diff --git a/.github/workflows/ms.documentdb.databaseaccounts.yml b/.github/workflows/ms.documentdb.databaseaccounts.yml index 1aa0a5d9d6..d64ade8b8a 100644 --- a/.github/workflows/ms.documentdb.databaseaccounts.yml +++ b/.github/workflows/ms.documentdb.databaseaccounts.yml @@ -106,8 +106,7 @@ jobs: - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]' uses: ./.github/actions/templates/validateModuleDeployment with: - templateFilePath: '${{ env.modulePath }}/deploy.bicep' - parameterFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}' + templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}' location: '${{ env.location }}' resourceGroupName: '${{ env.resourceGroupName }}' subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}' diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/.test/gremlindb.parameters.json b/modules/Microsoft.DocumentDB/databaseAccounts/.test/gremlindb.parameters.json deleted file mode 100644 index ec025620b5..0000000000 --- a/modules/Microsoft.DocumentDB/databaseAccounts/.test/gremlindb.parameters.json +++ /dev/null @@ -1,101 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-cdb-gremlindb-001" - }, - "location": { - "value": "West Europe" - }, - "locations": { - "value": [ - { - "locationName": "West Europe", - "failoverPriority": 0, - "isZoneRedundant": false - }, - { - "locationName": "North Europe", - "failoverPriority": 1, - "isZoneRedundant": false - } - ] - }, - "capabilitiesToAdd": { - "value": [ - "EnableGremlin" - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "gremlinDatabases": { - "value": [ - { - "name": "<>-az-gdb-x-001", - "graphs": [ - { - "name": "car_collection", - "automaticIndexing": true, - "partitionKeyPaths": [ - "/car_id" - ] - }, - { - "name": "truck_collection", - "automaticIndexing": true, - "partitionKeyPaths": [ - "/truck_id" - ] - } - ] - }, - { - "name": "<>-az-gdb-x-002", - "collections": [ - { - "name": "bike_collection", - "automaticIndexing": true, - "partitionKeyPaths": [ - "/bike_id" - ] - }, - { - "name": "bicycle_collection", - "automaticIndexing": true, - "partitionKeyPaths": [ - "/bicycle_id" - ] - } - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "systemAssignedIdentity": { - "value": true - } - } -} diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/.test/gremlindb/dependencies.bicep b/modules/Microsoft.DocumentDB/databaseAccounts/.test/gremlindb/dependencies.bicep new file mode 100644 index 0000000000..7371d4437b --- /dev/null +++ b/modules/Microsoft.DocumentDB/databaseAccounts/.test/gremlindb/dependencies.bicep @@ -0,0 +1,14 @@ +@description('Optional. The location to deploy to.') +param location string = resourceGroup().location + +@description('Required. The name of the Managed Identity to create.') +param managedIdentityName string + +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { + name: managedIdentityName + location: location +} + +@description('The principal ID of the created Managed Identity.') +output managedIdentityPrincipalId string = managedIdentity.properties.principalId + diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/.test/gremlindb/deploy.test.bicep b/modules/Microsoft.DocumentDB/databaseAccounts/.test/gremlindb/deploy.test.bicep new file mode 100644 index 0000000000..9906daef08 --- /dev/null +++ b/modules/Microsoft.DocumentDB/databaseAccounts/.test/gremlindb/deploy.test.bicep @@ -0,0 +1,129 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'ms.documentdb.databaseaccounts-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'dddagrm' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +module resourceGroupResources 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-paramNested' + params: { + managedIdentityName: 'dep-<>-msi-${serviceShort}' + } +} + +// Diagnostics +// =========== +module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnostic.dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-diagnosticDependencies' + params: { + storageAccountName: 'dep<>diasa${serviceShort}01' + logAnalyticsWorkspaceName: 'dep-<>-law-${serviceShort}' + eventHubNamespaceEventHubName: 'dep-<>-evh-${serviceShort}' + eventHubNamespaceName: 'dep-<>-evhns-${serviceShort}' + location: location + } +} + +// ============== // +// Test Execution // +// ============== // + +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + name: '<>${serviceShort}002' + locations: [ + { + failoverPriority: 0 + isZoneRedundant: false + locationName: 'West Europe' + } + { + failoverPriority: 1 + isZoneRedundant: false + locationName: 'North Europe' + } + ] + capabilitiesToAdd: [ + 'EnableGremlin' + ] + diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId + diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId + diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId + diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName + diagnosticLogsRetentionInDays: 7 + gremlinDatabases: [ + { + graphs: [ + { + automaticIndexing: true + name: 'car_collection' + partitionKeyPaths: [ + '/car_id' + ] + } + { + automaticIndexing: true + name: 'truck_collection' + partitionKeyPaths: [ + '/truck_id' + ] + } + ] + name: '<>-gdb-${serviceShort}-001' + } + { + collections: [ + { + automaticIndexing: true + name: 'bike_collection' + partitionKeyPaths: [ + '/bike_id' + ] + } + { + automaticIndexing: true + name: 'bicycle_collection' + partitionKeyPaths: [ + '/bicycle_id' + ] + } + ] + name: '<>-gdb-${serviceShort}-002' + } + ] + location: location + roleAssignments: [ + { + principalIds: [ + resourceGroupResources.outputs.managedIdentityPrincipalId + ] + roleDefinitionIdOrName: 'Reader' + } + ] + systemAssignedIdentity: true + } +} diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/.test/mongodb.parameters.json b/modules/Microsoft.DocumentDB/databaseAccounts/.test/mongodb.parameters.json deleted file mode 100644 index c9c6465b30..0000000000 --- a/modules/Microsoft.DocumentDB/databaseAccounts/.test/mongodb.parameters.json +++ /dev/null @@ -1,240 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-cdb-mongodb-001" - }, - "location": { - "value": "West Europe" - }, - "locations": { - "value": [ - { - "locationName": "West Europe", - "failoverPriority": 0, - "isZoneRedundant": false - }, - { - "locationName": "North Europe", - "failoverPriority": 1, - "isZoneRedundant": false - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "mongodbDatabases": { - "value": [ - { - "name": "<>-az-mdb-x-001", - "collections": [ - { - "name": "car_collection", - "indexes": [ - { - "key": { - "keys": [ - "_id" - ] - } - }, - { - "key": { - "keys": [ - "$**" - ] - } - }, - { - "key": { - "keys": [ - "car_id", - "car_model" - ] - }, - "options": { - "unique": true - } - }, - { - "key": { - "keys": [ - "_ts" - ] - }, - "options": { - "expireAfterSeconds": 2629746 - } - } - ], - "shardKey": { - "car_id": "Hash" - } - }, - { - "name": "truck_collection", - "indexes": [ - { - "key": { - "keys": [ - "_id" - ] - } - }, - { - "key": { - "keys": [ - "$**" - ] - } - }, - { - "key": { - "keys": [ - "truck_id", - "truck_model" - ] - }, - "options": { - "unique": true - } - }, - { - "key": { - "keys": [ - "_ts" - ] - }, - "options": { - "expireAfterSeconds": 2629746 - } - } - ], - "shardKey": { - "truck_id": "Hash" - } - } - ] - }, - { - "name": "<>-az-mdb-x-002", - "collections": [ - { - "name": "bike_collection", - "indexes": [ - { - "key": { - "keys": [ - "_id" - ] - } - }, - { - "key": { - "keys": [ - "$**" - ] - } - }, - { - "key": { - "keys": [ - "bike_id", - "bike_model" - ] - }, - "options": { - "unique": true - } - }, - { - "key": { - "keys": [ - "_ts" - ] - }, - "options": { - "expireAfterSeconds": 2629746 - } - } - ], - "shardKey": { - "bike_id": "Hash" - } - }, - { - "name": "bicycle_collection", - "indexes": [ - { - "key": { - "keys": [ - "_id" - ] - } - }, - { - "key": { - "keys": [ - "$**" - ] - } - }, - { - "key": { - "keys": [ - "bicycle_id", - "bicycle_model" - ] - }, - "options": { - "unique": true - } - }, - { - "key": { - "keys": [ - "_ts" - ] - }, - "options": { - "expireAfterSeconds": 2629746 - } - } - ], - "shardKey": { - "bicycle_id": "Hash" - } - } - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "systemAssignedIdentity": { - "value": true - } - } -} diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/.test/mongodb/dependencies.bicep b/modules/Microsoft.DocumentDB/databaseAccounts/.test/mongodb/dependencies.bicep new file mode 100644 index 0000000000..7371d4437b --- /dev/null +++ b/modules/Microsoft.DocumentDB/databaseAccounts/.test/mongodb/dependencies.bicep @@ -0,0 +1,14 @@ +@description('Optional. The location to deploy to.') +param location string = resourceGroup().location + +@description('Required. The name of the Managed Identity to create.') +param managedIdentityName string + +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { + name: managedIdentityName + location: location +} + +@description('The principal ID of the created Managed Identity.') +output managedIdentityPrincipalId string = managedIdentity.properties.principalId + diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/.test/mongodb/deploy.test.bicep b/modules/Microsoft.DocumentDB/databaseAccounts/.test/mongodb/deploy.test.bicep new file mode 100644 index 0000000000..0e421431ca --- /dev/null +++ b/modules/Microsoft.DocumentDB/databaseAccounts/.test/mongodb/deploy.test.bicep @@ -0,0 +1,270 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'ms.documentdb.databaseaccounts-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'dddamng' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +module resourceGroupResources 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-paramNested' + params: { + managedIdentityName: 'dep-<>-msi-${serviceShort}' + } +} + +// Diagnostics +// =========== +module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnostic.dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-diagnosticDependencies' + params: { + storageAccountName: 'dep<>diasa${serviceShort}01' + logAnalyticsWorkspaceName: 'dep-<>-law-${serviceShort}' + eventHubNamespaceEventHubName: 'dep-<>-evh-${serviceShort}' + eventHubNamespaceName: 'dep-<>-evhns-${serviceShort}' + location: location + } +} + +// ============== // +// Test Execution // +// ============== // + +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + name: '<>${serviceShort}001' + locations: [ + { + failoverPriority: 0 + isZoneRedundant: false + locationName: 'West Europe' + } + { + failoverPriority: 1 + isZoneRedundant: false + locationName: 'North Europe' + } + ] + diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId + diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId + diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId + diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName + diagnosticLogsRetentionInDays: 7 + location: location + mongodbDatabases: [ + { + collections: [ + { + indexes: [ + { + key: { + keys: [ + '_id' + ] + } + } + { + key: { + keys: [ + '$**' + ] + } + } + { + key: { + keys: [ + 'car_id' + 'car_model' + ] + } + options: { + unique: true + } + } + { + key: { + keys: [ + '_ts' + ] + } + options: { + expireAfterSeconds: 2629746 + } + } + ] + name: 'car_collection' + shardKey: { + car_id: 'Hash' + } + } + { + indexes: [ + { + key: { + keys: [ + '_id' + ] + } + } + { + key: { + keys: [ + '$**' + ] + } + } + { + key: { + keys: [ + 'truck_id' + 'truck_model' + ] + } + options: { + unique: true + } + } + { + key: { + keys: [ + '_ts' + ] + } + options: { + expireAfterSeconds: 2629746 + } + } + ] + name: 'truck_collection' + shardKey: { + truck_id: 'Hash' + } + } + ] + name: '<>-mdb-${serviceShort}-001' + } + { + collections: [ + { + indexes: [ + { + key: { + keys: [ + '_id' + ] + } + } + { + key: { + keys: [ + '$**' + ] + } + } + { + key: { + keys: [ + 'bike_id' + 'bike_model' + ] + } + options: { + unique: true + } + } + { + key: { + keys: [ + '_ts' + ] + } + options: { + expireAfterSeconds: 2629746 + } + } + ] + name: 'bike_collection' + shardKey: { + bike_id: 'Hash' + } + } + { + indexes: [ + { + key: { + keys: [ + '_id' + ] + } + } + { + key: { + keys: [ + '$**' + ] + } + } + { + key: { + keys: [ + 'bicycle_id' + 'bicycle_model' + ] + } + options: { + unique: true + } + } + { + key: { + keys: [ + '_ts' + ] + } + options: { + expireAfterSeconds: 2629746 + } + } + ] + name: 'bicycle_collection' + shardKey: { + bicycle_id: 'Hash' + } + } + ] + name: '<>-mdb-${serviceShort}-002' + } + ] + roleAssignments: [ + { + principalIds: [ + resourceGroupResources.outputs.managedIdentityPrincipalId + ] + roleDefinitionIdOrName: 'Reader' + } + ] + systemAssignedIdentity: true + } +} diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/.test/plain.parameters.json b/modules/Microsoft.DocumentDB/databaseAccounts/.test/plain.parameters.json deleted file mode 100644 index 564968cf20..0000000000 --- a/modules/Microsoft.DocumentDB/databaseAccounts/.test/plain.parameters.json +++ /dev/null @@ -1,51 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-cdb-plain-001" - }, - "lock": { - "value": "CanNotDelete" - }, - "locations": { - "value": [ - { - "locationName": "West Europe", - "failoverPriority": 0, - "isZoneRedundant": false - }, - { - "locationName": "North Europe", - "failoverPriority": 1, - "isZoneRedundant": false - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - } - } -} diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/.test/plain/dependencies.bicep b/modules/Microsoft.DocumentDB/databaseAccounts/.test/plain/dependencies.bicep new file mode 100644 index 0000000000..7371d4437b --- /dev/null +++ b/modules/Microsoft.DocumentDB/databaseAccounts/.test/plain/dependencies.bicep @@ -0,0 +1,14 @@ +@description('Optional. The location to deploy to.') +param location string = resourceGroup().location + +@description('Required. The name of the Managed Identity to create.') +param managedIdentityName string + +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { + name: managedIdentityName + location: location +} + +@description('The principal ID of the created Managed Identity.') +output managedIdentityPrincipalId string = managedIdentity.properties.principalId + diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/.test/plain/deploy.test.bicep b/modules/Microsoft.DocumentDB/databaseAccounts/.test/plain/deploy.test.bicep new file mode 100644 index 0000000000..6232658a32 --- /dev/null +++ b/modules/Microsoft.DocumentDB/databaseAccounts/.test/plain/deploy.test.bicep @@ -0,0 +1,85 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'ms.documentdb.databaseaccounts-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'dddapln' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +module resourceGroupResources 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-paramNested' + params: { + managedIdentityName: 'dep-<>-msi-${serviceShort}' + } +} + +// Diagnostics +// =========== +module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnostic.dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-diagnosticDependencies' + params: { + storageAccountName: 'dep<>diasa${serviceShort}01' + logAnalyticsWorkspaceName: 'dep-<>-law-${serviceShort}' + eventHubNamespaceEventHubName: 'dep-<>-evh-${serviceShort}' + eventHubNamespaceName: 'dep-<>-evhns-${serviceShort}' + location: location + } +} + +// ============== // +// Test Execution // +// ============== // + +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + name: '<>${serviceShort}001' + locations: [ + { + failoverPriority: 0 + isZoneRedundant: false + locationName: 'West Europe' + } + { + failoverPriority: 1 + isZoneRedundant: false + locationName: 'North Europe' + } + ] + diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId + diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId + diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId + diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName + diagnosticLogsRetentionInDays: 7 + lock: 'CanNotDelete' + roleAssignments: [ + { + principalIds: [ + resourceGroupResources.outputs.managedIdentityPrincipalId + ] + roleDefinitionIdOrName: 'Reader' + } + ] + } +} diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/.test/sqldb.parameters.json b/modules/Microsoft.DocumentDB/databaseAccounts/.test/sqldb.parameters.json deleted file mode 100644 index 11f83861d1..0000000000 --- a/modules/Microsoft.DocumentDB/databaseAccounts/.test/sqldb.parameters.json +++ /dev/null @@ -1,76 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-cdb-sqldb-001" - }, - "location": { - "value": "West Europe" - }, - "locations": { - "value": [ - { - "locationName": "West Europe", - "failoverPriority": 0, - "isZoneRedundant": false - }, - { - "locationName": "North Europe", - "failoverPriority": 1, - "isZoneRedundant": false - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - }, - "sqlDatabases": { - "value": [ - { - "name": "<>-az-sql-x-001", - "containers": [ - { - "name": "container-001", - "paths": [ - "/myPartitionKey" - ], - "kind": "Hash" - } - ] - }, - { - "name": "<>-az-sql-x-002", - "containers": [] - } - ] - }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, - "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" - }, - "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - }, - "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" - }, - "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" - }, - "userAssignedIdentities": { - "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} - } - } - } -} diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/.test/sqldb/dependencies.bicep b/modules/Microsoft.DocumentDB/databaseAccounts/.test/sqldb/dependencies.bicep new file mode 100644 index 0000000000..0f0755a6f4 --- /dev/null +++ b/modules/Microsoft.DocumentDB/databaseAccounts/.test/sqldb/dependencies.bicep @@ -0,0 +1,16 @@ +@description('Optional. The location to deploy to.') +param location string = resourceGroup().location + +@description('Required. The name of the Managed Identity to create.') +param managedIdentityName string + +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { + name: managedIdentityName + location: location +} + +@description('The principal ID of the created Managed Identity.') +output managedIdentityPrincipalId string = managedIdentity.properties.principalId + +@description('The resource ID of the created Managed Identity.') +output managedIdentityResourceId string = managedIdentity.id diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/.test/sqldb/deploy.test.bicep b/modules/Microsoft.DocumentDB/databaseAccounts/.test/sqldb/deploy.test.bicep new file mode 100644 index 0000000000..ba969485eb --- /dev/null +++ b/modules/Microsoft.DocumentDB/databaseAccounts/.test/sqldb/deploy.test.bicep @@ -0,0 +1,106 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for testing purposes.') +@maxLength(90) +param resourceGroupName string = 'ms.documentdb.databaseaccounts-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to.') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') +param serviceShort string = 'dddasql' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +module resourceGroupResources 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-paramNested' + params: { + managedIdentityName: 'dep-<>-msi-${serviceShort}' + } +} + +// Diagnostics +// =========== +module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnostic.dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-diagnosticDependencies' + params: { + storageAccountName: 'dep<>diasa${serviceShort}01' + logAnalyticsWorkspaceName: 'dep-<>-law-${serviceShort}' + eventHubNamespaceEventHubName: 'dep-<>-evh-${serviceShort}' + eventHubNamespaceName: 'dep-<>-evhns-${serviceShort}' + location: location + } +} + +// ============== // +// Test Execution // +// ============== // + +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + name: '<>${serviceShort}001' + locations: [ + { + failoverPriority: 0 + isZoneRedundant: false + locationName: 'West Europe' + } + { + failoverPriority: 1 + isZoneRedundant: false + locationName: 'North Europe' + } + ] + diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId + diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId + diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId + diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName + diagnosticLogsRetentionInDays: 7 + location: location + roleAssignments: [ + { + principalIds: [ + resourceGroupResources.outputs.managedIdentityPrincipalId + ] + roleDefinitionIdOrName: 'Reader' + } + ] + sqlDatabases: [ + { + containers: [ + { + kind: 'Hash' + name: 'container-001' + paths: [ + '/myPartitionKey' + ] + } + ] + name: '<>-sql-${serviceShort}-001' + } + { + containers: [] + name: '<>-sql-${serviceShort}-002' + } + ] + userAssignedIdentities: { + '${resourceGroupResources.outputs.managedIdentityResourceId}': {} + } + } +} diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md index d398cc6162..4948be56e8 100644 --- a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md +++ b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md @@ -552,7 +552,7 @@ The following module usage examples are retrieved from the content of the files ```bicep module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-DatabaseAccounts' + name: '${uniqueString(deployment().name)}-test-dddagrm' params: { // Required parameters locations: [ @@ -567,16 +567,16 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = locationName: 'North Europe' } ] - name: '<>-az-cdb-gremlindb-001' + name: '<>dddagrm002' // Non-required parameters capabilitiesToAdd: [ 'EnableGremlin' ] - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticEventHubAuthorizationRuleId: '' + diagnosticEventHubName: '' diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticStorageAccountId: '' + diagnosticWorkspaceId: '' gremlinDatabases: [ { graphs: [ @@ -595,7 +595,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ] } ] - name: '<>-az-gdb-x-001' + name: '<>-gdb-dddagrm-001' } { collections: [ @@ -614,14 +614,14 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ] } ] - name: '<>-az-gdb-x-002' + name: '<>-gdb-dddagrm-002' } ] - location: 'West Europe' + location: '' roleAssignments: [ { principalIds: [ - '<>' + '' ] roleDefinitionIdOrName: 'Reader' } @@ -659,7 +659,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ] }, "name": { - "value": "<>-az-cdb-gremlindb-001" + "value": "<>dddagrm002" }, // Non-required parameters "capabilitiesToAdd": { @@ -668,19 +668,19 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ] }, "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + "value": "" }, "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "value": "" }, "diagnosticLogsRetentionInDays": { "value": 7 }, "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + "value": "" }, "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + "value": "" }, "gremlinDatabases": { "value": [ @@ -701,7 +701,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ] } ], - "name": "<>-az-gdb-x-001" + "name": "<>-gdb-dddagrm-001" }, { "collections": [ @@ -720,18 +720,18 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ] } ], - "name": "<>-az-gdb-x-002" + "name": "<>-gdb-dddagrm-002" } ] }, "location": { - "value": "West Europe" + "value": "" }, "roleAssignments": { "value": [ { "principalIds": [ - "<>" + "" ], "roleDefinitionIdOrName": "Reader" } @@ -755,7 +755,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ```bicep module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-DatabaseAccounts' + name: '${uniqueString(deployment().name)}-test-dddamng' params: { // Required parameters locations: [ @@ -770,14 +770,14 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = locationName: 'North Europe' } ] - name: '<>-az-cdb-mongodb-001' + name: '<>dddamng001' // Non-required parameters - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticEventHubAuthorizationRuleId: '' + diagnosticEventHubName: '' diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - location: 'West Europe' + diagnosticStorageAccountId: '' + diagnosticWorkspaceId: '' + location: '' mongodbDatabases: [ { collections: [ @@ -868,7 +868,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } } ] - name: '<>-az-mdb-x-001' + name: '<>-mdb-dddamng-001' } { collections: [ @@ -959,13 +959,13 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } } ] - name: '<>-az-mdb-x-002' + name: '<>-mdb-dddamng-002' } ] roleAssignments: [ { principalIds: [ - '<>' + '' ] roleDefinitionIdOrName: 'Reader' } @@ -1003,26 +1003,26 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ] }, "name": { - "value": "<>-az-cdb-mongodb-001" + "value": "<>dddamng001" }, // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + "value": "" }, "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "value": "" }, "diagnosticLogsRetentionInDays": { "value": 7 }, "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + "value": "" }, "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + "value": "" }, "location": { - "value": "West Europe" + "value": "" }, "mongodbDatabases": { "value": [ @@ -1115,7 +1115,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } } ], - "name": "<>-az-mdb-x-001" + "name": "<>-mdb-dddamng-001" }, { "collections": [ @@ -1206,7 +1206,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = } } ], - "name": "<>-az-mdb-x-002" + "name": "<>-mdb-dddamng-002" } ] }, @@ -1214,7 +1214,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = "value": [ { "principalIds": [ - "<>" + "" ], "roleDefinitionIdOrName": "Reader" } @@ -1238,7 +1238,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ```bicep module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-DatabaseAccounts' + name: '${uniqueString(deployment().name)}-test-dddapln' params: { // Required parameters locations: [ @@ -1253,18 +1253,18 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = locationName: 'North Europe' } ] - name: '<>-az-cdb-plain-001' + name: '<>dddapln001' // Non-required parameters - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticEventHubAuthorizationRuleId: '' + diagnosticEventHubName: '' diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + diagnosticStorageAccountId: '' + diagnosticWorkspaceId: '' lock: 'CanNotDelete' roleAssignments: [ { principalIds: [ - '<>' + '' ] roleDefinitionIdOrName: 'Reader' } @@ -1301,23 +1301,23 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ] }, "name": { - "value": "<>-az-cdb-plain-001" + "value": "<>dddapln001" }, // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + "value": "" }, "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "value": "" }, "diagnosticLogsRetentionInDays": { "value": 7 }, "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + "value": "" }, "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + "value": "" }, "lock": { "value": "CanNotDelete" @@ -1326,7 +1326,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = "value": [ { "principalIds": [ - "<>" + "" ], "roleDefinitionIdOrName": "Reader" } @@ -1347,7 +1347,7 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ```bicep module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-DatabaseAccounts' + name: '${uniqueString(deployment().name)}-test-dddasql' params: { // Required parameters locations: [ @@ -1362,18 +1362,18 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = locationName: 'North Europe' } ] - name: '<>-az-cdb-sqldb-001' + name: '<>dddasql001' // Non-required parameters - diagnosticEventHubAuthorizationRuleId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey' - diagnosticEventHubName: 'adp-<>-az-evh-x-001' + diagnosticEventHubAuthorizationRuleId: '' + diagnosticEventHubName: '' diagnosticLogsRetentionInDays: 7 - diagnosticStorageAccountId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - diagnosticWorkspaceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' - location: 'West Europe' + diagnosticStorageAccountId: '' + diagnosticWorkspaceId: '' + location: '' roleAssignments: [ { principalIds: [ - '<>' + '' ] roleDefinitionIdOrName: 'Reader' } @@ -1389,15 +1389,15 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ] } ] - name: '<>-az-sql-x-001' + name: '<>-sql-dddasql-001' } { containers: [] - name: '<>-az-sql-x-002' + name: '<>-sql-dddasql-002' } ] userAssignedIdentities: { - '/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001': {} + '': {} } } } @@ -1431,32 +1431,32 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ] }, "name": { - "value": "<>-az-cdb-sqldb-001" + "value": "<>dddasql001" }, // Non-required parameters "diagnosticEventHubAuthorizationRuleId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey" + "value": "" }, "diagnosticEventHubName": { - "value": "adp-<>-az-evh-x-001" + "value": "" }, "diagnosticLogsRetentionInDays": { "value": 7 }, "diagnosticStorageAccountId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001" + "value": "" }, "diagnosticWorkspaceId": { - "value": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + "value": "" }, "location": { - "value": "West Europe" + "value": "" }, "roleAssignments": { "value": [ { "principalIds": [ - "<>" + "" ], "roleDefinitionIdOrName": "Reader" } @@ -1474,17 +1474,17 @@ module databaseAccounts './Microsoft.DocumentDB/databaseAccounts/deploy.bicep' = ] } ], - "name": "<>-az-sql-x-001" + "name": "<>-sql-dddasql-001" }, { "containers": [], - "name": "<>-az-sql-x-002" + "name": "<>-sql-dddasql-002" } ] }, "userAssignedIdentities": { "value": { - "/subscriptions/<>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<>-az-msi-x-001": {} + "": {} } } }