From 43954b862edcef7c530022bf6d775e404c68b601 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 30 Aug 2022 21:23:57 +0200 Subject: [PATCH 01/13] [Modules] Updated Automation/AutomationAccounts to new dependency approach --- .../ms.automation.automationaccounts.yml | 3 +- .../.test/default/dependencies.bicep | 88 ++++++ .../.test/default/deploy.test.bicep | 226 +++++++++++++++ .../.test/encr.parameters.json | 26 -- .../.test/encr/dependencies.bicep | 58 ++++ .../.test/encr/deploy.test.bicep | 53 ++++ .../.test/min.parameters.json | 9 - .../.test/min/deploy.test.bicep | 37 +++ .../automationAccounts/.test/parameters.json | 212 -------------- .../automationAccounts/readme.md | 262 +++++++++--------- utilities/tools/Set-ModuleReadMe.ps1 | 6 +- 11 files changed, 597 insertions(+), 383 deletions(-) create mode 100644 modules/Microsoft.Automation/automationAccounts/.test/default/dependencies.bicep create mode 100644 modules/Microsoft.Automation/automationAccounts/.test/default/deploy.test.bicep delete mode 100644 modules/Microsoft.Automation/automationAccounts/.test/encr.parameters.json create mode 100644 modules/Microsoft.Automation/automationAccounts/.test/encr/dependencies.bicep create mode 100644 modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep delete mode 100644 modules/Microsoft.Automation/automationAccounts/.test/min.parameters.json create mode 100644 modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep delete mode 100644 modules/Microsoft.Automation/automationAccounts/.test/parameters.json diff --git a/.github/workflows/ms.automation.automationaccounts.yml b/.github/workflows/ms.automation.automationaccounts.yml index 9b014db655..c35ec1f041 100644 --- a/.github/workflows/ms.automation.automationaccounts.yml +++ b/.github/workflows/ms.automation.automationaccounts.yml @@ -107,8 +107,7 @@ jobs: - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]' uses: ./.github/actions/templates/validateModuleDeployment with: - templateFilePath: '${{ env.modulePath }}/deploy.bicep' - parameterFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}' + templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}' location: '${{ env.location }}' resourceGroupName: '${{ env.resourceGroupName }}' subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}' diff --git a/modules/Microsoft.Automation/automationAccounts/.test/default/dependencies.bicep b/modules/Microsoft.Automation/automationAccounts/.test/default/dependencies.bicep new file mode 100644 index 0000000000..cbf606d9ad --- /dev/null +++ b/modules/Microsoft.Automation/automationAccounts/.test/default/dependencies.bicep @@ -0,0 +1,88 @@ +@description('Optional. The location to deploy resources to.') +param location string = resourceGroup().location + +@description('Required. The name of the Virtual Network to create.') +param virtualNetworkName string + +@description('Required. The name of the Key Vault to create.') +param keyVaultName string + +@description('Required. The name of the Managed Identity to create.') +param managedIdentityName string + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/24' + ] + } + subnets: [ + { + name: 'defaultSubnet' + properties: { + addressPrefix: '10.0.0.0/24' + } + } + ] + } +} + +resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = { + name: 'privatelink.azure-automation.net' + location: 'global' + + resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = { + name: '${virtualNetwork.name}-vnetlink' + location: 'global' + properties: { + virtualNetwork: { + id: virtualNetwork.id + } + registrationEnabled: false + } + } +} + +resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = { + name: keyVaultName + location: location + properties: { + sku: { + family: 'A' + name: 'standard' + } + tenantId: tenant().tenantId + enablePurgeProtection: null + enabledForTemplateDeployment: true + enabledForDiskEncryption: true + enabledForDeployment: true + enableRbacAuthorization: true + accessPolicies: [] + } +} + +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { + name: managedIdentityName + location: location +} + +@description('The resource ID of the created Virtual Network Subnet.') +output subnetResourceId string = virtualNetwork.properties.subnets[0].id + +@description('The resource ID of the created Key Vault.') +output keyVaultResourceId string = keyVault.id + +@description('The URL of the created Key Vault.') +output keyVaultUrl string = keyVault.properties.vaultUri + +@description('The principal ID of the created Managed Identity.') +output managedIdentityPrincipalId string = managedIdentity.properties.principalId + +@description('The resource ID of the created Managed Identity.') +output managedIdentityResourceId string = managedIdentity.id + +@description('The resource ID of the created Virtual Network Subnet.') +output privateDNSResourceId string = privateDNSZone.id diff --git a/modules/Microsoft.Automation/automationAccounts/.test/default/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/default/deploy.test.bicep new file mode 100644 index 0000000000..5952f317d3 --- /dev/null +++ b/modules/Microsoft.Automation/automationAccounts/.test/default/deploy.test.bicep @@ -0,0 +1,226 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for a testing purposes') +@maxLength(80) +param resourceGroupName string = 'ms.automation.account-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') +param serviceShort string = 'aadef' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +module resourceGroupResources 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-paramNested' + params: { + virtualNetworkName: 'dep-<>-vnet-${serviceShort}' + keyVaultName: 'dep-<>-kv-${serviceShort}' + managedIdentityName: 'dep-<>-msi-${serviceShort}' + } +} + +// Diagnostics +// =========== +module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnostic.dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-diagnosticDependencies' + params: { + storageAccountName: 'dep<>diasa${serviceShort}01' + logAnalyticsWorkspaceName: 'dep-<>-law-${serviceShort}' + eventHubNamespaceEventHubName: 'dep-<>-evh-${serviceShort}' + eventHubNamespaceName: 'dep-<>-evhns-${serviceShort}' + location: location + } +} + +// ============== // +// Test Execution // +// ============== // + +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + name: '<>${serviceShort}001' + diagnosticLogsRetentionInDays: 7 + diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId + diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId + diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId + diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName + gallerySolutions: [ + { + name: 'Updates' + product: 'OMSGallery' + publisher: 'Microsoft' + } + ] + jobSchedules: [ + { + runbookName: 'TestRunbook' + scheduleName: 'TestSchedule' + } + ] + disableLocalAuth: true + linkedWorkspaceResourceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId + lock: 'CanNotDelete' + modules: [ + { + name: 'PSWindowsUpdate' + uri: 'https://www.powershellgallery.com/api/v2/package' + version: 'latest' + } + ] + privateEndpoints: [ + { + privateDnsZoneGroups: { + privateDNSResourceIds: [ + resourceGroupResources.outputs.privateDNSResourceId + ] + } + service: 'Webhook' + subnetResourceId: resourceGroupResources.outputs.subnetResourceId + } + { + privateDnsZoneGroups: { + privateDNSResourceIds: [ + resourceGroupResources.outputs.privateDNSResourceId + ] + } + service: 'DSCAndHybridWorker' + subnetResourceId: resourceGroupResources.outputs.subnetResourceId + } + ] + roleAssignments: [ + { + principalIds: [ + resourceGroupResources.outputs.managedIdentityPrincipalId + ] + roleDefinitionIdOrName: 'Reader' + } + ] + runbooks: [ + { + description: 'Test runbook' + name: 'TestRunbook' + runbookType: 'PowerShell' + uri: 'https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.automation/101-automation/scripts/AzureAutomationTutorial.ps1' + version: '1.0.0.0' + } + ] + schedules: [ + { + advancedSchedule: {} + expiryTime: '9999-12-31T13:00' + frequency: 'Minute' + interval: 15 + name: 'TestSchedule' + startTime: '' + timeZone: 'Europe/Berlin' + } + ] + softwareUpdateConfigurations: [ + { + excludeUpdates: [ + '123456' + ] + frequency: 'Month' + includeUpdates: [ + '654321' + ] + interval: 1 + maintenanceWindow: 'PT4H' + monthlyOccurrences: [ + { + day: 'Friday' + occurrence: 3 + } + ] + name: 'Windows_ZeroDay' + operatingSystem: 'Windows' + rebootSetting: 'IfRequired' + scopeByTags: { + Update: [ + 'Automatic-Wave1' + ] + } + startTime: '22:00' + updateClassifications: [ + 'Critical' + 'Definition' + 'FeaturePack' + 'Security' + 'ServicePack' + 'Tools' + 'UpdateRollup' + 'Updates' + ] + } + { + excludeUpdates: [ + 'icacls' + ] + frequency: 'OneTime' + includeUpdates: [ + 'kernel' + ] + maintenanceWindow: 'PT4H' + name: 'Linux_ZeroDay' + operatingSystem: 'Linux' + rebootSetting: 'IfRequired' + startTime: '22:00' + updateClassifications: [ + 'Critical' + 'Other' + 'Security' + ] + } + ] + systemAssignedIdentity: true + userAssignedIdentities: { + '${resourceGroupResources.outputs.managedIdentityResourceId}': {} + } + variables: [ + { + description: 'TestStringDescription' + name: 'TestString' + value: '\'TestString\'' + } + { + description: 'TestIntegerDescription' + name: 'TestInteger' + value: '500' + } + { + description: 'TestBooleanDescription' + name: 'TestBoolean' + value: 'false' + } + { + description: 'TestDateTimeDescription' + isEncrypted: false + name: 'TestDateTime' + value: '\'\\/Date(1637934042656)\\/\'' + } + { + description: 'TestEncryptedDescription' + name: 'TestEncryptedVariable' + value: '\'TestEncryptedValue\'' + } + ] + } +} diff --git a/modules/Microsoft.Automation/automationAccounts/.test/encr.parameters.json b/modules/Microsoft.Automation/automationAccounts/.test/encr.parameters.json deleted file mode 100644 index 984988dc39..0000000000 --- a/modules/Microsoft.Automation/automationAccounts/.test/encr.parameters.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-aut-encr-001" - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "cMKUserAssignedIdentityResourceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" - }, - "cMKKeyName": { - "value": "keyEncryptionKey" - }, - "cMKKeyVaultResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002" - }, - "publicNetworkAccess": { - "value": "Enabled" - } - } -} diff --git a/modules/Microsoft.Automation/automationAccounts/.test/encr/dependencies.bicep b/modules/Microsoft.Automation/automationAccounts/.test/encr/dependencies.bicep new file mode 100644 index 0000000000..eb1264c69f --- /dev/null +++ b/modules/Microsoft.Automation/automationAccounts/.test/encr/dependencies.bicep @@ -0,0 +1,58 @@ +@description('Optional. The location to deploy resources to.') +param location string = resourceGroup().location + +@description('Required. The name of the Key Vault to create.') +param keyVaultName string + +@description('Required. The name of the Managed Identity to create.') +param managedIdentityName string + +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { + name: managedIdentityName + location: location +} + +resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = { + name: keyVaultName + location: location + properties: { + sku: { + family: 'A' + name: 'standard' + } + tenantId: tenant().tenantId + enablePurgeProtection: null + enabledForTemplateDeployment: true + enabledForDiskEncryption: true + enabledForDeployment: true + enableRbacAuthorization: true + accessPolicies: [] + } + + resource key 'keys@2022-07-01' = { + name: 'keyEncryptionKey' + properties: { + kty: 'RSA' + } + } +} + +resource keyPermissions 'Microsoft.Authorization/roleAssignments@2022-04-01' = { + name: guid('msi-${managedIdentity.name}-KeyVault-Key-Read-RoleAssignment') + scope: keyVault::key + properties: { + principalId: managedIdentity.properties.principalId + // Key Vault Crypto User + roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424') + principalType: 'ServicePrincipal' + } +} + +@description('The resource ID of the created Key Vault.') +output keyVaultResourceId string = keyVault.id + +@description('The name of the Key Vault Encryption Key.') +output keyVaultEncryptionKeyName string = keyVault::key.name + +@description('The resource ID of the created Managed Identity.') +output managedIdentityResourceId string = managedIdentity.id diff --git a/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep new file mode 100644 index 0000000000..8a055b5583 --- /dev/null +++ b/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep @@ -0,0 +1,53 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for a testing purposes') +@maxLength(80) +param resourceGroupName string = 'ms.automation.account-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') +param serviceShort string = 'aaencr' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +module resourceGroupResources 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-paramNested' + params: { + keyVaultName: 'dep-<>-kv-${serviceShort}' + managedIdentityName: 'dep-<>-msi-${serviceShort}' + } +} + +// ============== // +// Test Execution // +// ============== // + +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + name: '<>${serviceShort}001' + cMKKeyName: resourceGroupResources.outputs.keyVaultEncryptionKeyName + cMKKeyVaultResourceId: resourceGroupResources.outputs.keyVaultResourceId + cMKUserAssignedIdentityResourceId: resourceGroupResources.outputs.managedIdentityResourceId + publicNetworkAccess: 'Enabled' + userAssignedIdentities: { + '${resourceGroupResources.outputs.managedIdentityResourceId}': {} + } + } +} diff --git a/modules/Microsoft.Automation/automationAccounts/.test/min.parameters.json b/modules/Microsoft.Automation/automationAccounts/.test/min.parameters.json deleted file mode 100644 index c76e891806..0000000000 --- a/modules/Microsoft.Automation/automationAccounts/.test/min.parameters.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-aut-min-001" - } - } -} diff --git a/modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep new file mode 100644 index 0000000000..cd4617a02d --- /dev/null +++ b/modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep @@ -0,0 +1,37 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for a testing purposes') +@maxLength(80) +param resourceGroupName string = 'ms.automation.account-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') +param serviceShort string = 'aamin' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +// ============== // +// Test Execution // +// ============== // + +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + name: '<>${serviceShort}001' + } +} diff --git a/modules/Microsoft.Automation/automationAccounts/.test/parameters.json b/modules/Microsoft.Automation/automationAccounts/.test/parameters.json deleted file mode 100644 index a2a0a55e37..0000000000 --- a/modules/Microsoft.Automation/automationAccounts/.test/parameters.json +++ /dev/null @@ -1,212 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-aut-x-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "schedules": { - "value": [ - { - "name": "TestSchedule", - "startTime": "", - "expiryTime": "9999-12-31T13:00", - "interval": 15, - "frequency": "Minute", - "timeZone": "Europe/Berlin", - "advancedSchedule": {} - } - ] - }, - "modules": { - "value": [ - { - "name": "PSWindowsUpdate", - "version": "latest", - "uri": "https://www.powershellgallery.com/api/v2/package" - } - ] - }, - "runbooks": { - "value": [ - { - "name": "TestRunbook", - "runbookType": "PowerShell", - "description": "Test runbook", - "uri": "https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.automation/101-automation/scripts/AzureAutomationTutorial.ps1", - "version": "1.0.0.0" - } - ] - }, - "jobSchedules": { - "value": [ - { - "scheduleName": "TestSchedule", - "runbookName": "TestRunbook" - } - ] - }, - "variables": { - "value": [ - { - "name": "TestString", - "value": "\"TestString\"", - "description": "TestStringDescription" - }, - { - "name": "TestInteger", - "value": "500", - "description": "TestIntegerDescription" - }, - { - "name": "TestBoolean", - "value": "false", - "description": "TestBooleanDescription" - }, - { - "name": "TestDateTime", - "value": "\"\\/Date(1637934042656)\\/\"", - "description": "TestDateTimeDescription", - "isEncrypted": false - }, - { - "name": "TestEncryptedVariable", - "value": "\"TestEncryptedValue\"", - "description": "TestEncryptedDescription" - } - ] - }, - "linkedWorkspaceResourceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-aut-001" - }, - "gallerySolutions": { - "value": [ - { - "name": "Updates", - "product": "OMSGallery", - "publisher": "Microsoft" - } - ] - }, - "softwareUpdateConfigurations": { - "value": [ - { - "name": "Windows_ZeroDay", - "frequency": "Month", - "operatingSystem": "Windows", - "rebootSetting": "IfRequired", - "scopeByTags": { - "Update": [ - "Automatic-Wave1" - ] - }, - "maintenanceWindow": "PT4H", - "updateClassifications": [ - "Critical", - "Security", - "UpdateRollup", - "FeaturePack", - "ServicePack", - "Definition", - "Tools", - "Updates" - ], - "includeUpdates": [ - "654321" - ], - "excludeUpdates": [ - "123456" - ], - "interval": 1, - "monthlyOccurrences": [ - { - "occurrence": 3, - "day": "Friday" - } - ], - "startTime": "22:00" - }, - { - "name": "Linux_ZeroDay", - "frequency": "OneTime", - "operatingSystem": "Linux", - "rebootSetting": "IfRequired", - "maintenanceWindow": "PT4H", - "updateClassifications": [ - "Critical", - "Security", - "Other" - ], - "includeUpdates": [ - "kernel" - ], - "excludeUpdates": [ - "icacls" - ], - "startTime": "22:00" - } - ] - }, - "privateEndpoints": { - "value": [ - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "Webhook", - "privateDnsZoneGroups": { - "privateDNSResourceIds": [ - "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/privateDnsZones/privatelink.azure-automation.net" - ] - } - }, - { - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints", - "service": "DSCAndHybridWorker", - "privateDnsZoneGroups": { - "privateDNSResourceIds": [ - "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/privateDnsZones/privatelink.azure-automation.net" - ] - } - } - ] - }, - "disableLocalAuth": { - "value": true - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - } - } -} diff --git a/modules/Microsoft.Automation/automationAccounts/readme.md b/modules/Microsoft.Automation/automationAccounts/readme.md index efaae090e2..abfb88ae09 100644 --- a/modules/Microsoft.Automation/automationAccounts/readme.md +++ b/modules/Microsoft.Automation/automationAccounts/readme.md @@ -365,126 +365,24 @@ The following module usage examples are retrieved from the content of the files >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -

Example 1: Encr

+

Example 1: Default

via Bicep module ```bicep -module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-automationAccounts' +module Automationaccounts './Microsoft.Automation/Automationaccounts/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-test-aadef' params: { // Required parameters - name: '<>-az-aut-encr-001' + name: '<>aadef001' // Non-required parameters - cMKKeyName: 'keyEncryptionKey' - cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' - cMKUserAssignedIdentityResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' - publicNetworkAccess: 'Enabled' - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - } -} -``` - -
-

- -

- -via JSON Parameter file - -```json -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - // Required parameters - "name": { - "value": "<>-az-aut-encr-001" - }, - // Non-required parameters - "cMKKeyName": { - "value": "keyEncryptionKey" - }, - "cMKKeyVaultResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002" - }, - "cMKUserAssignedIdentityResourceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" - }, - "publicNetworkAccess": { - "value": "Enabled" - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - } - } -} -``` - -
-

- -

Example 2: Min

- -
- -via Bicep module - -```bicep -module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-automationAccounts' - params: { - name: '<>-az-aut-min-001' - } -} -``` - -
-

- -

- -via JSON Parameter file - -```json -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-aut-min-001" - } - } -} -``` - -
-

- -

Example 3: Parameters

- -
- -via Bicep module - -```bicep -module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-automationAccounts' - params: { - // Required parameters - name: '<>-az-aut-x-001' - // Non-required parameters - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticEventHubAuthorizationRuleId: '' + diagnosticEventHubName: '' diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticStorageAccountId: '' + diagnosticWorkspaceId: '' disableLocalAuth: true gallerySolutions: [ { @@ -499,7 +397,7 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice scheduleName: 'TestSchedule' } ] - linkedWorkspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-aut-001' + linkedWorkspaceResourceId: '' lock: 'CanNotDelete' modules: [ { @@ -512,26 +410,26 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice { privateDnsZoneGroups: { privateDNSResourceIds: [ - '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/privateDnsZones/privatelink.azure-automation.net' + '' ] } service: 'Webhook' - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + subnetResourceId: '' } { privateDnsZoneGroups: { privateDNSResourceIds: [ - '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/privateDnsZones/privatelink.azure-automation.net' + '' ] } service: 'DSCAndHybridWorker' - subnetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints' + subnetResourceId: '' } ] roleAssignments: [ { principalIds: [ - '<>' + '' ] roleDefinitionIdOrName: 'Reader' } @@ -615,7 +513,7 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice ] systemAssignedIdentity: true userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + '': {} } variables: [ { @@ -637,7 +535,7 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice description: 'TestDateTimeDescription' isEncrypted: false name: 'TestDateTime' - value: '\'\\/Date(1637934042656)\\/\'' + value: '' } { description: 'TestEncryptedDescription' @@ -663,23 +561,23 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice "parameters": { // Required parameters "name": { - "value": "<>-az-aut-x-001" + "value": "<>aadef001" }, // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + "value": "" }, "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "value": "" }, "diagnosticLogsRetentionInDays": { "value": 7 }, "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + "value": "" }, "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + "value": "" }, "disableLocalAuth": { "value": true @@ -702,7 +600,7 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice ] }, "linkedWorkspaceResourceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-aut-001" + "value": "" }, "lock": { "value": "CanNotDelete" @@ -721,20 +619,20 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice { "privateDnsZoneGroups": { "privateDNSResourceIds": [ - "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/privateDnsZones/privatelink.azure-automation.net" + "" ] }, "service": "Webhook", - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + "subnetResourceId": "" }, { "privateDnsZoneGroups": { "privateDNSResourceIds": [ - "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/privateDnsZones/privatelink.azure-automation.net" + "" ] }, "service": "DSCAndHybridWorker", - "subnetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-005-privateEndpoints" + "subnetResourceId": "" } ] }, @@ -742,7 +640,7 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice "value": [ { "principalIds": [ - "<>" + "" ], "roleDefinitionIdOrName": "Reader" } @@ -836,7 +734,7 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice }, "userAssignedIdentities": { "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + "": {} } }, "variables": { @@ -860,7 +758,7 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice "description": "TestDateTimeDescription", "isEncrypted": false, "name": "TestDateTime", - "value": "\"\\/Date(1637934042656)\\/\"" + "value": "" }, { "description": "TestEncryptedDescription", @@ -875,3 +773,105 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice

+ +

Example 2: Encr

+ +
+ +via Bicep module + +```bicep +module Automationaccounts './Microsoft.Automation/Automationaccounts/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-test-aaencr' + params: { + // Required parameters + name: '<>aaencr001' + // Non-required parameters + cMKKeyName: '' + cMKKeyVaultResourceId: '' + cMKUserAssignedIdentityResourceId: '' + publicNetworkAccess: 'Enabled' + userAssignedIdentities: { + '': {} + } + } +} +``` + +
+

+ +

+ +via JSON Parameter file + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + // Required parameters + "name": { + "value": "<>aaencr001" + }, + // Non-required parameters + "cMKKeyName": { + "value": "" + }, + "cMKKeyVaultResourceId": { + "value": "" + }, + "cMKUserAssignedIdentityResourceId": { + "value": "" + }, + "publicNetworkAccess": { + "value": "Enabled" + }, + "userAssignedIdentities": { + "value": { + "": {} + } + } + } +} +``` + +
+

+ +

Example 3: Min

+ +
+ +via Bicep module + +```bicep +module Automationaccounts './Microsoft.Automation/Automationaccounts/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-test-aamin' + params: { + name: '<>aamin001' + } +} +``` + +
+

+ +

+ +via JSON Parameter file + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>aamin001" + } + } +} +``` + +
+

diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index a1074fed21..6b922d65e8 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -883,9 +883,10 @@ function Set-DeploymentExamplesSection { '' ) + $TextInfo = (Get-Culture -Name 'en-US').TextInfo $moduleRoot = Split-Path $TemplateFilePath -Parent - $resourceTypeIdentifier = $moduleRoot.Replace('\', '/').Split('/modules/')[1].TrimStart('/') - $resourceType = $resourceTypeIdentifier.Split('/')[1] + $resourceTypeIdentifier = $TextInfo.ToTitleCase($moduleRoot.Replace('\', '/').Split('/modules/')[1].TrimStart('/')) + $resourceType = $TextInfo.ToTitleCase($resourceTypeIdentifier.Split('/')[1]) $testFilePaths = Get-ModuleTestFileList -ModulePath $moduleRoot | ForEach-Object { Join-Path $moduleRoot $_ } $RequiredParametersList = $TemplateFileContent.parameters.Keys | Where-Object { $TemplateFileContent.parameters[$_].Keys -notcontains 'defaultValue' } | Sort-Object @@ -906,7 +907,6 @@ function Set-DeploymentExamplesSection { } else { $exampleTitle = ((Split-Path $testFilePath -LeafBase) -replace '\.', ' ') -replace ' parameters', '' } - $TextInfo = (Get-Culture -Name 'en-US').TextInfo $exampleTitle = $TextInfo.ToTitleCase($exampleTitle) $SectionContent += @( '

Example {0}: {1}

' -f $pathIndex, $exampleTitle From 39fe64dc678e4bfdc6ed7da5baf2d19c9ef6157e Mon Sep 17 00:00:00 2001 From: MrMCake Date: Thu, 1 Sep 2022 10:15:22 +0200 Subject: [PATCH 02/13] Update to latest --- .../automationAccounts/readme.md | 6 ++--- utilities/tools/Set-ModuleReadMe.ps1 | 23 ++++++++++++------- 2 files changed, 18 insertions(+), 11 deletions(-) diff --git a/modules/Microsoft.Automation/automationAccounts/readme.md b/modules/Microsoft.Automation/automationAccounts/readme.md index abfb88ae09..fda23167ac 100644 --- a/modules/Microsoft.Automation/automationAccounts/readme.md +++ b/modules/Microsoft.Automation/automationAccounts/readme.md @@ -372,7 +372,7 @@ The following module usage examples are retrieved from the content of the files via Bicep module ```bicep -module Automationaccounts './Microsoft.Automation/Automationaccounts/deploy.bicep' = { +module AutomationAccounts './Microsoft.Automation/AutomationAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-test-aadef' params: { // Required parameters @@ -781,7 +781,7 @@ module Automationaccounts './Microsoft.Automation/Automationaccounts/deploy.bice via Bicep module ```bicep -module Automationaccounts './Microsoft.Automation/Automationaccounts/deploy.bicep' = { +module AutomationAccounts './Microsoft.Automation/AutomationAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-test-aaencr' params: { // Required parameters @@ -846,7 +846,7 @@ module Automationaccounts './Microsoft.Automation/Automationaccounts/deploy.bice via Bicep module ```bicep -module Automationaccounts './Microsoft.Automation/Automationaccounts/deploy.bicep' = { +module AutomationAccounts './Microsoft.Automation/AutomationAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-test-aamin' params: { name: '<>aamin001' diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 6b922d65e8..25d22f3fff 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -51,7 +51,7 @@ function Set-ResourceTypesSection { $RelevantResourceTypeObjects = Get-NestedResourceList $TemplateFileContent | Where-Object { $_.type -notin $ResourceTypesToExclude -and $_ - } | Select-Object 'Type', 'ApiVersion' -Unique | Sort-Object Type -Culture en-US + } | Select-Object 'Type', 'ApiVersion' -Unique | Sort-Object Type -Culture 'en-US' foreach ($resourceTypeObject in $RelevantResourceTypeObjects) { $ProviderNamespace, $ResourceType = $resourceTypeObject.Type -split '/', 2 @@ -280,7 +280,7 @@ function Set-OutputsSection { '| Output Name | Type | Description |', '| :-- | :-- | :-- |' ) - foreach ($outputName in ($templateFileContent.outputs.Keys | Sort-Object -Culture en-US)) { + foreach ($outputName in ($templateFileContent.outputs.Keys | Sort-Object -Culture 'en-US')) { $output = $TemplateFileContent.outputs[$outputName] $description = $output.metadata.description.Replace("`r`n", '

').Replace("`n", '

') $SectionContent += ("| ``{0}`` | {1} | {2} |" -f $outputName, $output.type, $description) @@ -290,7 +290,7 @@ function Set-OutputsSection { '| Output Name | Type |', '| :-- | :-- |' ) - foreach ($outputName in ($templateFileContent.outputs.Keys | Sort-Object -Culture en-US)) { + foreach ($outputName in ($templateFileContent.outputs.Keys | Sort-Object -Culture 'en-US')) { $output = $TemplateFileContent.outputs[$outputName] $SectionContent += ("| ``{0}`` | {1} |" -f $outputName, $output.type) } @@ -883,10 +883,16 @@ function Set-DeploymentExamplesSection { '' ) - $TextInfo = (Get-Culture -Name 'en-US').TextInfo $moduleRoot = Split-Path $TemplateFilePath -Parent - $resourceTypeIdentifier = $TextInfo.ToTitleCase($moduleRoot.Replace('\', '/').Split('/modules/')[1].TrimStart('/')) - $resourceType = $TextInfo.ToTitleCase($resourceTypeIdentifier.Split('/')[1]) + $fullIdentifier = $moduleRoot.Replace('\', '/').Split('/modules/')[1].TrimStart('/') + + # Get resource type and make first letter upper case. Requires manual handling as ToTitleCase lowercases everything but the first letter + $providerNamespace = ($fullIdentifier.Split('/')[0] -split '\.' | ForEach-Object { $_.Substring(0, 1).ToUpper() + $_.Substring(1) }) -join '.' + $resourceType = $fullIdentifier.Split('/')[1] + $resourceTypeUpper = $resourceType.Substring(0, 1).ToUpper() + $resourceType.Substring(1) + + $resourceTypeIdentifier = "$providerNamespace/$resourceType" + $testFilePaths = Get-ModuleTestFileList -ModulePath $moduleRoot | ForEach-Object { Join-Path $moduleRoot $_ } $RequiredParametersList = $TemplateFileContent.parameters.Keys | Where-Object { $TemplateFileContent.parameters[$_].Keys -notcontains 'defaultValue' } | Sort-Object @@ -907,7 +913,8 @@ function Set-DeploymentExamplesSection { } else { $exampleTitle = ((Split-Path $testFilePath -LeafBase) -replace '\.', ' ') -replace ' parameters', '' } - $exampleTitle = $TextInfo.ToTitleCase($exampleTitle) + $textInfo = (Get-Culture -Name 'en-US').TextInfo + $exampleTitle = $textInfo.ToTitleCase($exampleTitle) $SectionContent += @( '

Example {0}: {1}

' -f $pathIndex, $exampleTitle ) @@ -1138,7 +1145,7 @@ function Set-DeploymentExamplesSection { '```bicep', $extendedKeyVaultReferences, "module $resourceType './$resourceTypeIdentifier/deploy.bicep' = {" - " name: '`${uniqueString(deployment().name)}-$resourceType'" + " name: '`${uniqueString(deployment().name)}-$resourceTypeUpper'" ' params: {' $bicepExample.TrimEnd(), ' }' From 0bf1686bc2f5b3ef006fcf1077562534425b43a8 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Thu, 1 Sep 2022 11:32:10 +0200 Subject: [PATCH 03/13] Update to latest --- .../automationAccounts/readme.md | 110 +----------------- 1 file changed, 4 insertions(+), 106 deletions(-) diff --git a/modules/Microsoft.Automation/automationAccounts/readme.md b/modules/Microsoft.Automation/automationAccounts/readme.md index 79b446e172..fda23167ac 100644 --- a/modules/Microsoft.Automation/automationAccounts/readme.md +++ b/modules/Microsoft.Automation/automationAccounts/readme.md @@ -372,116 +372,14 @@ The following module usage examples are retrieved from the content of the files via Bicep module ```bicep -module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-AutomationAccounts' +module AutomationAccounts './Microsoft.Automation/AutomationAccounts/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-test-aadef' params: { // Required parameters name: '<>aadef001' // Non-required parameters - cMKKeyName: 'keyEncryptionKey' - cMKKeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002' - cMKUserAssignedIdentityResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001' - publicNetworkAccess: 'Enabled' - userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} - } - } -} -``` - - -

- -

- -via JSON Parameter file - -```json -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - // Required parameters - "name": { - "value": "<>-az-aut-encr-001" - }, - // Non-required parameters - "cMKKeyName": { - "value": "keyEncryptionKey" - }, - "cMKKeyVaultResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-nopr-002" - }, - "cMKUserAssignedIdentityResourceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001" - }, - "publicNetworkAccess": { - "value": "Enabled" - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - } - } -} -``` - -
-

- -

Example 2: Min

- -
- -via Bicep module - -```bicep -module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-AutomationAccounts' - params: { - name: '<>-az-aut-min-001' - } -} -``` - -
-

- -

- -via JSON Parameter file - -```json -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-aut-min-001" - } - } -} -``` - -
-

- -

Example 3: Parameters

- -
- -via Bicep module - -```bicep -module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-AutomationAccounts' - params: { - // Required parameters - name: '<>-az-aut-x-001' - // Non-required parameters - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticEventHubAuthorizationRuleId: '' + diagnosticEventHubName: '' diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' From 6403f5d5109882b5cf83356e6f266be625f0bfc4 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Sat, 3 Sep 2022 12:37:03 +0200 Subject: [PATCH 04/13] Update to latest --- .../automationAccounts/.test/encr/dependencies.bicep | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/modules/Microsoft.Automation/automationAccounts/.test/encr/dependencies.bicep b/modules/Microsoft.Automation/automationAccounts/.test/encr/dependencies.bicep index eb1264c69f..968242fdc7 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/encr/dependencies.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/encr/dependencies.bicep @@ -38,12 +38,11 @@ resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = { } resource keyPermissions 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${managedIdentity.name}-KeyVault-Key-Read-RoleAssignment') + name: guid('msi-${keyVault::key.id}-${location}-${managedIdentity.id}-Key-Reader-RoleAssignment') scope: keyVault::key properties: { principalId: managedIdentity.properties.principalId - // Key Vault Crypto User - roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424') + roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424') // Key Vault Crypto User principalType: 'ServicePrincipal' } } From 7484357b5ed2fe9f3b1ccc113d69f872afbd9e25 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Thu, 8 Sep 2022 18:52:24 +0200 Subject: [PATCH 05/13] Updated folder default to common. --- .../.test/{default => common}/dependencies.bicep | 0 .../.test/{default => common}/deploy.test.bicep | 0 modules/Microsoft.Automation/automationAccounts/readme.md | 8 ++++---- 3 files changed, 4 insertions(+), 4 deletions(-) rename modules/Microsoft.Automation/automationAccounts/.test/{default => common}/dependencies.bicep (100%) rename modules/Microsoft.Automation/automationAccounts/.test/{default => common}/deploy.test.bicep (100%) diff --git a/modules/Microsoft.Automation/automationAccounts/.test/default/dependencies.bicep b/modules/Microsoft.Automation/automationAccounts/.test/common/dependencies.bicep similarity index 100% rename from modules/Microsoft.Automation/automationAccounts/.test/default/dependencies.bicep rename to modules/Microsoft.Automation/automationAccounts/.test/common/dependencies.bicep diff --git a/modules/Microsoft.Automation/automationAccounts/.test/default/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep similarity index 100% rename from modules/Microsoft.Automation/automationAccounts/.test/default/deploy.test.bicep rename to modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep diff --git a/modules/Microsoft.Automation/automationAccounts/readme.md b/modules/Microsoft.Automation/automationAccounts/readme.md index fda23167ac..b122435d8e 100644 --- a/modules/Microsoft.Automation/automationAccounts/readme.md +++ b/modules/Microsoft.Automation/automationAccounts/readme.md @@ -365,14 +365,14 @@ The following module usage examples are retrieved from the content of the files >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -

Example 1: Default

+

Example 1: Common

via Bicep module ```bicep -module AutomationAccounts './Microsoft.Automation/AutomationAccounts/deploy.bicep' = { +module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-test-aadef' params: { // Required parameters @@ -781,7 +781,7 @@ module AutomationAccounts './Microsoft.Automation/AutomationAccounts/deploy.bice via Bicep module ```bicep -module AutomationAccounts './Microsoft.Automation/AutomationAccounts/deploy.bicep' = { +module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-test-aaencr' params: { // Required parameters @@ -846,7 +846,7 @@ module AutomationAccounts './Microsoft.Automation/AutomationAccounts/deploy.bice via Bicep module ```bicep -module AutomationAccounts './Microsoft.Automation/AutomationAccounts/deploy.bicep' = { +module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { name: '${uniqueString(deployment().name)}-test-aamin' params: { name: '<>aamin001' From 8017048b5d9126c11eff43e6b6d49d68f0638aa4 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 9 Sep 2022 12:49:41 +0200 Subject: [PATCH 06/13] Update to latest --- .../automationAccounts/.test/common/deploy.test.bicep | 4 ++-- .../automationAccounts/.test/encr/deploy.test.bicep | 2 +- .../automationAccounts/.test/min/deploy.test.bicep | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep index 5952f317d3..8550a527f8 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep @@ -10,8 +10,8 @@ param resourceGroupName string = 'ms.automation.account-${serviceShort}-rg' @description('Optional. The location to deploy resources to') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') -param serviceShort string = 'aadef' +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') +param serviceShort string = 'aacom' // =========== // // Deployments // diff --git a/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep index 8a055b5583..32a3d82d6b 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep @@ -10,7 +10,7 @@ param resourceGroupName string = 'ms.automation.account-${serviceShort}-rg' @description('Optional. The location to deploy resources to') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') param serviceShort string = 'aaencr' // =========== // diff --git a/modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep index cd4617a02d..a822e32cfe 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep @@ -10,7 +10,7 @@ param resourceGroupName string = 'ms.automation.account-${serviceShort}-rg' @description('Optional. The location to deploy resources to') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') param serviceShort string = 'aamin' // =========== // From ad5415be83817a6b7b35ae7663a44c4b5be6b3aa Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 9 Sep 2022 13:02:34 +0200 Subject: [PATCH 07/13] Update to latest --- .../automationAccounts/.test/common/deploy.test.bicep | 6 +++--- .../automationAccounts/.test/encr/deploy.test.bicep | 6 +++--- .../automationAccounts/.test/min/deploy.test.bicep | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep index 8550a527f8..cc1c0e6a5f 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep @@ -3,14 +3,14 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for a testing purposes') +@description('Optional. The name of the resource group to deploy for a testing purposes.') @maxLength(80) param resourceGroupName string = 'ms.automation.account-${serviceShort}-rg' -@description('Optional. The location to deploy resources to') +@description('Optional. The location to deploy resources to.') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') param serviceShort string = 'aacom' // =========== // diff --git a/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep index 32a3d82d6b..5c2606b4c9 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep @@ -3,14 +3,14 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for a testing purposes') +@description('Optional. The name of the resource group to deploy for a testing purposes.') @maxLength(80) param resourceGroupName string = 'ms.automation.account-${serviceShort}-rg' -@description('Optional. The location to deploy resources to') +@description('Optional. The location to deploy resources to.') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') param serviceShort string = 'aaencr' // =========== // diff --git a/modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep index a822e32cfe..8e83d2e5b0 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep @@ -3,14 +3,14 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for a testing purposes') +@description('Optional. The name of the resource group to deploy for a testing purposes.') @maxLength(80) param resourceGroupName string = 'ms.automation.account-${serviceShort}-rg' -@description('Optional. The location to deploy resources to') +@description('Optional. The location to deploy resources to.') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') param serviceShort string = 'aamin' // =========== // From be1f4509ccb181fcc5e62867027240d50e46314a Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 9 Sep 2022 13:25:30 +0200 Subject: [PATCH 08/13] Update to latest --- modules/Microsoft.Automation/automationAccounts/readme.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/Microsoft.Automation/automationAccounts/readme.md b/modules/Microsoft.Automation/automationAccounts/readme.md index d066628b7b..2330601ed2 100644 --- a/modules/Microsoft.Automation/automationAccounts/readme.md +++ b/modules/Microsoft.Automation/automationAccounts/readme.md @@ -374,10 +374,10 @@ The following module usage examples are retrieved from the content of the files ```bicep module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-test-aadef' + name: '${uniqueString(deployment().name)}-test-aacom' params: { // Required parameters - name: '<>aadef001' + name: '<>aacom001' // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' @@ -562,7 +562,7 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice "parameters": { // Required parameters "name": { - "value": "<>aadef001" + "value": "<>aacom001" }, // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { From 49f70519b5a40ed134170204ba8cf468589725e9 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Sun, 18 Sep 2022 23:18:58 +0200 Subject: [PATCH 09/13] Update to latest --- .../automationAccounts/.test/common/deploy.test.bicep | 2 +- .../automationAccounts/.test/encr/deploy.test.bicep | 2 +- .../automationAccounts/.test/min/deploy.test.bicep | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep index cc1c0e6a5f..c213e3e59b 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep @@ -3,7 +3,7 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for a testing purposes.') +@description('Optional. The name of the resource group to deploy for testing purposes.') @maxLength(80) param resourceGroupName string = 'ms.automation.account-${serviceShort}-rg' diff --git a/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep index 5c2606b4c9..be7e395f4f 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep @@ -3,7 +3,7 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for a testing purposes.') +@description('Optional. The name of the resource group to deploy for testing purposes.') @maxLength(80) param resourceGroupName string = 'ms.automation.account-${serviceShort}-rg' diff --git a/modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep index 8e83d2e5b0..01edb8fbea 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/min/deploy.test.bicep @@ -3,7 +3,7 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for a testing purposes.') +@description('Optional. The name of the resource group to deploy for testing purposes.') @maxLength(80) param resourceGroupName string = 'ms.automation.account-${serviceShort}-rg' From 33fa1389dd76b43bf4805b8efc211b176e9b6217 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Mon, 19 Sep 2022 00:01:48 +0200 Subject: [PATCH 10/13] Update to latest --- .../automationAccounts/.test/common/dependencies.bicep | 4 ++-- .../automationAccounts/.test/common/deploy.test.bicep | 4 ++-- modules/Microsoft.Automation/automationAccounts/readme.md | 8 ++++---- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/modules/Microsoft.Automation/automationAccounts/.test/common/dependencies.bicep b/modules/Microsoft.Automation/automationAccounts/.test/common/dependencies.bicep index cbf606d9ad..0fee983b7b 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/common/dependencies.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/common/dependencies.bicep @@ -84,5 +84,5 @@ output managedIdentityPrincipalId string = managedIdentity.properties.principalI @description('The resource ID of the created Managed Identity.') output managedIdentityResourceId string = managedIdentity.id -@description('The resource ID of the created Virtual Network Subnet.') -output privateDNSResourceId string = privateDNSZone.id +@description('The resource ID of the created Private DNS Zone.') +output privateDNSZoneResourceId string = privateDNSZone.id diff --git a/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep index c213e3e59b..319c5de94e 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep @@ -89,7 +89,7 @@ module testDeployment '../../deploy.bicep' = { { privateDnsZoneGroups: { privateDNSResourceIds: [ - resourceGroupResources.outputs.privateDNSResourceId + resourceGroupResources.outputs.privateDNSZoneResourceId ] } service: 'Webhook' @@ -98,7 +98,7 @@ module testDeployment '../../deploy.bicep' = { { privateDnsZoneGroups: { privateDNSResourceIds: [ - resourceGroupResources.outputs.privateDNSResourceId + resourceGroupResources.outputs.privateDNSZoneResourceId ] } service: 'DSCAndHybridWorker' diff --git a/modules/Microsoft.Automation/automationAccounts/readme.md b/modules/Microsoft.Automation/automationAccounts/readme.md index 9aefa0ece1..6f4f21455d 100644 --- a/modules/Microsoft.Automation/automationAccounts/readme.md +++ b/modules/Microsoft.Automation/automationAccounts/readme.md @@ -411,7 +411,7 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice { privateDnsZoneGroups: { privateDNSResourceIds: [ - '' + '' ] } service: 'Webhook' @@ -420,7 +420,7 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice { privateDnsZoneGroups: { privateDNSResourceIds: [ - '' + '' ] } service: 'DSCAndHybridWorker' @@ -620,7 +620,7 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice { "privateDnsZoneGroups": { "privateDNSResourceIds": [ - "" + "" ] }, "service": "Webhook", @@ -629,7 +629,7 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice { "privateDnsZoneGroups": { "privateDNSResourceIds": [ - "" + "" ] }, "service": "DSCAndHybridWorker", From 787e19c828c6648b5496db11c23eeb2722103b2a Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Mon, 10 Oct 2022 20:33:29 +0200 Subject: [PATCH 11/13] Update modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- .../automationAccounts/.test/common/deploy.test.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep index 319c5de94e..2333b947d5 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/common/deploy.test.bicep @@ -96,7 +96,7 @@ module testDeployment '../../deploy.bicep' = { subnetResourceId: resourceGroupResources.outputs.subnetResourceId } { - privateDnsZoneGroups: { + privateDnsZoneGroup: { privateDNSResourceIds: [ resourceGroupResources.outputs.privateDNSZoneResourceId ] From 343478c5b83d7cbeb2a1969941c7751732343049 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Mon, 10 Oct 2022 21:06:15 +0200 Subject: [PATCH 12/13] Enabled kv purge protection --- .../automationAccounts/.test/encr/dependencies.bicep | 3 ++- .../automationAccounts/.test/encr/deploy.test.bicep | 6 +++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/modules/Microsoft.Automation/automationAccounts/.test/encr/dependencies.bicep b/modules/Microsoft.Automation/automationAccounts/.test/encr/dependencies.bicep index 968242fdc7..c0fbbed613 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/encr/dependencies.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/encr/dependencies.bicep @@ -21,7 +21,8 @@ resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = { name: 'standard' } tenantId: tenant().tenantId - enablePurgeProtection: null + softDeleteRetentionInDays: 7 + enablePurgeProtection: true enabledForTemplateDeployment: true enabledForDiskEncryption: true enabledForDeployment: true diff --git a/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep index be7e395f4f..1063831881 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep @@ -13,6 +13,9 @@ param location string = deployment().location @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') param serviceShort string = 'aaencr' +@description('Generated. Used as a basis for unique resource names.') +param baseTime string = utcNow('u') + // =========== // // Deployments // // =========== // @@ -28,7 +31,8 @@ module resourceGroupResources 'dependencies.bicep' = { scope: resourceGroup name: '${uniqueString(deployment().name, location)}-paramNested' params: { - keyVaultName: 'dep-<>-kv-${serviceShort}' + // Adding base time to make the name unique as purge protection must be enabled (but may not be longer than 24 characters total) + keyVaultName: 'dep-<>-kv-${serviceShort}-${substring(uniqueString(baseTime), 0, 3)}' managedIdentityName: 'dep-<>-msi-${serviceShort}' } } From a55247e3faebb176aa2d1846d670a984d5dfdb0a Mon Sep 17 00:00:00 2001 From: MrMCake Date: Thu, 13 Oct 2022 17:10:15 +0200 Subject: [PATCH 13/13] Addressed comments --- .../automationAccounts/.test/encr/deploy.test.bicep | 1 - modules/Microsoft.Automation/automationAccounts/readme.md | 4 ---- 2 files changed, 5 deletions(-) diff --git a/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep b/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep index 1063831881..498cfd01c7 100644 --- a/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep +++ b/modules/Microsoft.Automation/automationAccounts/.test/encr/deploy.test.bicep @@ -49,7 +49,6 @@ module testDeployment '../../deploy.bicep' = { cMKKeyName: resourceGroupResources.outputs.keyVaultEncryptionKeyName cMKKeyVaultResourceId: resourceGroupResources.outputs.keyVaultResourceId cMKUserAssignedIdentityResourceId: resourceGroupResources.outputs.managedIdentityResourceId - publicNetworkAccess: 'Enabled' userAssignedIdentities: { '${resourceGroupResources.outputs.managedIdentityResourceId}': {} } diff --git a/modules/Microsoft.Automation/automationAccounts/readme.md b/modules/Microsoft.Automation/automationAccounts/readme.md index 40cea276c4..1c3d4e33cd 100644 --- a/modules/Microsoft.Automation/automationAccounts/readme.md +++ b/modules/Microsoft.Automation/automationAccounts/readme.md @@ -793,7 +793,6 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice cMKKeyName: '' cMKKeyVaultResourceId: '' cMKUserAssignedIdentityResourceId: '' - publicNetworkAccess: 'Enabled' userAssignedIdentities: { '': {} } @@ -827,9 +826,6 @@ module automationAccounts './Microsoft.Automation/automationAccounts/deploy.bice "cMKUserAssignedIdentityResourceId": { "value": "" }, - "publicNetworkAccess": { - "value": "Enabled" - }, "userAssignedIdentities": { "value": { "": {}