From 9d29dc72681610f93c98ae03ee5bbdfa38228b0a Mon Sep 17 00:00:00 2001 From: Ahmad Abdalla <28486158+ahmadabdalla@users.noreply.github.com> Date: Tue, 19 Sep 2023 17:38:42 +1000 Subject: [PATCH 1/2] updated module irrelevent params and typos. Updated Known issues --- docs/wiki/Known issues.md | 37 ++++++++++-- modules/cache/redis-enterprise/README.md | 68 +---------------------- modules/cache/redis-enterprise/main.bicep | 2 +- modules/cache/redis-enterprise/main.json | 4 +- 4 files changed, 37 insertions(+), 74 deletions(-) diff --git a/docs/wiki/Known issues.md b/docs/wiki/Known issues.md index 7126e38b4f..e85e178565 100644 --- a/docs/wiki/Known issues.md +++ b/docs/wiki/Known issues.md @@ -10,6 +10,7 @@ This section provides an overview of the most impactful limitations and known is - [management/management-group](#managementmanagement-group) - [recovery-services/vault](#recovery-servicesvault) - [network/network-manager](#networknetwork-manager) + - [cache/redis-enterprise](#cacheredis-enterprise) - [CI environment specific](#ci-environment-specific) - [Static validation](#static-validation) - [Deployment validation](#deployment-validation) @@ -53,15 +54,15 @@ Further details are also provided in issue [#1342](https://github.com/Azure/Reso ## recovery-services/vault -The Recovery Services Vaults module does not currently attach the content of the identity property correctly when both user- and systemassigned identity fields are selected. +The Recovery Services Vaults module does not currently attach the content of the identity property correctly when both user and system-assigned identity fields are selected. -The pipeline shows a success but the assignment of both identities never happens although both identities (systemassigned is a serviceprincipal, userassigned is a managed identity resource) get created successfully. +The pipeline shows a success but the assignment of both identities never happens although both identities (system-assigned or user-assigned) get created successfully. -Upon cleanup the system-assigned identity will not be removed. +Upon clean-up, the system-assigned identity will not be removed. When the deployment is then run again it fails, because Azure tries to attach this rogue service principal as a system-assigned identity. -Since the behavior is inconsistent via Api (depending on spacing and whether capital letters are used), a ticket on the bicep repository has been opened for that. For more details, refer to the issue in the bicep repository ([#9662](https://github.com/Azure/bicep/issues/9662)). +Since the behaviour is inconsistent via API (depending on spacing and whether capital letters are used), a ticket on the bicep repository has been opened for that. For more details, refer to the issue in the bicep repository ([#9662](https://github.com/Azure/bicep/issues/9662)). A related issue has been opened in the Bug board [#2391](https://github.com/Azure/ResourceModules/issues/2391). @@ -71,6 +72,34 @@ In order to deploy a Network Manager with the `networkManagerScopes` property se --- +## cache/redis-enterprise + +The Azure Redis Cache Enterprise module pipeline is expected to fail in our development/validation environment for a few reasons: + +- The subscription type used to validate CARML modules does not support deployment of the Azure Redis Cache Enterprise service. + +The error messages expected to be seen in the pipeline are: + +```json +{ + "code": "ResourceDeploymentFailure", + "target": "/subscriptions//resourceGroups//providers/Microsoft.Cache/redisEnterprise/", + "message": "The resource write operation failed to complete successfully, because it reached terminal provisioning state 'Failed'." +} + +// OR + +{ + "code": "BadRequest", + "message": "Purchase has failed because we couldn't find a valid payment method associated with your Azure subscription. Please use a different Azure subscription or add\\update current payment method for this subscription and retry." +} + +``` + +Therefore, the module was manually tested in a dedicated environment. + +For the general prerequisites, please refer to the [official docs](https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/quickstart-create-redis-enterprise). + # CI environment specific This section outlines known issues that currently affect the CI environment, i.e., the validation and publishing pipelines. diff --git a/modules/cache/redis-enterprise/README.md b/modules/cache/redis-enterprise/README.md index 5dbfef954d..d80f2d8857 100644 --- a/modules/cache/redis-enterprise/README.md +++ b/modules/cache/redis-enterprise/README.md @@ -28,7 +28,7 @@ This module deploys a Redis Cache Enterprise. | Parameter Name | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the Redis Cache Enerprise resource. | +| `name` | string | The name of the Redis Cache Enterprise resource. | **Optional parameters** @@ -154,72 +154,6 @@ tags: {

-### Parameter Usage: `userAssignedIdentities` - -You can specify multiple user assigned identities to a resource by providing additional resource IDs using the following format: - -

- -Parameter JSON format - -```json -"userAssignedIdentities": { - "value": { - "/subscriptions/[[subscriptionId]]/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-sxx-az-msi-x-001": {}, - "/subscriptions/[[subscriptionId]]/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-sxx-az-msi-x-002": {} - } -} -``` - -
- -
- -Bicep format - -```bicep -userAssignedIdentities: { - '/subscriptions/[[subscriptionId]]/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-sxx-az-msi-x-001': {} - '/subscriptions/[[subscriptionId]]/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-sxx-az-msi-x-002': {} -} -``` - -
-

- -### Parameter Usage: `redisConfiguration` - -All Redis Settings. Few possible keys: rdb-backup-enabled,rdb-storage-connection-string,rdb-backup-frequency,maxmemory-delta,maxmemory-policy,notify-keyspace-events,maxmemory-samples,slowlog-log-slower-than,slowlog-max-len,list-max-ziplist-entries,list-max-ziplist-value,hash-max-ziplist-entries,hash-max-ziplist-value,set-max-intset-entries,zset-max-ziplist-entries,zset-max-ziplist-value etc.. - -Name | Description | Value ----------|----------|--------- -aof-storage-connection-string-0 | First storage account connection string | string -aof-storage-connection-string-1 | Second storage account connection string | string -maxfragmentationmemory-reserved | Value in megabytes reserved for fragmentation per shard | string -maxmemory-delta | Value in megabytes reserved for non-cache usage per shard e.g. failover. | string -maxmemory-policy | The eviction strategy used when your data won't fit within its memory limit. | string -maxmemory-reserved | Value in megabytes reserved for non-cache usage per shard e.g. failover. | string -rdb-backup-enabled | Specifies whether the rdb backup is enabled | string -rdb-backup-frequency | Specifies the frequency for creating rdb backup | string -rdb-backup-max-snapshot-count | Specifies the maximum number of snapshots for rdb backup | string -rdb-storage-connection-string | The storage account connection string for storing rdb file | string - -For more details visit [Microsoft.Cache redis reference](https://learn.microsoft.com/en-us/azure/templates/microsoft.cache/redis?tabs=bicep) - -

- -Bicep format - -```bicep -userAssignedIdentities: { - '/subscriptions/12345678-1234-1234-1234-123456789012/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-sxx-az-msi-x-001': {} - '/subscriptions/12345678-1234-1234-1234-123456789012/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-sxx-az-msi-x-002': {} -} -``` - -
-

- ### Parameter Usage: `privateEndpoints` To use Private Endpoint the following dependencies must be deployed: diff --git a/modules/cache/redis-enterprise/main.bicep b/modules/cache/redis-enterprise/main.bicep index 97372b7761..6cd4f4da66 100644 --- a/modules/cache/redis-enterprise/main.bicep +++ b/modules/cache/redis-enterprise/main.bicep @@ -5,7 +5,7 @@ metadata owner = 'Azure/module-maintainers' @description('Optional. The geo-location where the resource lives.') param location string = resourceGroup().location -@description('Required. The name of the Redis Cache Enerprise resource.') +@description('Required. The name of the Redis Cache Enterprise resource.') param name string @allowed([ diff --git a/modules/cache/redis-enterprise/main.json b/modules/cache/redis-enterprise/main.json index 8e5b157615..c0bc8f90c6 100644 --- a/modules/cache/redis-enterprise/main.json +++ b/modules/cache/redis-enterprise/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.21.1.54444", - "templateHash": "14564256646537619194" + "templateHash": "9175405114330234869" }, "name": "Redis Cache Enterprise", "description": "This module deploys a Redis Cache Enterprise.", @@ -22,7 +22,7 @@ "name": { "type": "string", "metadata": { - "description": "Required. The name of the Redis Cache Enerprise resource." + "description": "Required. The name of the Redis Cache Enterprise resource." } }, "lock": { From 68df44a156dda0e39796bc7c16f5349d1238b190 Mon Sep 17 00:00:00 2001 From: Ahmad Abdalla <28486158+ahmadabdalla@users.noreply.github.com> Date: Tue, 19 Sep 2023 18:10:37 +1000 Subject: [PATCH 2/2] Update Known issues.md Co-authored-by: Alexander Sehr --- docs/wiki/Known issues.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/wiki/Known issues.md b/docs/wiki/Known issues.md index e85e178565..23b88f20fa 100644 --- a/docs/wiki/Known issues.md +++ b/docs/wiki/Known issues.md @@ -54,7 +54,7 @@ Further details are also provided in issue [#1342](https://github.com/Azure/Reso ## recovery-services/vault -The Recovery Services Vaults module does not currently attach the content of the identity property correctly when both user and system-assigned identity fields are selected. +The Recovery Services Vaults module does not currently attach the content of the identity property correctly when both user- and system-assigned identity fields are selected. The pipeline shows a success but the assignment of both identities never happens although both identities (system-assigned or user-assigned) get created successfully.