diff --git a/modules/Microsoft.Resources/resourceGroups/deploy.bicep b/modules/Microsoft.Resources/resourceGroups/deploy.bicep index e6f770c13a..f5d6ce8f26 100644 --- a/modules/Microsoft.Resources/resourceGroups/deploy.bicep +++ b/modules/Microsoft.Resources/resourceGroups/deploy.bicep @@ -20,6 +20,9 @@ param roleAssignments array = [] @description('Optional. Tags of the storage account resource.') param tags object = {} +@description('Optional. The ID of the resource that manages this resource group.') +param managedBy string = '' + @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true @@ -36,10 +39,11 @@ resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (ena } } -resource resourceGroup 'Microsoft.Resources/resourceGroups@2019-05-01' = { +resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { location: location name: name tags: tags + managedBy: managedBy properties: {} } diff --git a/modules/Microsoft.Resources/resourceGroups/readme.md b/modules/Microsoft.Resources/resourceGroups/readme.md index ed047db942..efbf5eceee 100644 --- a/modules/Microsoft.Resources/resourceGroups/readme.md +++ b/modules/Microsoft.Resources/resourceGroups/readme.md @@ -17,7 +17,7 @@ This module deploys a resource group. | :-- | :-- | | `Microsoft.Authorization/locks` | [2020-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2020-05-01/locks) | | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) | -| `Microsoft.Resources/resourceGroups` | [2019-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Resources/resourceGroups) | +| `Microsoft.Resources/resourceGroups` | [2021-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Resources/2021-04-01/resourceGroups) | ## Parameters @@ -34,6 +34,7 @@ This module deploys a resource group. | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | | `location` | string | `[deployment().location]` | | Location of the Resource Group. It uses the deployment's location when not provided. | | `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | +| `managedBy` | string | `''` | | The ID of the resource that manages this resource group. | | `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the storage account resource. |