From deed5005a279f1d41c7b64d7a4b3ce1c7b7a6fe9 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 4 Nov 2022 09:04:19 +0100 Subject: [PATCH 01/17] Init --- .../workflows/ms.network.networkwatchers.yml | 3 +- .../.test/common/dependencies.bicep | 14 ++ .../.test/common/deploy.test.bicep | 136 ++++++++++++++++++ .../networkWatchers/.test/min.parameters.json | 9 -- .../.test/min/dependencies.bicep | 14 ++ .../.test/min/deploy.test.bicep | 59 ++++++++ .../networkWatchers/.test/parameters.json | 92 ------------ 7 files changed, 224 insertions(+), 103 deletions(-) create mode 100644 modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep create mode 100644 modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep delete mode 100644 modules/Microsoft.Network/networkWatchers/.test/min.parameters.json create mode 100644 modules/Microsoft.Network/networkWatchers/.test/min/dependencies.bicep create mode 100644 modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep delete mode 100644 modules/Microsoft.Network/networkWatchers/.test/parameters.json diff --git a/.github/workflows/ms.network.networkwatchers.yml b/.github/workflows/ms.network.networkwatchers.yml index 860ed2bc51..21801b7939 100644 --- a/.github/workflows/ms.network.networkwatchers.yml +++ b/.github/workflows/ms.network.networkwatchers.yml @@ -106,8 +106,7 @@ jobs: - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]' uses: ./.github/actions/templates/validateModuleDeployment with: - templateFilePath: '${{ env.modulePath }}/deploy.bicep' - parameterFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}' + templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}' location: '${{ env.location }}' resourceGroupName: '${{ env.resourceGroupName }}' subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}' diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep new file mode 100644 index 0000000000..7371d4437b --- /dev/null +++ b/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep @@ -0,0 +1,14 @@ +@description('Optional. The location to deploy to.') +param location string = resourceGroup().location + +@description('Required. The name of the Managed Identity to create.') +param managedIdentityName string + +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { + name: managedIdentityName + location: location +} + +@description('The principal ID of the created Managed Identity.') +output managedIdentityPrincipalId string = managedIdentity.properties.principalId + diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep new file mode 100644 index 0000000000..7a2dcc8f9f --- /dev/null +++ b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep @@ -0,0 +1,136 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for testing purposes') +@maxLength(90) +param resourceGroupName string = 'ms.network.networkwatchers-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') +param serviceShort string = '...' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +module resourceGroupResources 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-paramNested' + params: { + managedIdentityName: 'dep-<>-msi-${serviceShort}' + } +} + +// Diagnostics +// =========== +module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnostic.dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-diagnosticDependencies' + params: { + storageAccountName: 'dep<>diasa${serviceShort}01' + logAnalyticsWorkspaceName: 'dep-<>-law-${serviceShort}' + eventHubNamespaceEventHubName: 'dep-<>-evh-${serviceShort}' + eventHubNamespaceName: 'dep-<>-evhns-${serviceShort}' + location: location + } +} + +// ============== // +// Test Execution // +// ============== // + +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + name: '<>${serviceShort}001' + connectionMonitors: [ + { + endpoints: [ + { + name: '<>-az-subnet-x-001(validation-rg)' + resourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/virtualMachines/adp-<>-vm-01' + type: 'AzureVM' + } + { + address: 'www.office.com' + name: 'Office Portal' + type: 'ExternalAddress' + } + ] + name: 'adp-<>-az-conn-mon-x-001' + testConfigurations: [ + { + httpConfiguration: { + method: 'Get' + port: 80 + preferHTTPS: false + requestHeaders: [] + validStatusCodeRanges: [ + '200' + ] + } + name: 'HTTP Test' + protocol: 'Http' + successThreshold: { + checksFailedPercent: 5 + roundTripTimeMs: 100 + } + testFrequencySec: 30 + } + ] + testGroups: [ + { + destinations: [ + 'Office Portal' + ] + disable: false + name: 'TestHTTPBing' + sources: [ + '<>-az-subnet-x-001(validation-rg)' + ] + testConfigurations: [ + 'HTTP Test' + ] + } + ] + workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + } + ] + flowLogs: [ + { + enabled: false + storageId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001' + } + { + formatVersion: 1 + name: 'adp-<>-az-nsg-x-apgw-flowlog' + retentionInDays: 8 + storageId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-apgw' + trafficAnalyticsInterval: 10 + workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + } + ] + roleAssignments: [ + { + principalIds: [ + '<>' + ] + roleDefinitionIdOrName: 'Reader' + } + ] + } +} diff --git a/modules/Microsoft.Network/networkWatchers/.test/min.parameters.json b/modules/Microsoft.Network/networkWatchers/.test/min.parameters.json deleted file mode 100644 index 78acbb0c7e..0000000000 --- a/modules/Microsoft.Network/networkWatchers/.test/min.parameters.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "location": { - "value": "northeurope" - } - } -} diff --git a/modules/Microsoft.Network/networkWatchers/.test/min/dependencies.bicep b/modules/Microsoft.Network/networkWatchers/.test/min/dependencies.bicep new file mode 100644 index 0000000000..7371d4437b --- /dev/null +++ b/modules/Microsoft.Network/networkWatchers/.test/min/dependencies.bicep @@ -0,0 +1,14 @@ +@description('Optional. The location to deploy to.') +param location string = resourceGroup().location + +@description('Required. The name of the Managed Identity to create.') +param managedIdentityName string + +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { + name: managedIdentityName + location: location +} + +@description('The principal ID of the created Managed Identity.') +output managedIdentityPrincipalId string = managedIdentity.properties.principalId + diff --git a/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep new file mode 100644 index 0000000000..73ad182c1a --- /dev/null +++ b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep @@ -0,0 +1,59 @@ +targetScope = 'subscription' + +// ========== // +// Parameters // +// ========== // +@description('Optional. The name of the resource group to deploy for testing purposes') +@maxLength(90) +param resourceGroupName string = 'ms.network.networkwatchers-${serviceShort}-rg' + +@description('Optional. The location to deploy resources to') +param location string = deployment().location + +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') +param serviceShort string = '...' + +// =========== // +// Deployments // +// =========== // + +// General resources +// ================= +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { + name: resourceGroupName + location: location +} + +module resourceGroupResources 'dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-paramNested' + params: { + managedIdentityName: 'dep-<>-msi-${serviceShort}' + } +} + +// Diagnostics +// =========== +module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnostic.dependencies.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name, location)}-diagnosticDependencies' + params: { + storageAccountName: 'dep<>diasa${serviceShort}01' + logAnalyticsWorkspaceName: 'dep-<>-law-${serviceShort}' + eventHubNamespaceEventHubName: 'dep-<>-evh-${serviceShort}' + eventHubNamespaceName: 'dep-<>-evhns-${serviceShort}' + location: location + } +} + +// ============== // +// Test Execution // +// ============== // + +module testDeployment '../../deploy.bicep' = { + scope: resourceGroup + name: '${uniqueString(deployment().name)}-test-${serviceShort}' + params: { + location: 'northeurope' + } +} diff --git a/modules/Microsoft.Network/networkWatchers/.test/parameters.json b/modules/Microsoft.Network/networkWatchers/.test/parameters.json deleted file mode 100644 index 78a7e1f272..0000000000 --- a/modules/Microsoft.Network/networkWatchers/.test/parameters.json +++ /dev/null @@ -1,92 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "name": { - "value": "adp-<>-az-nw-x-001" - }, - "flowLogs": { - "value": [ - { - "targetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001", - "storageId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", - "enabled": false - }, - { - "name": "adp-<>-az-nsg-x-apgw-flowlog", - "targetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-apgw", - "storageId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", - "workspaceResourceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001", - "formatVersion": 1, - "trafficAnalyticsInterval": 10, - "retentionInDays": 8 - } - ] - }, - "connectionMonitors": { - "value": [ - { - "name": "adp-<>-az-conn-mon-x-001", - "endpoints": [ - { - "name": "<>-az-subnet-x-001(validation-rg)", - "type": "AzureVM", - "resourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/virtualMachines/adp-<>-vm-01" - }, - { - "name": "Office Portal", - "type": "ExternalAddress", - "address": "www.office.com" - } - ], - "testConfigurations": [ - { - "name": "HTTP Test", - "testFrequencySec": 30, - "protocol": "Http", - "httpConfiguration": { - "port": 80, - "method": "Get", - "requestHeaders": [], - "validStatusCodeRanges": [ - "200" - ], - "preferHTTPS": false - }, - "successThreshold": { - "checksFailedPercent": 5, - "roundTripTimeMs": 100 - } - } - ], - "testGroups": [ - { - "name": "TestHTTPBing", - "disable": false, - "testConfigurations": [ - "HTTP Test" - ], - "sources": [ - "<>-az-subnet-x-001(validation-rg)" - ], - "destinations": [ - "Office Portal" - ] - } - ], - "workspaceResourceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" - } - ] - }, - "roleAssignments": { - "value": [ - { - "roleDefinitionIdOrName": "Reader", - "principalIds": [ - "<>" - ] - } - ] - } - } -} From 42f3a4bb2d0ae0b8b8c6f837cc94d25630fe1cb3 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 4 Nov 2022 09:57:57 +0100 Subject: [PATCH 02/17] Update to latest --- .../.test/common/deploy.test.bicep | 16 ++++++------ .../.test/min/dependencies.bicep | 14 ---------- .../.test/min/deploy.test.bicep | 26 ++----------------- 3 files changed, 10 insertions(+), 46 deletions(-) delete mode 100644 modules/Microsoft.Network/networkWatchers/.test/min/dependencies.bicep diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep index 7a2dcc8f9f..45fa559e83 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep @@ -11,7 +11,7 @@ param resourceGroupName string = 'ms.network.networkwatchers-${serviceShort}-rg' param location string = deployment().location @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') -param serviceShort string = '...' +param serviceShort string = 'nnwcom' // =========== // // Deployments // @@ -57,6 +57,7 @@ module testDeployment '../../deploy.bicep' = { name: '<>${serviceShort}001' connectionMonitors: [ { + name: 'adp-<>-az-conn-mon-x-001' endpoints: [ { name: '<>-az-subnet-x-001(validation-rg)' @@ -69,7 +70,6 @@ module testDeployment '../../deploy.bicep' = { type: 'ExternalAddress' } ] - name: 'adp-<>-az-conn-mon-x-001' testConfigurations: [ { httpConfiguration: { @@ -98,36 +98,36 @@ module testDeployment '../../deploy.bicep' = { disable: false name: 'TestHTTPBing' sources: [ - '<>-az-subnet-x-001(validation-rg)' + '<>-az-subnet-x-001(${resourceGroup.name})' ] testConfigurations: [ 'HTTP Test' ] } ] - workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + workspaceResourceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId } ] flowLogs: [ { enabled: false - storageId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + storageId: diagnosticDependencies.outputs.storageAccountResourceId targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001' } { formatVersion: 1 name: 'adp-<>-az-nsg-x-apgw-flowlog' retentionInDays: 8 - storageId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' + storageId: diagnosticDependencies.outputs.storageAccountResourceId targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-apgw' trafficAnalyticsInterval: 10 - workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + workspaceResourceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId } ] roleAssignments: [ { principalIds: [ - '<>' + resourceGroupResources.outputs.managedIdentityPrincipalId ] roleDefinitionIdOrName: 'Reader' } diff --git a/modules/Microsoft.Network/networkWatchers/.test/min/dependencies.bicep b/modules/Microsoft.Network/networkWatchers/.test/min/dependencies.bicep deleted file mode 100644 index 7371d4437b..0000000000 --- a/modules/Microsoft.Network/networkWatchers/.test/min/dependencies.bicep +++ /dev/null @@ -1,14 +0,0 @@ -@description('Optional. The location to deploy to.') -param location string = resourceGroup().location - -@description('Required. The name of the Managed Identity to create.') -param managedIdentityName string - -resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { - name: managedIdentityName - location: location -} - -@description('The principal ID of the created Managed Identity.') -output managedIdentityPrincipalId string = managedIdentity.properties.principalId - diff --git a/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep index 73ad182c1a..0b8522c4b3 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep @@ -11,7 +11,7 @@ param resourceGroupName string = 'ms.network.networkwatchers-${serviceShort}-rg' param location string = deployment().location @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') -param serviceShort string = '...' +param serviceShort string = 'nnwmin' // =========== // // Deployments // @@ -24,28 +24,6 @@ resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { location: location } -module resourceGroupResources 'dependencies.bicep' = { - scope: resourceGroup - name: '${uniqueString(deployment().name, location)}-paramNested' - params: { - managedIdentityName: 'dep-<>-msi-${serviceShort}' - } -} - -// Diagnostics -// =========== -module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnostic.dependencies.bicep' = { - scope: resourceGroup - name: '${uniqueString(deployment().name, location)}-diagnosticDependencies' - params: { - storageAccountName: 'dep<>diasa${serviceShort}01' - logAnalyticsWorkspaceName: 'dep-<>-law-${serviceShort}' - eventHubNamespaceEventHubName: 'dep-<>-evh-${serviceShort}' - eventHubNamespaceName: 'dep-<>-evhns-${serviceShort}' - location: location - } -} - // ============== // // Test Execution // // ============== // @@ -54,6 +32,6 @@ module testDeployment '../../deploy.bicep' = { scope: resourceGroup name: '${uniqueString(deployment().name)}-test-${serviceShort}' params: { - location: 'northeurope' + location: location } } From 3a9a0137921c0c82a600a64263800031796119b7 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 4 Nov 2022 11:29:17 +0100 Subject: [PATCH 03/17] Added first draft of vm dep --- .../.test/common/dependencies.bicep | 72 +++++++++++++++++++ .../.test/common/deploy.test.bicep | 13 ++-- 2 files changed, 80 insertions(+), 5 deletions(-) diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep index 7371d4437b..61dcf1a32d 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep @@ -1,14 +1,86 @@ @description('Optional. The location to deploy to.') param location string = resourceGroup().location +@description('Required. The name of the Virtual Network to create.') +param virtualNetworkName string + @description('Required. The name of the Managed Identity to create.') param managedIdentityName string +@description('Required. The name of the Virtual Machine to create.') +param virtualMachineName string + +@description('Optional. The password to leverage for the VM login.') +@secure() +param password string = newGuid() + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { + name: virtualNetworkName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/24' + ] + } + subnets: [ + { + name: 'defaultSubnet' + properties: { + addressPrefix: '10.0.0.0/24' + } + } + ] + } +} + resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { name: managedIdentityName location: location } +resource networkInterface 'Microsoft.Network/networkInterfaces@2022-05-01' = { + name: '${virtualMachineName}-nic' +} + +resource virtualMachine 'Microsoft.Compute/virtualMachines@2022-08-01' = { + name: virtualMachineName + location: location + properties: { + networkProfile: { + networkInterfaces: [ + { + id: networkInterface.id + properties: { + deleteOption: 'Delete' + primary: true + } + } + ] + } + storageProfile: { + imageReference: { + offer: 'UbuntuServer' + publisher: 'Canonical' + sku: '18.04-LTS' + version: 'latest' + } + } + hardwareProfile: { + vmSize: 'Standard_B1ms' + } + osProfile: { + adminUsername: '${virtualMachineName}cake' + adminPassword: password + linuxConfiguration: { + disablePasswordAuthentication: false + } + } + } +} + @description('The principal ID of the created Managed Identity.') output managedIdentityPrincipalId string = managedIdentity.properties.principalId +@description('The resource ID of the created Virtual Machine.') +output virtualMachineResourceId string = virtualMachine.id diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep index 45fa559e83..323535a266 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep @@ -29,6 +29,9 @@ module resourceGroupResources 'dependencies.bicep' = { name: '${uniqueString(deployment().name, location)}-paramNested' params: { managedIdentityName: 'dep-<>-msi-${serviceShort}' + virtualMachineName: 'dep-<>-vm-${serviceShort}' + virtualNetworkName: 'dep-<>-vnet-${serviceShort}' + location: location } } @@ -57,11 +60,11 @@ module testDeployment '../../deploy.bicep' = { name: '<>${serviceShort}001' connectionMonitors: [ { - name: 'adp-<>-az-conn-mon-x-001' + name: 'adp-<>-conn-mon-x-001' endpoints: [ { - name: '<>-az-subnet-x-001(validation-rg)' - resourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/virtualMachines/adp-<>-vm-01' + name: '<>-subnet-x-001(${resourceGroup.name})' + resourceId: resourceGroupResources.outputs.virtualMachineResourceId type: 'AzureVM' } { @@ -98,7 +101,7 @@ module testDeployment '../../deploy.bicep' = { disable: false name: 'TestHTTPBing' sources: [ - '<>-az-subnet-x-001(${resourceGroup.name})' + '<>-subnet-x-001(${resourceGroup.name})' ] testConfigurations: [ 'HTTP Test' @@ -116,7 +119,7 @@ module testDeployment '../../deploy.bicep' = { } { formatVersion: 1 - name: 'adp-<>-az-nsg-x-apgw-flowlog' + name: 'adp-<>-nsg-x-apgw-flowlog' retentionInDays: 8 storageId: diagnosticDependencies.outputs.storageAccountResourceId targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-apgw' From 2114f20464da67c6b5a289bae1ac2327966fc370 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 4 Nov 2022 11:35:23 +0100 Subject: [PATCH 04/17] Update to latest --- .../networkWatchers/.test/common/dependencies.bicep | 10 ++++++++++ .../networkWatchers/.test/common/deploy.test.bicep | 10 ++++++---- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep index 61dcf1a32d..04db807130 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep @@ -7,6 +7,9 @@ param virtualNetworkName string @description('Required. The name of the Managed Identity to create.') param managedIdentityName string +@description('Required. The name of the Network Security Group to create.') +param networkSecurityGroupName string + @description('Required. The name of the Virtual Machine to create.') param virtualMachineName string @@ -39,6 +42,10 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- location: location } +resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2022-05-01' = { + name: networkSecurityGroupName +} + resource networkInterface 'Microsoft.Network/networkInterfaces@2022-05-01' = { name: '${virtualMachineName}-nic' } @@ -84,3 +91,6 @@ output managedIdentityPrincipalId string = managedIdentity.properties.principalI @description('The resource ID of the created Virtual Machine.') output virtualMachineResourceId string = virtualMachine.id + +@description('The resource ID of the created Network Security Group.') +output networkSecurityGroupResourceId string = networkSecurityGroup.id diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep index 323535a266..be87d47df6 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep @@ -29,6 +29,7 @@ module resourceGroupResources 'dependencies.bicep' = { name: '${uniqueString(deployment().name, location)}-paramNested' params: { managedIdentityName: 'dep-<>-msi-${serviceShort}' + networkSecurityGroupName: 'dep-<>-nsg-${serviceShort}' virtualMachineName: 'dep-<>-vm-${serviceShort}' virtualNetworkName: 'dep-<>-vnet-${serviceShort}' location: location @@ -60,7 +61,7 @@ module testDeployment '../../deploy.bicep' = { name: '<>${serviceShort}001' connectionMonitors: [ { - name: 'adp-<>-conn-mon-x-001' + name: 'adp-<>-conmon-${serviceShort}-x-001' endpoints: [ { name: '<>-subnet-x-001(${resourceGroup.name})' @@ -115,24 +116,25 @@ module testDeployment '../../deploy.bicep' = { { enabled: false storageId: diagnosticDependencies.outputs.storageAccountResourceId - targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001' + targetResourceId: resourceGroupResources.outputs.networkSecurityGroupResourceId } { formatVersion: 1 name: 'adp-<>-nsg-x-apgw-flowlog' retentionInDays: 8 storageId: diagnosticDependencies.outputs.storageAccountResourceId - targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-apgw' + targetResourceId: resourceGroupResources.outputs.networkSecurityGroupResourceId trafficAnalyticsInterval: 10 workspaceResourceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId } ] roleAssignments: [ { + roleDefinitionIdOrName: 'Reader' principalIds: [ resourceGroupResources.outputs.managedIdentityPrincipalId ] - roleDefinitionIdOrName: 'Reader' + principalType: 'ServicePrincipal' } ] } From c3e6eff68decf047bdf767e5fdc9e5580325d8dc Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 4 Nov 2022 14:16:42 +0100 Subject: [PATCH 05/17] Update to latest --- .../.test/common/dependencies.bicep | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep index 04db807130..51e303bca7 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep @@ -44,10 +44,24 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2022-05-01' = { name: networkSecurityGroupName + location: location } resource networkInterface 'Microsoft.Network/networkInterfaces@2022-05-01' = { name: '${virtualMachineName}-nic' + location: location + properties: { + ipConfigurations: [ + { + name: 'ipconfig01' + properties: { + subnet: { + id: virtualNetwork.properties.subnets[0].id + } + } + } + ] + } } resource virtualMachine 'Microsoft.Compute/virtualMachines@2022-08-01' = { @@ -79,6 +93,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2022-08-01' = { osProfile: { adminUsername: '${virtualMachineName}cake' adminPassword: password + computerName: virtualMachineName linuxConfiguration: { disablePasswordAuthentication: false } @@ -86,6 +101,22 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2022-08-01' = { } } +resource extension 'Microsoft.Compute/virtualMachines/extensions@2021-07-01' = { + name: 'NetworkWatcherAgent' + parent: virtualMachine + location: location + properties: { + publisher: 'Microsoft.Azure.NetworkWatcher' + type: 'NetworkWatcherAgentLinux' + typeHandlerVersion: '1.4' + autoUpgradeMinorVersion: true + enableAutomaticUpgrade: false + settings: {} + protectedSettings: {} + suppressFailures: false + } +} + @description('The principal ID of the created Managed Identity.') output managedIdentityPrincipalId string = managedIdentity.properties.principalId From 37c4b56595f500c572ce026216372d2bf1b91303 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 4 Nov 2022 15:07:29 +0100 Subject: [PATCH 06/17] Excluded NetworkWatcher from removal --- .../networkWatchers/.test/common/deploy.test.bicep | 13 +++++++------ .../networkWatchers/.test/min/deploy.test.bicep | 3 ++- .../resourceRemoval/helper/Remove-Deployment.ps1 | 10 ++++++++-- 3 files changed, 17 insertions(+), 9 deletions(-) diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep index be87d47df6..35d400a365 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep @@ -5,7 +5,8 @@ targetScope = 'subscription' // ========== // @description('Optional. The name of the resource group to deploy for testing purposes') @maxLength(90) -param resourceGroupName string = 'ms.network.networkwatchers-${serviceShort}-rg' +//param resourceGroupName string = 'ms.network.networkwatchers-${serviceShort}-rg' +param resourceGroupName string = 'NetworkWatcherRG' @description('Optional. The location to deploy resources to') param location string = deployment().location @@ -113,11 +114,11 @@ module testDeployment '../../deploy.bicep' = { } ] flowLogs: [ - { - enabled: false - storageId: diagnosticDependencies.outputs.storageAccountResourceId - targetResourceId: resourceGroupResources.outputs.networkSecurityGroupResourceId - } + // { + // enabled: false + // storageId: diagnosticDependencies.outputs.storageAccountResourceId + // targetResourceId: resourceGroupResources.outputs.networkSecurityGroupResourceId + // } { formatVersion: 1 name: 'adp-<>-nsg-x-apgw-flowlog' diff --git a/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep index 0b8522c4b3..6991431874 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep @@ -5,7 +5,8 @@ targetScope = 'subscription' // ========== // @description('Optional. The name of the resource group to deploy for testing purposes') @maxLength(90) -param resourceGroupName string = 'ms.network.networkwatchers-${serviceShort}-rg' +// param resourceGroupName string = 'ms.network.networkwatchers-${serviceShort}-rg' +param resourceGroupName string = 'NetworkWatcherRG' @description('Optional. The location to deploy resources to') param location string = deployment().location diff --git a/utilities/pipelines/resourceRemoval/helper/Remove-Deployment.ps1 b/utilities/pipelines/resourceRemoval/helper/Remove-Deployment.ps1 index a5a371e803..0e5115f5d8 100644 --- a/utilities/pipelines/resourceRemoval/helper/Remove-Deployment.ps1 +++ b/utilities/pipelines/resourceRemoval/helper/Remove-Deployment.ps1 @@ -74,6 +74,8 @@ function Remove-Deployment { } process { + $azContext = Get-AzContext + # Prepare data # ============ $deploymentScope = Get-ScopeOfTemplateFile -TemplateFilePath $TemplateFilePath @@ -117,12 +119,16 @@ function Remove-Deployment { # =============================== $dependencyResourceNames = Get-DependencyResourceNameList - if ($resourcesToIgnore = $resourcesToRemove | Where-Object { (Split-Path $_.resourceId -Leaf) -in $dependencyResourceNames }) { + $resourceIdsToIgnore = @( + '/subscriptions/{0}/resourceGroups/NetworkWatcherRG' -f $azContext.Subscription.Id + ) + + if ($resourcesToIgnore = $resourcesToRemove | Where-Object { (Split-Path $_.resourceId -Leaf) -in $dependencyResourceNames -or $_.resourceId -in $resourceIdsToIgnore }) { Write-Verbose 'Resources excluded from removal:' -Verbose $resourcesToIgnore | ForEach-Object { Write-Verbose ('- Ignore [{0}]' -f $_.resourceId) -Verbose } } - [array] $resourcesToRemove = $resourcesToRemove | Where-Object { (Split-Path $_.resourceId -Leaf) -notin $dependencyResourceNames } + [array] $resourcesToRemove = $resourcesToRemove | Where-Object { (Split-Path $_.resourceId -Leaf) -notin $dependencyResourceNames -and $_.resourceId -notin $resourceIdsToIgnore } Write-Verbose ('Total number of deployments after filtering all dependency resources [{0}]' -f $resourcesToRemove.Count) -Verbose # Order resources From b759ca9b68155fe898fffeae0da7e64756432e5b Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 4 Nov 2022 15:11:01 +0100 Subject: [PATCH 07/17] Excluded NetworkWatcher from removal --- .../networkWatchers/.test/common/deploy.test.bicep | 4 ++-- .../networkWatchers/.test/min/deploy.test.bicep | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep index 35d400a365..aae4530c35 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep @@ -9,7 +9,7 @@ targetScope = 'subscription' param resourceGroupName string = 'NetworkWatcherRG' @description('Optional. The location to deploy resources to') -param location string = deployment().location +param location string = 'WestEurope' @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') param serviceShort string = 'nnwcom' @@ -59,7 +59,7 @@ module testDeployment '../../deploy.bicep' = { scope: resourceGroup name: '${uniqueString(deployment().name)}-test-${serviceShort}' params: { - name: '<>${serviceShort}001' + name: 'NetworkWatcher_${location}' connectionMonitors: [ { name: 'adp-<>-conmon-${serviceShort}-x-001' diff --git a/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep index 6991431874..dbae403803 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep @@ -9,7 +9,7 @@ targetScope = 'subscription' param resourceGroupName string = 'NetworkWatcherRG' @description('Optional. The location to deploy resources to') -param location string = deployment().location +param location string = 'NorthEurope' @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') param serviceShort string = 'nnwmin' From e7fd204c378571f3bbd7289d3d094ced8fb65286 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 4 Nov 2022 15:28:24 +0100 Subject: [PATCH 08/17] Enabled removal in pipelines --- .../modulePipelines/ms.network.networkwatchers.yml | 2 +- .github/workflows/ms.network.networkwatchers.yml | 2 +- .../networkWatchers/.test/common/deploy.test.bicep | 9 +++++---- .../networkWatchers/.test/min/deploy.test.bicep | 8 ++++---- 4 files changed, 11 insertions(+), 10 deletions(-) diff --git a/.azuredevops/modulePipelines/ms.network.networkwatchers.yml b/.azuredevops/modulePipelines/ms.network.networkwatchers.yml index bcefb379c3..93d889b368 100644 --- a/.azuredevops/modulePipelines/ms.network.networkwatchers.yml +++ b/.azuredevops/modulePipelines/ms.network.networkwatchers.yml @@ -4,7 +4,7 @@ parameters: - name: removeDeployment displayName: Remove deployed module type: boolean - default: false # Only one Network Watcher can exist in the same location. If removed, a default would be created in a dedicated RG + default: true - name: prerelease displayName: Publish prerelease module type: boolean diff --git a/.github/workflows/ms.network.networkwatchers.yml b/.github/workflows/ms.network.networkwatchers.yml index 21801b7939..748bd1b635 100644 --- a/.github/workflows/ms.network.networkwatchers.yml +++ b/.github/workflows/ms.network.networkwatchers.yml @@ -7,7 +7,7 @@ on: type: boolean description: 'Remove deployed module' required: false - default: false # Only one Network Watcher can exist in the same location. If removed, a default would be created in a dedicated RG + default: true prerelease: type: boolean description: 'Publish prerelease module' diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep index aae4530c35..9804acb084 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep @@ -5,11 +5,10 @@ targetScope = 'subscription' // ========== // @description('Optional. The name of the resource group to deploy for testing purposes') @maxLength(90) -//param resourceGroupName string = 'ms.network.networkwatchers-${serviceShort}-rg' -param resourceGroupName string = 'NetworkWatcherRG' +param resourceGroupName string = 'NetworkWatcherRG' // Note, this is the default NetworkWatcher resource group. Do not change. @description('Optional. The location to deploy resources to') -param location string = 'WestEurope' +param location string = deployment().location @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') param serviceShort string = 'nnwcom' @@ -59,7 +58,9 @@ module testDeployment '../../deploy.bicep' = { scope: resourceGroup name: '${uniqueString(deployment().name)}-test-${serviceShort}' params: { - name: 'NetworkWatcher_${location}' + name: 'NetworkWatcher_westeurope' + #disable-next-line no-hardcoded-location // Disabled as the default RG & location are created in always one location, but each test has to deploy into a different one + location: 'westeurope' connectionMonitors: [ { name: 'adp-<>-conmon-${serviceShort}-x-001' diff --git a/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep index dbae403803..e9494931d9 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep @@ -5,11 +5,10 @@ targetScope = 'subscription' // ========== // @description('Optional. The name of the resource group to deploy for testing purposes') @maxLength(90) -// param resourceGroupName string = 'ms.network.networkwatchers-${serviceShort}-rg' -param resourceGroupName string = 'NetworkWatcherRG' +param resourceGroupName string = 'NetworkWatcherRG' // Note, this is the default NetworkWatcher resource group. Do not change. @description('Optional. The location to deploy resources to') -param location string = 'NorthEurope' +param location string = deployment().location @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') param serviceShort string = 'nnwmin' @@ -33,6 +32,7 @@ module testDeployment '../../deploy.bicep' = { scope: resourceGroup name: '${uniqueString(deployment().name)}-test-${serviceShort}' params: { - location: location + #disable-next-line no-hardcoded-location // Disabled as the default RG & location are created in always one location, but each test has to deploy into a different one + location: 'northeurope' } } From 03454e1e88392d372adb8fb9c29e12da2c80d12d Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 4 Nov 2022 15:32:42 +0100 Subject: [PATCH 09/17] Adjusted tests & docs --- .../.test/common/deploy.test.bicep | 18 +-- .../.test/min/deploy.test.bicep | 6 +- .../networkWatchers/readme.md | 136 +++++++++--------- 3 files changed, 83 insertions(+), 77 deletions(-) diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep index 9804acb084..cb0ceec9c2 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep @@ -53,14 +53,14 @@ module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnost // ============== // // Test Execution // // ============== // - +#disable-next-line no-hardcoded-location // Disabled as the default RG & location are created in always one location, but each test has to deploy into a different one +var testLocation = 'westeurope' module testDeployment '../../deploy.bicep' = { scope: resourceGroup name: '${uniqueString(deployment().name)}-test-${serviceShort}' params: { - name: 'NetworkWatcher_westeurope' - #disable-next-line no-hardcoded-location // Disabled as the default RG & location are created in always one location, but each test has to deploy into a different one - location: 'westeurope' + name: 'NetworkWatcher_${testLocation}' + location: testLocation connectionMonitors: [ { name: 'adp-<>-conmon-${serviceShort}-x-001' @@ -115,11 +115,11 @@ module testDeployment '../../deploy.bicep' = { } ] flowLogs: [ - // { - // enabled: false - // storageId: diagnosticDependencies.outputs.storageAccountResourceId - // targetResourceId: resourceGroupResources.outputs.networkSecurityGroupResourceId - // } + { + enabled: false + storageId: diagnosticDependencies.outputs.storageAccountResourceId + targetResourceId: resourceGroupResources.outputs.networkSecurityGroupResourceId + } { formatVersion: 1 name: 'adp-<>-nsg-x-apgw-flowlog' diff --git a/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep index e9494931d9..b638677ae8 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep @@ -27,12 +27,12 @@ resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { // ============== // // Test Execution // // ============== // - +#disable-next-line no-hardcoded-location // Disabled as the default RG & location are created in always one location, but each test has to deploy into a different one +var testLocation = 'northeurope' module testDeployment '../../deploy.bicep' = { scope: resourceGroup name: '${uniqueString(deployment().name)}-test-${serviceShort}' params: { - #disable-next-line no-hardcoded-location // Disabled as the default RG & location are created in always one location, but each test has to deploy into a different one - location: 'northeurope' + location: testLocation } } diff --git a/modules/Microsoft.Network/networkWatchers/readme.md b/modules/Microsoft.Network/networkWatchers/readme.md index eaf55eb3d0..0fbfc04981 100644 --- a/modules/Microsoft.Network/networkWatchers/readme.md +++ b/modules/Microsoft.Network/networkWatchers/readme.md @@ -157,7 +157,7 @@ The following module usage examples are retrieved from the content of the files >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -

Example 1: Min

+

Example 1: Common

@@ -165,51 +165,14 @@ The following module usage examples are retrieved from the content of the files ```bicep module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-NetworkWatchers' - params: { - location: 'northeurope' - } -} -``` - -
-

- -

- -via JSON Parameter file - -```json -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "location": { - "value": "northeurope" - } - } -} -``` - -
-

- -

Example 2: Parameters

- -
- -via Bicep module - -```bicep -module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-NetworkWatchers' + name: '${uniqueString(deployment().name)}-test-nnwcom' params: { connectionMonitors: [ { endpoints: [ { - name: '<>-az-subnet-x-001(validation-rg)' - resourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/virtualMachines/adp-<>-vm-01' + name: '<>-subnet-x-001(${resourceGroup.name})' + resourceId: '' type: 'AzureVM' } { @@ -218,7 +181,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { type: 'ExternalAddress' } ] - name: 'adp-<>-az-conn-mon-x-001' + name: 'adp-<>-conmon-nnwcom-x-001' testConfigurations: [ { httpConfiguration: { @@ -247,38 +210,40 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { disable: false name: 'TestHTTPBing' sources: [ - '<>-az-subnet-x-001(validation-rg)' + '<>-subnet-x-001(${resourceGroup.name})' ] testConfigurations: [ 'HTTP Test' ] } ] - workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + workspaceResourceId: '' } ] flowLogs: [ { enabled: false - storageId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001' + storageId: '' + targetResourceId: '' } { formatVersion: 1 - name: 'adp-<>-az-nsg-x-apgw-flowlog' + name: 'adp-<>-nsg-x-apgw-flowlog' retentionInDays: 8 - storageId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001' - targetResourceId: '/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-apgw' + storageId: '' + targetResourceId: '' trafficAnalyticsInterval: 10 - workspaceResourceId: '/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001' + workspaceResourceId: '' } ] - name: 'adp-<>-az-nw-x-001' + location: '' + name: 'NetworkWatcher_${testLocation}' roleAssignments: [ { principalIds: [ - '<>' + '' ] + principalType: 'ServicePrincipal' roleDefinitionIdOrName: 'Reader' } ] @@ -303,8 +268,8 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { { "endpoints": [ { - "name": "<>-az-subnet-x-001(validation-rg)", - "resourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Compute/virtualMachines/adp-<>-vm-01", + "name": "<>-subnet-x-001(${resourceGroup.name})", + "resourceId": "", "type": "AzureVM" }, { @@ -313,7 +278,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { "type": "ExternalAddress" } ], - "name": "adp-<>-az-conn-mon-x-001", + "name": "adp-<>-conmon-nnwcom-x-001", "testConfigurations": [ { "httpConfiguration": { @@ -342,14 +307,14 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { "disable": false, "name": "TestHTTPBing", "sources": [ - "<>-az-subnet-x-001(validation-rg)" + "<>-subnet-x-001(${resourceGroup.name})" ], "testConfigurations": [ "HTTP Test" ] } ], - "workspaceResourceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + "workspaceResourceId": "" } ] }, @@ -357,29 +322,33 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { "value": [ { "enabled": false, - "storageId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", - "targetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-001" + "storageId": "", + "targetResourceId": "" }, { "formatVersion": 1, - "name": "adp-<>-az-nsg-x-apgw-flowlog", + "name": "adp-<>-nsg-x-apgw-flowlog", "retentionInDays": 8, - "storageId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<>azsax001", - "targetResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/networkSecurityGroups/adp-<>-az-nsg-x-apgw", + "storageId": "", + "targetResourceId": "", "trafficAnalyticsInterval": 10, - "workspaceResourceId": "/subscriptions/<>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<>-az-law-x-001" + "workspaceResourceId": "" } ] }, + "location": { + "value": "" + }, "name": { - "value": "adp-<>-az-nw-x-001" + "value": "NetworkWatcher_${testLocation}" }, "roleAssignments": { "value": [ { "principalIds": [ - "<>" + "" ], + "principalType": "ServicePrincipal", "roleDefinitionIdOrName": "Reader" } ] @@ -390,3 +359,40 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = {

+ +

Example 2: Min

+ +
+ +via Bicep module + +```bicep +module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { + name: '${uniqueString(deployment().name)}-test-nnwmin' + params: { + location: '' + } +} +``` + +
+

+ +

+ +via JSON Parameter file + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "location": { + "value": "" + } + } +} +``` + +
+

From c66ac9c0a0e085363b6daef5a25055bbf75ceef1 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 4 Nov 2022 15:49:18 +0100 Subject: [PATCH 10/17] Update to latest --- .../.test/common/dependencies.bicep | 23 ++++++++++++++----- .../.test/common/deploy.test.bicep | 7 +++--- 2 files changed, 21 insertions(+), 9 deletions(-) diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep index 51e303bca7..d676a0afce 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep @@ -7,8 +7,11 @@ param virtualNetworkName string @description('Required. The name of the Managed Identity to create.') param managedIdentityName string -@description('Required. The name of the Network Security Group to create.') -param networkSecurityGroupName string +@description('Required. The name of the first Network Security Group to create.') +param firstNetworkSecurityGroupName string + +@description('Required. The name of the second Network Security Group to create.') +param secondNetworkSecurityGroupName string @description('Required. The name of the Virtual Machine to create.') param virtualMachineName string @@ -42,8 +45,13 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- location: location } -resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2022-05-01' = { - name: networkSecurityGroupName +resource firstNetworkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2022-05-01' = { + name: firstNetworkSecurityGroupName + location: location +} + +resource secondNetworkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2022-05-01' = { + name: secondNetworkSecurityGroupName location: location } @@ -123,5 +131,8 @@ output managedIdentityPrincipalId string = managedIdentity.properties.principalI @description('The resource ID of the created Virtual Machine.') output virtualMachineResourceId string = virtualMachine.id -@description('The resource ID of the created Network Security Group.') -output networkSecurityGroupResourceId string = networkSecurityGroup.id +@description('The resource ID of the first created Network Security Group.') +output firstNetworkSecurityGroupResourceId string = firstNetworkSecurityGroup.id + +@description('The resource ID of the second created Network Security Group.') +output secondNetworkSecurityGroupResourceId string = secondNetworkSecurityGroup.id diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep index cb0ceec9c2..487237c6f2 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep @@ -29,7 +29,8 @@ module resourceGroupResources 'dependencies.bicep' = { name: '${uniqueString(deployment().name, location)}-paramNested' params: { managedIdentityName: 'dep-<>-msi-${serviceShort}' - networkSecurityGroupName: 'dep-<>-nsg-${serviceShort}' + firstNetworkSecurityGroupName: 'dep-<>-nsg-1-${serviceShort}' + secondNetworkSecurityGroupName: 'dep-<>-nsg-2-${serviceShort}' virtualMachineName: 'dep-<>-vm-${serviceShort}' virtualNetworkName: 'dep-<>-vnet-${serviceShort}' location: location @@ -118,14 +119,14 @@ module testDeployment '../../deploy.bicep' = { { enabled: false storageId: diagnosticDependencies.outputs.storageAccountResourceId - targetResourceId: resourceGroupResources.outputs.networkSecurityGroupResourceId + targetResourceId: resourceGroupResources.outputs.firstNetworkSecurityGroupResourceId } { formatVersion: 1 name: 'adp-<>-nsg-x-apgw-flowlog' retentionInDays: 8 storageId: diagnosticDependencies.outputs.storageAccountResourceId - targetResourceId: resourceGroupResources.outputs.networkSecurityGroupResourceId + targetResourceId: resourceGroupResources.outputs.secondNetworkSecurityGroupResourceId trafficAnalyticsInterval: 10 workspaceResourceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId } From 1cbd24e70277dae50dde1c85624266b721cb7786 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 4 Nov 2022 16:34:06 +0100 Subject: [PATCH 11/17] Added disk removal --- .../networkWatchers/.test/common/dependencies.bicep | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep index d676a0afce..92f94ce08c 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/dependencies.bicep @@ -94,6 +94,10 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2022-08-01' = { sku: '18.04-LTS' version: 'latest' } + osDisk: { + deleteOption: 'Delete' + createOption: 'FromImage' + } } hardwareProfile: { vmSize: 'Standard_B1ms' From 43add07cde930c4dc8be358b96fa5f95ae43ee1d Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 4 Nov 2022 22:02:37 +0100 Subject: [PATCH 12/17] Update to latest --- docs/wiki/The CI environment - Deployment validation.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/wiki/The CI environment - Deployment validation.md b/docs/wiki/The CI environment - Deployment validation.md index fa741f7f82..98af677fa7 100644 --- a/docs/wiki/The CI environment - Deployment validation.md +++ b/docs/wiki/The CI environment - Deployment validation.md @@ -62,7 +62,9 @@ The removal process will delete all resources created by the deployment. The lis 1. Recursively fetching the list of resource IDs created in the deployment (identified via the deployment name used). 1. Ordering the list based on resource IDs segment count (ensures child resources are removed first. E.g., `storageAccount/blobServices` comes before `storageAccount` as it has one more segments delimited by `/`). -1. Filtering out resources used as dependencies for different modules from the list (e.g., the commonly used Log Analytics workspace). +1. Filtering out resources must remain even after the test concluded from the list. This contains, but is not limited to: + 1. Resources that are autogenerated by Azure and can cause issues if not controlled (e.g., the Network Watcher resource group that is autogenerated and shared by multiple module tests) + 1. Dependencies for different modules (e.g., the commonly used Log Analytics workspace). 1. Moving specific resource types to the top of the list (if a certain order is required). For example, `diagnosticSettings` need to be removed before the resource to which they are applied, even though they are no child-resources. After a resource is removed (this happens after each resource in the list), if defined, the script will perform a **post removal operation**. This can be used for those resource types that require post-processing, like purging a soft-deleted Key Vault. From f05c219f2d0bf551d6733f8a72d2cf50ef8ef77e Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Wed, 9 Nov 2022 17:42:42 +0100 Subject: [PATCH 13/17] Added comment --- .../networkWatchers/.test/min/deploy.test.bicep | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep index b638677ae8..deb4fc1cc1 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep @@ -33,6 +33,7 @@ module testDeployment '../../deploy.bicep' = { scope: resourceGroup name: '${uniqueString(deployment().name)}-test-${serviceShort}' params: { + // Note: This value is not required and only set to enable testing location: testLocation } } From 42e58d6978cd0c4442c83465af8f0faa7a0446af Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Thu, 10 Nov 2022 13:30:40 +0100 Subject: [PATCH 14/17] Addressed comments --- .../networkWatchers/.test/common/deploy.test.bicep | 12 ++++++------ .../networkWatchers/.test/min/deploy.test.bicep | 6 +++--- .../Microsoft.Network/networkWatchers/readme.md | 14 +++++++------- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep index 487237c6f2..341f305018 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep @@ -3,14 +3,14 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for testing purposes') +@description('Optional. The name of the resource group to deploy for testing purposes.') @maxLength(90) param resourceGroupName string = 'NetworkWatcherRG' // Note, this is the default NetworkWatcher resource group. Do not change. -@description('Optional. The location to deploy resources to') +@description('Optional. The location to deploy resources to.') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') param serviceShort string = 'nnwcom' // =========== // @@ -64,7 +64,7 @@ module testDeployment '../../deploy.bicep' = { location: testLocation connectionMonitors: [ { - name: 'adp-<>-conmon-${serviceShort}-x-001' + name: 'dep-<>-conmon-${serviceShort}-x-001' endpoints: [ { name: '<>-subnet-x-001(${resourceGroup.name})' @@ -105,7 +105,7 @@ module testDeployment '../../deploy.bicep' = { disable: false name: 'TestHTTPBing' sources: [ - '<>-subnet-x-001(${resourceGroup.name})' + '<>-subnet-001(${resourceGroup.name})' ] testConfigurations: [ 'HTTP Test' @@ -123,7 +123,7 @@ module testDeployment '../../deploy.bicep' = { } { formatVersion: 1 - name: 'adp-<>-nsg-x-apgw-flowlog' + name: 'dep-<>-nsg-apgw-flowlog' retentionInDays: 8 storageId: diagnosticDependencies.outputs.storageAccountResourceId targetResourceId: resourceGroupResources.outputs.secondNetworkSecurityGroupResourceId diff --git a/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep index deb4fc1cc1..d379595b66 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/min/deploy.test.bicep @@ -3,14 +3,14 @@ targetScope = 'subscription' // ========== // // Parameters // // ========== // -@description('Optional. The name of the resource group to deploy for testing purposes') +@description('Optional. The name of the resource group to deploy for testing purposes.') @maxLength(90) param resourceGroupName string = 'NetworkWatcherRG' // Note, this is the default NetworkWatcher resource group. Do not change. -@description('Optional. The location to deploy resources to') +@description('Optional. The location to deploy resources to.') param location string = deployment().location -@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints') +@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') param serviceShort string = 'nnwmin' // =========== // diff --git a/modules/Microsoft.Network/networkWatchers/readme.md b/modules/Microsoft.Network/networkWatchers/readme.md index 0fbfc04981..73786767e6 100644 --- a/modules/Microsoft.Network/networkWatchers/readme.md +++ b/modules/Microsoft.Network/networkWatchers/readme.md @@ -15,7 +15,7 @@ | Resource Type | API Version | | :-- | :-- | -| `Microsoft.Authorization/locks` | [2017-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) | +| `Microsoft.Authorization/locks` | [2017-04-01](https://docs.microsoft.com/en-us/azure/templates) | | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) | | `Microsoft.Network/networkWatchers` | [2021-08-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-08-01/networkWatchers) | | `Microsoft.Network/networkWatchers/connectionMonitors` | [2021-08-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-08-01/networkWatchers/connectionMonitors) | @@ -181,7 +181,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { type: 'ExternalAddress' } ] - name: 'adp-<>-conmon-nnwcom-x-001' + name: 'dep-<>-conmon-nnwcom-x-001' testConfigurations: [ { httpConfiguration: { @@ -210,7 +210,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { disable: false name: 'TestHTTPBing' sources: [ - '<>-subnet-x-001(${resourceGroup.name})' + '<>-subnet-001(${resourceGroup.name})' ] testConfigurations: [ 'HTTP Test' @@ -228,7 +228,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { } { formatVersion: 1 - name: 'adp-<>-nsg-x-apgw-flowlog' + name: 'dep-<>-nsg-apgw-flowlog' retentionInDays: 8 storageId: '' targetResourceId: '' @@ -278,7 +278,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { "type": "ExternalAddress" } ], - "name": "adp-<>-conmon-nnwcom-x-001", + "name": "dep-<>-conmon-nnwcom-x-001", "testConfigurations": [ { "httpConfiguration": { @@ -307,7 +307,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { "disable": false, "name": "TestHTTPBing", "sources": [ - "<>-subnet-x-001(${resourceGroup.name})" + "<>-subnet-001(${resourceGroup.name})" ], "testConfigurations": [ "HTTP Test" @@ -327,7 +327,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { }, { "formatVersion": 1, - "name": "adp-<>-nsg-x-apgw-flowlog", + "name": "dep-<>-nsg-apgw-flowlog", "retentionInDays": 8, "storageId": "", "targetResourceId": "", From 040190181a945689e97040229e3669efd3eaa710 Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Thu, 10 Nov 2022 18:05:29 +0100 Subject: [PATCH 15/17] Update to latest --- modules/Microsoft.Network/networkWatchers/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Microsoft.Network/networkWatchers/readme.md b/modules/Microsoft.Network/networkWatchers/readme.md index 73786767e6..cd94cee462 100644 --- a/modules/Microsoft.Network/networkWatchers/readme.md +++ b/modules/Microsoft.Network/networkWatchers/readme.md @@ -15,7 +15,7 @@ | Resource Type | API Version | | :-- | :-- | -| `Microsoft.Authorization/locks` | [2017-04-01](https://docs.microsoft.com/en-us/azure/templates) | +| `Microsoft.Authorization/locks` | [2017-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) | | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) | | `Microsoft.Network/networkWatchers` | [2021-08-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-08-01/networkWatchers) | | `Microsoft.Network/networkWatchers/connectionMonitors` | [2021-08-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-08-01/networkWatchers/connectionMonitors) | From d6f9b131bd8130fcaaf0179c70a0b7a3398b1b13 Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Fri, 11 Nov 2022 00:52:06 +0100 Subject: [PATCH 16/17] Updated names --- .../networkWatchers/.test/common/deploy.test.bicep | 6 +++--- modules/Microsoft.Network/networkWatchers/readme.md | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep index 341f305018..9db4088895 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep @@ -64,10 +64,10 @@ module testDeployment '../../deploy.bicep' = { location: testLocation connectionMonitors: [ { - name: 'dep-<>-conmon-${serviceShort}-x-001' + name: '<>-${serviceShort}-001' endpoints: [ { - name: '<>-subnet-x-001(${resourceGroup.name})' + name: '<>-subnet-001(${resourceGroup.name})' resourceId: resourceGroupResources.outputs.virtualMachineResourceId type: 'AzureVM' } @@ -123,7 +123,7 @@ module testDeployment '../../deploy.bicep' = { } { formatVersion: 1 - name: 'dep-<>-nsg-apgw-flowlog' + name: '<>-nsg-apgw-flowlog' retentionInDays: 8 storageId: diagnosticDependencies.outputs.storageAccountResourceId targetResourceId: resourceGroupResources.outputs.secondNetworkSecurityGroupResourceId diff --git a/modules/Microsoft.Network/networkWatchers/readme.md b/modules/Microsoft.Network/networkWatchers/readme.md index cd94cee462..0a6808a87e 100644 --- a/modules/Microsoft.Network/networkWatchers/readme.md +++ b/modules/Microsoft.Network/networkWatchers/readme.md @@ -171,7 +171,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { { endpoints: [ { - name: '<>-subnet-x-001(${resourceGroup.name})' + name: '<>-subnet-001(${resourceGroup.name})' resourceId: '' type: 'AzureVM' } @@ -181,7 +181,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { type: 'ExternalAddress' } ] - name: 'dep-<>-conmon-nnwcom-x-001' + name: '<>-nnwcom-001' testConfigurations: [ { httpConfiguration: { @@ -228,7 +228,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { } { formatVersion: 1 - name: 'dep-<>-nsg-apgw-flowlog' + name: '<>-nsg-apgw-flowlog' retentionInDays: 8 storageId: '' targetResourceId: '' @@ -268,7 +268,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { { "endpoints": [ { - "name": "<>-subnet-x-001(${resourceGroup.name})", + "name": "<>-subnet-001(${resourceGroup.name})", "resourceId": "", "type": "AzureVM" }, @@ -278,7 +278,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { "type": "ExternalAddress" } ], - "name": "dep-<>-conmon-nnwcom-x-001", + "name": "<>-nnwcom-001", "testConfigurations": [ { "httpConfiguration": { @@ -327,7 +327,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { }, { "formatVersion": 1, - "name": "dep-<>-nsg-apgw-flowlog", + "name": "<>-nsg-apgw-flowlog", "retentionInDays": 8, "storageId": "", "targetResourceId": "", From c0f6fd7fc0b95cf4e512d64ab2d3eb83838140e6 Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Fri, 11 Nov 2022 11:32:01 +0100 Subject: [PATCH 17/17] Updated names --- .../networkWatchers/.test/common/deploy.test.bicep | 4 ++-- modules/Microsoft.Network/networkWatchers/readme.md | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep index 9db4088895..732167b673 100644 --- a/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/networkWatchers/.test/common/deploy.test.bicep @@ -64,7 +64,7 @@ module testDeployment '../../deploy.bicep' = { location: testLocation connectionMonitors: [ { - name: '<>-${serviceShort}-001' + name: '<>-${serviceShort}-cm-001' endpoints: [ { name: '<>-subnet-001(${resourceGroup.name})' @@ -123,7 +123,7 @@ module testDeployment '../../deploy.bicep' = { } { formatVersion: 1 - name: '<>-nsg-apgw-flowlog' + name: '<>-${serviceShort}-fl-001' retentionInDays: 8 storageId: diagnosticDependencies.outputs.storageAccountResourceId targetResourceId: resourceGroupResources.outputs.secondNetworkSecurityGroupResourceId diff --git a/modules/Microsoft.Network/networkWatchers/readme.md b/modules/Microsoft.Network/networkWatchers/readme.md index 0a6808a87e..63303a7ad1 100644 --- a/modules/Microsoft.Network/networkWatchers/readme.md +++ b/modules/Microsoft.Network/networkWatchers/readme.md @@ -181,7 +181,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { type: 'ExternalAddress' } ] - name: '<>-nnwcom-001' + name: '<>-nnwcom-cm-001' testConfigurations: [ { httpConfiguration: { @@ -228,7 +228,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { } { formatVersion: 1 - name: '<>-nsg-apgw-flowlog' + name: '<>-nnwcom-fl-001' retentionInDays: 8 storageId: '' targetResourceId: '' @@ -278,7 +278,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { "type": "ExternalAddress" } ], - "name": "<>-nnwcom-001", + "name": "<>-nnwcom-cm-001", "testConfigurations": [ { "httpConfiguration": { @@ -327,7 +327,7 @@ module networkWatchers './Microsoft.Network/networkWatchers/deploy.bicep' = { }, { "formatVersion": 1, - "name": "<>-nsg-apgw-flowlog", + "name": "<>-nnwcom-fl-001", "retentionInDays": 8, "storageId": "", "targetResourceId": "",