non-required parameters name: '<>-az-wa-x-001' + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 @@ -847,10 +847,10 @@ module sites './Microsoft.Web/sites/deploy.bicep' = { "kind": { "value": "app" }, - // Non-required parameters "name": { "value": "<>-az-wa-x-001" }, + // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" }, From a1488e66e920d236abb315bdd98d06342014ab93 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 08:59:13 +0200 Subject: [PATCH 29/38] Small fix --- utilities/tools/Set-ModuleReadMe.ps1 | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 46000f2935..762e48c7a5 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -477,11 +477,13 @@ function Set-DeploymentExamplesSection { # Check where the 'last' required parameter is located in the example (and what its indent is) $parameterToSplitAt = $requiredParameterNames[-1] $requiredParameterIndent = ([regex]::Match($bicepExampleArray[0], '^(\s+).*')).Captures.Groups[1].Value.Length - $requiredParameterStartIndex = ($bicepExampleArray | Select-String ('^[\s]{0}{1}:.+' -f "{$requiredParameterIndent}", $parameterToSplitAt) | ForEach-Object { $_.LineNumber - 1 })[0] # Add a comment where the required parameters start $bicepExampleArray = @('{0}// Required parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(0 .. ($bicepExampleArray.Count))] + # Find the location if the last required parameter + $requiredParameterStartIndex = ($bicepExampleArray | Select-String ('^[\s]{0}{1}:.+' -f "{$requiredParameterIndent}", $parameterToSplitAt) | ForEach-Object { $_.LineNumber - 1 })[0] + # If we have more than only required parameters, let's add a corresponding comment if ($orderedJSONParameters.Keys.Count -gt $requiredParameterNames.Count) { $nextLineIndent = ([regex]::Match($bicepExampleArray[$requiredParameterStartIndex + 1], '^(\s+).*')).Captures.Groups[1].Value.Length @@ -558,11 +560,13 @@ function Set-DeploymentExamplesSection { $parameterToSplitAt = $requiredParameterNames[-1] $parameterStartIndex = ($jsonExampleArray | Select-String '.*"parameters": \{.*' | ForEach-Object { $_.LineNumber - 1 })[0] $requiredParameterIndent = ([regex]::Match($jsonExampleArray[($parameterStartIndex + 1)], '^(\s+).*')).Captures.Groups[1].Value.Length - $requiredParameterStartIndex = ($jsonExampleArray | Select-String "^[\s]{$requiredParameterIndent}`"$parameterToSplitAt`": \{.*" | ForEach-Object { $_.LineNumber - 1 })[0] # Add a comment where the required parameters start $jsonExampleArray = $jsonExampleArray[0..$parameterStartIndex] + ('{0}// Required parameters' -f (' ' * $requiredParameterIndent)) + $jsonExampleArray[(($parameterStartIndex + 1) .. ($jsonExampleArray.Count))] + # Find the location if the last required parameter + $requiredParameterStartIndex = ($jsonExampleArray | Select-String "^[\s]{$requiredParameterIndent}`"$parameterToSplitAt`": \{.*" | ForEach-Object { $_.LineNumber - 1 })[0] + # If we have more than only required parameters, let's add a corresponding comment if ($orderedJSONParameters.Keys.Count -gt $requiredParameterNames.Count ) { # Search in rest of array for the next closing bracket with the same indent - and then add the search index (1) & initial index (1) count back in From 50e3fd1565e14d72d9a3ac62201319b89711dbe1 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 09:13:56 +0200 Subject: [PATCH 30/38] Small fix --- utilities/tools/Set-ModuleReadMe.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 762e48c7a5..2acd0f3b7b 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -492,7 +492,7 @@ function Set-DeploymentExamplesSection { $requiredParameterEndIndex = ($bicepExampleArray[($requiredParameterStartIndex + 1)..($bicepExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}\S+" | ForEach-Object { $_.LineNumber - 1 })[0] + 1 + $requiredParameterStartIndex } else { # Case Param is single line bool/string/int: Add an index (1) for the 'required' comment - $requiredParameterEndIndex = $requiredParameterStartIndex + 1 + $requiredParameterEndIndex = $requiredParameterStartIndex } # Add a comment where the non-required parameters start From dcea49b40eb8d9ef1f857af3ec9b5a4f06099712 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 09:21:42 +0200 Subject: [PATCH 31/38] Regenerated docs --- .../Microsoft.Authorization/policyDefinitions/readme.md | 8 ++++---- .../policySetDefinitions/readme.md | 6 +++--- .../Microsoft.ContainerService/managedClusters/readme.md | 4 ++-- modules/Microsoft.Network/connections/readme.md | 2 +- modules/Microsoft.Web/serverfarms/readme.md | 2 +- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/modules/Microsoft.Authorization/policyDefinitions/readme.md b/modules/Microsoft.Authorization/policyDefinitions/readme.md index 14ad10a874..f1adcd1d87 100644 --- a/modules/Microsoft.Authorization/policyDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policyDefinitions/readme.md @@ -141,7 +141,6 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic // Required parameters name: '<>-mg-min-policyDef' policyRule: { - // Non-required parameters if: { allOf: [ { @@ -154,6 +153,7 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic effect: '[parameters('effect')]' } } + // Non-required parameters parameters: { effect: { allowedValues: [ @@ -230,7 +230,6 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic // Required parameters name: '<>-mg-policyDef' policyRule: { - // Non-required parameters if: { allOf: [ { @@ -259,6 +258,7 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic effect: 'modify' } } + // Non-required parameters description: '[Description] This policy definition is deployed at the management group scope' displayName: '[DisplayName] This policy definition is deployed at the management group scope' managementGroupId: '<>' @@ -385,7 +385,6 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic // Required parameters name: '<>-sub-min-policyDef' policyRule: { - // Non-required parameters if: { allOf: [ { @@ -398,6 +397,7 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic effect: '[parameters('effect')]' } } + // Non-required parameters parameters: { effect: { allowedValues: [ @@ -478,7 +478,6 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic // Required parameters name: '<>-sub-policyDef' policyRule: { - // Non-required parameters if: { allOf: [ { @@ -507,6 +506,7 @@ module policyDefinitions './Microsoft.Authorization/policyDefinitions/deploy.bic effect: 'modify' } } + // Non-required parameters description: '[Description] This policy definition is deployed at subscription scope' displayName: '[DisplayName] This policy definition is deployed at subscription scope' metadata: { diff --git a/modules/Microsoft.Authorization/policySetDefinitions/readme.md b/modules/Microsoft.Authorization/policySetDefinitions/readme.md index 3e22f06c53..ebabb38ecf 100644 --- a/modules/Microsoft.Authorization/policySetDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policySetDefinitions/readme.md @@ -212,7 +212,6 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl // Required parameters name: '<>-mg-policySet' policyDefinitions: [ - // Non-required parameters { groupNames: [ 'ARM' @@ -242,6 +241,7 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl policyDefinitionReferenceId: 'Allowed locations for resource groups_1' } ] + // Non-required parameters description: '[Description] This policy set definition is deployed at management group scope' displayName: '[DisplayName] This policy set definition is deployed at management group scope' managementGroupId: '<>' @@ -355,7 +355,6 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl // Required parameters name: '<>-sub-min-policySet' policyDefinitions: [ - // Non-required parameters { parameters: { listOfAllowedLocations: { @@ -367,6 +366,7 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/e56962a6-4747-49cd-b67b-bf8b01975c4c' } ] + // Non-required parameters subscriptionId: '<>' } } @@ -426,7 +426,6 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl // Required parameters name: '<>-sub-policySet' policyDefinitions: [ - // Non-required parameters { groupNames: [ 'ARM' @@ -456,6 +455,7 @@ module policySetDefinitions './Microsoft.Authorization/policySetDefinitions/depl policyDefinitionReferenceId: 'Allowed locations for resource groups_1' } ] + // Non-required parameters description: '[Description] This policy set definition is deployed at subscription scope' displayName: '[DisplayName] This policy set definition is deployed at subscription scope' metadata: { diff --git a/modules/Microsoft.ContainerService/managedClusters/readme.md b/modules/Microsoft.ContainerService/managedClusters/readme.md index 53f19d621b..44ee99aaa3 100644 --- a/modules/Microsoft.ContainerService/managedClusters/readme.md +++ b/modules/Microsoft.ContainerService/managedClusters/readme.md @@ -374,7 +374,6 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice // Required parameters name: '<>-az-aks-azure-001' primaryAgentPoolProfile: [ - // Non-required parameters { availabilityZones: [ '1' @@ -395,6 +394,7 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice vnetSubnetID: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-aks/subnets/Primary' } ] + // Non-required parameters agentPools: [ { availabilityZones: [ @@ -619,7 +619,6 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice // Required parameters name: '<>-az-aks-kubenet-001' primaryAgentPoolProfile: [ - // Non-required parameters { availabilityZones: [ '1' @@ -639,6 +638,7 @@ module managedClusters './Microsoft.ContainerService/managedClusters/deploy.bice vmSize: 'Standard_DS2_v2' } ] + // Non-required parameters agentPools: [ { availabilityZones: [ diff --git a/modules/Microsoft.Network/connections/readme.md b/modules/Microsoft.Network/connections/readme.md index 823cbe3936..f4aea8e3f0 100644 --- a/modules/Microsoft.Network/connections/readme.md +++ b/modules/Microsoft.Network/connections/readme.md @@ -324,9 +324,9 @@ module connections './Microsoft.Network/connections/deploy.bicep' = { // Required parameters name: '<>-az-vnetgwc-x-001' virtualNetworkGateway1: { - // Non-required parameters id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworkGateways/<>-az-vnet-vpn-gw-p-001' } + // Non-required parameters enableBgp: false location: 'eastus' lock: 'CanNotDelete' diff --git a/modules/Microsoft.Web/serverfarms/readme.md b/modules/Microsoft.Web/serverfarms/readme.md index e0484b1e55..d33735535e 100644 --- a/modules/Microsoft.Web/serverfarms/readme.md +++ b/modules/Microsoft.Web/serverfarms/readme.md @@ -213,13 +213,13 @@ module serverfarms './Microsoft.Web/serverfarms/deploy.bicep' = { // Required parameters name: '<>-az-asp-x-001' sku: { - // Non-required parameters capacity: '1' family: 'S' name: 'S1' size: 'S1' tier: 'Standard' } + // Non-required parameters diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' diagnosticEventHubName: 'adp-<>-az-evh-x-001' diagnosticLogsRetentionInDays: 7 From 695f24f385ea96ca832fddb29b91372f57d60cf6 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Fri, 8 Jul 2022 21:09:27 +0200 Subject: [PATCH 32/38] Update utilities/tools/Set-ModuleReadMe.ps1 Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- utilities/tools/Set-ModuleReadMe.ps1 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 2acd0f3b7b..da2812d0c7 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -357,7 +357,9 @@ function Set-DeploymentExamplesSection { # Process content $SectionContent = [System.Collections.ArrayList]@( - 'Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order.', + 'The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder.', + ' >**Note**: The name of each example is based on the name of the file from which it is taken.', + ' >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.', '' ) From d892bb01b6cda012eef1559c93de5a97db320d9a Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 8 Jul 2022 21:32:14 +0200 Subject: [PATCH 33/38] Updated deployment examples disclaimer --- modules/Microsoft.AAD/DomainServices/readme.md | 4 +++- modules/Microsoft.AnalysisServices/servers/readme.md | 4 +++- modules/Microsoft.ApiManagement/service/readme.md | 4 +++- .../Microsoft.AppConfiguration/configurationStores/readme.md | 4 +++- modules/Microsoft.Authorization/locks/readme.md | 4 +++- modules/Microsoft.Authorization/policyAssignments/readme.md | 4 +++- modules/Microsoft.Authorization/policyDefinitions/readme.md | 4 +++- modules/Microsoft.Authorization/policyExemptions/readme.md | 4 +++- .../Microsoft.Authorization/policySetDefinitions/readme.md | 4 +++- modules/Microsoft.Authorization/roleAssignments/readme.md | 4 +++- modules/Microsoft.Authorization/roleDefinitions/readme.md | 4 +++- modules/Microsoft.Automation/automationAccounts/readme.md | 4 +++- modules/Microsoft.Batch/batchAccounts/readme.md | 4 +++- modules/Microsoft.CognitiveServices/accounts/readme.md | 4 +++- modules/Microsoft.Compute/availabilitySets/readme.md | 4 +++- modules/Microsoft.Compute/diskEncryptionSets/readme.md | 4 +++- modules/Microsoft.Compute/disks/readme.md | 4 +++- modules/Microsoft.Compute/galleries/readme.md | 4 +++- modules/Microsoft.Compute/images/readme.md | 4 +++- modules/Microsoft.Compute/proximityPlacementGroups/readme.md | 4 +++- modules/Microsoft.Compute/virtualMachineScaleSets/readme.md | 4 +++- modules/Microsoft.Compute/virtualMachines/readme.md | 4 +++- modules/Microsoft.Consumption/budgets/readme.md | 4 +++- modules/Microsoft.ContainerInstance/containerGroups/readme.md | 4 +++- modules/Microsoft.ContainerRegistry/registries/readme.md | 4 +++- modules/Microsoft.ContainerService/managedClusters/readme.md | 4 +++- modules/Microsoft.DataFactory/factories/readme.md | 4 +++- modules/Microsoft.DataProtection/backupVaults/readme.md | 4 +++- modules/Microsoft.Databricks/workspaces/readme.md | 4 +++- .../applicationgroups/readme.md | 4 +++- modules/Microsoft.DesktopVirtualization/hostpools/readme.md | 4 +++- .../Microsoft.DesktopVirtualization/scalingplans/readme.md | 4 +++- modules/Microsoft.DesktopVirtualization/workspaces/readme.md | 4 +++- modules/Microsoft.DocumentDB/databaseAccounts/readme.md | 4 +++- modules/Microsoft.EventGrid/systemTopics/readme.md | 4 +++- modules/Microsoft.EventGrid/topics/readme.md | 4 +++- modules/Microsoft.EventHub/namespaces/readme.md | 4 +++- modules/Microsoft.HealthBot/healthBots/readme.md | 4 +++- modules/Microsoft.Insights/actionGroups/readme.md | 4 +++- modules/Microsoft.Insights/activityLogAlerts/readme.md | 4 +++- modules/Microsoft.Insights/components/readme.md | 4 +++- modules/Microsoft.Insights/diagnosticSettings/readme.md | 4 +++- modules/Microsoft.Insights/metricAlerts/readme.md | 4 +++- modules/Microsoft.Insights/privateLinkScopes/readme.md | 4 +++- modules/Microsoft.Insights/scheduledQueryRules/readme.md | 4 +++- modules/Microsoft.KeyVault/vaults/readme.md | 4 +++- .../Microsoft.KubernetesConfiguration/extensions/readme.md | 4 +++- .../fluxConfigurations/readme.md | 4 +++- modules/Microsoft.Logic/workflows/readme.md | 4 +++- .../Microsoft.MachineLearningServices/workspaces/readme.md | 4 +++- .../userAssignedIdentities/readme.md | 4 +++- .../registrationDefinitions/readme.md | 4 +++- modules/Microsoft.Management/managementGroups/readme.md | 4 +++- modules/Microsoft.NetApp/netAppAccounts/readme.md | 4 +++- modules/Microsoft.Network/applicationGateways/readme.md | 4 +++- modules/Microsoft.Network/applicationSecurityGroups/readme.md | 4 +++- modules/Microsoft.Network/azureFirewalls/readme.md | 4 +++- modules/Microsoft.Network/bastionHosts/readme.md | 4 +++- modules/Microsoft.Network/connections/readme.md | 4 +++- modules/Microsoft.Network/ddosProtectionPlans/readme.md | 4 +++- modules/Microsoft.Network/expressRouteCircuits/readme.md | 4 +++- modules/Microsoft.Network/firewallPolicies/readme.md | 4 +++- modules/Microsoft.Network/frontDoors/readme.md | 4 +++- modules/Microsoft.Network/ipGroups/readme.md | 4 +++- modules/Microsoft.Network/loadBalancers/readme.md | 4 +++- modules/Microsoft.Network/localNetworkGateways/readme.md | 4 +++- modules/Microsoft.Network/natGateways/readme.md | 4 +++- modules/Microsoft.Network/networkInterfaces/readme.md | 4 +++- modules/Microsoft.Network/networkSecurityGroups/readme.md | 4 +++- modules/Microsoft.Network/networkWatchers/readme.md | 4 +++- modules/Microsoft.Network/privateDnsZones/readme.md | 4 +++- modules/Microsoft.Network/privateEndpoints/readme.md | 4 +++- modules/Microsoft.Network/publicIPAddresses/readme.md | 4 +++- modules/Microsoft.Network/publicIPPrefixes/readme.md | 4 +++- modules/Microsoft.Network/routeTables/readme.md | 4 +++- modules/Microsoft.Network/trafficmanagerprofiles/readme.md | 4 +++- modules/Microsoft.Network/virtualHubs/readme.md | 4 +++- modules/Microsoft.Network/virtualNetworkGateways/readme.md | 4 +++- modules/Microsoft.Network/virtualNetworks/readme.md | 4 +++- modules/Microsoft.Network/virtualWans/readme.md | 4 +++- modules/Microsoft.Network/vpnGateways/readme.md | 4 +++- modules/Microsoft.Network/vpnSites/readme.md | 4 +++- modules/Microsoft.OperationalInsights/workspaces/readme.md | 4 +++- modules/Microsoft.OperationsManagement/solutions/readme.md | 4 +++- modules/Microsoft.RecoveryServices/vaults/readme.md | 4 +++- modules/Microsoft.Resources/deploymentScripts/readme.md | 4 +++- modules/Microsoft.Resources/resourceGroups/readme.md | 4 +++- modules/Microsoft.Resources/tags/readme.md | 4 +++- modules/Microsoft.Security/azureSecurityCenter/readme.md | 4 +++- modules/Microsoft.ServiceBus/namespaces/readme.md | 4 +++- modules/Microsoft.ServiceFabric/clusters/readme.md | 4 +++- modules/Microsoft.Sql/managedInstances/readme.md | 4 +++- modules/Microsoft.Sql/servers/readme.md | 4 +++- modules/Microsoft.Storage/storageAccounts/readme.md | 4 +++- modules/Microsoft.Synapse/privateLinkHubs/readme.md | 4 +++- .../Microsoft.VirtualMachineImages/imageTemplates/readme.md | 4 +++- modules/Microsoft.Web/connections/readme.md | 4 +++- modules/Microsoft.Web/hostingEnvironments/readme.md | 4 +++- modules/Microsoft.Web/serverfarms/readme.md | 4 +++- modules/Microsoft.Web/sites/readme.md | 4 +++- modules/Microsoft.Web/staticSites/readme.md | 4 +++- utilities/tools/Set-ModuleReadMe.ps1 | 2 +- 102 files changed, 304 insertions(+), 102 deletions(-) diff --git a/modules/Microsoft.AAD/DomainServices/readme.md b/modules/Microsoft.AAD/DomainServices/readme.md index 19a09a95e6..54da13d95d 100644 --- a/modules/Microsoft.AAD/DomainServices/readme.md +++ b/modules/Microsoft.AAD/DomainServices/readme.md @@ -207,7 +207,9 @@ $pfxCertificate = [System.Convert]::ToBase64String($rawCertByteStream) ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.AnalysisServices/servers/readme.md b/modules/Microsoft.AnalysisServices/servers/readme.md index 1bdafb8be2..3b1fe5c97a 100644 --- a/modules/Microsoft.AnalysisServices/servers/readme.md +++ b/modules/Microsoft.AnalysisServices/servers/readme.md @@ -157,7 +157,9 @@ roleAssignments: [ ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Max

diff --git a/modules/Microsoft.ApiManagement/service/readme.md b/modules/Microsoft.ApiManagement/service/readme.md index a7773d45a0..f77ca283df 100644 --- a/modules/Microsoft.ApiManagement/service/readme.md +++ b/modules/Microsoft.ApiManagement/service/readme.md @@ -268,7 +268,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Max

diff --git a/modules/Microsoft.AppConfiguration/configurationStores/readme.md b/modules/Microsoft.AppConfiguration/configurationStores/readme.md index ced0dfd98e..813e23bf9d 100644 --- a/modules/Microsoft.AppConfiguration/configurationStores/readme.md +++ b/modules/Microsoft.AppConfiguration/configurationStores/readme.md @@ -278,7 +278,9 @@ privateEndpoints: [ ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Authorization/locks/readme.md b/modules/Microsoft.Authorization/locks/readme.md index 5cfbc79146..c0581c16a7 100644 --- a/modules/Microsoft.Authorization/locks/readme.md +++ b/modules/Microsoft.Authorization/locks/readme.md @@ -42,7 +42,9 @@ This module deploys Authorization Locks. ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Rg

diff --git a/modules/Microsoft.Authorization/policyAssignments/readme.md b/modules/Microsoft.Authorization/policyAssignments/readme.md index 397a1ce0f8..d82826e960 100644 --- a/modules/Microsoft.Authorization/policyAssignments/readme.md +++ b/modules/Microsoft.Authorization/policyAssignments/readme.md @@ -168,7 +168,9 @@ module policyassignment 'yourpath/modules/Microsoft.Authorization.policyAssignme ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Mg Min

diff --git a/modules/Microsoft.Authorization/policyDefinitions/readme.md b/modules/Microsoft.Authorization/policyDefinitions/readme.md index f1adcd1d87..45146c1451 100644 --- a/modules/Microsoft.Authorization/policyDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policyDefinitions/readme.md @@ -126,7 +126,9 @@ module policydefinition 'yourpath/modules/Microsoft.Authorization.policyDefiniti ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Mg Min

diff --git a/modules/Microsoft.Authorization/policyExemptions/readme.md b/modules/Microsoft.Authorization/policyExemptions/readme.md index 0dadcae0e0..9855b7dfb2 100644 --- a/modules/Microsoft.Authorization/policyExemptions/readme.md +++ b/modules/Microsoft.Authorization/policyExemptions/readme.md @@ -149,7 +149,9 @@ module policyexemption 'yourpath/modules/Microsoft.Authorization.policyExemption ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Mg Min

diff --git a/modules/Microsoft.Authorization/policySetDefinitions/readme.md b/modules/Microsoft.Authorization/policySetDefinitions/readme.md index ebabb38ecf..1c08e7c8a4 100644 --- a/modules/Microsoft.Authorization/policySetDefinitions/readme.md +++ b/modules/Microsoft.Authorization/policySetDefinitions/readme.md @@ -132,7 +132,9 @@ module policysetdefinition 'yourpath/modules/Microsoft.Authorization.policySetDe ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Mg Min

diff --git a/modules/Microsoft.Authorization/roleAssignments/readme.md b/modules/Microsoft.Authorization/roleAssignments/readme.md index 4cbb85514d..acf37691d9 100644 --- a/modules/Microsoft.Authorization/roleAssignments/readme.md +++ b/modules/Microsoft.Authorization/roleAssignments/readme.md @@ -167,7 +167,9 @@ This module can be deployed at the management group, subscription or resource gr ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Mg Min

diff --git a/modules/Microsoft.Authorization/roleDefinitions/readme.md b/modules/Microsoft.Authorization/roleDefinitions/readme.md index a019972ada..0cc1742f21 100644 --- a/modules/Microsoft.Authorization/roleDefinitions/readme.md +++ b/modules/Microsoft.Authorization/roleDefinitions/readme.md @@ -171,7 +171,9 @@ This module can be deployed both at subscription or resource group level: ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Mg Min

diff --git a/modules/Microsoft.Automation/automationAccounts/readme.md b/modules/Microsoft.Automation/automationAccounts/readme.md index 915e23f26c..ec1b90645a 100644 --- a/modules/Microsoft.Automation/automationAccounts/readme.md +++ b/modules/Microsoft.Automation/automationAccounts/readme.md @@ -344,7 +344,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Encr

diff --git a/modules/Microsoft.Batch/batchAccounts/readme.md b/modules/Microsoft.Batch/batchAccounts/readme.md index 923a35f385..a49d6a4579 100644 --- a/modules/Microsoft.Batch/batchAccounts/readme.md +++ b/modules/Microsoft.Batch/batchAccounts/readme.md @@ -221,7 +221,9 @@ privateEndpoints: [ ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Encr

diff --git a/modules/Microsoft.CognitiveServices/accounts/readme.md b/modules/Microsoft.CognitiveServices/accounts/readme.md index 0b627f1831..3fb7e9b5c1 100644 --- a/modules/Microsoft.CognitiveServices/accounts/readme.md +++ b/modules/Microsoft.CognitiveServices/accounts/readme.md @@ -404,7 +404,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Encr

diff --git a/modules/Microsoft.Compute/availabilitySets/readme.md b/modules/Microsoft.Compute/availabilitySets/readme.md index 3002190daa..c2fe02a3f3 100644 --- a/modules/Microsoft.Compute/availabilitySets/readme.md +++ b/modules/Microsoft.Compute/availabilitySets/readme.md @@ -149,7 +149,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Compute/diskEncryptionSets/readme.md b/modules/Microsoft.Compute/diskEncryptionSets/readme.md index 3685788b25..d3099a7366 100644 --- a/modules/Microsoft.Compute/diskEncryptionSets/readme.md +++ b/modules/Microsoft.Compute/diskEncryptionSets/readme.md @@ -151,7 +151,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Compute/disks/readme.md b/modules/Microsoft.Compute/disks/readme.md index 28c6402f09..9245f46da8 100644 --- a/modules/Microsoft.Compute/disks/readme.md +++ b/modules/Microsoft.Compute/disks/readme.md @@ -165,7 +165,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Image

diff --git a/modules/Microsoft.Compute/galleries/readme.md b/modules/Microsoft.Compute/galleries/readme.md index ea53839a6f..e9967a2994 100644 --- a/modules/Microsoft.Compute/galleries/readme.md +++ b/modules/Microsoft.Compute/galleries/readme.md @@ -148,7 +148,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Images

diff --git a/modules/Microsoft.Compute/images/readme.md b/modules/Microsoft.Compute/images/readme.md index 4936f44af1..74b5fb2747 100644 --- a/modules/Microsoft.Compute/images/readme.md +++ b/modules/Microsoft.Compute/images/readme.md @@ -149,7 +149,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Compute/proximityPlacementGroups/readme.md b/modules/Microsoft.Compute/proximityPlacementGroups/readme.md index 86ecd47a4f..3fc16f4c27 100644 --- a/modules/Microsoft.Compute/proximityPlacementGroups/readme.md +++ b/modules/Microsoft.Compute/proximityPlacementGroups/readme.md @@ -146,7 +146,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md index 8f3eedff15..61e2d9d935 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md @@ -873,7 +873,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Linux Min

diff --git a/modules/Microsoft.Compute/virtualMachines/readme.md b/modules/Microsoft.Compute/virtualMachines/readme.md index 2819829786..2577539230 100644 --- a/modules/Microsoft.Compute/virtualMachines/readme.md +++ b/modules/Microsoft.Compute/virtualMachines/readme.md @@ -1000,7 +1000,9 @@ For further details on automanage please refer to [Automanage virtual machines]( ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Linux Autmg

diff --git a/modules/Microsoft.Consumption/budgets/readme.md b/modules/Microsoft.Consumption/budgets/readme.md index 17a74496eb..5b38bd9e32 100644 --- a/modules/Microsoft.Consumption/budgets/readme.md +++ b/modules/Microsoft.Consumption/budgets/readme.md @@ -48,7 +48,9 @@ This module deploys budgets for subscriptions. ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.ContainerInstance/containerGroups/readme.md b/modules/Microsoft.ContainerInstance/containerGroups/readme.md index e42a6195ec..68eca6e97f 100644 --- a/modules/Microsoft.ContainerInstance/containerGroups/readme.md +++ b/modules/Microsoft.ContainerInstance/containerGroups/readme.md @@ -170,7 +170,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.ContainerRegistry/registries/readme.md b/modules/Microsoft.ContainerRegistry/registries/readme.md index f495b9361c..b62afa504b 100644 --- a/modules/Microsoft.ContainerRegistry/registries/readme.md +++ b/modules/Microsoft.ContainerRegistry/registries/readme.md @@ -331,7 +331,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Encr

diff --git a/modules/Microsoft.ContainerService/managedClusters/readme.md b/modules/Microsoft.ContainerService/managedClusters/readme.md index 44ee99aaa3..4ae098bb0d 100644 --- a/modules/Microsoft.ContainerService/managedClusters/readme.md +++ b/modules/Microsoft.ContainerService/managedClusters/readme.md @@ -359,7 +359,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Azure

diff --git a/modules/Microsoft.DataFactory/factories/readme.md b/modules/Microsoft.DataFactory/factories/readme.md index 9e3c5373b9..3055e9f5ca 100644 --- a/modules/Microsoft.DataFactory/factories/readme.md +++ b/modules/Microsoft.DataFactory/factories/readme.md @@ -282,7 +282,9 @@ privateEndpoints: [ ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.DataProtection/backupVaults/readme.md b/modules/Microsoft.DataProtection/backupVaults/readme.md index ad4a84db7c..28e1a43376 100644 --- a/modules/Microsoft.DataProtection/backupVaults/readme.md +++ b/modules/Microsoft.DataProtection/backupVaults/readme.md @@ -332,7 +332,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Databricks/workspaces/readme.md b/modules/Microsoft.Databricks/workspaces/readme.md index 62b23a8fa0..5996e80911 100644 --- a/modules/Microsoft.Databricks/workspaces/readme.md +++ b/modules/Microsoft.Databricks/workspaces/readme.md @@ -219,7 +219,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md index 946c0f9a3d..28f232f079 100644 --- a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md +++ b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md @@ -159,7 +159,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.DesktopVirtualization/hostpools/readme.md b/modules/Microsoft.DesktopVirtualization/hostpools/readme.md index 5c238b33c1..c4ae64beaa 100644 --- a/modules/Microsoft.DesktopVirtualization/hostpools/readme.md +++ b/modules/Microsoft.DesktopVirtualization/hostpools/readme.md @@ -255,7 +255,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md b/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md index a672042f7b..67dde7adff 100644 --- a/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md +++ b/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md @@ -257,7 +257,9 @@ roleAssignments: [ ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.DesktopVirtualization/workspaces/readme.md b/modules/Microsoft.DesktopVirtualization/workspaces/readme.md index c7b5a334d0..e199764c2d 100644 --- a/modules/Microsoft.DesktopVirtualization/workspaces/readme.md +++ b/modules/Microsoft.DesktopVirtualization/workspaces/readme.md @@ -156,7 +156,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md index cb3246907c..cea8d3fd7c 100644 --- a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md +++ b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md @@ -532,7 +532,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Gremlindb

diff --git a/modules/Microsoft.EventGrid/systemTopics/readme.md b/modules/Microsoft.EventGrid/systemTopics/readme.md index 430343e805..41f08a9ac4 100644 --- a/modules/Microsoft.EventGrid/systemTopics/readme.md +++ b/modules/Microsoft.EventGrid/systemTopics/readme.md @@ -269,7 +269,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.EventGrid/topics/readme.md b/modules/Microsoft.EventGrid/topics/readme.md index 7b9743b32f..8d7275797c 100644 --- a/modules/Microsoft.EventGrid/topics/readme.md +++ b/modules/Microsoft.EventGrid/topics/readme.md @@ -236,7 +236,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.EventHub/namespaces/readme.md b/modules/Microsoft.EventHub/namespaces/readme.md index 32a4dadef6..d29240ade3 100644 --- a/modules/Microsoft.EventHub/namespaces/readme.md +++ b/modules/Microsoft.EventHub/namespaces/readme.md @@ -281,7 +281,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.HealthBot/healthBots/readme.md b/modules/Microsoft.HealthBot/healthBots/readme.md index dda239a02d..5f9566f06e 100644 --- a/modules/Microsoft.HealthBot/healthBots/readme.md +++ b/modules/Microsoft.HealthBot/healthBots/readme.md @@ -146,7 +146,9 @@ roleAssignments: [ ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Insights/actionGroups/readme.md b/modules/Microsoft.Insights/actionGroups/readme.md index bad1ff7f29..9cc782cb56 100644 --- a/modules/Microsoft.Insights/actionGroups/readme.md +++ b/modules/Microsoft.Insights/actionGroups/readme.md @@ -232,7 +232,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Insights/activityLogAlerts/readme.md b/modules/Microsoft.Insights/activityLogAlerts/readme.md index ca4b16cba8..bd87abe007 100644 --- a/modules/Microsoft.Insights/activityLogAlerts/readme.md +++ b/modules/Microsoft.Insights/activityLogAlerts/readme.md @@ -394,7 +394,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Insights/components/readme.md b/modules/Microsoft.Insights/components/readme.md index b6c7604661..3003a89aaf 100644 --- a/modules/Microsoft.Insights/components/readme.md +++ b/modules/Microsoft.Insights/components/readme.md @@ -150,7 +150,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Insights/diagnosticSettings/readme.md b/modules/Microsoft.Insights/diagnosticSettings/readme.md index 99e98d9c78..07b7c8c8c3 100644 --- a/modules/Microsoft.Insights/diagnosticSettings/readme.md +++ b/modules/Microsoft.Insights/diagnosticSettings/readme.md @@ -41,7 +41,9 @@ This module deploys a subscription wide export of the activity log. ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Insights/metricAlerts/readme.md b/modules/Microsoft.Insights/metricAlerts/readme.md index 8ad192b4f3..d0f49b2c27 100644 --- a/modules/Microsoft.Insights/metricAlerts/readme.md +++ b/modules/Microsoft.Insights/metricAlerts/readme.md @@ -375,7 +375,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Insights/privateLinkScopes/readme.md b/modules/Microsoft.Insights/privateLinkScopes/readme.md index 73103b90d9..0283d9b727 100644 --- a/modules/Microsoft.Insights/privateLinkScopes/readme.md +++ b/modules/Microsoft.Insights/privateLinkScopes/readme.md @@ -227,7 +227,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Insights/scheduledQueryRules/readme.md b/modules/Microsoft.Insights/scheduledQueryRules/readme.md index b01f33a5be..73e477eea2 100644 --- a/modules/Microsoft.Insights/scheduledQueryRules/readme.md +++ b/modules/Microsoft.Insights/scheduledQueryRules/readme.md @@ -157,7 +157,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.KeyVault/vaults/readme.md b/modules/Microsoft.KeyVault/vaults/readme.md index b3236b13a9..d6cc5655a9 100644 --- a/modules/Microsoft.KeyVault/vaults/readme.md +++ b/modules/Microsoft.KeyVault/vaults/readme.md @@ -380,7 +380,9 @@ privateEndpoints: [ ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.KubernetesConfiguration/extensions/readme.md b/modules/Microsoft.KubernetesConfiguration/extensions/readme.md index 33d096e87d..d96da6628c 100644 --- a/modules/Microsoft.KubernetesConfiguration/extensions/readme.md +++ b/modules/Microsoft.KubernetesConfiguration/extensions/readme.md @@ -65,7 +65,9 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md b/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md index a8a10442ce..709a59fa78 100644 --- a/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md +++ b/modules/Microsoft.KubernetesConfiguration/fluxConfigurations/readme.md @@ -67,7 +67,9 @@ For Details see [Prerequisites](https://docs.microsoft.com/en-us/azure/azure-arc ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Logic/workflows/readme.md b/modules/Microsoft.Logic/workflows/readme.md index 69d55dd2ab..934ffee62d 100644 --- a/modules/Microsoft.Logic/workflows/readme.md +++ b/modules/Microsoft.Logic/workflows/readme.md @@ -313,7 +313,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.MachineLearningServices/workspaces/readme.md b/modules/Microsoft.MachineLearningServices/workspaces/readme.md index 54a4001425..a86a70a043 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/readme.md +++ b/modules/Microsoft.MachineLearningServices/workspaces/readme.md @@ -398,7 +398,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Encr

diff --git a/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md b/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md index 4eb42ea0d7..1cbc5e0cdb 100644 --- a/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md +++ b/modules/Microsoft.ManagedIdentity/userAssignedIdentities/readme.md @@ -142,7 +142,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md b/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md index 811647a049..8dc3356fa0 100644 --- a/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md +++ b/modules/Microsoft.ManagedServices/registrationDefinitions/readme.md @@ -165,7 +165,9 @@ There are a couple of limitations that you should be aware of with Lighthouse: ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Management/managementGroups/readme.md b/modules/Microsoft.Management/managementGroups/readme.md index 189d96e78b..de679c08a6 100644 --- a/modules/Microsoft.Management/managementGroups/readme.md +++ b/modules/Microsoft.Management/managementGroups/readme.md @@ -123,7 +123,9 @@ New-AzRoleAssignment -ObjectId $PrincipalID -Scope "/providers/Microsoft.Managem ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.NetApp/netAppAccounts/readme.md b/modules/Microsoft.NetApp/netAppAccounts/readme.md index b2d46894a5..6300c1527c 100644 --- a/modules/Microsoft.NetApp/netAppAccounts/readme.md +++ b/modules/Microsoft.NetApp/netAppAccounts/readme.md @@ -154,7 +154,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Network/applicationGateways/readme.md b/modules/Microsoft.Network/applicationGateways/readme.md index 4f885c517c..77526b09ca 100644 --- a/modules/Microsoft.Network/applicationGateways/readme.md +++ b/modules/Microsoft.Network/applicationGateways/readme.md @@ -222,7 +222,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Network/applicationSecurityGroups/readme.md b/modules/Microsoft.Network/applicationSecurityGroups/readme.md index a14cfddc88..dcf3abc53c 100644 --- a/modules/Microsoft.Network/applicationSecurityGroups/readme.md +++ b/modules/Microsoft.Network/applicationSecurityGroups/readme.md @@ -145,7 +145,9 @@ roleAssignments: [ ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Network/azureFirewalls/readme.md b/modules/Microsoft.Network/azureFirewalls/readme.md index 14b432ca91..01e64beae9 100644 --- a/modules/Microsoft.Network/azureFirewalls/readme.md +++ b/modules/Microsoft.Network/azureFirewalls/readme.md @@ -299,7 +299,9 @@ The `networkRuleCollections` parameter accepts a JSON Array of AzureFirewallNetw ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Addpip

diff --git a/modules/Microsoft.Network/bastionHosts/readme.md b/modules/Microsoft.Network/bastionHosts/readme.md index 0e65d70d63..3969ebb6c5 100644 --- a/modules/Microsoft.Network/bastionHosts/readme.md +++ b/modules/Microsoft.Network/bastionHosts/readme.md @@ -283,7 +283,9 @@ roleAssignments: [ ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Addpip

diff --git a/modules/Microsoft.Network/connections/readme.md b/modules/Microsoft.Network/connections/readme.md index f4aea8e3f0..ce3518c498 100644 --- a/modules/Microsoft.Network/connections/readme.md +++ b/modules/Microsoft.Network/connections/readme.md @@ -304,7 +304,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Vnet2vnet

diff --git a/modules/Microsoft.Network/ddosProtectionPlans/readme.md b/modules/Microsoft.Network/ddosProtectionPlans/readme.md index f2dd53b7dc..7986af249e 100644 --- a/modules/Microsoft.Network/ddosProtectionPlans/readme.md +++ b/modules/Microsoft.Network/ddosProtectionPlans/readme.md @@ -145,7 +145,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Network/expressRouteCircuits/readme.md b/modules/Microsoft.Network/expressRouteCircuits/readme.md index 8bd0c3b8b0..8695896385 100644 --- a/modules/Microsoft.Network/expressRouteCircuits/readme.md +++ b/modules/Microsoft.Network/expressRouteCircuits/readme.md @@ -167,7 +167,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Network/firewallPolicies/readme.md b/modules/Microsoft.Network/firewallPolicies/readme.md index c864e490e1..7e179a5fa1 100644 --- a/modules/Microsoft.Network/firewallPolicies/readme.md +++ b/modules/Microsoft.Network/firewallPolicies/readme.md @@ -136,7 +136,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Network/frontDoors/readme.md b/modules/Microsoft.Network/frontDoors/readme.md index 775de25999..134fb53191 100644 --- a/modules/Microsoft.Network/frontDoors/readme.md +++ b/modules/Microsoft.Network/frontDoors/readme.md @@ -162,7 +162,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Network/ipGroups/readme.md b/modules/Microsoft.Network/ipGroups/readme.md index 75d1fe9916..7490a87ba1 100644 --- a/modules/Microsoft.Network/ipGroups/readme.md +++ b/modules/Microsoft.Network/ipGroups/readme.md @@ -146,7 +146,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Network/loadBalancers/readme.md b/modules/Microsoft.Network/loadBalancers/readme.md index 3894a733ed..56b7d1cc3f 100644 --- a/modules/Microsoft.Network/loadBalancers/readme.md +++ b/modules/Microsoft.Network/loadBalancers/readme.md @@ -459,7 +459,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Internal

diff --git a/modules/Microsoft.Network/localNetworkGateways/readme.md b/modules/Microsoft.Network/localNetworkGateways/readme.md index b766471bbf..8fdf70588c 100644 --- a/modules/Microsoft.Network/localNetworkGateways/readme.md +++ b/modules/Microsoft.Network/localNetworkGateways/readme.md @@ -151,7 +151,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Network/natGateways/readme.md b/modules/Microsoft.Network/natGateways/readme.md index 8980c0e1e3..fb038120fc 100644 --- a/modules/Microsoft.Network/natGateways/readme.md +++ b/modules/Microsoft.Network/natGateways/readme.md @@ -163,7 +163,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Network/networkInterfaces/readme.md b/modules/Microsoft.Network/networkInterfaces/readme.md index e71b773fb9..9374302e10 100644 --- a/modules/Microsoft.Network/networkInterfaces/readme.md +++ b/modules/Microsoft.Network/networkInterfaces/readme.md @@ -179,7 +179,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Network/networkSecurityGroups/readme.md b/modules/Microsoft.Network/networkSecurityGroups/readme.md index aa12797a7c..6b38ab7a44 100644 --- a/modules/Microsoft.Network/networkSecurityGroups/readme.md +++ b/modules/Microsoft.Network/networkSecurityGroups/readme.md @@ -155,7 +155,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Network/networkWatchers/readme.md b/modules/Microsoft.Network/networkWatchers/readme.md index 8ab14b735e..fbb830fb09 100644 --- a/modules/Microsoft.Network/networkWatchers/readme.md +++ b/modules/Microsoft.Network/networkWatchers/readme.md @@ -149,7 +149,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Network/privateDnsZones/readme.md b/modules/Microsoft.Network/privateDnsZones/readme.md index 6cda79bf6e..4d598a6899 100644 --- a/modules/Microsoft.Network/privateDnsZones/readme.md +++ b/modules/Microsoft.Network/privateDnsZones/readme.md @@ -163,7 +163,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Network/privateEndpoints/readme.md b/modules/Microsoft.Network/privateEndpoints/readme.md index 98f045db67..f4967ba666 100644 --- a/modules/Microsoft.Network/privateEndpoints/readme.md +++ b/modules/Microsoft.Network/privateEndpoints/readme.md @@ -162,7 +162,9 @@ roleAssignments: [ ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Network/publicIPAddresses/readme.md b/modules/Microsoft.Network/publicIPAddresses/readme.md index 2cf7f754ef..540b76a554 100644 --- a/modules/Microsoft.Network/publicIPAddresses/readme.md +++ b/modules/Microsoft.Network/publicIPAddresses/readme.md @@ -159,7 +159,9 @@ roleAssignments: [ ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Network/publicIPPrefixes/readme.md b/modules/Microsoft.Network/publicIPPrefixes/readme.md index eabaa2bc8c..e2995bfc42 100644 --- a/modules/Microsoft.Network/publicIPPrefixes/readme.md +++ b/modules/Microsoft.Network/publicIPPrefixes/readme.md @@ -146,7 +146,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Network/routeTables/readme.md b/modules/Microsoft.Network/routeTables/readme.md index 511ae4b607..c514bae1e3 100644 --- a/modules/Microsoft.Network/routeTables/readme.md +++ b/modules/Microsoft.Network/routeTables/readme.md @@ -236,7 +236,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md index ffda0ec91e..21d7c698d4 100644 --- a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md +++ b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md @@ -250,7 +250,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Network/virtualHubs/readme.md b/modules/Microsoft.Network/virtualHubs/readme.md index 9af9b79a9e..2a77e2378a 100644 --- a/modules/Microsoft.Network/virtualHubs/readme.md +++ b/modules/Microsoft.Network/virtualHubs/readme.md @@ -103,7 +103,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Network/virtualNetworkGateways/readme.md b/modules/Microsoft.Network/virtualNetworkGateways/readme.md index 2dc8f6baa7..c5d65bcc83 100644 --- a/modules/Microsoft.Network/virtualNetworkGateways/readme.md +++ b/modules/Microsoft.Network/virtualNetworkGateways/readme.md @@ -240,7 +240,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Expressroute

diff --git a/modules/Microsoft.Network/virtualNetworks/readme.md b/modules/Microsoft.Network/virtualNetworks/readme.md index 4a932781df..f0131b4a4e 100644 --- a/modules/Microsoft.Network/virtualNetworks/readme.md +++ b/modules/Microsoft.Network/virtualNetworks/readme.md @@ -348,7 +348,9 @@ The network security group and route table resources must reside in the same res ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Network/virtualWans/readme.md b/modules/Microsoft.Network/virtualWans/readme.md index 3371035601..a3304de210 100644 --- a/modules/Microsoft.Network/virtualWans/readme.md +++ b/modules/Microsoft.Network/virtualWans/readme.md @@ -149,7 +149,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Network/vpnGateways/readme.md b/modules/Microsoft.Network/vpnGateways/readme.md index 767976c644..24ac26d0e7 100644 --- a/modules/Microsoft.Network/vpnGateways/readme.md +++ b/modules/Microsoft.Network/vpnGateways/readme.md @@ -170,7 +170,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Network/vpnSites/readme.md b/modules/Microsoft.Network/vpnSites/readme.md index b748790702..dfec6ffdeb 100644 --- a/modules/Microsoft.Network/vpnSites/readme.md +++ b/modules/Microsoft.Network/vpnSites/readme.md @@ -318,7 +318,9 @@ roleAssignments: [ ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.OperationalInsights/workspaces/readme.md b/modules/Microsoft.OperationalInsights/workspaces/readme.md index 1c2f61a506..06ead99a9a 100644 --- a/modules/Microsoft.OperationalInsights/workspaces/readme.md +++ b/modules/Microsoft.OperationalInsights/workspaces/readme.md @@ -447,7 +447,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.OperationsManagement/solutions/readme.md b/modules/Microsoft.OperationsManagement/solutions/readme.md index 50fa4a7682..35609fc8a2 100644 --- a/modules/Microsoft.OperationsManagement/solutions/readme.md +++ b/modules/Microsoft.OperationsManagement/solutions/readme.md @@ -43,7 +43,9 @@ This module deploys OperationsManagement Solutions. ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.RecoveryServices/vaults/readme.md b/modules/Microsoft.RecoveryServices/vaults/readme.md index 9f0274d306..33e7053781 100644 --- a/modules/Microsoft.RecoveryServices/vaults/readme.md +++ b/modules/Microsoft.RecoveryServices/vaults/readme.md @@ -893,7 +893,9 @@ privateEndpoints: [ ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Dr

diff --git a/modules/Microsoft.Resources/deploymentScripts/readme.md b/modules/Microsoft.Resources/deploymentScripts/readme.md index 1a5b4f295f..5dcbad69c2 100644 --- a/modules/Microsoft.Resources/deploymentScripts/readme.md +++ b/modules/Microsoft.Resources/deploymentScripts/readme.md @@ -141,7 +141,9 @@ This module requires a User Assigned Identity (MSI, managed service identity) to ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Cli

diff --git a/modules/Microsoft.Resources/resourceGroups/readme.md b/modules/Microsoft.Resources/resourceGroups/readme.md index 73e9993806..ac8932ca7a 100644 --- a/modules/Microsoft.Resources/resourceGroups/readme.md +++ b/modules/Microsoft.Resources/resourceGroups/readme.md @@ -149,7 +149,9 @@ This module requires a User Assigned Identity (MSI, managed service identity) to ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Resources/tags/readme.md b/modules/Microsoft.Resources/tags/readme.md index 2e94e3b1ca..30277ded10 100644 --- a/modules/Microsoft.Resources/tags/readme.md +++ b/modules/Microsoft.Resources/tags/readme.md @@ -79,7 +79,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.Security/azureSecurityCenter/readme.md b/modules/Microsoft.Security/azureSecurityCenter/readme.md index f0b63604b0..c1afbb6e33 100644 --- a/modules/Microsoft.Security/azureSecurityCenter/readme.md +++ b/modules/Microsoft.Security/azureSecurityCenter/readme.md @@ -96,7 +96,9 @@ securityContactProperties: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.ServiceBus/namespaces/readme.md b/modules/Microsoft.ServiceBus/namespaces/readme.md index 5e96f831af..9a44ae1966 100644 --- a/modules/Microsoft.ServiceBus/namespaces/readme.md +++ b/modules/Microsoft.ServiceBus/namespaces/readme.md @@ -331,7 +331,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.ServiceFabric/clusters/readme.md b/modules/Microsoft.ServiceFabric/clusters/readme.md index a1196b8c26..ecf1dab3ab 100644 --- a/modules/Microsoft.ServiceFabric/clusters/readme.md +++ b/modules/Microsoft.ServiceFabric/clusters/readme.md @@ -228,7 +228,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Cert

diff --git a/modules/Microsoft.Sql/managedInstances/readme.md b/modules/Microsoft.Sql/managedInstances/readme.md index c82810e69a..73bd69a962 100644 --- a/modules/Microsoft.Sql/managedInstances/readme.md +++ b/modules/Microsoft.Sql/managedInstances/readme.md @@ -274,7 +274,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Sql/servers/readme.md b/modules/Microsoft.Sql/servers/readme.md index afc620b190..a97a414d5d 100644 --- a/modules/Microsoft.Sql/servers/readme.md +++ b/modules/Microsoft.Sql/servers/readme.md @@ -318,7 +318,9 @@ privateEndpoints: [ ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Admin

diff --git a/modules/Microsoft.Storage/storageAccounts/readme.md b/modules/Microsoft.Storage/storageAccounts/readme.md index 4db691e4ee..3dfa101cc4 100644 --- a/modules/Microsoft.Storage/storageAccounts/readme.md +++ b/modules/Microsoft.Storage/storageAccounts/readme.md @@ -364,7 +364,9 @@ The hierarchical namespace of the storage account (see parameter `enableHierarch ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Encr

diff --git a/modules/Microsoft.Synapse/privateLinkHubs/readme.md b/modules/Microsoft.Synapse/privateLinkHubs/readme.md index 3aca50136d..8c57701958 100644 --- a/modules/Microsoft.Synapse/privateLinkHubs/readme.md +++ b/modules/Microsoft.Synapse/privateLinkHubs/readme.md @@ -225,7 +225,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md b/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md index e25d1856b4..663da47411 100644 --- a/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md +++ b/modules/Microsoft.VirtualMachineImages/imageTemplates/readme.md @@ -260,7 +260,9 @@ roleAssignments: [ ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Web/connections/readme.md b/modules/Microsoft.Web/connections/readme.md index 6c109723bc..133961833a 100644 --- a/modules/Microsoft.Web/connections/readme.md +++ b/modules/Microsoft.Web/connections/readme.md @@ -153,7 +153,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Web/hostingEnvironments/readme.md b/modules/Microsoft.Web/hostingEnvironments/readme.md index 790af40e02..7b9c7aa52b 100644 --- a/modules/Microsoft.Web/hostingEnvironments/readme.md +++ b/modules/Microsoft.Web/hostingEnvironments/readme.md @@ -199,7 +199,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Asev2

diff --git a/modules/Microsoft.Web/serverfarms/readme.md b/modules/Microsoft.Web/serverfarms/readme.md index d33735535e..080b38a01a 100644 --- a/modules/Microsoft.Web/serverfarms/readme.md +++ b/modules/Microsoft.Web/serverfarms/readme.md @@ -198,7 +198,9 @@ tags: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Parameters

diff --git a/modules/Microsoft.Web/sites/readme.md b/modules/Microsoft.Web/sites/readme.md index a6b74d0830..6383cb6588 100644 --- a/modules/Microsoft.Web/sites/readme.md +++ b/modules/Microsoft.Web/sites/readme.md @@ -392,7 +392,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Fa Min

diff --git a/modules/Microsoft.Web/staticSites/readme.md b/modules/Microsoft.Web/staticSites/readme.md index 5e4bdcd2f8..1397072f88 100644 --- a/modules/Microsoft.Web/staticSites/readme.md +++ b/modules/Microsoft.Web/staticSites/readme.md @@ -271,7 +271,9 @@ userAssignedIdentities: { ## Deployment examples -Below is a collection of examples of how this module can be used. These examples are taken from the same files that the CI environment uses to validate this module. The name of each example is based on the name of the file from which it is taken. Also, each example lists all the required parameters first, followed by the rest - each in alphabetical order. +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.

Example 1: Min

diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index da2812d0c7..cefb10a64a 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -357,7 +357,7 @@ function Set-DeploymentExamplesSection { # Process content $SectionContent = [System.Collections.ArrayList]@( - 'The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder.', + 'The following module usage examples are retrieved from the content of the files hosted in the module''s `.test` folder.', ' >**Note**: The name of each example is based on the name of the file from which it is taken.', ' >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.', '' From a5ac48d6377a152104daf894211426e5c8f24254 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Sun, 10 Jul 2022 23:49:00 +0200 Subject: [PATCH 34/38] Update utilities/tools/Set-ModuleReadMe.ps1 Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- utilities/tools/Set-ModuleReadMe.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index cefb10a64a..dc91cc571f 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -574,8 +574,8 @@ function Set-DeploymentExamplesSection { # Search in rest of array for the next closing bracket with the same indent - and then add the search index (1) & initial index (1) count back in $requiredParameterEndIndex = ($jsonExampleArray[($requiredParameterStartIndex + 1)..($jsonExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}\}" | ForEach-Object { $_.LineNumber - 1 })[0] + 1 + $requiredParameterStartIndex - # Add a comment where the non-required parameters start - $jsonExampleArray = $jsonExampleArray[0..$requiredParameterEndIndex] + ('{0}// Non-required parameters' -f (' ' * $requiredParameterIndent)) + $jsonExampleArray[(($requiredParameterEndIndex + 1) .. ($jsonExampleArray.Count))] + # Add a comment where the additional parameters start + $jsonExampleArray = $jsonExampleArray[0..$requiredParameterEndIndex] + ('{0}// Additional parameters' -f (' ' * $requiredParameterIndent)) + $jsonExampleArray[(($requiredParameterEndIndex + 1) .. ($jsonExampleArray.Count))] } $jsonExample = $jsonExampleArray | Out-String From 309302772de222653807f303dc1a347bfe4b3fb2 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Sun, 10 Jul 2022 23:49:15 +0200 Subject: [PATCH 35/38] Update utilities/tools/Set-ModuleReadMe.ps1 Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- utilities/tools/Set-ModuleReadMe.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index dc91cc571f..ecda5541a5 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -497,8 +497,8 @@ function Set-DeploymentExamplesSection { $requiredParameterEndIndex = $requiredParameterStartIndex } - # Add a comment where the non-required parameters start - $bicepExampleArray = $bicepExampleArray[0..$requiredParameterEndIndex] + ('{0}// Non-required parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(($requiredParameterEndIndex + 1) .. ($bicepExampleArray.Count))] + # Add a comment where the additional parameters start + $bicepExampleArray = $bicepExampleArray[0..$requiredParameterEndIndex] + ('{0}// Additional parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(($requiredParameterEndIndex + 1) .. ($bicepExampleArray.Count))] } $bicepExample = $bicepExampleArray | Out-String From a0574edd5ac8f540e042123f9f7513f3692ffaea Mon Sep 17 00:00:00 2001 From: MrMCake Date: Thu, 14 Jul 2022 18:45:35 +0200 Subject: [PATCH 36/38] Merged main & updated readme --- .../webPubSub/readme.md | 198 +++++++++--------- 1 file changed, 104 insertions(+), 94 deletions(-) diff --git a/modules/Microsoft.SignalRService/webPubSub/readme.md b/modules/Microsoft.SignalRService/webPubSub/readme.md index c25260dd6a..1b7bf13e22 100644 --- a/modules/Microsoft.SignalRService/webPubSub/readme.md +++ b/modules/Microsoft.SignalRService/webPubSub/readme.md @@ -343,7 +343,27 @@ networkAcls: { ## Deployment examples -

Example 1

+The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. + +

Example 1: Min

+ +
+ +via Bicep module + +```bicep +module webPubSub './Microsoft.SignalRService/webPubSub/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-webPubSub' + params: { + name: '<>-az-pubsub-min-001' + } +} +``` + +
+

@@ -362,6 +382,9 @@ networkAcls: { ```
+

+ +

Example 2: Parameters

@@ -371,7 +394,57 @@ networkAcls: { module webPubSub './Microsoft.SignalRService/webPubSub/deploy.bicep' = { name: '${uniqueString(deployment().name)}-webPubSub' params: { - name: '<>-az-pubsub-min-001' + // Required parameters + name: '<>-az-pubsub-x-001' + // Additional parameters + capacity: 2 + clientCertEnabled: false + disableAadAuth: false + disableLocalAuth: true + location: 'westeurope' + lock: 'CanNotDelete' + networkAcls: { + defaultAction: 'Allow' + privateEndpoints: [ + { + allow: [] + deny: [ + 'ServerConnection' + 'Trace' + ] + name: 'pe-<>-az-pubsub-x-001-webpubsub-0' + } + ] + publicNetwork: { + allow: [] + deny: [ + 'RESTAPI' + 'Trace' + ] + } + } + privateEndpoints: [ + { + service: 'webpubsub' + subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + } + ] + resourceLogConfigurationsToEnable: [ + 'ConnectivityLogs' + ] + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] + sku: 'Standard_S1' + systemAssignedIdentity: true + tags: { + purpose: 'test' + } } } ``` @@ -379,8 +452,6 @@ module webPubSub './Microsoft.SignalRService/webPubSub/deploy.bicep' = {

-

Example 2

-
via JSON Parameter file @@ -390,12 +461,11 @@ module webPubSub './Microsoft.SignalRService/webPubSub/deploy.bicep' = { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { - "location": { - "value": "westeurope" - }, + // Required parameters "name": { "value": "<>-az-pubsub-x-001" }, + // Additional parameters "capacity": { "value": 2 }, @@ -408,33 +478,23 @@ module webPubSub './Microsoft.SignalRService/webPubSub/deploy.bicep' = { "disableLocalAuth": { "value": true }, + "location": { + "value": "westeurope" + }, "lock": { "value": "CanNotDelete" }, - "sku": { - "value": "Standard_S1" - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, "networkAcls": { "value": { "defaultAction": "Allow", "privateEndpoints": [ { - "name": "pe-<>-az-pubsub-x-001-webpubsub-0", "allow": [], "deny": [ "ServerConnection", "Trace" - ] + ], + "name": "pe-<>-az-pubsub-x-001-webpubsub-0" } ], "publicNetwork": { @@ -446,90 +506,40 @@ module webPubSub './Microsoft.SignalRService/webPubSub/deploy.bicep' = { } } }, - "systemAssignedIdentity": { - "value": true - }, - "tags": { - "value": { - "purpose": "test" - } + "privateEndpoints": { + "value": [ + { + "service": "webpubsub", + "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + } + ] }, "resourceLogConfigurationsToEnable": { "value": [ "ConnectivityLogs" ] }, - "privateEndpoints": { + "roleAssignments": { "value": [ { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "webpubsub" - } - ] - } - } -} -``` - -
- -
- -via Bicep module - -```bicep -module webPubSub './Microsoft.SignalRService/webPubSub/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-webPubSub' - params: { - location: 'westeurope' - name: '<>-az-pubsub-x-001' - capacity: 2 - clientCertEnabled: false - disableAadAuth: false - disableLocalAuth: true - lock: 'CanNotDelete' - sku: 'Standard_S1' - roleAssignments: [ - { - roleDefinitionIdOrName: 'Reader' - principalIds: [ - '<>' - ] - } - ] - networkAcls: { - defaultAction: 'Allow' - privateEndpoints: [ - { - name: 'pe-<>-az-pubsub-x-001-webpubsub-0' - allow: [] - deny: [ - 'ServerConnection' - 'Trace' - ] + "principalIds": [ + "<>" + ], + "roleDefinitionIdOrName": "Reader" } ] - publicNetwork: { - allow: [] - deny: [ - 'RESTAPI' - 'Trace' - ] + }, + "sku": { + "value": "Standard_S1" + }, + "systemAssignedIdentity": { + "value": true + }, + "tags": { + "value": { + "purpose": "test" } } - systemAssignedIdentity: true - tags: { - purpose: 'test' - } - resourceLogConfigurationsToEnable: [ - 'ConnectivityLogs' - ] - privateEndpoints: [ - { - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' - service: 'webpubsub' - } - ] } } ``` From 3702debfcda7c51db498fb50c12a065a40e54364 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Fri, 15 Jul 2022 15:44:05 +0200 Subject: [PATCH 37/38] Update bicepconfig.json Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- bicepconfig.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bicepconfig.json b/bicepconfig.json index af7838eca4..3fd4240a72 100644 --- a/bicepconfig.json +++ b/bicepconfig.json @@ -9,7 +9,7 @@ "level": "off" // Reason: Our modules default to e.g. the location of their parent resource group which is sufficient if deploying a self-contained solution }, "prefer-unquoted-property-names": { - "level": "off" // Reason: This is complains primarily about RBAC roles which are all in quotes to be consistent within the list of roles with and without spaces in their name + "level": "off" // Reason: This complains primarily about RBAC roles which are all in quotes to be consistent within the list of roles with and without spaces in their name } } } From 64946babc38251213040be805ceb8bfa6f488f46 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 15 Jul 2022 15:57:25 +0200 Subject: [PATCH 38/38] Change rollback --- utilities/tools/Set-ModuleReadMe.ps1 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index ecda5541a5..cefb10a64a 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -497,8 +497,8 @@ function Set-DeploymentExamplesSection { $requiredParameterEndIndex = $requiredParameterStartIndex } - # Add a comment where the additional parameters start - $bicepExampleArray = $bicepExampleArray[0..$requiredParameterEndIndex] + ('{0}// Additional parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(($requiredParameterEndIndex + 1) .. ($bicepExampleArray.Count))] + # Add a comment where the non-required parameters start + $bicepExampleArray = $bicepExampleArray[0..$requiredParameterEndIndex] + ('{0}// Non-required parameters' -f (' ' * $requiredParameterIndent)) + $bicepExampleArray[(($requiredParameterEndIndex + 1) .. ($bicepExampleArray.Count))] } $bicepExample = $bicepExampleArray | Out-String @@ -574,8 +574,8 @@ function Set-DeploymentExamplesSection { # Search in rest of array for the next closing bracket with the same indent - and then add the search index (1) & initial index (1) count back in $requiredParameterEndIndex = ($jsonExampleArray[($requiredParameterStartIndex + 1)..($jsonExampleArray.Count)] | Select-String "^[\s]{$requiredParameterIndent}\}" | ForEach-Object { $_.LineNumber - 1 })[0] + 1 + $requiredParameterStartIndex - # Add a comment where the additional parameters start - $jsonExampleArray = $jsonExampleArray[0..$requiredParameterEndIndex] + ('{0}// Additional parameters' -f (' ' * $requiredParameterIndent)) + $jsonExampleArray[(($requiredParameterEndIndex + 1) .. ($jsonExampleArray.Count))] + # Add a comment where the non-required parameters start + $jsonExampleArray = $jsonExampleArray[0..$requiredParameterEndIndex] + ('{0}// Non-required parameters' -f (' ' * $requiredParameterIndent)) + $jsonExampleArray[(($requiredParameterEndIndex + 1) .. ($jsonExampleArray.Count))] } $jsonExample = $jsonExampleArray | Out-String