From d81c7a38eff476d15a795e40025688fa2b1e6a9f Mon Sep 17 00:00:00 2001 From: Rainer Halanek Date: Wed, 28 Sep 2022 10:44:51 +0200 Subject: [PATCH 01/19] initial import --- .../.test/parameters.json | 32 +++ .../deploy.bicep | 56 ++++++ .../readme.md | 184 ++++++++++++++++++ .../version.json | 4 + 4 files changed, 276 insertions(+) create mode 100644 modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/parameters.json create mode 100644 modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/deploy.bicep create mode 100644 modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md create mode 100644 modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/version.json diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/parameters.json b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/parameters.json new file mode 100644 index 0000000000..ed6bbc298a --- /dev/null +++ b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/parameters.json @@ -0,0 +1,32 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-apgwpolicy-x-001" + }, + "policySettings": { + "value": { + "fileUploadLimitInMb": 10, + "state": "Enabled", + "mode": "Prevention" + } + }, + "managedRules": { + "value": { + "managedRuleSets": [ + { + "ruleSetType": "OWASP", + "ruleSetVersion": "3.2", + "ruleGroupOverrides": [] + }, + { + "ruleSetType": "Microsoft_BotManagerRuleSet", + "ruleSetVersion": "0.1", + "ruleGroupOverrides": [] + } + ] + } + } + } +} \ No newline at end of file diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/deploy.bicep b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/deploy.bicep new file mode 100644 index 0000000000..5d07fafa33 --- /dev/null +++ b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/deploy.bicep @@ -0,0 +1,56 @@ +@description('Required. Name of the Application Gateway WAF policy.') +param name string + +@description('Optional. Location for all resources.') +param location string = resourceGroup().location + +@description('Optional. Resource tags.') +param tags object = {} + +@description('Optional. Enable telemetry via the Customer Usage Attribution ID (GUID).') +param enableDefaultTelemetry bool = true + +@description('Optional. Describes the managedRules structure.') +param managedRules object = {} + +@description('Optional. The custom rules inside the policy.') +param customRules array = [] + +@description('Optional. The PolicySettings for policy.') +param policySettings object = {} + + +resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { + name: 'pid-47ed15a6-730a-4827-bcb4-0fd963ffbd82-${uniqueString(deployment().name, location)}' + properties: { + mode: 'Incremental' + template: { + '$schema': 'https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#' + contentVersion: '1.0.0.0' + resources: [] + } + } +} + +resource applicationGatewayWAFPolicy 'Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies@2021-05-01' = { + name: name + location: location + tags: tags + properties: { + managedRules: managedRules + customRules: customRules + policySettings: policySettings + } +} + +@description('The name of the application gateway WAF policy.') +output name string = applicationGatewayWAFPolicy.name + +@description('The resource ID of the application gateway WAF policy.') +output resourceId string = applicationGatewayWAFPolicy.id + +@description('The resource group the application gateway WAF policy was deployed into.') +output resourceGroupName string = resourceGroup().name + +@description('The location the resource was deployed into.') +output location string = applicationGatewayWAFPolicy.location diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md new file mode 100644 index 0000000000..a40a13cb84 --- /dev/null +++ b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md @@ -0,0 +1,184 @@ +# `[Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies]` + +This module deploys . +// TODO: Replace Resource and fill in description + +## Navigation + +- [Resource Types](#Resource-Types) +- [Parameters](#Parameters) +- [Outputs](#Outputs) +- [Cross-referenced modules](#Cross-referenced-modules) +- [Deployment examples](#Deployment-examples) + +## Resource Types + +| Resource Type | API Version | +| :-- | :-- | +| `Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/ApplicationGatewayWebApplicationFirewallPolicies) | + +## Parameters + +**Required parameters** +| Parameter Name | Type | Description | +| :-- | :-- | :-- | +| `name` | string | Name of the Application Gateway WAF policy. | + +**Optional parameters** +| Parameter Name | Type | Default Value | Description | +| :-- | :-- | :-- | :-- | +| `customRules` | array | `[]` | The custom rules inside the policy. | +| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via the Customer Usage Attribution ID (GUID). | +| `location` | string | `[resourceGroup().location]` | Location for all resources. | +| `managedRules` | object | `{object}` | Describes the managedRules structure. | +| `policySettings` | object | `{object}` | The PolicySettings for policy. | +| `tags` | object | `{object}` | Resource tags. | + + +### Parameter Usage: `` + +// TODO: Fill in Parameter usage + +### Parameter Usage: `tags` + +Tag names and tag values can be provided as needed. A tag can be left without a value. + +
+ +Parameter JSON format + +```json +"tags": { + "value": { + "Environment": "Non-Prod", + "Contact": "test.user@testcompany.com", + "PurchaseOrder": "1234", + "CostCenter": "7890", + "ServiceName": "DeploymentValidation", + "Role": "DeploymentValidation" + } +} +``` + +
+ +
+ +Bicep format + +```bicep +tags: { + Environment: 'Non-Prod' + Contact: 'test.user@testcompany.com' + PurchaseOrder: '1234' + CostCenter: '7890' + ServiceName: 'DeploymentValidation' + Role: 'DeploymentValidation' +} +``` + +
+

+ +## Outputs + +| Output Name | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the application gateway WAF policy. | +| `resourceGroupName` | string | The resource group the application gateway WAF policy was deployed into. | +| `resourceId` | string | The resource ID of the application gateway WAF policy. | + +## Cross-referenced modules + +_None_ + +## Deployment examples + +The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. + + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. + +

Example 1: Parameters

+ +
+ +via Bicep module + +```bicep +module applicationGatewayWebApplicationFirewallPolicies './Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-ApplicationGatewayWebApplicationFirewallPolicies' + params: { + // Required parameters + name: '<>-az-apgwpolicy-x-001' + // Non-required parameters + managedRules: { + managedRuleSets: [ + { + ruleGroupOverrides: [] + ruleSetType: 'OWASP' + ruleSetVersion: '3.2' + } + { + ruleGroupOverrides: [] + ruleSetType: 'Microsoft_BotManagerRuleSet' + ruleSetVersion: '0.1' + } + ] + } + policySettings: { + fileUploadLimitInMb: 10 + mode: 'Prevention' + state: 'Enabled' + } + } +} +``` + +
+

+ +

+ +via JSON Parameter file + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + // Required parameters + "name": { + "value": "<>-az-apgwpolicy-x-001" + }, + // Non-required parameters + "managedRules": { + "value": { + "managedRuleSets": [ + { + "ruleGroupOverrides": [], + "ruleSetType": "OWASP", + "ruleSetVersion": "3.2" + }, + { + "ruleGroupOverrides": [], + "ruleSetType": "Microsoft_BotManagerRuleSet", + "ruleSetVersion": "0.1" + } + ] + } + }, + "policySettings": { + "value": { + "fileUploadLimitInMb": 10, + "mode": "Prevention", + "state": "Enabled" + } + } + } +} +``` + +
+

diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/version.json b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/version.json new file mode 100644 index 0000000000..badc0a2285 --- /dev/null +++ b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/version.json @@ -0,0 +1,4 @@ +{ + "$schema": "https://raw.githubusercontent.com/dotnet/Nerdbank.GitVersioning/master/src/NerdBank.GitVersioning/version.schema.json", + "version": "0.5" +} From 2226e7f0d86c8e69fbd88f666830bd6e17cff1c6 Mon Sep 17 00:00:00 2001 From: Rainer Halanek Date: Wed, 28 Sep 2022 11:12:33 +0200 Subject: [PATCH 02/19] add workflow file --- ...nGatewayWebApplicationFirewallPolicies.yml | 147 ++++++++++++++++++ 1 file changed, 147 insertions(+) create mode 100644 .github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml diff --git a/.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml b/.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml new file mode 100644 index 0000000000..e962f36f93 --- /dev/null +++ b/.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml @@ -0,0 +1,147 @@ +name: 'Network: ApplicationGatewayWebApplicationFirewallPolicies' + +on: + workflow_dispatch: + inputs: + removeDeployment: + type: boolean + description: 'Remove deployed module' + required: false + default: true + prerelease: + type: boolean + description: 'Publish prerelease module' + required: false + default: false + push: + branches: + - main + - users/rahalan/AddWafPolicy + paths: + - '.github/actions/templates/**' + - '.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml' + - 'modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/**' + - 'utilities/pipelines/**' + - '!utilities/pipelines/dependencies/**' + - '!*/**/readme.md' + +env: + variablesPath: 'settings.yml' + modulePath: 'modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies' + workflowPath: '.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml' + AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} + ARM_SUBSCRIPTION_ID: '${{ secrets.ARM_SUBSCRIPTION_ID }}' + ARM_MGMTGROUP_ID: '${{ secrets.ARM_MGMTGROUP_ID }}' + ARM_TENANT_ID: '${{ secrets.ARM_TENANT_ID }}' + TOKEN_NAMEPREFIX: '${{ secrets.TOKEN_NAMEPREFIX }}' + +jobs: + ########################### + # Initialize pipeline # + ########################### + job_initialize_pipeline: + runs-on: ubuntu-20.04 + name: 'Initialize pipeline' + steps: + - name: 'Checkout' + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: 'Set input parameters to output variables' + id: get-workflow-param + uses: ./.github/actions/templates/getWorkflowInput + with: + workflowPath: '${{ env.workflowPath}}' + - name: 'Get parameter file paths' + id: get-module-test-file-paths + uses: ./.github/actions/templates/getModuleTestFiles + with: + modulePath: '${{ env.modulePath }}' + outputs: + removeDeployment: ${{ steps.get-workflow-param.outputs.removeDeployment }} + moduleTestFilePaths: ${{ steps.get-module-test-file-paths.outputs.moduleTestFilePaths }} + + ######################### + # Static validation # + ######################### + job_module_pester_validation: + runs-on: ubuntu-20.04 + name: 'Static validation' + steps: + - name: 'Checkout' + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set environment variables + uses: ./.github/actions/templates/setEnvironmentVariables + with: + variablesPath: ${{ env.variablesPath }} + - name: 'Run tests' + uses: ./.github/actions/templates/validateModulePester + with: + modulePath: '${{ env.modulePath }}' + moduleTestFilePath: '${{ env.moduleTestFilePath }}' + + ############################# + # Deployment validation # + ############################# + job_module_deploy_validation: + runs-on: ubuntu-20.04 + name: 'Deployment validation' + needs: + - job_initialize_pipeline + - job_module_pester_validation + strategy: + fail-fast: false + matrix: + moduleTestFilePaths: ${{ fromJSON(needs.job_initialize_pipeline.outputs.moduleTestFilePaths) }} + steps: + - name: 'Checkout' + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set environment variables + uses: ./.github/actions/templates/setEnvironmentVariables + with: + variablesPath: ${{ env.variablesPath }} + - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]' + uses: ./.github/actions/templates/validateModuleDeployment + with: + templateFilePath: '${{ env.modulePath }}/deploy.bicep' + parameterFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}' + location: '${{ env.location }}' + resourceGroupName: '${{ env.resourceGroupName }}' + subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}' + managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}' + removeDeployment: '${{ needs.job_initialize_pipeline.outputs.removeDeployment }}' + + ################## + # Publishing # + ################## + job_publish_module: + name: 'Publishing' + if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master' || github.event.inputs.prerelease == 'true' + runs-on: ubuntu-20.04 + needs: + - job_module_deploy_validation + steps: + - name: 'Checkout' + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set environment variables + uses: ./.github/actions/templates/setEnvironmentVariables + with: + variablesPath: ${{ env.variablesPath }} + - name: 'Publishing' + uses: ./.github/actions/templates/publishModule + with: + templateFilePath: '${{ env.modulePath }}/deploy.bicep' + templateSpecsRGName: '${{ env.templateSpecsRGName }}' + templateSpecsRGLocation: '${{ env.templateSpecsRGLocation }}' + templateSpecsDescription: '${{ env.templateSpecsDescription }}' + templateSpecsDoPublish: '${{ env.templateSpecsDoPublish }}' + bicepRegistryName: '${{ env.bicepRegistryName }}' + bicepRegistryRGName: '${{ env.bicepRegistryRGName }}' + bicepRegistryRgLocation: '${{ env.bicepRegistryRgLocation }}' + bicepRegistryDoPublish: '${{ env.bicepRegistryDoPublish }}' From 276844eefe2981d743bbedbfcd63df7ddc42e49e Mon Sep 17 00:00:00 2001 From: Rainer Halanek Date: Wed, 28 Sep 2022 11:30:39 +0200 Subject: [PATCH 03/19] change to new dependency approach --- .../.test/common/deploy.test.bicep | 60 +++++++++++++++++++ .../.test/parameters.json | 32 ---------- 2 files changed, 60 insertions(+), 32 deletions(-) create mode 100644 modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep delete mode 100644 modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/parameters.json diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep new file mode 100644 index 0000000000..948edbfb33 --- /dev/null +++ b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep @@ -0,0 +1,60 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for testing purposes') +@maxLength(90) +param resourceGroupName string = 'ms.network.applicationGatewayWebApplicationFirewallPolicies-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') +param serviceShort string = 'wafpolicy' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +// ============== // +// Test Execution // +// ============== // + +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + name: '<>${serviceShort}001' + policySettings: { + value: { + fileUploadLimitInMb: 10 + state: 'Enabled' + mode: 'Prevention' + } + } + managedRules: { + value: { + managedRuleSets: [ + { + ruleSetType: 'OWASP' + ruleSetVersion: '3.2' + ruleGroupOverrides: [] + } + { + ruleSetType: 'Microsoft_BotManagerRuleSet' + ruleSetVersion: '0.1' + ruleGroupOverrides: [] + } + ] + } + } + } +} diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/parameters.json b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/parameters.json deleted file mode 100644 index ed6bbc298a..0000000000 --- a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/parameters.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "<>-az-apgwpolicy-x-001" - }, - "policySettings": { - "value": { - "fileUploadLimitInMb": 10, - "state": "Enabled", - "mode": "Prevention" - } - }, - "managedRules": { - "value": { - "managedRuleSets": [ - { - "ruleSetType": "OWASP", - "ruleSetVersion": "3.2", - "ruleGroupOverrides": [] - }, - { - "ruleSetType": "Microsoft_BotManagerRuleSet", - "ruleSetVersion": "0.1", - "ruleGroupOverrides": [] - } - ] - } - } - } -} \ No newline at end of file From 92e2196e132dabaecb3f2a66ce3388f586f4fa29 Mon Sep 17 00:00:00 2001 From: Rainer Halanek Date: Wed, 28 Sep 2022 11:32:42 +0200 Subject: [PATCH 04/19] update workflow file --- ...etwork.applicationGatewayWebApplicationFirewallPolicies.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml b/.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml index e962f36f93..0fe3f95e55 100644 --- a/.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml +++ b/.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml @@ -107,8 +107,7 @@ jobs: - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]' uses: ./.github/actions/templates/validateModuleDeployment with: - templateFilePath: '${{ env.modulePath }}/deploy.bicep' - parameterFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}' + templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}' location: '${{ env.location }}' resourceGroupName: '${{ env.resourceGroupName }}' subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}' From 62e60d6849d192247bb983b0b2acc1a3ada900c4 Mon Sep 17 00:00:00 2001 From: Rainer Halanek Date: Wed, 28 Sep 2022 11:40:14 +0200 Subject: [PATCH 05/19] update API version --- .../deploy.bicep | 3 +-- .../applicationGatewayWebApplicationFirewallPolicies/readme.md | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/deploy.bicep b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/deploy.bicep index 5d07fafa33..8a34607d08 100644 --- a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/deploy.bicep +++ b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/deploy.bicep @@ -19,7 +19,6 @@ param customRules array = [] @description('Optional. The PolicySettings for policy.') param policySettings object = {} - resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { name: 'pid-47ed15a6-730a-4827-bcb4-0fd963ffbd82-${uniqueString(deployment().name, location)}' properties: { @@ -32,7 +31,7 @@ resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (ena } } -resource applicationGatewayWAFPolicy 'Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies@2021-05-01' = { +resource applicationGatewayWAFPolicy 'Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies@2022-01-01' = { name: name location: location tags: tags diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md index a40a13cb84..5f6d15bbca 100644 --- a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md +++ b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md @@ -15,7 +15,7 @@ This module deploys . | Resource Type | API Version | | :-- | :-- | -| `Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies` | [2021-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/ApplicationGatewayWebApplicationFirewallPolicies) | +| `Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies` | [2022-01-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-01-01/ApplicationGatewayWebApplicationFirewallPolicies) | ## Parameters From 97e4e321a142642ef694bc250a001ace2d3e44d6 Mon Sep 17 00:00:00 2001 From: Rainer Halanek Date: Wed, 28 Sep 2022 11:50:47 +0200 Subject: [PATCH 06/19] update readme --- .../readme.md | 78 +++++++++++-------- 1 file changed, 44 insertions(+), 34 deletions(-) diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md index 5f6d15bbca..eb07a005aa 100644 --- a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md +++ b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md @@ -20,11 +20,13 @@ This module deploys . ## Parameters **Required parameters** + | Parameter Name | Type | Description | | :-- | :-- | :-- | | `name` | string | Name of the Application Gateway WAF policy. | **Optional parameters** + | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | | `customRules` | array | `[]` | The custom rules inside the policy. | @@ -100,7 +102,7 @@ The following module usage examples are retrieved from the content of the files >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -

Example 1: Parameters

+

Example 1: Common

@@ -108,29 +110,33 @@ The following module usage examples are retrieved from the content of the files ```bicep module applicationGatewayWebApplicationFirewallPolicies './Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-ApplicationGatewayWebApplicationFirewallPolicies' + name: '${uniqueString(deployment().name)}-test-wafpolicy' params: { // Required parameters - name: '<>-az-apgwpolicy-x-001' + name: '<>wafpolicy001' // Non-required parameters managedRules: { - managedRuleSets: [ - { - ruleGroupOverrides: [] - ruleSetType: 'OWASP' - ruleSetVersion: '3.2' - } - { - ruleGroupOverrides: [] - ruleSetType: 'Microsoft_BotManagerRuleSet' - ruleSetVersion: '0.1' - } - ] + value: { + managedRuleSets: [ + { + ruleGroupOverrides: [] + ruleSetType: 'OWASP' + ruleSetVersion: '3.2' + } + { + ruleGroupOverrides: [] + ruleSetType: 'Microsoft_BotManagerRuleSet' + ruleSetVersion: '0.1' + } + ] + } } policySettings: { - fileUploadLimitInMb: 10 - mode: 'Prevention' - state: 'Enabled' + value: { + fileUploadLimitInMb: 10 + mode: 'Prevention' + state: 'Enabled' + } } } } @@ -150,30 +156,34 @@ module applicationGatewayWebApplicationFirewallPolicies './Microsoft.Network/app "parameters": { // Required parameters "name": { - "value": "<>-az-apgwpolicy-x-001" + "value": "<>wafpolicy001" }, // Non-required parameters "managedRules": { "value": { - "managedRuleSets": [ - { - "ruleGroupOverrides": [], - "ruleSetType": "OWASP", - "ruleSetVersion": "3.2" - }, - { - "ruleGroupOverrides": [], - "ruleSetType": "Microsoft_BotManagerRuleSet", - "ruleSetVersion": "0.1" - } - ] + "value": { + "managedRuleSets": [ + { + "ruleGroupOverrides": [], + "ruleSetType": "OWASP", + "ruleSetVersion": "3.2" + }, + { + "ruleGroupOverrides": [], + "ruleSetType": "Microsoft_BotManagerRuleSet", + "ruleSetVersion": "0.1" + } + ] + } } }, "policySettings": { "value": { - "fileUploadLimitInMb": 10, - "mode": "Prevention", - "state": "Enabled" + "value": { + "fileUploadLimitInMb": 10, + "mode": "Prevention", + "state": "Enabled" + } } } } From c975d6910034fac86627ff7dcc83251c8c4db602 Mon Sep 17 00:00:00 2001 From: Rainer Halanek Date: Wed, 28 Sep 2022 11:53:17 +0200 Subject: [PATCH 07/19] add ADO pipeline --- ...nGatewayWebApplicationFirewallPolicies.yml | 40 +++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 .azuredevops/modulePipelines/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml diff --git a/.azuredevops/modulePipelines/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml b/.azuredevops/modulePipelines/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml new file mode 100644 index 0000000000..3bce6f820b --- /dev/null +++ b/.azuredevops/modulePipelines/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml @@ -0,0 +1,40 @@ +name: 'Network: ApplicationGatewayWebApplicationFirewallPolicies' + +parameters: + - name: removeDeployment + displayName: Remove deployed module + type: boolean + default: true + - name: prerelease + displayName: Publish prerelease module + type: boolean + default: false + +pr: none + +trigger: + batch: true + branches: + include: + - main + paths: + include: + - '/.azuredevops/modulePipelines/ms.network.applicationGatewayWebApplicationFirewallPolicies' + - '/.azuredevops/pipelineTemplates/*.yml' + - '/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/*' + - '/utilities/pipelines/*' + exclude: + - '/utilities/pipelines/dependencies/*' + - '/**/*.md' + +variables: + - template: '../../settings.yml' + - group: 'PLATFORM_VARIABLES' + - name: modulePath + value: '/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies' + +stages: + - template: /.azuredevops/pipelineTemplates/stages.module.yml + parameters: + removeDeployment: '${{ parameters.removeDeployment }}' + prerelease: '${{ parameters.prerelease }}' From a000acce7284e3d33b82d7b2f9468d53c8155e66 Mon Sep 17 00:00:00 2001 From: Rainer Halanek Date: Wed, 28 Sep 2022 11:57:35 +0200 Subject: [PATCH 08/19] trigger workflow --- ....network.applicationGatewayWebApplicationFirewallPolicies.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml b/.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml index 0fe3f95e55..2858ff256e 100644 --- a/.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml +++ b/.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml @@ -17,6 +17,7 @@ on: branches: - main - users/rahalan/AddWafPolicy + - dummy paths: - '.github/actions/templates/**' - '.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml' From 1483a9ee32341734f066e7c54891a432b0634261 Mon Sep 17 00:00:00 2001 From: Rainer Halanek Date: Wed, 28 Sep 2022 12:04:49 +0200 Subject: [PATCH 09/19] rename --- ...rk.applicationgatewaywebapplicationfirewallpolicies1.yml} | 0 ...rk.applicationgatewaywebapplicationfirewallpolicies1.yml} | 5 ++--- 2 files changed, 2 insertions(+), 3 deletions(-) rename .azuredevops/modulePipelines/{ms.network.applicationGatewayWebApplicationFirewallPolicies.yml => ms.network.applicationgatewaywebapplicationfirewallpolicies1.yml} (100%) rename .github/workflows/{ms.network.applicationGatewayWebApplicationFirewallPolicies.yml => ms.network.applicationgatewaywebapplicationfirewallpolicies1.yml} (96%) diff --git a/.azuredevops/modulePipelines/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml b/.azuredevops/modulePipelines/ms.network.applicationgatewaywebapplicationfirewallpolicies1.yml similarity index 100% rename from .azuredevops/modulePipelines/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml rename to .azuredevops/modulePipelines/ms.network.applicationgatewaywebapplicationfirewallpolicies1.yml diff --git a/.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml b/.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies1.yml similarity index 96% rename from .github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml rename to .github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies1.yml index 2858ff256e..754c90613d 100644 --- a/.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml +++ b/.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies1.yml @@ -17,10 +17,9 @@ on: branches: - main - users/rahalan/AddWafPolicy - - dummy paths: - '.github/actions/templates/**' - - '.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml' + - '.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml' - 'modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/**' - 'utilities/pipelines/**' - '!utilities/pipelines/dependencies/**' @@ -29,7 +28,7 @@ on: env: variablesPath: 'settings.yml' modulePath: 'modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies' - workflowPath: '.github/workflows/ms.network.applicationGatewayWebApplicationFirewallPolicies.yml' + workflowPath: '.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml' AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} ARM_SUBSCRIPTION_ID: '${{ secrets.ARM_SUBSCRIPTION_ID }}' ARM_MGMTGROUP_ID: '${{ secrets.ARM_MGMTGROUP_ID }}' From 540b17f6cb5f6fe40900fa082d2bb3c0a67959f9 Mon Sep 17 00:00:00 2001 From: Rainer Halanek Date: Wed, 28 Sep 2022 12:05:34 +0200 Subject: [PATCH 10/19] rename --- ....network.applicationgatewaywebapplicationfirewallpolicies.yml} | 0 ....network.applicationgatewaywebapplicationfirewallpolicies.yml} | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename .azuredevops/modulePipelines/{ms.network.applicationgatewaywebapplicationfirewallpolicies1.yml => ms.network.applicationgatewaywebapplicationfirewallpolicies.yml} (100%) rename .github/workflows/{ms.network.applicationgatewaywebapplicationfirewallpolicies1.yml => ms.network.applicationgatewaywebapplicationfirewallpolicies.yml} (100%) diff --git a/.azuredevops/modulePipelines/ms.network.applicationgatewaywebapplicationfirewallpolicies1.yml b/.azuredevops/modulePipelines/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml similarity index 100% rename from .azuredevops/modulePipelines/ms.network.applicationgatewaywebapplicationfirewallpolicies1.yml rename to .azuredevops/modulePipelines/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml diff --git a/.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies1.yml b/.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml similarity index 100% rename from .github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies1.yml rename to .github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml From 25844ac4278f10debe4690113879800db9c51398 Mon Sep 17 00:00:00 2001 From: Rainer Halanek Date: Wed, 28 Sep 2022 12:12:40 +0200 Subject: [PATCH 11/19] fix test --- .../.test/common/deploy.test.bicep | 34 ++++++++----------- 1 file changed, 15 insertions(+), 19 deletions(-) diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep index 948edbfb33..b0cecd62ae 100644 --- a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep @@ -34,27 +34,23 @@ module testDeployment '../../deploy.bicep' = { params: { name: '<>${serviceShort}001' policySettings: { - value: { - fileUploadLimitInMb: 10 - state: 'Enabled' - mode: 'Prevention' - } + fileUploadLimitInMb: 10 + state: 'Enabled' + mode: 'Prevention' } managedRules: { - value: { - managedRuleSets: [ - { - ruleSetType: 'OWASP' - ruleSetVersion: '3.2' - ruleGroupOverrides: [] - } - { - ruleSetType: 'Microsoft_BotManagerRuleSet' - ruleSetVersion: '0.1' - ruleGroupOverrides: [] - } - ] - } + managedRuleSets: [ + { + ruleSetType: 'OWASP' + ruleSetVersion: '3.2' + ruleGroupOverrides: [] + } + { + ruleSetType: 'Microsoft_BotManagerRuleSet' + ruleSetVersion: '0.1' + ruleGroupOverrides: [] + } + ] } } } From 19e29505965ddd2f084695ecde54041378af6d65 Mon Sep 17 00:00:00 2001 From: Rainer Halanek Date: Wed, 28 Sep 2022 12:43:34 +0200 Subject: [PATCH 12/19] fix readme --- .../readme.md | 68 ++++++++----------- 1 file changed, 30 insertions(+), 38 deletions(-) diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md index eb07a005aa..62bce9700e 100644 --- a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md +++ b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md @@ -116,27 +116,23 @@ module applicationGatewayWebApplicationFirewallPolicies './Microsoft.Network/app name: '<>wafpolicy001' // Non-required parameters managedRules: { - value: { - managedRuleSets: [ - { - ruleGroupOverrides: [] - ruleSetType: 'OWASP' - ruleSetVersion: '3.2' - } - { - ruleGroupOverrides: [] - ruleSetType: 'Microsoft_BotManagerRuleSet' - ruleSetVersion: '0.1' - } - ] - } + managedRuleSets: [ + { + ruleGroupOverrides: [] + ruleSetType: 'OWASP' + ruleSetVersion: '3.2' + } + { + ruleGroupOverrides: [] + ruleSetType: 'Microsoft_BotManagerRuleSet' + ruleSetVersion: '0.1' + } + ] } policySettings: { - value: { - fileUploadLimitInMb: 10 - mode: 'Prevention' - state: 'Enabled' - } + fileUploadLimitInMb: 10 + mode: 'Prevention' + state: 'Enabled' } } } @@ -161,29 +157,25 @@ module applicationGatewayWebApplicationFirewallPolicies './Microsoft.Network/app // Non-required parameters "managedRules": { "value": { - "value": { - "managedRuleSets": [ - { - "ruleGroupOverrides": [], - "ruleSetType": "OWASP", - "ruleSetVersion": "3.2" - }, - { - "ruleGroupOverrides": [], - "ruleSetType": "Microsoft_BotManagerRuleSet", - "ruleSetVersion": "0.1" - } - ] - } + "managedRuleSets": [ + { + "ruleGroupOverrides": [], + "ruleSetType": "OWASP", + "ruleSetVersion": "3.2" + }, + { + "ruleGroupOverrides": [], + "ruleSetType": "Microsoft_BotManagerRuleSet", + "ruleSetVersion": "0.1" + } + ] } }, "policySettings": { "value": { - "value": { - "fileUploadLimitInMb": 10, - "mode": "Prevention", - "state": "Enabled" - } + "fileUploadLimitInMb": 10, + "mode": "Prevention", + "state": "Enabled" } } } From cb8c0c81e10d79e5df0f09f2416ec4702a501592 Mon Sep 17 00:00:00 2001 From: Rainer Halanek Date: Wed, 28 Sep 2022 12:44:07 +0200 Subject: [PATCH 13/19] trigger workflow --- ....network.applicationgatewaywebapplicationfirewallpolicies.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml b/.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml index 754c90613d..1bc1e83ee6 100644 --- a/.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml +++ b/.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml @@ -17,6 +17,7 @@ on: branches: - main - users/rahalan/AddWafPolicy + - dummy paths: - '.github/actions/templates/**' - '.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml' From 43b361549aea60dd2d0a999a954d8b94bbc645c0 Mon Sep 17 00:00:00 2001 From: Rainer Halanek Date: Wed, 28 Sep 2022 12:54:22 +0200 Subject: [PATCH 14/19] fix trigger --- ...network.applicationgatewaywebapplicationfirewallpolicies.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml b/.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml index 1bc1e83ee6..025f704afe 100644 --- a/.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml +++ b/.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml @@ -16,8 +16,6 @@ on: push: branches: - main - - users/rahalan/AddWafPolicy - - dummy paths: - '.github/actions/templates/**' - '.github/workflows/ms.network.applicationgatewaywebapplicationfirewallpolicies.yml' From 81ea07ebff978dc4c00621c173b4201e7d5f0b18 Mon Sep 17 00:00:00 2001 From: Rainer Halanek Date: Wed, 28 Sep 2022 13:19:39 +0200 Subject: [PATCH 15/19] update readme --- .../applicationGatewayWebApplicationFirewallPolicies/readme.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md index 62bce9700e..d6d04cab8e 100644 --- a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md +++ b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/readme.md @@ -1,7 +1,6 @@ # `[Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies]` -This module deploys . -// TODO: Replace Resource and fill in description +This module deploys a WAF policy. ## Navigation From ae1da9a1f111d5288ca4c5fea015e22884c545d6 Mon Sep 17 00:00:00 2001 From: Rainer Halanek <61878316+rahalan@users.noreply.github.com> Date: Wed, 28 Sep 2022 16:46:28 +0200 Subject: [PATCH 16/19] Update modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep Co-authored-by: Alexander Sehr --- .../.test/common/deploy.test.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep index b0cecd62ae..3406ab995b 100644 --- a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep @@ -11,7 +11,7 @@ param resourceGroupName string = 'ms.network.applicationGatewayWebApplicationFir param location string = deployment().location @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') -param serviceShort string = 'wafpolicy' +param serviceShort string = 'nagwafpcom' // =========== // // Deployments // From 55c50f06a8094e66aab7e94be55d063c820fe5ea Mon Sep 17 00:00:00 2001 From: Rainer Halanek <61878316+rahalan@users.noreply.github.com> Date: Wed, 28 Sep 2022 17:03:03 +0200 Subject: [PATCH 17/19] Update modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep Co-authored-by: Alexander Sehr --- .../.test/common/deploy.test.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep index 3406ab995b..5ccd4b8a86 100644 --- a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep @@ -3,7 +3,7 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for testing purposes') +@description('Optional. The name of the resource group to deploy for testing purposes.') @maxLength(90) param resourceGroupName string = 'ms.network.applicationGatewayWebApplicationFirewallPolicies-${serviceShort}-rg' From c844ff7734f2e4e61d69c031a62871fd8ba6c13f Mon Sep 17 00:00:00 2001 From: Rainer Halanek <61878316+rahalan@users.noreply.github.com> Date: Wed, 28 Sep 2022 17:03:09 +0200 Subject: [PATCH 18/19] Update modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep Co-authored-by: Alexander Sehr --- .../.test/common/deploy.test.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep index 5ccd4b8a86..89d7bbe1cd 100644 --- a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep @@ -7,7 +7,7 @@ targetScope = 'subscription' @maxLength(90) param resourceGroupName string = 'ms.network.applicationGatewayWebApplicationFirewallPolicies-${serviceShort}-rg' -@description('Optional. The location to deploy resources to') +@description('Optional. The location to deploy resources to.') param location string = deployment().location @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') From 4dd56eb1d62e45d72680e364fb3d41fab393cc7b Mon Sep 17 00:00:00 2001 From: Rainer Halanek <61878316+rahalan@users.noreply.github.com> Date: Wed, 28 Sep 2022 17:03:17 +0200 Subject: [PATCH 19/19] Update modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep Co-authored-by: Alexander Sehr --- .../.test/common/deploy.test.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep index 89d7bbe1cd..9a2c20a646 100644 --- a/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/.test/common/deploy.test.bicep @@ -10,7 +10,7 @@ param resourceGroupName string = 'ms.network.applicationGatewayWebApplicationFir @description('Optional. The location to deploy resources to.') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') param serviceShort string = 'nagwafpcom' // =========== //