diff --git a/constructs/Compute/virtualMachinesMultiple/README.md b/constructs/Compute/virtualMachinesMultiple/README.md
index 19266955b9..81b6f034e7 100644
--- a/constructs/Compute/virtualMachinesMultiple/README.md
+++ b/constructs/Compute/virtualMachinesMultiple/README.md
@@ -67,7 +67,6 @@ This module deploys one or multiple Virtual Machines.
| `dedicatedHostId` | string | `''` | | Specifies resource ID about the dedicated host that the virtual machine resides in. |
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. |
| `disablePasswordAuthentication` | bool | `False` | | Specifies whether password authentication should be disabled. |
diff --git a/constructs/Compute/virtualMachinesMultiple/main.bicep b/constructs/Compute/virtualMachinesMultiple/main.bicep
index 42e9527e8a..9fc00d6f9e 100644
--- a/constructs/Compute/virtualMachinesMultiple/main.bicep
+++ b/constructs/Compute/virtualMachinesMultiple/main.bicep
@@ -230,11 +230,6 @@ param extensionCustomScriptProtectedSetting object = {}
@description('Optional. Location for all resources.')
param location string = resourceGroup().location
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -301,7 +296,7 @@ var vmNamesToApply = !empty(vmNames) ? vmNames : vmGeneratedNames
var enableReferencedModulesTelemetry = false
-module virtualMachine '../../../modules/Compute/virtualMachines/main.bicep' = [for (vmName, index) in vmNamesToApply: {
+module virtualMachine '../../../modules/compute/virtual-machine/main.bicep' = [for (vmName, index) in vmNamesToApply: {
name: '${deployment().name}-vm-${index}'
params: {
name: vmName
@@ -328,7 +323,6 @@ module virtualMachine '../../../modules/Compute/virtualMachines/main.bicep' = [f
dedicatedHostId: dedicatedHostId
diagnosticEventHubAuthorizationRuleId: diagnosticEventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticEventHubName
- diagnosticLogsRetentionInDays: diagnosticLogsRetentionInDays
diagnosticStorageAccountId: diagnosticStorageAccountId
diagnosticWorkspaceId: diagnosticWorkspaceId
disablePasswordAuthentication: disablePasswordAuthentication
diff --git a/constructs/Network/virtualNetwork/virtualNetworkPeeringsMultiRemoteVnets/README.md b/constructs/Network/virtualNetwork/virtualNetworkPeeringsMultiRemoteVnets/README.md
index dcbcc3715e..6a06b43945 100644
--- a/constructs/Network/virtualNetwork/virtualNetworkPeeringsMultiRemoteVnets/README.md
+++ b/constructs/Network/virtualNetwork/virtualNetworkPeeringsMultiRemoteVnets/README.md
@@ -13,7 +13,7 @@ This template deploys Virtual Network Peering.
| Resource Type | API Version |
| :-- | :-- |
-| `Microsoft.Network/virtualNetworks/virtualNetworkPeerings` | [2021-08-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-08-01/virtualNetworks/virtualNetworkPeerings) |
+| `Microsoft.Network/virtualNetworks/virtualNetworkPeerings` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/virtualnetworks/virtualnetworkpeerings) |
## Parameters
diff --git a/constructs/Network/virtualNetwork/virtualNetworkPeeringsMultiRemoteVnets/main.bicep b/constructs/Network/virtualNetwork/virtualNetworkPeeringsMultiRemoteVnets/main.bicep
index d2db3767e0..9a6eedc849 100644
--- a/constructs/Network/virtualNetwork/virtualNetworkPeeringsMultiRemoteVnets/main.bicep
+++ b/constructs/Network/virtualNetwork/virtualNetworkPeeringsMultiRemoteVnets/main.bicep
@@ -19,7 +19,7 @@ resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (ena
}
}
-module virtualNetworkPeering '../../../../modules/Network/virtualNetworks/virtualNetworkPeerings/main.bicep' = [for peeringConfiguration in peeringConfigurations: {
+module virtualNetworkPeering '../../../../modules/network/virtual-network/virtual-network-peering/main.bicep' = [for peeringConfiguration in peeringConfigurations: {
name: 'virtualNetworkPeering-${last(split(peeringConfiguration.remoteVirtualNetworkId, '/'))}'
params: {
name: contains(peeringConfiguration, 'peeringName') ? '${peeringConfiguration.peeringName}' : '${localVnetName}-${last(split(peeringConfiguration.remoteVirtualNetworkId, '/'))}'
diff --git a/docs/wiki/The library - Module design.md b/docs/wiki/The library - Module design.md
index 8be0455ffb..b1ad89c38c 100644
--- a/docs/wiki/The library - Module design.md
+++ b/docs/wiki/The library - Module design.md
@@ -295,10 +295,6 @@ The diagnostic settings may differ slightly, from resource to resource. Most not
Details
```bicep
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -336,20 +332,12 @@ param diagnosticSettingsName string = ''
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -357,10 +345,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
resource _diagnosticSettings 'Microsoft.Insights/diagnosticsettings@2021-05-01-preview' = if (!empty(diagnosticStorageAccountId) || !empty(diagnosticWorkspaceId) || !empty(diagnosticEventHubAuthorizationRuleId) || !empty(diagnosticEventHubName)) {
diff --git a/modules/aad/domain-service/.test/common/dependencies.bicep b/modules/aad/domain-service/.test/common/dependencies.bicep
index f8b131d624..0790bd447a 100644
--- a/modules/aad/domain-service/.test/common/dependencies.bicep
+++ b/modules/aad/domain-service/.test/common/dependencies.bicep
@@ -17,75 +17,75 @@ var certPWSecretName = 'pfxCertificatePassword'
var certSecretName = 'pfxBase64Certificate'
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = {
- name: keyVaultName
- location: location
- properties: {
- sku: {
- family: 'A'
- name: 'standard'
- }
- tenantId: tenant().tenantId
- enablePurgeProtection: null
- enabledForTemplateDeployment: true
- enabledForDiskEncryption: true
- enabledForDeployment: true
- enableRbacAuthorization: true
- accessPolicies: []
+ name: keyVaultName
+ location: location
+ properties: {
+ sku: {
+ family: 'A'
+ name: 'standard'
}
+ tenantId: tenant().tenantId
+ enablePurgeProtection: null
+ enabledForTemplateDeployment: true
+ enabledForDiskEncryption: true
+ enabledForDeployment: true
+ enableRbacAuthorization: true
+ accessPolicies: []
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
resource keyPermissions 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid('msi-${managedIdentity.name}-KeyVault-Admin-RoleAssignment')
- scope: keyVault
- properties: {
- principalId: managedIdentity.properties.principalId
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '00482a5a-887f-4fb3-b363-3b7fe8e74483') // Key Vault Administrator
- principalType: 'ServicePrincipal'
- }
+ name: guid('msi-${managedIdentity.name}-KeyVault-Admin-RoleAssignment')
+ scope: keyVault
+ properties: {
+ principalId: managedIdentity.properties.principalId
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '00482a5a-887f-4fb3-b363-3b7fe8e74483') // Key Vault Administrator
+ principalType: 'ServicePrincipal'
+ }
}
resource certDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = {
- name: certDeploymentScriptName
- location: location
- kind: 'AzurePowerShell'
- identity: {
- type: 'UserAssigned'
- userAssignedIdentities: {
- '${managedIdentity.id}': {}
- }
- }
- properties: {
- azPowerShellVersion: '3.0'
- retentionInterval: 'P1D'
- arguments: ' -KeyVaultName "${keyVault.name}" -ResourceGroupName "${resourceGroup().name}" -CertPWSecretName "${certPWSecretName}" -CertSecretName "${certSecretName}"'
- scriptContent: loadTextContent('../../../../.shared/.scripts/Set-PfxCertificateInKeyVault.ps1')
+ name: certDeploymentScriptName
+ location: location
+ kind: 'AzurePowerShell'
+ identity: {
+ type: 'UserAssigned'
+ userAssignedIdentities: {
+ '${managedIdentity.id}': {}
}
+ }
+ properties: {
+ azPowerShellVersion: '3.0'
+ retentionInterval: 'P1D'
+ arguments: ' -KeyVaultName "${keyVault.name}" -ResourceGroupName "${resourceGroup().name}" -CertPWSecretName "${certPWSecretName}" -CertSecretName "${certSecretName}"'
+ scriptContent: loadTextContent('../../../../.shared/.scripts/Set-PfxCertificateInKeyVault.ps1')
+ }
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/aad/domain-service/.test/common/main.test.bicep b/modules/aad/domain-service/.test/common/main.test.bicep
index d75646823c..39ebef747d 100644
--- a/modules/aad/domain-service/.test/common/main.test.bicep
+++ b/modules/aad/domain-service/.test/common/main.test.bicep
@@ -75,7 +75,6 @@ module testDeployment '../../main.bicep' = {
additionalRecipients: [
'${namePrefix}@noreply.github.com'
]
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/aad/domain-service/README.md b/modules/aad/domain-service/README.md
index 5f254cf354..14813acc04 100644
--- a/modules/aad/domain-service/README.md
+++ b/modules/aad/domain-service/README.md
@@ -43,7 +43,6 @@ This module deploys an Azure Active Directory Domain Services (AADDS).
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', AccountLogon, AccountManagement, allLogs, DetailTracking, DirectoryServiceAccess, LogonLogoff, ObjectAccess, PolicyChange, PrivilegeUse, SystemSecurity]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. |
| `domainConfigurationType` | string | `'FullySynced'` | `[FullySynced, ResourceTrusting]` | The value is to provide domain configuration type. |
@@ -238,7 +237,6 @@ module domainService './aad/domain-service/main.bicep' = {
]
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -289,9 +287,6 @@ module domainService './aad/domain-service/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/aad/domain-service/main.bicep b/modules/aad/domain-service/main.bicep
index 8e33c8f9b0..e8aa4ad471 100644
--- a/modules/aad/domain-service/main.bicep
+++ b/modules/aad/domain-service/main.bicep
@@ -130,11 +130,6 @@ param diagnosticEventHubName string = ''
@description('Optional. Tags of the resource.')
param tags object = {}
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).')
param enableDefaultTelemetry bool = true
@@ -170,20 +165,12 @@ param diagnosticLogCategoriesToEnable array = [
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
diff --git a/modules/aad/domain-service/main.json b/modules/aad/domain-service/main.json
index 8451da0e89..d7c212e90c 100644
--- a/modules/aad/domain-service/main.json
+++ b/modules/aad/domain-service/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "7212864402192809754"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "11963708843565725905"
+ },
+ "name": "Azure Active Directory Domain Services",
+ "description": "This module deploys an Azure Active Directory Domain Services (AADDS).",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -232,15 +235,6 @@
"description": "Optional. Tags of the resource."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"enableDefaultTelemetry": {
"type": "bool",
"defaultValue": true,
@@ -251,14 +245,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -297,15 +291,11 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
},
"resources": [
{
@@ -420,8 +410,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "1835196590744677033"
+ "version": "0.20.4.51522",
+ "templateHash": "1057451730185252367"
}
},
"parameters": {
diff --git a/modules/analysis-services/server/.test/common/main.test.bicep b/modules/analysis-services/server/.test/common/main.test.bicep
index b5ad65e147..ad76d1af43 100644
--- a/modules/analysis-services/server/.test/common/main.test.bicep
+++ b/modules/analysis-services/server/.test/common/main.test.bicep
@@ -74,7 +74,6 @@ module testDeployment '../../main.bicep' = {
principalType: 'ServicePrincipal'
}
]
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/analysis-services/server/.test/max/main.test.bicep b/modules/analysis-services/server/.test/max/main.test.bicep
index a0448bdaa0..582c804860 100644
--- a/modules/analysis-services/server/.test/max/main.test.bicep
+++ b/modules/analysis-services/server/.test/max/main.test.bicep
@@ -85,7 +85,6 @@ module testDeployment '../../main.bicep' = {
principalType: 'ServicePrincipal'
}
]
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/analysis-services/server/README.md b/modules/analysis-services/server/README.md
index 320ede300c..b01b46f8b3 100644
--- a/modules/analysis-services/server/README.md
+++ b/modules/analysis-services/server/README.md
@@ -34,7 +34,6 @@ This module deploys an Analysis Services Server.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, Engine, Service]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
@@ -184,7 +183,6 @@ module server './analysis-services/server/main.bicep' = {
// Non-required parameters
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -230,9 +228,6 @@ module server './analysis-services/server/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
@@ -291,7 +286,6 @@ module server './analysis-services/server/main.bicep' = {
'Engine'
'Service'
]
- diagnosticLogsRetentionInDays: 7
diagnosticMetricsToEnable: [
'AllMetrics'
]
@@ -353,9 +347,6 @@ module server './analysis-services/server/main.bicep' = {
"Service"
]
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticMetricsToEnable": {
"value": [
"AllMetrics"
diff --git a/modules/analysis-services/server/main.bicep b/modules/analysis-services/server/main.bicep
index 178798e9db..0b0ca98d44 100644
--- a/modules/analysis-services/server/main.bicep
+++ b/modules/analysis-services/server/main.bicep
@@ -26,11 +26,6 @@ param firewallSettings object = {
@description('Optional. Location for all Resources.')
param location string = resourceGroup().location
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -85,20 +80,12 @@ param diagnosticSettingsName string = ''
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -106,10 +93,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) {
diff --git a/modules/analysis-services/server/main.json b/modules/analysis-services/server/main.json
index b50b4ddb8c..034f53242c 100644
--- a/modules/analysis-services/server/main.json
+++ b/modules/analysis-services/server/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "9546583248614187167"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "10064223785329368726"
+ },
+ "name": "Analysis Services Servers",
+ "description": "This module deploys an Analysis Services Server.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -52,15 +55,6 @@
"description": "Optional. Location for all Resources."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -92,14 +86,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -164,11 +158,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -177,15 +167,11 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
},
"resources": [
{
@@ -282,8 +268,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11608096580745695876"
+ "version": "0.20.4.51522",
+ "templateHash": "15590714007425491246"
}
},
"parameters": {
diff --git a/modules/api-management/service/.test/max/main.test.bicep b/modules/api-management/service/.test/max/main.test.bicep
index 0ffbd7d57d..daf0f7f8ad 100644
--- a/modules/api-management/service/.test/max/main.test.bicep
+++ b/modules/api-management/service/.test/max/main.test.bicep
@@ -117,7 +117,6 @@ module testDeployment '../../main.bicep' = {
useFromLocation: 'westeurope'
}
]
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/api-management/service/README.md b/modules/api-management/service/README.md
index 5a6a3c57a6..0aa2f605e6 100644
--- a/modules/api-management/service/README.md
+++ b/modules/api-management/service/README.md
@@ -59,7 +59,6 @@ This module deploys an API Management Service.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, GatewayLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
@@ -484,7 +483,6 @@ module service './api-management/service/main.bicep' = {
]
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -653,9 +651,6 @@ module service './api-management/service/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/api-management/service/api-version-set/main.json b/modules/api-management/service/api-version-set/main.json
index cfe229a07b..f09d56ff92 100644
--- a/modules/api-management/service/api-version-set/main.json
+++ b/modules/api-management/service/api-version-set/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "5488393470456105245"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "9352626903654043411"
+ },
+ "name": "API Management Service API Version Sets",
+ "description": "This module deploys an API Management Service API Version Set.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
diff --git a/modules/api-management/service/api/main.json b/modules/api-management/service/api/main.json
index a83f4ed2f0..08c998bf80 100644
--- a/modules/api-management/service/api/main.json
+++ b/modules/api-management/service/api/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "2877903221973830932"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "9074052005199170712"
+ },
+ "name": "API Management Service APIs",
+ "description": "This module deploys an API Management Service API.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -281,9 +284,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "14535247884365099462"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "5031714372762112092"
+ },
+ "name": "API Management Service APIs Policies",
+ "description": "This module deploys an API Management Service API Policy.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
diff --git a/modules/api-management/service/api/policy/main.json b/modules/api-management/service/api/policy/main.json
index 0f1748fbf4..76457b0c2f 100644
--- a/modules/api-management/service/api/policy/main.json
+++ b/modules/api-management/service/api/policy/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "14535247884365099462"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "5031714372762112092"
+ },
+ "name": "API Management Service APIs Policies",
+ "description": "This module deploys an API Management Service API Policy.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
diff --git a/modules/api-management/service/authorization-server/main.json b/modules/api-management/service/authorization-server/main.json
index 5425db1054..d956cf25f5 100644
--- a/modules/api-management/service/authorization-server/main.json
+++ b/modules/api-management/service/authorization-server/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16113108844531678160"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "8155815469027179886"
+ },
+ "name": "API Management Service Authorization Servers",
+ "description": "This module deploys an API Management Service Authorization Server.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/api-management/service/backend/main.json b/modules/api-management/service/backend/main.json
index 515fde20f7..17c351e22a 100644
--- a/modules/api-management/service/backend/main.json
+++ b/modules/api-management/service/backend/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "10485477109069205796"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "1669725941639871055"
+ },
+ "name": "API Management Service Backends",
+ "description": "This module deploys an API Management Service Backend.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
diff --git a/modules/api-management/service/cache/main.json b/modules/api-management/service/cache/main.json
index a606438e2b..662943675f 100644
--- a/modules/api-management/service/cache/main.json
+++ b/modules/api-management/service/cache/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "14901031265236109470"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17031319637382778576"
+ },
+ "name": "API Management Service Caches",
+ "description": "This module deploys an API Management Service Cache.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
diff --git a/modules/api-management/service/identity-provider/main.json b/modules/api-management/service/identity-provider/main.json
index 35fbc544d2..12777acfdc 100644
--- a/modules/api-management/service/identity-provider/main.json
+++ b/modules/api-management/service/identity-provider/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "5110602870020980101"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17041253664250888675"
+ },
+ "name": "API Management Service Identity Providers",
+ "description": "This module deploys an API Management Service Identity Provider.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
diff --git a/modules/api-management/service/main.bicep b/modules/api-management/service/main.bicep
index 3d7e8e488c..cdc0d4c0d6 100644
--- a/modules/api-management/service/main.bicep
+++ b/modules/api-management/service/main.bicep
@@ -18,11 +18,6 @@ param enableDefaultTelemetry bool = true
@description('Optional. Custom properties of the API Management service.')
param customProperties object = {}
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -177,20 +172,12 @@ var authorizationServerList = !empty(authorizationServers) ? authorizationServer
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -198,10 +185,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None')
diff --git a/modules/api-management/service/main.json b/modules/api-management/service/main.json
index 3e8af8e080..466bded3f4 100644
--- a/modules/api-management/service/main.json
+++ b/modules/api-management/service/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11470399654102963558"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "11924576523256910990"
+ },
+ "name": "API Management Services",
+ "description": "This module deploys an API Management Service.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"additionalLocations": {
@@ -44,15 +47,6 @@
"description": "Optional. Custom properties of the API Management service."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -119,14 +113,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"minApiVersion": {
"type": "string",
@@ -358,11 +352,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -371,17 +361,13 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
"enableReferencedModulesTelemetry": false,
"authorizationServerList": "[if(not(empty(parameters('authorizationServers'))), parameters('authorizationServers').secureList, createArray())]",
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
"identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]",
"identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]"
},
@@ -515,9 +501,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "2877903221973830932"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "9074052005199170712"
+ },
+ "name": "API Management Service APIs",
+ "description": "This module deploys an API Management Service API.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -792,9 +781,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "14535247884365099462"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "5031714372762112092"
+ },
+ "name": "API Management Service APIs Policies",
+ "description": "This module deploys an API Management Service API Policy.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
@@ -959,9 +951,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "5488393470456105245"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "9352626903654043411"
+ },
+ "name": "API Management Service API Version Sets",
+ "description": "This module deploys an API Management Service API Version Set.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
@@ -1096,9 +1091,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16113108844531678160"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "8155815469027179886"
+ },
+ "name": "API Management Service Authorization Servers",
+ "description": "This module deploys an API Management Service Authorization Server.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -1341,9 +1339,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "10485477109069205796"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "1669725941639871055"
+ },
+ "name": "API Management Service Backends",
+ "description": "This module deploys an API Management Service Backend.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
@@ -1532,9 +1533,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "14901031265236109470"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17031319637382778576"
+ },
+ "name": "API Management Service Caches",
+ "description": "This module deploys an API Management Service Cache.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
@@ -1680,9 +1684,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "5110602870020980101"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17041253664250888675"
+ },
+ "name": "API Management Service Identity Providers",
+ "description": "This module deploys an API Management Service Identity Provider.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
@@ -1893,9 +1900,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "7564868053605703508"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "7537918735725646871"
+ },
+ "name": "API Management Service Named Values",
+ "description": "This module deploys an API Management Service Named Value.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
@@ -2043,9 +2053,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4856642569874165602"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "11909172258549553650"
+ },
+ "name": "API Management Service Portal Settings",
+ "description": "This module deploys an API Management Service Portal Setting.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
@@ -2163,9 +2176,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "8916467929496361160"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "8348924989076719813"
+ },
+ "name": "API Management Service Policies",
+ "description": "This module deploys an API Management Service Policy.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
@@ -2300,9 +2316,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16475090457313931987"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "11659142408016307537"
+ },
+ "name": "API Management Service Products",
+ "description": "This module deploys an API Management Service Product.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
@@ -2446,9 +2465,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12089259943011536891"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13243242177616383868"
+ },
+ "name": "API Management Service Products APIs",
+ "description": "This module deploys an API Management Service Product API.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
@@ -2557,9 +2579,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11103836419434676307"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "11867976378445976169"
+ },
+ "name": "API Management Service Products Groups",
+ "description": "This module deploys an API Management Service Product Group.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
@@ -2720,9 +2745,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12367355015017633052"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "15277659663277232184"
+ },
+ "name": "API Management Service Subscriptions",
+ "description": "This module deploys an API Management Service Subscription.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"allowTracing": {
@@ -2880,8 +2908,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "2137109478394702779"
+ "version": "0.20.4.51522",
+ "templateHash": "10733405494558281066"
}
},
"parameters": {
diff --git a/modules/api-management/service/named-value/main.json b/modules/api-management/service/named-value/main.json
index 417ad16f86..c75a4a3928 100644
--- a/modules/api-management/service/named-value/main.json
+++ b/modules/api-management/service/named-value/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "7564868053605703508"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "7537918735725646871"
+ },
+ "name": "API Management Service Named Values",
+ "description": "This module deploys an API Management Service Named Value.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
diff --git a/modules/api-management/service/policy/main.json b/modules/api-management/service/policy/main.json
index bfc425aa16..65580b17b4 100644
--- a/modules/api-management/service/policy/main.json
+++ b/modules/api-management/service/policy/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "8916467929496361160"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "8348924989076719813"
+ },
+ "name": "API Management Service Policies",
+ "description": "This module deploys an API Management Service Policy.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
diff --git a/modules/api-management/service/portalsetting/main.json b/modules/api-management/service/portalsetting/main.json
index 3d23b87e0d..174392d0e0 100644
--- a/modules/api-management/service/portalsetting/main.json
+++ b/modules/api-management/service/portalsetting/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4856642569874165602"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "11909172258549553650"
+ },
+ "name": "API Management Service Portal Settings",
+ "description": "This module deploys an API Management Service Portal Setting.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
diff --git a/modules/api-management/service/product/api/main.json b/modules/api-management/service/product/api/main.json
index 4619016a4b..157c8181f7 100644
--- a/modules/api-management/service/product/api/main.json
+++ b/modules/api-management/service/product/api/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12089259943011536891"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13243242177616383868"
+ },
+ "name": "API Management Service Products APIs",
+ "description": "This module deploys an API Management Service Product API.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
diff --git a/modules/api-management/service/product/group/main.json b/modules/api-management/service/product/group/main.json
index 44041f695b..de5f8ef5c8 100644
--- a/modules/api-management/service/product/group/main.json
+++ b/modules/api-management/service/product/group/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11103836419434676307"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "11867976378445976169"
+ },
+ "name": "API Management Service Products Groups",
+ "description": "This module deploys an API Management Service Product Group.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
diff --git a/modules/api-management/service/product/main.json b/modules/api-management/service/product/main.json
index a1b3ef1f1d..172a816f4f 100644
--- a/modules/api-management/service/product/main.json
+++ b/modules/api-management/service/product/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16475090457313931987"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "11659142408016307537"
+ },
+ "name": "API Management Service Products",
+ "description": "This module deploys an API Management Service Product.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
@@ -150,9 +153,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12089259943011536891"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13243242177616383868"
+ },
+ "name": "API Management Service Products APIs",
+ "description": "This module deploys an API Management Service Product API.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
@@ -261,9 +267,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11103836419434676307"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "11867976378445976169"
+ },
+ "name": "API Management Service Products Groups",
+ "description": "This module deploys an API Management Service Product Group.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"apiManagementServiceName": {
diff --git a/modules/api-management/service/subscription/main.json b/modules/api-management/service/subscription/main.json
index e74886e83f..2ca7d5862e 100644
--- a/modules/api-management/service/subscription/main.json
+++ b/modules/api-management/service/subscription/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12367355015017633052"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "15277659663277232184"
+ },
+ "name": "API Management Service Subscriptions",
+ "description": "This module deploys an API Management Service Subscription.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"allowTracing": {
diff --git a/modules/app-configuration/configuration-store/.test/common/main.test.bicep b/modules/app-configuration/configuration-store/.test/common/main.test.bicep
index 10563eb418..46047d29bc 100644
--- a/modules/app-configuration/configuration-store/.test/common/main.test.bicep
+++ b/modules/app-configuration/configuration-store/.test/common/main.test.bicep
@@ -64,7 +64,6 @@ module testDeployment '../../main.bicep' = {
enableDefaultTelemetry: enableDefaultTelemetry
name: '${namePrefix}${serviceShort}001'
createMode: 'Default'
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/app-configuration/configuration-store/.test/pe/dependencies.bicep b/modules/app-configuration/configuration-store/.test/pe/dependencies.bicep
index a92ed9b76a..ca28691a17 100644
--- a/modules/app-configuration/configuration-store/.test/pe/dependencies.bicep
+++ b/modules/app-configuration/configuration-store/.test/pe/dependencies.bicep
@@ -6,7 +6,7 @@ param location string = resourceGroup().location
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
name: virtualNetworkName
location: location
properties: {
diff --git a/modules/app-configuration/configuration-store/README.md b/modules/app-configuration/configuration-store/README.md
index 96101fecc6..23edaceeaf 100644
--- a/modules/app-configuration/configuration-store/README.md
+++ b/modules/app-configuration/configuration-store/README.md
@@ -19,8 +19,8 @@ This module deploys an App Configuration Store.
| `Microsoft.Authorization/locks` | [2020-05-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2020-05-01/locks) |
| `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) |
| `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) |
-| `Microsoft.Network/privateEndpoints` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints) |
-| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints/privateDnsZoneGroups) |
+| `Microsoft.Network/privateEndpoints` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints) |
+| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints/privateDnsZoneGroups) |
## Parameters
@@ -38,7 +38,6 @@ This module deploys an App Configuration Store.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, Audit, HttpRequest]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
@@ -333,7 +332,6 @@ module configurationStore './app-configuration/configuration-store/main.bicep' =
createMode: 'Default'
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
disableLocalAuth: false
@@ -401,9 +399,6 @@ module configurationStore './app-configuration/configuration-store/main.bicep' =
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/app-configuration/configuration-store/key-value/main.json b/modules/app-configuration/configuration-store/key-value/main.json
index 3edf1d060b..69e7caf120 100644
--- a/modules/app-configuration/configuration-store/key-value/main.json
+++ b/modules/app-configuration/configuration-store/key-value/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11694174927127142874"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "18125120019454222929"
+ },
+ "name": "App Configuration Stores Key Values",
+ "description": "This module deploys an App Configuration Store Key Value.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/app-configuration/configuration-store/main.bicep b/modules/app-configuration/configuration-store/main.bicep
index fe242a7844..f3943eb2ba 100644
--- a/modules/app-configuration/configuration-store/main.bicep
+++ b/modules/app-configuration/configuration-store/main.bicep
@@ -50,11 +50,6 @@ param softDeleteRetentionInDays int = 1
@description('Optional. All Key / Values to create.')
param keyValues array = []
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -114,20 +109,12 @@ var enableReferencedModulesTelemetry = false
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -135,10 +122,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var identityType = systemAssignedIdentity ? 'SystemAssigned' : !empty(userAssignedIdentities) ? 'UserAssigned' : 'None'
diff --git a/modules/app-configuration/configuration-store/main.json b/modules/app-configuration/configuration-store/main.json
index d8a6ae0bd4..84bf22d70e 100644
--- a/modules/app-configuration/configuration-store/main.json
+++ b/modules/app-configuration/configuration-store/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "14681467525006388511"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "10371162736830551365"
+ },
+ "name": "App Configuration Stores",
+ "description": "This module deploys an App Configuration Store.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -39,24 +42,24 @@
"sku": {
"type": "string",
"defaultValue": "Standard",
- "metadata": {
- "description": "Optional. Pricing tier of App Configuration."
- },
"allowedValues": [
"Free",
"Standard"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Pricing tier of App Configuration."
+ }
},
"createMode": {
"type": "string",
"defaultValue": "Default",
- "metadata": {
- "description": "Optional. Indicates whether the configuration store need to be recovered."
- },
"allowedValues": [
"Default",
"Recover"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Indicates whether the configuration store need to be recovered."
+ }
},
"disableLocalAuth": {
"type": "bool",
@@ -87,8 +90,8 @@
"softDeleteRetentionInDays": {
"type": "int",
"defaultValue": 1,
- "maxValue": 7,
"minValue": 1,
+ "maxValue": 7,
"metadata": {
"description": "Optional. The amount of time in days that the configuration store will be retained when it is soft deleted."
}
@@ -100,15 +103,6 @@
"description": "Optional. All Key / Values to create."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -140,14 +134,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -219,11 +213,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -232,16 +222,12 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
"enableReferencedModulesTelemetry": false,
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
"identityType": "[if(parameters('systemAssignedIdentity'), 'SystemAssigned', if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]",
"identity": {
"type": "[variables('identityType')]",
@@ -348,9 +334,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11694174927127142874"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "18125120019454222929"
+ },
+ "name": "App Configuration Stores Key Values",
+ "description": "This module deploys an App Configuration Store Key Value.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -482,8 +471,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "9214998026819281183"
+ "version": "0.20.4.51522",
+ "templateHash": "8595390874320189922"
}
},
"parameters": {
@@ -646,9 +635,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11825715538543749879"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13560297539192628062"
+ },
+ "name": "Private Endpoints",
+ "description": "This module deploys a Private Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -713,14 +705,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -778,7 +770,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
@@ -843,9 +835,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12684511314187066258"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17831763001460207830"
+ },
+ "name": "Private Endpoint Private DNS Zone Groups",
+ "description": "This module deploys a Private Endpoint Private DNS Zone Group.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"privateEndpointName": {
@@ -856,8 +851,8 @@
},
"privateDNSResourceIds": {
"type": "array",
- "maxLength": 5,
"minLength": 1,
+ "maxLength": 5,
"metadata": {
"description": "Required. Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones."
}
@@ -908,7 +903,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('name'))]",
"properties": {
"privateDnsZoneConfigs": "[variables('privateDnsZoneConfigs')]"
@@ -978,8 +973,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18055161250379920591"
+ "version": "0.20.4.51522",
+ "templateHash": "11548486149222715894"
}
},
"parameters": {
@@ -1149,7 +1144,7 @@
"metadata": {
"description": "The location the resource was deployed into."
},
- "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2022-07-01', 'full').location]"
+ "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2023-04-01', 'full').location]"
}
}
}
diff --git a/modules/app/container-app/main.json b/modules/app/container-app/main.json
index ac3a6178ad..6fa21ef628 100644
--- a/modules/app/container-app/main.json
+++ b/modules/app/container-app/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18402842656591712663"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "811549268081936202"
+ },
+ "name": "Container Apps",
+ "description": "This module deploys a Container App.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -32,15 +35,15 @@
"ingressTransport": {
"type": "string",
"defaultValue": "auto",
- "metadata": {
- "description": "Optional. Ingress transport protocol."
- },
"allowedValues": [
"auto",
"http",
"http2",
"tcp"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Ingress transport protocol."
+ }
},
"ingressAllowInsecure": {
"type": "bool",
@@ -80,13 +83,13 @@
"activeRevisionsMode": {
"type": "string",
"defaultValue": "Single",
- "metadata": {
- "description": "Optional. ActiveRevisionsMode controls how active revisions are handled for the Container app."
- },
"allowedValues": [
"Multiple",
"Single"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. ActiveRevisionsMode controls how active revisions are handled for the Container app."
+ }
},
"environmentId": {
"type": "string",
@@ -97,14 +100,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"tags": {
"type": "object",
@@ -368,8 +371,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16174564455702406600"
+ "version": "0.20.4.51522",
+ "templateHash": "17140491380029994713"
}
},
"parameters": {
diff --git a/modules/app/managed-environment/.test/common/dependencies.bicep b/modules/app/managed-environment/.test/common/dependencies.bicep
index 0c98af9fe3..8fddc251f3 100644
--- a/modules/app/managed-environment/.test/common/dependencies.bicep
+++ b/modules/app/managed-environment/.test/common/dependencies.bicep
@@ -24,7 +24,7 @@ resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2022-10
})
}
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = {
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
name: virtualNetworkName
location: location
properties: {
diff --git a/modules/app/managed-environment/main.json b/modules/app/managed-environment/main.json
index 88516d1369..deb5e11f77 100644
--- a/modules/app/managed-environment/main.json
+++ b/modules/app/managed-environment/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "9395681676877884238"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "6927038014071705356"
+ },
+ "name": "App ManagedEnvironments",
+ "description": "This module deploys an App Managed Environment (also known as a Container App Environment).",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -45,13 +48,13 @@
"skuName": {
"type": "string",
"defaultValue": "Consumption",
- "metadata": {
- "description": "Optional. Managed environment SKU."
- },
"allowedValues": [
"Consumption",
"Premium"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Managed environment SKU."
+ }
},
"logsDestination": {
"type": "string",
@@ -146,14 +149,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"workloadProfiles": {
"type": "array",
@@ -261,8 +264,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12222893390511211948"
+ "version": "0.20.4.51522",
+ "templateHash": "11046672918941567596"
}
},
"parameters": {
diff --git a/modules/authorization/lock/main.json b/modules/authorization/lock/main.json
index dd10d9fd42..6056d5b30b 100644
--- a/modules/authorization/lock/main.json
+++ b/modules/authorization/lock/main.json
@@ -4,20 +4,23 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "613260573340848220"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "2597475384765677035"
+ },
+ "name": "Authorization Locks (All scopes)",
+ "description": "This module deploys an Authorization Lock at a Subscription or Resource Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"level": {
"type": "string",
- "metadata": {
- "description": "Required. Set lock level."
- },
"allowedValues": [
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Required. Set lock level."
+ }
},
"notes": {
"type": "string",
@@ -106,9 +109,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15744477094233687901"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "10927394621764774821"
+ },
+ "name": "Authorization Locks (Subscription scope)",
+ "description": "This module deploys an Authorization Lock at a Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -120,13 +126,13 @@
},
"level": {
"type": "string",
- "metadata": {
- "description": "Required. Set lock level."
- },
"allowedValues": [
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Required. Set lock level."
+ }
},
"notes": {
"type": "string",
@@ -233,9 +239,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "9338790793667422174"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "7885747985110001606"
+ },
+ "name": "Authorization Locks (Resource Group scope)",
+ "description": "This module deploys an Authorization Lock at a Resource Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -247,13 +256,13 @@
},
"level": {
"type": "string",
- "metadata": {
- "description": "Required. Set lock level."
- },
"allowedValues": [
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Required. Set lock level."
+ }
},
"notes": {
"type": "string",
diff --git a/modules/authorization/lock/resource-group/main.json b/modules/authorization/lock/resource-group/main.json
index e9d5c7defd..25b2ec1b99 100644
--- a/modules/authorization/lock/resource-group/main.json
+++ b/modules/authorization/lock/resource-group/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "9338790793667422174"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "7885747985110001606"
+ },
+ "name": "Authorization Locks (Resource Group scope)",
+ "description": "This module deploys an Authorization Lock at a Resource Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -18,13 +21,13 @@
},
"level": {
"type": "string",
- "metadata": {
- "description": "Required. Set lock level."
- },
"allowedValues": [
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Required. Set lock level."
+ }
},
"notes": {
"type": "string",
diff --git a/modules/authorization/lock/subscription/main.json b/modules/authorization/lock/subscription/main.json
index 00e36535a2..5664616784 100644
--- a/modules/authorization/lock/subscription/main.json
+++ b/modules/authorization/lock/subscription/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15744477094233687901"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "10927394621764774821"
+ },
+ "name": "Authorization Locks (Subscription scope)",
+ "description": "This module deploys an Authorization Lock at a Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -18,13 +21,13 @@
},
"level": {
"type": "string",
- "metadata": {
- "description": "Required. Set lock level."
- },
"allowedValues": [
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Required. Set lock level."
+ }
},
"notes": {
"type": "string",
diff --git a/modules/authorization/policy-assignment/main.json b/modules/authorization/policy-assignment/main.json
index 039205e380..02ae8ce6ee 100644
--- a/modules/authorization/policy-assignment/main.json
+++ b/modules/authorization/policy-assignment/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "9805735127867120314"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "16987051403501720199"
+ },
+ "name": "Policy Assignments (All scopes)",
+ "description": "This module deploys a Policy Assignment at a Management Group, Subscription or Resource Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -223,9 +226,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "7958026663340611642"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "8902545451587564927"
+ },
+ "name": "Policy Assignments (Management Group scope)",
+ "description": "This module deploys a Policy Assignment at a Management Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -500,9 +506,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16656448416694951710"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13568773713405945676"
+ },
+ "name": "Policy Assignments (Subscription scope)",
+ "description": "This module deploys a Policy Assignment at a Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -777,9 +786,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "10829143557172841315"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "18205418867751406787"
+ },
+ "name": "Policy Assignments (Resource Group scope)",
+ "description": "This module deploys a Policy Assignment at a Resource Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/authorization/policy-assignment/management-group/main.json b/modules/authorization/policy-assignment/management-group/main.json
index f33d918273..1f346ad116 100644
--- a/modules/authorization/policy-assignment/management-group/main.json
+++ b/modules/authorization/policy-assignment/management-group/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "7958026663340611642"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "8902545451587564927"
+ },
+ "name": "Policy Assignments (Management Group scope)",
+ "description": "This module deploys a Policy Assignment at a Management Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/authorization/policy-assignment/resource-group/main.json b/modules/authorization/policy-assignment/resource-group/main.json
index d7f50faa89..91b95356eb 100644
--- a/modules/authorization/policy-assignment/resource-group/main.json
+++ b/modules/authorization/policy-assignment/resource-group/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "10829143557172841315"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "18205418867751406787"
+ },
+ "name": "Policy Assignments (Resource Group scope)",
+ "description": "This module deploys a Policy Assignment at a Resource Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/authorization/policy-assignment/subscription/main.json b/modules/authorization/policy-assignment/subscription/main.json
index b63bb81cf0..24a4662eca 100644
--- a/modules/authorization/policy-assignment/subscription/main.json
+++ b/modules/authorization/policy-assignment/subscription/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16656448416694951710"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13568773713405945676"
+ },
+ "name": "Policy Assignments (Subscription scope)",
+ "description": "This module deploys a Policy Assignment at a Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/authorization/policy-definition/main.json b/modules/authorization/policy-definition/main.json
index 993d56b721..911e3b219b 100644
--- a/modules/authorization/policy-definition/main.json
+++ b/modules/authorization/policy-definition/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4122001514474984050"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "14526788352544918663"
+ },
+ "name": "Policy Definitions (All scopes)",
+ "description": "This module deploys a Policy Definition at a Management Group or Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -153,9 +156,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "14309814077168618325"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "14890815799488372081"
+ },
+ "name": "Policy Definitions (Management Group scope)",
+ "description": "This module deploys a Policy Definition at a Management Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -326,9 +332,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4872290154327272363"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "14434059777291440353"
+ },
+ "name": "Policy Definitions (Subscription scope)",
+ "description": "This module deploys a Policy Definition at a Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/authorization/policy-definition/management-group/main.json b/modules/authorization/policy-definition/management-group/main.json
index 126cdcfb60..c1d82a9803 100644
--- a/modules/authorization/policy-definition/management-group/main.json
+++ b/modules/authorization/policy-definition/management-group/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "14309814077168618325"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "14890815799488372081"
+ },
+ "name": "Policy Definitions (Management Group scope)",
+ "description": "This module deploys a Policy Definition at a Management Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/authorization/policy-definition/subscription/main.json b/modules/authorization/policy-definition/subscription/main.json
index 3c20186de6..9d45f6df13 100644
--- a/modules/authorization/policy-definition/subscription/main.json
+++ b/modules/authorization/policy-definition/subscription/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4872290154327272363"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "14434059777291440353"
+ },
+ "name": "Policy Definitions (Subscription scope)",
+ "description": "This module deploys a Policy Definition at a Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/authorization/policy-exemption/main.json b/modules/authorization/policy-exemption/main.json
index 520b3ada6e..75dce346f6 100644
--- a/modules/authorization/policy-exemption/main.json
+++ b/modules/authorization/policy-exemption/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "5584436159810024704"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "2976809537385212941"
+ },
+ "name": "Policy Exemptions (All scopes)",
+ "description": "This module deploys a Policy Exemption at a Management Group, Subscription or Resource Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -199,9 +202,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18434150449398323118"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17592627855612646241"
+ },
+ "name": "Policy Exemptions (Management Group scope)",
+ "description": "This module deploys a Policy Exemption at a Management Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -407,9 +413,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "3561878551919543054"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "5067037150154630010"
+ },
+ "name": "Policy Exemptions (Subscription scope)",
+ "description": "This module deploys a Policy Exemption at a Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -612,9 +621,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "5976971954600806249"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13048294777047698866"
+ },
+ "name": "Policy Exemptions (Resource Group scope)",
+ "description": "This module deploys a Policy Exemption at a Resource Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/authorization/policy-exemption/management-group/main.json b/modules/authorization/policy-exemption/management-group/main.json
index 91eb3bea33..9d9e463ba8 100644
--- a/modules/authorization/policy-exemption/management-group/main.json
+++ b/modules/authorization/policy-exemption/management-group/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18434150449398323118"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17592627855612646241"
+ },
+ "name": "Policy Exemptions (Management Group scope)",
+ "description": "This module deploys a Policy Exemption at a Management Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/authorization/policy-exemption/resource-group/main.json b/modules/authorization/policy-exemption/resource-group/main.json
index f3ee5c215c..f9d5590f54 100644
--- a/modules/authorization/policy-exemption/resource-group/main.json
+++ b/modules/authorization/policy-exemption/resource-group/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "5976971954600806249"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13048294777047698866"
+ },
+ "name": "Policy Exemptions (Resource Group scope)",
+ "description": "This module deploys a Policy Exemption at a Resource Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/authorization/policy-exemption/subscription/main.json b/modules/authorization/policy-exemption/subscription/main.json
index 1c7104aab5..2418e1af36 100644
--- a/modules/authorization/policy-exemption/subscription/main.json
+++ b/modules/authorization/policy-exemption/subscription/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "3561878551919543054"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "5067037150154630010"
+ },
+ "name": "Policy Exemptions (Subscription scope)",
+ "description": "This module deploys a Policy Exemption at a Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/authorization/policy-set-definition/main.json b/modules/authorization/policy-set-definition/main.json
index 9cdc43d639..dac4d81d6f 100644
--- a/modules/authorization/policy-set-definition/main.json
+++ b/modules/authorization/policy-set-definition/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "9590503753935030573"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "2811282400533411698"
+ },
+ "name": "Policy Set Definitions (Initiatives) (All scopes)",
+ "description": "This module deploys a Policy Set Definition (Initiative) at a Management Group or Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -143,9 +146,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "3402211804211188599"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "1638152228410583836"
+ },
+ "name": "Policy Set Definitions (Initiatives) (Management Group scope)",
+ "description": "This module deploys a Policy Set Definition (Initiative) at a Management Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -299,9 +305,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "10195867857732116184"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "8864751360907211482"
+ },
+ "name": "Policy Set Definitions (Initiatives) (Subscription scope)",
+ "description": "This module deploys a Policy Set Definition (Initiative) at a Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/authorization/policy-set-definition/management-group/main.json b/modules/authorization/policy-set-definition/management-group/main.json
index 8a94ab50df..baa439be6e 100644
--- a/modules/authorization/policy-set-definition/management-group/main.json
+++ b/modules/authorization/policy-set-definition/management-group/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "3402211804211188599"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "1638152228410583836"
+ },
+ "name": "Policy Set Definitions (Initiatives) (Management Group scope)",
+ "description": "This module deploys a Policy Set Definition (Initiative) at a Management Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/authorization/policy-set-definition/subscription/main.json b/modules/authorization/policy-set-definition/subscription/main.json
index a37b11c5b5..430128e583 100644
--- a/modules/authorization/policy-set-definition/subscription/main.json
+++ b/modules/authorization/policy-set-definition/subscription/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "10195867857732116184"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "8864751360907211482"
+ },
+ "name": "Policy Set Definitions (Initiatives) (Subscription scope)",
+ "description": "This module deploys a Policy Set Definition (Initiative) at a Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/authorization/role-assignment/main.json b/modules/authorization/role-assignment/main.json
index 2033eae799..6d1fc12f85 100644
--- a/modules/authorization/role-assignment/main.json
+++ b/modules/authorization/role-assignment/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "14691526432601298583"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "2365186882065323571"
+ },
+ "name": "Role Assignments (All scopes)",
+ "description": "This module deploys a Role Assignment at a Management Group, Subscription or Resource Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"roleDefinitionIdOrName": {
@@ -164,9 +167,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16437436871893645237"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "5116103670131987468"
+ },
+ "name": "Role Assignments (Management Group scope)",
+ "description": "This module deploys a Role Assignment at a Management Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"roleDefinitionIdOrName": {
@@ -750,9 +756,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "8551972767559758659"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "318736480892502738"
+ },
+ "name": "Role Assignments (Subscription scope)",
+ "description": "This module deploys a Role Assignment at a Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"roleDefinitionIdOrName": {
@@ -1336,9 +1345,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11819315313212174566"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "1439450089488966223"
+ },
+ "name": "Role Assignments (Resource Group scope)",
+ "description": "This module deploys a Role Assignment at a Resource Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"roleDefinitionIdOrName": {
diff --git a/modules/authorization/role-assignment/management-group/main.json b/modules/authorization/role-assignment/management-group/main.json
index 0a93d74330..5356f24b6f 100644
--- a/modules/authorization/role-assignment/management-group/main.json
+++ b/modules/authorization/role-assignment/management-group/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16437436871893645237"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "5116103670131987468"
+ },
+ "name": "Role Assignments (Management Group scope)",
+ "description": "This module deploys a Role Assignment at a Management Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"roleDefinitionIdOrName": {
diff --git a/modules/authorization/role-assignment/resource-group/main.json b/modules/authorization/role-assignment/resource-group/main.json
index 2396bee14a..056f28f034 100644
--- a/modules/authorization/role-assignment/resource-group/main.json
+++ b/modules/authorization/role-assignment/resource-group/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11819315313212174566"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "1439450089488966223"
+ },
+ "name": "Role Assignments (Resource Group scope)",
+ "description": "This module deploys a Role Assignment at a Resource Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"roleDefinitionIdOrName": {
diff --git a/modules/authorization/role-assignment/subscription/main.json b/modules/authorization/role-assignment/subscription/main.json
index b3bec5019c..751db130ed 100644
--- a/modules/authorization/role-assignment/subscription/main.json
+++ b/modules/authorization/role-assignment/subscription/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "8551972767559758659"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "318736480892502738"
+ },
+ "name": "Role Assignments (Subscription scope)",
+ "description": "This module deploys a Role Assignment at a Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"roleDefinitionIdOrName": {
diff --git a/modules/authorization/role-definition/main.json b/modules/authorization/role-definition/main.json
index 73f786f530..3a5a38ed6e 100644
--- a/modules/authorization/role-definition/main.json
+++ b/modules/authorization/role-definition/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "7983900470064159202"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "543064191837640838"
+ },
+ "name": "Role Definitions (All scopes)",
+ "description": "This module deploys a Role Definition at a Management Group, Subscription or Resource Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"roleName": {
@@ -148,9 +151,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11312427522250634674"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "15321014984642305644"
+ },
+ "name": "Role Definitions (Management Group scope)",
+ "description": "This module deploys a Role Definition at a Management Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"roleName": {
@@ -307,9 +313,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "185323239353092830"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "9532889033437004469"
+ },
+ "name": "Role Definitions (Subscription scope)",
+ "description": "This module deploys a Role Definition at a Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"roleName": {
@@ -482,9 +491,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4111491640630713206"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13735806028928031798"
+ },
+ "name": "Role Definitions (Resource Group scope)",
+ "description": "This module deploys a Role Definition at a Resource Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"roleName": {
diff --git a/modules/authorization/role-definition/management-group/main.json b/modules/authorization/role-definition/management-group/main.json
index 2d18a95de6..cc28a185f9 100644
--- a/modules/authorization/role-definition/management-group/main.json
+++ b/modules/authorization/role-definition/management-group/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11312427522250634674"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "15321014984642305644"
+ },
+ "name": "Role Definitions (Management Group scope)",
+ "description": "This module deploys a Role Definition at a Management Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"roleName": {
diff --git a/modules/authorization/role-definition/resource-group/main.json b/modules/authorization/role-definition/resource-group/main.json
index f6151f2c60..734ae5e18c 100644
--- a/modules/authorization/role-definition/resource-group/main.json
+++ b/modules/authorization/role-definition/resource-group/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4111491640630713206"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13735806028928031798"
+ },
+ "name": "Role Definitions (Resource Group scope)",
+ "description": "This module deploys a Role Definition at a Resource Group scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"roleName": {
diff --git a/modules/authorization/role-definition/subscription/main.json b/modules/authorization/role-definition/subscription/main.json
index 3a2863f299..13af925166 100644
--- a/modules/authorization/role-definition/subscription/main.json
+++ b/modules/authorization/role-definition/subscription/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "185323239353092830"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "9532889033437004469"
+ },
+ "name": "Role Definitions (Subscription scope)",
+ "description": "This module deploys a Role Definition at a Subscription scope.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"roleName": {
diff --git a/modules/automation/automation-account/.test/common/dependencies.bicep b/modules/automation/automation-account/.test/common/dependencies.bicep
index c9e11ef44b..c388f7bc4f 100644
--- a/modules/automation/automation-account/.test/common/dependencies.bicep
+++ b/modules/automation/automation-account/.test/common/dependencies.bicep
@@ -12,63 +12,63 @@ param managedIdentityName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'privatelink.azure-automation.net'
- location: 'global'
+ name: 'privatelink.azure-automation.net'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = {
- name: keyVaultName
- location: location
- properties: {
- sku: {
- family: 'A'
- name: 'standard'
- }
- tenantId: tenant().tenantId
- enablePurgeProtection: null
- enabledForTemplateDeployment: true
- enabledForDiskEncryption: true
- enabledForDeployment: true
- enableRbacAuthorization: true
- accessPolicies: []
+ name: keyVaultName
+ location: location
+ properties: {
+ sku: {
+ family: 'A'
+ name: 'standard'
}
+ tenantId: tenant().tenantId
+ enablePurgeProtection: null
+ enabledForTemplateDeployment: true
+ enabledForDiskEncryption: true
+ enabledForDeployment: true
+ enableRbacAuthorization: true
+ accessPolicies: []
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/automation/automation-account/.test/common/main.test.bicep b/modules/automation/automation-account/.test/common/main.test.bicep
index 0637bd5fad..461dfed416 100644
--- a/modules/automation/automation-account/.test/common/main.test.bicep
+++ b/modules/automation/automation-account/.test/common/main.test.bicep
@@ -65,7 +65,6 @@ module testDeployment '../../main.bicep' = {
params: {
enableDefaultTelemetry: enableDefaultTelemetry
name: '${namePrefix}${serviceShort}001'
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/automation/automation-account/README.md b/modules/automation/automation-account/README.md
index 1099651b4d..896c504721 100644
--- a/modules/automation/automation-account/README.md
+++ b/modules/automation/automation-account/README.md
@@ -24,8 +24,8 @@ This module deploys an Azure Automation Account.
| `Microsoft.Automation/automationAccounts/softwareUpdateConfigurations` | [2019-06-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Automation/2019-06-01/automationAccounts/softwareUpdateConfigurations) |
| `Microsoft.Automation/automationAccounts/variables` | [2022-08-08](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Automation/2022-08-08/automationAccounts/variables) |
| `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) |
-| `Microsoft.Network/privateEndpoints` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints) |
-| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints/privateDnsZoneGroups) |
+| `Microsoft.Network/privateEndpoints` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints) |
+| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints/privateDnsZoneGroups) |
| `Microsoft.OperationalInsights/workspaces/linkedServices` | [2020-08-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.OperationalInsights/2020-08-01/workspaces/linkedServices) |
| `Microsoft.OperationsManagement/solutions` | [2015-11-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.OperationsManagement/2015-11-01-preview/solutions) |
@@ -53,7 +53,6 @@ This module deploys an Azure Automation Account.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, DscNodeStatus, JobLogs, JobStreams]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
@@ -409,7 +408,6 @@ module automationAccount './automation/automation-account/main.bicep' = {
// Non-required parameters
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
disableLocalAuth: true
@@ -613,9 +611,6 @@ module automationAccount './automation/automation-account/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/automation/automation-account/job-schedule/main.json b/modules/automation/automation-account/job-schedule/main.json
index cba35529e9..5fee90a026 100644
--- a/modules/automation/automation-account/job-schedule/main.json
+++ b/modules/automation/automation-account/job-schedule/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16536689871525046750"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "12038142052110102548"
+ },
+ "name": "Automation Account Job Schedules",
+ "description": "This module deploys an Azure Automation Account Job Schedule.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/automation/automation-account/main.bicep b/modules/automation/automation-account/main.bicep
index b94b53b0d4..8f03f5f404 100644
--- a/modules/automation/automation-account/main.bicep
+++ b/modules/automation/automation-account/main.bicep
@@ -65,11 +65,6 @@ param disableLocalAuth bool = true
@description('Optional. Configuration details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible.')
param privateEndpoints array = []
-@minValue(0)
-@maxValue(365)
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -133,20 +128,12 @@ var enableReferencedModulesTelemetry = false
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -154,10 +141,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None')
diff --git a/modules/automation/automation-account/main.json b/modules/automation/automation-account/main.json
index 46707efe42..bac8c5b284 100644
--- a/modules/automation/automation-account/main.json
+++ b/modules/automation/automation-account/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "9546518808928883376"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "16595917199403663446"
+ },
+ "name": "Automation Accounts",
+ "description": "This module deploys an Azure Automation Account.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -143,15 +146,6 @@
"description": "Optional. Configuration details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- },
- "maxValue": 365,
- "minValue": 0
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -197,14 +191,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -270,11 +264,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -283,16 +273,12 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
"enableReferencedModulesTelemetry": false,
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
"identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]",
"identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]"
},
@@ -401,9 +387,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "8461123692022561232"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "12776439865232935886"
+ },
+ "name": "Automation Account Modules",
+ "description": "This module deploys an Azure Automation Account Module.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -555,9 +544,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15331115804969871270"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "5807574740331814274"
+ },
+ "name": "Automation Account Schedules",
+ "description": "This module deploys an Azure Automation Account Schedule.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -599,9 +591,6 @@
"frequency": {
"type": "string",
"defaultValue": "OneTime",
- "metadata": {
- "description": "Optional. The frequency of the schedule."
- },
"allowedValues": [
"Day",
"Hour",
@@ -609,7 +598,10 @@
"Month",
"OneTime",
"Week"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The frequency of the schedule."
+ }
},
"interval": {
"type": "int",
@@ -748,9 +740,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4555370895939507576"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "123190998372280958"
+ },
+ "name": "Automation Account Runbooks",
+ "description": "This module deploys an Azure Automation Account Runbook.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -767,16 +762,16 @@
},
"type": {
"type": "string",
- "metadata": {
- "description": "Required. The type of the runbook."
- },
"allowedValues": [
"Graph",
"GraphPowerShell",
"GraphPowerShellWorkflow",
"PowerShell",
"PowerShellWorkflow"
- ]
+ ],
+ "metadata": {
+ "description": "Required. The type of the runbook."
+ }
},
"description": {
"type": "string",
@@ -950,9 +945,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16536689871525046750"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "12038142052110102548"
+ },
+ "name": "Automation Account Job Schedules",
+ "description": "This module deploys an Azure Automation Account Job Schedule.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -1099,9 +1097,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11841633230625073829"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17684191295648041474"
+ },
+ "name": "Automation Account Variables",
+ "description": "This module deploys an Azure Automation Account Variable.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"automationAccountName": {
@@ -1234,9 +1235,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "9104010996147858950"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "6123492600831728521"
+ },
+ "name": "Log Analytics Workspace Linked Services",
+ "description": "This module deploys a Log Analytics Workspace Linked Service.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"logAnalyticsWorkspaceName": {
@@ -1373,9 +1377,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "6203827990364745107"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "16708625392312836324"
+ },
+ "name": "Operations Management Solutions",
+ "description": "This module deploys an Operations Management Solution.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -1556,9 +1563,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15383978378137872211"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "11844327136869535634"
+ },
+ "name": "Automation Account Software Update Configurations",
+ "description": "This module deploys an Azure Automation Account Software Update Configuration.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -2027,9 +2037,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11825715538543749879"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13560297539192628062"
+ },
+ "name": "Private Endpoints",
+ "description": "This module deploys a Private Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -2094,14 +2107,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -2159,7 +2172,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
@@ -2224,9 +2237,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12684511314187066258"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17831763001460207830"
+ },
+ "name": "Private Endpoint Private DNS Zone Groups",
+ "description": "This module deploys a Private Endpoint Private DNS Zone Group.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"privateEndpointName": {
@@ -2237,8 +2253,8 @@
},
"privateDNSResourceIds": {
"type": "array",
- "maxLength": 5,
"minLength": 1,
+ "maxLength": 5,
"metadata": {
"description": "Required. Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones."
}
@@ -2289,7 +2305,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('name'))]",
"properties": {
"privateDnsZoneConfigs": "[variables('privateDnsZoneConfigs')]"
@@ -2359,8 +2375,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18055161250379920591"
+ "version": "0.20.4.51522",
+ "templateHash": "11548486149222715894"
}
},
"parameters": {
@@ -2530,7 +2546,7 @@
"metadata": {
"description": "The location the resource was deployed into."
},
- "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2022-07-01', 'full').location]"
+ "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2023-04-01', 'full').location]"
}
}
}
@@ -2573,8 +2589,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "2412137951317227318"
+ "version": "0.20.4.51522",
+ "templateHash": "12807590367085737448"
}
},
"parameters": {
diff --git a/modules/automation/automation-account/module/main.json b/modules/automation/automation-account/module/main.json
index f192b8a39c..92e1b857bf 100644
--- a/modules/automation/automation-account/module/main.json
+++ b/modules/automation/automation-account/module/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "8461123692022561232"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "12776439865232935886"
+ },
+ "name": "Automation Account Modules",
+ "description": "This module deploys an Azure Automation Account Module.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/automation/automation-account/runbook/main.json b/modules/automation/automation-account/runbook/main.json
index cfab69c2ca..21cabe276d 100644
--- a/modules/automation/automation-account/runbook/main.json
+++ b/modules/automation/automation-account/runbook/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4555370895939507576"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "123190998372280958"
+ },
+ "name": "Automation Account Runbooks",
+ "description": "This module deploys an Azure Automation Account Runbook.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -23,16 +26,16 @@
},
"type": {
"type": "string",
- "metadata": {
- "description": "Required. The type of the runbook."
- },
"allowedValues": [
"Graph",
"GraphPowerShell",
"GraphPowerShellWorkflow",
"PowerShell",
"PowerShellWorkflow"
- ]
+ ],
+ "metadata": {
+ "description": "Required. The type of the runbook."
+ }
},
"description": {
"type": "string",
diff --git a/modules/automation/automation-account/schedule/main.json b/modules/automation/automation-account/schedule/main.json
index 0ba8543543..b76ec06a61 100644
--- a/modules/automation/automation-account/schedule/main.json
+++ b/modules/automation/automation-account/schedule/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15331115804969871270"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "5807574740331814274"
+ },
+ "name": "Automation Account Schedules",
+ "description": "This module deploys an Azure Automation Account Schedule.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -48,9 +51,6 @@
"frequency": {
"type": "string",
"defaultValue": "OneTime",
- "metadata": {
- "description": "Optional. The frequency of the schedule."
- },
"allowedValues": [
"Day",
"Hour",
@@ -58,7 +58,10 @@
"Month",
"OneTime",
"Week"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The frequency of the schedule."
+ }
},
"interval": {
"type": "int",
diff --git a/modules/automation/automation-account/software-update-configuration/main.json b/modules/automation/automation-account/software-update-configuration/main.json
index 0ea34a8293..f4305ddbf8 100644
--- a/modules/automation/automation-account/software-update-configuration/main.json
+++ b/modules/automation/automation-account/software-update-configuration/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15383978378137872211"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "11844327136869535634"
+ },
+ "name": "Automation Account Software Update Configurations",
+ "description": "This module deploys an Azure Automation Account Software Update Configuration.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/automation/automation-account/variable/main.json b/modules/automation/automation-account/variable/main.json
index 76ff2b1a84..e0ffc7ec3a 100644
--- a/modules/automation/automation-account/variable/main.json
+++ b/modules/automation/automation-account/variable/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11841633230625073829"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17684191295648041474"
+ },
+ "name": "Automation Account Variables",
+ "description": "This module deploys an Azure Automation Account Variable.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"automationAccountName": {
diff --git a/modules/batch/batch-account/.test/common/dependencies.bicep b/modules/batch/batch-account/.test/common/dependencies.bicep
index cc88fbffef..b355d52cb3 100644
--- a/modules/batch/batch-account/.test/common/dependencies.bicep
+++ b/modules/batch/batch-account/.test/common/dependencies.bicep
@@ -13,53 +13,53 @@ param storageAccountName string
var addressPrefix = '10.0.0.0/16'
resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = {
- name: storageAccountName
- location: location
- sku: {
- name: 'Standard_LRS'
- }
- kind: 'StorageV2'
+ name: storageAccountName
+ location: location
+ sku: {
+ name: 'Standard_LRS'
+ }
+ kind: 'StorageV2'
}
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'privatelink.batch.azure.com'
- location: 'global'
+ name: 'privatelink.batch.azure.com'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/batch/batch-account/.test/common/main.test.bicep b/modules/batch/batch-account/.test/common/main.test.bicep
index f4fab0de97..b2fa9e7a62 100644
--- a/modules/batch/batch-account/.test/common/main.test.bicep
+++ b/modules/batch/batch-account/.test/common/main.test.bicep
@@ -66,7 +66,6 @@ module testDeployment '../../main.bicep' = {
enableDefaultTelemetry: enableDefaultTelemetry
name: '${namePrefix}${serviceShort}001'
storageAccountId: nestedDependencies.outputs.storageAccountResourceId
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/batch/batch-account/.test/encr/dependencies.bicep b/modules/batch/batch-account/.test/encr/dependencies.bicep
index fc58da5894..e6acb43c7c 100644
--- a/modules/batch/batch-account/.test/encr/dependencies.bicep
+++ b/modules/batch/batch-account/.test/encr/dependencies.bicep
@@ -16,89 +16,89 @@ param storageAccountName string
var addressPrefix = '10.0.0.0/16'
resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = {
- name: storageAccountName
- location: location
- sku: {
- name: 'Standard_LRS'
- }
- kind: 'StorageV2'
+ name: storageAccountName
+ location: location
+ sku: {
+ name: 'Standard_LRS'
+ }
+ kind: 'StorageV2'
}
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'privatelink.batch.azure.com'
- location: 'global'
+ name: 'privatelink.batch.azure.com'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = {
- name: keyVaultName
- location: location
- properties: {
- sku: {
- family: 'A'
- name: 'standard'
- }
- tenantId: tenant().tenantId
- enablePurgeProtection: true // Required by batch account
- softDeleteRetentionInDays: 7
- enabledForTemplateDeployment: true
- enabledForDiskEncryption: true
- enabledForDeployment: true
- enableRbacAuthorization: true
- accessPolicies: []
+ name: keyVaultName
+ location: location
+ properties: {
+ sku: {
+ family: 'A'
+ name: 'standard'
}
-
- resource key 'keys@2022-07-01' = {
- name: 'keyEncryptionKey'
- properties: {
- kty: 'RSA'
- }
+ tenantId: tenant().tenantId
+ enablePurgeProtection: true // Required by batch account
+ softDeleteRetentionInDays: 7
+ enabledForTemplateDeployment: true
+ enabledForDiskEncryption: true
+ enabledForDeployment: true
+ enableRbacAuthorization: true
+ accessPolicies: []
+ }
+
+ resource key 'keys@2022-07-01' = {
+ name: 'keyEncryptionKey'
+ properties: {
+ kty: 'RSA'
}
+ }
}
resource keyPermissions 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid('msi-${keyVault::key.id}-${location}-${managedIdentity.id}-Key-Reader-RoleAssignment')
- scope: keyVault::key
- properties: {
- principalId: managedIdentity.properties.principalId
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424') // Key Vault Crypto User
- principalType: 'ServicePrincipal'
- }
+ name: guid('msi-${keyVault::key.id}-${location}-${managedIdentity.id}-Key-Reader-RoleAssignment')
+ scope: keyVault::key
+ properties: {
+ principalId: managedIdentity.properties.principalId
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424') // Key Vault Crypto User
+ principalType: 'ServicePrincipal'
+ }
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/batch/batch-account/README.md b/modules/batch/batch-account/README.md
index e27c76e1ca..85dcc30c05 100644
--- a/modules/batch/batch-account/README.md
+++ b/modules/batch/batch-account/README.md
@@ -18,8 +18,8 @@ This module deploys a Batch Account.
| `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) |
| `Microsoft.Batch/batchAccounts` | [2022-06-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Batch/2022-06-01/batchAccounts) |
| `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) |
-| `Microsoft.Network/privateEndpoints` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints) |
-| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints/privateDnsZoneGroups) |
+| `Microsoft.Network/privateEndpoints` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints) |
+| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints/privateDnsZoneGroups) |
## Parameters
@@ -47,7 +47,6 @@ This module deploys a Batch Account.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, ServiceLog]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
@@ -281,7 +280,6 @@ module batchAccount './batch/batch-account/main.bicep' = {
// Non-required parameters
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -348,9 +346,6 @@ module batchAccount './batch/batch-account/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/batch/batch-account/main.bicep b/modules/batch/batch-account/main.bicep
index 6c1bbcb34e..092005e322 100644
--- a/modules/batch/batch-account/main.bicep
+++ b/modules/batch/batch-account/main.bicep
@@ -58,11 +58,6 @@ param networkProfileDefaultAction string = 'Deny'
@description('Optional. Array of IP ranges to filter client IP address. It is only applicable when publicNetworkAccess is not explicitly disabled.')
param networkProfileAllowedIpRanges array = []
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -130,20 +125,12 @@ param diagnosticSettingsName string = ''
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -151,10 +138,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var identityType = systemAssignedIdentity ? 'SystemAssigned' : !empty(userAssignedIdentities) ? 'UserAssigned' : 'None'
diff --git a/modules/batch/batch-account/main.json b/modules/batch/batch-account/main.json
index c63166c89b..b2ff4246cc 100644
--- a/modules/batch/batch-account/main.json
+++ b/modules/batch/batch-account/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "5392244196871219309"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "10210928254812932351"
+ },
+ "name": "Batch Accounts",
+ "description": "This module deploys a Batch Account.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -45,13 +48,13 @@
"storageAuthenticationMode": {
"type": "string",
"defaultValue": "StorageKeys",
- "metadata": {
- "description": "Optional. The authentication mode which the Batch service will use to manage the auto-storage account."
- },
"allowedValues": [
"BatchAccountManagedIdentity",
"StorageKeys"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The authentication mode which the Batch service will use to manage the auto-storage account."
+ }
},
"storageAccessIdentity": {
"type": "string",
@@ -63,13 +66,13 @@
"poolAllocationMode": {
"type": "string",
"defaultValue": "BatchService",
- "metadata": {
- "description": "Optional. The allocation mode for creating pools in the Batch account. Determines which quota will be used."
- },
"allowedValues": [
"BatchService",
"UserSubscription"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The allocation mode for creating pools in the Batch account. Determines which quota will be used."
+ }
},
"keyVaultReferenceResourceId": {
"type": "string",
@@ -100,13 +103,13 @@
"networkProfileDefaultAction": {
"type": "string",
"defaultValue": "Deny",
- "metadata": {
- "description": "Optional. The network profile default action for endpoint access. It is only applicable when publicNetworkAccess is not explicitly disabled."
- },
"allowedValues": [
"Allow",
"Deny"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The network profile default action for endpoint access. It is only applicable when publicNetworkAccess is not explicitly disabled."
+ }
},
"networkProfileAllowedIpRanges": {
"type": "array",
@@ -115,15 +118,6 @@
"description": "Optional. Array of IP ranges to filter client IP address. It is only applicable when publicNetworkAccess is not explicitly disabled."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -155,14 +149,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"tags": {
"type": "object",
@@ -174,14 +168,14 @@
"allowedAuthenticationModes": {
"type": "array",
"defaultValue": [],
- "metadata": {
- "description": "Optional. List of allowed authentication modes for the Batch account that can be used to authenticate with the data plane."
- },
"allowedValues": [
"AAD",
"SharedKey",
"TaskAuthenticationToken"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. List of allowed authentication modes for the Batch account that can be used to authenticate with the data plane."
+ }
},
"cMKKeyVaultResourceId": {
"type": "string",
@@ -252,11 +246,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -265,11 +255,7 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -281,7 +267,7 @@
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
"identityType": "[if(parameters('systemAssignedIdentity'), 'SystemAssigned', if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]",
"identity": {
"type": "[variables('identityType')]",
@@ -407,9 +393,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11825715538543749879"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13560297539192628062"
+ },
+ "name": "Private Endpoints",
+ "description": "This module deploys a Private Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -474,14 +463,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -539,7 +528,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
@@ -604,9 +593,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12684511314187066258"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17831763001460207830"
+ },
+ "name": "Private Endpoint Private DNS Zone Groups",
+ "description": "This module deploys a Private Endpoint Private DNS Zone Group.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"privateEndpointName": {
@@ -617,8 +609,8 @@
},
"privateDNSResourceIds": {
"type": "array",
- "maxLength": 5,
"minLength": 1,
+ "maxLength": 5,
"metadata": {
"description": "Required. Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones."
}
@@ -669,7 +661,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('name'))]",
"properties": {
"privateDnsZoneConfigs": "[variables('privateDnsZoneConfigs')]"
@@ -739,8 +731,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18055161250379920591"
+ "version": "0.20.4.51522",
+ "templateHash": "11548486149222715894"
}
},
"parameters": {
@@ -910,7 +902,7 @@
"metadata": {
"description": "The location the resource was deployed into."
},
- "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2022-07-01', 'full').location]"
+ "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2023-04-01', 'full').location]"
}
}
}
diff --git a/modules/cache/redis/.test/common/dependencies.bicep b/modules/cache/redis/.test/common/dependencies.bicep
index e3f77c7003..c6cfc38050 100644
--- a/modules/cache/redis/.test/common/dependencies.bicep
+++ b/modules/cache/redis/.test/common/dependencies.bicep
@@ -6,40 +6,40 @@ param virtualNetworkName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'privatelink.azuresynapse.net'
- location: 'global'
+ name: 'privatelink.azuresynapse.net'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/cache/redis/.test/common/main.test.bicep b/modules/cache/redis/.test/common/main.test.bicep
index 8ad4bad1cc..bc976f33b7 100644
--- a/modules/cache/redis/.test/common/main.test.bicep
+++ b/modules/cache/redis/.test/common/main.test.bicep
@@ -64,7 +64,6 @@ module testDeployment '../../main.bicep' = {
enableDefaultTelemetry: enableDefaultTelemetry
name: '${namePrefix}${serviceShort}001'
capacity: 2
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/cache/redis/README.md b/modules/cache/redis/README.md
index 94f11f48a3..b005689a95 100644
--- a/modules/cache/redis/README.md
+++ b/modules/cache/redis/README.md
@@ -18,8 +18,8 @@ This module deploys a Redis Cache.
| `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) |
| `Microsoft.Cache/redis` | [2021-06-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Cache/2021-06-01/redis) |
| `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) |
-| `Microsoft.Network/privateEndpoints` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints) |
-| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints/privateDnsZoneGroups) |
+| `Microsoft.Network/privateEndpoints` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints) |
+| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints/privateDnsZoneGroups) |
## Parameters
@@ -37,7 +37,6 @@ This module deploys a Redis Cache.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, ConnectedClientList]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. |
@@ -375,7 +374,6 @@ module redis './cache/redis/main.bicep' = {
capacity: 2
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticSettingsName: 'redisdiagnostics'
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
@@ -441,9 +439,6 @@ module redis './cache/redis/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticSettingsName": {
"value": "redisdiagnostics"
},
diff --git a/modules/cache/redis/main.bicep b/modules/cache/redis/main.bicep
index af50133fca..172c38fa44 100644
--- a/modules/cache/redis/main.bicep
+++ b/modules/cache/redis/main.bicep
@@ -110,11 +110,6 @@ param privateEndpoints array = []
@description('Optional. The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings".')
param diagnosticSettingsName string = ''
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.')
param diagnosticStorageAccountId string = ''
@@ -153,20 +148,12 @@ var availabilityZones = skuName == 'Premium' ? zoneRedundant ? !empty(zones) ? z
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -174,10 +161,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var identityType = systemAssignedIdentity ? 'SystemAssigned' : !empty(userAssignedIdentities) ? 'UserAssigned' : 'None'
diff --git a/modules/cache/redis/main.json b/modules/cache/redis/main.json
index bb9307ab94..3545e1c592 100644
--- a/modules/cache/redis/main.json
+++ b/modules/cache/redis/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4085710170805862931"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "16190276129118056203"
+ },
+ "name": "Redis Cache",
+ "description": "This module deploys a Redis Cache.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"location": {
@@ -25,14 +28,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -72,14 +75,14 @@
"minimumTlsVersion": {
"type": "string",
"defaultValue": "1.2",
- "metadata": {
- "description": "Optional. Requires clients to use a specified TLS version (or higher) to connect."
- },
"allowedValues": [
"1.0",
"1.1",
"1.2"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Requires clients to use a specified TLS version (or higher) to connect."
+ }
},
"publicNetworkAccess": {
"type": "string",
@@ -103,44 +106,41 @@
"redisVersion": {
"type": "string",
"defaultValue": "6",
- "metadata": {
- "description": "Optional. Redis version. Only major version will be used in PUT/PATCH request with current valid values: (4, 6)."
- },
"allowedValues": [
"4",
"6"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Redis version. Only major version will be used in PUT/PATCH request with current valid values: (4, 6)."
+ }
},
"replicasPerMaster": {
"type": "int",
"defaultValue": 1,
+ "minValue": 1,
"metadata": {
"description": "Optional. The number of replicas to be created per primary."
- },
- "minValue": 1
+ }
},
"replicasPerPrimary": {
"type": "int",
"defaultValue": 1,
+ "minValue": 1,
"metadata": {
"description": "Optional. The number of replicas to be created per primary."
- },
- "minValue": 1
+ }
},
"shardCount": {
"type": "int",
"defaultValue": 1,
+ "minValue": 1,
"metadata": {
"description": "Optional. The number of shards to be created on a Premium Cluster Cache."
- },
- "minValue": 1
+ }
},
"capacity": {
"type": "int",
"defaultValue": 1,
- "metadata": {
- "description": "Optional. The size of the Redis cache to deploy. Valid values: for C (Basic/Standard) family (0, 1, 2, 3, 4, 5, 6), for P (Premium) family (1, 2, 3, 4)."
- },
"allowedValues": [
0,
1,
@@ -149,19 +149,22 @@
4,
5,
6
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The size of the Redis cache to deploy. Valid values: for C (Basic/Standard) family (0, 1, 2, 3, 4, 5, 6), for P (Premium) family (1, 2, 3, 4)."
+ }
},
"skuName": {
"type": "string",
"defaultValue": "Basic",
- "metadata": {
- "description": "Optional. The type of Redis cache to deploy."
- },
"allowedValues": [
"Basic",
"Premium",
"Standard"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The type of Redis cache to deploy."
+ }
},
"staticIP": {
"type": "string",
@@ -212,15 +215,6 @@
"description": "Optional. The name of the diagnostic setting, if deployed. If left empty, it defaults to \"-diagnosticSettings\"."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -290,11 +284,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -303,16 +293,12 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
"availabilityZones": "[if(equals(parameters('skuName'), 'Premium'), if(parameters('zoneRedundant'), if(not(empty(parameters('zones'))), parameters('zones'), pickZones('Microsoft.Cache', 'redis', parameters('location'), 3)), createArray()), createArray())]",
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
"identityType": "[if(parameters('systemAssignedIdentity'), 'SystemAssigned', if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]",
"identity": {
"type": "[variables('identityType')]",
@@ -428,8 +414,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "5092700248375657903"
+ "version": "0.20.4.51522",
+ "templateHash": "11568465556240097908"
}
},
"parameters": {
@@ -591,9 +577,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11825715538543749879"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13560297539192628062"
+ },
+ "name": "Private Endpoints",
+ "description": "This module deploys a Private Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -658,14 +647,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -723,7 +712,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
@@ -788,9 +777,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12684511314187066258"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17831763001460207830"
+ },
+ "name": "Private Endpoint Private DNS Zone Groups",
+ "description": "This module deploys a Private Endpoint Private DNS Zone Group.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"privateEndpointName": {
@@ -801,8 +793,8 @@
},
"privateDNSResourceIds": {
"type": "array",
- "maxLength": 5,
"minLength": 1,
+ "maxLength": 5,
"metadata": {
"description": "Required. Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones."
}
@@ -853,7 +845,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('name'))]",
"properties": {
"privateDnsZoneConfigs": "[variables('privateDnsZoneConfigs')]"
@@ -923,8 +915,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18055161250379920591"
+ "version": "0.20.4.51522",
+ "templateHash": "11548486149222715894"
}
},
"parameters": {
@@ -1094,7 +1086,7 @@
"metadata": {
"description": "The location the resource was deployed into."
},
- "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2022-07-01', 'full').location]"
+ "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2023-04-01', 'full').location]"
}
}
}
diff --git a/modules/cdn/profile/README.md b/modules/cdn/profile/README.md
index 55e1fda137..cdb4f0247b 100644
--- a/modules/cdn/profile/README.md
+++ b/modules/cdn/profile/README.md
@@ -27,7 +27,7 @@ This module deploys a CDN Profile.
| Parameter Name | Type | Allowed Values | Description |
| :-- | :-- | :-- | :-- |
| `name` | string | | Name of the CDN profile. |
-| `sku` | string | `[Custom_Akamai, Custom_ChinaCdn, Custom_Microsoft, Custom_Microsoft_AzureFrontDoor, Custom_Verizon, Premium_Akamai, Premium_ChinaCdn, Premium_Microsoft, Premium_Microsoft_AzureFrontDoor, Premium_Verizon, Standard_Akamai, Standard_ChinaCdn, Standard_Microsoft, Standard_Microsoft_AzureFrontDoor, Standard_Verizon, Standard_AzureFrontDoor, Premium_AzureFrontDoor ]` | The pricing tier (defines a CDN provider, feature list and rate) of the CDN profile. |
+| `sku` | string | `[Custom_Akamai, Custom_ChinaCdn, Custom_Microsoft, Custom_Microsoft_AzureFrontDoor, Custom_Verizon, Premium_Akamai, Premium_AzureFrontDoor, Premium_ChinaCdn, Premium_Microsoft, Premium_Microsoft_AzureFrontDoor, Premium_Verizon, Standard_Akamai, Standard_AzureFrontDoor, Standard_ChinaCdn, Standard_Microsoft, Standard_Microsoft_AzureFrontDoor, Standard_Verizon]` | The pricing tier (defines a CDN provider, feature list and rate) of the CDN profile. |
**Optional parameters**
diff --git a/modules/cdn/profile/endpoint/main.json b/modules/cdn/profile/endpoint/main.json
index 5f97baa1b4..c2ea25941e 100644
--- a/modules/cdn/profile/endpoint/main.json
+++ b/modules/cdn/profile/endpoint/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15681386879611412018"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17735453478116875585"
+ },
+ "name": "CDN Profiles Endpoints",
+ "description": "This module deploys a CDN Profile Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"profileName": {
@@ -122,9 +125,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16929017469298087182"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "16752439019054773130"
+ },
+ "name": "CDN Profiles Endpoints Origins",
+ "description": "This module deploys a CDN Profile Endpoint Origin.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"endpointName": {
diff --git a/modules/cdn/profile/endpoint/origin/main.json b/modules/cdn/profile/endpoint/origin/main.json
index d38c4338f8..8e4d8bf0e5 100644
--- a/modules/cdn/profile/endpoint/origin/main.json
+++ b/modules/cdn/profile/endpoint/origin/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16929017469298087182"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "16752439019054773130"
+ },
+ "name": "CDN Profiles Endpoints Origins",
+ "description": "This module deploys a CDN Profile Endpoint Origin.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"endpointName": {
diff --git a/modules/cognitive-services/account/.test/common/dependencies.bicep b/modules/cognitive-services/account/.test/common/dependencies.bicep
index 257b8ac137..c9050e21ef 100644
--- a/modules/cognitive-services/account/.test/common/dependencies.bicep
+++ b/modules/cognitive-services/account/.test/common/dependencies.bicep
@@ -9,50 +9,50 @@ param managedIdentityName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
+ }
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ serviceEndpoints: [
{
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- serviceEndpoints: [
- {
- service: 'Microsoft.CognitiveServices'
- }
- ]
- }
+ service: 'Microsoft.CognitiveServices'
}
- ]
- }
+ ]
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'privatelink.cognitiveservices.azure.com'
- location: 'global'
+ name: 'privatelink.cognitiveservices.azure.com'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/cognitive-services/account/.test/common/main.test.bicep b/modules/cognitive-services/account/.test/common/main.test.bicep
index 556ce7e70f..7a61062ca0 100644
--- a/modules/cognitive-services/account/.test/common/main.test.bicep
+++ b/modules/cognitive-services/account/.test/common/main.test.bicep
@@ -66,7 +66,6 @@ module testDeployment '../../main.bicep' = {
name: '${namePrefix}${serviceShort}001'
kind: 'Face'
customSubDomainName: '${namePrefix}xdomain'
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/cognitive-services/account/.test/encr/dependencies.bicep b/modules/cognitive-services/account/.test/encr/dependencies.bicep
index b18cd7e118..a37c49daaa 100644
--- a/modules/cognitive-services/account/.test/encr/dependencies.bicep
+++ b/modules/cognitive-services/account/.test/encr/dependencies.bicep
@@ -12,65 +12,65 @@ param keyVaultName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = {
- name: keyVaultName
- location: location
- properties: {
- sku: {
- family: 'A'
- name: 'standard'
- }
- tenantId: tenant().tenantId
- enablePurgeProtection: true // Required by batch account
- softDeleteRetentionInDays: 7
- enabledForTemplateDeployment: true
- enabledForDiskEncryption: true
- enabledForDeployment: true
- enableRbacAuthorization: true
- accessPolicies: []
+ name: keyVaultName
+ location: location
+ properties: {
+ sku: {
+ family: 'A'
+ name: 'standard'
}
+ tenantId: tenant().tenantId
+ enablePurgeProtection: true // Required by batch account
+ softDeleteRetentionInDays: 7
+ enabledForTemplateDeployment: true
+ enabledForDiskEncryption: true
+ enabledForDeployment: true
+ enableRbacAuthorization: true
+ accessPolicies: []
+ }
- resource key 'keys@2022-07-01' = {
- name: 'keyEncryptionKey'
- properties: {
- kty: 'RSA'
- }
+ resource key 'keys@2022-07-01' = {
+ name: 'keyEncryptionKey'
+ properties: {
+ kty: 'RSA'
}
+ }
}
resource keyPermissions 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid('msi-${keyVault::key.id}-${location}-${managedIdentity.id}-Key-Key-Vault-Crypto-User-RoleAssignment')
- scope: keyVault::key
- properties: {
- principalId: managedIdentity.properties.principalId
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424') // Key Vault Crypto User
- principalType: 'ServicePrincipal'
- }
+ name: guid('msi-${keyVault::key.id}-${location}-${managedIdentity.id}-Key-Key-Vault-Crypto-User-RoleAssignment')
+ scope: keyVault::key
+ properties: {
+ principalId: managedIdentity.properties.principalId
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424') // Key Vault Crypto User
+ principalType: 'ServicePrincipal'
+ }
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/cognitive-services/account/.test/speech/dependencies.bicep b/modules/cognitive-services/account/.test/speech/dependencies.bicep
index 9f1d9f6634..6c44dce491 100644
--- a/modules/cognitive-services/account/.test/speech/dependencies.bicep
+++ b/modules/cognitive-services/account/.test/speech/dependencies.bicep
@@ -9,45 +9,45 @@ param managedIdentityName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'privatelink.cognitiveservices.azure.com'
- location: 'global'
+ name: 'privatelink.cognitiveservices.azure.com'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/cognitive-services/account/README.md b/modules/cognitive-services/account/README.md
index 33ab28034c..ce8fb6197a 100644
--- a/modules/cognitive-services/account/README.md
+++ b/modules/cognitive-services/account/README.md
@@ -19,8 +19,8 @@ This module deploys a Cognitive Service.
| `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) |
| `Microsoft.CognitiveServices/accounts` | [2022-12-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.CognitiveServices/2022-12-01/accounts) |
| `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) |
-| `Microsoft.Network/privateEndpoints` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints) |
-| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints/privateDnsZoneGroups) |
+| `Microsoft.Network/privateEndpoints` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints) |
+| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints/privateDnsZoneGroups) |
## Parameters
@@ -51,7 +51,6 @@ This module deploys a Cognitive Service.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, Audit, RequestResponse]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
@@ -464,7 +463,6 @@ module account './cognitive-services/account/main.bicep' = {
customSubDomainName: 'xdomain'
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -549,9 +547,6 @@ module account './cognitive-services/account/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/cognitive-services/account/main.bicep b/modules/cognitive-services/account/main.bicep
index ffa145e7f9..a91549ef74 100644
--- a/modules/cognitive-services/account/main.bicep
+++ b/modules/cognitive-services/account/main.bicep
@@ -57,11 +57,6 @@ param sku string = 'S0'
@description('Optional. Location for all Resources.')
param location string = resourceGroup().location
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -175,20 +170,12 @@ param diagnosticSettingsName string = ''
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -196,10 +183,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var enableReferencedModulesTelemetry = false
diff --git a/modules/cognitive-services/account/main.json b/modules/cognitive-services/account/main.json
index 86431278da..ab8819f327 100644
--- a/modules/cognitive-services/account/main.json
+++ b/modules/cognitive-services/account/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "13537365972823891615"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3690928226777613324"
+ },
+ "name": "Cognitive Services",
+ "description": "This module deploys a Cognitive Service.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -78,15 +81,6 @@
"description": "Optional. Location for all Resources."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -165,14 +159,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -321,11 +315,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -334,15 +324,11 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
"enableReferencedModulesTelemetry": false,
"identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]",
"identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]"
@@ -468,9 +454,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11825715538543749879"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13560297539192628062"
+ },
+ "name": "Private Endpoints",
+ "description": "This module deploys a Private Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -535,14 +524,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -600,7 +589,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
@@ -665,9 +654,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12684511314187066258"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17831763001460207830"
+ },
+ "name": "Private Endpoint Private DNS Zone Groups",
+ "description": "This module deploys a Private Endpoint Private DNS Zone Group.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"privateEndpointName": {
@@ -678,8 +670,8 @@
},
"privateDNSResourceIds": {
"type": "array",
- "maxLength": 5,
"minLength": 1,
+ "maxLength": 5,
"metadata": {
"description": "Required. Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones."
}
@@ -730,7 +722,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('name'))]",
"properties": {
"privateDnsZoneConfigs": "[variables('privateDnsZoneConfigs')]"
@@ -800,8 +792,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18055161250379920591"
+ "version": "0.20.4.51522",
+ "templateHash": "11548486149222715894"
}
},
"parameters": {
@@ -971,7 +963,7 @@
"metadata": {
"description": "The location the resource was deployed into."
},
- "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2022-07-01', 'full').location]"
+ "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2023-04-01', 'full').location]"
}
}
}
@@ -1014,8 +1006,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15138099271867749338"
+ "version": "0.20.4.51522",
+ "templateHash": "4975207925578075576"
}
},
"parameters": {
diff --git a/modules/compute/availability-set/main.json b/modules/compute/availability-set/main.json
index 26866c284d..0c3ce258ff 100644
--- a/modules/compute/availability-set/main.json
+++ b/modules/compute/availability-set/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11509710715638918489"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "14627609112936541603"
+ },
+ "name": "Availability Sets",
+ "description": "This module deploys an Availability Set.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -53,14 +56,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -162,8 +165,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "13414727736673410356"
+ "version": "0.20.4.51522",
+ "templateHash": "2845847199363525157"
}
},
"parameters": {
diff --git a/modules/compute/disk-encryption-set/main.json b/modules/compute/disk-encryption-set/main.json
index 79ff57c1fc..4d470457e1 100644
--- a/modules/compute/disk-encryption-set/main.json
+++ b/modules/compute/disk-encryption-set/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "13941840651398754197"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17994275321989817378"
+ },
+ "name": "Disk Encryption Sets",
+ "description": "This module deploys a Disk Encryption Set.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -25,14 +28,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"keyVaultResourceId": {
"type": "string",
@@ -207,8 +210,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "5266650210800919607"
+ "version": "0.20.4.51522",
+ "templateHash": "12898111153359655939"
}
},
"parameters": {
@@ -283,8 +286,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15248304540243541293"
+ "version": "0.20.4.51522",
+ "templateHash": "10065918419981417666"
}
},
"parameters": {
@@ -355,9 +358,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "5956155025819321457"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "7542638391604115549"
+ },
+ "name": "Key Vault Access Policies",
+ "description": "This module deploys a Key Vault Access Policy.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"keyVaultName": {
@@ -486,8 +492,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4632454948156980307"
+ "version": "0.20.4.51522",
+ "templateHash": "14948408905344933172"
}
},
"parameters": {
diff --git a/modules/compute/disk/main.json b/modules/compute/disk/main.json
index f61848be33..f3ea9a4781 100644
--- a/modules/compute/disk/main.json
+++ b/modules/compute/disk/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "10086023154618343477"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3899309340586234055"
+ },
+ "name": "Compute Disks",
+ "description": "This module deploys a Compute Disk",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -24,9 +27,6 @@
},
"sku": {
"type": "string",
- "metadata": {
- "description": "Required. The disks sku name. Can be ."
- },
"allowedValues": [
"Standard_LRS",
"Premium_LRS",
@@ -35,19 +35,22 @@
"Premium_ZRS",
"Premium_ZRS",
"PremiumV2_LRS"
- ]
+ ],
+ "metadata": {
+ "description": "Required. The disks sku name. Can be ."
+ }
},
"architecture": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. CPU architecture supported by an OS disk."
- },
"allowedValues": [
"x64",
"Arm64",
""
- ]
+ ],
+ "metadata": {
+ "description": "Optional. CPU architecture supported by an OS disk."
+ }
},
"burstingEnabled": {
"type": "bool",
@@ -66,9 +69,6 @@
"createOption": {
"type": "string",
"defaultValue": "Empty",
- "metadata": {
- "description": "Optional. Sources of a disk creation."
- },
"allowedValues": [
"Attach",
"Copy",
@@ -80,7 +80,10 @@
"Restore",
"Upload",
"UploadPreparedSecure"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Sources of a disk creation."
+ }
},
"imageReferenceId": {
"type": "string",
@@ -155,13 +158,13 @@
"hyperVGeneration": {
"type": "string",
"defaultValue": "V2",
- "metadata": {
- "description": "Optional. The hypervisor generation of the Virtual Machine. Applicable to OS disks only."
- },
"allowedValues": [
"V1",
"V2"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The hypervisor generation of the Virtual Machine. Applicable to OS disks only."
+ }
},
"maxShares": {
"type": "int",
@@ -173,14 +176,14 @@
"networkAccessPolicy": {
"type": "string",
"defaultValue": "DenyAll",
- "metadata": {
- "description": "Optional. Policy for accessing the disk via network."
- },
"allowedValues": [
"AllowAll",
"AllowPrivate",
"DenyAll"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Policy for accessing the disk via network."
+ }
},
"optimizedForFrequentAttach": {
"type": "bool",
@@ -192,25 +195,25 @@
"osType": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Sources of a disk creation."
- },
"allowedValues": [
"Windows",
"Linux",
""
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Sources of a disk creation."
+ }
},
"publicNetworkAccess": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Policy for controlling export on the disk."
- },
"allowedValues": [
"Disabled",
"Enabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Policy for controlling export on the disk."
+ }
},
"acceleratedNetwork": {
"type": "bool",
@@ -222,14 +225,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -350,8 +353,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12749624585003590955"
+ "version": "0.20.4.51522",
+ "templateHash": "7275007937766234540"
}
},
"parameters": {
diff --git a/modules/compute/gallery/application/main.json b/modules/compute/gallery/application/main.json
index 9970d4592d..723172da86 100644
--- a/modules/compute/gallery/application/main.json
+++ b/modules/compute/gallery/application/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4712377854140060080"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "302763326863799273"
+ },
+ "name": "Compute Galleries Applications",
+ "description": "This module deploys an Azure Compute Gallery Application.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -169,8 +172,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "992879911082543993"
+ "version": "0.20.4.51522",
+ "templateHash": "3891555929973685105"
}
},
"parameters": {
diff --git a/modules/compute/gallery/image/main.json b/modules/compute/gallery/image/main.json
index 91e4fbd3fb..3cc4aa0a12 100644
--- a/modules/compute/gallery/image/main.json
+++ b/modules/compute/gallery/image/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "1301061718242455583"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "14112753208892308004"
+ },
+ "name": "Compute Galleries Image Definitions",
+ "description": "This module deploys an Azure Compute Gallery Image Definition.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -82,8 +85,8 @@
"minRecommendedvCPUs": {
"type": "int",
"defaultValue": 1,
- "maxValue": 128,
"minValue": 1,
+ "maxValue": 128,
"metadata": {
"description": "Optional. The minimum number of the CPU cores recommended for this image."
}
@@ -91,8 +94,8 @@
"maxRecommendedvCPUs": {
"type": "int",
"defaultValue": 4,
- "maxValue": 128,
"minValue": 1,
+ "maxValue": 128,
"metadata": {
"description": "Optional. The maximum number of the CPU cores recommended for this image."
}
@@ -100,8 +103,8 @@
"minRecommendedMemory": {
"type": "int",
"defaultValue": 4,
- "maxValue": 4000,
"minValue": 1,
+ "maxValue": 4000,
"metadata": {
"description": "Optional. The minimum amount of RAM in GB recommended for this image."
}
@@ -109,8 +112,8 @@
"maxRecommendedMemory": {
"type": "int",
"defaultValue": 16,
- "maxValue": 4000,
"minValue": 1,
+ "maxValue": 4000,
"metadata": {
"description": "Optional. The maximum amount of RAM in GB recommended for this image."
}
@@ -330,8 +333,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16144820657592071665"
+ "version": "0.20.4.51522",
+ "templateHash": "5875220683176267757"
}
},
"parameters": {
diff --git a/modules/compute/gallery/main.json b/modules/compute/gallery/main.json
index cb95bb2bd6..cc5bd0ca1c 100644
--- a/modules/compute/gallery/main.json
+++ b/modules/compute/gallery/main.json
@@ -4,17 +4,20 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "13901468473811502546"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "15984862915086923960"
+ },
+ "name": "Azure Compute Galleries",
+ "description": "This module deploys an Azure Compute Gallery (formerly known as Shared Image Gallery).",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
"type": "string",
+ "minLength": 1,
"metadata": {
"description": "Required. Name of the Azure Compute Gallery."
- },
- "minLength": 1
+ }
},
"location": {
"type": "string",
@@ -47,14 +50,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -155,8 +158,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12286644635375921182"
+ "version": "0.20.4.51522",
+ "templateHash": "889221691935593360"
}
},
"parameters": {
@@ -330,9 +333,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4712377854140060080"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "302763326863799273"
+ },
+ "name": "Compute Galleries Applications",
+ "description": "This module deploys an Azure Compute Gallery Application.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -495,8 +501,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "992879911082543993"
+ "version": "0.20.4.51522",
+ "templateHash": "3891555929973685105"
}
},
"parameters": {
@@ -720,9 +726,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "1301061718242455583"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "14112753208892308004"
+ },
+ "name": "Compute Galleries Image Definitions",
+ "description": "This module deploys an Azure Compute Gallery Image Definition.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -798,8 +807,8 @@
"minRecommendedvCPUs": {
"type": "int",
"defaultValue": 1,
- "maxValue": 128,
"minValue": 1,
+ "maxValue": 128,
"metadata": {
"description": "Optional. The minimum number of the CPU cores recommended for this image."
}
@@ -807,8 +816,8 @@
"maxRecommendedvCPUs": {
"type": "int",
"defaultValue": 4,
- "maxValue": 128,
"minValue": 1,
+ "maxValue": 128,
"metadata": {
"description": "Optional. The maximum number of the CPU cores recommended for this image."
}
@@ -816,8 +825,8 @@
"minRecommendedMemory": {
"type": "int",
"defaultValue": 4,
- "maxValue": 4000,
"minValue": 1,
+ "maxValue": 4000,
"metadata": {
"description": "Optional. The minimum amount of RAM in GB recommended for this image."
}
@@ -825,8 +834,8 @@
"maxRecommendedMemory": {
"type": "int",
"defaultValue": 16,
- "maxValue": 4000,
"minValue": 1,
+ "maxValue": 4000,
"metadata": {
"description": "Optional. The maximum amount of RAM in GB recommended for this image."
}
@@ -1046,8 +1055,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16144820657592071665"
+ "version": "0.20.4.51522",
+ "templateHash": "5875220683176267757"
}
},
"parameters": {
diff --git a/modules/compute/image/main.json b/modules/compute/image/main.json
index e3c1fdd350..50b35bac9c 100644
--- a/modules/compute/image/main.json
+++ b/modules/compute/image/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16025474284352958130"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13634156293178921650"
+ },
+ "name": "Images",
+ "description": "This module deploys a Compute Image.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -218,8 +221,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4688438158405140777"
+ "version": "0.20.4.51522",
+ "templateHash": "15836902918863510796"
}
},
"parameters": {
diff --git a/modules/compute/proximity-placement-group/main.json b/modules/compute/proximity-placement-group/main.json
index 2f59ba626a..9090e4109e 100644
--- a/modules/compute/proximity-placement-group/main.json
+++ b/modules/compute/proximity-placement-group/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16971280078864146158"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "11762560439975541015"
+ },
+ "name": "Proximity Placement Groups",
+ "description": "This module deploys a Proximity Placement Group.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -36,14 +39,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -164,8 +167,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "1938170215691677826"
+ "version": "0.20.4.51522",
+ "templateHash": "2254381804917043935"
}
},
"parameters": {
diff --git a/modules/compute/ssh-public-key/main.json b/modules/compute/ssh-public-key/main.json
index 139033c803..0f9fec8cd7 100644
--- a/modules/compute/ssh-public-key/main.json
+++ b/modules/compute/ssh-public-key/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16443022752471991339"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3176936377185255192"
+ },
+ "name": "Public SSH Keys",
+ "description": "This module deploys a Public SSH Key.\r\n\r\n> Note: The resource does not auto-generate the key for you.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -32,14 +35,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -136,8 +139,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "3437555523644485146"
+ "version": "0.20.4.51522",
+ "templateHash": "15802588423286494574"
}
},
"parameters": {
diff --git a/modules/compute/virtual-machine-scale-set/.test/linux.min/dependencies.bicep b/modules/compute/virtual-machine-scale-set/.test/linux.min/dependencies.bicep
index b422cdfbe5..f524629de7 100644
--- a/modules/compute/virtual-machine-scale-set/.test/linux.min/dependencies.bicep
+++ b/modules/compute/virtual-machine-scale-set/.test/linux.min/dependencies.bicep
@@ -15,68 +15,68 @@ param sshKeyName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid(resourceGroup().id, 'Contributor', managedIdentity.id)
- scope: resourceGroup()
- properties: {
- principalId: managedIdentity.properties.principalId
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c') // Contributor
- principalType: 'ServicePrincipal'
- }
+ name: guid(resourceGroup().id, 'Contributor', managedIdentity.id)
+ scope: resourceGroup()
+ properties: {
+ principalId: managedIdentity.properties.principalId
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c') // Contributor
+ principalType: 'ServicePrincipal'
+ }
}
resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = {
- name: sshDeploymentScriptName
- location: location
- kind: 'AzurePowerShell'
- identity: {
- type: 'UserAssigned'
- userAssignedIdentities: {
- '${managedIdentity.id}': {}
- }
- }
- properties: {
- azPowerShellVersion: '9.0'
- retentionInterval: 'P1D'
- arguments: '-SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"'
- scriptContent: loadTextContent('../../../../.shared/.scripts/New-SSHKey.ps1')
+ name: sshDeploymentScriptName
+ location: location
+ kind: 'AzurePowerShell'
+ identity: {
+ type: 'UserAssigned'
+ userAssignedIdentities: {
+ '${managedIdentity.id}': {}
}
- dependsOn: [
- msiRGContrRoleAssignment
- ]
+ }
+ properties: {
+ azPowerShellVersion: '9.0'
+ retentionInterval: 'P1D'
+ arguments: '-SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"'
+ scriptContent: loadTextContent('../../../../.shared/.scripts/New-SSHKey.ps1')
+ }
+ dependsOn: [
+ msiRGContrRoleAssignment
+ ]
}
resource sshKey 'Microsoft.Compute/sshPublicKeys@2022-03-01' = {
- name: sshKeyName
- location: location
- properties: {
- publicKey: sshDeploymentScript.properties.outputs.publicKey
- }
+ name: sshKeyName
+ location: location
+ properties: {
+ publicKey: sshDeploymentScript.properties.outputs.publicKey
+ }
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/compute/virtual-machine-scale-set/.test/linux.ssecmk/dependencies.bicep b/modules/compute/virtual-machine-scale-set/.test/linux.ssecmk/dependencies.bicep
index 4b1e9aa4f9..ac1e0c0114 100644
--- a/modules/compute/virtual-machine-scale-set/.test/linux.ssecmk/dependencies.bicep
+++ b/modules/compute/virtual-machine-scale-set/.test/linux.ssecmk/dependencies.bicep
@@ -21,7 +21,7 @@ param location string = resourceGroup().location
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
name: virtualNetworkName
location: location
properties: {
diff --git a/modules/compute/virtual-machine-scale-set/.test/linux/dependencies.bicep b/modules/compute/virtual-machine-scale-set/.test/linux/dependencies.bicep
index 28cb5c9a71..139519d9ca 100644
--- a/modules/compute/virtual-machine-scale-set/.test/linux/dependencies.bicep
+++ b/modules/compute/virtual-machine-scale-set/.test/linux/dependencies.bicep
@@ -25,141 +25,141 @@ param sshKeyName string
var storageAccountCSEFileName = 'scriptExtensionMasterInstaller.ps1'
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = {
- name: keyVaultName
- location: location
- properties: {
- sku: {
- family: 'A'
- name: 'standard'
- }
- tenantId: tenant().tenantId
- enablePurgeProtection: null
- enabledForTemplateDeployment: true
- enabledForDiskEncryption: true
- enabledForDeployment: true
- enableRbacAuthorization: true
- accessPolicies: []
+ name: keyVaultName
+ location: location
+ properties: {
+ sku: {
+ family: 'A'
+ name: 'standard'
}
-
- resource key 'keys@2022-07-01' = {
- name: 'encryptionKey'
- properties: {
- kty: 'RSA'
- }
+ tenantId: tenant().tenantId
+ enablePurgeProtection: null
+ enabledForTemplateDeployment: true
+ enabledForDiskEncryption: true
+ enabledForDeployment: true
+ enableRbacAuthorization: true
+ accessPolicies: []
+ }
+
+ resource key 'keys@2022-07-01' = {
+ name: 'encryptionKey'
+ properties: {
+ kty: 'RSA'
}
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid(resourceGroup().id, 'Contributor', managedIdentity.id)
- scope: resourceGroup()
- properties: {
- principalId: managedIdentity.properties.principalId
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c') // Contributor
- principalType: 'ServicePrincipal'
- }
+ name: guid(resourceGroup().id, 'Contributor', managedIdentity.id)
+ scope: resourceGroup()
+ properties: {
+ principalId: managedIdentity.properties.principalId
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c') // Contributor
+ principalType: 'ServicePrincipal'
+ }
}
resource msiKVCryptoUserRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid(keyVault::key.id, 'Key Vault Crypto User', managedIdentity.id)
- scope: keyVault::key
- properties: {
- principalId: managedIdentity.properties.principalId
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424') // Key Vault Crypto User
- principalType: 'ServicePrincipal'
- }
+ name: guid(keyVault::key.id, 'Key Vault Crypto User', managedIdentity.id)
+ scope: keyVault::key
+ properties: {
+ principalId: managedIdentity.properties.principalId
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424') // Key Vault Crypto User
+ principalType: 'ServicePrincipal'
+ }
}
resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = {
- name: storageAccountName
- location: location
- sku: {
- name: 'Standard_LRS'
- }
- kind: 'StorageV2'
-
- resource blobService 'blobServices@2021-09-01' = {
- name: 'default'
-
- resource container 'containers@2021-09-01' = {
- name: 'scripts'
- }
+ name: storageAccountName
+ location: location
+ sku: {
+ name: 'Standard_LRS'
+ }
+ kind: 'StorageV2'
+
+ resource blobService 'blobServices@2021-09-01' = {
+ name: 'default'
+
+ resource container 'containers@2021-09-01' = {
+ name: 'scripts'
}
+ }
}
resource storageUpload 'Microsoft.Resources/deploymentScripts@2020-10-01' = {
- name: storageUploadDeploymentScriptName
- location: location
- kind: 'AzurePowerShell'
- identity: {
- type: 'UserAssigned'
- userAssignedIdentities: {
- '${managedIdentity.id}': {}
- }
- }
- properties: {
- azPowerShellVersion: '9.0'
- retentionInterval: 'P1D'
- arguments: '-StorageAccountName "${storageAccount.name}" -ResourceGroupName "${resourceGroup().name}" -ContainerName "${storageAccount::blobService::container.name}" -FileName "${storageAccountCSEFileName}"'
- scriptContent: loadTextContent('../../../../.shared/.scripts/Set-BlobContent.ps1')
+ name: storageUploadDeploymentScriptName
+ location: location
+ kind: 'AzurePowerShell'
+ identity: {
+ type: 'UserAssigned'
+ userAssignedIdentities: {
+ '${managedIdentity.id}': {}
}
- dependsOn: [
- msiRGContrRoleAssignment
- ]
+ }
+ properties: {
+ azPowerShellVersion: '9.0'
+ retentionInterval: 'P1D'
+ arguments: '-StorageAccountName "${storageAccount.name}" -ResourceGroupName "${resourceGroup().name}" -ContainerName "${storageAccount::blobService::container.name}" -FileName "${storageAccountCSEFileName}"'
+ scriptContent: loadTextContent('../../../../.shared/.scripts/Set-BlobContent.ps1')
+ }
+ dependsOn: [
+ msiRGContrRoleAssignment
+ ]
}
resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = {
- name: sshDeploymentScriptName
- location: location
- kind: 'AzurePowerShell'
- identity: {
- type: 'UserAssigned'
- userAssignedIdentities: {
- '${managedIdentity.id}': {}
- }
- }
- properties: {
- azPowerShellVersion: '9.0'
- retentionInterval: 'P1D'
- arguments: '-SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"'
- scriptContent: loadTextContent('../../../../.shared/.scripts/New-SSHKey.ps1')
+ name: sshDeploymentScriptName
+ location: location
+ kind: 'AzurePowerShell'
+ identity: {
+ type: 'UserAssigned'
+ userAssignedIdentities: {
+ '${managedIdentity.id}': {}
}
- dependsOn: [
- msiRGContrRoleAssignment
- ]
+ }
+ properties: {
+ azPowerShellVersion: '9.0'
+ retentionInterval: 'P1D'
+ arguments: '-SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"'
+ scriptContent: loadTextContent('../../../../.shared/.scripts/New-SSHKey.ps1')
+ }
+ dependsOn: [
+ msiRGContrRoleAssignment
+ ]
}
resource sshKey 'Microsoft.Compute/sshPublicKeys@2022-03-01' = {
- name: sshKeyName
- location: location
- properties: {
- publicKey: sshDeploymentScript.properties.outputs.publicKey
- }
+ name: sshKeyName
+ location: location
+ properties: {
+ publicKey: sshDeploymentScript.properties.outputs.publicKey
+ }
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/compute/virtual-machine-scale-set/.test/linux/main.test.bicep b/modules/compute/virtual-machine-scale-set/.test/linux/main.test.bicep
index d119ea7240..08c5931815 100644
--- a/modules/compute/virtual-machine-scale-set/.test/linux/main.test.bicep
+++ b/modules/compute/virtual-machine-scale-set/.test/linux/main.test.bicep
@@ -111,7 +111,6 @@ module testDeployment '../../main.bicep' = {
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName
- diagnosticLogsRetentionInDays: 7
disablePasswordAuthentication: true
encryptionAtHost: false
extensionCustomScriptConfig: {
diff --git a/modules/compute/virtual-machine-scale-set/.test/windows.min/dependencies.bicep b/modules/compute/virtual-machine-scale-set/.test/windows.min/dependencies.bicep
index 35801ed823..a163531213 100644
--- a/modules/compute/virtual-machine-scale-set/.test/windows.min/dependencies.bicep
+++ b/modules/compute/virtual-machine-scale-set/.test/windows.min/dependencies.bicep
@@ -6,24 +6,24 @@ param virtualNetworkName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/compute/virtual-machine-scale-set/.test/windows/dependencies.bicep b/modules/compute/virtual-machine-scale-set/.test/windows/dependencies.bicep
index dc24396d8c..5392bb96c3 100644
--- a/modules/compute/virtual-machine-scale-set/.test/windows/dependencies.bicep
+++ b/modules/compute/virtual-machine-scale-set/.test/windows/dependencies.bicep
@@ -22,117 +22,117 @@ param proximityPlacementGroupName string
var storageAccountCSEFileName = 'scriptExtensionMasterInstaller.ps1'
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = {
- name: keyVaultName
- location: location
- properties: {
- sku: {
- family: 'A'
- name: 'standard'
- }
- tenantId: tenant().tenantId
- enablePurgeProtection: null
- enabledForTemplateDeployment: true
- enabledForDiskEncryption: true
- enabledForDeployment: true
- enableRbacAuthorization: true
- accessPolicies: []
+ name: keyVaultName
+ location: location
+ properties: {
+ sku: {
+ family: 'A'
+ name: 'standard'
}
-
- resource key 'keys@2022-07-01' = {
- name: 'encryptionKey'
- properties: {
- kty: 'RSA'
- }
+ tenantId: tenant().tenantId
+ enablePurgeProtection: null
+ enabledForTemplateDeployment: true
+ enabledForDiskEncryption: true
+ enabledForDeployment: true
+ enableRbacAuthorization: true
+ accessPolicies: []
+ }
+
+ resource key 'keys@2022-07-01' = {
+ name: 'encryptionKey'
+ properties: {
+ kty: 'RSA'
}
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid(resourceGroup().id, 'Contributor', managedIdentity.id)
- scope: resourceGroup()
- properties: {
- principalId: managedIdentity.properties.principalId
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c') // Contributor
- principalType: 'ServicePrincipal'
- }
+ name: guid(resourceGroup().id, 'Contributor', managedIdentity.id)
+ scope: resourceGroup()
+ properties: {
+ principalId: managedIdentity.properties.principalId
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c') // Contributor
+ principalType: 'ServicePrincipal'
+ }
}
resource msiKVCryptoUserRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid(keyVault::key.id, 'Key Vault Crypto User', managedIdentity.id)
- scope: keyVault::key
- properties: {
- principalId: managedIdentity.properties.principalId
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424') // Key Vault Crypto User
- principalType: 'ServicePrincipal'
- }
+ name: guid(keyVault::key.id, 'Key Vault Crypto User', managedIdentity.id)
+ scope: keyVault::key
+ properties: {
+ principalId: managedIdentity.properties.principalId
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424') // Key Vault Crypto User
+ principalType: 'ServicePrincipal'
+ }
}
resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = {
- name: storageAccountName
- location: location
- sku: {
- name: 'Standard_LRS'
- }
- kind: 'StorageV2'
-
- resource blobService 'blobServices@2021-09-01' = {
- name: 'default'
-
- resource container 'containers@2021-09-01' = {
- name: 'scripts'
- }
+ name: storageAccountName
+ location: location
+ sku: {
+ name: 'Standard_LRS'
+ }
+ kind: 'StorageV2'
+
+ resource blobService 'blobServices@2021-09-01' = {
+ name: 'default'
+
+ resource container 'containers@2021-09-01' = {
+ name: 'scripts'
}
+ }
}
resource storageUpload 'Microsoft.Resources/deploymentScripts@2020-10-01' = {
- name: storageUploadDeploymentScriptName
- location: location
- kind: 'AzurePowerShell'
- identity: {
- type: 'UserAssigned'
- userAssignedIdentities: {
- '${managedIdentity.id}': {}
- }
+ name: storageUploadDeploymentScriptName
+ location: location
+ kind: 'AzurePowerShell'
+ identity: {
+ type: 'UserAssigned'
+ userAssignedIdentities: {
+ '${managedIdentity.id}': {}
}
- properties: {
- azPowerShellVersion: '9.0'
- retentionInterval: 'P1D'
- arguments: '-StorageAccountName "${storageAccount.name}" -ResourceGroupName "${resourceGroup().name}" -ContainerName "${storageAccount::blobService::container.name}" -FileName "${storageAccountCSEFileName}"'
- scriptContent: loadTextContent('../../../../.shared/.scripts/Set-BlobContent.ps1')
- }
- dependsOn: [
- msiRGContrRoleAssignment
- ]
+ }
+ properties: {
+ azPowerShellVersion: '9.0'
+ retentionInterval: 'P1D'
+ arguments: '-StorageAccountName "${storageAccount.name}" -ResourceGroupName "${resourceGroup().name}" -ContainerName "${storageAccount::blobService::container.name}" -FileName "${storageAccountCSEFileName}"'
+ scriptContent: loadTextContent('../../../../.shared/.scripts/Set-BlobContent.ps1')
+ }
+ dependsOn: [
+ msiRGContrRoleAssignment
+ ]
}
resource proximityPlacementGroup 'Microsoft.Compute/proximityPlacementGroups@2022-03-01' = {
- name: proximityPlacementGroupName
- location: location
+ name: proximityPlacementGroupName
+ location: location
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/compute/virtual-machine-scale-set/.test/windows/main.test.bicep b/modules/compute/virtual-machine-scale-set/.test/windows/main.test.bicep
index 21a5d78570..c6694102a5 100644
--- a/modules/compute/virtual-machine-scale-set/.test/windows/main.test.bicep
+++ b/modules/compute/virtual-machine-scale-set/.test/windows/main.test.bicep
@@ -93,7 +93,6 @@ module testDeployment '../../main.bicep' = {
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName
- diagnosticLogsRetentionInDays: 7
encryptionAtHost: false
extensionAntiMalwareConfig: {
enabled: true
diff --git a/modules/compute/virtual-machine-scale-set/README.md b/modules/compute/virtual-machine-scale-set/README.md
index 4ec607b828..b0384b82da 100644
--- a/modules/compute/virtual-machine-scale-set/README.md
+++ b/modules/compute/virtual-machine-scale-set/README.md
@@ -54,7 +54,6 @@ The following resources are required to be able to deploy this resource.
| `dataDisks` | array | `[]` | | Specifies the data disks. For security reasons, it is recommended to specify DiskEncryptionSet into the dataDisk object. Restrictions: DiskEncryptionSet cannot be enabled if Azure Disk Encryption (guest-VM encryption using bitlocker/DM-Crypt) is enabled on your VM Scale sets. |
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. |
@@ -955,7 +954,6 @@ module virtualMachineScaleSet './compute/virtual-machine-scale-set/main.bicep' =
]
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
disablePasswordAuthentication: true
@@ -1119,9 +1117,6 @@ module virtualMachineScaleSet './compute/virtual-machine-scale-set/main.bicep' =
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
@@ -1609,7 +1604,6 @@ module virtualMachineScaleSet './compute/virtual-machine-scale-set/main.bicep' =
adminPassword: ''
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -1762,9 +1756,6 @@ module virtualMachineScaleSet './compute/virtual-machine-scale-set/main.bicep' =
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/compute/virtual-machine-scale-set/extension/main.json b/modules/compute/virtual-machine-scale-set/extension/main.json
index 15f2398d22..14783762a8 100644
--- a/modules/compute/virtual-machine-scale-set/extension/main.json
+++ b/modules/compute/virtual-machine-scale-set/extension/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16938226056341383577"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3045861199823874082"
+ },
+ "name": "Virtual Machine Scale Set Extensions",
+ "description": "This module deploys a Virtual Machine Scale Set Extension.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"virtualMachineScaleSetName": {
diff --git a/modules/compute/virtual-machine-scale-set/main.bicep b/modules/compute/virtual-machine-scale-set/main.bicep
index 129d0fbec0..fbd688e838 100644
--- a/modules/compute/virtual-machine-scale-set/main.bicep
+++ b/modules/compute/virtual-machine-scale-set/main.bicep
@@ -134,11 +134,6 @@ param bootDiagnosticStorageAccountUri string = '.blob.${environment().suffixes.s
@description('Optional. Storage account used to store boot diagnostic information. Boot diagnostics will be disabled if no value is provided.')
param bootDiagnosticStorageAccountName string = ''
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -293,10 +288,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var publicKeysFormatted = [for publicKey in publicKeys: {
diff --git a/modules/compute/virtual-machine-scale-set/main.json b/modules/compute/virtual-machine-scale-set/main.json
index 5ee96b3421..89b7b6a2ca 100644
--- a/modules/compute/virtual-machine-scale-set/main.json
+++ b/modules/compute/virtual-machine-scale-set/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4825093771557214886"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "7715429520805746473"
+ },
+ "name": "Virtual Machine Scale Sets",
+ "description": "This module deploys a Virtual Machine Scale Set.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -270,15 +273,6 @@
"description": "Optional. Storage account used to store boot diagnostic information. Boot diagnostics will be disabled if no value is provided."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -310,14 +304,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"upgradePolicyMode": {
"type": "string",
@@ -390,8 +384,8 @@
"vmNamePrefix": {
"type": "string",
"defaultValue": "vmssvm",
- "maxLength": 15,
"minLength": 1,
+ "maxLength": 15,
"metadata": {
"description": "Optional. Specifies the computer name prefix for all of the virtual machines in the scale set."
}
@@ -598,11 +592,7 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -852,9 +842,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16938226056341383577"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3045861199823874082"
+ },
+ "name": "Virtual Machine Scale Set Extensions",
+ "description": "This module deploys a Virtual Machine Scale Set Extension.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"virtualMachineScaleSetName": {
@@ -1035,9 +1028,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16938226056341383577"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3045861199823874082"
+ },
+ "name": "Virtual Machine Scale Set Extensions",
+ "description": "This module deploys a Virtual Machine Scale Set Extension.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"virtualMachineScaleSetName": {
@@ -1223,9 +1219,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16938226056341383577"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3045861199823874082"
+ },
+ "name": "Virtual Machine Scale Set Extensions",
+ "description": "This module deploys a Virtual Machine Scale Set Extension.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"virtualMachineScaleSetName": {
@@ -1401,9 +1400,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16938226056341383577"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3045861199823874082"
+ },
+ "name": "Virtual Machine Scale Set Extensions",
+ "description": "This module deploys a Virtual Machine Scale Set Extension.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"virtualMachineScaleSetName": {
@@ -1579,9 +1581,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16938226056341383577"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3045861199823874082"
+ },
+ "name": "Virtual Machine Scale Set Extensions",
+ "description": "This module deploys a Virtual Machine Scale Set Extension.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"virtualMachineScaleSetName": {
@@ -1761,9 +1766,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16938226056341383577"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3045861199823874082"
+ },
+ "name": "Virtual Machine Scale Set Extensions",
+ "description": "This module deploys a Virtual Machine Scale Set Extension.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"virtualMachineScaleSetName": {
@@ -1949,9 +1957,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16938226056341383577"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3045861199823874082"
+ },
+ "name": "Virtual Machine Scale Set Extensions",
+ "description": "This module deploys a Virtual Machine Scale Set Extension.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"virtualMachineScaleSetName": {
@@ -2132,9 +2143,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16938226056341383577"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3045861199823874082"
+ },
+ "name": "Virtual Machine Scale Set Extensions",
+ "description": "This module deploys a Virtual Machine Scale Set Extension.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"virtualMachineScaleSetName": {
@@ -2312,8 +2326,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4840060024448665942"
+ "version": "0.20.4.51522",
+ "templateHash": "8957967426136290703"
}
},
"parameters": {
diff --git a/modules/compute/virtual-machine/.bicep/nested_networkInterface.bicep b/modules/compute/virtual-machine/.bicep/nested_networkInterface.bicep
index a89602200b..20386a51b8 100644
--- a/modules/compute/virtual-machine/.bicep/nested_networkInterface.bicep
+++ b/modules/compute/virtual-machine/.bicep/nested_networkInterface.bicep
@@ -12,7 +12,6 @@ param networkSecurityGroupResourceId string = ''
param ipConfigurations array
param lock string = ''
param diagnosticStorageAccountId string
-param diagnosticLogsRetentionInDays int
param diagnosticWorkspaceId string
param diagnosticEventHubAuthorizationRuleId string
param diagnosticEventHubName string
@@ -38,7 +37,6 @@ module networkInterface_publicIPAddresses '../../../network/public-ip-address/ma
diagnosticEventHubAuthorizationRuleId: diagnosticEventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticEventHubName
diagnosticLogCategoriesToEnable: pipdiagnosticLogCategoriesToEnable
- diagnosticLogsRetentionInDays: diagnosticLogsRetentionInDays
diagnosticMetricsToEnable: pipdiagnosticMetricsToEnable
diagnosticSettingsName: pipDiagnosticSettingsName
diagnosticStorageAccountId: diagnosticStorageAccountId
@@ -80,7 +78,6 @@ module networkInterface '../../../network/network-interface/main.bicep' = {
tags: tags
diagnosticEventHubAuthorizationRuleId: diagnosticEventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticEventHubName
- diagnosticLogsRetentionInDays: diagnosticLogsRetentionInDays
diagnosticStorageAccountId: diagnosticStorageAccountId
diagnosticMetricsToEnable: nicDiagnosticMetricsToEnable
diagnosticSettingsName: nicDiagnosticSettingsName
diff --git a/modules/compute/virtual-machine/.test/linux.atmg/dependencies.bicep b/modules/compute/virtual-machine/.test/linux.atmg/dependencies.bicep
index 238e6cea30..bec794c98b 100644
--- a/modules/compute/virtual-machine/.test/linux.atmg/dependencies.bicep
+++ b/modules/compute/virtual-machine/.test/linux.atmg/dependencies.bicep
@@ -15,7 +15,7 @@ param location string = resourceGroup().location
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
name: virtualNetworkName
location: location
properties: {
diff --git a/modules/compute/virtual-machine/.test/linux.min/dependencies.bicep b/modules/compute/virtual-machine/.test/linux.min/dependencies.bicep
index 0b8a697f07..c2785277dd 100644
--- a/modules/compute/virtual-machine/.test/linux.min/dependencies.bicep
+++ b/modules/compute/virtual-machine/.test/linux.min/dependencies.bicep
@@ -15,7 +15,7 @@ param location string = resourceGroup().location
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
name: virtualNetworkName
location: location
properties: {
diff --git a/modules/compute/virtual-machine/.test/linux/dependencies.bicep b/modules/compute/virtual-machine/.test/linux/dependencies.bicep
index f3fbfcbf2b..7eada55540 100644
--- a/modules/compute/virtual-machine/.test/linux/dependencies.bicep
+++ b/modules/compute/virtual-machine/.test/linux/dependencies.bicep
@@ -34,7 +34,7 @@ param location string = resourceGroup().location
var storageAccountCSEFileName = 'scriptExtensionMasterInstaller.ps1'
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
name: virtualNetworkName
location: location
properties: {
@@ -54,7 +54,7 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
}
}
-resource applicationSecurityGroup 'Microsoft.Network/applicationSecurityGroups@2022-01-01' = {
+resource applicationSecurityGroup 'Microsoft.Network/applicationSecurityGroups@2023-04-01' = {
name: applicationSecurityGroupName
location: location
}
@@ -74,7 +74,7 @@ resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-
}
}
-resource loadBalancer 'Microsoft.Network/loadBalancers@2022-01-01' = {
+resource loadBalancer 'Microsoft.Network/loadBalancers@2023-04-01' = {
name: loadBalancerName
location: location
sku: {
diff --git a/modules/compute/virtual-machine/.test/linux/main.test.bicep b/modules/compute/virtual-machine/.test/linux/main.test.bicep
index fc8e3b07af..f85bc4d585 100644
--- a/modules/compute/virtual-machine/.test/linux/main.test.bicep
+++ b/modules/compute/virtual-machine/.test/linux/main.test.bicep
@@ -166,7 +166,6 @@ module testDeployment '../../main.bicep' = {
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName
- diagnosticLogsRetentionInDays: 7
disablePasswordAuthentication: true
encryptionAtHost: false
extensionCustomScriptConfig: {
diff --git a/modules/compute/virtual-machine/.test/windows.atmg/dependencies.bicep b/modules/compute/virtual-machine/.test/windows.atmg/dependencies.bicep
index 51d5f6bb36..fb8e43c609 100644
--- a/modules/compute/virtual-machine/.test/windows.atmg/dependencies.bicep
+++ b/modules/compute/virtual-machine/.test/windows.atmg/dependencies.bicep
@@ -6,7 +6,7 @@ param location string = resourceGroup().location
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
name: virtualNetworkName
location: location
properties: {
diff --git a/modules/compute/virtual-machine/.test/windows.min/dependencies.bicep b/modules/compute/virtual-machine/.test/windows.min/dependencies.bicep
index 4157fbe2b2..683dc9d4f4 100644
--- a/modules/compute/virtual-machine/.test/windows.min/dependencies.bicep
+++ b/modules/compute/virtual-machine/.test/windows.min/dependencies.bicep
@@ -6,7 +6,7 @@ param location string = resourceGroup().location
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
name: virtualNetworkName
location: location
properties: {
diff --git a/modules/compute/virtual-machine/.test/windows.ssecmk/dependencies.bicep b/modules/compute/virtual-machine/.test/windows.ssecmk/dependencies.bicep
index 7f2ed7d2ce..05648243b5 100644
--- a/modules/compute/virtual-machine/.test/windows.ssecmk/dependencies.bicep
+++ b/modules/compute/virtual-machine/.test/windows.ssecmk/dependencies.bicep
@@ -12,7 +12,7 @@ param location string = resourceGroup().location
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
name: virtualNetworkName
location: location
properties: {
diff --git a/modules/compute/virtual-machine/.test/windows/dependencies.bicep b/modules/compute/virtual-machine/.test/windows/dependencies.bicep
index d43b805cdf..7c37c57013 100644
--- a/modules/compute/virtual-machine/.test/windows/dependencies.bicep
+++ b/modules/compute/virtual-machine/.test/windows/dependencies.bicep
@@ -31,7 +31,7 @@ param location string = resourceGroup().location
var storageAccountCSEFileName = 'scriptExtensionMasterInstaller.ps1'
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
name: virtualNetworkName
location: location
properties: {
@@ -51,7 +51,7 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
}
}
-resource applicationSecurityGroup 'Microsoft.Network/applicationSecurityGroups@2022-01-01' = {
+resource applicationSecurityGroup 'Microsoft.Network/applicationSecurityGroups@2023-04-01' = {
name: applicationSecurityGroupName
location: location
}
@@ -71,7 +71,7 @@ resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-
}
}
-resource loadBalancer 'Microsoft.Network/loadBalancers@2022-01-01' = {
+resource loadBalancer 'Microsoft.Network/loadBalancers@2023-04-01' = {
name: loadBalancerName
location: location
sku: {
diff --git a/modules/compute/virtual-machine/.test/windows/main.test.bicep b/modules/compute/virtual-machine/.test/windows/main.test.bicep
index e39aa4f154..9e059f65ab 100644
--- a/modules/compute/virtual-machine/.test/windows/main.test.bicep
+++ b/modules/compute/virtual-machine/.test/windows/main.test.bicep
@@ -170,7 +170,6 @@ module testDeployment '../../main.bicep' = {
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName
- diagnosticLogsRetentionInDays: 7
encryptionAtHost: false
extensionAntiMalwareConfig: {
enabled: true
diff --git a/modules/compute/virtual-machine/README.md b/modules/compute/virtual-machine/README.md
index 60d314cb5b..c5dcc52850 100644
--- a/modules/compute/virtual-machine/README.md
+++ b/modules/compute/virtual-machine/README.md
@@ -21,8 +21,8 @@ This module deploys a Virtual Machine with one or multiple NICs and optionally o
| `Microsoft.Compute/virtualMachines` | [2022-11-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Compute/2022-11-01/virtualMachines) |
| `Microsoft.Compute/virtualMachines/extensions` | [2022-11-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Compute/2022-11-01/virtualMachines/extensions) |
| `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) |
-| `Microsoft.Network/networkInterfaces` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/networkInterfaces) |
-| `Microsoft.Network/publicIPAddresses` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/publicIPAddresses) |
+| `Microsoft.Network/networkInterfaces` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/networkInterfaces) |
+| `Microsoft.Network/publicIPAddresses` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/publicIPAddresses) |
| `Microsoft.RecoveryServices/vaults/backupFabrics/protectionContainers/protectedItems` | [2023-01-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.RecoveryServices/2023-01-01/vaults/backupFabrics/protectionContainers/protectedItems) |
## Parameters
@@ -61,7 +61,6 @@ This module deploys a Virtual Machine with one or multiple NICs and optionally o
| `dedicatedHostId` | string | `''` | | Specifies resource ID about the dedicated host that the virtual machine resides in. |
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. |
| `disablePasswordAuthentication` | bool | `False` | | Specifies whether password authentication should be disabled. |
@@ -1137,7 +1136,6 @@ module virtualMachine './compute/virtual-machine/main.bicep' = {
]
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
disablePasswordAuthentication: true
@@ -1374,9 +1372,6 @@ module virtualMachine './compute/virtual-machine/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
@@ -1939,7 +1934,6 @@ module virtualMachine './compute/virtual-machine/main.bicep' = {
]
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableAutomaticUpdates: true
@@ -2195,9 +2189,6 @@ module virtualMachine './compute/virtual-machine/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/compute/virtual-machine/main.bicep b/modules/compute/virtual-machine/main.bicep
index bc4327b6af..3cd09f6b51 100644
--- a/modules/compute/virtual-machine/main.bicep
+++ b/modules/compute/virtual-machine/main.bicep
@@ -223,11 +223,6 @@ param extensionCustomScriptProtectedSetting object = {}
@description('Optional. Location for all resources.')
param location string = resourceGroup().location
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -399,7 +394,6 @@ module vm_nic '.bicep/nested_networkInterface.bicep' = [for (nicConfiguration, i
ipConfigurations: nicConfiguration.ipConfigurations
lock: lock
diagnosticStorageAccountId: diagnosticStorageAccountId
- diagnosticLogsRetentionInDays: diagnosticLogsRetentionInDays
diagnosticWorkspaceId: diagnosticWorkspaceId
diagnosticEventHubAuthorizationRuleId: diagnosticEventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticEventHubName
diff --git a/modules/compute/virtual-machine/main.json b/modules/compute/virtual-machine/main.json
index d54ab582ce..7c0d0faab1 100644
--- a/modules/compute/virtual-machine/main.json
+++ b/modules/compute/virtual-machine/main.json
@@ -5,7 +5,7 @@
"_generator": {
"name": "bicep",
"version": "0.20.4.51522",
- "templateHash": "10649954371905940405"
+ "templateHash": "6083372606537708604"
},
"name": "Virtual Machines",
"description": "This module deploys a Virtual Machine with one or multiple NICs and optionally one or multiple public IPs.",
@@ -432,15 +432,6 @@
"description": "Optional. Location for all resources."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "minValue": 0,
- "maxValue": 365,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -821,9 +812,6 @@
"diagnosticStorageAccountId": {
"value": "[parameters('diagnosticStorageAccountId')]"
},
- "diagnosticLogsRetentionInDays": {
- "value": "[parameters('diagnosticLogsRetentionInDays')]"
- },
"diagnosticWorkspaceId": {
"value": "[parameters('diagnosticWorkspaceId')]"
},
@@ -857,7 +845,7 @@
"_generator": {
"name": "bicep",
"version": "0.20.4.51522",
- "templateHash": "7198152300976797281"
+ "templateHash": "18368167306058144977"
}
},
"parameters": {
@@ -902,9 +890,6 @@
"diagnosticStorageAccountId": {
"type": "string"
},
- "diagnosticLogsRetentionInDays": {
- "type": "int"
- },
"diagnosticWorkspaceId": {
"type": "string"
},
@@ -976,9 +961,6 @@
"diagnosticLogCategoriesToEnable": {
"value": "[parameters('pipdiagnosticLogCategoriesToEnable')]"
},
- "diagnosticLogsRetentionInDays": {
- "value": "[parameters('diagnosticLogsRetentionInDays')]"
- },
"diagnosticMetricsToEnable": {
"value": "[parameters('pipdiagnosticMetricsToEnable')]"
},
@@ -1018,7 +1000,7 @@
"_generator": {
"name": "bicep",
"version": "0.20.4.51522",
- "templateHash": "14474619344547636171"
+ "templateHash": "7444990895328873286"
},
"name": "Public IP Addresses",
"description": "This module deploys a Public IP Address.",
@@ -1089,15 +1071,6 @@
"description": "Optional. IP address version."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "minValue": 0,
- "maxValue": 365,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -1133,6 +1106,20 @@
"description": "Optional. The domain name label. The concatenation of the domain name label and the regionalized DNS zone make up the fully qualified domain name associated with the public IP address. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system."
}
},
+ "domainNameLabelScope": {
+ "type": "string",
+ "defaultValue": "",
+ "allowedValues": [
+ "",
+ "NoReuse",
+ "ResourceGroupReuse",
+ "SubscriptionReuse",
+ "TenantReuse"
+ ],
+ "metadata": {
+ "description": "Optional. The domain name label scope. If a domain name label and a domain name label scope are specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system with a hashed value includes in FQDN."
+ }
+ },
"fqdn": {
"type": "string",
"defaultValue": "",
@@ -1230,11 +1217,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -1243,15 +1226,11 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
},
"resources": [
{
@@ -1270,7 +1249,7 @@
},
{
"type": "Microsoft.Network/publicIPAddresses",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
@@ -1280,7 +1259,7 @@
},
"zones": "[parameters('zones')]",
"properties": {
- "dnsSettings": "[if(not(empty(parameters('domainNameLabel'))), createObject('domainNameLabel', parameters('domainNameLabel'), 'fqdn', parameters('fqdn'), 'reverseFqdn', parameters('reverseFqdn')), null())]",
+ "dnsSettings": "[if(not(empty(parameters('domainNameLabel'))), createObject('domainNameLabel', parameters('domainNameLabel'), 'domainNameLabelScope', parameters('domainNameLabelScope'), 'fqdn', parameters('fqdn'), 'reverseFqdn', parameters('reverseFqdn')), null())]",
"publicIPAddressVersion": "[parameters('publicIPAddressVersion')]",
"publicIPAllocationMethod": "[parameters('publicIPAllocationMethod')]",
"publicIPPrefix": "[if(not(empty(parameters('publicIPPrefixResourceId'))), createObject('id', parameters('publicIPPrefixResourceId')), null())]",
@@ -1525,14 +1504,14 @@
"metadata": {
"description": "The public IP address of the public IP address resource."
},
- "value": "[if(contains(reference(resourceId('Microsoft.Network/publicIPAddresses', parameters('name')), '2022-07-01'), 'ipAddress'), reference(resourceId('Microsoft.Network/publicIPAddresses', parameters('name')), '2022-07-01').ipAddress, '')]"
+ "value": "[if(contains(reference(resourceId('Microsoft.Network/publicIPAddresses', parameters('name')), '2023-04-01'), 'ipAddress'), reference(resourceId('Microsoft.Network/publicIPAddresses', parameters('name')), '2023-04-01').ipAddress, '')]"
},
"location": {
"type": "string",
"metadata": {
"description": "The location the resource was deployed into."
},
- "value": "[reference(resourceId('Microsoft.Network/publicIPAddresses', parameters('name')), '2022-07-01', 'full').location]"
+ "value": "[reference(resourceId('Microsoft.Network/publicIPAddresses', parameters('name')), '2023-04-01', 'full').location]"
}
}
}
@@ -1572,9 +1551,6 @@
"diagnosticEventHubName": {
"value": "[parameters('diagnosticEventHubName')]"
},
- "diagnosticLogsRetentionInDays": {
- "value": "[parameters('diagnosticLogsRetentionInDays')]"
- },
"diagnosticStorageAccountId": {
"value": "[parameters('diagnosticStorageAccountId')]"
},
@@ -1610,7 +1586,7 @@
"_generator": {
"name": "bicep",
"version": "0.20.4.51522",
- "templateHash": "2671718918533328624"
+ "templateHash": "4973390307671682303"
},
"name": "Network Interface",
"description": "This module deploys a Network Interface.",
@@ -1684,6 +1660,20 @@
"description": "Optional. Auxiliary mode of Network Interface resource. Not all regions are enabled for Auxiliary Mode Nic."
}
},
+ "auxiliarySku": {
+ "type": "string",
+ "defaultValue": "None",
+ "allowedValues": [
+ "A1",
+ "A2",
+ "A4",
+ "A8",
+ "None"
+ ],
+ "metadata": {
+ "description": "Optional. Auxiliary sku of Network Interface resource. Not all regions are enabled for Auxiliary Mode Nic."
+ }
+ },
"disableTcpStateTracking": {
"type": "bool",
"defaultValue": false,
@@ -1716,15 +1706,6 @@
"description": "Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "minValue": 0,
- "maxValue": 365,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -1781,11 +1762,7 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
]
@@ -1807,7 +1784,7 @@
},
{
"type": "Microsoft.Network/networkInterfaces",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
@@ -1838,6 +1815,7 @@
}
],
"auxiliaryMode": "[parameters('auxiliaryMode')]",
+ "auxiliarySku": "[parameters('auxiliarySku')]",
"disableTcpStateTracking": "[parameters('disableTcpStateTracking')]",
"dnsSettings": "[if(not(empty(parameters('dnsServers'))), createObject('dnsServers', parameters('dnsServers')), null())]",
"enableAcceleratedNetworking": "[parameters('enableAcceleratedNetworking')]",
@@ -2081,7 +2059,7 @@
"metadata": {
"description": "The location the resource was deployed into."
},
- "value": "[reference(resourceId('Microsoft.Network/networkInterfaces', parameters('name')), '2022-07-01', 'full').location]"
+ "value": "[reference(resourceId('Microsoft.Network/networkInterfaces', parameters('name')), '2023-04-01', 'full').location]"
}
}
}
diff --git a/modules/consumption/budget/main.json b/modules/consumption/budget/main.json
index 9e9d62b0c3..ef53563e18 100644
--- a/modules/consumption/budget/main.json
+++ b/modules/consumption/budget/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "426286761409182782"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "1449481505821750821"
+ },
+ "name": "Consumption Budgets",
+ "description": "This module deploys a Consumption Budget for Subscriptions.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -18,13 +21,13 @@
"category": {
"type": "string",
"defaultValue": "Cost",
- "metadata": {
- "description": "Optional. The category of the budget, whether the budget tracks cost or usage."
- },
"allowedValues": [
"Cost",
"Usage"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The category of the budget, whether the budget tracks cost or usage."
+ }
},
"amount": {
"type": "int",
@@ -35,9 +38,6 @@
"resetPeriod": {
"type": "string",
"defaultValue": "Monthly",
- "metadata": {
- "description": "Optional. The time covered by a budget. Tracking of the amount will be reset based on the time grain. BillingMonth, BillingQuarter, and BillingAnnual are only supported by WD customers."
- },
"allowedValues": [
"Monthly",
"Quarterly",
@@ -45,7 +45,10 @@
"BillingMonth",
"BillingQuarter",
"BillingAnnual"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The time covered by a budget. Tracking of the amount will be reset based on the time grain. BillingMonth, BillingQuarter, and BillingAnnual are only supported by WD customers."
+ }
},
"startDate": {
"type": "string",
@@ -70,10 +73,10 @@
100,
110
],
+ "maxLength": 5,
"metadata": {
"description": "Optional. Percent thresholds of budget for when to get a notification. Can be up to 5 thresholds, where each must be between 1 and 1000."
- },
- "maxLength": 5
+ }
},
"contactEmails": {
"type": "array",
diff --git a/modules/container-instance/container-group/.test/private/dependencies.bicep b/modules/container-instance/container-group/.test/private/dependencies.bicep
index 2d569ac75c..ed78f60367 100644
--- a/modules/container-instance/container-group/.test/private/dependencies.bicep
+++ b/modules/container-instance/container-group/.test/private/dependencies.bicep
@@ -12,7 +12,7 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-
location: location
}
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
name: virtualNetworkName
location: location
properties: {
diff --git a/modules/container-instance/container-group/main.json b/modules/container-instance/container-group/main.json
index 9e7029fba6..0cbb0f3e8d 100644
--- a/modules/container-instance/container-group/main.json
+++ b/modules/container-instance/container-group/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "8465029144420392889"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "15520115364290638727"
+ },
+ "name": "Container Instances Container Groups",
+ "description": "This module deploys a Container Instance Container Group.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -38,25 +41,25 @@
"restartPolicy": {
"type": "string",
"defaultValue": "Always",
- "metadata": {
- "description": "Optional. Restart policy for all containers within the container group. - Always: Always restart. OnFailure: Restart on failure. Never: Never restart. - Always, OnFailure, Never."
- },
"allowedValues": [
"Always",
"OnFailure",
"Never"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Restart policy for all containers within the container group. - Always: Always restart. OnFailure: Restart on failure. Never: Never restart. - Always, OnFailure, Never."
+ }
},
"ipAddressType": {
"type": "string",
"defaultValue": "Public",
- "metadata": {
- "description": "Optional. Specifies if the IP is exposed to the public internet or private VNET. - Public or Private."
- },
"allowedValues": [
"Public",
"Private"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specifies if the IP is exposed to the public internet or private VNET. - Public or Private."
+ }
},
"imageRegistryCredentials": {
"type": "array",
@@ -75,16 +78,16 @@
"autoGeneratedDomainNameLabelScope": {
"type": "string",
"defaultValue": "TenantReuse",
- "metadata": {
- "description": "Optional. Specify level of protection of the domain name label."
- },
"allowedValues": [
"Noreuse",
"ResourceGroupReuse",
"SubscriptionReuse",
"TenantReuse",
"Unsecure"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify level of protection of the domain name label."
+ }
},
"dnsNameLabel": {
"type": "string",
@@ -131,14 +134,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"systemAssignedIdentity": {
"type": "bool",
diff --git a/modules/container-registry/registry/.test/common/dependencies.bicep b/modules/container-registry/registry/.test/common/dependencies.bicep
index a1cf849490..a758909a14 100644
--- a/modules/container-registry/registry/.test/common/dependencies.bicep
+++ b/modules/container-registry/registry/.test/common/dependencies.bicep
@@ -9,45 +9,45 @@ param managedIdentityName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'privatelink${environment().suffixes.acrLoginServer}'
- location: 'global'
+ name: 'privatelink${environment().suffixes.acrLoginServer}'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/container-registry/registry/.test/common/main.test.bicep b/modules/container-registry/registry/.test/common/main.test.bicep
index 8460898be1..a2086f2f12 100644
--- a/modules/container-registry/registry/.test/common/main.test.bicep
+++ b/modules/container-registry/registry/.test/common/main.test.bicep
@@ -66,7 +66,6 @@ module testDeployment '../../main.bicep' = {
name: '${namePrefix}${serviceShort}001'
acrAdminUserEnabled: false
acrSku: 'Premium'
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/container-registry/registry/.test/encr/dependencies.bicep b/modules/container-registry/registry/.test/encr/dependencies.bicep
index 1ccddcada9..9922e752af 100644
--- a/modules/container-registry/registry/.test/encr/dependencies.bicep
+++ b/modules/container-registry/registry/.test/encr/dependencies.bicep
@@ -12,66 +12,66 @@ param managedIdentityName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = {
- name: keyVaultName
- location: location
- properties: {
- sku: {
- family: 'A'
- name: 'standard'
- }
- tenantId: tenant().tenantId
- enablePurgeProtection: true // Required by batch account
- softDeleteRetentionInDays: 7
- enabledForTemplateDeployment: true
- enabledForDiskEncryption: true
- enabledForDeployment: true
- enableRbacAuthorization: true
- accessPolicies: []
+ name: keyVaultName
+ location: location
+ properties: {
+ sku: {
+ family: 'A'
+ name: 'standard'
}
+ tenantId: tenant().tenantId
+ enablePurgeProtection: true // Required by batch account
+ softDeleteRetentionInDays: 7
+ enabledForTemplateDeployment: true
+ enabledForDiskEncryption: true
+ enabledForDeployment: true
+ enableRbacAuthorization: true
+ accessPolicies: []
+ }
- resource key 'keys@2022-07-01' = {
- name: 'keyEncryptionKey'
- properties: {
- kty: 'RSA'
- }
+ resource key 'keys@2022-07-01' = {
+ name: 'keyEncryptionKey'
+ properties: {
+ kty: 'RSA'
}
+ }
}
resource keyPermissions 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid('msi-${keyVault::key.id}-${location}-${managedIdentity.id}-Key-Reader-RoleAssignment')
- scope: keyVault::key
- properties: {
- principalId: managedIdentity.properties.principalId
- // Key Vault Crypto User
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424')
- principalType: 'ServicePrincipal'
- }
+ name: guid('msi-${keyVault::key.id}-${location}-${managedIdentity.id}-Key-Reader-RoleAssignment')
+ scope: keyVault::key
+ properties: {
+ principalId: managedIdentity.properties.principalId
+ // Key Vault Crypto User
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424')
+ principalType: 'ServicePrincipal'
+ }
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/container-registry/registry/.test/pe/dependencies.bicep b/modules/container-registry/registry/.test/pe/dependencies.bicep
index b40eceeecc..6d9f2aa57a 100644
--- a/modules/container-registry/registry/.test/pe/dependencies.bicep
+++ b/modules/container-registry/registry/.test/pe/dependencies.bicep
@@ -6,40 +6,40 @@ param virtualNetworkName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'privatelink${environment().suffixes.acrLoginServer}'
- location: 'global'
+ name: 'privatelink${environment().suffixes.acrLoginServer}'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/container-registry/registry/README.md b/modules/container-registry/registry/README.md
index dc3bf65c9a..563a2e27b0 100644
--- a/modules/container-registry/registry/README.md
+++ b/modules/container-registry/registry/README.md
@@ -20,8 +20,8 @@ This module deploys an Azure Container Registry (ACR).
| `Microsoft.ContainerRegistry/registries/replications` | [2022-02-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.ContainerRegistry/2022-02-01-preview/registries/replications) |
| `Microsoft.ContainerRegistry/registries/webhooks` | [2022-02-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.ContainerRegistry/2022-02-01-preview/registries/webhooks) |
| `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) |
-| `Microsoft.Network/privateEndpoints` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints) |
-| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints/privateDnsZoneGroups) |
+| `Microsoft.Network/privateEndpoints` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints) |
+| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints/privateDnsZoneGroups) |
## Parameters
@@ -52,7 +52,6 @@ This module deploys an Azure Container Registry (ACR).
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, ContainerRegistryLoginEvents, ContainerRegistryRepositoryEvents]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
@@ -393,7 +392,6 @@ module registry './container-registry/registry/main.bicep' = {
azureADAuthenticationAsArmPolicyStatus: 'enabled'
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -489,9 +487,6 @@ module registry './container-registry/registry/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/container-registry/registry/main.bicep b/modules/container-registry/registry/main.bicep
index 68f470fdf9..74989bd260 100644
--- a/modules/container-registry/registry/main.bicep
+++ b/modules/container-registry/registry/main.bicep
@@ -155,11 +155,6 @@ param diagnosticMetricsToEnable array = [
'AllMetrics'
]
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -193,20 +188,12 @@ param cMKUserAssignedIdentityResourceId string = ''
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -214,10 +201,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None')
diff --git a/modules/container-registry/registry/main.json b/modules/container-registry/registry/main.json
index 5990ccd39d..53c6af6abb 100644
--- a/modules/container-registry/registry/main.json
+++ b/modules/container-registry/registry/main.json
@@ -4,15 +4,18 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "7144443471376224807"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "6969483115486766809"
+ },
+ "name": "Azure Container Registries (ACR)",
+ "description": "This module deploys an Azure Container Registry (ACR).",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
"type": "string",
- "maxLength": 50,
"minLength": 5,
+ "maxLength": 50,
"metadata": {
"description": "Required. Name of your Azure container registry."
}
@@ -53,46 +56,46 @@
"exportPolicyStatus": {
"type": "string",
"defaultValue": "disabled",
- "metadata": {
- "description": "Optional. The value that indicates whether the export policy is enabled or not."
- },
"allowedValues": [
"disabled",
"enabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The value that indicates whether the export policy is enabled or not."
+ }
},
"quarantinePolicyStatus": {
"type": "string",
"defaultValue": "disabled",
- "metadata": {
- "description": "Optional. The value that indicates whether the quarantine policy is enabled or not."
- },
"allowedValues": [
"disabled",
"enabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The value that indicates whether the quarantine policy is enabled or not."
+ }
},
"trustPolicyStatus": {
"type": "string",
"defaultValue": "disabled",
- "metadata": {
- "description": "Optional. The value that indicates whether the trust policy is enabled or not."
- },
"allowedValues": [
"disabled",
"enabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The value that indicates whether the trust policy is enabled or not."
+ }
},
"retentionPolicyStatus": {
"type": "string",
"defaultValue": "enabled",
- "metadata": {
- "description": "Optional. The value that indicates whether the retention policy is enabled or not."
- },
"allowedValues": [
"disabled",
"enabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The value that indicates whether the retention policy is enabled or not."
+ }
},
"retentionPolicyDays": {
"type": "int",
@@ -104,24 +107,24 @@
"azureADAuthenticationAsArmPolicyStatus": {
"type": "string",
"defaultValue": "enabled",
- "metadata": {
- "description": "Optional. The value that indicates whether the policy for using ARM audience token for a container registr is enabled or not. Default is enabled."
- },
"allowedValues": [
"disabled",
"enabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The value that indicates whether the policy for using ARM audience token for a container registr is enabled or not. Default is enabled."
+ }
},
"softDeletePolicyStatus": {
"type": "string",
"defaultValue": "disabled",
- "metadata": {
- "description": "Optional. Soft Delete policy status. Default is disabled."
- },
"allowedValues": [
"disabled",
"enabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Soft Delete policy status. Default is disabled."
+ }
},
"softDeletePolicyDays": {
"type": "int",
@@ -152,24 +155,24 @@
"networkRuleBypassOptions": {
"type": "string",
"defaultValue": "AzureServices",
- "metadata": {
- "description": "Optional. Whether to allow trusted Azure services to access a network restricted registry."
- },
"allowedValues": [
"AzureServices",
"None"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Whether to allow trusted Azure services to access a network restricted registry."
+ }
},
"networkRuleSetDefaultAction": {
"type": "string",
"defaultValue": "Deny",
- "metadata": {
- "description": "Optional. The default action of allow or deny when no other rules match."
- },
"allowedValues": [
"Allow",
"Deny"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The default action of allow or deny when no other rules match."
+ }
},
"networkRuleSetIpRules": {
"type": "array",
@@ -188,13 +191,13 @@
"zoneRedundancy": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Whether or not zone redundancy is enabled for this container registry."
- },
"allowedValues": [
"Disabled",
"Enabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Whether or not zone redundancy is enabled for this container registry."
+ }
},
"replications": {
"type": "array",
@@ -213,14 +216,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"systemAssignedIdentity": {
"type": "bool",
@@ -277,15 +280,6 @@
"description": "Optional. The name of metrics that will be streamed."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -364,11 +358,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -377,15 +367,11 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
"identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]",
"identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]",
"enableReferencedModulesTelemetry": false
@@ -512,9 +498,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4732499637614328383"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13921692097298323788"
+ },
+ "name": "Azure Container Registry (ACR) Replications",
+ "description": "This module deploys an Azure Container Registry (ACR) Replication.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"registryName": {
@@ -553,13 +542,13 @@
"zoneRedundancy": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Whether or not zone redundancy is enabled for this container registry."
- },
"allowedValues": [
"Disabled",
"Enabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Whether or not zone redundancy is enabled for this container registry."
+ }
},
"enableDefaultTelemetry": {
"type": "bool",
@@ -668,9 +657,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "2786725630837251417"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "939950579337463642"
+ },
+ "name": "Azure Container Registry (ACR) Webhooks",
+ "description": "This module deploys an Azure Container Registry (ACR) Webhook.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"registryName": {
@@ -682,8 +674,8 @@
"name": {
"type": "string",
"defaultValue": "[format('{0}webhook', parameters('registryName'))]",
- "maxLength": 50,
"minLength": 5,
+ "maxLength": 50,
"metadata": {
"description": "Optional. The name of the registry webhook."
}
@@ -697,13 +689,13 @@
"status": {
"type": "string",
"defaultValue": "enabled",
- "metadata": {
- "description": "Optional. The status of the webhook at the time the operation was called."
- },
"allowedValues": [
"disabled",
"enabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The status of the webhook at the time the operation was called."
+ }
},
"action": {
"type": "array",
@@ -875,8 +867,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12128774062345830351"
+ "version": "0.20.4.51522",
+ "templateHash": "5342120260919416983"
}
},
"parameters": {
@@ -1043,9 +1035,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11825715538543749879"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13560297539192628062"
+ },
+ "name": "Private Endpoints",
+ "description": "This module deploys a Private Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -1110,14 +1105,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -1175,7 +1170,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
@@ -1240,9 +1235,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12684511314187066258"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17831763001460207830"
+ },
+ "name": "Private Endpoint Private DNS Zone Groups",
+ "description": "This module deploys a Private Endpoint Private DNS Zone Group.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"privateEndpointName": {
@@ -1253,8 +1251,8 @@
},
"privateDNSResourceIds": {
"type": "array",
- "maxLength": 5,
"minLength": 1,
+ "maxLength": 5,
"metadata": {
"description": "Required. Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones."
}
@@ -1305,7 +1303,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('name'))]",
"properties": {
"privateDnsZoneConfigs": "[variables('privateDnsZoneConfigs')]"
@@ -1375,8 +1373,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18055161250379920591"
+ "version": "0.20.4.51522",
+ "templateHash": "11548486149222715894"
}
},
"parameters": {
@@ -1546,7 +1544,7 @@
"metadata": {
"description": "The location the resource was deployed into."
},
- "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2022-07-01', 'full').location]"
+ "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2023-04-01', 'full').location]"
}
}
}
diff --git a/modules/container-registry/registry/replication/main.json b/modules/container-registry/registry/replication/main.json
index a1712822aa..e6c678c98c 100644
--- a/modules/container-registry/registry/replication/main.json
+++ b/modules/container-registry/registry/replication/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4732499637614328383"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13921692097298323788"
+ },
+ "name": "Azure Container Registry (ACR) Replications",
+ "description": "This module deploys an Azure Container Registry (ACR) Replication.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"registryName": {
@@ -45,13 +48,13 @@
"zoneRedundancy": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Whether or not zone redundancy is enabled for this container registry."
- },
"allowedValues": [
"Disabled",
"Enabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Whether or not zone redundancy is enabled for this container registry."
+ }
},
"enableDefaultTelemetry": {
"type": "bool",
diff --git a/modules/container-registry/registry/webhook/main.json b/modules/container-registry/registry/webhook/main.json
index e69dac9056..2d53ae4942 100644
--- a/modules/container-registry/registry/webhook/main.json
+++ b/modules/container-registry/registry/webhook/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "2786725630837251417"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "939950579337463642"
+ },
+ "name": "Azure Container Registry (ACR) Webhooks",
+ "description": "This module deploys an Azure Container Registry (ACR) Webhook.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"registryName": {
@@ -18,8 +21,8 @@
"name": {
"type": "string",
"defaultValue": "[format('{0}webhook', parameters('registryName'))]",
- "maxLength": 50,
"minLength": 5,
+ "maxLength": 50,
"metadata": {
"description": "Optional. The name of the registry webhook."
}
@@ -33,13 +36,13 @@
"status": {
"type": "string",
"defaultValue": "enabled",
- "metadata": {
- "description": "Optional. The status of the webhook at the time the operation was called."
- },
"allowedValues": [
"disabled",
"enabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The status of the webhook at the time the operation was called."
+ }
},
"action": {
"type": "array",
diff --git a/modules/container-service/managed-cluster/.test/azure/dependencies.bicep b/modules/container-service/managed-cluster/.test/azure/dependencies.bicep
index 6f5cdb5111..8afe485d28 100644
--- a/modules/container-service/managed-cluster/.test/azure/dependencies.bicep
+++ b/modules/container-service/managed-cluster/.test/azure/dependencies.bicep
@@ -19,111 +19,111 @@ param proximityPlacementGroupName string
@description('Required. The name of the DNS Zone to create.')
param dnsZoneName string
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-09-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- '10.1.0.0/22'
- ]
- }
- subnets: [
- {
- name: 'systemSubnet'
- properties: {
- addressPrefix: '10.1.0.0/24'
- }
- }
- {
- name: 'userSubnet1'
- properties: {
- addressPrefix: '10.1.1.0/24'
- }
- }
- {
- name: 'userSubnet2'
- properties: {
- addressPrefix: '10.1.2.0/24'
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ '10.1.0.0/22'
+ ]
}
+ subnets: [
+ {
+ name: 'systemSubnet'
+ properties: {
+ addressPrefix: '10.1.0.0/24'
+ }
+ }
+ {
+ name: 'userSubnet1'
+ properties: {
+ addressPrefix: '10.1.1.0/24'
+ }
+ }
+ {
+ name: 'userSubnet2'
+ properties: {
+ addressPrefix: '10.1.2.0/24'
+ }
+ }
+ ]
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
resource keyVault 'Microsoft.KeyVault/vaults@2022-11-01' = {
- name: keyVaultName
- location: location
- properties: {
- sku: {
- family: 'A'
- name: 'standard'
- }
- tenantId: tenant().tenantId
- enablePurgeProtection: true // Required by nodepool vmss
- softDeleteRetentionInDays: 7
- enabledForTemplateDeployment: true
- enabledForDiskEncryption: true
- enabledForDeployment: true
- enableRbacAuthorization: true
- accessPolicies: []
+ name: keyVaultName
+ location: location
+ properties: {
+ sku: {
+ family: 'A'
+ name: 'standard'
}
-
- resource key 'keys@2022-07-01' = {
- name: 'encryptionKey'
- properties: {
- kty: 'RSA'
- }
+ tenantId: tenant().tenantId
+ enablePurgeProtection: true // Required by nodepool vmss
+ softDeleteRetentionInDays: 7
+ enabledForTemplateDeployment: true
+ enabledForDiskEncryption: true
+ enabledForDeployment: true
+ enableRbacAuthorization: true
+ accessPolicies: []
+ }
+
+ resource key 'keys@2022-07-01' = {
+ name: 'encryptionKey'
+ properties: {
+ kty: 'RSA'
}
+ }
}
resource diskEncryptionSet 'Microsoft.Compute/diskEncryptionSets@2022-07-02' = {
- name: diskEncryptionSetName
- location: location
- identity: {
- type: 'SystemAssigned'
- }
- properties: {
- activeKey: {
- sourceVault: {
- id: keyVault.id
- }
- keyUrl: keyVault::key.properties.keyUriWithVersion
- }
- encryptionType: 'EncryptionAtRestWithCustomerKey'
+ name: diskEncryptionSetName
+ location: location
+ identity: {
+ type: 'SystemAssigned'
+ }
+ properties: {
+ activeKey: {
+ sourceVault: {
+ id: keyVault.id
+ }
+ keyUrl: keyVault::key.properties.keyUriWithVersion
}
+ encryptionType: 'EncryptionAtRestWithCustomerKey'
+ }
}
resource keyPermissions 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid('msi-${keyVault.id}-${location}-${managedIdentity.id}-KeyVault-Key-Read-RoleAssignment')
- scope: keyVault
- properties: {
- principalId: diskEncryptionSet.identity.principalId
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'e147488a-f6f5-4113-8e2d-b22465e65bf6') // Key Vault Crypto Service Encryption User
- principalType: 'ServicePrincipal'
- }
+ name: guid('msi-${keyVault.id}-${location}-${managedIdentity.id}-KeyVault-Key-Read-RoleAssignment')
+ scope: keyVault
+ properties: {
+ principalId: diskEncryptionSet.identity.principalId
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'e147488a-f6f5-4113-8e2d-b22465e65bf6') // Key Vault Crypto Service Encryption User
+ principalType: 'ServicePrincipal'
+ }
}
resource proximityPlacementGroup 'Microsoft.Compute/proximityPlacementGroups@2022-03-01' = {
- name: proximityPlacementGroupName
- location: location
+ name: proximityPlacementGroupName
+ location: location
}
@description('The resource ID of the created Virtual Network Subnet.')
output subnetResourceIds array = [
- virtualNetwork.properties.subnets[0].id
- virtualNetwork.properties.subnets[1].id
- virtualNetwork.properties.subnets[2].id
+ virtualNetwork.properties.subnets[0].id
+ virtualNetwork.properties.subnets[1].id
+ virtualNetwork.properties.subnets[2].id
]
resource dnsZone 'Microsoft.Network/dnsZones@2018-05-01' = {
- name: dnsZoneName
- location: 'global'
+ name: dnsZoneName
+ location: 'global'
}
@description('The principal ID of the created Managed Identity.')
diff --git a/modules/container-service/managed-cluster/.test/azure/main.test.bicep b/modules/container-service/managed-cluster/.test/azure/main.test.bicep
index 53e453d441..ae463a55e5 100644
--- a/modules/container-service/managed-cluster/.test/azure/main.test.bicep
+++ b/modules/container-service/managed-cluster/.test/azure/main.test.bicep
@@ -147,7 +147,6 @@ module testDeployment '../../main.bicep' = {
}
]
aksClusterNetworkPlugin: 'azure'
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/container-service/managed-cluster/.test/kubenet/main.test.bicep b/modules/container-service/managed-cluster/.test/kubenet/main.test.bicep
index 617ca20c95..5faf01208e 100644
--- a/modules/container-service/managed-cluster/.test/kubenet/main.test.bicep
+++ b/modules/container-service/managed-cluster/.test/kubenet/main.test.bicep
@@ -135,7 +135,6 @@ module testDeployment '../../main.bicep' = {
}
]
aksClusterNetworkPlugin: 'kubenet'
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/container-service/managed-cluster/.test/priv/dependencies.bicep b/modules/container-service/managed-cluster/.test/priv/dependencies.bicep
index 45db73ed47..6e584a61cf 100644
--- a/modules/container-service/managed-cluster/.test/priv/dependencies.bicep
+++ b/modules/container-service/managed-cluster/.test/priv/dependencies.bicep
@@ -13,65 +13,65 @@ param virtualNetworkName string
var addressPrefix = '10.0.0.0/16'
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
resource privateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: privateDnsZoneName
- location: 'global'
+ name: privateDnsZoneName
+ location: 'global'
}
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource privateDNSZoneVNetLink 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2020-06-01' = {
- name: 'pDnsLink-${virtualNetworkName}-${privateDnsZoneName}'
- location: 'global'
- parent: privateDnsZone
- properties: {
- registrationEnabled: true
- virtualNetwork: {
- id: virtualNetwork.id
- }
+ name: 'pDnsLink-${virtualNetworkName}-${privateDnsZoneName}'
+ location: 'global'
+ parent: privateDnsZone
+ properties: {
+ registrationEnabled: true
+ virtualNetwork: {
+ id: virtualNetwork.id
}
+ }
}
resource msiVnetRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid(resourceGroup().id, 'NetworkContributor', managedIdentity.id)
- scope: virtualNetwork
- properties: {
- principalId: managedIdentity.properties.principalId
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '4d97b98b-1d4f-4787-a291-c67834d212e7') // Network Contributor
- principalType: 'ServicePrincipal'
- }
+ name: guid(resourceGroup().id, 'NetworkContributor', managedIdentity.id)
+ scope: virtualNetwork
+ properties: {
+ principalId: managedIdentity.properties.principalId
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '4d97b98b-1d4f-4787-a291-c67834d212e7') // Network Contributor
+ principalType: 'ServicePrincipal'
+ }
}
resource msiPrivDnsZoneRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid(resourceGroup().id, 'PrivateDNSZoneContributor', managedIdentity.id)
- scope: privateDnsZone
- properties: {
- principalId: managedIdentity.properties.principalId
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b12aa53e-6015-4669-85d0-8515ebb3ae7f') // Private DNS Zone Contributor
- principalType: 'ServicePrincipal'
- }
+ name: guid(resourceGroup().id, 'PrivateDNSZoneContributor', managedIdentity.id)
+ scope: privateDnsZone
+ properties: {
+ principalId: managedIdentity.properties.principalId
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b12aa53e-6015-4669-85d0-8515ebb3ae7f') // Private DNS Zone Contributor
+ principalType: 'ServicePrincipal'
+ }
}
@description('The principal ID of the created Managed Identity.')
diff --git a/modules/container-service/managed-cluster/.test/priv/main.test.bicep b/modules/container-service/managed-cluster/.test/priv/main.test.bicep
index 13fb056ec4..c5ace56db5 100644
--- a/modules/container-service/managed-cluster/.test/priv/main.test.bicep
+++ b/modules/container-service/managed-cluster/.test/priv/main.test.bicep
@@ -142,7 +142,6 @@ module testDeployment '../../main.bicep' = {
aksClusterSkuTier: 'Standard'
aksClusterDnsServiceIP: '10.10.200.10'
aksClusterServiceCidr: '10.10.200.0/24'
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/container-service/managed-cluster/README.md b/modules/container-service/managed-cluster/README.md
index a601b0f019..88b9e2c128 100644
--- a/modules/container-service/managed-cluster/README.md
+++ b/modules/container-service/managed-cluster/README.md
@@ -86,7 +86,6 @@ This module deploys an Azure Kubernetes Service (AKS) Managed Cluster.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, cluster-autoscaler, guard, kube-apiserver, kube-audit, kube-audit-admin, kube-controller-manager, kube-scheduler]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
@@ -476,7 +475,6 @@ module managedCluster './container-service/managed-cluster/main.bicep' = {
aksClusterNetworkPlugin: 'azure'
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
diskEncryptionSetID: ''
@@ -661,9 +659,6 @@ module managedCluster './container-service/managed-cluster/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
@@ -853,7 +848,6 @@ module managedCluster './container-service/managed-cluster/main.bicep' = {
aksClusterNetworkPlugin: 'kubenet'
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -977,9 +971,6 @@ module managedCluster './container-service/managed-cluster/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
@@ -1176,7 +1167,6 @@ module managedCluster './container-service/managed-cluster/main.bicep' = {
aksClusterSkuTier: 'Standard'
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -1304,9 +1294,6 @@ module managedCluster './container-service/managed-cluster/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/container-service/managed-cluster/agent-pool/main.json b/modules/container-service/managed-cluster/agent-pool/main.json
index bc61a79771..51409f9928 100644
--- a/modules/container-service/managed-cluster/agent-pool/main.json
+++ b/modules/container-service/managed-cluster/agent-pool/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "14718876477350380320"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "9201392896338098875"
+ },
+ "name": "Azure Kubernetes Service (AKS) Managed Cluster Agent Pools",
+ "description": "This module deploys an Azure Kubernetes Service (AKS) Managed Cluster Agent Pool.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"managedClusterName": {
@@ -31,8 +34,8 @@
"count": {
"type": "int",
"defaultValue": 1,
- "maxValue": 1000,
"minValue": 0,
+ "maxValue": 1000,
"metadata": {
"description": "Optional. Desired Number of agents (VMs) specified to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1."
}
diff --git a/modules/container-service/managed-cluster/main.bicep b/modules/container-service/managed-cluster/main.bicep
index 7a0abfa63f..a07026f84b 100644
--- a/modules/container-service/managed-cluster/main.bicep
+++ b/modules/container-service/managed-cluster/main.bicep
@@ -284,11 +284,6 @@ param diagnosticEventHubAuthorizationRuleId string = ''
@description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category.')
param diagnosticEventHubName string = ''
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).')
param enableDefaultTelemetry bool = true
@@ -346,20 +341,12 @@ param diagnosticSettingsName string = ''
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -367,10 +354,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var identityType = systemAssignedIdentity ? 'SystemAssigned' : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None')
diff --git a/modules/container-service/managed-cluster/main.json b/modules/container-service/managed-cluster/main.json
index 661bc502cb..505ad190f3 100644
--- a/modules/container-service/managed-cluster/main.json
+++ b/modules/container-service/managed-cluster/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "8485307659564095159"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "2499528815561589714"
+ },
+ "name": "Azure Kubernetes Service (AKS) Managed Clusters",
+ "description": "This module deploys an Azure Kubernetes Service (AKS) Managed Cluster.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -362,13 +365,13 @@
"enableSecretRotation": {
"type": "string",
"defaultValue": "false",
- "metadata": {
- "description": "Optional. Specifies whether the KeyvaultSecretsProvider add-on uses secret rotation."
- },
"allowedValues": [
"false",
"true"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specifies whether the KeyvaultSecretsProvider add-on uses secret rotation."
+ }
},
"autoScalerProfileScanInterval": {
"type": "string",
@@ -429,26 +432,26 @@
"autoScalerProfileBalanceSimilarNodeGroups": {
"type": "string",
"defaultValue": "false",
- "metadata": {
- "description": "Optional. Specifies the balance of similar node groups for the auto-scaler of the AKS cluster."
- },
"allowedValues": [
"false",
"true"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specifies the balance of similar node groups for the auto-scaler of the AKS cluster."
+ }
},
"autoScalerProfileExpander": {
"type": "string",
"defaultValue": "random",
- "metadata": {
- "description": "Optional. Specifies the expand strategy for the auto-scaler of the AKS cluster."
- },
"allowedValues": [
"least-waste",
"most-pods",
"priority",
"random"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specifies the expand strategy for the auto-scaler of the AKS cluster."
+ }
},
"autoScalerProfileMaxEmptyBulkDelete": {
"type": "string",
@@ -488,24 +491,24 @@
"autoScalerProfileSkipNodesWithLocalStorage": {
"type": "string",
"defaultValue": "true",
- "metadata": {
- "description": "Optional. Specifies if nodes with local storage should be skipped for the auto-scaler of the AKS cluster."
- },
"allowedValues": [
"false",
"true"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specifies if nodes with local storage should be skipped for the auto-scaler of the AKS cluster."
+ }
},
"autoScalerProfileSkipNodesWithSystemPods": {
"type": "string",
"defaultValue": "true",
- "metadata": {
- "description": "Optional. Specifies if nodes with system pods should be skipped for the auto-scaler of the AKS cluster."
- },
"allowedValues": [
"false",
"true"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specifies if nodes with system pods should be skipped for the auto-scaler of the AKS cluster."
+ }
},
"podIdentityProfileAllowNetworkPluginKubenet": {
"type": "bool",
@@ -598,15 +601,6 @@
"description": "Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"enableDefaultTelemetry": {
"type": "bool",
"defaultValue": true,
@@ -624,14 +618,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"tags": {
"type": "object",
@@ -708,11 +702,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -721,15 +711,11 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
"identityType": "[if(parameters('systemAssignedIdentity'), 'SystemAssigned', if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]",
"identity": {
"type": "[variables('identityType')]",
@@ -993,9 +979,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "14718876477350380320"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "9201392896338098875"
+ },
+ "name": "Azure Kubernetes Service (AKS) Managed Cluster Agent Pools",
+ "description": "This module deploys an Azure Kubernetes Service (AKS) Managed Cluster Agent Pool.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"managedClusterName": {
@@ -1020,8 +1009,8 @@
"count": {
"type": "int",
"defaultValue": 1,
- "maxValue": 1000,
"minValue": 0,
+ "maxValue": 1000,
"metadata": {
"description": "Optional. Desired Number of agents (VMs) specified to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1."
}
@@ -1430,9 +1419,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "9994137923318557139"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "14118650678014878152"
+ },
+ "name": "Kubernetes Configuration Extensions",
+ "description": "This module deploys a Kubernetes Configuration Extension.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -1590,9 +1582,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "1433522452027494189"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "16353701795521321177"
+ },
+ "name": "Kubernetes Configuration Flux Configurations",
+ "description": "This module deploys a Kubernetes Configuration Flux Configuration.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -1657,23 +1652,23 @@
},
"scope": {
"type": "string",
- "metadata": {
- "description": "Required. Scope at which the configuration will be installed."
- },
"allowedValues": [
"cluster",
"namespace"
- ]
+ ],
+ "metadata": {
+ "description": "Required. Scope at which the configuration will be installed."
+ }
},
"sourceKind": {
"type": "string",
- "metadata": {
- "description": "Required. Source Kind to pull the configuration data from."
- },
"allowedValues": [
"Bucket",
"GitRepository"
- ]
+ ],
+ "metadata": {
+ "description": "Required. Source Kind to pull the configuration data from."
+ }
},
"suspend": {
"type": "bool",
@@ -1808,8 +1803,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16480761360924535352"
+ "version": "0.20.4.51522",
+ "templateHash": "4009331148405617632"
}
},
"parameters": {
diff --git a/modules/data-factory/factory/.test/common/dependencies.bicep b/modules/data-factory/factory/.test/common/dependencies.bicep
index 0a65641473..e83e155ace 100644
--- a/modules/data-factory/factory/.test/common/dependencies.bicep
+++ b/modules/data-factory/factory/.test/common/dependencies.bicep
@@ -15,93 +15,93 @@ param storageAccountName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'privatelink.datafactory.azure.net'
- location: 'global'
+ name: 'privatelink.datafactory.azure.net'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetworkName}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetworkName}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = {
- name: keyVaultName
- location: location
- properties: {
- sku: {
- family: 'A'
- name: 'standard'
- }
- tenantId: tenant().tenantId
- enablePurgeProtection: null
- enabledForTemplateDeployment: true
- enabledForDiskEncryption: true
- enabledForDeployment: true
- enableRbacAuthorization: true
- accessPolicies: []
+ name: keyVaultName
+ location: location
+ properties: {
+ sku: {
+ family: 'A'
+ name: 'standard'
}
-
- resource key 'keys@2022-07-01' = {
- name: 'encryptionKey'
- properties: {
- kty: 'RSA'
- }
+ tenantId: tenant().tenantId
+ enablePurgeProtection: null
+ enabledForTemplateDeployment: true
+ enabledForDiskEncryption: true
+ enabledForDeployment: true
+ enableRbacAuthorization: true
+ accessPolicies: []
+ }
+
+ resource key 'keys@2022-07-01' = {
+ name: 'encryptionKey'
+ properties: {
+ kty: 'RSA'
}
+ }
}
resource keyPermissions 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid('msi-${keyVault::key.id}-${location}-${managedIdentity.id}-KeyVault-Key-Read-RoleAssignment')
- scope: keyVault::key
- properties: {
- principalId: managedIdentity.properties.principalId
- // Key Vault Crypto User
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424')
- principalType: 'ServicePrincipal'
- }
+ name: guid('msi-${keyVault::key.id}-${location}-${managedIdentity.id}-KeyVault-Key-Read-RoleAssignment')
+ scope: keyVault::key
+ properties: {
+ principalId: managedIdentity.properties.principalId
+ // Key Vault Crypto User
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424')
+ principalType: 'ServicePrincipal'
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
resource storageAccount 'Microsoft.Storage/storageAccounts@2021-08-01' = {
- name: storageAccountName
- location: location
- kind: 'StorageV2'
- sku: {
- name: 'Standard_LRS'
- }
- properties: {
- allowBlobPublicAccess: false
- }
+ name: storageAccountName
+ location: location
+ kind: 'StorageV2'
+ sku: {
+ name: 'Standard_LRS'
+ }
+ properties: {
+ allowBlobPublicAccess: false
+ }
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/data-factory/factory/.test/common/main.test.bicep b/modules/data-factory/factory/.test/common/main.test.bicep
index 5b1ea3f79e..522aa02ad1 100644
--- a/modules/data-factory/factory/.test/common/main.test.bicep
+++ b/modules/data-factory/factory/.test/common/main.test.bicep
@@ -69,7 +69,6 @@ module testDeployment '../../main.bicep' = {
cMKKeyName: nestedDependencies.outputs.keyVaultEncryptionKeyName
cMKKeyVaultResourceId: nestedDependencies.outputs.keyVaultResourceId
cMKUserAssignedIdentityResourceId: nestedDependencies.outputs.managedIdentityResourceId
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/data-factory/factory/README.md b/modules/data-factory/factory/README.md
index 01a81857c9..fedd12666c 100644
--- a/modules/data-factory/factory/README.md
+++ b/modules/data-factory/factory/README.md
@@ -21,8 +21,8 @@ This module deploys a Data Factory.
| `Microsoft.DataFactory/factories/managedVirtualNetworks` | [2018-06-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.DataFactory/2018-06-01/factories/managedVirtualNetworks) |
| `Microsoft.DataFactory/factories/managedVirtualNetworks/managedPrivateEndpoints` | [2018-06-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.DataFactory/2018-06-01/factories/managedVirtualNetworks/managedPrivateEndpoints) |
| `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) |
-| `Microsoft.Network/privateEndpoints` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints) |
-| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints/privateDnsZoneGroups) |
+| `Microsoft.Network/privateEndpoints` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints) |
+| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints/privateDnsZoneGroups) |
## Parameters
@@ -48,7 +48,6 @@ This module deploys a Data Factory.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', ActivityRuns, allLogs, PipelineRuns, SSISIntegrationRuntimeLogs, SSISPackageEventMessageContext, SSISPackageEventMessages, SSISPackageExecutableStatistics, SSISPackageExecutionComponentPhases, SSISPackageExecutionDataStatistics, TriggerRuns]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
@@ -403,7 +402,6 @@ module factory './data-factory/factory/main.bicep' = {
cMKUserAssignedIdentityResourceId: ''
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -509,9 +507,6 @@ module factory './data-factory/factory/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/data-factory/factory/integration-runtime/main.json b/modules/data-factory/factory/integration-runtime/main.json
index 8b3636511a..bb811c619f 100644
--- a/modules/data-factory/factory/integration-runtime/main.json
+++ b/modules/data-factory/factory/integration-runtime/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4260654403827080373"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3532154338917341406"
+ },
+ "name": "Data Factory Integration RunTimes",
+ "description": "This module deploys a Data Factory Managed or Self-Hosted Integration Runtime.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"dataFactoryName": {
@@ -23,13 +26,13 @@
},
"type": {
"type": "string",
- "metadata": {
- "description": "Required. The type of Integration Runtime."
- },
"allowedValues": [
"Managed",
"SelfHosted"
- ]
+ ],
+ "metadata": {
+ "description": "Required. The type of Integration Runtime."
+ }
},
"managedVirtualNetworkName": {
"type": "string",
diff --git a/modules/data-factory/factory/main.bicep b/modules/data-factory/factory/main.bicep
index f4a7ae7072..ad5acd0751 100644
--- a/modules/data-factory/factory/main.bicep
+++ b/modules/data-factory/factory/main.bicep
@@ -55,11 +55,6 @@ param gitHostName string = ''
@description('Optional. List of Global Parameters for the factory.')
param globalParameters object = {}
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -133,20 +128,12 @@ param diagnosticSettingsName string = ''
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -154,10 +141,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.')
diff --git a/modules/data-factory/factory/main.json b/modules/data-factory/factory/main.json
index e089a69881..f6dcaebbfa 100644
--- a/modules/data-factory/factory/main.json
+++ b/modules/data-factory/factory/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "17442896935715609244"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "10840135215067371071"
+ },
+ "name": "Data Factories",
+ "description": "This module deploys a Data Factory.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -125,15 +128,6 @@
"description": "Optional. List of Global Parameters for the factory."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -165,14 +159,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"systemAssignedIdentity": {
"type": "bool",
@@ -293,11 +287,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -306,15 +296,11 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
"identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]",
"identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]",
"enableReferencedModulesTelemetry": false
@@ -410,9 +396,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "1965875674709533586"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "12310194736024387290"
+ },
+ "name": "Data Factory Managed Virtual Networks",
+ "description": "This module deploys a Data Factory Managed Virtual Network.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"dataFactoryName": {
@@ -508,9 +497,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15894355068813582548"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17089196483393073819"
+ },
+ "name": "Data Factory Managed Virtual Network Managed PrivateEndpoints",
+ "description": "This module deploys a Data Factory Managed Virtual Network Managed Private Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"dataFactoryName": {
@@ -674,9 +666,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "4260654403827080373"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3532154338917341406"
+ },
+ "name": "Data Factory Integration RunTimes",
+ "description": "This module deploys a Data Factory Managed or Self-Hosted Integration Runtime.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"dataFactoryName": {
@@ -693,13 +688,13 @@
},
"type": {
"type": "string",
- "metadata": {
- "description": "Required. The type of Integration Runtime."
- },
"allowedValues": [
"Managed",
"SelfHosted"
- ]
+ ],
+ "metadata": {
+ "description": "Required. The type of Integration Runtime."
+ }
},
"managedVirtualNetworkName": {
"type": "string",
@@ -815,8 +810,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "3903369935711152836"
+ "version": "0.20.4.51522",
+ "templateHash": "3166374464215651196"
}
},
"parameters": {
@@ -978,9 +973,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11825715538543749879"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13560297539192628062"
+ },
+ "name": "Private Endpoints",
+ "description": "This module deploys a Private Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -1045,14 +1043,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -1110,7 +1108,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
@@ -1175,9 +1173,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12684511314187066258"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17831763001460207830"
+ },
+ "name": "Private Endpoint Private DNS Zone Groups",
+ "description": "This module deploys a Private Endpoint Private DNS Zone Group.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"privateEndpointName": {
@@ -1188,8 +1189,8 @@
},
"privateDNSResourceIds": {
"type": "array",
- "maxLength": 5,
"minLength": 1,
+ "maxLength": 5,
"metadata": {
"description": "Required. Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones."
}
@@ -1240,7 +1241,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('name'))]",
"properties": {
"privateDnsZoneConfigs": "[variables('privateDnsZoneConfigs')]"
@@ -1310,8 +1311,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18055161250379920591"
+ "version": "0.20.4.51522",
+ "templateHash": "11548486149222715894"
}
},
"parameters": {
@@ -1481,7 +1482,7 @@
"metadata": {
"description": "The location the resource was deployed into."
},
- "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2022-07-01', 'full').location]"
+ "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2023-04-01', 'full').location]"
}
}
}
diff --git a/modules/data-factory/factory/managed-virtual-network/main.json b/modules/data-factory/factory/managed-virtual-network/main.json
index 4c92b4ce02..2885cf59b4 100644
--- a/modules/data-factory/factory/managed-virtual-network/main.json
+++ b/modules/data-factory/factory/managed-virtual-network/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "1965875674709533586"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "12310194736024387290"
+ },
+ "name": "Data Factory Managed Virtual Networks",
+ "description": "This module deploys a Data Factory Managed Virtual Network.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"dataFactoryName": {
@@ -102,9 +105,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15894355068813582548"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17089196483393073819"
+ },
+ "name": "Data Factory Managed Virtual Network Managed PrivateEndpoints",
+ "description": "This module deploys a Data Factory Managed Virtual Network Managed Private Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"dataFactoryName": {
diff --git a/modules/data-factory/factory/managed-virtual-network/managed-private-endpoint/main.json b/modules/data-factory/factory/managed-virtual-network/managed-private-endpoint/main.json
index 1992baa5aa..aa4a6643bf 100644
--- a/modules/data-factory/factory/managed-virtual-network/managed-private-endpoint/main.json
+++ b/modules/data-factory/factory/managed-virtual-network/managed-private-endpoint/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15894355068813582548"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17089196483393073819"
+ },
+ "name": "Data Factory Managed Virtual Network Managed PrivateEndpoints",
+ "description": "This module deploys a Data Factory Managed Virtual Network Managed Private Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"dataFactoryName": {
diff --git a/modules/data-protection/backup-vault/backup-policy/main.json b/modules/data-protection/backup-vault/backup-policy/main.json
index 94f66a26e9..1cb063c808 100644
--- a/modules/data-protection/backup-vault/backup-policy/main.json
+++ b/modules/data-protection/backup-vault/backup-policy/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15950464845862056522"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3184455103711973064"
+ },
+ "name": "Data Protection Backup Vault Backup Policies",
+ "description": "This module deploys a Data Protection Backup Vault Backup Policy.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"backupVaultName": {
diff --git a/modules/data-protection/backup-vault/main.json b/modules/data-protection/backup-vault/main.json
index 5b8ffdb3f9..3685bc8291 100644
--- a/modules/data-protection/backup-vault/main.json
+++ b/modules/data-protection/backup-vault/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "1811109282711100098"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "16372850809886319091"
+ },
+ "name": "Data Protection Backup Vaults",
+ "description": "This module deploys a Data Protection Backup Vault.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -39,14 +42,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"systemAssignedIdentity": {
"type": "bool",
@@ -89,13 +92,13 @@
"azureMonitorAlertSettingsAlertsForAllJobFailures": {
"type": "string",
"defaultValue": "Enabled",
- "metadata": {
- "description": "Optional. Settings for Azure Monitor based alerts for job failures."
- },
"allowedValues": [
"Disabled",
"Enabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Settings for Azure Monitor based alerts for job failures."
+ }
},
"backupPolicies": {
"type": "array",
@@ -193,9 +196,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15950464845862056522"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3184455103711973064"
+ },
+ "name": "Data Protection Backup Vault Backup Policies",
+ "description": "This module deploys a Data Protection Backup Vault Backup Policy.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"backupVaultName": {
@@ -311,8 +317,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "7094311822465776729"
+ "version": "0.20.4.51522",
+ "templateHash": "10253116074794957898"
}
},
"parameters": {
diff --git a/modules/databricks/workspace/.test/common/main.test.bicep b/modules/databricks/workspace/.test/common/main.test.bicep
index cad178b102..ff502e457c 100644
--- a/modules/databricks/workspace/.test/common/main.test.bicep
+++ b/modules/databricks/workspace/.test/common/main.test.bicep
@@ -67,7 +67,6 @@ module testDeployment '../../main.bicep' = {
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName
- diagnosticLogsRetentionInDays: 7
lock: 'CanNotDelete'
roleAssignments: [
{
diff --git a/modules/databricks/workspace/README.md b/modules/databricks/workspace/README.md
index d8e0d0bd23..bb9d78a717 100644
--- a/modules/databricks/workspace/README.md
+++ b/modules/databricks/workspace/README.md
@@ -34,7 +34,6 @@ This module deploys an Azure Databricks Workspace.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', accounts, allLogs, clusters, dbfs, instancePools, jobs, notebook, secrets, sqlPermissions, ssh, workspace]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. |
@@ -248,7 +247,6 @@ module workspace './databricks/workspace/main.bicep' = {
// Non-required parameters
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -293,9 +291,6 @@ module workspace './databricks/workspace/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/databricks/workspace/main.bicep b/modules/databricks/workspace/main.bicep
index 5c306dbc5e..585ff24171 100644
--- a/modules/databricks/workspace/main.bicep
+++ b/modules/databricks/workspace/main.bicep
@@ -25,11 +25,6 @@ param roleAssignments array = []
@description('Optional. The workspace\'s custom parameters.')
param parameters object = {}
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -81,20 +76,12 @@ param diagnosticSettingsName string = ''
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
diff --git a/modules/databricks/workspace/main.json b/modules/databricks/workspace/main.json
index 72214add59..2c5e42b8c7 100644
--- a/modules/databricks/workspace/main.json
+++ b/modules/databricks/workspace/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15914648850876491078"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17661847744091981452"
+ },
+ "name": "Azure Databricks Workspaces",
+ "description": "This module deploys an Azure Databricks Workspace.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -55,15 +58,6 @@
"description": "Optional. The workspace's custom parameters."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -95,14 +89,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"tags": {
"type": "object",
@@ -156,15 +150,11 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
"managedResourceGroupName": "[format('{0}-rg', parameters('name'))]",
"managedResourceGroupIdVar": "[format('{0}/resourceGroups/{1}', subscription().id, variables('managedResourceGroupName'))]"
},
@@ -262,8 +252,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "13613915507747675582"
+ "version": "0.20.4.51522",
+ "templateHash": "11920634368378558628"
}
},
"parameters": {
diff --git a/modules/db-for-my-sql/flexible-server/.test/private/dependencies.bicep b/modules/db-for-my-sql/flexible-server/.test/private/dependencies.bicep
index 0cede161b9..28572498b4 100644
--- a/modules/db-for-my-sql/flexible-server/.test/private/dependencies.bicep
+++ b/modules/db-for-my-sql/flexible-server/.test/private/dependencies.bicep
@@ -9,53 +9,53 @@ param managedIdentityName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-11-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
+ }
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ delegations: [
{
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- delegations: [
- {
- name: 'Microsoft.DBforMySQL.flexibleServers'
- properties: {
- serviceName: 'Microsoft.DBforMySQL/flexibleServers'
- }
- }
- ]
- }
+ name: 'Microsoft.DBforMySQL.flexibleServers'
+ properties: {
+ serviceName: 'Microsoft.DBforMySQL/flexibleServers'
+ }
}
- ]
- }
+ ]
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'private.mysql.database.azure.com'
- location: 'global'
+ name: 'private.mysql.database.azure.com'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/db-for-my-sql/flexible-server/.test/private/main.test.bicep b/modules/db-for-my-sql/flexible-server/.test/private/main.test.bicep
index 7610bb027e..b231316e74 100644
--- a/modules/db-for-my-sql/flexible-server/.test/private/main.test.bicep
+++ b/modules/db-for-my-sql/flexible-server/.test/private/main.test.bicep
@@ -108,6 +108,5 @@ module testDeployment '../../main.bicep' = {
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName
- diagnosticLogsRetentionInDays: 7
}
}
diff --git a/modules/db-for-my-sql/flexible-server/.test/public/main.test.bicep b/modules/db-for-my-sql/flexible-server/.test/public/main.test.bicep
index 80e9fb5864..8c2c60ec0d 100644
--- a/modules/db-for-my-sql/flexible-server/.test/public/main.test.bicep
+++ b/modules/db-for-my-sql/flexible-server/.test/public/main.test.bicep
@@ -156,6 +156,5 @@ module testDeployment '../../main.bicep' = {
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName
- diagnosticLogsRetentionInDays: 7
}
}
diff --git a/modules/db-for-my-sql/flexible-server/README.md b/modules/db-for-my-sql/flexible-server/README.md
index b9be319b7a..f75e0ea4e7 100644
--- a/modules/db-for-my-sql/flexible-server/README.md
+++ b/modules/db-for-my-sql/flexible-server/README.md
@@ -61,7 +61,6 @@ This module deploys a DBforMySQL Flexible Server.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, MySqlAuditLogs, MySqlSlowLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
@@ -324,7 +323,6 @@ module flexibleServer './db-for-my-sql/flexible-server/main.bicep' = {
delegatedSubnetResourceId: ''
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -404,9 +402,6 @@ module flexibleServer './db-for-my-sql/flexible-server/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
@@ -503,7 +498,6 @@ module flexibleServer './db-for-my-sql/flexible-server/main.bicep' = {
]
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -619,9 +613,6 @@ module flexibleServer './db-for-my-sql/flexible-server/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/db-for-my-sql/flexible-server/main.bicep b/modules/db-for-my-sql/flexible-server/main.bicep
index 17e2f6914d..1b2e3623cb 100644
--- a/modules/db-for-my-sql/flexible-server/main.bicep
+++ b/modules/db-for-my-sql/flexible-server/main.bicep
@@ -176,11 +176,6 @@ param firewallRules array = []
@description('Optional. Array of role assignment objects that contain the "roleDefinitionIdOrName" and "principalId" to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: "/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11".')
param roleAssignments array = []
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -218,20 +213,12 @@ param diagnosticSettingsName string = ''
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -239,10 +226,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
@description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).')
diff --git a/modules/db-for-my-sql/flexible-server/main.json b/modules/db-for-my-sql/flexible-server/main.json
index 29bf3f0dc4..ecfa7bf36e 100644
--- a/modules/db-for-my-sql/flexible-server/main.json
+++ b/modules/db-for-my-sql/flexible-server/main.json
@@ -5,7 +5,7 @@
"_generator": {
"name": "bicep",
"version": "0.20.4.51522",
- "templateHash": "10319315630521368786"
+ "templateHash": "8843810505050220871"
},
"name": "DBforMySQL Flexible Servers",
"description": "This module deploys a DBforMySQL Flexible Server.",
@@ -324,15 +324,6 @@
"description": "Optional. Array of role assignment objects that contain the \"roleDefinitionIdOrName\" and \"principalId\" to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \"/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\"."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "minValue": 0,
- "maxValue": 365,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -410,11 +401,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -423,15 +410,11 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
"identityType": "[if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None')]",
"identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]",
"enableReferencedModulesTelemetry": false
diff --git a/modules/db-for-postgre-sql/flexible-server/.test/private/dependencies.bicep b/modules/db-for-postgre-sql/flexible-server/.test/private/dependencies.bicep
index 59a6c539b6..8e1cbe19fd 100644
--- a/modules/db-for-postgre-sql/flexible-server/.test/private/dependencies.bicep
+++ b/modules/db-for-postgre-sql/flexible-server/.test/private/dependencies.bicep
@@ -9,53 +9,53 @@ param managedIdentityName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
+ }
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ delegations: [
{
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- delegations: [
- {
- name: 'Microsoft.DBforPostgreSQL.flexibleServers'
- properties: {
- serviceName: 'Microsoft.DBforPostgreSQL/flexibleServers'
- }
- }
- ]
- }
+ name: 'Microsoft.DBforPostgreSQL.flexibleServers'
+ properties: {
+ serviceName: 'Microsoft.DBforPostgreSQL/flexibleServers'
+ }
}
- ]
- }
+ ]
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: '${split(virtualNetworkName, '-')[1]}.postgres.database.azure.com'
- location: 'global'
+ name: '${split(virtualNetworkName, '-')[1]}.postgres.database.azure.com'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/db-for-postgre-sql/flexible-server/.test/private/main.test.bicep b/modules/db-for-postgre-sql/flexible-server/.test/private/main.test.bicep
index d4655ce3d2..1cf97fb1dd 100644
--- a/modules/db-for-postgre-sql/flexible-server/.test/private/main.test.bicep
+++ b/modules/db-for-postgre-sql/flexible-server/.test/private/main.test.bicep
@@ -99,7 +99,6 @@ module testDeployment '../../main.bicep' = {
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName
- diagnosticLogsRetentionInDays: 7
geoRedundantBackup: 'Enabled'
privateDnsZoneArmResourceId: nestedDependencies.outputs.privateDNSResourceId
tags: {
diff --git a/modules/db-for-postgre-sql/flexible-server/.test/public/main.test.bicep b/modules/db-for-postgre-sql/flexible-server/.test/public/main.test.bicep
index 021cae61be..6738b412df 100644
--- a/modules/db-for-postgre-sql/flexible-server/.test/public/main.test.bicep
+++ b/modules/db-for-postgre-sql/flexible-server/.test/public/main.test.bicep
@@ -99,7 +99,6 @@ module testDeployment '../../main.bicep' = {
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName
- diagnosticLogsRetentionInDays: 7
firewallRules: [
{
endIpAddress: '0.0.0.0'
diff --git a/modules/db-for-postgre-sql/flexible-server/README.md b/modules/db-for-postgre-sql/flexible-server/README.md
index d6a9a3a6db..75d89467cf 100644
--- a/modules/db-for-postgre-sql/flexible-server/README.md
+++ b/modules/db-for-postgre-sql/flexible-server/README.md
@@ -59,7 +59,6 @@ This module deploys a DBforPostgreSQL Flexible Server.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, PostgreSQLFlexDatabaseXacts, PostgreSQLFlexQueryStoreRuntime, PostgreSQLFlexQueryStoreWaitStats, PostgreSQLFlexSessions, PostgreSQLFlexTableStats, PostgreSQLLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
@@ -477,7 +476,6 @@ module flexibleServer './db-for-postgre-sql/flexible-server/main.bicep' = {
delegatedSubnetResourceId: ''
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -555,9 +553,6 @@ module flexibleServer './db-for-postgre-sql/flexible-server/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
@@ -627,7 +622,6 @@ module flexibleServer './db-for-postgre-sql/flexible-server/main.bicep' = {
]
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -735,9 +729,6 @@ module flexibleServer './db-for-postgre-sql/flexible-server/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/db-for-postgre-sql/flexible-server/main.bicep b/modules/db-for-postgre-sql/flexible-server/main.bicep
index 48ff43f1c2..ce8495ec2a 100644
--- a/modules/db-for-postgre-sql/flexible-server/main.bicep
+++ b/modules/db-for-postgre-sql/flexible-server/main.bicep
@@ -144,11 +144,6 @@ param tags object = {}
@description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).')
param enableDefaultTelemetry bool = true
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -190,20 +185,12 @@ param diagnosticSettingsName string = ''
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -211,10 +198,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var enableReferencedModulesTelemetry = false
diff --git a/modules/db-for-postgre-sql/flexible-server/main.json b/modules/db-for-postgre-sql/flexible-server/main.json
index 5cf324dc40..64868b74c1 100644
--- a/modules/db-for-postgre-sql/flexible-server/main.json
+++ b/modules/db-for-postgre-sql/flexible-server/main.json
@@ -5,7 +5,7 @@
"_generator": {
"name": "bicep",
"version": "0.20.4.51522",
- "templateHash": "12231440430796984538"
+ "templateHash": "1801764410852262795"
},
"name": "DBforPostgreSQL Flexible Servers",
"description": "This module deploys a DBforPostgreSQL Flexible Server.",
@@ -268,15 +268,6 @@
"description": "Optional. Enable telemetry via a Globally Unique Identifier (GUID)."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "minValue": 0,
- "maxValue": 365,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -351,11 +342,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -364,15 +351,11 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
"enableReferencedModulesTelemetry": false
},
"resources": [
diff --git a/modules/desktop-virtualization/application-group/.test/common/main.test.bicep b/modules/desktop-virtualization/application-group/.test/common/main.test.bicep
index 442aa41fdd..d49d0c91f9 100644
--- a/modules/desktop-virtualization/application-group/.test/common/main.test.bicep
+++ b/modules/desktop-virtualization/application-group/.test/common/main.test.bicep
@@ -85,7 +85,6 @@ module testDeployment '../../main.bicep' = {
}
]
description: 'This is my first Remote Applications bundle'
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/desktop-virtualization/application-group/README.md b/modules/desktop-virtualization/application-group/README.md
index 36c167f77a..0ea6d2af56 100644
--- a/modules/desktop-virtualization/application-group/README.md
+++ b/modules/desktop-virtualization/application-group/README.md
@@ -39,7 +39,6 @@ This module deploys an Azure Virtual Desktop (AVD) Application Group.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, Checkpoint, Error, Management]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
| `diagnosticWorkspaceId` | string | `''` | | Resource ID of log analytics. |
@@ -207,7 +206,6 @@ module applicationGroup './desktop-virtualization/application-group/main.bicep'
description: 'This is my first Remote Applications bundle'
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -283,9 +281,6 @@ module applicationGroup './desktop-virtualization/application-group/main.bicep'
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/desktop-virtualization/application-group/application/main.json b/modules/desktop-virtualization/application-group/application/main.json
index 7d33859d90..2621a89ffe 100644
--- a/modules/desktop-virtualization/application-group/application/main.json
+++ b/modules/desktop-virtualization/application-group/application/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11389546711531681509"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "7619639220591936340"
+ },
+ "name": "Azure Virtual Desktop (AVD) Application Group Applications",
+ "description": "This module deploys an Azure Virtual Desktop (AVD) Application Group Application.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"appGroupName": {
@@ -43,14 +46,14 @@
"commandLineSetting": {
"type": "string",
"defaultValue": "DoNotAllow",
- "metadata": {
- "description": "Optional. Specifies whether this published application can be launched with command-line arguments provided by the client, command-line arguments specified at publish time, or no command-line arguments at all."
- },
"allowedValues": [
"Allow",
"DoNotAllow",
"Require"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specifies whether this published application can be launched with command-line arguments provided by the client, command-line arguments specified at publish time, or no command-line arguments at all."
+ }
},
"commandLineArguments": {
"type": "string",
diff --git a/modules/desktop-virtualization/application-group/main.bicep b/modules/desktop-virtualization/application-group/main.bicep
index 4039305515..1323b46739 100644
--- a/modules/desktop-virtualization/application-group/main.bicep
+++ b/modules/desktop-virtualization/application-group/main.bicep
@@ -28,11 +28,6 @@ param description string = ''
@sys.description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.')
param roleAssignments array = []
-@sys.description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@sys.description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -80,20 +75,12 @@ param diagnosticSettingsName string = ''
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
diff --git a/modules/desktop-virtualization/application-group/main.json b/modules/desktop-virtualization/application-group/main.json
index e2712a7f72..273ac199e1 100644
--- a/modules/desktop-virtualization/application-group/main.json
+++ b/modules/desktop-virtualization/application-group/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "3969197583590852781"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "14308484478858567050"
+ },
+ "name": "Azure Virtual Desktop (AVD) Application Groups",
+ "description": "This module deploys an Azure Virtual Desktop (AVD) Application Group.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -60,15 +63,6 @@
"description": "Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -100,14 +94,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"tags": {
"type": "object",
@@ -161,15 +155,11 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
"enableReferencedModulesTelemetry": false
},
"resources": [
@@ -271,9 +261,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11389546711531681509"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "7619639220591936340"
+ },
+ "name": "Azure Virtual Desktop (AVD) Application Group Applications",
+ "description": "This module deploys an Azure Virtual Desktop (AVD) Application Group Application.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"appGroupName": {
@@ -310,14 +303,14 @@
"commandLineSetting": {
"type": "string",
"defaultValue": "DoNotAllow",
- "metadata": {
- "description": "Optional. Specifies whether this published application can be launched with command-line arguments provided by the client, command-line arguments specified at publish time, or no command-line arguments at all."
- },
"allowedValues": [
"Allow",
"DoNotAllow",
"Require"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specifies whether this published application can be launched with command-line arguments provided by the client, command-line arguments specified at publish time, or no command-line arguments at all."
+ }
},
"commandLineArguments": {
"type": "string",
@@ -449,8 +442,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15101328978713466551"
+ "version": "0.20.4.51522",
+ "templateHash": "1136039423442605560"
}
},
"parameters": {
diff --git a/modules/desktop-virtualization/host-pool/.test/common/main.test.bicep b/modules/desktop-virtualization/host-pool/.test/common/main.test.bicep
index 49e0912547..6fb06b4407 100644
--- a/modules/desktop-virtualization/host-pool/.test/common/main.test.bicep
+++ b/modules/desktop-virtualization/host-pool/.test/common/main.test.bicep
@@ -64,7 +64,6 @@ module testDeployment '../../main.bicep' = {
enableDefaultTelemetry: enableDefaultTelemetry
name: '${namePrefix}${serviceShort}001'
customRdpProperty: 'audiocapturemode:i:1;audiomode:i:0;drivestoredirect:s:;redirectclipboard:i:1;redirectcomports:i:1;redirectprinters:i:1;redirectsmartcards:i:1;screen mode id:i:2;'
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/desktop-virtualization/host-pool/README.md b/modules/desktop-virtualization/host-pool/README.md
index cf9fecd33d..d12faf2c33 100644
--- a/modules/desktop-virtualization/host-pool/README.md
+++ b/modules/desktop-virtualization/host-pool/README.md
@@ -43,7 +43,6 @@ This module deploys an Azure Virtual Desktop (AVD) Host Pool.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', AgentHealthStatus, allLogs, Checkpoint, Connection, Error, HostRegistration, Management]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. |
@@ -312,7 +311,6 @@ module hostPool './desktop-virtualization/host-pool/main.bicep' = {
description: 'My first AVD Host Pool'
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -403,9 +401,6 @@ module hostPool './desktop-virtualization/host-pool/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/desktop-virtualization/host-pool/main.bicep b/modules/desktop-virtualization/host-pool/main.bicep
index 2d089de365..483e0faa44 100644
--- a/modules/desktop-virtualization/host-pool/main.bicep
+++ b/modules/desktop-virtualization/host-pool/main.bicep
@@ -56,11 +56,6 @@ param tokenValidityLength string = 'PT8H'
@sys.description('Generated. Do not provide a value! This date value is used to generate a registration token.')
param baseTime string = utcNow('u')
-@sys.description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@sys.description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -147,7 +142,6 @@ param agentUpdate object = {
useSessionHostLocalTime: agentUpdateUseSessionHostLocalTime
}
-
@sys.description('Optional. The ring number of HostPool.')
param ring int = -1
@@ -193,20 +187,12 @@ param diagnosticSettingsName string = ''
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
diff --git a/modules/desktop-virtualization/host-pool/main.json b/modules/desktop-virtualization/host-pool/main.json
index afe03f458b..fa73ba0804 100644
--- a/modules/desktop-virtualization/host-pool/main.json
+++ b/modules/desktop-virtualization/host-pool/main.json
@@ -4,8 +4,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.18.4.5664",
- "templateHash": "8022860912421276738"
+ "version": "0.20.4.51522",
+ "templateHash": "11648715346210984085"
},
"name": "Azure Virtual Desktop (AVD) Host Pools",
"description": "This module deploys an Azure Virtual Desktop (AVD) Host Pool.",
@@ -117,15 +117,6 @@
"description": "Generated. Do not provide a value! This date value is used to generate a registration token."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -157,14 +148,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"tags": {
"type": "object",
@@ -220,8 +211,8 @@
"agentUpdateMaintenanceWindowHour": {
"type": "int",
"defaultValue": 22,
- "maxValue": 23,
"minValue": 1,
+ "maxValue": 23,
"metadata": {
"description": "Optional. Update hour for scheduled agent updates."
}
@@ -356,15 +347,11 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
"tokenExpirationTime": "[dateTimeAdd(parameters('baseTime'), parameters('tokenValidityLength'))]"
},
"resources": [
@@ -478,8 +465,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.18.4.5664",
- "templateHash": "14279396732857224845"
+ "version": "0.20.4.51522",
+ "templateHash": "18049817812681767445"
}
},
"parameters": {
diff --git a/modules/desktop-virtualization/scaling-plan/.test/common/main.test.bicep b/modules/desktop-virtualization/scaling-plan/.test/common/main.test.bicep
index d89579726b..e2704b6908 100644
--- a/modules/desktop-virtualization/scaling-plan/.test/common/main.test.bicep
+++ b/modules/desktop-virtualization/scaling-plan/.test/common/main.test.bicep
@@ -72,7 +72,6 @@ module testDeployment '../../main.bicep' = {
principalType: 'ServicePrincipal'
}
]
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/desktop-virtualization/scaling-plan/README.md b/modules/desktop-virtualization/scaling-plan/README.md
index 28ec89ea82..b964c6f5bb 100644
--- a/modules/desktop-virtualization/scaling-plan/README.md
+++ b/modules/desktop-virtualization/scaling-plan/README.md
@@ -34,7 +34,6 @@ This module deploys an Azure Virtual Desktop (AVD) Scaling Plan.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, Autoscale]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. |
| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). |
@@ -286,7 +285,6 @@ module scalingPlan './desktop-virtualization/scaling-plan/main.bicep' = {
description: 'My Scaling Plan Description'
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -335,9 +333,6 @@ module scalingPlan './desktop-virtualization/scaling-plan/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/desktop-virtualization/scaling-plan/main.bicep b/modules/desktop-virtualization/scaling-plan/main.bicep
index aca6eb13b3..dab1c3fff6 100644
--- a/modules/desktop-virtualization/scaling-plan/main.bicep
+++ b/modules/desktop-virtualization/scaling-plan/main.bicep
@@ -75,11 +75,6 @@ param hostPoolReferences array = []
@sys.description('Optional. Tags of the resource.')
param tags object = {}
-@sys.description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@sys.description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -111,20 +106,12 @@ param diagnosticLogCategoriesToEnable array = [
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
diff --git a/modules/desktop-virtualization/scaling-plan/main.json b/modules/desktop-virtualization/scaling-plan/main.json
index 365c521409..de51fe69a8 100644
--- a/modules/desktop-virtualization/scaling-plan/main.json
+++ b/modules/desktop-virtualization/scaling-plan/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "6860109665020209749"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "10391957957992354423"
+ },
+ "name": "Azure Virtual Desktop (AVD) Scaling Plans",
+ "description": "This module deploys an Azure Virtual Desktop (AVD) Scaling Plan.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -47,12 +50,12 @@
"hostPoolType": {
"type": "string",
"defaultValue": "Pooled",
- "metadata": {
- "description": "Optional. The type of hostpool where this scaling plan should be applied."
- },
"allowedValues": [
"Pooled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The type of hostpool where this scaling plan should be applied."
+ }
},
"exclusionTag": {
"type": "string",
@@ -121,15 +124,6 @@
"description": "Optional. Tags of the resource."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -194,15 +188,11 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
},
"resources": [
{
@@ -286,8 +276,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15871536856748411551"
+ "version": "0.20.4.51522",
+ "templateHash": "3278048928000577121"
}
},
"parameters": {
diff --git a/modules/desktop-virtualization/workspace/.test/common/main.test.bicep b/modules/desktop-virtualization/workspace/.test/common/main.test.bicep
index 8d0ec90d33..47db31d8fa 100644
--- a/modules/desktop-virtualization/workspace/.test/common/main.test.bicep
+++ b/modules/desktop-virtualization/workspace/.test/common/main.test.bicep
@@ -68,7 +68,6 @@ module testDeployment '../../main.bicep' = {
appGroupResourceIds: [
nestedDependencies.outputs.applicationGroupResourceId
]
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/desktop-virtualization/workspace/README.md b/modules/desktop-virtualization/workspace/README.md
index f1be8d6dec..dc530682df 100644
--- a/modules/desktop-virtualization/workspace/README.md
+++ b/modules/desktop-virtualization/workspace/README.md
@@ -36,7 +36,6 @@ This module deploys an Azure Virtual Desktop (AVD) Workspace.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, Checkpoint, Error, Feed, Management]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. |
@@ -187,7 +186,6 @@ module workspace './desktop-virtualization/workspace/main.bicep' = {
description: 'This is my first AVD Workspace'
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -242,9 +240,6 @@ module workspace './desktop-virtualization/workspace/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/desktop-virtualization/workspace/main.bicep b/modules/desktop-virtualization/workspace/main.bicep
index c3a018fa0e..6cf547dee5 100644
--- a/modules/desktop-virtualization/workspace/main.bicep
+++ b/modules/desktop-virtualization/workspace/main.bicep
@@ -17,11 +17,6 @@ param friendlyName string = ''
@sys.description('Optional. The description of the Workspace to be created.')
param description string = ''
-@sys.description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@sys.description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -70,20 +65,12 @@ param diagnosticSettingsName string = ''
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
diff --git a/modules/desktop-virtualization/workspace/main.json b/modules/desktop-virtualization/workspace/main.json
index ad8bcfb2d3..04f72d5514 100644
--- a/modules/desktop-virtualization/workspace/main.json
+++ b/modules/desktop-virtualization/workspace/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12702406365485231955"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "5583996217532008926"
+ },
+ "name": "Azure Virtual Desktop (AVD) Workspaces",
+ "description": "This module deploys an Azure Virtual Desktop (AVD) Workspace.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -43,15 +46,6 @@
"description": "Optional. The description of the Workspace to be created."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -83,14 +77,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"tags": {
"type": "object",
@@ -145,15 +139,11 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
},
"resources": [
{
@@ -247,8 +237,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18072016089387616568"
+ "version": "0.20.4.51522",
+ "templateHash": "9018764467732457380"
}
},
"parameters": {
diff --git a/modules/dev-test-lab/lab/.test/common/dependencies.bicep b/modules/dev-test-lab/lab/.test/common/dependencies.bicep
index ed9d63d47d..929699f11a 100644
--- a/modules/dev-test-lab/lab/.test/common/dependencies.bicep
+++ b/modules/dev-test-lab/lab/.test/common/dependencies.bicep
@@ -19,94 +19,94 @@ param virtualNetworkName string
var addressPrefix = '10.0.0.0/16'
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = {
- name: keyVaultName
- location: location
- properties: {
- sku: {
- family: 'A'
- name: 'standard'
- }
- tenantId: tenant().tenantId
- enablePurgeProtection: true // Required for encrption to work
- softDeleteRetentionInDays: 7
- enabledForTemplateDeployment: true
- enabledForDiskEncryption: true
- enabledForDeployment: true
- enableRbacAuthorization: true
- accessPolicies: []
+ name: keyVaultName
+ location: location
+ properties: {
+ sku: {
+ family: 'A'
+ name: 'standard'
}
-
- resource key 'keys@2022-07-01' = {
- name: 'encryptionKey'
- properties: {
- kty: 'RSA'
- }
+ tenantId: tenant().tenantId
+ enablePurgeProtection: true // Required for encrption to work
+ softDeleteRetentionInDays: 7
+ enabledForTemplateDeployment: true
+ enabledForDiskEncryption: true
+ enabledForDeployment: true
+ enableRbacAuthorization: true
+ accessPolicies: []
+ }
+
+ resource key 'keys@2022-07-01' = {
+ name: 'encryptionKey'
+ properties: {
+ kty: 'RSA'
}
+ }
}
resource diskEncryptionSet 'Microsoft.Compute/diskEncryptionSets@2021-04-01' = {
- name: diskEncryptionSetName
- location: location
- identity: {
- type: 'SystemAssigned'
- }
- properties: {
- activeKey: {
- sourceVault: {
- id: keyVault.id
- }
- keyUrl: keyVault::key.properties.keyUriWithVersion
- }
- encryptionType: 'EncryptionAtRestWithCustomerKey'
+ name: diskEncryptionSetName
+ location: location
+ identity: {
+ type: 'SystemAssigned'
+ }
+ properties: {
+ activeKey: {
+ sourceVault: {
+ id: keyVault.id
+ }
+ keyUrl: keyVault::key.properties.keyUriWithVersion
}
+ encryptionType: 'EncryptionAtRestWithCustomerKey'
+ }
}
resource keyPermissions 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid('msi-${keyVault.id}-${location}-${diskEncryptionSet.id}-KeyVault-Key-Read-RoleAssignment')
- scope: keyVault
- properties: {
- principalId: diskEncryptionSet.identity.principalId
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'e147488a-f6f5-4113-8e2d-b22465e65bf6') // Key Vault Crypto Service Encryption User
- principalType: 'ServicePrincipal'
- }
+ name: guid('msi-${keyVault.id}-${location}-${diskEncryptionSet.id}-KeyVault-Key-Read-RoleAssignment')
+ scope: keyVault
+ properties: {
+ principalId: diskEncryptionSet.identity.principalId
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'e147488a-f6f5-4113-8e2d-b22465e65bf6') // Key Vault Crypto Service Encryption User
+ principalType: 'ServicePrincipal'
+ }
}
resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = {
- name: storageAccountName
- location: location
- kind: 'StorageV2'
- sku: {
- name: 'Standard_LRS'
- }
- properties: {
- allowBlobPublicAccess: false
- publicNetworkAccess: 'Disabled'
- }
+ name: storageAccountName
+ location: location
+ kind: 'StorageV2'
+ sku: {
+ name: 'Standard_LRS'
+ }
+ properties: {
+ allowBlobPublicAccess: false
+ publicNetworkAccess: 'Disabled'
+ }
}
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
@description('The name of the created Virtual Network.')
diff --git a/modules/dev-test-lab/lab/artifactsource/main.json b/modules/dev-test-lab/lab/artifactsource/main.json
index ae102ff2f1..9056139395 100644
--- a/modules/dev-test-lab/lab/artifactsource/main.json
+++ b/modules/dev-test-lab/lab/artifactsource/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "2705905798561744734"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "10765635521160351928"
+ },
+ "name": "DevTest Lab Artifact Sources",
+ "description": "This module deploys a DevTest Lab Artifact Source.\r\n\r\nAn artifact source allows you to create custom artifacts for the VMs in the lab, or use Azure Resource Manager templates to create a custom test environment. You must add a private Git repository for the artifacts or Resource Manager templates that your team creates. The repository can be hosted on GitHub or on Azure DevOps Services.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"labName": {
@@ -66,26 +69,26 @@
"sourceType": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. The artifact source's type."
- },
"allowedValues": [
"",
"GitHub",
"StorageAccount",
"VsoGit"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The artifact source's type."
+ }
},
"status": {
"type": "string",
"defaultValue": "Enabled",
- "metadata": {
- "description": "Optional. Indicates if the artifact source is enabled (values: Enabled, Disabled). Default is \"Enabled\"."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Indicates if the artifact source is enabled (values: Enabled, Disabled). Default is \"Enabled\"."
+ }
},
"uri": {
"type": "string",
diff --git a/modules/dev-test-lab/lab/cost/main.json b/modules/dev-test-lab/lab/cost/main.json
index 5cd2d67273..5c385935d5 100644
--- a/modules/dev-test-lab/lab/cost/main.json
+++ b/modules/dev-test-lab/lab/cost/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "7115830072126257185"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "4166206931202072952"
+ },
+ "name": "DevTest Lab Costs",
+ "description": "This module deploys a DevTest Lab Cost.\r\n\r\nManage lab costs by setting a spending target that can be viewed in the Monthly Estimated Cost Trend chart. DevTest Labs can send a notification when spending reaches the specified target threshold.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"labName": {
@@ -17,13 +20,13 @@
},
"cycleType": {
"type": "string",
- "metadata": {
- "description": "Required. Reporting cycle type."
- },
"allowedValues": [
"Custom",
"CalendarMonth"
- ]
+ ],
+ "metadata": {
+ "description": "Required. Reporting cycle type."
+ }
},
"tags": {
"type": "object",
@@ -49,13 +52,13 @@
"status": {
"type": "string",
"defaultValue": "Enabled",
- "metadata": {
- "description": "Optional. Target cost status."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target cost status."
+ }
},
"target": {
"type": "int",
@@ -74,112 +77,112 @@
"thresholdValue25DisplayOnChart": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target Cost threshold at 25% display on chart. Indicates whether this threshold will be displayed on cost charts."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target Cost threshold at 25% display on chart. Indicates whether this threshold will be displayed on cost charts."
+ }
},
"thresholdValue25SendNotificationWhenExceeded": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target cost threshold at 25% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target cost threshold at 25% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
+ }
},
"thresholdValue50DisplayOnChart": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target Cost threshold at 50% display on chart. Indicates whether this threshold will be displayed on cost charts."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target Cost threshold at 50% display on chart. Indicates whether this threshold will be displayed on cost charts."
+ }
},
"thresholdValue50SendNotificationWhenExceeded": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target cost threshold at 50% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target cost threshold at 50% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
+ }
},
"thresholdValue75DisplayOnChart": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target Cost threshold at 75% display on chart. Indicates whether this threshold will be displayed on cost charts."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target Cost threshold at 75% display on chart. Indicates whether this threshold will be displayed on cost charts."
+ }
},
"thresholdValue75SendNotificationWhenExceeded": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target cost threshold at 75% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target cost threshold at 75% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
+ }
},
"thresholdValue100DisplayOnChart": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target Cost threshold at 100% display on chart. Indicates whether this threshold will be displayed on cost charts."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target Cost threshold at 100% display on chart. Indicates whether this threshold will be displayed on cost charts."
+ }
},
"thresholdValue100SendNotificationWhenExceeded": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target cost threshold at 100% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target cost threshold at 100% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
+ }
},
"thresholdValue125DisplayOnChart": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target Cost threshold at 125% display on chart. Indicates whether this threshold will be displayed on cost charts."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target Cost threshold at 125% display on chart. Indicates whether this threshold will be displayed on cost charts."
+ }
},
"thresholdValue125SendNotificationWhenExceeded": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target cost threshold at 125% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target cost threshold at 125% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
+ }
},
"enableDefaultTelemetry": {
"type": "bool",
diff --git a/modules/dev-test-lab/lab/main.json b/modules/dev-test-lab/lab/main.json
index a7c90cbc16..5160f5d5f1 100644
--- a/modules/dev-test-lab/lab/main.json
+++ b/modules/dev-test-lab/lab/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15404563432190354"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "6928988461229718614"
+ },
+ "name": "DevTest Labs",
+ "description": "This module deploys a DevTest Lab.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -25,14 +28,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -58,13 +61,13 @@
"environmentPermission": {
"type": "string",
"defaultValue": "Reader",
- "metadata": {
- "description": "Optional. The access rights to be granted to the user when provisioning an environment."
- },
"allowedValues": [
"Contributor",
"Reader"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The access rights to be granted to the user when provisioning an environment."
+ }
},
"extendedProperties": {
"type": "object",
@@ -76,14 +79,14 @@
"labStorageType": {
"type": "string",
"defaultValue": "Premium",
- "metadata": {
- "description": "Optional. Type of storage used by the lab. It can be either Premium or Standard."
- },
"allowedValues": [
"Standard",
"StandardSSD",
"Premium"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Type of storage used by the lab. It can be either Premium or Standard."
+ }
},
"artifactsStorageAccount": {
"type": "string",
@@ -109,13 +112,13 @@
"premiumDataDisks": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. The setting to enable usage of premium data disks. When its value is \"Enabled\", creation of standard or premium data disks is allowed. When its value is \"Disabled\", only creation of standard data disks is allowed. Default is \"Disabled\"."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The setting to enable usage of premium data disks. When its value is \"Enabled\", creation of standard or premium data disks is allowed. When its value is \"Disabled\", only creation of standard data disks is allowed. Default is \"Disabled\"."
+ }
},
"support": {
"type": "object",
@@ -148,13 +151,13 @@
"browserConnect": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Enable browser connect on virtual machines if the lab's VNETs have configured Azure Bastion."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Enable browser connect on virtual machines if the lab's VNETs have configured Azure Bastion."
+ }
},
"disableAutoUpgradeCseMinorVersion": {
"type": "bool",
@@ -166,24 +169,24 @@
"isolateLabResources": {
"type": "string",
"defaultValue": "Enabled",
- "metadata": {
- "description": "Optional. Enable lab resources isolation from the public internet."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Enable lab resources isolation from the public internet."
+ }
},
"encryptionType": {
"type": "string",
"defaultValue": "EncryptionAtRestWithPlatformKey",
- "metadata": {
- "description": "Optional. Specify how OS and data disks created as part of the lab are encrypted."
- },
"allowedValues": [
"EncryptionAtRestWithPlatformKey",
"EncryptionAtRestWithCustomerKey"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify how OS and data disks created as part of the lab are encrypted."
+ }
},
"encryptionDiskEncryptionSetId": {
"type": "string",
@@ -344,9 +347,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "10889431821569458862"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3541849489263903716"
+ },
+ "name": "DevTest Lab Virtual Networks",
+ "description": "This module deploys a DevTest Lab Virtual Network.\r\n\r\nLab virtual machines must be deployed into a virtual network. This resource type allows configuring the virtual network and subnet settings used for the lab virtual machines.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"labName": {
@@ -505,9 +511,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "1906322712473031665"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "9961899772573814013"
+ },
+ "name": "DevTest Lab Policy Sets Policies",
+ "description": "This module deploys a DevTest Lab Policy Sets Policy.\r\n\r\nDevTest lab policies are used to modify the lab settings such as only allowing certain VM Size SKUs, marketplace image types, number of VMs allowed per user and other settings.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"labName": {
@@ -545,13 +554,13 @@
},
"evaluatorType": {
"type": "string",
- "metadata": {
- "description": "Required. The evaluator type of the policy (i.e. AllowedValuesPolicy, MaxValuePolicy)."
- },
"allowedValues": [
"AllowedValuesPolicy",
"MaxValuePolicy"
- ]
+ ],
+ "metadata": {
+ "description": "Required. The evaluator type of the policy (i.e. AllowedValuesPolicy, MaxValuePolicy)."
+ }
},
"factData": {
"type": "string",
@@ -562,9 +571,6 @@
},
"factName": {
"type": "string",
- "metadata": {
- "description": "Required. The fact name of the policy."
- },
"allowedValues": [
"EnvironmentTemplate",
"GalleryImage",
@@ -576,18 +582,21 @@
"UserOwnedLabPremiumVmCount",
"UserOwnedLabVmCount",
"UserOwnedLabVmCountInSubnet"
- ]
+ ],
+ "metadata": {
+ "description": "Required. The fact name of the policy."
+ }
},
"status": {
"type": "string",
"defaultValue": "Enabled",
- "metadata": {
- "description": "Optional. The status of the policy."
- },
"allowedValues": [
"Disabled",
"Enabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The status of the policy."
+ }
},
"threshold": {
"type": "string",
@@ -706,9 +715,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18085550684061495455"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "12427678703978539260"
+ },
+ "name": "DevTest Lab Schedules",
+ "description": "This module deploys a DevTest Lab Schedule.\r\n\r\nLab schedules are used to modify the settings for auto-shutdown, auto-start for lab virtual machines.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"labName": {
@@ -719,23 +731,23 @@
},
"name": {
"type": "string",
- "metadata": {
- "description": "Required. The name of the schedule."
- },
"allowedValues": [
"LabVmsShutdown",
"LabVmAutoStart"
- ]
+ ],
+ "metadata": {
+ "description": "Required. The name of the schedule."
+ }
},
"taskType": {
"type": "string",
- "metadata": {
- "description": "Required. The task type of the schedule (e.g. LabVmsShutdownTask, LabVmsStartupTask)."
- },
"allowedValues": [
"LabVmsShutdownTask",
"LabVmsStartupTask"
- ]
+ ],
+ "metadata": {
+ "description": "Required. The task type of the schedule (e.g. LabVmsShutdownTask, LabVmsStartupTask)."
+ }
},
"tags": {
"type": "object",
@@ -768,13 +780,13 @@
"status": {
"type": "string",
"defaultValue": "Enabled",
- "metadata": {
- "description": "Optional. The status of the schedule (i.e. Enabled, Disabled)."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The status of the schedule (i.e. Enabled, Disabled)."
+ }
},
"targetResourceId": {
"type": "string",
@@ -793,13 +805,13 @@
"notificationSettingsStatus": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. If notifications are enabled for this schedule (i.e. Enabled, Disabled)."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. If notifications are enabled for this schedule (i.e. Enabled, Disabled)."
+ }
},
"notificationSettingsTimeInMinutes": {
"type": "int",
@@ -917,9 +929,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16463919279899526398"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "16877948453352231958"
+ },
+ "name": "DevTest Lab Notification Channels",
+ "description": "This module deploys a DevTest Lab Notification Channel.\r\n\r\nNotification channels are used by the schedule resource type in order to send notifications or events to email addresses and/or webhooks.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"labName": {
@@ -930,13 +945,13 @@
},
"name": {
"type": "string",
- "metadata": {
- "description": "Required. The name of the notification channel."
- },
"allowedValues": [
"autoShutdown",
"costThreshold"
- ]
+ ],
+ "metadata": {
+ "description": "Required. The name of the notification channel."
+ }
},
"tags": {
"type": "object",
@@ -1088,9 +1103,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "2705905798561744734"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "10765635521160351928"
+ },
+ "name": "DevTest Lab Artifact Sources",
+ "description": "This module deploys a DevTest Lab Artifact Source.\r\n\r\nAn artifact source allows you to create custom artifacts for the VMs in the lab, or use Azure Resource Manager templates to create a custom test environment. You must add a private Git repository for the artifacts or Resource Manager templates that your team creates. The repository can be hosted on GitHub or on Azure DevOps Services.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"labName": {
@@ -1150,26 +1168,26 @@
"sourceType": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. The artifact source's type."
- },
"allowedValues": [
"",
"GitHub",
"StorageAccount",
"VsoGit"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The artifact source's type."
+ }
},
"status": {
"type": "string",
"defaultValue": "Enabled",
- "metadata": {
- "description": "Optional. Indicates if the artifact source is enabled (values: Enabled, Disabled). Default is \"Enabled\"."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Indicates if the artifact source is enabled (values: Enabled, Disabled). Default is \"Enabled\"."
+ }
},
"uri": {
"type": "string",
@@ -1291,9 +1309,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "7115830072126257185"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "4166206931202072952"
+ },
+ "name": "DevTest Lab Costs",
+ "description": "This module deploys a DevTest Lab Cost.\r\n\r\nManage lab costs by setting a spending target that can be viewed in the Monthly Estimated Cost Trend chart. DevTest Labs can send a notification when spending reaches the specified target threshold.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"labName": {
@@ -1304,13 +1325,13 @@
},
"cycleType": {
"type": "string",
- "metadata": {
- "description": "Required. Reporting cycle type."
- },
"allowedValues": [
"Custom",
"CalendarMonth"
- ]
+ ],
+ "metadata": {
+ "description": "Required. Reporting cycle type."
+ }
},
"tags": {
"type": "object",
@@ -1336,13 +1357,13 @@
"status": {
"type": "string",
"defaultValue": "Enabled",
- "metadata": {
- "description": "Optional. Target cost status."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target cost status."
+ }
},
"target": {
"type": "int",
@@ -1361,112 +1382,112 @@
"thresholdValue25DisplayOnChart": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target Cost threshold at 25% display on chart. Indicates whether this threshold will be displayed on cost charts."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target Cost threshold at 25% display on chart. Indicates whether this threshold will be displayed on cost charts."
+ }
},
"thresholdValue25SendNotificationWhenExceeded": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target cost threshold at 25% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target cost threshold at 25% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
+ }
},
"thresholdValue50DisplayOnChart": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target Cost threshold at 50% display on chart. Indicates whether this threshold will be displayed on cost charts."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target Cost threshold at 50% display on chart. Indicates whether this threshold will be displayed on cost charts."
+ }
},
"thresholdValue50SendNotificationWhenExceeded": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target cost threshold at 50% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target cost threshold at 50% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
+ }
},
"thresholdValue75DisplayOnChart": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target Cost threshold at 75% display on chart. Indicates whether this threshold will be displayed on cost charts."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target Cost threshold at 75% display on chart. Indicates whether this threshold will be displayed on cost charts."
+ }
},
"thresholdValue75SendNotificationWhenExceeded": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target cost threshold at 75% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target cost threshold at 75% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
+ }
},
"thresholdValue100DisplayOnChart": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target Cost threshold at 100% display on chart. Indicates whether this threshold will be displayed on cost charts."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target Cost threshold at 100% display on chart. Indicates whether this threshold will be displayed on cost charts."
+ }
},
"thresholdValue100SendNotificationWhenExceeded": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target cost threshold at 100% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target cost threshold at 100% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
+ }
},
"thresholdValue125DisplayOnChart": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target Cost threshold at 125% display on chart. Indicates whether this threshold will be displayed on cost charts."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target Cost threshold at 125% display on chart. Indicates whether this threshold will be displayed on cost charts."
+ }
},
"thresholdValue125SendNotificationWhenExceeded": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. Target cost threshold at 125% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Target cost threshold at 125% send notification when exceeded. Indicates whether notifications will be sent when this threshold is exceeded."
+ }
},
"enableDefaultTelemetry": {
"type": "bool",
@@ -1615,8 +1636,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "14668218410139786404"
+ "version": "0.20.4.51522",
+ "templateHash": "14124087164727132861"
}
},
"parameters": {
diff --git a/modules/dev-test-lab/lab/notificationchannel/main.json b/modules/dev-test-lab/lab/notificationchannel/main.json
index 4ba3408cee..0a723cda14 100644
--- a/modules/dev-test-lab/lab/notificationchannel/main.json
+++ b/modules/dev-test-lab/lab/notificationchannel/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "16463919279899526398"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "16877948453352231958"
+ },
+ "name": "DevTest Lab Notification Channels",
+ "description": "This module deploys a DevTest Lab Notification Channel.\r\n\r\nNotification channels are used by the schedule resource type in order to send notifications or events to email addresses and/or webhooks.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"labName": {
@@ -17,13 +20,13 @@
},
"name": {
"type": "string",
- "metadata": {
- "description": "Required. The name of the notification channel."
- },
"allowedValues": [
"autoShutdown",
"costThreshold"
- ]
+ ],
+ "metadata": {
+ "description": "Required. The name of the notification channel."
+ }
},
"tags": {
"type": "object",
diff --git a/modules/dev-test-lab/lab/policyset/policy/main.json b/modules/dev-test-lab/lab/policyset/policy/main.json
index cf5f210223..5f4ddafad9 100644
--- a/modules/dev-test-lab/lab/policyset/policy/main.json
+++ b/modules/dev-test-lab/lab/policyset/policy/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "1906322712473031665"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "9961899772573814013"
+ },
+ "name": "DevTest Lab Policy Sets Policies",
+ "description": "This module deploys a DevTest Lab Policy Sets Policy.\r\n\r\nDevTest lab policies are used to modify the lab settings such as only allowing certain VM Size SKUs, marketplace image types, number of VMs allowed per user and other settings.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"labName": {
@@ -44,13 +47,13 @@
},
"evaluatorType": {
"type": "string",
- "metadata": {
- "description": "Required. The evaluator type of the policy (i.e. AllowedValuesPolicy, MaxValuePolicy)."
- },
"allowedValues": [
"AllowedValuesPolicy",
"MaxValuePolicy"
- ]
+ ],
+ "metadata": {
+ "description": "Required. The evaluator type of the policy (i.e. AllowedValuesPolicy, MaxValuePolicy)."
+ }
},
"factData": {
"type": "string",
@@ -61,9 +64,6 @@
},
"factName": {
"type": "string",
- "metadata": {
- "description": "Required. The fact name of the policy."
- },
"allowedValues": [
"EnvironmentTemplate",
"GalleryImage",
@@ -75,18 +75,21 @@
"UserOwnedLabPremiumVmCount",
"UserOwnedLabVmCount",
"UserOwnedLabVmCountInSubnet"
- ]
+ ],
+ "metadata": {
+ "description": "Required. The fact name of the policy."
+ }
},
"status": {
"type": "string",
"defaultValue": "Enabled",
- "metadata": {
- "description": "Optional. The status of the policy."
- },
"allowedValues": [
"Disabled",
"Enabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The status of the policy."
+ }
},
"threshold": {
"type": "string",
diff --git a/modules/dev-test-lab/lab/schedule/main.json b/modules/dev-test-lab/lab/schedule/main.json
index 7cda200a3f..a4efd42401 100644
--- a/modules/dev-test-lab/lab/schedule/main.json
+++ b/modules/dev-test-lab/lab/schedule/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18085550684061495455"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "12427678703978539260"
+ },
+ "name": "DevTest Lab Schedules",
+ "description": "This module deploys a DevTest Lab Schedule.\r\n\r\nLab schedules are used to modify the settings for auto-shutdown, auto-start for lab virtual machines.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"labName": {
@@ -17,23 +20,23 @@
},
"name": {
"type": "string",
- "metadata": {
- "description": "Required. The name of the schedule."
- },
"allowedValues": [
"LabVmsShutdown",
"LabVmAutoStart"
- ]
+ ],
+ "metadata": {
+ "description": "Required. The name of the schedule."
+ }
},
"taskType": {
"type": "string",
- "metadata": {
- "description": "Required. The task type of the schedule (e.g. LabVmsShutdownTask, LabVmsStartupTask)."
- },
"allowedValues": [
"LabVmsShutdownTask",
"LabVmsStartupTask"
- ]
+ ],
+ "metadata": {
+ "description": "Required. The task type of the schedule (e.g. LabVmsShutdownTask, LabVmsStartupTask)."
+ }
},
"tags": {
"type": "object",
@@ -66,13 +69,13 @@
"status": {
"type": "string",
"defaultValue": "Enabled",
- "metadata": {
- "description": "Optional. The status of the schedule (i.e. Enabled, Disabled)."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The status of the schedule (i.e. Enabled, Disabled)."
+ }
},
"targetResourceId": {
"type": "string",
@@ -91,13 +94,13 @@
"notificationSettingsStatus": {
"type": "string",
"defaultValue": "Disabled",
- "metadata": {
- "description": "Optional. If notifications are enabled for this schedule (i.e. Enabled, Disabled)."
- },
"allowedValues": [
"Enabled",
"Disabled"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. If notifications are enabled for this schedule (i.e. Enabled, Disabled)."
+ }
},
"notificationSettingsTimeInMinutes": {
"type": "int",
diff --git a/modules/dev-test-lab/lab/virtualnetwork/main.json b/modules/dev-test-lab/lab/virtualnetwork/main.json
index 8ff199c35b..1449aed564 100644
--- a/modules/dev-test-lab/lab/virtualnetwork/main.json
+++ b/modules/dev-test-lab/lab/virtualnetwork/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "10889431821569458862"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3541849489263903716"
+ },
+ "name": "DevTest Lab Virtual Networks",
+ "description": "This module deploys a DevTest Lab Virtual Network.\r\n\r\nLab virtual machines must be deployed into a virtual network. This resource type allows configuring the virtual network and subnet settings used for the lab virtual machines.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"labName": {
diff --git a/modules/digital-twins/digital-twins-instance/.test/common/dependencies.bicep b/modules/digital-twins/digital-twins-instance/.test/common/dependencies.bicep
index 1158799706..1e614d60b6 100644
--- a/modules/digital-twins/digital-twins-instance/.test/common/dependencies.bicep
+++ b/modules/digital-twins/digital-twins-instance/.test/common/dependencies.bicep
@@ -21,108 +21,108 @@ param eventGridDomainName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
+ }
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ serviceEndpoints: [
{
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- serviceEndpoints: [
- {
- service: 'Microsoft.KeyVault'
- }
- ]
- }
+ service: 'Microsoft.KeyVault'
}
- ]
- }
+ ]
+ }
+ }
+ ]
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'privatelink.digitaltwins.azure.net'
- location: 'global'
+ name: 'privatelink.digitaltwins.azure.net'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
resource eventHubNamespace 'Microsoft.EventHub/namespaces@2022-10-01-preview' = {
- name: eventHubNamespaceName
- location: location
- properties: {
- zoneRedundant: false
- isAutoInflateEnabled: false
- maximumThroughputUnits: 0
- }
-
- resource eventHub 'eventhubs@2022-10-01-preview' = {
- name: eventHubName
- }
+ name: eventHubNamespaceName
+ location: location
+ properties: {
+ zoneRedundant: false
+ isAutoInflateEnabled: false
+ maximumThroughputUnits: 0
+ }
+
+ resource eventHub 'eventhubs@2022-10-01-preview' = {
+ name: eventHubName
+ }
}
resource serviceBus 'Microsoft.ServiceBus/namespaces@2022-10-01-preview' = {
- name: serviceBusName
- location: location
- properties: {
- zoneRedundant: false
- }
-
- resource topic 'topics@2022-10-01-preview' = {
- name: 'topic'
- }
+ name: serviceBusName
+ location: location
+ properties: {
+ zoneRedundant: false
+ }
+
+ resource topic 'topics@2022-10-01-preview' = {
+ name: 'topic'
+ }
}
resource eventGridDomain 'Microsoft.EventGrid/domains@2022-06-15' = {
- name: eventGridDomainName
- location: location
- properties: {
- disableLocalAuth: false
- }
-
- resource topic 'topics@2022-06-15' = {
- name: 'topic'
- }
+ name: eventGridDomainName
+ location: location
+ properties: {
+ disableLocalAuth: false
+ }
+
+ resource topic 'topics@2022-06-15' = {
+ name: 'topic'
+ }
}
resource eventHubNamespaceRbacAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid(managedIdentity.id, 'evhrbacAssignment')
- scope: eventHubNamespace
- properties: {
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '2b629674-e913-4c01-ae53-ef4638d8f975') //Azure Event Hubs Data Sender
- principalId: managedIdentity.properties.principalId
- principalType: 'ServicePrincipal'
- }
+ name: guid(managedIdentity.id, 'evhrbacAssignment')
+ scope: eventHubNamespace
+ properties: {
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '2b629674-e913-4c01-ae53-ef4638d8f975') //Azure Event Hubs Data Sender
+ principalId: managedIdentity.properties.principalId
+ principalType: 'ServicePrincipal'
+ }
}
resource serviceBusRbacAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
- name: guid(managedIdentity.id, 'sbrbacAssignment')
- scope: serviceBus
- properties: {
- roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '69a216fc-b8fb-44d8-bc22-1f3c2cd27a39') //Azure Service Bus Data Sender
- principalId: managedIdentity.properties.principalId
- principalType: 'ServicePrincipal'
- }
+ name: guid(managedIdentity.id, 'sbrbacAssignment')
+ scope: serviceBus
+ properties: {
+ roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '69a216fc-b8fb-44d8-bc22-1f3c2cd27a39') //Azure Service Bus Data Sender
+ principalId: managedIdentity.properties.principalId
+ principalType: 'ServicePrincipal'
+ }
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/digital-twins/digital-twins-instance/.test/common/main.test.bicep b/modules/digital-twins/digital-twins-instance/.test/common/main.test.bicep
index 02d6f60bdb..e40037c573 100644
--- a/modules/digital-twins/digital-twins-instance/.test/common/main.test.bicep
+++ b/modules/digital-twins/digital-twins-instance/.test/common/main.test.bicep
@@ -87,7 +87,6 @@ module testDeployment '../../main.bicep' = {
userAssignedIdentities: {
'${nestedDependencies.outputs.managedIdentityResourceId}': {}
}
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/digital-twins/digital-twins-instance/README.md b/modules/digital-twins/digital-twins-instance/README.md
index 475adddc2f..43768dff83 100644
--- a/modules/digital-twins/digital-twins-instance/README.md
+++ b/modules/digital-twins/digital-twins-instance/README.md
@@ -20,8 +20,8 @@ This module deploys an Azure Digital Twins Instance.
| `Microsoft.DigitalTwins/digitalTwinsInstances` | [2023-01-31](https://learn.microsoft.com/en-us/azure/templates/Microsoft.DigitalTwins/2023-01-31/digitalTwinsInstances) |
| `Microsoft.DigitalTwins/digitalTwinsInstances/endpoints` | [2023-01-31](https://learn.microsoft.com/en-us/azure/templates/Microsoft.DigitalTwins/2023-01-31/digitalTwinsInstances/endpoints) |
| `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) |
-| `Microsoft.Network/privateEndpoints` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints) |
-| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints/privateDnsZoneGroups) |
+| `Microsoft.Network/privateEndpoints` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints) |
+| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints/privateDnsZoneGroups) |
## Parameters
@@ -38,7 +38,6 @@ This module deploys an Azure Digital Twins Instance.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, DataHistoryOperation, DigitalTwinsOperation, EventRoutesOperation, ModelsOperation, QueryOperation, ResourceProviderOperation]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. |
@@ -458,7 +457,6 @@ module digitalTwinsInstance './digital-twins/digital-twins-instance/main.bicep'
// Non-required parameters
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -533,9 +531,6 @@ module digitalTwinsInstance './digital-twins/digital-twins-instance/main.bicep'
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/digital-twins/digital-twins-instance/endpoint--event-grid/main.json b/modules/digital-twins/digital-twins-instance/endpoint--event-grid/main.json
index a05d8b20ee..a1978b3907 100644
--- a/modules/digital-twins/digital-twins-instance/endpoint--event-grid/main.json
+++ b/modules/digital-twins/digital-twins-instance/endpoint--event-grid/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "13209746023702628221"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "7115177198919820190"
+ },
+ "name": "Digital Twins Instance Event Grid Endpoints",
+ "description": "This module deploys a Digital Twins Instance Event Grid Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/digital-twins/digital-twins-instance/endpoint--event-hub/main.json b/modules/digital-twins/digital-twins-instance/endpoint--event-hub/main.json
index 0ddaf11727..a964a1f125 100644
--- a/modules/digital-twins/digital-twins-instance/endpoint--event-hub/main.json
+++ b/modules/digital-twins/digital-twins-instance/endpoint--event-hub/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11967486057366992053"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "10898754622351027742"
+ },
+ "name": "Digital Twins Instance EventHub Endpoint",
+ "description": "This module deploys a Digital Twins Instance EventHub Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -25,13 +28,13 @@
"authenticationType": {
"type": "string",
"defaultValue": "IdentityBased",
- "metadata": {
- "description": "Optional. Specifies the authentication type being used for connecting to the endpoint. If 'KeyBased' is selected, a connection string must be specified (at least the primary connection string). If 'IdentityBased' is selected, the endpointUri and entityPath properties must be specified."
- },
"allowedValues": [
"IdentityBased",
"KeyBased"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specifies the authentication type being used for connecting to the endpoint. If 'KeyBased' is selected, a connection string must be specified (at least the primary connection string). If 'IdentityBased' is selected, the endpointUri and entityPath properties must be specified."
+ }
},
"deadLetterSecret": {
"type": "securestring",
diff --git a/modules/digital-twins/digital-twins-instance/endpoint--service-bus/main.json b/modules/digital-twins/digital-twins-instance/endpoint--service-bus/main.json
index 8301cecc7b..b1513fcf98 100644
--- a/modules/digital-twins/digital-twins-instance/endpoint--service-bus/main.json
+++ b/modules/digital-twins/digital-twins-instance/endpoint--service-bus/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15643334991112942016"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13127448885590640743"
+ },
+ "name": "Digital Twins Instance ServiceBus Endpoint",
+ "description": "This module deploys a Digital Twins Instance ServiceBus Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -25,13 +28,13 @@
"authenticationType": {
"type": "string",
"defaultValue": "IdentityBased",
- "metadata": {
- "description": "Optional. Specifies the authentication type being used for connecting to the endpoint. If 'KeyBased' is selected, a connection string must be specified (at least the primary connection string). If 'IdentityBased' is selected, the endpointUri and entityPath properties must be specified."
- },
"allowedValues": [
"IdentityBased",
"KeyBased"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specifies the authentication type being used for connecting to the endpoint. If 'KeyBased' is selected, a connection string must be specified (at least the primary connection string). If 'IdentityBased' is selected, the endpointUri and entityPath properties must be specified."
+ }
},
"deadLetterSecret": {
"type": "securestring",
diff --git a/modules/digital-twins/digital-twins-instance/main.bicep b/modules/digital-twins/digital-twins-instance/main.bicep
index 63c51286ce..c2dd816a8d 100644
--- a/modules/digital-twins/digital-twins-instance/main.bicep
+++ b/modules/digital-twins/digital-twins-instance/main.bicep
@@ -53,11 +53,6 @@ param diagnosticSettingsName string = '${name}-diagnosticSettings'
@description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.')
param diagnosticStorageAccountId string = ''
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.')
param diagnosticWorkspaceId string = ''
@@ -108,20 +103,12 @@ var identity = identityType != 'None' ? {
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -129,10 +116,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) {
diff --git a/modules/digital-twins/digital-twins-instance/main.json b/modules/digital-twins/digital-twins-instance/main.json
index f4cdcad468..3ea197b9bd 100644
--- a/modules/digital-twins/digital-twins-instance/main.json
+++ b/modules/digital-twins/digital-twins-instance/main.json
@@ -4,15 +4,18 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "17940454545925305572"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "8772718651117933838"
+ },
+ "name": "Digital Twins Instances",
+ "description": "This module deploys an Azure Digital Twins Instance.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
"type": "string",
- "maxLength": 63,
"minLength": 3,
+ "maxLength": 63,
"metadata": {
"description": "Required. The name of the Digital Twin Instance."
}
@@ -34,14 +37,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"systemAssignedIdentity": {
"type": "bool",
@@ -111,15 +114,6 @@
"description": "Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticWorkspaceId": {
"type": "string",
"defaultValue": "",
@@ -194,11 +188,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -207,18 +197,14 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
"enableReferencedModulesTelemetry": false,
"identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned, UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]",
"identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]",
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
},
"resources": [
{
@@ -312,9 +298,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11967486057366992053"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "10898754622351027742"
+ },
+ "name": "Digital Twins Instance EventHub Endpoint",
+ "description": "This module deploys a Digital Twins Instance EventHub Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -333,13 +322,13 @@
"authenticationType": {
"type": "string",
"defaultValue": "IdentityBased",
- "metadata": {
- "description": "Optional. Specifies the authentication type being used for connecting to the endpoint. If 'KeyBased' is selected, a connection string must be specified (at least the primary connection string). If 'IdentityBased' is selected, the endpointUri and entityPath properties must be specified."
- },
"allowedValues": [
"IdentityBased",
"KeyBased"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specifies the authentication type being used for connecting to the endpoint. If 'KeyBased' is selected, a connection string must be specified (at least the primary connection string). If 'IdentityBased' is selected, the endpointUri and entityPath properties must be specified."
+ }
},
"deadLetterSecret": {
"type": "securestring",
@@ -499,9 +488,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "13209746023702628221"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "7115177198919820190"
+ },
+ "name": "Digital Twins Instance Event Grid Endpoints",
+ "description": "This module deploys a Digital Twins Instance Event Grid Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -644,9 +636,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15643334991112942016"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13127448885590640743"
+ },
+ "name": "Digital Twins Instance ServiceBus Endpoint",
+ "description": "This module deploys a Digital Twins Instance ServiceBus Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -665,13 +660,13 @@
"authenticationType": {
"type": "string",
"defaultValue": "IdentityBased",
- "metadata": {
- "description": "Optional. Specifies the authentication type being used for connecting to the endpoint. If 'KeyBased' is selected, a connection string must be specified (at least the primary connection string). If 'IdentityBased' is selected, the endpointUri and entityPath properties must be specified."
- },
"allowedValues": [
"IdentityBased",
"KeyBased"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specifies the authentication type being used for connecting to the endpoint. If 'KeyBased' is selected, a connection string must be specified (at least the primary connection string). If 'IdentityBased' is selected, the endpointUri and entityPath properties must be specified."
+ }
},
"deadLetterSecret": {
"type": "securestring",
@@ -847,9 +842,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11825715538543749879"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13560297539192628062"
+ },
+ "name": "Private Endpoints",
+ "description": "This module deploys a Private Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -914,14 +912,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -979,7 +977,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
@@ -1044,9 +1042,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12684511314187066258"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17831763001460207830"
+ },
+ "name": "Private Endpoint Private DNS Zone Groups",
+ "description": "This module deploys a Private Endpoint Private DNS Zone Group.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"privateEndpointName": {
@@ -1057,8 +1058,8 @@
},
"privateDNSResourceIds": {
"type": "array",
- "maxLength": 5,
"minLength": 1,
+ "maxLength": 5,
"metadata": {
"description": "Required. Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones."
}
@@ -1109,7 +1110,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('name'))]",
"properties": {
"privateDnsZoneConfigs": "[variables('privateDnsZoneConfigs')]"
@@ -1179,8 +1180,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18055161250379920591"
+ "version": "0.20.4.51522",
+ "templateHash": "11548486149222715894"
}
},
"parameters": {
@@ -1350,7 +1351,7 @@
"metadata": {
"description": "The location the resource was deployed into."
},
- "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2022-07-01', 'full').location]"
+ "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2023-04-01', 'full').location]"
}
}
}
@@ -1393,8 +1394,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "17162400653836540515"
+ "version": "0.20.4.51522",
+ "templateHash": "7097043325579895545"
}
},
"parameters": {
diff --git a/modules/document-db/database-account/.test/gremlindb/main.test.bicep b/modules/document-db/database-account/.test/gremlindb/main.test.bicep
index 8d67918a57..98abd55438 100644
--- a/modules/document-db/database-account/.test/gremlindb/main.test.bicep
+++ b/modules/document-db/database-account/.test/gremlindb/main.test.bicep
@@ -82,7 +82,6 @@ module testDeployment '../../main.bicep' = {
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName
- diagnosticLogsRetentionInDays: 7
gremlinDatabases: [
{
graphs: [
diff --git a/modules/document-db/database-account/.test/mongodb/main.test.bicep b/modules/document-db/database-account/.test/mongodb/main.test.bicep
index 287ff5759c..bd0e8f4fa8 100644
--- a/modules/document-db/database-account/.test/mongodb/main.test.bicep
+++ b/modules/document-db/database-account/.test/mongodb/main.test.bicep
@@ -79,7 +79,6 @@ module testDeployment '../../main.bicep' = {
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName
- diagnosticLogsRetentionInDays: 7
location: location
mongodbDatabases: [
{
diff --git a/modules/document-db/database-account/.test/plain/main.test.bicep b/modules/document-db/database-account/.test/plain/main.test.bicep
index d0a7345316..23071b8799 100644
--- a/modules/document-db/database-account/.test/plain/main.test.bicep
+++ b/modules/document-db/database-account/.test/plain/main.test.bicep
@@ -79,7 +79,6 @@ module testDeployment '../../main.bicep' = {
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName
- diagnosticLogsRetentionInDays: 7
lock: 'CanNotDelete'
roleAssignments: [
{
diff --git a/modules/document-db/database-account/.test/sqldb/dependencies.bicep b/modules/document-db/database-account/.test/sqldb/dependencies.bicep
index 520130acf4..50a1ace621 100644
--- a/modules/document-db/database-account/.test/sqldb/dependencies.bicep
+++ b/modules/document-db/database-account/.test/sqldb/dependencies.bicep
@@ -10,44 +10,44 @@ param virtualNetworkName string
var addressPrefix = '10.0.0.0/16'
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'privatelink.documents.azure.com'
- location: 'global'
+ name: 'privatelink.documents.azure.com'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
@description('The principal ID of the created Managed Identity.')
diff --git a/modules/document-db/database-account/.test/sqldb/main.test.bicep b/modules/document-db/database-account/.test/sqldb/main.test.bicep
index 711dfcf861..ba9288205b 100644
--- a/modules/document-db/database-account/.test/sqldb/main.test.bicep
+++ b/modules/document-db/database-account/.test/sqldb/main.test.bicep
@@ -80,7 +80,6 @@ module testDeployment '../../main.bicep' = {
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName
- diagnosticLogsRetentionInDays: 7
location: location
privateEndpoints: [
{
diff --git a/modules/document-db/database-account/README.md b/modules/document-db/database-account/README.md
index e0f3ad0023..72f4640a8a 100644
--- a/modules/document-db/database-account/README.md
+++ b/modules/document-db/database-account/README.md
@@ -24,8 +24,8 @@ This module deploys a DocumentDB Database Account.
| `Microsoft.DocumentDB/databaseAccounts/sqlDatabases` | [2023-04-15](https://learn.microsoft.com/en-us/azure/templates/Microsoft.DocumentDB/2023-04-15/databaseAccounts/sqlDatabases) |
| `Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers` | [2023-04-15](https://learn.microsoft.com/en-us/azure/templates/Microsoft.DocumentDB/2023-04-15/databaseAccounts/sqlDatabases/containers) |
| `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) |
-| `Microsoft.Network/privateEndpoints` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints) |
-| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints/privateDnsZoneGroups) |
+| `Microsoft.Network/privateEndpoints` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints) |
+| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints/privateDnsZoneGroups) |
## Parameters
@@ -52,7 +52,6 @@ This module deploys a DocumentDB Database Account.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, CassandraRequests, ControlPlaneRequests, DataPlaneRequests, GremlinRequests, MongoRequests, PartitionKeyRUConsumption, PartitionKeyStatistics, QueryRuntimeStatistics, TableApiRequests]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[Requests]` | `[Requests]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
@@ -682,7 +681,6 @@ module databaseAccount './document-db/database-account/main.bicep' = {
]
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -795,9 +793,6 @@ module databaseAccount './document-db/database-account/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
@@ -914,7 +909,6 @@ module databaseAccount './document-db/database-account/main.bicep' = {
// Non-required parameters
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -1158,9 +1152,6 @@ module databaseAccount './document-db/database-account/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
@@ -1413,7 +1404,6 @@ module databaseAccount './document-db/database-account/main.bicep' = {
// Non-required parameters
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -1472,9 +1462,6 @@ module databaseAccount './document-db/database-account/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
@@ -1538,7 +1525,6 @@ module databaseAccount './document-db/database-account/main.bicep' = {
// Non-required parameters
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -1691,9 +1677,6 @@ module databaseAccount './document-db/database-account/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/document-db/database-account/gremlin-database/graph/main.json b/modules/document-db/database-account/gremlin-database/graph/main.json
index 480334ee13..d02a60bd22 100644
--- a/modules/document-db/database-account/gremlin-database/graph/main.json
+++ b/modules/document-db/database-account/gremlin-database/graph/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "105866141402179587"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3593445264917455012"
+ },
+ "name": "DocumentDB Database Accounts Gremlin Databases Graphs",
+ "description": "This module deploys a DocumentDB Database Accounts Gremlin Database Graph.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/document-db/database-account/gremlin-database/main.json b/modules/document-db/database-account/gremlin-database/main.json
index e709363984..f3df7da63e 100644
--- a/modules/document-db/database-account/gremlin-database/main.json
+++ b/modules/document-db/database-account/gremlin-database/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "8691476614330099391"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "4256328904115204005"
+ },
+ "name": "DocumentDB Database Account Gremlin Databases",
+ "description": "This module deploys a Gremlin Database within a CosmosDB Account.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -138,9 +141,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "105866141402179587"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3593445264917455012"
+ },
+ "name": "DocumentDB Database Accounts Gremlin Databases Graphs",
+ "description": "This module deploys a DocumentDB Database Accounts Gremlin Database Graph.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/document-db/database-account/main.bicep b/modules/document-db/database-account/main.bicep
index c4e5faface..9d148d775c 100644
--- a/modules/document-db/database-account/main.bicep
+++ b/modules/document-db/database-account/main.bicep
@@ -84,11 +84,6 @@ param lock string = ''
@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.')
param roleAssignments array = []
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -179,20 +174,12 @@ param privateEndpoints array = []
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -200,10 +187,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned, UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None')
diff --git a/modules/document-db/database-account/main.json b/modules/document-db/database-account/main.json
index 33948cd93c..c5f9ce0bac 100644
--- a/modules/document-db/database-account/main.json
+++ b/modules/document-db/database-account/main.json
@@ -4,8 +4,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "3491055673573321477"
+ "version": "0.20.4.51522",
+ "templateHash": "17230929813729114087"
},
"name": "DocumentDB Database Accounts",
"description": "This module deploys a DocumentDB Database Account.",
@@ -65,16 +65,16 @@
"defaultConsistencyLevel": {
"type": "string",
"defaultValue": "Session",
- "metadata": {
- "description": "Optional. The default consistency level of the Cosmos DB account."
- },
"allowedValues": [
"Eventual",
"ConsistentPrefix",
"Session",
"BoundedStaleness",
"Strong"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. The default consistency level of the Cosmos DB account."
+ }
},
"automaticFailover": {
"type": "bool",
@@ -93,20 +93,20 @@
"maxStalenessPrefix": {
"type": "int",
"defaultValue": 100000,
+ "minValue": 10,
+ "maxValue": 2147483647,
"metadata": {
"description": "Optional. Max stale requests. Required for BoundedStaleness. Valid ranges, Single Region: 10 to 1000000. Multi Region: 100000 to 1000000."
- },
- "maxValue": 2147483647,
- "minValue": 10
+ }
},
"maxIntervalInSeconds": {
"type": "int",
"defaultValue": 300,
+ "minValue": 5,
+ "maxValue": 86400,
"metadata": {
"description": "Optional. Max lag time (minutes). Required for BoundedStaleness. Valid ranges, Single Region: 5 to 84600. Multi Region: 300 to 86400."
- },
- "maxValue": 86400,
- "minValue": 5
+ }
},
"serverVersion": {
"type": "string",
@@ -152,14 +152,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -168,15 +168,6 @@
"description": "Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -249,9 +240,6 @@
"capabilitiesToAdd": {
"type": "array",
"defaultValue": [],
- "metadata": {
- "description": "Optional. List of Cosmos DB capabilities for the account."
- },
"allowedValues": [
"EnableCassandra",
"EnableTable",
@@ -259,59 +247,62 @@
"EnableMongo",
"DisableRateLimitingResponses",
"EnableServerless"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. List of Cosmos DB capabilities for the account."
+ }
},
"backupPolicyType": {
"type": "string",
"defaultValue": "Continuous",
- "metadata": {
- "description": "Optional. Describes the mode of backups."
- },
"allowedValues": [
"Periodic",
"Continuous"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Describes the mode of backups."
+ }
},
"backupPolicyContinuousTier": {
"type": "string",
"defaultValue": "Continuous30Days",
- "metadata": {
- "description": "Optional. Configuration values for continuous mode backup."
- },
"allowedValues": [
"Continuous30Days",
"Continuous7Days"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Configuration values for continuous mode backup."
+ }
},
"backupIntervalInMinutes": {
"type": "int",
"defaultValue": 240,
+ "minValue": 60,
+ "maxValue": 1440,
"metadata": {
"description": "Optional. An integer representing the interval in minutes between two backups. Only applies to periodic backup type."
- },
- "maxValue": 1440,
- "minValue": 60
+ }
},
"backupRetentionIntervalInHours": {
"type": "int",
"defaultValue": 8,
+ "minValue": 2,
+ "maxValue": 720,
"metadata": {
"description": "Optional. An integer representing the time (in hours) that each backup is retained. Only applies to periodic backup type."
- },
- "maxValue": 720,
- "minValue": 2
+ }
},
"backupStorageRedundancy": {
"type": "string",
"defaultValue": "Local",
- "metadata": {
- "description": "Optional. Enum to indicate type of backup residency. Only applies to periodic backup type."
- },
"allowedValues": [
"Geo",
"Local",
"Zone"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Enum to indicate type of backup residency. Only applies to periodic backup type."
+ }
},
"privateEndpoints": {
"type": "array",
@@ -328,11 +319,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -341,11 +328,7 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -365,7 +348,7 @@
}
}
],
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]",
"identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned, UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]",
"identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]",
"consistencyPolicy": {
@@ -483,8 +466,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15105512277629326341"
+ "version": "0.20.4.51522",
+ "templateHash": "9062930380498217256"
}
},
"parameters": {
@@ -635,8 +618,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "9165958576985328916"
+ "version": "0.20.4.51522",
+ "templateHash": "3181306638327423907"
},
"name": "DocumentDB Database Account SQL Databases",
"description": "This module deploys a SQL Database in a CosmosDB Account.",
@@ -763,8 +746,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11426208730264271754"
+ "version": "0.20.4.51522",
+ "templateHash": "14315455818011845279"
},
"name": "DocumentDB Database Account SQL Database Containers",
"description": "This module deploys a SQL Database Container in a CosmosDB Account.",
@@ -806,11 +789,11 @@
"defaultTtl": {
"type": "int",
"defaultValue": -1,
+ "minValue": -1,
+ "maxValue": 2147483647,
"metadata": {
"description": "Optional. Default time to live (in seconds). With Time to Live or TTL, Azure Cosmos DB provides the ability to delete items automatically from a container after a certain time period. If the value is set to \"-1\", it is equal to infinity, and items dont expire by default."
- },
- "minValue": -1,
- "maxValue": 2147483647
+ }
},
"throughput": {
"type": "int",
@@ -822,10 +805,10 @@
"autoscaleSettingsMaxThroughput": {
"type": "int",
"defaultValue": -1,
+ "maxValue": 1000000,
"metadata": {
"description": "Optional. Specifies the Autoscale settings and represents maximum throughput, the resource can scale up to. The autoscale throughput should have valid throughput values between 1000 and 1000000 inclusive in increments of 1000. If value is set to -1, then the property will be set to null and autoscale will be disabled."
- },
- "maxValue": 1000000
+ }
},
"tags": {
"type": "object",
@@ -1002,8 +985,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "2085063402479874129"
+ "version": "0.20.4.51522",
+ "templateHash": "13972019361365434498"
},
"name": "DocumentDB Database Account MongoDB Databases",
"description": "This module deploys a MongoDB Database within a CosmosDB Account.",
@@ -1120,8 +1103,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18146087628954569143"
+ "version": "0.20.4.51522",
+ "templateHash": "12957080003676592321"
},
"name": "DocumentDB Database Account MongoDB Database Collections",
"description": "This module deploys a MongoDB Database Collection.",
@@ -1292,8 +1275,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "14580792451038416315"
+ "version": "0.20.4.51522",
+ "templateHash": "4256328904115204005"
},
"name": "DocumentDB Database Account Gremlin Databases",
"description": "This module deploys a Gremlin Database within a CosmosDB Account.",
@@ -1429,8 +1412,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "7554276634599299832"
+ "version": "0.20.4.51522",
+ "templateHash": "3593445264917455012"
},
"name": "DocumentDB Database Accounts Gremlin Databases Graphs",
"description": "This module deploys a DocumentDB Database Accounts Gremlin Database Graph.",
@@ -1622,8 +1605,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15343651026946310931"
+ "version": "0.20.4.51522",
+ "templateHash": "13560297539192628062"
},
"name": "Private Endpoints",
"description": "This module deploys a Private Endpoint.",
@@ -1692,14 +1675,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -1757,7 +1740,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
@@ -1822,8 +1805,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "5406224106432076575"
+ "version": "0.20.4.51522",
+ "templateHash": "17831763001460207830"
},
"name": "Private Endpoint Private DNS Zone Groups",
"description": "This module deploys a Private Endpoint Private DNS Zone Group.",
@@ -1838,8 +1821,8 @@
},
"privateDNSResourceIds": {
"type": "array",
- "maxLength": 5,
"minLength": 1,
+ "maxLength": 5,
"metadata": {
"description": "Required. Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones."
}
@@ -1890,7 +1873,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('name'))]",
"properties": {
"privateDnsZoneConfigs": "[variables('privateDnsZoneConfigs')]"
@@ -1960,8 +1943,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18055161250379920591"
+ "version": "0.20.4.51522",
+ "templateHash": "11548486149222715894"
}
},
"parameters": {
@@ -2131,7 +2114,7 @@
"metadata": {
"description": "The location the resource was deployed into."
},
- "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2022-07-01', 'full').location]"
+ "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2023-04-01', 'full').location]"
}
}
}
diff --git a/modules/document-db/database-account/mongodb-database/collection/main.json b/modules/document-db/database-account/mongodb-database/collection/main.json
index 61a59a5fb6..a6fa0bc567 100644
--- a/modules/document-db/database-account/mongodb-database/collection/main.json
+++ b/modules/document-db/database-account/mongodb-database/collection/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "17023323765982935979"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "12957080003676592321"
+ },
+ "name": "DocumentDB Database Account MongoDB Database Collections",
+ "description": "This module deploys a MongoDB Database Collection.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"databaseAccountName": {
diff --git a/modules/document-db/database-account/mongodb-database/main.json b/modules/document-db/database-account/mongodb-database/main.json
index f412e3d556..3446932229 100644
--- a/modules/document-db/database-account/mongodb-database/main.json
+++ b/modules/document-db/database-account/mongodb-database/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "10478774274627200406"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13972019361365434498"
+ },
+ "name": "DocumentDB Database Account MongoDB Databases",
+ "description": "This module deploys a MongoDB Database within a CosmosDB Account.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"databaseAccountName": {
@@ -119,9 +122,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "17023323765982935979"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "12957080003676592321"
+ },
+ "name": "DocumentDB Database Account MongoDB Database Collections",
+ "description": "This module deploys a MongoDB Database Collection.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"databaseAccountName": {
diff --git a/modules/document-db/database-account/sql-database/container/main.json b/modules/document-db/database-account/sql-database/container/main.json
index f4c487ffac..6986286959 100644
--- a/modules/document-db/database-account/sql-database/container/main.json
+++ b/modules/document-db/database-account/sql-database/container/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "7895705651487538293"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "14315455818011845279"
+ },
+ "name": "DocumentDB Database Account SQL Database Containers",
+ "description": "This module deploys a SQL Database Container in a CosmosDB Account.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"databaseAccountName": {
@@ -44,11 +47,11 @@
"defaultTtl": {
"type": "int",
"defaultValue": -1,
+ "minValue": -1,
+ "maxValue": 2147483647,
"metadata": {
"description": "Optional. Default time to live (in seconds). With Time to Live or TTL, Azure Cosmos DB provides the ability to delete items automatically from a container after a certain time period. If the value is set to \"-1\", it is equal to infinity, and items dont expire by default."
- },
- "minValue": -1,
- "maxValue": 2147483647
+ }
},
"throughput": {
"type": "int",
@@ -60,10 +63,10 @@
"autoscaleSettingsMaxThroughput": {
"type": "int",
"defaultValue": -1,
+ "maxValue": 1000000,
"metadata": {
"description": "Optional. Specifies the Autoscale settings and represents maximum throughput, the resource can scale up to. The autoscale throughput should have valid throughput values between 1000 and 1000000 inclusive in increments of 1000. If value is set to -1, then the property will be set to null and autoscale will be disabled."
- },
- "maxValue": 1000000
+ }
},
"tags": {
"type": "object",
diff --git a/modules/document-db/database-account/sql-database/main.json b/modules/document-db/database-account/sql-database/main.json
index 28e4e55973..145a1881bc 100644
--- a/modules/document-db/database-account/sql-database/main.json
+++ b/modules/document-db/database-account/sql-database/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12220674864217683327"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "3181306638327423907"
+ },
+ "name": "DocumentDB Database Account SQL Databases",
+ "description": "This module deploys a SQL Database in a CosmosDB Account.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"databaseAccountName": {
@@ -129,9 +132,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "7895705651487538293"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "14315455818011845279"
+ },
+ "name": "DocumentDB Database Account SQL Database Containers",
+ "description": "This module deploys a SQL Database Container in a CosmosDB Account.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"databaseAccountName": {
@@ -169,11 +175,11 @@
"defaultTtl": {
"type": "int",
"defaultValue": -1,
+ "minValue": -1,
+ "maxValue": 2147483647,
"metadata": {
"description": "Optional. Default time to live (in seconds). With Time to Live or TTL, Azure Cosmos DB provides the ability to delete items automatically from a container after a certain time period. If the value is set to \"-1\", it is equal to infinity, and items dont expire by default."
- },
- "minValue": -1,
- "maxValue": 2147483647
+ }
},
"throughput": {
"type": "int",
@@ -185,10 +191,10 @@
"autoscaleSettingsMaxThroughput": {
"type": "int",
"defaultValue": -1,
+ "maxValue": 1000000,
"metadata": {
"description": "Optional. Specifies the Autoscale settings and represents maximum throughput, the resource can scale up to. The autoscale throughput should have valid throughput values between 1000 and 1000000 inclusive in increments of 1000. If value is set to -1, then the property will be set to null and autoscale will be disabled."
- },
- "maxValue": 1000000
+ }
},
"tags": {
"type": "object",
diff --git a/modules/event-grid/domain/.test/common/dependencies.bicep b/modules/event-grid/domain/.test/common/dependencies.bicep
index c4d9640171..9ae6106fca 100644
--- a/modules/event-grid/domain/.test/common/dependencies.bicep
+++ b/modules/event-grid/domain/.test/common/dependencies.bicep
@@ -9,45 +9,45 @@ param managedIdentityName string
var addressPrefix = '10.0.0.0/24'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'privatelink.eventgrid.azure.net'
- location: 'global'
+ name: 'privatelink.eventgrid.azure.net'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/event-grid/domain/.test/common/main.test.bicep b/modules/event-grid/domain/.test/common/main.test.bicep
index 062266742e..2bbe444ed6 100644
--- a/modules/event-grid/domain/.test/common/main.test.bicep
+++ b/modules/event-grid/domain/.test/common/main.test.bicep
@@ -64,7 +64,6 @@ module testDeployment '../../main.bicep' = {
params: {
enableDefaultTelemetry: enableDefaultTelemetry
name: '${namePrefix}${serviceShort}001'
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/event-grid/domain/.test/pe/dependencies.bicep b/modules/event-grid/domain/.test/pe/dependencies.bicep
index 0013cdcdfd..b4da965a54 100644
--- a/modules/event-grid/domain/.test/pe/dependencies.bicep
+++ b/modules/event-grid/domain/.test/pe/dependencies.bicep
@@ -6,40 +6,40 @@ param virtualNetworkName string
var addressPrefix = '10.0.0.0/24'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'privatelink.eventgrid.azure.net'
- location: 'global'
+ name: 'privatelink.eventgrid.azure.net'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/event-grid/domain/README.md b/modules/event-grid/domain/README.md
index 622fb2af80..97d325a857 100644
--- a/modules/event-grid/domain/README.md
+++ b/modules/event-grid/domain/README.md
@@ -19,8 +19,8 @@ This module deploys an Event Grid Domain.
| `Microsoft.EventGrid/domains` | [2022-06-15](https://learn.microsoft.com/en-us/azure/templates/Microsoft.EventGrid/2022-06-15/domains) |
| `Microsoft.EventGrid/domains/topics` | [2022-06-15](https://learn.microsoft.com/en-us/azure/templates/Microsoft.EventGrid/2022-06-15/domains/topics) |
| `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) |
-| `Microsoft.Network/privateEndpoints` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints) |
-| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints/privateDnsZoneGroups) |
+| `Microsoft.Network/privateEndpoints` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints) |
+| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints/privateDnsZoneGroups) |
## Parameters
@@ -39,7 +39,6 @@ This module deploys an Event Grid Domain.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, DeliveryFailures, PublishFailures]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
@@ -294,7 +293,6 @@ module domain './event-grid/domain/main.bicep' = {
// Non-required parameters
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -363,9 +361,6 @@ module domain './event-grid/domain/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/event-grid/domain/main.bicep b/modules/event-grid/domain/main.bicep
index 91dac314a3..853973234c 100644
--- a/modules/event-grid/domain/main.bicep
+++ b/modules/event-grid/domain/main.bicep
@@ -25,11 +25,6 @@ param autoDeleteTopicWithLastSubscription bool = true
@description('Optional. This can be used to restrict traffic from specific IPs instead of all IPs. Note: These are considered only if PublicNetworkAccess is enabled.')
param inboundIpRules array = []
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -92,20 +87,12 @@ var enableReferencedModulesTelemetry = false
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -113,10 +100,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) {
diff --git a/modules/event-grid/domain/main.json b/modules/event-grid/domain/main.json
index ee003cb8dc..3c01e2fcef 100644
--- a/modules/event-grid/domain/main.json
+++ b/modules/event-grid/domain/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "13835175854435646864"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "15864855878909112039"
+ },
+ "name": "Event Grid Domains",
+ "description": "This module deploys an Event Grid Domain.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -55,15 +58,6 @@
"description": "Optional. This can be used to restrict traffic from specific IPs instead of all IPs. Note: These are considered only if PublicNetworkAccess is enabled."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -109,14 +103,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"tags": {
"type": "object",
@@ -181,11 +175,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -194,16 +184,12 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
"enableReferencedModulesTelemetry": false,
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
},
"resources": [
{
@@ -298,9 +284,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "1958901830516383626"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "15871414282174794846"
+ },
+ "name": "Event Grid Domain Topics",
+ "description": "This module deploys an Event Grid Domain Topic.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -428,9 +417,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "11825715538543749879"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "13560297539192628062"
+ },
+ "name": "Private Endpoints",
+ "description": "This module deploys a Private Endpoint.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -495,14 +487,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"roleAssignments": {
"type": "array",
@@ -560,7 +552,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
@@ -625,9 +617,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "12684511314187066258"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "17831763001460207830"
+ },
+ "name": "Private Endpoint Private DNS Zone Groups",
+ "description": "This module deploys a Private Endpoint Private DNS Zone Group.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"privateEndpointName": {
@@ -638,8 +633,8 @@
},
"privateDNSResourceIds": {
"type": "array",
- "maxLength": 5,
"minLength": 1,
+ "maxLength": 5,
"metadata": {
"description": "Required. Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones."
}
@@ -690,7 +685,7 @@
},
{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
- "apiVersion": "2022-07-01",
+ "apiVersion": "2023-04-01",
"name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('name'))]",
"properties": {
"privateDnsZoneConfigs": "[variables('privateDnsZoneConfigs')]"
@@ -760,8 +755,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "18055161250379920591"
+ "version": "0.20.4.51522",
+ "templateHash": "11548486149222715894"
}
},
"parameters": {
@@ -931,7 +926,7 @@
"metadata": {
"description": "The location the resource was deployed into."
},
- "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2022-07-01', 'full').location]"
+ "value": "[reference(resourceId('Microsoft.Network/privateEndpoints', parameters('name')), '2023-04-01', 'full').location]"
}
}
}
@@ -974,8 +969,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "115357666483455741"
+ "version": "0.20.4.51522",
+ "templateHash": "13076781654377390405"
}
},
"parameters": {
diff --git a/modules/event-grid/domain/topic/main.json b/modules/event-grid/domain/topic/main.json
index 10b535da1e..8b821bd6f1 100644
--- a/modules/event-grid/domain/topic/main.json
+++ b/modules/event-grid/domain/topic/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "1958901830516383626"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "15871414282174794846"
+ },
+ "name": "Event Grid Domain Topics",
+ "description": "This module deploys an Event Grid Domain Topic.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/event-grid/system-topic/.test/common/main.test.bicep b/modules/event-grid/system-topic/.test/common/main.test.bicep
index e115ce165c..3499151049 100644
--- a/modules/event-grid/system-topic/.test/common/main.test.bicep
+++ b/modules/event-grid/system-topic/.test/common/main.test.bicep
@@ -89,7 +89,6 @@ module testDeployment '../../main.bicep' = {
}
}
} ]
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/event-grid/system-topic/README.md b/modules/event-grid/system-topic/README.md
index cb654ff3eb..a2e2b0e2e0 100644
--- a/modules/event-grid/system-topic/README.md
+++ b/modules/event-grid/system-topic/README.md
@@ -37,7 +37,6 @@ This module deploys an Event Grid System Topic.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, DeliveryFailures]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
@@ -296,7 +295,6 @@ module systemTopic './event-grid/system-topic/main.bicep' = {
// Non-required parameters
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: ''
diagnosticWorkspaceId: ''
enableDefaultTelemetry: ''
@@ -371,9 +369,6 @@ module systemTopic './event-grid/system-topic/main.bicep' = {
"diagnosticEventHubName": {
"value": ""
},
- "diagnosticLogsRetentionInDays": {
- "value": 7
- },
"diagnosticStorageAccountId": {
"value": ""
},
diff --git a/modules/event-grid/system-topic/event-subscription/main.json b/modules/event-grid/system-topic/event-subscription/main.json
index b6efb6b3c5..d01d0b7544 100644
--- a/modules/event-grid/system-topic/event-subscription/main.json
+++ b/modules/event-grid/system-topic/event-subscription/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "6312139785830942393"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "2662254923590356448"
+ },
+ "name": "Event Grid System Topic Event Subscriptions",
+ "description": "This module deploys an Event Grid System Topic Event Subscription.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
diff --git a/modules/event-grid/system-topic/main.bicep b/modules/event-grid/system-topic/main.bicep
index 1b94c2cc93..5358a5ea6f 100644
--- a/modules/event-grid/system-topic/main.bicep
+++ b/modules/event-grid/system-topic/main.bicep
@@ -17,11 +17,6 @@ param topicType string
@description('Optional. Event subscriptions to deploy.')
param eventSubscriptions array = []
-@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
-@minValue(0)
-@maxValue(365)
-param diagnosticLogsRetentionInDays int = 365
-
@description('Optional. Resource ID of the diagnostic storage account.')
param diagnosticStorageAccountId string = ''
@@ -88,20 +83,12 @@ param diagnosticSettingsName string = ''
var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): {
category: category
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [
{
categoryGroup: 'allLogs'
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}
] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified
@@ -109,10 +96,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: {
category: metric
timeGrain: null
enabled: true
- retentionPolicy: {
- enabled: true
- days: diagnosticLogsRetentionInDays
- }
}]
resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) {
diff --git a/modules/event-grid/system-topic/main.json b/modules/event-grid/system-topic/main.json
index f6eb732795..a00048c3e8 100644
--- a/modules/event-grid/system-topic/main.json
+++ b/modules/event-grid/system-topic/main.json
@@ -4,9 +4,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "15016048767972452581"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "16335082464583916112"
+ },
+ "name": "Event Grid System Topics",
+ "description": "This module deploys an Event Grid System Topic.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -41,15 +44,6 @@
"description": "Optional. Event subscriptions to deploy."
}
},
- "diagnosticLogsRetentionInDays": {
- "type": "int",
- "defaultValue": 365,
- "maxValue": 365,
- "minValue": 0,
- "metadata": {
- "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
- }
- },
"diagnosticStorageAccountId": {
"type": "string",
"defaultValue": "",
@@ -88,14 +82,14 @@
"lock": {
"type": "string",
"defaultValue": "",
- "metadata": {
- "description": "Optional. Specify the type of lock."
- },
"allowedValues": [
"",
"CanNotDelete",
"ReadOnly"
- ]
+ ],
+ "metadata": {
+ "description": "Optional. Specify the type of lock."
+ }
},
"systemAssignedIdentity": {
"type": "bool",
@@ -166,11 +160,7 @@
"count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]",
"input": {
"category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]",
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
},
{
@@ -179,17 +169,13 @@
"input": {
"category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]",
"timeGrain": null,
- "enabled": true,
- "retentionPolicy": {
- "enabled": true,
- "days": "[parameters('diagnosticLogsRetentionInDays')]"
- }
+ "enabled": true
}
}
],
"identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]",
"identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]",
- "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
+ "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]"
},
"resources": [
{
@@ -290,9 +276,12 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "6312139785830942393"
- }
+ "version": "0.20.4.51522",
+ "templateHash": "2662254923590356448"
+ },
+ "name": "Event Grid System Topic Event Subscriptions",
+ "description": "This module deploys an Event Grid System Topic Event Subscription.",
+ "owner": "Azure/module-maintainers"
},
"parameters": {
"name": {
@@ -492,8 +481,8 @@
"metadata": {
"_generator": {
"name": "bicep",
- "version": "0.19.5.34762",
- "templateHash": "14619209932195450330"
+ "version": "0.20.4.51522",
+ "templateHash": "7084319761637070874"
}
},
"parameters": {
diff --git a/modules/event-grid/topic/.test/common/dependencies.bicep b/modules/event-grid/topic/.test/common/dependencies.bicep
index 30384d73fa..6f09643d9e 100644
--- a/modules/event-grid/topic/.test/common/dependencies.bicep
+++ b/modules/event-grid/topic/.test/common/dependencies.bicep
@@ -15,62 +15,62 @@ param storageQueueName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'privatelink.eventgrid.azure.net'
- location: 'global'
+ name: 'privatelink.eventgrid.azure.net'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
- name: managedIdentityName
- location: location
+ name: managedIdentityName
+ location: location
}
resource storageAccount 'Microsoft.Storage/storageAccounts@2022-05-01' = {
- name: storageAccountName
- location: location
- sku: {
- name: 'Standard_LRS'
- }
- kind: 'StorageV2'
-
- resource queueService 'queueServices@2022-09-01' = {
- name: 'default'
-
- resource queue 'queues@2022-09-01' = {
- name: storageQueueName
- }
+ name: storageAccountName
+ location: location
+ sku: {
+ name: 'Standard_LRS'
+ }
+ kind: 'StorageV2'
+
+ resource queueService 'queueServices@2022-09-01' = {
+ name: 'default'
+
+ resource queue 'queues@2022-09-01' = {
+ name: storageQueueName
}
+ }
}
@description('The name of the created Storage Account Queue.')
diff --git a/modules/event-grid/topic/.test/common/main.test.bicep b/modules/event-grid/topic/.test/common/main.test.bicep
index 5bc6af6b1b..0b2f474962 100644
--- a/modules/event-grid/topic/.test/common/main.test.bicep
+++ b/modules/event-grid/topic/.test/common/main.test.bicep
@@ -66,7 +66,6 @@ module testDeployment '../../main.bicep' = {
params: {
enableDefaultTelemetry: enableDefaultTelemetry
name: '${namePrefix}${serviceShort}001'
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
diff --git a/modules/event-grid/topic/.test/pe/dependencies.bicep b/modules/event-grid/topic/.test/pe/dependencies.bicep
index 36760779bc..3b3a2bc528 100644
--- a/modules/event-grid/topic/.test/pe/dependencies.bicep
+++ b/modules/event-grid/topic/.test/pe/dependencies.bicep
@@ -6,40 +6,40 @@ param virtualNetworkName string
var addressPrefix = '10.0.0.0/16'
-resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
- name: virtualNetworkName
- location: location
- properties: {
- addressSpace: {
- addressPrefixes: [
- addressPrefix
- ]
- }
- subnets: [
- {
- name: 'defaultSubnet'
- properties: {
- addressPrefix: addressPrefix
- }
- }
- ]
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
+ name: virtualNetworkName
+ location: location
+ properties: {
+ addressSpace: {
+ addressPrefixes: [
+ addressPrefix
+ ]
}
+ subnets: [
+ {
+ name: 'defaultSubnet'
+ properties: {
+ addressPrefix: addressPrefix
+ }
+ }
+ ]
+ }
}
resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
- name: 'privatelink.eventgrid.azure.net'
- location: 'global'
+ name: 'privatelink.eventgrid.azure.net'
+ location: 'global'
- resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
- name: '${virtualNetwork.name}-vnetlink'
- location: 'global'
- properties: {
- virtualNetwork: {
- id: virtualNetwork.id
- }
- registrationEnabled: false
- }
+ resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+ name: '${virtualNetwork.name}-vnetlink'
+ location: 'global'
+ properties: {
+ virtualNetwork: {
+ id: virtualNetwork.id
+ }
+ registrationEnabled: false
}
+ }
}
@description('The resource ID of the created Virtual Network Subnet.')
diff --git a/modules/event-grid/topic/README.md b/modules/event-grid/topic/README.md
index f41ed493f2..f6adfeea5f 100644
--- a/modules/event-grid/topic/README.md
+++ b/modules/event-grid/topic/README.md
@@ -19,8 +19,8 @@ This module deploys an Event Grid Topic.
| `Microsoft.EventGrid/topics` | [2020-06-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.EventGrid/2020-06-01/topics) |
| `Microsoft.EventGrid/topics/eventSubscriptions` | [2022-06-15](https://learn.microsoft.com/en-us/azure/templates/Microsoft.EventGrid/2022-06-15/topics/eventSubscriptions) |
| `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) |
-| `Microsoft.Network/privateEndpoints` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints) |
-| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/privateEndpoints/privateDnsZoneGroups) |
+| `Microsoft.Network/privateEndpoints` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints) |
+| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints/privateDnsZoneGroups) |
## Parameters
@@ -37,7 +37,6 @@ This module deploys an Event Grid Topic.
| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. |
| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. |
| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, DeliveryFailures, PublishFailures]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. |
-| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. |
| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. |
| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". |
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
@@ -365,7 +364,6 @@ module topic './event-grid/topic/main.bicep' = {
// Non-required parameters
diagnosticEventHubAuthorizationRuleId: ''
diagnosticEventHubName: ''
- diagnosticLogsRetentionInDays: 7
diagnosticStorageAccountId: '