diff --git a/arm/Microsoft.Authorization/roleAssignments/.bicep/nested_rbac_mg.bicep b/arm/Microsoft.Authorization/roleAssignments/.bicep/nested_rbac_mg.bicep index a910510fc2..a08f85f4c7 100644 --- a/arm/Microsoft.Authorization/roleAssignments/.bicep/nested_rbac_mg.bicep +++ b/arm/Microsoft.Authorization/roleAssignments/.bicep/nested_rbac_mg.bicep @@ -1,6 +1,6 @@ targetScope = 'managementGroup' -@sys.description('Required. You can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@sys.description('Required. You can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleDefinitionIdOrName string @sys.description('Required. The Principal or Object ID of the Security Principal (User, Group, Service Principal, Managed Identity)') diff --git a/arm/Microsoft.Authorization/roleAssignments/.bicep/nested_rbac_rg.bicep b/arm/Microsoft.Authorization/roleAssignments/.bicep/nested_rbac_rg.bicep index 18872aea8b..f851fed2a8 100644 --- a/arm/Microsoft.Authorization/roleAssignments/.bicep/nested_rbac_rg.bicep +++ b/arm/Microsoft.Authorization/roleAssignments/.bicep/nested_rbac_rg.bicep @@ -1,6 +1,6 @@ targetScope = 'resourceGroup' -@sys.description('Required. You can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@sys.description('Required. You can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleDefinitionIdOrName string @sys.description('Required. The Principal or Object ID of the Security Principal (User, Group, Service Principal, Managed Identity)') diff --git a/arm/Microsoft.Authorization/roleAssignments/.bicep/nested_rbac_sub.bicep b/arm/Microsoft.Authorization/roleAssignments/.bicep/nested_rbac_sub.bicep index 63c10e0cb3..757cb9eb4b 100644 --- a/arm/Microsoft.Authorization/roleAssignments/.bicep/nested_rbac_sub.bicep +++ b/arm/Microsoft.Authorization/roleAssignments/.bicep/nested_rbac_sub.bicep @@ -1,6 +1,6 @@ targetScope = 'subscription' -@sys.description('Required. You can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@sys.description('Required. You can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleDefinitionIdOrName string @sys.description('Required. The Principal or Object ID of the Security Principal (User, Group, Service Principal, Managed Identity)') diff --git a/arm/Microsoft.Authorization/roleAssignments/deploy.bicep b/arm/Microsoft.Authorization/roleAssignments/deploy.bicep index 341858929a..baf5ec09f7 100644 --- a/arm/Microsoft.Authorization/roleAssignments/deploy.bicep +++ b/arm/Microsoft.Authorization/roleAssignments/deploy.bicep @@ -1,6 +1,6 @@ targetScope = 'managementGroup' -@sys.description('Required. You can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@sys.description('Required. You can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleDefinitionIdOrName string @sys.description('Required. The Principal or Object ID of the Security Principal (User, Group, Service Principal, Managed Identity)') diff --git a/arm/Microsoft.Authorization/roleAssignments/readme.md b/arm/Microsoft.Authorization/roleAssignments/readme.md index 94366d4419..6f06757fc1 100644 --- a/arm/Microsoft.Authorization/roleAssignments/readme.md +++ b/arm/Microsoft.Authorization/roleAssignments/readme.md @@ -21,7 +21,7 @@ This module deploys Role Assignments. | `principalId` | string | | | Required. The Principal or Object ID of the Security Principal (User, Group, Service Principal, Managed Identity) | | `principalType` | string | | `[ServicePrincipal, Group, User, ForeignGroup, Device, ]` | Optional. The principal type of the assigned principal ID. | | `resourceGroupName` | string | | | Optional. Name of the Resource Group to assign the RBAC role to. If no Resource Group name is provided, and Subscription ID is provided, the module deploys at subscription level, therefore assigns the provided RBAC role to the subscription. | -| `roleDefinitionIdOrName` | string | | | Required. You can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleDefinitionIdOrName` | string | | | Required. You can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `subscriptionId` | string | | | Optional. Subscription ID of the subscription to assign the RBAC role to. If no Resource Group name is provided, the module deploys at subscription level, therefore assigns the provided RBAC role to the subscription. | ### Parameter Usage: `managementGroupId` diff --git a/arm/Microsoft.ContainerRegistry/registries/deploy.bicep b/arm/Microsoft.ContainerRegistry/registries/deploy.bicep index 1711b579ac..7de9a5cac0 100644 --- a/arm/Microsoft.ContainerRegistry/registries/deploy.bicep +++ b/arm/Microsoft.ContainerRegistry/registries/deploy.bicep @@ -9,7 +9,7 @@ param acrAdminUserEnabled bool = false @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleAssignments array = [] @description('Optional. Configuration Details for private endpoints.') diff --git a/arm/Microsoft.ContainerRegistry/registries/readme.md b/arm/Microsoft.ContainerRegistry/registries/readme.md index a1d57fb47b..65d628a2c7 100644 --- a/arm/Microsoft.ContainerRegistry/registries/readme.md +++ b/arm/Microsoft.ContainerRegistry/registries/readme.md @@ -37,7 +37,7 @@ Azure Container Registry is a managed, private Docker registry service based on | `quarantinePolicyStatus` | string | | | Optional. The value that indicates whether the policy is enabled or not. | | `retentionPolicyDays` | string | | | Optional. The number of days to retain an untagged manifest after which it gets purged. | | `retentionPolicyStatus` | string | | | Optional. The value that indicates whether the policy is enabled or not. | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `systemAssignedIdentity` | bool | | | Optional. Enables system assigned managed identity on the resource. | | `tags` | object | `{object}` | | Optional. Tags of the resource. | | `trustPolicyStatus` | string | | | Optional. The value that indicates whether the policy is enabled or not. | diff --git a/arm/Microsoft.DataFactory/factories/deploy.bicep b/arm/Microsoft.DataFactory/factories/deploy.bicep index 351ab9fded..d45404efbd 100644 --- a/arm/Microsoft.DataFactory/factories/deploy.bicep +++ b/arm/Microsoft.DataFactory/factories/deploy.bicep @@ -116,7 +116,7 @@ var diagnosticsMetrics = [for metric in metricsToEnable: { } }] -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') diff --git a/arm/Microsoft.DataFactory/factories/readme.md b/arm/Microsoft.DataFactory/factories/readme.md index 7d9c218369..4e304a0a22 100644 --- a/arm/Microsoft.DataFactory/factories/readme.md +++ b/arm/Microsoft.DataFactory/factories/readme.md @@ -36,7 +36,7 @@ | `metricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | Optional. The name of metrics that will be streamed. | | `name` | string | | | Required. The name of the Azure Factory to create | | `publicNetworkAccess` | bool | `True` | | Optional. Enable or disable public network access. | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `systemAssignedIdentity` | bool | | | Optional. Enables system assigned managed identity on the resource. | | `tags` | object | `{object}` | | Optional. Tags of the resource. | | `userAssignedIdentities` | object | `{object}` | | Optional. The ID(s) to assign to the resource. | diff --git a/arm/Microsoft.Databricks/workspaces/deploy.bicep b/arm/Microsoft.Databricks/workspaces/deploy.bicep index ca2857d4c7..efe13ab5c6 100644 --- a/arm/Microsoft.Databricks/workspaces/deploy.bicep +++ b/arm/Microsoft.Databricks/workspaces/deploy.bicep @@ -15,7 +15,7 @@ param pricingTier string = 'premium' @description('Optional. Location for all Resources.') param location string = resourceGroup().location -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. The workspace\'s custom parameters.') diff --git a/arm/Microsoft.Databricks/workspaces/readme.md b/arm/Microsoft.Databricks/workspaces/readme.md index 6babdef89b..a315da5653 100644 --- a/arm/Microsoft.Databricks/workspaces/readme.md +++ b/arm/Microsoft.Databricks/workspaces/readme.md @@ -25,7 +25,7 @@ | `managedResourceGroupId` | string | | | Optional. The managed resource group ID | | `name` | string | | | Required. The name of the Azure Databricks workspace to create | | `pricingTier` | string | `premium` | `[trial, standard, premium]` | Optional. The pricing tier of workspace | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Optional. Tags of the resource. | | `workspaceParameters` | object | `{object}` | | Optional. The workspace's custom parameters. | diff --git a/arm/Microsoft.DesktopVirtualization/applicationgroups/deploy.bicep b/arm/Microsoft.DesktopVirtualization/applicationgroups/deploy.bicep index 12a71b1416..d789f8d861 100644 --- a/arm/Microsoft.DesktopVirtualization/applicationgroups/deploy.bicep +++ b/arm/Microsoft.DesktopVirtualization/applicationgroups/deploy.bicep @@ -21,7 +21,7 @@ param friendlyName string = '' @sys.description('Optional. The description of the Application Group to be created.') param description string = '' -@sys.description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@sys.description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleAssignments array = [] @sys.description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') diff --git a/arm/Microsoft.DesktopVirtualization/applicationgroups/readme.md b/arm/Microsoft.DesktopVirtualization/applicationgroups/readme.md index bd0bb9b9df..ada8ed2172 100644 --- a/arm/Microsoft.DesktopVirtualization/applicationgroups/readme.md +++ b/arm/Microsoft.DesktopVirtualization/applicationgroups/readme.md @@ -31,7 +31,7 @@ This module deploys an Azure virtual desktop application group. | `lock` | string | `NotSpecified` | `[CanNotDelete, NotSpecified, ReadOnly]` | Optional. Specify the type of lock. | | `logsToEnable` | array | `[Checkpoint, Error, Management]` | `[Checkpoint, Error, Management]` | Optional. The name of logs that will be streamed. | | `name` | string | | | Required. Name of the Application Group to create this application in. | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `tags` | object | `{object}` | | Optional. Tags of the resource. | ### Parameter Usage: `roleAssignments` diff --git a/arm/Microsoft.DesktopVirtualization/hostpools/deploy.bicep b/arm/Microsoft.DesktopVirtualization/hostpools/deploy.bicep index 4ce642b40d..589b9b24f2 100644 --- a/arm/Microsoft.DesktopVirtualization/hostpools/deploy.bicep +++ b/arm/Microsoft.DesktopVirtualization/hostpools/deploy.bicep @@ -97,7 +97,7 @@ param startVMOnConnect bool = false @description('Optional. Validation host pool allows you to test service changes before they are deployed to production.') param validationEnvironment bool = false -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleAssignments array = [] @description('Optional. The name of logs that will be streamed.') diff --git a/arm/Microsoft.DesktopVirtualization/hostpools/readme.md b/arm/Microsoft.DesktopVirtualization/hostpools/readme.md index 2ec3871282..1f33c2530d 100644 --- a/arm/Microsoft.DesktopVirtualization/hostpools/readme.md +++ b/arm/Microsoft.DesktopVirtualization/hostpools/readme.md @@ -34,7 +34,7 @@ This module deploys an Azure virtual desktop host pool. | `name` | string | | | Required. Name of the Host Pool | | `personalDesktopAssignmentType` | string | | `[Automatic, Direct, ]` | Optional. Set the type of assignment for a Personal Host Pool type | | `preferredAppGroupType` | string | `Desktop` | `[Desktop, None, RailApplications]` | Optional. The type of preferred application group type, default to Desktop Application Group | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `startVMOnConnect` | bool | | | Optional. Enable Start VM on connect to allow users to start the virtual machine from a deallocated state. Important: Custom RBAC role required to power manage VMs. | | `tags` | object | `{object}` | | Optional. Tags of the resource. | | `tokenValidityLength` | string | `PT8H` | | Optional. Host Pool token validity length. Usage: 'PT8H' - valid for 8 hours; 'P5D' - valid for 5 days; 'P1Y' - valid for 1 year. When not provided, the token will be valid for 8 hours. | diff --git a/arm/Microsoft.DesktopVirtualization/workspaces/deploy.bicep b/arm/Microsoft.DesktopVirtualization/workspaces/deploy.bicep index 8485936e7b..9f153bdef8 100644 --- a/arm/Microsoft.DesktopVirtualization/workspaces/deploy.bicep +++ b/arm/Microsoft.DesktopVirtualization/workspaces/deploy.bicep @@ -44,7 +44,7 @@ param tags object = {} @description('Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered') param cuaId string = '' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleAssignments array = [] @description('Optional. The name of logs that will be streamed.') diff --git a/arm/Microsoft.DesktopVirtualization/workspaces/readme.md b/arm/Microsoft.DesktopVirtualization/workspaces/readme.md index 3a7a5bcf20..3231c5e643 100644 --- a/arm/Microsoft.DesktopVirtualization/workspaces/readme.md +++ b/arm/Microsoft.DesktopVirtualization/workspaces/readme.md @@ -26,7 +26,7 @@ This module deploys an Azure virtual desktop workspace. | `lock` | string | `NotSpecified` | `[CanNotDelete, NotSpecified, ReadOnly]` | Optional. Specify the type of lock. | | `logsToEnable` | array | `[Checkpoint, Error, Management, Feed]` | `[Checkpoint, Error, Management, Feed]` | Optional. The name of logs that will be streamed. | | `name` | string | | | Required. The name of the workspace to be attach to new Application Group. | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `tags` | object | `{object}` | | Optional. Tags of the resource. | | `workspaceDescription` | string | | | Optional. The description of the Workspace to be created. | | `workspaceFriendlyName` | string | | | Optional. The friendly name of the Workspace to be created. | diff --git a/arm/Microsoft.DocumentDB/databaseAccounts/deploy.bicep b/arm/Microsoft.DocumentDB/databaseAccounts/deploy.bicep index 93a57a2b80..d552dcc6f7 100644 --- a/arm/Microsoft.DocumentDB/databaseAccounts/deploy.bicep +++ b/arm/Microsoft.DocumentDB/databaseAccounts/deploy.bicep @@ -70,7 +70,7 @@ param cuaId string = '' @description('Optional. Specify the type of lock.') param lock string = 'NotSpecified' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleAssignments array = [] @description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') diff --git a/arm/Microsoft.DocumentDB/databaseAccounts/readme.md b/arm/Microsoft.DocumentDB/databaseAccounts/readme.md index bdaa7c98a0..85029f7eec 100644 --- a/arm/Microsoft.DocumentDB/databaseAccounts/readme.md +++ b/arm/Microsoft.DocumentDB/databaseAccounts/readme.md @@ -37,7 +37,7 @@ This module deploys a DocumentDB database account and its child resources. | `metricsToEnable` | array | `[Requests]` | `[Requests]` | Optional. The name of metrics that will be streamed. | | `mongodbDatabases` | _[mongodbDatabases](mongodbDatabases/readme.md)_ array | `[]` | | Optional. MongoDB Databases configurations | | `name` | string | | | Required. Name of the Database Account | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `serverVersion` | string | `4.0` | `[3.2, 3.6, 4.0]` | Optional. Specifies the MongoDB server version to use. | | `sqlDatabases` | _[sqlDatabases](sqlDatabases/readme.md)_ array | `[]` | | Optional. SQL Databases configurations | | `systemAssignedIdentity` | bool | | | Optional. Enables system assigned managed identity on the resource. | diff --git a/arm/Microsoft.Insights/components/deploy.bicep b/arm/Microsoft.Insights/components/deploy.bicep index 6844ab2b97..6cf7c01903 100644 --- a/arm/Microsoft.Insights/components/deploy.bicep +++ b/arm/Microsoft.Insights/components/deploy.bicep @@ -31,7 +31,7 @@ param kind string = '' @description('Optional. Location for all Resources') param location string = resourceGroup().location -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] @description('Optional. Tags of the resource.') diff --git a/arm/Microsoft.Insights/components/readme.md b/arm/Microsoft.Insights/components/readme.md index 0c8b70780e..a16e43bfae 100644 --- a/arm/Microsoft.Insights/components/readme.md +++ b/arm/Microsoft.Insights/components/readme.md @@ -19,7 +19,7 @@ | `kind` | string | | | Optional. The kind of application that this component refers to, used to customize UI. This value is a freeform string, values should typically be one of the following: web, ios, other, store, java, phone. | | `location` | string | `[resourceGroup().location]` | | Optional. Location for all Resources | | `name` | string | | | Required. Name of the Application Insights | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Optional. Tags of the resource. | ### Parameter Usage: `roleAssignments` diff --git a/arm/Microsoft.KeyVault/vaults/readme.md b/arm/Microsoft.KeyVault/vaults/readme.md index 242feb7214..b574a28379 100644 --- a/arm/Microsoft.KeyVault/vaults/readme.md +++ b/arm/Microsoft.KeyVault/vaults/readme.md @@ -1,6 +1,6 @@ # Key Vaults `[Microsoft.KeyVault/vaults]` -This module deploys a key vault and it's child resources. +This module deploys a key vault and its child resources. ## Resource types diff --git a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/deploy.bicep b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/deploy.bicep index 84e8ab398a..46672a9690 100644 --- a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/deploy.bicep +++ b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/deploy.bicep @@ -35,7 +35,7 @@ param volumes array = [] @description('Optional. If enabled (true) the pool can contain cool Access enabled volumes.') param coolAccess bool = false -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleAssignments array = [] @description('Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered') diff --git a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/readme.md b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/readme.md index 168d13f026..ed5ccd45ef 100644 --- a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/readme.md +++ b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/readme.md @@ -20,7 +20,7 @@ This template deploys capacity pools in an Azure NetApp Files. | `name` | string | | | Required. The name of the capacity pool. | | `netAppAccountName` | string | | | Required. The name of the NetApp account. | | `qosType` | string | `Auto` | `[Auto, Manual]` | Optional. The qos type of the pool. | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `serviceLevel` | string | `Standard` | `[Premium, Standard, StandardZRS, Ultra]` | Optional. The pool service level. | | `size` | int | | | Required. Provisioned size of the pool (in bytes). Allowed values are in 4TiB chunks (value must be multiply of 4398046511104). | | `tags` | object | `{object}` | | Optional. Tags for all resources. | diff --git a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/deploy.bicep b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/deploy.bicep index cd74e0b861..05778776ec 100644 --- a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/deploy.bicep +++ b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/deploy.bicep @@ -34,7 +34,7 @@ param subnetResourceId string @description('Optional. Export policy rules.') param exportPolicyRules array = [] -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleAssignments array = [] @description('Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered') diff --git a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/readme.md b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/readme.md index 4a72c73f3a..003d143607 100644 --- a/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/readme.md +++ b/arm/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/readme.md @@ -21,7 +21,7 @@ This template deploys volumes in a capacity pool of an Azure NetApp files. | `name` | string | | | Required. The name of the pool volume. | | `netAppAccountName` | string | | | Required. The name of the NetApp account. | | `protocolTypes` | array | `[]` | | Optional. Set of protocol types. | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `serviceLevel` | string | `Standard` | `[Premium, Standard, StandardZRS, Ultra]` | Optional. The pool service level. Must match the one of the parent capacity pool. | | `subnetResourceId` | string | | | Required. The Azure Resource URI for a delegated subnet. Must have the delegation Microsoft.NetApp/volumes. | | `usageThreshold` | int | | | Required. Maximum storage quota allowed for a file system in bytes. | diff --git a/arm/Microsoft.NetApp/netAppAccounts/deploy.bicep b/arm/Microsoft.NetApp/netAppAccounts/deploy.bicep index 53f90f7338..e54dd923cb 100644 --- a/arm/Microsoft.NetApp/netAppAccounts/deploy.bicep +++ b/arm/Microsoft.NetApp/netAppAccounts/deploy.bicep @@ -23,7 +23,7 @@ param smbServerNamePrefix string = '' @description('Optional. Capacity pools to create.') param capacityPools array = [] -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleAssignments array = [] @description('Optional. Location for all resources.') diff --git a/arm/Microsoft.NetApp/netAppAccounts/readme.md b/arm/Microsoft.NetApp/netAppAccounts/readme.md index 0c071071d4..59cbc245f7 100644 --- a/arm/Microsoft.NetApp/netAppAccounts/readme.md +++ b/arm/Microsoft.NetApp/netAppAccounts/readme.md @@ -26,7 +26,7 @@ This template deploys Azure NetApp Files. | `location` | string | `[resourceGroup().location]` | | Optional. Location for all resources. | | `lock` | string | `NotSpecified` | `[CanNotDelete, NotSpecified, ReadOnly]` | Optional. Specify the type of lock. | | `name` | string | | | Required. The name of the NetApp account. | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `smbServerNamePrefix` | string | | | Optional. Required if domainName is specified. NetBIOS name of the SMB server. A computer account with this prefix will be registered in the AD and used to mount volumes | | `tags` | object | `{object}` | | Optional. Tags for all resources. | diff --git a/arm/Microsoft.ServiceFabric/clusters/deploy.bicep b/arm/Microsoft.ServiceFabric/clusters/deploy.bicep index e3f8499680..affb81075a 100644 --- a/arm/Microsoft.ServiceFabric/clusters/deploy.bicep +++ b/arm/Microsoft.ServiceFabric/clusters/deploy.bicep @@ -129,7 +129,7 @@ param vmssZonalUpgradeMode string = 'Hierarchical' @description('Optional. Boolean to pause automatic runtime version upgrades to the cluster.') param waveUpgradePaused bool = false -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleAssignments array = [] @description('Optional. Array of Service Fabric cluster application types.') diff --git a/arm/Microsoft.ServiceFabric/clusters/readme.md b/arm/Microsoft.ServiceFabric/clusters/readme.md index d9fd43170b..e42c19b19f 100644 --- a/arm/Microsoft.ServiceFabric/clusters/readme.md +++ b/arm/Microsoft.ServiceFabric/clusters/readme.md @@ -38,7 +38,7 @@ This module deploys a service fabric cluster. | `reliabilityLevel` | string | | `[Bronze, Gold, None, Platinum, Silver]` | Optional. The reliability level sets the replica set size of system services. Learn about ReliabilityLevel (https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-cluster-capacity). - None - Run the System services with a target replica set count of 1. This should only be used for test clusters. - Bronze - Run the System services with a target replica set count of 3. This should only be used for test clusters. - Silver - Run the System services with a target replica set count of 5. - Gold - Run the System services with a target replica set count of 7. - Platinum - Run the System services with a target replica set count of 9. | | `reverseProxyCertificate` | object | `{object}` | | Optional. Describes the certificate details. | | `reverseProxyCertificateCommonNames` | object | `{object}` | | Optional. Describes a list of server certificates referenced by common name that are used to secure the cluster. | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `sfZonalUpgradeMode` | string | `Hierarchical` | `[Hierarchical, Parallel]` | Optional. This property controls the logical grouping of VMs in upgrade domains (UDs). This property cannot be modified if a node type with multiple Availability Zones is already present in the cluster. | | `tags` | object | `{object}` | | Optional. Tags of the resource. | | `upgradeDescription` | object | `{object}` | | Optional. Describes the policy used when upgrading the cluster. | diff --git a/arm/Microsoft.Storage/storageAccounts/blobServices/containers/deploy.bicep b/arm/Microsoft.Storage/storageAccounts/blobServices/containers/deploy.bicep index ffc799067d..a23c168293 100644 --- a/arm/Microsoft.Storage/storageAccounts/blobServices/containers/deploy.bicep +++ b/arm/Microsoft.Storage/storageAccounts/blobServices/containers/deploy.bicep @@ -22,7 +22,7 @@ param publicAccess string = 'None' @description('Optional. Configure immutability policy.') param immutabilityPolicyProperties object = {} -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleAssignments array = [] @description('Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered') diff --git a/arm/Microsoft.Storage/storageAccounts/blobServices/containers/readme.md b/arm/Microsoft.Storage/storageAccounts/blobServices/containers/readme.md index e413881c08..431d6d7106 100644 --- a/arm/Microsoft.Storage/storageAccounts/blobServices/containers/readme.md +++ b/arm/Microsoft.Storage/storageAccounts/blobServices/containers/readme.md @@ -20,7 +20,7 @@ This module deployes a blob container | `immutabilityPolicyProperties` | object | `{object}` | | Optional. Configure immutability policy. | | `name` | string | | | Required. The name of the storage container to deploy | | `publicAccess` | string | `None` | `[Container, Blob, None]` | Optional. Specifies whether data in the container may be accessed publicly and the level of access. | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `storageAccountName` | string | | | Required. Name of the Storage Account. | ### Parameter Usage: `roleAssignments` diff --git a/arm/Microsoft.Storage/storageAccounts/deploy.bicep b/arm/Microsoft.Storage/storageAccounts/deploy.bicep index f27702ba7a..c8b20c7d55 100644 --- a/arm/Microsoft.Storage/storageAccounts/deploy.bicep +++ b/arm/Microsoft.Storage/storageAccounts/deploy.bicep @@ -5,7 +5,7 @@ param name string = '' @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleAssignments array = [] @description('Optional. Enables system assigned managed identity on the resource.') diff --git a/arm/Microsoft.Storage/storageAccounts/fileServices/shares/deploy.bicep b/arm/Microsoft.Storage/storageAccounts/fileServices/shares/deploy.bicep index 42f73f5d23..5c19a0f042 100644 --- a/arm/Microsoft.Storage/storageAccounts/fileServices/shares/deploy.bicep +++ b/arm/Microsoft.Storage/storageAccounts/fileServices/shares/deploy.bicep @@ -11,7 +11,7 @@ param name string @description('Optional. The maximum size of the share, in gigabytes. Must be greater than 0, and less than or equal to 5TB (5120). For Large File Shares, the maximum size is 102400.') param sharedQuota int = 5120 -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleAssignments array = [] @description('Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered') diff --git a/arm/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md b/arm/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md index 4b8026af3b..1ce7b8757f 100644 --- a/arm/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md +++ b/arm/Microsoft.Storage/storageAccounts/fileServices/shares/readme.md @@ -16,7 +16,7 @@ This module deploys a storage account file share. | `cuaId` | string | | | Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered | | `fileServicesName` | string | `default` | | Optional. The name of the file service | | `name` | string | | | Required. The name of the file share to create | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `sharedQuota` | int | `5120` | | Optional. The maximum size of the share, in gigabytes. Must be greater than 0, and less than or equal to 5TB (5120). For Large File Shares, the maximum size is 102400. | | `storageAccountName` | string | | | Required. Name of the Storage Account. | diff --git a/arm/Microsoft.Storage/storageAccounts/queueServices/queues/deploy.bicep b/arm/Microsoft.Storage/storageAccounts/queueServices/queues/deploy.bicep index 567182bcb1..a0b866575a 100644 --- a/arm/Microsoft.Storage/storageAccounts/queueServices/queues/deploy.bicep +++ b/arm/Microsoft.Storage/storageAccounts/queueServices/queues/deploy.bicep @@ -11,7 +11,7 @@ param name string @description('Required. A name-value pair that represents queue metadata.') param metadata object = {} -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleAssignments array = [] @description('Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered') diff --git a/arm/Microsoft.Storage/storageAccounts/queueServices/queues/readme.md b/arm/Microsoft.Storage/storageAccounts/queueServices/queues/readme.md index d6eb5e151c..e1988be29c 100644 --- a/arm/Microsoft.Storage/storageAccounts/queueServices/queues/readme.md +++ b/arm/Microsoft.Storage/storageAccounts/queueServices/queues/readme.md @@ -17,7 +17,7 @@ This module deployes a storage account queue | `metadata` | object | `{object}` | | Required. A name-value pair that represents queue metadata. | | `name` | string | | | Required. The name of the storage queue to deploy | | `queueServicesName` | string | `default` | | Optional. The name of the queue service | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `storageAccountName` | string | | | Required. Name of the Storage Account. | ### Parameter Usage: `roleAssignments` diff --git a/arm/Microsoft.Storage/storageAccounts/readme.md b/arm/Microsoft.Storage/storageAccounts/readme.md index b13a9644fe..b49d7b0ed2 100644 --- a/arm/Microsoft.Storage/storageAccounts/readme.md +++ b/arm/Microsoft.Storage/storageAccounts/readme.md @@ -49,7 +49,7 @@ This module is used to deploy a storage account, with the ability to deploy 1 or | `networkAcls` | object | `{object}` | | Optional. Networks ACLs, this value contains IPs to whitelist and/or Subnet information. | | `privateEndpoints` | array | `[]` | | Optional. Configuration Details for private endpoints. | | `queueServices` | _[queueServices](queueServices/readme.md)_ object | `{object}` | | Optional. Queue service and queues to create. | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `storageAccountAccessTier` | string | `Hot` | `[Hot, Cool]` | Optional. Storage Account Access Tier. | | `storageAccountKind` | string | `StorageV2` | `[Storage, StorageV2, BlobStorage, FileStorage, BlockBlobStorage]` | Optional. Type of Storage Account to create. | | `storageAccountSku` | string | `Standard_GRS` | `[Standard_LRS, Standard_GRS, Standard_RAGRS, Standard_ZRS, Premium_LRS, Premium_ZRS, Standard_GZRS, Standard_RAGZRS]` | Optional. Storage Account Sku Name. | diff --git a/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/deploy.bicep b/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/deploy.bicep index d8fae7c96d..f47e003ca6 100644 --- a/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/deploy.bicep +++ b/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/deploy.bicep @@ -1,6 +1,6 @@ targetScope = 'managementGroup' -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it\'s fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') +@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'') param roleAssignments array = [] @description('Optional. Name of the Resource Group to assign the RBAC role to. If no Resource Group name is provided, and Subscription ID is provided, the module deploys at subscription level, therefore assigns the provided RBAC role to the subscription.') diff --git a/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/readme.md b/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/readme.md index e9096a4992..8563b77b33 100644 --- a/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/readme.md +++ b/constructs/Microsoft.Authorization/roleAssignments-multiRolesMultiPrincipals/readme.md @@ -16,7 +16,7 @@ This module deploys Role Assignments. | `location` | string | `[deployment().location]` | | Optional. Location for all resources. | | `managementGroupId` | string | | | Optional. Group ID of the Management Group to assign the RBAC role to. If no Subscription is provided, the module deploys at management group level, therefore assigns the provided RBAC role to the management group. | | `resourceGroupName` | string | | | Optional. Name of the Resource Group to assign the RBAC role to. If no Resource Group name is provided, and Subscription ID is provided, the module deploys at subscription level, therefore assigns the provided RBAC role to the subscription. | -| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or it's fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | +| `roleAssignments` | array | `[]` | | Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11' | | `subscriptionId` | string | | | Optional. Subscription ID of the subscription to assign the RBAC role to. If no Resource Group name is provided, the module deploys at subscription level, therefore assigns the provided RBAC role to the subscription. | ### Parameter Usage: `roleAssignments`