From b0854059b12fa606739e8fae1186d8e4fe18afcd Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 2 Sep 2022 15:24:36 +0200 Subject: [PATCH 01/34] Initial setup --- .../ms.compute.virtualmachinescalesets.yml | 3 +- .../.test/linux.min.parameters.json | 63 ------ .../.test/linux.min/dependencies.bicep | 67 +++++++ .../.test/linux.min/deploy.test.bicep | 63 ++++++ .../.test/linux.parameters.json | 189 ------------------ .../.test/linux/dependencies.bicep | 67 +++++++ .../.test/linux/deploy.test.bicep | 63 ++++++ .../.test/windows.min.parameters.json | 65 ------ .../.test/windows.min/dependencies.bicep | 67 +++++++ .../.test/windows.min/deploy.test.bicep | 63 ++++++ .../.test/windows.parameters.json | 188 ----------------- .../.test/windows/dependencies.bicep | 67 +++++++ .../.test/windows/deploy.test.bicep | 63 ++++++ 13 files changed, 521 insertions(+), 507 deletions(-) delete mode 100644 modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min.parameters.json create mode 100644 modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep create mode 100644 modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep delete mode 100644 modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.parameters.json create mode 100644 modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep create mode 100644 modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep delete mode 100644 modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min.parameters.json create mode 100644 modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep create mode 100644 modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep delete mode 100644 modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.parameters.json create mode 100644 modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep create mode 100644 modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep diff --git a/.github/workflows/ms.compute.virtualmachinescalesets.yml b/.github/workflows/ms.compute.virtualmachinescalesets.yml index eb511814bc..41d83e3d84 100644 --- a/.github/workflows/ms.compute.virtualmachinescalesets.yml +++ b/.github/workflows/ms.compute.virtualmachinescalesets.yml @@ -106,8 +106,7 @@ jobs: - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]' uses: ./.github/actions/templates/validateModuleDeployment with: - templateFilePath: '${{ env.modulePath }}/deploy.bicep' - parameterFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}' + templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}' location: '${{ env.location }}' resourceGroupName: '${{ env.resourceGroupName }}' subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}' diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min.parameters.json b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min.parameters.json deleted file mode 100644 index a160f36fb7..0000000000 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min.parameters.json +++ /dev/null @@ -1,63 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-scaleset-linux-min-001" - }, - "osDisk": { - "value": { - "createOption": "fromImage", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - } - }, - "osType": { - "value": "Linux" - }, - "skuName": { - "value": "Standard_B12ms" - }, - "imageReference": { - "value": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "18.04-LTS", - "version": "latest" - } - }, - "adminUsername": { - "value": "scaleSetAdmin" - }, - "disablePasswordAuthentication": { - "value": true - }, - "publicKeys": { - "value": [ - { - "path": "/home/scaleSetAdmin/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure" - } - ] - }, - "nicConfigurations": { - "value": [ - { - "nicSuffix": "-nic01", - "ipConfigurations": [ - { - "name": "ipconfig1", - "properties": { - "subnet": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" - } - } - } - ] - } - ] - } - } -} diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep new file mode 100644 index 0000000000..e92ed25f3d --- /dev/null +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -0,0 +1,67 @@ +@description('Optional. The location to deploy to') +param location string = resourceGroup().location + +@description('Required. The name of the Virtual Network to create') +param virtualNetworkName string + +@description('Required. The name of the Key Vault to create.') +param keyVaultName string + +@description('Required. The name of the Managed Identity to create.') +param managedIdentityName string + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/24' + ] + } + subnets: [ + { + name: 'defaultSubnet' + properties: { + addressPrefix: '10.0.0.0/24' + } + } + ] + } +} + +resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = { + name: keyVaultName + location: location + properties: { + sku: { + family: 'A' + name: 'standard' + } + tenantId: tenant().tenantId + enablePurgeProtection: null + enabledForTemplateDeployment: true + enabledForDiskEncryption: true + enabledForDeployment: true + enableRbacAuthorization: true + accessPolicies: [] + } +} + +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { + name: managedIdentityName + location: location +} + +@description('The resource ID of the created Virtual Network Subnet.') +output subnetResourceId string = virtualNetwork.properties.subnets[0].id + +@description('The resource ID of the created Key Vault.') +output keyVaultResourceId string = keyVault.id + +@description('The URL of the created Key Vault.') +output keyVaultUrl string = keyVault.properties.vaultUri + +@description('The principal ID of the created Managed Identity.') +output managedIdentityPrincipalId string = managedIdentity.properties.principalId + diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep new file mode 100644 index 0000000000..81d26fca23 --- /dev/null +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep @@ -0,0 +1,63 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for a testing purposes') +@maxLength(90) +param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') +param serviceShort string = '...' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +module resourceGroupResources 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-paramNested' + params: { + virtualNetworkName: 'dep-<>-vnet-${serviceShort}' + keyVaultName: 'dep-<>-kv-${serviceShort}' + managedIdentityName: 'dep-<>-msi-${serviceShort}' + } +} + +// Diagnostics +// =========== +module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnostic.dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-diagnosticDependencies' + params: { + storageAccountName: 'dep<>diasa${serviceShort}01' + logAnalyticsWorkspaceName: 'dep-<>-law-${serviceShort}' + eventHubNamespaceEventHubName: 'dep-<>-evh-${serviceShort}' + eventHubNamespaceName: 'dep-<>-evhns-${serviceShort}' + location: location + } +} + +// ============== // +// Test Execution // +// ============== // + +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + name: '<>${serviceShort}001' + } +} + + diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.parameters.json b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.parameters.json deleted file mode 100644 index ca6b1b3704..0000000000 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.parameters.json +++ /dev/null @@ -1,189 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-scaleset-linux-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "vmNamePrefix": { - "value": "vmsslinvm" - }, - "skuName": { - "value": "Standard_B12ms" - }, - "skuCapacity": { - "value": 1 - }, - "upgradePolicyMode": { - "value": "Manual" - }, - "vmPriority": { - "value": "Regular" - }, - "osDisk": { - "value": { - "createOption": "fromImage", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - } - }, - "availabilityZones": { - "value": [ - "2" - ] - }, - "scaleSetFaultDomain": { - "value": 1 - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "bootDiagnosticStorageAccountName": { - "value": "adp<>azsax001" - }, - "osType": { - "value": "Linux" - }, - "encryptionAtHost": { - "value": false - }, - "imageReference": { - "value": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "18.04-LTS", - "version": "latest" - } - }, - "adminUsername": { - "value": "scaleSetAdmin" - }, - "disablePasswordAuthentication": { - "value": true - }, - "publicKeys": { - "value": [ - { - "path": "/home/scaleSetAdmin/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure" - } - ] - }, - "dataDisks": { - "value": [ - { - "caching": "ReadOnly", - "createOption": "Empty", - "diskSizeGB": "256", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - }, - { - "caching": "ReadOnly", - "createOption": "Empty", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - } - ] - }, - "nicConfigurations": { - "value": [ - { - "nicSuffix": "-nic01", - "ipConfigurations": [ - { - "name": "ipconfig1", - "properties": { - "subnet": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" - } - } - } - ] - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "extensionMonitoringAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionDependencyAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionNetworkWatcherAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionDiskEncryptionConfig": { - "value": { - "enabled": true, - "settings": { - "EncryptionOperation": "EnableEncryption", - "KeyVaultURL": "https://adp-<>-az-kv-x-001.vault.azure.net/", - "KeyVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", - "KeyEncryptionKeyURL": "https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5", // ID must be updated for new keys - "KekVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", - "KeyEncryptionAlgorithm": "RSA-OAEP", - "VolumeType": "All", - "ResizeOSDisk": "false" - } - } - }, - "extensionCustomScriptConfig": { - "value": { - "enabled": true, - "fileData": [ - { - "uri": "https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1", - "storageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - } - ], - "protectedSettings": { - "commandToExecute": "sudo apt-get update" - } - } - } - } -} diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep new file mode 100644 index 0000000000..e92ed25f3d --- /dev/null +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep @@ -0,0 +1,67 @@ +@description('Optional. The location to deploy to') +param location string = resourceGroup().location + +@description('Required. The name of the Virtual Network to create') +param virtualNetworkName string + +@description('Required. The name of the Key Vault to create.') +param keyVaultName string + +@description('Required. The name of the Managed Identity to create.') +param managedIdentityName string + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/24' + ] + } + subnets: [ + { + name: 'defaultSubnet' + properties: { + addressPrefix: '10.0.0.0/24' + } + } + ] + } +} + +resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = { + name: keyVaultName + location: location + properties: { + sku: { + family: 'A' + name: 'standard' + } + tenantId: tenant().tenantId + enablePurgeProtection: null + enabledForTemplateDeployment: true + enabledForDiskEncryption: true + enabledForDeployment: true + enableRbacAuthorization: true + accessPolicies: [] + } +} + +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { + name: managedIdentityName + location: location +} + +@description('The resource ID of the created Virtual Network Subnet.') +output subnetResourceId string = virtualNetwork.properties.subnets[0].id + +@description('The resource ID of the created Key Vault.') +output keyVaultResourceId string = keyVault.id + +@description('The URL of the created Key Vault.') +output keyVaultUrl string = keyVault.properties.vaultUri + +@description('The principal ID of the created Managed Identity.') +output managedIdentityPrincipalId string = managedIdentity.properties.principalId + diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep new file mode 100644 index 0000000000..81d26fca23 --- /dev/null +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep @@ -0,0 +1,63 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for a testing purposes') +@maxLength(90) +param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') +param serviceShort string = '...' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +module resourceGroupResources 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-paramNested' + params: { + virtualNetworkName: 'dep-<>-vnet-${serviceShort}' + keyVaultName: 'dep-<>-kv-${serviceShort}' + managedIdentityName: 'dep-<>-msi-${serviceShort}' + } +} + +// Diagnostics +// =========== +module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnostic.dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-diagnosticDependencies' + params: { + storageAccountName: 'dep<>diasa${serviceShort}01' + logAnalyticsWorkspaceName: 'dep-<>-law-${serviceShort}' + eventHubNamespaceEventHubName: 'dep-<>-evh-${serviceShort}' + eventHubNamespaceName: 'dep-<>-evhns-${serviceShort}' + location: location + } +} + +// ============== // +// Test Execution // +// ============== // + +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + name: '<>${serviceShort}001' + } +} + + diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min.parameters.json b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min.parameters.json deleted file mode 100644 index cb84878c09..0000000000 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min.parameters.json +++ /dev/null @@ -1,65 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-scaleset-win-min-001" - }, - "skuName": { - "value": "Standard_B12ms" - }, - "osDisk": { - "value": { - "createOption": "fromImage", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - } - }, - "osType": { - "value": "Windows" - }, - "imageReference": { - "value": { - "publisher": "MicrosoftWindowsServer", - "offer": "WindowsServer", - "sku": "2016-Datacenter", - "version": "latest" - } - }, - "adminUsername": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "adminUsername" - } - }, - "adminPassword": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "adminPassword" - } - }, - "nicConfigurations": { - "value": [ - { - "nicSuffix": "-nic01", - "ipConfigurations": [ - { - "name": "ipconfig1", - "properties": { - "subnet": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" - } - } - } - ] - } - ] - } - } -} diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep new file mode 100644 index 0000000000..e92ed25f3d --- /dev/null +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep @@ -0,0 +1,67 @@ +@description('Optional. The location to deploy to') +param location string = resourceGroup().location + +@description('Required. The name of the Virtual Network to create') +param virtualNetworkName string + +@description('Required. The name of the Key Vault to create.') +param keyVaultName string + +@description('Required. The name of the Managed Identity to create.') +param managedIdentityName string + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/24' + ] + } + subnets: [ + { + name: 'defaultSubnet' + properties: { + addressPrefix: '10.0.0.0/24' + } + } + ] + } +} + +resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = { + name: keyVaultName + location: location + properties: { + sku: { + family: 'A' + name: 'standard' + } + tenantId: tenant().tenantId + enablePurgeProtection: null + enabledForTemplateDeployment: true + enabledForDiskEncryption: true + enabledForDeployment: true + enableRbacAuthorization: true + accessPolicies: [] + } +} + +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { + name: managedIdentityName + location: location +} + +@description('The resource ID of the created Virtual Network Subnet.') +output subnetResourceId string = virtualNetwork.properties.subnets[0].id + +@description('The resource ID of the created Key Vault.') +output keyVaultResourceId string = keyVault.id + +@description('The URL of the created Key Vault.') +output keyVaultUrl string = keyVault.properties.vaultUri + +@description('The principal ID of the created Managed Identity.') +output managedIdentityPrincipalId string = managedIdentity.properties.principalId + diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep new file mode 100644 index 0000000000..81d26fca23 --- /dev/null +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep @@ -0,0 +1,63 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for a testing purposes') +@maxLength(90) +param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') +param serviceShort string = '...' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +module resourceGroupResources 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-paramNested' + params: { + virtualNetworkName: 'dep-<>-vnet-${serviceShort}' + keyVaultName: 'dep-<>-kv-${serviceShort}' + managedIdentityName: 'dep-<>-msi-${serviceShort}' + } +} + +// Diagnostics +// =========== +module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnostic.dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-diagnosticDependencies' + params: { + storageAccountName: 'dep<>diasa${serviceShort}01' + logAnalyticsWorkspaceName: 'dep-<>-law-${serviceShort}' + eventHubNamespaceEventHubName: 'dep-<>-evh-${serviceShort}' + eventHubNamespaceName: 'dep-<>-evhns-${serviceShort}' + location: location + } +} + +// ============== // +// Test Execution // +// ============== // + +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + name: '<>${serviceShort}001' + } +} + + diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.parameters.json b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.parameters.json deleted file mode 100644 index 28cb36aa8c..0000000000 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.parameters.json +++ /dev/null @@ -1,188 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-scaleset-win-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "vmNamePrefix": { - "value": "vmsswinvm" - }, - "skuName": { - "value": "Standard_B12ms" - }, - "skuCapacity": { - "value": 1 - }, - "upgradePolicyMode": { - "value": "Manual" - }, - "vmPriority": { - "value": "Regular" - }, - "systemAssignedIdentity": { - "value": true - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - }, - "osDisk": { - "value": { - "createOption": "fromImage", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - } - }, - "osType": { - "value": "Windows" - }, - "encryptionAtHost": { - "value": false - }, - "imageReference": { - "value": { - "publisher": "MicrosoftWindowsServer", - "offer": "WindowsServer", - "sku": "2016-Datacenter", - "version": "latest" - } - }, - "adminUsername": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "adminUsername" - } - }, - "adminPassword": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "adminPassword" - } - }, - "nicConfigurations": { - "value": [ - { - "nicSuffix": "-nic01", - "ipConfigurations": [ - { - "name": "ipconfig1", - "properties": { - "subnet": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" - } - } - } - ] - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "proximityPlacementGroupResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/proximityPlacementGroups/adp-<>-az-ppg-vmss-001" - }, - "extensionAntiMalwareConfig": { - "value": { - "enabled": true, - "settings": { - "AntimalwareEnabled": true, - "Exclusions": { - "Extensions": ".log;.ldf", - "Paths": "D:\\IISlogs;D:\\DatabaseLogs", - "Processes": "mssence.svc" - }, - "RealtimeProtectionEnabled": true, - "ScheduledScanSettings": { - "isEnabled": "true", - "scanType": "Quick", - "day": "7", - "time": "120" - } - } - } - }, - "extensionMonitoringAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionDependencyAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionNetworkWatcherAgentConfig": { - "value": { - "enabled": true - } - }, - "extensionDiskEncryptionConfig": { - "value": { - "enabled": true, - "settings": { - "EncryptionOperation": "EnableEncryption", - "KeyVaultURL": "https://adp-<>-az-kv-x-001.vault.azure.net/", - "KeyVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", - "KeyEncryptionKeyURL": "https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5", // ID must be updated for new keys - "KekVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", - "KeyEncryptionAlgorithm": "RSA-OAEP", - "VolumeType": "All", - "ResizeOSDisk": "false" - } - } - }, - "extensionDSCConfig": { - "value": { - "enabled": true - } - }, - "extensionCustomScriptConfig": { - "value": { - "enabled": true, - "fileData": [ - { - "uri": "https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1", - "storageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - } - ], - "protectedSettings": { - "commandToExecute": "powershell -ExecutionPolicy Unrestricted -Command \"& .\\scriptExtensionMasterInstaller.ps1\"" - } - } - } - } -} diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep new file mode 100644 index 0000000000..e92ed25f3d --- /dev/null +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep @@ -0,0 +1,67 @@ +@description('Optional. The location to deploy to') +param location string = resourceGroup().location + +@description('Required. The name of the Virtual Network to create') +param virtualNetworkName string + +@description('Required. The name of the Key Vault to create.') +param keyVaultName string + +@description('Required. The name of the Managed Identity to create.') +param managedIdentityName string + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/24' + ] + } + subnets: [ + { + name: 'defaultSubnet' + properties: { + addressPrefix: '10.0.0.0/24' + } + } + ] + } +} + +resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = { + name: keyVaultName + location: location + properties: { + sku: { + family: 'A' + name: 'standard' + } + tenantId: tenant().tenantId + enablePurgeProtection: null + enabledForTemplateDeployment: true + enabledForDiskEncryption: true + enabledForDeployment: true + enableRbacAuthorization: true + accessPolicies: [] + } +} + +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { + name: managedIdentityName + location: location +} + +@description('The resource ID of the created Virtual Network Subnet.') +output subnetResourceId string = virtualNetwork.properties.subnets[0].id + +@description('The resource ID of the created Key Vault.') +output keyVaultResourceId string = keyVault.id + +@description('The URL of the created Key Vault.') +output keyVaultUrl string = keyVault.properties.vaultUri + +@description('The principal ID of the created Managed Identity.') +output managedIdentityPrincipalId string = managedIdentity.properties.principalId + diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep new file mode 100644 index 0000000000..81d26fca23 --- /dev/null +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep @@ -0,0 +1,63 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for a testing purposes') +@maxLength(90) +param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') +param serviceShort string = '...' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +module resourceGroupResources 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-paramNested' + params: { + virtualNetworkName: 'dep-<>-vnet-${serviceShort}' + keyVaultName: 'dep-<>-kv-${serviceShort}' + managedIdentityName: 'dep-<>-msi-${serviceShort}' + } +} + +// Diagnostics +// =========== +module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnostic.dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-diagnosticDependencies' + params: { + storageAccountName: 'dep<>diasa${serviceShort}01' + logAnalyticsWorkspaceName: 'dep-<>-law-${serviceShort}' + eventHubNamespaceEventHubName: 'dep-<>-evh-${serviceShort}' + eventHubNamespaceName: 'dep-<>-evhns-${serviceShort}' + location: location + } +} + +// ============== // +// Test Execution // +// ============== // + +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + name: '<>${serviceShort}001' + } +} + + From f63a49678fb0d515ee991193da66c0e95647d017 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 2 Sep 2022 15:34:39 +0200 Subject: [PATCH 02/34] Update to latest --- .../.test/.scripts/New-SSHKey.ps1 | 19 ++ .../.test/.scripts/Set-BlobContent.ps1 | 15 ++ .../.test/linux.min/dependencies.bicep | 52 ++++- .../.test/linux/dependencies.bicep | 213 +++++++++++++++++- .../.test/windows/dependencies.bicep | 77 ++++++- 5 files changed, 372 insertions(+), 4 deletions(-) create mode 100644 modules/Microsoft.Compute/virtualMachineScaleSets/.test/.scripts/New-SSHKey.ps1 create mode 100644 modules/Microsoft.Compute/virtualMachineScaleSets/.test/.scripts/Set-BlobContent.ps1 diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/.scripts/New-SSHKey.ps1 b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/.scripts/New-SSHKey.ps1 new file mode 100644 index 0000000000..44808c3ae4 --- /dev/null +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/.scripts/New-SSHKey.ps1 @@ -0,0 +1,19 @@ +param( + [string] $SSHKeyName, + [string] $ResourceGroupName +) + +if (-not ($sshKey = Get-AzSshKey -ResourceGroupName $ResourceGroupName | Where-Object { $_.Name -eq $SSHKeyName })) { + Write-Verbose "No SSH key [$SSHKeyName] found in Resource Group [$ResourceGroupName]. Generating new." -Verbose + $null = ssh-keygen -f generated -N (Get-Random -Maximum 99999) + $publicKey = Get-Content 'generated.pub' -Raw + # $privateKey = cat generated | Out-String +} else { + Write-Verbose "SSH key [$SSHKeyName] found in Resource Group [$ResourceGroupName]. Returning." -Verbose + $publicKey = $sshKey.publicKey +} +# Write into Deployment Script output stream +$DeploymentScriptOutputs = @{ + # Requires conversion as the script otherwise returns an object instead of the plain public key string + publicKey = ($publicKey | ConvertTo-Json | ConvertFrom-Json).Value +} diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/.scripts/Set-BlobContent.ps1 b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/.scripts/Set-BlobContent.ps1 new file mode 100644 index 0000000000..06617105f7 --- /dev/null +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/.scripts/Set-BlobContent.ps1 @@ -0,0 +1,15 @@ +param( + [string] $StorageAccountName, + [string] $ResourceGroupName, + [string] $ContainerName, + [string] $FileName +) + +Write-Verbose "Create file [$FileName]" -Verbose +$file = New-Item -Value "Write-Host 'I am content'" -Path $FileName -Force + +Write-Verbose "Getting storage account [$StorageAccountName|$ResourceGroupName] context." -Verbose +$storageAccount = Get-AzStorageAccount -ResourceGroupName $ResourceGroupName -StorageAccountName $StorageAccountName -ErrorAction 'Stop' + +Write-Verbose 'Uploading file [$fileName]' -Verbose +Set-AzStorageBlobContent -File $file.FullName -Container $ContainerName -Context $storageAccount.Context -Force -ErrorAction 'Stop' | Out-Null diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep index e92ed25f3d..29e6c838ed 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -10,13 +10,19 @@ param keyVaultName string @description('Required. The name of the Managed Identity to create.') param managedIdentityName string +@description('Required. The name of the Deployment Script to create for the SSH Key generation.') +param sshDeploymentScriptName string + +@description('Required. The name of the SSH Key to create.') +param sshKeyName string + resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { name: virtualNetworkName location: location properties: { addressSpace: { addressPrefixes: [ - '10.0.0.0/24' + '10.0.0.0/24' ] } subnets: [ @@ -53,6 +59,45 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- location: location } +resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { + name: guid('msi-${managedIdentityName}-RG-Reader-RoleAssignment') + scope: resourceGroup() + properties: { + principalId: managedIdentity.properties.principalId + roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c') // Contributor + principalType: 'ServicePrincipal' + } +} + +resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { + name: sshDeploymentScriptName + location: location + kind: 'AzurePowerShell' + identity: { + type: 'UserAssigned' + userAssignedIdentities: { + '${managedIdentity.id}': {} + } + } + properties: { + azPowerShellVersion: '6.2.1' + retentionInterval: 'P1D' + arguments: ' -SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' + scriptContent: loadTextContent('../.scripts/New-SSHKey.ps1') + } + dependsOn: [ + msiRGContrRoleAssignment + ] +} + +resource sshKey 'Microsoft.Compute/sshPublicKeys@2022-03-01' = { + name: sshKeyName + location: location + properties: { + publicKey: sshDeploymentScript.properties.outputs.publicKey + } +} + @description('The resource ID of the created Virtual Network Subnet.') output subnetResourceId string = virtualNetwork.properties.subnets[0].id @@ -65,3 +110,8 @@ output keyVaultUrl string = keyVault.properties.vaultUri @description('The principal ID of the created Managed Identity.') output managedIdentityPrincipalId string = managedIdentity.properties.principalId +@description('The resource ID of the created SSH Key') +output SSHKeyResourceID string = sshKey.id + +@description('The Public Key of the created SSH Key') +output SSHKey string = sshKey.properties.publicKey diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep index e92ed25f3d..1a8a532691 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep @@ -4,19 +4,38 @@ param location string = resourceGroup().location @description('Required. The name of the Virtual Network to create') param virtualNetworkName string +@description('Required. The name of the Recovery Services Vault to create.') +param recoveryServicesVaultName string + @description('Required. The name of the Key Vault to create.') param keyVaultName string +@description('Required. The name of the Storage Account to create.') +param storageAccountName string + +@description('Required. The name of the Deployment Script used to upload data to the Storage Account.') +param storageUploadDeploymentScriptName string + @description('Required. The name of the Managed Identity to create.') param managedIdentityName string +@description('Required. The name of the Deployment Script to create for the SSH Key generation.') +param sshDeploymentScriptName string + +@description('Required. The name of the SSH Key to create.') +param sshKeyName string + +var storageContainerName = 'scripts' +var storageAccountCSEFileName = 'scriptExtensionMasterInstaller.ps1' +var backupPolicyName = 'backupPolicy' + resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { name: virtualNetworkName location: location properties: { addressSpace: { addressPrefixes: [ - '10.0.0.0/24' + '10.0.0.0/24' ] } subnets: [ @@ -30,6 +49,99 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { } } +resource recoveryServicesVault 'Microsoft.RecoveryServices/vaults@2022-04-01' = { + name: recoveryServicesVaultName + location: location + sku: { + name: 'RS0' + tier: 'Standard' + } + properties: { + } + + resource backupPolicy 'backupPolicies@2022-03-01' = { + name: backupPolicyName + properties: { + backupManagementType: 'AzureIaasVM' + instantRPDetails: {} + schedulePolicy: { + schedulePolicyType: 'SimpleSchedulePolicy' + scheduleRunFrequency: 'Daily' + scheduleRunTimes: [ + '2019-11-07T07:00:00Z' + ] + scheduleWeeklyFrequency: 0 + } + retentionPolicy: { + retentionPolicyType: 'LongTermRetentionPolicy' + dailySchedule: { + retentionTimes: [ + '2019-11-07T07:00:00Z' + ] + retentionDuration: { + count: 180 + durationType: 'Days' + } + } + weeklySchedule: { + daysOfTheWeek: [ + 'Sunday' + ] + retentionTimes: [ + '2019-11-07T07:00:00Z' + ] + retentionDuration: { + count: 12 + durationType: 'Weeks' + } + } + monthlySchedule: { + retentionScheduleFormatType: 'Weekly' + retentionScheduleWeekly: { + daysOfTheWeek: [ + 'Sunday' + ] + weeksOfTheMonth: [ + 'First' + ] + } + retentionTimes: [ + '2019-11-07T07:00:00Z' + ] + retentionDuration: { + count: 60 + durationType: 'Months' + } + } + yearlySchedule: { + retentionScheduleFormatType: 'Weekly' + monthsOfYear: [ + 'January' + ] + retentionScheduleWeekly: { + daysOfTheWeek: [ + 'Sunday' + ] + weeksOfTheMonth: [ + 'First' + ] + } + retentionTimes: [ + '2019-11-07T07:00:00Z' + ] + retentionDuration: { + count: 10 + durationType: 'Years' + } + } + } + instantRpRetentionRangeInDays: 2 + timeZone: 'UTC' + protectedItemsCount: 0 + } + } +} + resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = { name: keyVaultName location: location @@ -46,6 +158,13 @@ resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = { enableRbacAuthorization: true accessPolicies: [] } + + resource key 'keys@2022-07-01' = { + name: 'encryptionKey' + properties: { + kty: 'RSA' + } + } } resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { @@ -53,6 +172,93 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- location: location } +resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { + name: guid('msi-${managedIdentityName}-RG-Reader-RoleAssignment') + scope: resourceGroup() + properties: { + principalId: managedIdentity.properties.principalId + roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c') // Contributor + principalType: 'ServicePrincipal' + } +} + +resource msiKVCryptoUserRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { + name: guid('msi-${managedIdentityName}-KeyVault-Key-Read-RoleAssignment') + scope: keyVault::key + properties: { + principalId: managedIdentity.properties.principalId + roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424') // Key Vault Crypto User + principalType: 'ServicePrincipal' + } +} + +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: storageAccountName + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + + resource blobService 'blobServices@2021-09-01' = { + name: 'default' + + resource container 'containers@2021-09-01' = { + name: storageContainerName + } + } +} + +resource storageUpload 'Microsoft.Resources/deploymentScripts@2020-10-01' = { + name: storageUploadDeploymentScriptName + location: location + kind: 'AzurePowerShell' + identity: { + type: 'UserAssigned' + userAssignedIdentities: { + '${managedIdentity.id}': {} + } + } + properties: { + azPowerShellVersion: '3.0' + retentionInterval: 'P1D' + arguments: ' -StorageAccountName "${storageAccount.name}" -ResourceGroupName "${resourceGroup().name}" -ContainerName "${storageAccount::blobService::container.name}" -FileName "${storageAccountCSEFileName}"' + scriptContent: loadTextContent('../.scripts/Set-BlobContent.ps1') + } + dependsOn: [ + msiRGContrRoleAssignment + ] +} + +resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { + name: sshDeploymentScriptName + location: location + kind: 'AzurePowerShell' + identity: { + type: 'UserAssigned' + userAssignedIdentities: { + '${managedIdentity.id}': {} + } + } + properties: { + azPowerShellVersion: '6.2.1' + retentionInterval: 'P1D' + arguments: ' -SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' + scriptContent: loadTextContent('../.scripts/New-SSHKey.ps1') + } + dependsOn: [ + msiRGContrRoleAssignment + ] +} + +resource sshKey 'Microsoft.Compute/sshPublicKeys@2022-03-01' = { + name: sshKeyName + location: location + properties: { + publicKey: sshDeploymentScript.properties.outputs.publicKey + } +} + @description('The resource ID of the created Virtual Network Subnet.') output subnetResourceId string = virtualNetwork.properties.subnets[0].id @@ -65,3 +271,8 @@ output keyVaultUrl string = keyVault.properties.vaultUri @description('The principal ID of the created Managed Identity.') output managedIdentityPrincipalId string = managedIdentity.properties.principalId +@description('The resource ID of the created SSH Key') +output SSHKeyResourceID string = sshKey.id + +@description('The Public Key of the created SSH Key') +output SSHKey string = sshKey.properties.publicKey diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep index e92ed25f3d..593953ae9f 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep @@ -4,9 +4,18 @@ param location string = resourceGroup().location @description('Required. The name of the Virtual Network to create') param virtualNetworkName string +@description('Required. The name of the Recovery Services Vault to create.') +param recoveryServicesVaultName string + @description('Required. The name of the Key Vault to create.') param keyVaultName string +@description('Required. The name of the Storage Account to create.') +param storageAccountName string + +@description('Required. The name of the Deployment Script used to upload data to the Storage Account.') +param storageUploadDeploymentScriptName string + @description('Required. The name of the Managed Identity to create.') param managedIdentityName string @@ -16,7 +25,7 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { properties: { addressSpace: { addressPrefixes: [ - '10.0.0.0/24' + '10.0.0.0/24' ] } subnets: [ @@ -46,6 +55,13 @@ resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = { enableRbacAuthorization: true accessPolicies: [] } + + resource key 'keys@2022-07-01' = { + name: 'encryptionKey' + properties: { + kty: 'RSA' + } + } } resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { @@ -53,6 +69,64 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- location: location } +resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { + name: guid('msi-${managedIdentityName}-RG-Reader-RoleAssignment') + scope: resourceGroup() + properties: { + principalId: managedIdentity.properties.principalId + roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c') // Contributor + principalType: 'ServicePrincipal' + } +} + +resource msiKVCryptoUserRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { + name: guid('msi-${managedIdentityName}-KeyVault-Key-Read-RoleAssignment') + scope: keyVault::key + properties: { + principalId: managedIdentity.properties.principalId + roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424') // Key Vault Crypto User + principalType: 'ServicePrincipal' + } +} + +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: storageAccountName + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + + resource blobService 'blobServices@2021-09-01' = { + name: 'default' + + resource container 'containers@2021-09-01' = { + name: storageContainerName + } + } +} + +resource storageUpload 'Microsoft.Resources/deploymentScripts@2020-10-01' = { + name: storageUploadDeploymentScriptName + location: location + kind: 'AzurePowerShell' + identity: { + type: 'UserAssigned' + userAssignedIdentities: { + '${managedIdentity.id}': {} + } + } + properties: { + azPowerShellVersion: '3.0' + retentionInterval: 'P1D' + arguments: ' -StorageAccountName "${storageAccount.name}" -ResourceGroupName "${resourceGroup().name}" -ContainerName "${storageAccount::blobService::container.name}" -FileName "${storageAccountCSEFileName}"' + scriptContent: loadTextContent('../.scripts/Set-BlobContent.ps1') + } + dependsOn: [ + msiRGContrRoleAssignment + ] +} + @description('The resource ID of the created Virtual Network Subnet.') output subnetResourceId string = virtualNetwork.properties.subnets[0].id @@ -64,4 +138,3 @@ output keyVaultUrl string = keyVault.properties.vaultUri @description('The principal ID of the created Managed Identity.') output managedIdentityPrincipalId string = managedIdentity.properties.principalId - From ea358f0d5c520694ed974155e3190f20edb202c1 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 2 Sep 2022 16:05:59 +0200 Subject: [PATCH 03/34] Regenerated docs & expanded error output --- .../.test/linux.min/dependencies.bicep | 27 - .../.test/linux.min/deploy.test.bicep | 59 ++- .../.test/linux/dependencies.bicep | 113 +---- .../.test/linux/deploy.test.bicep | 129 ++++- .../.test/windows.min/dependencies.bicep | 41 +- .../.test/windows.min/deploy.test.bicep | 56 +- .../.test/windows/dependencies.bicep | 33 +- .../.test/windows/deploy.test.bicep | 124 ++++- .../virtualMachineScaleSets/readme.md | 478 ++++++++---------- utilities/tools/Set-ModuleReadMe.ps1 | 33 +- 10 files changed, 619 insertions(+), 474 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep index 29e6c838ed..ebdd1cca32 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -4,9 +4,6 @@ param location string = resourceGroup().location @description('Required. The name of the Virtual Network to create') param virtualNetworkName string -@description('Required. The name of the Key Vault to create.') -param keyVaultName string - @description('Required. The name of the Managed Identity to create.') param managedIdentityName string @@ -36,24 +33,6 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { } } -resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = { - name: keyVaultName - location: location - properties: { - sku: { - family: 'A' - name: 'standard' - } - tenantId: tenant().tenantId - enablePurgeProtection: null - enabledForTemplateDeployment: true - enabledForDiskEncryption: true - enabledForDeployment: true - enableRbacAuthorization: true - accessPolicies: [] - } -} - resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { name: managedIdentityName location: location @@ -101,12 +80,6 @@ resource sshKey 'Microsoft.Compute/sshPublicKeys@2022-03-01' = { @description('The resource ID of the created Virtual Network Subnet.') output subnetResourceId string = virtualNetwork.properties.subnets[0].id -@description('The resource ID of the created Key Vault.') -output keyVaultResourceId string = keyVault.id - -@description('The URL of the created Key Vault.') -output keyVaultUrl string = keyVault.properties.vaultUri - @description('The principal ID of the created Managed Identity.') output managedIdentityPrincipalId string = managedIdentity.properties.principalId diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep index 81d26fca23..a4cebe7f32 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep @@ -11,7 +11,7 @@ param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceSh param location string = deployment().location @description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') -param serviceShort string = '...' +param serviceShort string = 'cvmsslinmin' // =========== // // Deployments // @@ -29,22 +29,9 @@ module resourceGroupResources 'dependencies.bicep' = { name: '${uniqueString(deployment().name, location)}-paramNested' params: { virtualNetworkName: 'dep-<>-vnet-${serviceShort}' - keyVaultName: 'dep-<>-kv-${serviceShort}' managedIdentityName: 'dep-<>-msi-${serviceShort}' - } -} - -// Diagnostics -// =========== -module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnostic.dependencies.bicep' = { - scope: resourceGroup - name: '${uniqueString(deployment().name, location)}-diagnosticDependencies' - params: { - storageAccountName: 'dep<>diasa${serviceShort}01' - logAnalyticsWorkspaceName: 'dep-<>-law-${serviceShort}' - eventHubNamespaceEventHubName: 'dep-<>-evh-${serviceShort}' - eventHubNamespaceName: 'dep-<>-evhns-${serviceShort}' - location: location + sshDeploymentScriptName: 'dep-<>-ds-${serviceShort}' + sshKeyName: 'dep-<>-ssh-${serviceShort}' } } @@ -57,7 +44,43 @@ module testDeployment '../../deploy.bicep' = { name: '${uniqueString(deployment().name)}-test-${serviceShort}' params: { name: '<>${serviceShort}001' + adminUsername: 'scaleSetAdmin' + imageReference: { + offer: 'UbuntuServer' + publisher: 'Canonical' + sku: '18.04-LTS' + version: 'latest' + } + osDisk: { + createOption: 'fromImage' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + osType: 'Linux' + skuName: 'Standard_B12ms' + disablePasswordAuthentication: true + nicConfigurations: [ + { + ipConfigurations: [ + { + name: 'ipconfig1' + properties: { + subnet: { + id: resourceGroupResources.outputs.subnetResourceId + } + } + } + ] + nicSuffix: '-nic01' + } + ] + publicKeys: [ + { + keyData: resourceGroupResources.outputs.SSHKey + path: '/home/scaleSetAdmin/.ssh/authorized_keys' + } + ] } } - - diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep index 1a8a532691..efb82b2cdc 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep @@ -4,9 +4,6 @@ param location string = resourceGroup().location @description('Required. The name of the Virtual Network to create') param virtualNetworkName string -@description('Required. The name of the Recovery Services Vault to create.') -param recoveryServicesVaultName string - @description('Required. The name of the Key Vault to create.') param keyVaultName string @@ -27,7 +24,6 @@ param sshKeyName string var storageContainerName = 'scripts' var storageAccountCSEFileName = 'scriptExtensionMasterInstaller.ps1' -var backupPolicyName = 'backupPolicy' resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { name: virtualNetworkName @@ -49,99 +45,6 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { } } -resource recoveryServicesVault 'Microsoft.RecoveryServices/vaults@2022-04-01' = { - name: recoveryServicesVaultName - location: location - sku: { - name: 'RS0' - tier: 'Standard' - } - properties: { - } - - resource backupPolicy 'backupPolicies@2022-03-01' = { - name: backupPolicyName - properties: { - backupManagementType: 'AzureIaasVM' - instantRPDetails: {} - schedulePolicy: { - schedulePolicyType: 'SimpleSchedulePolicy' - scheduleRunFrequency: 'Daily' - scheduleRunTimes: [ - '2019-11-07T07:00:00Z' - ] - scheduleWeeklyFrequency: 0 - } - retentionPolicy: { - retentionPolicyType: 'LongTermRetentionPolicy' - dailySchedule: { - retentionTimes: [ - '2019-11-07T07:00:00Z' - ] - retentionDuration: { - count: 180 - durationType: 'Days' - } - } - weeklySchedule: { - daysOfTheWeek: [ - 'Sunday' - ] - retentionTimes: [ - '2019-11-07T07:00:00Z' - ] - retentionDuration: { - count: 12 - durationType: 'Weeks' - } - } - monthlySchedule: { - retentionScheduleFormatType: 'Weekly' - retentionScheduleWeekly: { - daysOfTheWeek: [ - 'Sunday' - ] - weeksOfTheMonth: [ - 'First' - ] - } - retentionTimes: [ - '2019-11-07T07:00:00Z' - ] - retentionDuration: { - count: 60 - durationType: 'Months' - } - } - yearlySchedule: { - retentionScheduleFormatType: 'Weekly' - monthsOfYear: [ - 'January' - ] - retentionScheduleWeekly: { - daysOfTheWeek: [ - 'Sunday' - ] - weeksOfTheMonth: [ - 'First' - ] - } - retentionTimes: [ - '2019-11-07T07:00:00Z' - ] - retentionDuration: { - count: 10 - durationType: 'Years' - } - } - } - instantRpRetentionRangeInDays: 2 - timeZone: 'UTC' - protectedItemsCount: 0 - } - } -} - resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = { name: keyVaultName location: location @@ -262,14 +165,26 @@ resource sshKey 'Microsoft.Compute/sshPublicKeys@2022-03-01' = { @description('The resource ID of the created Virtual Network Subnet.') output subnetResourceId string = virtualNetwork.properties.subnets[0].id +@description('The principal ID of the created Managed Identity.') +output managedIdentityPrincipalId string = managedIdentity.properties.principalId + +@description('The resource ID of the created Managed Identity.') +output managedIdentityResourceId string = managedIdentity.id + @description('The resource ID of the created Key Vault.') output keyVaultResourceId string = keyVault.id @description('The URL of the created Key Vault.') output keyVaultUrl string = keyVault.properties.vaultUri -@description('The principal ID of the created Managed Identity.') -output managedIdentityPrincipalId string = managedIdentity.properties.principalId +@description('The URL of the created Key Vault Encryption Key.') +output keyVaultEncryptionKeyUrl string = keyVault::key.properties.keyUriWithVersion + +@description('The resource ID of the created Storage Account.') +output storageAccountResourceId string = storageAccount.id + +@description('The URL of the Custom Script Extension in the created Storage Account') +output storageAccountCSEFileUrl string = '${storageAccount.properties.primaryEndpoints.blob}${storageContainerName}/${storageAccountCSEFileName}' @description('The resource ID of the created SSH Key') output SSHKeyResourceID string = sshKey.id diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep index 81d26fca23..21e7470bcd 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep @@ -11,7 +11,7 @@ param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceSh param location string = deployment().location @description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') -param serviceShort string = '...' +param serviceShort string = 'cvmsslin' // =========== // // Deployments // @@ -29,8 +29,12 @@ module resourceGroupResources 'dependencies.bicep' = { name: '${uniqueString(deployment().name, location)}-paramNested' params: { virtualNetworkName: 'dep-<>-vnet-${serviceShort}' - keyVaultName: 'dep-<>-kv-${serviceShort}' managedIdentityName: 'dep-<>-msi-${serviceShort}' + keyVaultName: 'dep-<>-kv-${serviceShort}' + storageAccountName: 'dep<>sa${serviceShort}01' + storageUploadDeploymentScriptName: 'dep-<>-sads-${serviceShort}' + sshDeploymentScriptName: 'dep-<>-ds-${serviceShort}' + sshKeyName: 'dep-<>-ssh-${serviceShort}' } } @@ -57,7 +61,124 @@ module testDeployment '../../deploy.bicep' = { name: '${uniqueString(deployment().name)}-test-${serviceShort}' params: { name: '<>${serviceShort}001' + adminUsername: 'scaleSetAdmin' + imageReference: { + offer: 'UbuntuServer' + publisher: 'Canonical' + sku: '18.04-LTS' + version: 'latest' + } + osDisk: { + createOption: 'fromImage' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + osType: 'Linux' + skuName: 'Standard_B12ms' + // Non-required parameters + availabilityZones: [ + '2' + ] + bootDiagnosticStorageAccountName: diagnosticDependencies.outputs.storageAccountResourceId + dataDisks: [ + { + caching: 'ReadOnly' + createOption: 'Empty' + diskSizeGB: '256' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + { + caching: 'ReadOnly' + createOption: 'Empty' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + ] + diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId + diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId + diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId + diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName + diagnosticLogsRetentionInDays: 7 + disablePasswordAuthentication: true + encryptionAtHost: false + extensionCustomScriptConfig: { + enabled: true + fileData: [ + { + storageAccountId: resourceGroupResources.outputs.storageAccountResourceId + uri: resourceGroupResources.outputs.storageAccountCSEFileUrl + } + ] + protectedSettings: { + commandToExecute: 'sudo apt-get update' + } + } + extensionDependencyAgentConfig: { + enabled: true + } + extensionDiskEncryptionConfig: { + enabled: true + settings: { + EncryptionOperation: 'EnableEncryption' + KekVaultResourceId: resourceGroupResources.outputs.keyVaultResourceId + KeyEncryptionAlgorithm: 'RSA-OAEP' + KeyEncryptionKeyURL: resourceGroupResources.outputs.keyVaultEncryptionKeyUrl + KeyVaultResourceId: resourceGroupResources.outputs.keyVaultResourceId + KeyVaultURL: resourceGroupResources.outputs.keyVaultUrl + ResizeOSDisk: 'false' + VolumeType: 'All' + } + } + extensionMonitoringAgentConfig: { + enabled: true + } + extensionNetworkWatcherAgentConfig: { + enabled: true + } + lock: 'CanNotDelete' + nicConfigurations: [ + { + ipConfigurations: [ + { + name: 'ipconfig1' + properties: { + subnet: { + id: resourceGroupResources.outputs.subnetResourceId + } + } + } + ] + nicSuffix: '-nic01' + } + ] + publicKeys: [ + { + keyData: resourceGroupResources.outputs.SSHKey + path: '/home/scaleSetAdmin/.ssh/authorized_keys' + } + ] + roleAssignments: [ + { + principalIds: [ + resourceGroupResources.outputs.managedIdentityPrincipalId + ] + roleDefinitionIdOrName: 'Reader' + } + ] + scaleSetFaultDomain: 1 + skuCapacity: 1 + systemAssignedIdentity: true + upgradePolicyMode: 'Manual' + userAssignedIdentities: { + '${resourceGroupResources.outputs.managedIdentityResourceId}': {} + } + vmNamePrefix: 'vmsslinvm' + vmPriority: 'Regular' } } - - diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep index e92ed25f3d..e1e30c2e2a 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep @@ -4,19 +4,13 @@ param location string = resourceGroup().location @description('Required. The name of the Virtual Network to create') param virtualNetworkName string -@description('Required. The name of the Key Vault to create.') -param keyVaultName string - -@description('Required. The name of the Managed Identity to create.') -param managedIdentityName string - resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { name: virtualNetworkName location: location properties: { addressSpace: { addressPrefixes: [ - '10.0.0.0/24' + '10.0.0.0/24' ] } subnets: [ @@ -30,38 +24,5 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { } } -resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = { - name: keyVaultName - location: location - properties: { - sku: { - family: 'A' - name: 'standard' - } - tenantId: tenant().tenantId - enablePurgeProtection: null - enabledForTemplateDeployment: true - enabledForDiskEncryption: true - enabledForDeployment: true - enableRbacAuthorization: true - accessPolicies: [] - } -} - -resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { - name: managedIdentityName - location: location -} - @description('The resource ID of the created Virtual Network Subnet.') output subnetResourceId string = virtualNetwork.properties.subnets[0].id - -@description('The resource ID of the created Key Vault.') -output keyVaultResourceId string = keyVault.id - -@description('The URL of the created Key Vault.') -output keyVaultUrl string = keyVault.properties.vaultUri - -@description('The principal ID of the created Managed Identity.') -output managedIdentityPrincipalId string = managedIdentity.properties.principalId - diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep index 81d26fca23..76cabc2c51 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep @@ -11,7 +11,11 @@ param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceSh param location string = deployment().location @description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') -param serviceShort string = '...' +param serviceShort string = 'cvmsswinmin' + +@description('Optional. The password to leverage for the login.') +@secure() +param password string = newGuid() // =========== // // Deployments // @@ -29,22 +33,6 @@ module resourceGroupResources 'dependencies.bicep' = { name: '${uniqueString(deployment().name, location)}-paramNested' params: { virtualNetworkName: 'dep-<>-vnet-${serviceShort}' - keyVaultName: 'dep-<>-kv-${serviceShort}' - managedIdentityName: 'dep-<>-msi-${serviceShort}' - } -} - -// Diagnostics -// =========== -module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnostic.dependencies.bicep' = { - scope: resourceGroup - name: '${uniqueString(deployment().name, location)}-diagnosticDependencies' - params: { - storageAccountName: 'dep<>diasa${serviceShort}01' - logAnalyticsWorkspaceName: 'dep-<>-law-${serviceShort}' - eventHubNamespaceEventHubName: 'dep-<>-evh-${serviceShort}' - eventHubNamespaceName: 'dep-<>-evhns-${serviceShort}' - location: location } } @@ -57,7 +45,37 @@ module testDeployment '../../deploy.bicep' = { name: '${uniqueString(deployment().name)}-test-${serviceShort}' params: { name: '<>${serviceShort}001' + adminUsername: 'localAdminUser' + adminPassword: password + imageReference: { + offer: 'WindowsServer' + publisher: 'MicrosoftWindowsServer' + sku: '2016-Datacenter' + version: 'latest' + } + osDisk: { + createOption: 'fromImage' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + osType: 'Windows' + skuName: 'Standard_B12ms' + nicConfigurations: [ + { + ipConfigurations: [ + { + name: 'ipconfig1' + properties: { + subnet: { + id: resourceGroupResources.outputs.subnetResourceId + } + } + } + ] + nicSuffix: '-nic01' + } + ] } } - - diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep index 593953ae9f..fef5fea44f 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep @@ -4,9 +4,6 @@ param location string = resourceGroup().location @description('Required. The name of the Virtual Network to create') param virtualNetworkName string -@description('Required. The name of the Recovery Services Vault to create.') -param recoveryServicesVaultName string - @description('Required. The name of the Key Vault to create.') param keyVaultName string @@ -19,6 +16,12 @@ param storageUploadDeploymentScriptName string @description('Required. The name of the Managed Identity to create.') param managedIdentityName string +@description('Required. The name of the Proximity Placement Group to create.') +param proximityPlacementGroupName string + +var storageContainerName = 'scripts' +var storageAccountCSEFileName = 'scriptExtensionMasterInstaller.ps1' + resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { name: virtualNetworkName location: location @@ -127,14 +130,34 @@ resource storageUpload 'Microsoft.Resources/deploymentScripts@2020-10-01' = { ] } +resource proximityPlacementGroup 'Microsoft.Compute/proximityPlacementGroups@2022-03-01' = { + name: proximityPlacementGroupName + location: location +} + @description('The resource ID of the created Virtual Network Subnet.') output subnetResourceId string = virtualNetwork.properties.subnets[0].id +@description('The principal ID of the created Managed Identity.') +output managedIdentityPrincipalId string = managedIdentity.properties.principalId + +@description('The resource ID of the created Managed Identity.') +output managedIdentityResourceId string = managedIdentity.id + @description('The resource ID of the created Key Vault.') output keyVaultResourceId string = keyVault.id @description('The URL of the created Key Vault.') output keyVaultUrl string = keyVault.properties.vaultUri -@description('The principal ID of the created Managed Identity.') -output managedIdentityPrincipalId string = managedIdentity.properties.principalId +@description('The URL of the created Key Vault Encryption Key.') +output keyVaultEncryptionKeyUrl string = keyVault::key.properties.keyUriWithVersion + +@description('The resource ID of the created Storage Account.') +output storageAccountResourceId string = storageAccount.id + +@description('The URL of the Custom Script Extension in the created Storage Account') +output storageAccountCSEFileUrl string = '${storageAccount.properties.primaryEndpoints.blob}${storageContainerName}/${storageAccountCSEFileName}' + +@description('The resource ID of the created Proximity Placement Group.') +output proximityPlacementGroupResourceId string = proximityPlacementGroup.id diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep index 81d26fca23..6ddaeae8a3 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep @@ -11,7 +11,11 @@ param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceSh param location string = deployment().location @description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') -param serviceShort string = '...' +param serviceShort string = 'cvmsswin' + +@description('Optional. The password to leverage for the login.') +@secure() +param password string = newGuid() // =========== // // Deployments // @@ -29,8 +33,11 @@ module resourceGroupResources 'dependencies.bicep' = { name: '${uniqueString(deployment().name, location)}-paramNested' params: { virtualNetworkName: 'dep-<>-vnet-${serviceShort}' - keyVaultName: 'dep-<>-kv-${serviceShort}' managedIdentityName: 'dep-<>-msi-${serviceShort}' + keyVaultName: 'dep-<>-kv-${serviceShort}' + storageAccountName: 'dep<>sa${serviceShort}01' + storageUploadDeploymentScriptName: 'dep-<>-sads-${serviceShort}' + proximityPlacementGroupName: 'dep-<>-ppg-${serviceShort}' } } @@ -57,7 +64,116 @@ module testDeployment '../../deploy.bicep' = { name: '${uniqueString(deployment().name)}-test-${serviceShort}' params: { name: '<>${serviceShort}001' + adminUsername: 'localAdminUser' + imageReference: { + offer: 'WindowsServer' + publisher: 'MicrosoftWindowsServer' + sku: '2016-Datacenter' + version: 'latest' + } + osDisk: { + createOption: 'fromImage' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + osType: 'Windows' + skuName: 'Standard_B12ms' + adminPassword: password + diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId + diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId + diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId + diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName + diagnosticLogsRetentionInDays: 7 + encryptionAtHost: false + extensionAntiMalwareConfig: { + enabled: true + settings: { + AntimalwareEnabled: true + Exclusions: { + Extensions: '.log;.ldf' + Paths: 'D:\\IISlogs;D:\\DatabaseLogs' + Processes: 'mssence.svc' + } + RealtimeProtectionEnabled: true + ScheduledScanSettings: { + day: '7' + isEnabled: 'true' + scanType: 'Quick' + time: '120' + } + } + } + extensionCustomScriptConfig: { + enabled: true + fileData: [ + { + storageAccountId: resourceGroupResources.outputs.storageAccountResourceId + uri: resourceGroupResources.outputs.storageAccountCSEFileUrl + } + ] + protectedSettings: { + commandToExecute: 'powershell -ExecutionPolicy Unrestricted -Command "& ./${last(split(resourceGroupResources.outputs.storageAccountCSEFileUrl, '/'))}"' + } + } + extensionDependencyAgentConfig: { + enabled: true + } + extensionDiskEncryptionConfig: { + enabled: true + settings: { + EncryptionOperation: 'EnableEncryption' + KekVaultResourceId: resourceGroupResources.outputs.keyVaultResourceId + KeyEncryptionAlgorithm: 'RSA-OAEP' + KeyEncryptionKeyURL: resourceGroupResources.outputs.keyVaultEncryptionKeyUrl + KeyVaultResourceId: resourceGroupResources.outputs.keyVaultResourceId + KeyVaultURL: resourceGroupResources.outputs.keyVaultUrl + ResizeOSDisk: 'false' + VolumeType: 'All' + } + } + extensionDSCConfig: { + enabled: true + } + extensionMonitoringAgentConfig: { + enabled: true + } + extensionNetworkWatcherAgentConfig: { + enabled: true + } + lock: 'CanNotDelete' + nicConfigurations: [ + { + ipConfigurations: [ + { + name: 'ipconfig1' + properties: { + subnet: { + id: resourceGroupResources.outputs.subnetResourceId + } + } + } + ] + nicSuffix: '-nic01' + } + ] + proximityPlacementGroupResourceId: resourceGroupResources.outputs.proximityPlacementGroupResourceId + roleAssignments: [ + { + principalIds: [ + resourceGroupResources.outputs.managedIdentityPrincipalId + ] + roleDefinitionIdOrName: 'Reader' + } + ] + skuCapacity: 1 + systemAssignedIdentity: true + upgradePolicyMode: 'Manual' + userAssignedIdentities: { + '${resourceGroupResources.outputs.managedIdentityResourceId}': {} + } + vmNamePrefix: 'vmsswinvm' + vmPriority: 'Regular' } } - - diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md index 3d74bce1c0..17055e1361 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md @@ -884,7 +884,7 @@ The following module usage examples are retrieved from the content of the files >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -

Example 1: Linux Min

+

Example 1: Linux

@@ -892,7 +892,7 @@ The following module usage examples are retrieved from the content of the files ```bicep module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-VirtualMachineScaleSets' + name: '${uniqueString(deployment().name)}-test-cvmsslin' params: { // Required parameters adminUsername: 'scaleSetAdmin' @@ -902,140 +902,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl sku: '18.04-LTS' version: 'latest' } - name: '<>-scaleset-linux-min-001' - osDisk: { - createOption: 'fromImage' - diskSizeGB: '128' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - osType: 'Linux' - skuName: 'Standard_B12ms' - // Non-required parameters - disablePasswordAuthentication: true - nicConfigurations: [ - { - ipConfigurations: [ - { - name: 'ipconfig1' - properties: { - subnet: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002' - } - } - } - ] - nicSuffix: '-nic01' - } - ] - publicKeys: [ - { - keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' - path: '/home/scaleSetAdmin/.ssh/authorized_keys' - } - ] - } -} -``` - -
-

- -

- -via JSON Parameter file - -```json -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - // Required parameters - "adminUsername": { - "value": "scaleSetAdmin" - }, - "imageReference": { - "value": { - "offer": "UbuntuServer", - "publisher": "Canonical", - "sku": "18.04-LTS", - "version": "latest" - } - }, - "name": { - "value": "<>-scaleset-linux-min-001" - }, - "osDisk": { - "value": { - "createOption": "fromImage", - "diskSizeGB": "128", - "managedDisk": { - "storageAccountType": "Premium_LRS" - } - } - }, - "osType": { - "value": "Linux" - }, - "skuName": { - "value": "Standard_B12ms" - }, - // Non-required parameters - "disablePasswordAuthentication": { - "value": true - }, - "nicConfigurations": { - "value": [ - { - "ipConfigurations": [ - { - "name": "ipconfig1", - "properties": { - "subnet": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" - } - } - } - ], - "nicSuffix": "-nic01" - } - ] - }, - "publicKeys": { - "value": [ - { - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure", - "path": "/home/scaleSetAdmin/.ssh/authorized_keys" - } - ] - } - } -} -``` - -
-

- -

Example 2: Linux

- -
- -via Bicep module - -```bicep -module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-VirtualMachineScaleSets' - params: { - // Required parameters - adminUsername: 'scaleSetAdmin' - imageReference: { - offer: 'UbuntuServer' - publisher: 'Canonical' - sku: '18.04-LTS' - version: 'latest' - } - name: '<>-scaleset-linux-001' + name: '<>cvmsslin001' osDisk: { createOption: 'fromImage' diskSizeGB: '128' @@ -1049,7 +916,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl availabilityZones: [ '2' ] - bootDiagnosticStorageAccountName: 'adp<>azsax001' + bootDiagnosticStorageAccountName: '' dataDisks: [ { caching: 'ReadOnly' @@ -1068,19 +935,19 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } } ] - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticEventHubAuthorizationRuleId: '' + diagnosticEventHubName: '' diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticStorageAccountId: '' + diagnosticWorkspaceId: '' disablePasswordAuthentication: true encryptionAtHost: false extensionCustomScriptConfig: { enabled: true fileData: [ { - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' + storageAccountId: '' + uri: '' } ] protectedSettings: { @@ -1094,11 +961,11 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl enabled: true settings: { EncryptionOperation: 'EnableEncryption' - KekVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + KekVaultResourceId: '' KeyEncryptionAlgorithm: 'RSA-OAEP' - KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' - KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' + KeyEncryptionKeyURL: '' + KeyVaultResourceId: '' + KeyVaultURL: '' ResizeOSDisk: 'false' VolumeType: 'All' } @@ -1117,7 +984,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl name: 'ipconfig1' properties: { subnet: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002' + id: '' } } } @@ -1127,14 +994,14 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ] publicKeys: [ { - keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure' + keyData: '' path: '/home/scaleSetAdmin/.ssh/authorized_keys' } ] roleAssignments: [ { principalIds: [ - '<>' + '' ] roleDefinitionIdOrName: 'Reader' } @@ -1144,7 +1011,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl systemAssignedIdentity: true upgradePolicyMode: 'Manual' userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + '': {} } vmNamePrefix: 'vmsslinvm' vmPriority: 'Regular' @@ -1177,7 +1044,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } }, "name": { - "value": "<>-scaleset-linux-001" + "value": "<>cvmsslin001" }, "osDisk": { "value": { @@ -1201,7 +1068,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ] }, "bootDiagnosticStorageAccountName": { - "value": "adp<>azsax001" + "value": "" }, "dataDisks": { "value": [ @@ -1224,19 +1091,19 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ] }, "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + "value": "" }, "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "value": "" }, "diagnosticLogsRetentionInDays": { "value": 7 }, "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + "value": "" }, "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + "value": "" }, "disablePasswordAuthentication": { "value": true @@ -1249,8 +1116,8 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "enabled": true, "fileData": [ { - "storageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", - "uri": "https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1" + "storageAccountId": "", + "uri": "" } ], "protectedSettings": { @@ -1268,11 +1135,11 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "enabled": true, "settings": { "EncryptionOperation": "EnableEncryption", - "KekVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", + "KekVaultResourceId": "", "KeyEncryptionAlgorithm": "RSA-OAEP", - "KeyEncryptionKeyURL": "https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5", - "KeyVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", - "KeyVaultURL": "https://adp-<>-az-kv-x-001.vault.azure.net/", + "KeyEncryptionKeyURL": "", + "KeyVaultResourceId": "", + "KeyVaultURL": "", "ResizeOSDisk": "false", "VolumeType": "All" } @@ -1299,7 +1166,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "name": "ipconfig1", "properties": { "subnet": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" + "id": "" } } } @@ -1311,7 +1178,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "publicKeys": { "value": [ { - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdOir5eO28EBwxU0Dyra7g9h0HUXDyMNFp2z8PhaTUQgHjrimkMxjYRwEOG/lxnYL7+TqZk+HcPTfbZOunHBw0Wx2CITzILt6531vmIYZGfq5YyYXbxZa5MON7L/PVivoRlPj5Z/t4RhqMhyfR7EPcZ516LJ8lXPTo8dE/bkOCS+kFBEYHvPEEKAyLs19sRcK37SeHjpX04zdg62nqtuRr00Tp7oeiTXA1xn5K5mxeAswotmd8CU0lWUcJuPBWQedo649b+L2cm52kTncOBI6YChAeyEc1PDF0Tn9FmpdOWKtI9efh+S3f8qkcVEtSTXoTeroBd31nzjAunMrZeM8Ut6dre+XeQQIjT7I8oEm+ZkIuIyq0x2fls8JXP2YJDWDqu8v1+yLGTQ3Z9XVt2lMti/7bIgYxS0JvwOr5n5L4IzKvhb4fm13LLDGFa3o7Nsfe3fPb882APE0bLFCmfyIeiPh7go70WqZHakpgIr6LCWTyePez9CsI/rfWDb6eAM8= generated-by-azure", + "keyData": "", "path": "/home/scaleSetAdmin/.ssh/authorized_keys" } ] @@ -1320,7 +1187,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "value": [ { "principalIds": [ - "<>" + "" ], "roleDefinitionIdOrName": "Reader" } @@ -1340,7 +1207,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl }, "userAssignedIdentities": { "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + "": {} } }, "vmNamePrefix": { @@ -1356,30 +1223,25 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl

-

Example 3: Windows Min

+

Example 2: Linux.Min

via Bicep module ```bicep -resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { - name: 'adp-<>-az-kv-x-001' - scope: resourceGroup('<>','validation-rg') -} - module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-VirtualMachineScaleSets' + name: '${uniqueString(deployment().name)}-test-cvmsslinmin' params: { // Required parameters - adminUsername: kv1.getSecret('adminUsername') + adminUsername: 'scaleSetAdmin' imageReference: { - offer: 'WindowsServer' - publisher: 'MicrosoftWindowsServer' - sku: '2016-Datacenter' + offer: 'UbuntuServer' + publisher: 'Canonical' + sku: '18.04-LTS' version: 'latest' } - name: '<>-scaleset-win-min-001' + name: '<>cvmsslinmin001' osDisk: { createOption: 'fromImage' diskSizeGB: '128' @@ -1387,10 +1249,10 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl storageAccountType: 'Premium_LRS' } } - osType: 'Windows' + osType: 'Linux' skuName: 'Standard_B12ms' // Non-required parameters - adminPassword: kv1.getSecret('adminPassword') + disablePasswordAuthentication: true nicConfigurations: [ { ipConfigurations: [ @@ -1398,7 +1260,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl name: 'ipconfig1' properties: { subnet: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002' + id: '' } } } @@ -1406,6 +1268,12 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl nicSuffix: '-nic01' } ] + publicKeys: [ + { + keyData: '' + path: '/home/scaleSetAdmin/.ssh/authorized_keys' + } + ] } } ``` @@ -1424,23 +1292,18 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "parameters": { // Required parameters "adminUsername": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "adminUsername" - } + "value": "scaleSetAdmin" }, "imageReference": { "value": { - "offer": "WindowsServer", - "publisher": "MicrosoftWindowsServer", - "sku": "2016-Datacenter", + "offer": "UbuntuServer", + "publisher": "Canonical", + "sku": "18.04-LTS", "version": "latest" } }, "name": { - "value": "<>-scaleset-win-min-001" + "value": "<>cvmsslinmin001" }, "osDisk": { "value": { @@ -1452,19 +1315,14 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } }, "osType": { - "value": "Windows" + "value": "Linux" }, "skuName": { "value": "Standard_B12ms" }, // Non-required parameters - "adminPassword": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "adminPassword" - } + "disablePasswordAuthentication": { + "value": true }, "nicConfigurations": { "value": [ @@ -1474,7 +1332,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "name": "ipconfig1", "properties": { "subnet": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" + "id": "" } } } @@ -1482,6 +1340,14 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "nicSuffix": "-nic01" } ] + }, + "publicKeys": { + "value": [ + { + "keyData": "", + "path": "/home/scaleSetAdmin/.ssh/authorized_keys" + } + ] } } } @@ -1490,30 +1356,25 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl

-

Example 4: Windows

+

Example 3: Windows

via Bicep module ```bicep -resource kv1 'Microsoft.KeyVault/vaults@2019-09-01' existing = { - name: 'adp-<>-az-kv-x-001' - scope: resourceGroup('<>','validation-rg') -} - module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-VirtualMachineScaleSets' + name: '${uniqueString(deployment().name)}-test-cvmsswin' params: { // Required parameters - adminUsername: kv1.getSecret('adminUsername') + adminUsername: 'localAdminUser' imageReference: { offer: 'WindowsServer' publisher: 'MicrosoftWindowsServer' sku: '2016-Datacenter' version: 'latest' } - name: '<>-scaleset-win-001' + name: '<>cvmsswin001' osDisk: { createOption: 'fromImage' diskSizeGB: '128' @@ -1524,12 +1385,12 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl osType: 'Windows' skuName: 'Standard_B12ms' // Non-required parameters - adminPassword: kv1.getSecret('adminPassword') - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + adminPassword: '' + diagnosticEventHubAuthorizationRuleId: '' + diagnosticEventHubName: '' diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticStorageAccountId: '' + diagnosticWorkspaceId: '' encryptionAtHost: false extensionAntiMalwareConfig: { enabled: true @@ -1553,12 +1414,12 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl enabled: true fileData: [ { - storageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - uri: 'https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1' + storageAccountId: '' + uri: '' } ] protectedSettings: { - commandToExecute: 'powershell -ExecutionPolicy Unrestricted -Command \'& .\\scriptExtensionMasterInstaller.ps1\'' + commandToExecute: '' } } extensionDependencyAgentConfig: { @@ -1568,11 +1429,11 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl enabled: true settings: { EncryptionOperation: 'EnableEncryption' - KekVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' + KekVaultResourceId: '' KeyEncryptionAlgorithm: 'RSA-OAEP' - KeyEncryptionKeyURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5' - KeyVaultResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001' - KeyVaultURL: 'https://adp-<>-az-kv-x-001.vault.azure.net/' + KeyEncryptionKeyURL: '' + KeyVaultResourceId: '' + KeyVaultURL: '' ResizeOSDisk: 'false' VolumeType: 'All' } @@ -1594,7 +1455,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl name: 'ipconfig1' properties: { subnet: { - id: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002' + id: '' } } } @@ -1602,11 +1463,11 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl nicSuffix: '-nic01' } ] - proximityPlacementGroupResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/proximityPlacementGroups/adp-<>-az-ppg-vmss-001' + proximityPlacementGroupResourceId: '' roleAssignments: [ { principalIds: [ - '<>' + '' ] roleDefinitionIdOrName: 'Reader' } @@ -1615,7 +1476,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl systemAssignedIdentity: true upgradePolicyMode: 'Manual' userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + '': {} } vmNamePrefix: 'vmsswinvm' vmPriority: 'Regular' @@ -1637,12 +1498,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "parameters": { // Required parameters "adminUsername": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "adminUsername" - } + "value": "localAdminUser" }, "imageReference": { "value": { @@ -1653,7 +1509,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } }, "name": { - "value": "<>-scaleset-win-001" + "value": "<>cvmsswin001" }, "osDisk": { "value": { @@ -1672,27 +1528,22 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl }, // Non-required parameters "adminPassword": { - "reference": { - "keyVault": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001" - }, - "secretName": "adminPassword" - } + "value": "" }, "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + "value": "" }, "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "value": "" }, "diagnosticLogsRetentionInDays": { "value": 7 }, "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + "value": "" }, "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + "value": "" }, "encryptionAtHost": { "value": false @@ -1722,12 +1573,12 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "enabled": true, "fileData": [ { - "storageAccountId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", - "uri": "https://adp<>azsax001.blob.core.windows.net/scripts/scriptExtensionMasterInstaller.ps1" + "storageAccountId": "", + "uri": "" } ], "protectedSettings": { - "commandToExecute": "powershell -ExecutionPolicy Unrestricted -Command \"& .\\scriptExtensionMasterInstaller.ps1\"" + "commandToExecute": "" } } }, @@ -1741,11 +1592,11 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "enabled": true, "settings": { "EncryptionOperation": "EnableEncryption", - "KekVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", + "KekVaultResourceId": "", "KeyEncryptionAlgorithm": "RSA-OAEP", - "KeyEncryptionKeyURL": "https://adp-<>-az-kv-x-001.vault.azure.net/keys/keyEncryptionKey/bc3bb46d95c64367975d722f473eeae5", - "KeyVaultResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<>-az-kv-x-001", - "KeyVaultURL": "https://adp-<>-az-kv-x-001.vault.azure.net/", + "KeyEncryptionKeyURL": "", + "KeyVaultResourceId": "", + "KeyVaultURL": "", "ResizeOSDisk": "false", "VolumeType": "All" } @@ -1777,7 +1628,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl "name": "ipconfig1", "properties": { "subnet": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<>-az-vnet-x-001/subnets/<>-az-subnet-x-002" + "id": "" } } } @@ -1787,13 +1638,13 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ] }, "proximityPlacementGroupResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/proximityPlacementGroups/adp-<>-az-ppg-vmss-001" + "value": "" }, "roleAssignments": { "value": [ { "principalIds": [ - "<>" + "" ], "roleDefinitionIdOrName": "Reader" } @@ -1810,7 +1661,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl }, "userAssignedIdentities": { "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + "": {} } }, "vmNamePrefix": { @@ -1825,3 +1676,122 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl

+ +

Example 4: Windows.Min

+ +
+ +via Bicep module + +```bicep +module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-test-cvmsswinmin' + params: { + // Required parameters + adminUsername: 'localAdminUser' + imageReference: { + offer: 'WindowsServer' + publisher: 'MicrosoftWindowsServer' + sku: '2016-Datacenter' + version: 'latest' + } + name: '<>cvmsswinmin001' + osDisk: { + createOption: 'fromImage' + diskSizeGB: '128' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + osType: 'Windows' + skuName: 'Standard_B12ms' + // Non-required parameters + adminPassword: '' + nicConfigurations: [ + { + ipConfigurations: [ + { + name: 'ipconfig1' + properties: { + subnet: { + id: '' + } + } + } + ] + nicSuffix: '-nic01' + } + ] + } +} +``` + +
+

+ +

+ +via JSON Parameter file + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + // Required parameters + "adminUsername": { + "value": "localAdminUser" + }, + "imageReference": { + "value": { + "offer": "WindowsServer", + "publisher": "MicrosoftWindowsServer", + "sku": "2016-Datacenter", + "version": "latest" + } + }, + "name": { + "value": "<>cvmsswinmin001" + }, + "osDisk": { + "value": { + "createOption": "fromImage", + "diskSizeGB": "128", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } + } + }, + "osType": { + "value": "Windows" + }, + "skuName": { + "value": "Standard_B12ms" + }, + // Non-required parameters + "adminPassword": { + "value": "" + }, + "nicConfigurations": { + "value": [ + { + "ipConfigurations": [ + { + "name": "ipconfig1", + "properties": { + "subnet": { + "id": "" + } + } + } + ], + "nicSuffix": "-nic01" + } + ] + } + } +} +``` + +
+

diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index 25d22f3fff..1f71549869 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -618,8 +618,11 @@ Convert the given Bicep parameter block to JSON parameter block .PARAMETER BicepParamBlock Mandatory. The Bicep parameter block to process +.PARAMETER CurrentFilePath +Mandatory. The Path of the file containing the param block + .EXAMPLE -ConvertTo-FormattedJSONParameterObject -BicepParamBlock "name: 'carml'\nlock: 'CanNotDelete'" +ConvertTo-FormattedJSONParameterObject -BicepParamBlock "name: 'carml'\nlock: 'CanNotDelete'" -CurrentFilePath 'c:/deploy.test.bicep' Convert the Bicep string "name: 'carml'\nlock: 'CanNotDelete'" into a parameter JSON object. Would result into: @@ -637,7 +640,10 @@ function ConvertTo-FormattedJSONParameterObject { [CmdletBinding()] param ( [Parameter()] - [string] $BicepParamBlock + [string] $BicepParamBlock, + + [Parameter()] + [string] $CurrentFilePath ) # [1/4] Detect top level params for later processing @@ -721,8 +727,11 @@ function ConvertTo-FormattedJSONParameterObject { } # [2.7] Format the final JSON string to an object to enable processing - $paramInJsonFormatObject = $paramInJSONFormatArray | Out-String | ConvertFrom-Json -AsHashtable -Depth 99 - + try { + $paramInJsonFormatObject = $paramInJSONFormatArray | Out-String | ConvertFrom-Json -AsHashtable -Depth 99 -ErrorAction 'Stop' + } catch { + throw ('Failed to process file [{0}]. Please check if it properly formatted. Original error message: [{1}]' -f $CurrentFilePath, $_.Exception.Message) + } # [3/4] Inject top-level 'value`' properties $paramInJsonFormatObjectWithValue = @{} foreach ($paramKey in $topLevelParams) { @@ -961,6 +970,7 @@ function Set-DeploymentExamplesSection { # [5/6] Convert Bicep parameter block to JSON parameter block to enable processing $conversionInputObject = @{ BicepParamBlock = $paramBlock + CurrentFilePath = $testFilePath } $paramsInJSONFormat = ConvertTo-FormattedJSONParameterObject @conversionInputObject @@ -978,6 +988,21 @@ function Set-DeploymentExamplesSection { $formattedBicepExample = $rawBicepExample[0..($paramsStartIndex - 1)] + ($bicepExample -split '\n') + $rawBicepExample[($paramsEndIndex + 1)..($rawBicepExample.Count)] + # Remove any dependsOn as it it test specific + if ($detected = ($formattedBicepExample | Select-String '^\s*dependsOn:\s*\[\s*$' | ForEach-Object { $_.LineNumber - 1 })) { + $dependsOnStartIndex = $detected[0] + + # Find out where the 'dependsOn' ends + $dependsOnEndIndex = $dependsOnStartIndex + do { + $dependsOnEndIndex++ + } while ($formattedBicepExample[$dependsOnEndIndex] -notmatch '^\s*\]\s*$') + + # Cut the 'dependsOn' block out + $formattedBicepExample = $formattedBicepExample[0..($dependsOnStartIndex - 1)] + $formattedBicepExample[($dependsOnEndIndex + 1)..($formattedBicepExample.Count)] + } + + # Build result $SectionContent += @( '', '

' From 2ca3c6dd33d92a3dda0b4a40e29fc0c787db22b6 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 2 Sep 2022 20:58:31 +0200 Subject: [PATCH 04/34] Updated RBAC handling --- .../.test/linux.min/dependencies.bicep | 2 +- .../virtualMachineScaleSets/.test/linux/dependencies.bicep | 4 ++-- .../virtualMachineScaleSets/.test/windows/dependencies.bicep | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep index ebdd1cca32..0575ac3c4c 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -39,7 +39,7 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- } resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${managedIdentityName}-RG-Reader-RoleAssignment') + name: guid('msi-${resourceGroup().id}-${location}-${managedIdentityName}-RG-Reader-RoleAssignment') scope: resourceGroup() properties: { principalId: managedIdentity.properties.principalId diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep index efb82b2cdc..3c97c0ce6c 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep @@ -76,7 +76,7 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- } resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${managedIdentityName}-RG-Reader-RoleAssignment') + name: guid('msi-${resourceGroup().id}-${location}-${managedIdentity.id}-RG-Reader-RoleAssignment') scope: resourceGroup() properties: { principalId: managedIdentity.properties.principalId @@ -86,7 +86,7 @@ resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022- } resource msiKVCryptoUserRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${managedIdentityName}-KeyVault-Key-Read-RoleAssignment') + name: guid('msi-${keyVault::key.id}-${location}-${managedIdentity.id}-KeyVault-Key-Read-RoleAssignment') scope: keyVault::key properties: { principalId: managedIdentity.properties.principalId diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep index fef5fea44f..e41d3e22a9 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep @@ -73,7 +73,7 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- } resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${managedIdentityName}-RG-Reader-RoleAssignment') + name: guid('msi-${resourceGroup().id}-${location}-${managedIdentity.id}-RG-Reader-RoleAssignment') scope: resourceGroup() properties: { principalId: managedIdentity.properties.principalId @@ -83,7 +83,7 @@ resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022- } resource msiKVCryptoUserRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${managedIdentityName}-KeyVault-Key-Read-RoleAssignment') + name: guid('msi-${keyVault::key.id}-${location}-${managedIdentity.id}-KeyVault-Key-Read-RoleAssignment') scope: keyVault::key properties: { principalId: managedIdentity.properties.principalId From cabe18972e6e14078bcff9690c8cde9f3d354493 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 2 Sep 2022 21:17:01 +0200 Subject: [PATCH 05/34] Update to latest --- .../virtualMachineScaleSets/.test/linux.min/dependencies.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep index 0575ac3c4c..882451b352 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -39,7 +39,7 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- } resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${resourceGroup().id}-${location}-${managedIdentityName}-RG-Reader-RoleAssignment') + name: guid('msi-${resourceGroup().id}-${location}-${managedIdentity.id}-RG-Reader-RoleAssignment') scope: resourceGroup() properties: { principalId: managedIdentity.properties.principalId From d30d918fe3d01d94e33dacb2bec75ef15782d195 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 2 Sep 2022 22:03:49 +0200 Subject: [PATCH 06/34] Small fix --- .../virtualMachineScaleSets/.test/linux/deploy.test.bicep | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep index 21e7470bcd..94fdeb55c9 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep @@ -77,11 +77,10 @@ module testDeployment '../../deploy.bicep' = { } osType: 'Linux' skuName: 'Standard_B12ms' - // Non-required parameters availabilityZones: [ '2' ] - bootDiagnosticStorageAccountName: diagnosticDependencies.outputs.storageAccountResourceId + bootDiagnosticStorageAccountName: last(split(diagnosticDependencies.outputs.storageAccountResourceId, '/')) dataDisks: [ { caching: 'ReadOnly' From 4dae90ccb3279ca442378b85f288d5311184d2f0 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 9 Sep 2022 12:50:16 +0200 Subject: [PATCH 07/34] Update to latest --- .../virtualMachineScaleSets/.test/linux.min/deploy.test.bicep | 2 +- .../virtualMachineScaleSets/.test/linux/deploy.test.bicep | 2 +- .../virtualMachineScaleSets/.test/windows.min/deploy.test.bicep | 2 +- .../virtualMachineScaleSets/.test/windows/deploy.test.bicep | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep index a4cebe7f32..a78dd41466 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep @@ -10,7 +10,7 @@ param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceSh @description('Optional. The location to deploy resources to') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') param serviceShort string = 'cvmsslinmin' // =========== // diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep index 94fdeb55c9..d386a3f7ba 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep @@ -10,7 +10,7 @@ param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceSh @description('Optional. The location to deploy resources to') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') param serviceShort string = 'cvmsslin' // =========== // diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep index 76cabc2c51..7a42977740 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep @@ -10,7 +10,7 @@ param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceSh @description('Optional. The location to deploy resources to') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') param serviceShort string = 'cvmsswinmin' @description('Optional. The password to leverage for the login.') diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep index 6ddaeae8a3..df727854ff 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep @@ -10,7 +10,7 @@ param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceSh @description('Optional. The location to deploy resources to') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') param serviceShort string = 'cvmsswin' @description('Optional. The password to leverage for the login.') From b5c4bf00af3ad1ff692c602fe452dbfac47fef32 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 9 Sep 2022 13:03:14 +0200 Subject: [PATCH 08/34] Update to latest --- .../.test/linux.min/deploy.test.bicep | 6 +++--- .../virtualMachineScaleSets/.test/linux/deploy.test.bicep | 6 +++--- .../.test/windows.min/deploy.test.bicep | 6 +++--- .../virtualMachineScaleSets/.test/windows/deploy.test.bicep | 6 +++--- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep index a78dd41466..7f8ffa7cec 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep @@ -3,14 +3,14 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for a testing purposes') +@description('Optional. The name of the resource group to deploy for a testing purposes.') @maxLength(90) param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceShort}-rg' -@description('Optional. The location to deploy resources to') +@description('Optional. The location to deploy resources to.') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') param serviceShort string = 'cvmsslinmin' // =========== // diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep index d386a3f7ba..768bb71f60 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep @@ -3,14 +3,14 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for a testing purposes') +@description('Optional. The name of the resource group to deploy for a testing purposes.') @maxLength(90) param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceShort}-rg' -@description('Optional. The location to deploy resources to') +@description('Optional. The location to deploy resources to.') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') param serviceShort string = 'cvmsslin' // =========== // diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep index 7a42977740..3d084a8140 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep @@ -3,14 +3,14 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for a testing purposes') +@description('Optional. The name of the resource group to deploy for a testing purposes.') @maxLength(90) param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceShort}-rg' -@description('Optional. The location to deploy resources to') +@description('Optional. The location to deploy resources to.') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') param serviceShort string = 'cvmsswinmin' @description('Optional. The password to leverage for the login.') diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep index df727854ff..262c120388 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep @@ -3,14 +3,14 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for a testing purposes') +@description('Optional. The name of the resource group to deploy for a testing purposes.') @maxLength(90) param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceShort}-rg' -@description('Optional. The location to deploy resources to') +@description('Optional. The location to deploy resources to.') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') param serviceShort string = 'cvmsswin' @description('Optional. The password to leverage for the login.') From fa817a68eb5147117effbe4d1d2613219565dafa Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Mon, 19 Sep 2022 08:25:14 +0200 Subject: [PATCH 09/34] Update modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep --- .../virtualMachineScaleSets/.test/linux.min/deploy.test.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep index 7f8ffa7cec..21294392a8 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep @@ -3,7 +3,7 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for a testing purposes.') +@description('Optional. The name of the resource group to deploy for testing purposes.') @maxLength(90) param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceShort}-rg' From bb2e7c0401feb45343a49b9502a9ecfb8eb58759 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Mon, 19 Sep 2022 08:26:02 +0200 Subject: [PATCH 10/34] Update modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep --- .../virtualMachineScaleSets/.test/linux/deploy.test.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep index 768bb71f60..f8da20ae66 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep @@ -3,7 +3,7 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for a testing purposes.') +@description('Optional. The name of the resource group to deploy for testing purposes.') @maxLength(90) param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceShort}-rg' From 5d8a59f708b0d9644830bb50744fc464c58696bd Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Mon, 19 Sep 2022 08:26:06 +0200 Subject: [PATCH 11/34] Update modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep --- .../virtualMachineScaleSets/.test/windows.min/deploy.test.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep index 3d084a8140..46f911e739 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/deploy.test.bicep @@ -3,7 +3,7 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for a testing purposes.') +@description('Optional. The name of the resource group to deploy for testing purposes.') @maxLength(90) param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceShort}-rg' From 4cbf2d73c869c7bf75947b1252cce0c9d9eeffc4 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Mon, 19 Sep 2022 08:26:10 +0200 Subject: [PATCH 12/34] Update modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep --- .../virtualMachineScaleSets/.test/windows/deploy.test.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep index 262c120388..e876f23da3 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep @@ -3,7 +3,7 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for a testing purposes.') +@description('Optional. The name of the resource group to deploy for testing purposes.') @maxLength(90) param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceShort}-rg' From ceaf41bfb431625ca677f9d1dc246fc2657f33cc Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 5 Oct 2022 18:43:53 +0200 Subject: [PATCH 13/34] Update to latest --- .../virtualMachineScaleSets/.test/linux.min/dependencies.bicep | 2 +- .../virtualMachineScaleSets/.test/linux/dependencies.bicep | 2 +- .../.test/windows.min/dependencies.bicep | 2 +- .../virtualMachineScaleSets/.test/windows/dependencies.bicep | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep index 882451b352..33e3db8947 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -1,7 +1,7 @@ @description('Optional. The location to deploy to') param location string = resourceGroup().location -@description('Required. The name of the Virtual Network to create') +@description('Required. The name of the Virtual Network to create.') param virtualNetworkName string @description('Required. The name of the Managed Identity to create.') diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep index 3c97c0ce6c..2d47d2cfdf 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep @@ -1,7 +1,7 @@ @description('Optional. The location to deploy to') param location string = resourceGroup().location -@description('Required. The name of the Virtual Network to create') +@description('Required. The name of the Virtual Network to create.') param virtualNetworkName string @description('Required. The name of the Key Vault to create.') diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep index e1e30c2e2a..6107a244fd 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep @@ -1,7 +1,7 @@ @description('Optional. The location to deploy to') param location string = resourceGroup().location -@description('Required. The name of the Virtual Network to create') +@description('Required. The name of the Virtual Network to create.') param virtualNetworkName string resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep index e41d3e22a9..7c54a979ec 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep @@ -1,7 +1,7 @@ @description('Optional. The location to deploy to') param location string = resourceGroup().location -@description('Required. The name of the Virtual Network to create') +@description('Required. The name of the Virtual Network to create.') param virtualNetworkName string @description('Required. The name of the Key Vault to create.') From 3f6de07068b7cf949a46101da600a667f568212b Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 11 Oct 2022 14:56:08 +0200 Subject: [PATCH 14/34] Update to latest --- .../.test/linux.min/dependencies.bicep | 2 +- .../virtualMachineScaleSets/.test/linux/dependencies.bicep | 4 ++-- .../virtualMachineScaleSets/.test/windows/dependencies.bicep | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep index 33e3db8947..34c8066bb8 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -61,7 +61,7 @@ resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' properties: { azPowerShellVersion: '6.2.1' retentionInterval: 'P1D' - arguments: ' -SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' + arguments: '-SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' scriptContent: loadTextContent('../.scripts/New-SSHKey.ps1') } dependsOn: [ diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep index 2d47d2cfdf..030a8a64b1 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep @@ -125,7 +125,7 @@ resource storageUpload 'Microsoft.Resources/deploymentScripts@2020-10-01' = { properties: { azPowerShellVersion: '3.0' retentionInterval: 'P1D' - arguments: ' -StorageAccountName "${storageAccount.name}" -ResourceGroupName "${resourceGroup().name}" -ContainerName "${storageAccount::blobService::container.name}" -FileName "${storageAccountCSEFileName}"' + arguments: '-StorageAccountName "${storageAccount.name}" -ResourceGroupName "${resourceGroup().name}" -ContainerName "${storageAccount::blobService::container.name}" -FileName "${storageAccountCSEFileName}"' scriptContent: loadTextContent('../.scripts/Set-BlobContent.ps1') } dependsOn: [ @@ -146,7 +146,7 @@ resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' properties: { azPowerShellVersion: '6.2.1' retentionInterval: 'P1D' - arguments: ' -SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' + arguments: '-SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' scriptContent: loadTextContent('../.scripts/New-SSHKey.ps1') } dependsOn: [ diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep index 7c54a979ec..e88f0658d6 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep @@ -122,7 +122,7 @@ resource storageUpload 'Microsoft.Resources/deploymentScripts@2020-10-01' = { properties: { azPowerShellVersion: '3.0' retentionInterval: 'P1D' - arguments: ' -StorageAccountName "${storageAccount.name}" -ResourceGroupName "${resourceGroup().name}" -ContainerName "${storageAccount::blobService::container.name}" -FileName "${storageAccountCSEFileName}"' + arguments: '-StorageAccountName "${storageAccount.name}" -ResourceGroupName "${resourceGroup().name}" -ContainerName "${storageAccount::blobService::container.name}" -FileName "${storageAccountCSEFileName}"' scriptContent: loadTextContent('../.scripts/Set-BlobContent.ps1') } dependsOn: [ From e5fcf9b68dfd038e0563bd4c4c1ecb35039f0c1c Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 4 Nov 2022 16:27:51 +0100 Subject: [PATCH 15/34] Update to latest --- .../virtualMachineScaleSets/.test/linux/dependencies.bicep | 3 +++ .../virtualMachineScaleSets/.test/linux/deploy.test.bicep | 2 +- .../virtualMachineScaleSets/.test/windows/dependencies.bicep | 3 +++ .../virtualMachineScaleSets/.test/windows/deploy.test.bicep | 2 +- 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep index 030a8a64b1..34053f14da 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep @@ -180,6 +180,9 @@ output keyVaultUrl string = keyVault.properties.vaultUri @description('The URL of the created Key Vault Encryption Key.') output keyVaultEncryptionKeyUrl string = keyVault::key.properties.keyUriWithVersion +@description('The name of the created Storage Account.') +output storageAccountName string = storageAccount.name + @description('The resource ID of the created Storage Account.') output storageAccountResourceId string = storageAccount.id diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep index f8da20ae66..a52b06c357 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep @@ -80,7 +80,7 @@ module testDeployment '../../deploy.bicep' = { availabilityZones: [ '2' ] - bootDiagnosticStorageAccountName: last(split(diagnosticDependencies.outputs.storageAccountResourceId, '/')) + bootDiagnosticStorageAccountName: resourceGroupResources.outputs.storageAccountName dataDisks: [ { caching: 'ReadOnly' diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep index e88f0658d6..0b5bba71cb 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep @@ -159,5 +159,8 @@ output storageAccountResourceId string = storageAccount.id @description('The URL of the Custom Script Extension in the created Storage Account') output storageAccountCSEFileUrl string = '${storageAccount.properties.primaryEndpoints.blob}${storageContainerName}/${storageAccountCSEFileName}' +@description('The name of the Custom Script Extension in the created Storage Account') +output storageAccountCSEFileName string = storageAccountCSEFileName + @description('The resource ID of the created Proximity Placement Group.') output proximityPlacementGroupResourceId string = proximityPlacementGroup.id diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep index e876f23da3..e1e1854857 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/deploy.test.bicep @@ -114,7 +114,7 @@ module testDeployment '../../deploy.bicep' = { } ] protectedSettings: { - commandToExecute: 'powershell -ExecutionPolicy Unrestricted -Command "& ./${last(split(resourceGroupResources.outputs.storageAccountCSEFileUrl, '/'))}"' + commandToExecute: 'powershell -ExecutionPolicy Unrestricted -Command "& ./${resourceGroupResources.outputs.storageAccountCSEFileName}"' } } extensionDependencyAgentConfig: { From fc3513ba0e2030cc0177ca486d939882d0d203e4 Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Thu, 10 Nov 2022 15:08:47 +0100 Subject: [PATCH 16/34] refreshed readme --- modules/Microsoft.Compute/virtualMachineScaleSets/readme.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md index a8362ae404..cacbcda36e 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md @@ -14,7 +14,7 @@ This module deploys a virtual machine scale set. | Resource Type | API Version | | :-- | :-- | -| `Microsoft.Authorization/locks` | [2017-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) | +| `Microsoft.Authorization/locks` | [2017-04-01](https://docs.microsoft.com/en-us/azure/templates) | | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) | | `Microsoft.Compute/virtualMachineScaleSets` | [2022-03-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Compute/2022-03-01/virtualMachineScaleSets) | | `Microsoft.Compute/virtualMachineScaleSets/extensions` | [2021-07-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Compute/2021-07-01/virtualMachineScaleSets/extensions) | @@ -1425,7 +1425,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } ] protectedSettings: { - commandToExecute: '' + commandToExecute: 'powershell -ExecutionPolicy Unrestricted -Command \'& ./${resourceGroupResources.outputs.storageAccountCSEFileName}\'' } } extensionDependencyAgentConfig: { @@ -1584,7 +1584,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } ], "protectedSettings": { - "commandToExecute": "" + "commandToExecute": "powershell -ExecutionPolicy Unrestricted -Command \"& ./${resourceGroupResources.outputs.storageAccountCSEFileName}\"" } } }, From f6b430f0af746c41704fb8c477a396bcda7033b5 Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Thu, 10 Nov 2022 18:04:22 +0100 Subject: [PATCH 17/34] Update to latest --- modules/Microsoft.Compute/virtualMachineScaleSets/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md index cacbcda36e..5633d6c867 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md @@ -14,7 +14,7 @@ This module deploys a virtual machine scale set. | Resource Type | API Version | | :-- | :-- | -| `Microsoft.Authorization/locks` | [2017-04-01](https://docs.microsoft.com/en-us/azure/templates) | +| `Microsoft.Authorization/locks` | [2017-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) | | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) | | `Microsoft.Compute/virtualMachineScaleSets` | [2022-03-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Compute/2022-03-01/virtualMachineScaleSets) | | `Microsoft.Compute/virtualMachineScaleSets/extensions` | [2021-07-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Compute/2021-07-01/virtualMachineScaleSets/extensions) | From 58fb09229dbda01eceb7b2634ba4c27608d0185b Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Tue, 15 Nov 2022 23:57:24 +0100 Subject: [PATCH 18/34] Updated naming --- .../virtualMachineScaleSets/.test/linux.min/dependencies.bicep | 2 +- .../virtualMachineScaleSets/.test/linux/dependencies.bicep | 2 +- .../virtualMachineScaleSets/.test/windows/dependencies.bicep | 2 +- .../virtualMachines/.test/linux.min/dependencies.bicep | 2 +- .../virtualMachines/.test/linux/dependencies.bicep | 2 +- .../virtualMachines/.test/windows/dependencies.bicep | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep index 34c8066bb8..b41477d305 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -39,7 +39,7 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- } resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${resourceGroup().id}-${location}-${managedIdentity.id}-RG-Reader-RoleAssignment') + name: guid(resourceGroup().id, 'Contributor', managedIdentity.id) scope: resourceGroup() properties: { principalId: managedIdentity.properties.principalId diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep index 34053f14da..82e2b21861 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep @@ -76,7 +76,7 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- } resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${resourceGroup().id}-${location}-${managedIdentity.id}-RG-Reader-RoleAssignment') + name: guid(resourceGroup().id, 'Contributor', managedIdentity.id) scope: resourceGroup() properties: { principalId: managedIdentity.properties.principalId diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep index 0b5bba71cb..d2f5c51264 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep @@ -73,7 +73,7 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- } resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${resourceGroup().id}-${location}-${managedIdentity.id}-RG-Reader-RoleAssignment') + name: guid(resourceGroup().id, 'Contributor', managedIdentity.id) scope: resourceGroup() properties: { principalId: managedIdentity.properties.principalId diff --git a/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep index 731da6549b..1d301dbdff 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep @@ -39,7 +39,7 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- } resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${resourceGroup().id}-${location}-${managedIdentity.id}-ResourceGroup-Reader-RoleAssignment') + name: guid(resourceGroup().id, 'Contributor', managedIdentity.id) scope: resourceGroup() properties: { principalId: managedIdentity.properties.principalId diff --git a/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep index f398b4e810..f3121d1ec5 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep @@ -66,7 +66,7 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- } resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${resourceGroup().id}-${location}-${managedIdentity.id}-ResourceGroup-Contributor-RoleAssignment') + name: guid(resourceGroup().id, 'Contributor', managedIdentity.id) scope: resourceGroup() properties: { principalId: managedIdentity.properties.principalId diff --git a/modules/Microsoft.Compute/virtualMachines/.test/windows/dependencies.bicep b/modules/Microsoft.Compute/virtualMachines/.test/windows/dependencies.bicep index fe18973a09..ae11a50b39 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/windows/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/windows/dependencies.bicep @@ -63,7 +63,7 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- } resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${resourceGroup().id}-${location}-${managedIdentity.id}-RG-Contributor-RoleAssignment') + name: guid(resourceGroup().id, 'Contributor', managedIdentity.id) scope: resourceGroup() properties: { principalId: managedIdentity.properties.principalId From c251674e5c5155fb74bd4820d98893dac6937b6d Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Wed, 16 Nov 2022 00:07:10 +0100 Subject: [PATCH 19/34] Updated powershell version --- .../virtualMachineScaleSets/.test/linux.min/dependencies.bicep | 2 +- .../virtualMachineScaleSets/.test/linux/dependencies.bicep | 2 +- .../virtualMachines/.test/linux.atmg/dependencies.bicep | 2 +- .../virtualMachines/.test/linux.min/dependencies.bicep | 2 +- .../virtualMachines/.test/linux/dependencies.bicep | 2 +- .../virtualMachines/.test/windows/dependencies.bicep | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep index b41477d305..acf4016b9e 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -59,7 +59,7 @@ resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' } } properties: { - azPowerShellVersion: '6.2.1' + azPowerShellVersion: '9.1' retentionInterval: 'P1D' arguments: '-SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' scriptContent: loadTextContent('../.scripts/New-SSHKey.ps1') diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep index 82e2b21861..122ac06081 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep @@ -144,7 +144,7 @@ resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' } } properties: { - azPowerShellVersion: '6.2.1' + azPowerShellVersion: '9.1' retentionInterval: 'P1D' arguments: '-SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' scriptContent: loadTextContent('../.scripts/New-SSHKey.ps1') diff --git a/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/dependencies.bicep b/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/dependencies.bicep index 54adfbd454..26b9a7011e 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/dependencies.bicep @@ -59,7 +59,7 @@ resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' } } properties: { - azPowerShellVersion: '6.2.1' + azPowerShellVersion: '9.1' retentionInterval: 'P1D' arguments: ' -SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' scriptContent: loadTextContent('../.scripts/New-SSHKey.ps1') diff --git a/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep index 1d301dbdff..91ac8eb9b0 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep @@ -59,7 +59,7 @@ resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' } } properties: { - azPowerShellVersion: '6.2.1' + azPowerShellVersion: '9.1' retentionInterval: 'P1D' arguments: '-SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' scriptContent: loadTextContent('../.scripts/New-SSHKey.ps1') diff --git a/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep index f3121d1ec5..8ee90bbb18 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep @@ -275,7 +275,7 @@ resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' } } properties: { - azPowerShellVersion: '6.2.1' + azPowerShellVersion: '9.1' retentionInterval: 'P1D' arguments: '-SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' scriptContent: loadTextContent('../.scripts/New-SSHKey.ps1') diff --git a/modules/Microsoft.Compute/virtualMachines/.test/windows/dependencies.bicep b/modules/Microsoft.Compute/virtualMachines/.test/windows/dependencies.bicep index ae11a50b39..f7e05f4d64 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/windows/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/windows/dependencies.bicep @@ -251,7 +251,7 @@ resource storageUpload 'Microsoft.Resources/deploymentScripts@2020-10-01' = { } } properties: { - azPowerShellVersion: '6.2.1' + azPowerShellVersion: '9.1' retentionInterval: 'P1D' arguments: '-StorageAccountName "${storageAccount.name}" -ResourceGroupName "${resourceGroup().name}" -ContainerName "${storageAccount::blobService::container.name}" -FileName "${storageAccountCSEFileName}"' scriptContent: loadTextContent('../.scripts/Set-BlobContent.ps1') From 74008fa1456509973166c6eb06097817a85ead59 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Wed, 16 Nov 2022 00:07:59 +0100 Subject: [PATCH 20/34] Update modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- .../virtualMachineScaleSets/.test/linux.min/dependencies.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep index acf4016b9e..fcdbe1ebed 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -86,5 +86,5 @@ output managedIdentityPrincipalId string = managedIdentity.properties.principalI @description('The resource ID of the created SSH Key') output SSHKeyResourceID string = sshKey.id -@description('The Public Key of the created SSH Key') +@description('The Public Key of the created SSH Key.') output SSHKey string = sshKey.properties.publicKey From 47efc6f62ecbfaadba9c8821fb3f07ad56e097f0 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Wed, 16 Nov 2022 00:08:14 +0100 Subject: [PATCH 21/34] Update modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- .../virtualMachineScaleSets/.test/linux.min/dependencies.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep index fcdbe1ebed..0d83bc07d3 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -83,7 +83,7 @@ output subnetResourceId string = virtualNetwork.properties.subnets[0].id @description('The principal ID of the created Managed Identity.') output managedIdentityPrincipalId string = managedIdentity.properties.principalId -@description('The resource ID of the created SSH Key') +@description('The resource ID of the created SSH Key.') output SSHKeyResourceID string = sshKey.id @description('The Public Key of the created SSH Key.') From 6b2182b944525f89f769f1f00bdecf733a92cf1f Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Wed, 16 Nov 2022 00:08:26 +0100 Subject: [PATCH 22/34] Update modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- .../virtualMachineScaleSets/.test/linux/dependencies.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep index 122ac06081..382015618c 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep @@ -1,4 +1,4 @@ -@description('Optional. The location to deploy to') +@description('Optional. The location to deploy to.') param location string = resourceGroup().location @description('Required. The name of the Virtual Network to create.') From f8aa3f0f537102d9841f444ec3fed75119ef9ea3 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Wed, 16 Nov 2022 00:08:40 +0100 Subject: [PATCH 23/34] Update modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- .../virtualMachineScaleSets/.test/linux.min/dependencies.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep index 0d83bc07d3..48905c5fa3 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -1,4 +1,4 @@ -@description('Optional. The location to deploy to') +@description('Optional. The location to deploy to.') param location string = resourceGroup().location @description('Required. The name of the Virtual Network to create.') From f4afa57cf7dedc3dfb2ea56fe36af48043ccdce3 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Thu, 17 Nov 2022 00:09:23 +0100 Subject: [PATCH 24/34] Update modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- .../.test/windows.min/dependencies.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep index 6107a244fd..12d074b6a7 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows.min/dependencies.bicep @@ -1,4 +1,4 @@ -@description('Optional. The location to deploy to') +@description('Optional. The location to deploy to.') param location string = resourceGroup().location @description('Required. The name of the Virtual Network to create.') From e1671006c1f65673a3d7198631bd520571bf62ef Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Thu, 17 Nov 2022 00:09:32 +0100 Subject: [PATCH 25/34] Update modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- .../virtualMachineScaleSets/.test/windows/dependencies.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep index d2f5c51264..caeff9195e 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep @@ -1,4 +1,4 @@ -@description('Optional. The location to deploy to') +@description('Optional. The location to deploy to.') param location string = resourceGroup().location @description('Required. The name of the Virtual Network to create.') From a7f9c8caa5df6b0ea1ad0098bbafa0bf92508ddd Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Thu, 17 Nov 2022 00:09:56 +0100 Subject: [PATCH 26/34] Update modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- .../virtualMachineScaleSets/.test/windows/dependencies.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep index caeff9195e..f112699972 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep @@ -83,7 +83,7 @@ resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022- } resource msiKVCryptoUserRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${keyVault::key.id}-${location}-${managedIdentity.id}-KeyVault-Key-Read-RoleAssignment') + name: guid(keyVault::key.id, 'Key Vault Crypto User', managedIdentity.id) scope: keyVault::key properties: { principalId: managedIdentity.properties.principalId From 8d493a3be64d42c3754e435d52d89831f29be3db Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Thu, 17 Nov 2022 00:10:16 +0100 Subject: [PATCH 27/34] Update modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- .../virtualMachineScaleSets/.test/linux/dependencies.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep index 382015618c..56bf71ec39 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep @@ -86,7 +86,7 @@ resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022- } resource msiKVCryptoUserRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${keyVault::key.id}-${location}-${managedIdentity.id}-KeyVault-Key-Read-RoleAssignment') + name: guid(keyVault::key.id, 'Key Vault Crypto User', managedIdentity.id) scope: keyVault::key properties: { principalId: managedIdentity.properties.principalId From 252fbf26bce310c9067cdd87a43ba7e431e80e87 Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Thu, 17 Nov 2022 12:08:09 +0100 Subject: [PATCH 28/34] Updated further AZPS versions --- .../.test/linux.min/dependencies.bicep | 2 +- .../virtualMachineScaleSets/.test/linux/dependencies.bicep | 4 ++-- .../virtualMachineScaleSets/.test/windows/dependencies.bicep | 2 +- .../virtualMachines/.test/linux.atmg/dependencies.bicep | 2 +- .../virtualMachines/.test/linux.min/dependencies.bicep | 2 +- .../virtualMachines/.test/linux/dependencies.bicep | 4 ++-- .../virtualMachines/.test/windows/dependencies.bicep | 2 +- 7 files changed, 9 insertions(+), 9 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep index 48905c5fa3..093618c9ec 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -59,7 +59,7 @@ resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' } } properties: { - azPowerShellVersion: '9.1' + azPowerShellVersion: '9.0' retentionInterval: 'P1D' arguments: '-SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' scriptContent: loadTextContent('../.scripts/New-SSHKey.ps1') diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep index 56bf71ec39..b98384494b 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep @@ -123,7 +123,7 @@ resource storageUpload 'Microsoft.Resources/deploymentScripts@2020-10-01' = { } } properties: { - azPowerShellVersion: '3.0' + azPowerShellVersion: '9.0' retentionInterval: 'P1D' arguments: '-StorageAccountName "${storageAccount.name}" -ResourceGroupName "${resourceGroup().name}" -ContainerName "${storageAccount::blobService::container.name}" -FileName "${storageAccountCSEFileName}"' scriptContent: loadTextContent('../.scripts/Set-BlobContent.ps1') @@ -144,7 +144,7 @@ resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' } } properties: { - azPowerShellVersion: '9.1' + azPowerShellVersion: '9.0' retentionInterval: 'P1D' arguments: '-SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' scriptContent: loadTextContent('../.scripts/New-SSHKey.ps1') diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep index f112699972..7e55210407 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/windows/dependencies.bicep @@ -120,7 +120,7 @@ resource storageUpload 'Microsoft.Resources/deploymentScripts@2020-10-01' = { } } properties: { - azPowerShellVersion: '3.0' + azPowerShellVersion: '9.0' retentionInterval: 'P1D' arguments: '-StorageAccountName "${storageAccount.name}" -ResourceGroupName "${resourceGroup().name}" -ContainerName "${storageAccount::blobService::container.name}" -FileName "${storageAccountCSEFileName}"' scriptContent: loadTextContent('../.scripts/Set-BlobContent.ps1') diff --git a/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/dependencies.bicep b/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/dependencies.bicep index 26b9a7011e..ce6a1db2aa 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/dependencies.bicep @@ -59,7 +59,7 @@ resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' } } properties: { - azPowerShellVersion: '9.1' + azPowerShellVersion: '9.0' retentionInterval: 'P1D' arguments: ' -SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' scriptContent: loadTextContent('../.scripts/New-SSHKey.ps1') diff --git a/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep index 91ac8eb9b0..06d7f03da4 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep @@ -59,7 +59,7 @@ resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' } } properties: { - azPowerShellVersion: '9.1' + azPowerShellVersion: '9.0' retentionInterval: 'P1D' arguments: '-SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' scriptContent: loadTextContent('../.scripts/New-SSHKey.ps1') diff --git a/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep index 8ee90bbb18..dd5381f787 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep @@ -254,7 +254,7 @@ resource storageUpload 'Microsoft.Resources/deploymentScripts@2020-10-01' = { } } properties: { - azPowerShellVersion: '3.0' + azPowerShellVersion: '9.0' retentionInterval: 'P1D' arguments: '-StorageAccountName "${storageAccount.name}" -ResourceGroupName "${resourceGroup().name}" -ContainerName "${storageAccount::blobService::container.name}" -FileName "${storageAccountCSEFileName}"' scriptContent: loadTextContent('../.scripts/Set-BlobContent.ps1') @@ -275,7 +275,7 @@ resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' } } properties: { - azPowerShellVersion: '9.1' + azPowerShellVersion: '9.0' retentionInterval: 'P1D' arguments: '-SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"' scriptContent: loadTextContent('../.scripts/New-SSHKey.ps1') diff --git a/modules/Microsoft.Compute/virtualMachines/.test/windows/dependencies.bicep b/modules/Microsoft.Compute/virtualMachines/.test/windows/dependencies.bicep index f7e05f4d64..59a74bcbf1 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/windows/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/windows/dependencies.bicep @@ -251,7 +251,7 @@ resource storageUpload 'Microsoft.Resources/deploymentScripts@2020-10-01' = { } } properties: { - azPowerShellVersion: '9.1' + azPowerShellVersion: '9.0' retentionInterval: 'P1D' arguments: '-StorageAccountName "${storageAccount.name}" -ResourceGroupName "${resourceGroup().name}" -ContainerName "${storageAccount::blobService::container.name}" -FileName "${storageAccountCSEFileName}"' scriptContent: loadTextContent('../.scripts/Set-BlobContent.ps1') From ed2a32387f72779485e9527da45d0f7ae3b82648 Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Thu, 17 Nov 2022 12:14:05 +0100 Subject: [PATCH 29/34] Renamed output --- .../.test/linux.min/dependencies.bicep | 2 +- .../.test/linux.min/deploy.test.bicep | 2 +- .../virtualMachineScaleSets/.test/linux/dependencies.bicep | 5 +---- .../virtualMachineScaleSets/.test/linux/deploy.test.bicep | 2 +- .../virtualMachines/.test/linux.atmg/dependencies.bicep | 7 ++----- .../virtualMachines/.test/linux.atmg/deploy.test.bicep | 2 +- .../virtualMachines/.test/linux.min/dependencies.bicep | 5 +---- .../virtualMachines/.test/linux.min/deploy.test.bicep | 2 +- .../virtualMachines/.test/linux/dependencies.bicep | 5 +---- .../virtualMachines/.test/linux/deploy.test.bicep | 7 +------ 10 files changed, 11 insertions(+), 28 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep index 093618c9ec..76a7fc75fc 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -87,4 +87,4 @@ output managedIdentityPrincipalId string = managedIdentity.properties.principalI output SSHKeyResourceID string = sshKey.id @description('The Public Key of the created SSH Key.') -output SSHKey string = sshKey.properties.publicKey +output SSHKeyPublicKey string = sshKey.properties.publicKey diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep index 21294392a8..e4ad415b97 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep @@ -78,7 +78,7 @@ module testDeployment '../../deploy.bicep' = { ] publicKeys: [ { - keyData: resourceGroupResources.outputs.SSHKey + keyData: resourceGroupResources.outputs.SSHKeyPublicKey path: '/home/scaleSetAdmin/.ssh/authorized_keys' } ] diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep index b98384494b..dc4e1fa522 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/dependencies.bicep @@ -189,8 +189,5 @@ output storageAccountResourceId string = storageAccount.id @description('The URL of the Custom Script Extension in the created Storage Account') output storageAccountCSEFileUrl string = '${storageAccount.properties.primaryEndpoints.blob}${storageContainerName}/${storageAccountCSEFileName}' -@description('The resource ID of the created SSH Key') -output SSHKeyResourceID string = sshKey.id - @description('The Public Key of the created SSH Key') -output SSHKey string = sshKey.properties.publicKey +output SSHKeyPublicKey string = sshKey.properties.publicKey diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep index a52b06c357..8ed97f6e59 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux/deploy.test.bicep @@ -158,7 +158,7 @@ module testDeployment '../../deploy.bicep' = { ] publicKeys: [ { - keyData: resourceGroupResources.outputs.SSHKey + keyData: resourceGroupResources.outputs.SSHKeyPublicKey path: '/home/scaleSetAdmin/.ssh/authorized_keys' } ] diff --git a/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/dependencies.bicep b/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/dependencies.bicep index ce6a1db2aa..8d843a4e6a 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/dependencies.bicep @@ -39,7 +39,7 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- } resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid('msi-${resourceGroup().id}-${location}-${managedIdentity.id}-ResourceGroup-Reader-RoleAssignment') + name: guid(resourceGroup().id, 'Contributor', managedIdentity.id) scope: resourceGroup() properties: { principalId: managedIdentity.properties.principalId @@ -80,8 +80,5 @@ resource sshKey 'Microsoft.Compute/sshPublicKeys@2022-03-01' = { @description('The resource ID of the created Virtual Network Subnet') output subnetResourceId string = virtualNetwork.properties.subnets[0].id -@description('The resource ID of the created SSH Key') -output SSHKeyResourceID string = sshKey.id - @description('The Public Key of the created SSH Key') -output SSHKey string = sshKey.properties.publicKey +output SSHKeyPublicKey string = sshKey.properties.publicKey diff --git a/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/deploy.test.bicep index c95de415ed..ef103ae589 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/linux.atmg/deploy.test.bicep @@ -84,7 +84,7 @@ module testDeployment '../../deploy.bicep' = { disablePasswordAuthentication: true publicKeys: [ { - keyData: resourceGroupResources.outputs.SSHKey + keyData: resourceGroupResources.outputs.SSHKeyPublicKey path: '/home/localAdminUser/.ssh/authorized_keys' } ] diff --git a/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep index 06d7f03da4..c182f8f2e1 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/linux.min/dependencies.bicep @@ -80,8 +80,5 @@ resource sshKey 'Microsoft.Compute/sshPublicKeys@2022-03-01' = { @description('The resource ID of the created Virtual Network Subnet') output subnetResourceId string = virtualNetwork.properties.subnets[0].id -@description('The resource ID of the created SSH Key') -output SSHKeyResourceID string = sshKey.id - @description('The Public Key of the created SSH Key') -output SSHKey string = sshKey.properties.publicKey +output SSHKeyPublicKey string = sshKey.properties.publicKey diff --git a/modules/Microsoft.Compute/virtualMachines/.test/linux.min/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachines/.test/linux.min/deploy.test.bicep index f6eb2b0581..a518ab2b5c 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/linux.min/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/linux.min/deploy.test.bicep @@ -83,7 +83,7 @@ module testDeployment '../../deploy.bicep' = { disablePasswordAuthentication: true publicKeys: [ { - keyData: resourceGroupResources.outputs.SSHKey + keyData: resourceGroupResources.outputs.SSHKeyPublicKey path: '/home/localAdminUser/.ssh/authorized_keys' } ] diff --git a/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep b/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep index dd5381f787..94bb88296b 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/linux/dependencies.bicep @@ -329,8 +329,5 @@ output storageAccountResourceId string = storageAccount.id @description('The URL of the Custom Script Extension in the created Storage Account') output storageAccountCSEFileUrl string = '${storageAccount.properties.primaryEndpoints.blob}${storageContainerName}/${storageAccountCSEFileName}' -@description('The resource ID of the created SSH Key') -output SSHKeyResourceID string = sshKey.id - @description('The Public Key of the created SSH Key') -output SSHKey string = sshKey.properties.publicKey +output SSHKeyPublicKey string = sshKey.properties.publicKey diff --git a/modules/Microsoft.Compute/virtualMachines/.test/linux/deploy.test.bicep b/modules/Microsoft.Compute/virtualMachines/.test/linux/deploy.test.bicep index f990ab5eea..a7d0f48562 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/linux/deploy.test.bicep +++ b/modules/Microsoft.Compute/virtualMachines/.test/linux/deploy.test.bicep @@ -60,11 +60,6 @@ module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnost // Test Execution // // ============== // -// resource sshKey 'Microsoft.Compute/sshPublicKeys@2022-03-01' existing = { -// name: sshKeyName -// scope: resourceGroup -// } - module testDeployment '../../deploy.bicep' = { scope: resourceGroup name: '${uniqueString(deployment().name)}-test-${serviceShort}' @@ -202,7 +197,7 @@ module testDeployment '../../deploy.bicep' = { monitoringWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId publicKeys: [ { - keyData: resourceGroupResources.outputs.SSHKey + keyData: resourceGroupResources.outputs.SSHKeyPublicKey path: '/home/localAdminUser/.ssh/authorized_keys' } ] From d669546ae6c35ff21847fc48330969d4063c8e14 Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Thu, 17 Nov 2022 12:14:52 +0100 Subject: [PATCH 30/34] Removed output --- .../virtualMachineScaleSets/.test/linux.min/dependencies.bicep | 3 --- 1 file changed, 3 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep index 76a7fc75fc..2756cd770c 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -80,9 +80,6 @@ resource sshKey 'Microsoft.Compute/sshPublicKeys@2022-03-01' = { @description('The resource ID of the created Virtual Network Subnet.') output subnetResourceId string = virtualNetwork.properties.subnets[0].id -@description('The principal ID of the created Managed Identity.') -output managedIdentityPrincipalId string = managedIdentity.properties.principalId - @description('The resource ID of the created SSH Key.') output SSHKeyResourceID string = sshKey.id From 4e7701d2b4b656d14f87cf8887a61237f744a3e9 Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Thu, 17 Nov 2022 12:15:43 +0100 Subject: [PATCH 31/34] Removed output --- .../virtualMachineScaleSets/.test/linux.min/dependencies.bicep | 3 --- 1 file changed, 3 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep index 2756cd770c..42242725f6 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep @@ -80,8 +80,5 @@ resource sshKey 'Microsoft.Compute/sshPublicKeys@2022-03-01' = { @description('The resource ID of the created Virtual Network Subnet.') output subnetResourceId string = virtualNetwork.properties.subnets[0].id -@description('The resource ID of the created SSH Key.') -output SSHKeyResourceID string = sshKey.id - @description('The Public Key of the created SSH Key.') output SSHKeyPublicKey string = sshKey.properties.publicKey From 1b8045aa2f1c644173efcbcbab72f86575826996 Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Thu, 17 Nov 2022 12:30:23 +0100 Subject: [PATCH 32/34] Regenerated docs --- .../virtualMachineScaleSets/readme.md | 24 ++----- .../virtualMachines/readme.md | 64 +++---------------- 2 files changed, 14 insertions(+), 74 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md index 5633d6c867..09b7562674 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md @@ -988,11 +988,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ipConfigurations: [ { name: 'ipconfig1' - properties: { - subnet: { - id: '' - } - } + properties: 'System.Management.Automation.OrderedHashtable' } ] nicSuffix: '-nic01' @@ -1264,11 +1260,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ipConfigurations: [ { name: 'ipconfig1' - properties: { - subnet: { - id: '' - } - } + properties: 'System.Management.Automation.OrderedHashtable' } ] nicSuffix: '-nic01' @@ -1459,11 +1451,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ipConfigurations: [ { name: 'ipconfig1' - properties: { - subnet: { - id: '' - } - } + properties: 'System.Management.Automation.OrderedHashtable' } ] nicSuffix: '-nic01' @@ -1718,11 +1706,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ipConfigurations: [ { name: 'ipconfig1' - properties: { - subnet: { - id: '' - } - } + properties: 'System.Management.Automation.OrderedHashtable' } ] nicSuffix: '-nic01' diff --git a/modules/Microsoft.Compute/virtualMachines/readme.md b/modules/Microsoft.Compute/virtualMachines/readme.md index 21cd520b3d..f312298937 100644 --- a/modules/Microsoft.Compute/virtualMachines/readme.md +++ b/modules/Microsoft.Compute/virtualMachines/readme.md @@ -1044,37 +1044,17 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { deleteOption: 'Delete' ipConfigurations: [ { - applicationSecurityGroups: [ - { - id: '' - } - ] - loadBalancerBackendAddressPools: [ - { - id: '' - } - ] + applicationSecurityGroups: 'System.Management.Automation.OrderedHashtable' + loadBalancerBackendAddressPools: 'System.Management.Automation.OrderedHashtable' name: 'ipconfig01' - pipConfiguration: { - publicIpNameSuffix: '-pip-01' - roleAssignments: [ - { - principalIds: [ - '' - ] - roleDefinitionIdOrName: 'Reader' - } - ] - } + pipConfiguration: 'System.Management.Automation.OrderedHashtable' subnetResourceId: '' } ] nicSuffix: '-nic-01' roleAssignments: [ { - principalIds: [ - '' - ] + principalIds: '' roleDefinitionIdOrName: 'Reader' } ] @@ -1445,9 +1425,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ipConfigurations: [ { name: 'ipconfig01' - pipConfiguration: { - publicIpNameSuffix: '-pip-01' - } + pipConfiguration: 'System.Management.Automation.OrderedHashtable' subnetResourceId: '' } ] @@ -1582,9 +1560,7 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ipConfigurations: [ { name: 'ipconfig01' - pipConfiguration: { - publicIpNameSuffix: '-pip-01' - } + pipConfiguration: 'System.Management.Automation.OrderedHashtable' subnetResourceId: '' } ] @@ -1715,37 +1691,17 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { deleteOption: 'Delete' ipConfigurations: [ { - applicationSecurityGroups: [ - { - id: '' - } - ] - loadBalancerBackendAddressPools: [ - { - id: '' - } - ] + applicationSecurityGroups: 'System.Management.Automation.OrderedHashtable' + loadBalancerBackendAddressPools: 'System.Management.Automation.OrderedHashtable' name: 'ipconfig01' - pipConfiguration: { - publicIpNameSuffix: '-pip-01' - roleAssignments: [ - { - principalIds: [ - '' - ] - roleDefinitionIdOrName: 'Reader' - } - ] - } + pipConfiguration: 'System.Management.Automation.OrderedHashtable' subnetResourceId: '' } ] nicSuffix: '-nic-01' roleAssignments: [ { - principalIds: [ - '' - ] + principalIds: '' roleDefinitionIdOrName: 'Reader' } ] From 4eef1c9f55658f7f122d00107d86c959572c0db1 Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Thu, 17 Nov 2022 13:59:21 +0100 Subject: [PATCH 33/34] Update to latest --- .../virtualMachineScaleSets/.test/.scripts/New-SSHKey.ps1 | 2 +- .../virtualMachines/.test/.scripts/New-SSHKey.ps1 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/.scripts/New-SSHKey.ps1 b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/.scripts/New-SSHKey.ps1 index 44808c3ae4..d12de1c45b 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/.test/.scripts/New-SSHKey.ps1 +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/.test/.scripts/New-SSHKey.ps1 @@ -15,5 +15,5 @@ if (-not ($sshKey = Get-AzSshKey -ResourceGroupName $ResourceGroupName | Where-O # Write into Deployment Script output stream $DeploymentScriptOutputs = @{ # Requires conversion as the script otherwise returns an object instead of the plain public key string - publicKey = ($publicKey | ConvertTo-Json | ConvertFrom-Json).Value + publicKey = $publicKey | Out-String } diff --git a/modules/Microsoft.Compute/virtualMachines/.test/.scripts/New-SSHKey.ps1 b/modules/Microsoft.Compute/virtualMachines/.test/.scripts/New-SSHKey.ps1 index 44808c3ae4..d12de1c45b 100644 --- a/modules/Microsoft.Compute/virtualMachines/.test/.scripts/New-SSHKey.ps1 +++ b/modules/Microsoft.Compute/virtualMachines/.test/.scripts/New-SSHKey.ps1 @@ -15,5 +15,5 @@ if (-not ($sshKey = Get-AzSshKey -ResourceGroupName $ResourceGroupName | Where-O # Write into Deployment Script output stream $DeploymentScriptOutputs = @{ # Requires conversion as the script otherwise returns an object instead of the plain public key string - publicKey = ($publicKey | ConvertTo-Json | ConvertFrom-Json).Value + publicKey = $publicKey | Out-String } From 6f0fd434d67194ad17bc1ea1de2e9dc2c96e1067 Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Thu, 17 Nov 2022 19:28:32 +0100 Subject: [PATCH 34/34] Regenerated docs --- .../virtualMachineScaleSets/readme.md | 28 ++++++-- .../virtualMachines/readme.md | 64 ++++++++++++++++--- 2 files changed, 76 insertions(+), 16 deletions(-) diff --git a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md index 09b7562674..a8362ae404 100644 --- a/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md +++ b/modules/Microsoft.Compute/virtualMachineScaleSets/readme.md @@ -988,7 +988,11 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ipConfigurations: [ { name: 'ipconfig1' - properties: 'System.Management.Automation.OrderedHashtable' + properties: { + subnet: { + id: '' + } + } } ] nicSuffix: '-nic01' @@ -1260,7 +1264,11 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ipConfigurations: [ { name: 'ipconfig1' - properties: 'System.Management.Automation.OrderedHashtable' + properties: { + subnet: { + id: '' + } + } } ] nicSuffix: '-nic01' @@ -1417,7 +1425,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } ] protectedSettings: { - commandToExecute: 'powershell -ExecutionPolicy Unrestricted -Command \'& ./${resourceGroupResources.outputs.storageAccountCSEFileName}\'' + commandToExecute: '' } } extensionDependencyAgentConfig: { @@ -1451,7 +1459,11 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ipConfigurations: [ { name: 'ipconfig1' - properties: 'System.Management.Automation.OrderedHashtable' + properties: { + subnet: { + id: '' + } + } } ] nicSuffix: '-nic01' @@ -1572,7 +1584,7 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl } ], "protectedSettings": { - "commandToExecute": "powershell -ExecutionPolicy Unrestricted -Command \"& ./${resourceGroupResources.outputs.storageAccountCSEFileName}\"" + "commandToExecute": "" } } }, @@ -1706,7 +1718,11 @@ module virtualMachineScaleSets './Microsoft.Compute/virtualMachineScaleSets/depl ipConfigurations: [ { name: 'ipconfig1' - properties: 'System.Management.Automation.OrderedHashtable' + properties: { + subnet: { + id: '' + } + } } ] nicSuffix: '-nic01' diff --git a/modules/Microsoft.Compute/virtualMachines/readme.md b/modules/Microsoft.Compute/virtualMachines/readme.md index f312298937..21cd520b3d 100644 --- a/modules/Microsoft.Compute/virtualMachines/readme.md +++ b/modules/Microsoft.Compute/virtualMachines/readme.md @@ -1044,17 +1044,37 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { deleteOption: 'Delete' ipConfigurations: [ { - applicationSecurityGroups: 'System.Management.Automation.OrderedHashtable' - loadBalancerBackendAddressPools: 'System.Management.Automation.OrderedHashtable' + applicationSecurityGroups: [ + { + id: '' + } + ] + loadBalancerBackendAddressPools: [ + { + id: '' + } + ] name: 'ipconfig01' - pipConfiguration: 'System.Management.Automation.OrderedHashtable' + pipConfiguration: { + publicIpNameSuffix: '-pip-01' + roleAssignments: [ + { + principalIds: [ + '' + ] + roleDefinitionIdOrName: 'Reader' + } + ] + } subnetResourceId: '' } ] nicSuffix: '-nic-01' roleAssignments: [ { - principalIds: '' + principalIds: [ + '' + ] roleDefinitionIdOrName: 'Reader' } ] @@ -1425,7 +1445,9 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ipConfigurations: [ { name: 'ipconfig01' - pipConfiguration: 'System.Management.Automation.OrderedHashtable' + pipConfiguration: { + publicIpNameSuffix: '-pip-01' + } subnetResourceId: '' } ] @@ -1560,7 +1582,9 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { ipConfigurations: [ { name: 'ipconfig01' - pipConfiguration: 'System.Management.Automation.OrderedHashtable' + pipConfiguration: { + publicIpNameSuffix: '-pip-01' + } subnetResourceId: '' } ] @@ -1691,17 +1715,37 @@ module virtualMachines './Microsoft.Compute/virtualMachines/deploy.bicep' = { deleteOption: 'Delete' ipConfigurations: [ { - applicationSecurityGroups: 'System.Management.Automation.OrderedHashtable' - loadBalancerBackendAddressPools: 'System.Management.Automation.OrderedHashtable' + applicationSecurityGroups: [ + { + id: '' + } + ] + loadBalancerBackendAddressPools: [ + { + id: '' + } + ] name: 'ipconfig01' - pipConfiguration: 'System.Management.Automation.OrderedHashtable' + pipConfiguration: { + publicIpNameSuffix: '-pip-01' + roleAssignments: [ + { + principalIds: [ + '' + ] + roleDefinitionIdOrName: 'Reader' + } + ] + } subnetResourceId: '' } ] nicSuffix: '-nic-01' roleAssignments: [ { - principalIds: '' + principalIds: [ + '' + ] roleDefinitionIdOrName: 'Reader' } ]