Update to latest

avm/ptn/data/private-analytical-workspace/tests/common.tests.ps1

@@ -87,18 +87,18 @@ function Test-VerifySubnet($Subnet, $SubnetName, $SubnetAddressPrefix, $NumberOf
     $Subnet.AddressPrefix[0] | Should -Be $SubnetAddressPrefix
     $Subnet.NetworkSecurityGroup.Count | Should -Be $NumberOfSecurityGroups
 
-    if ( $NumberOfPrivateEndpoints -eq $null ) { $Subnet.PrivateEndpoints | Should -BeNullOrEmpty }
+    if ( $null -eq $NumberOfPrivateEndpoints ) { $Subnet.PrivateEndpoints | Should -BeNullOrEmpty }
     else { $Subnet.PrivateEndpoints.Count | Should -Be $NumberOfPrivateEndpoints }
 
-    if ( $NumberOfIpConfigurations -eq $null ) { $Subnet.IpConfigurations | Should -BeNullOrEmpty }
+    if ( $null -eq $NumberOfIpConfigurations ) { $Subnet.IpConfigurations | Should -BeNullOrEmpty }
     else { $Subnet.IpConfigurations.Count | Should -Be $NumberOfIpConfigurations }
 
     $Subnet.ServiceAssociationLinks | Should -BeNullOrEmpty
     $Subnet.ResourceNavigationLinks | Should -BeNullOrEmpty
     $Subnet.ServiceEndpoints | Should -BeNullOrEmpty
     $Subnet.ServiceEndpointPolicies | Should -BeNullOrEmpty
 
-    if ( $DelegationServiceName -eq $null ) { $Subnet.Delegations | Should -BeNullOrEmpty }
+    if ( $null -eq $DelegationServiceName ) { $Subnet.Delegations | Should -BeNullOrEmpty }
     else {
         $Subnet.Delegations.Count | Should -Be 1
         $Subnet.Delegations[0].ProvisioningState | Should -Be 'Succeeded'
@@ -157,7 +157,7 @@ function Test-VerifyPrivateEndpoint($Name, $ResourceGroupName, $Tags, $SubnetNam
     $pep.NetworkInterfaces.Count | Should -Be 1
     $pep.PrivateLinkServiceConnections.ProvisioningState | Should -Be 'Succeeded'
 
-    if ( $ServiceId -eq $null ) {
+    if ( $null -eq $ServiceId ) {
         # For some services I have no Id - but must be no empty
         $pep.PrivateLinkServiceConnections.PrivateLinkServiceId | Should -Not -BeNullOrEmpty
     } else {
@@ -177,7 +177,7 @@ function Test-VerifyPrivateEndpoint($Name, $ResourceGroupName, $Tags, $SubnetNam
 }
 
 function Test-VerifyLogAnalyticsWorkspace($LogAnalyticsWorkspaceResourceGroupName, $LogAnalyticsWorkspaceName, $Tags, $Sku, $RetentionInDays, $DailyQuotaGb) {
-    $log = Get-AzOperationalInsightsWorkspace -ResourceGroupName $LogAnalyticsWorkspaceResourceGroupName -name $LogAnalyticsWorkspaceName
+    $log = Get-AzOperationalInsightsWorkspace -ResourceGroupName $LogAnalyticsWorkspaceResourceGroupName -Name $LogAnalyticsWorkspaceName
     $log | Should -Not -BeNullOrEmpty
     $log.ProvisioningState | Should -Be 'Succeeded'
     $log.Sku | Should -Be $Sku
@@ -213,12 +213,12 @@ function Test-VerifyKeyVault($KeyVaultResourceGroupName, $KeyVaultName, $Tags, $
     $kv.EnableRbacAuthorization | Should -Be $true
     $kv.EnableSoftDelete | Should -Be $EnableSoftDelete
     $kv.SoftDeleteRetentionInDays | Should -Be $RetentionInDays
-    $kv.EnablePurgeProtection | Should -Be $true
+    $kv.EnablePurgeProtection | Should -BeIn @($false, $null)
     $kv.PublicNetworkAccess | Should -Be $PublicNetworkAccess
     $kv.AccessPolicies | Should -BeNullOrEmpty
     $kv.NetworkAcls.DefaultAction | Should -Be 'Deny'
     $kv.NetworkAcls.Bypass | Should -Be 'None'
-    if ( $IpAddressRanges -eq $null ) { $kv.NetworkAcls.IpAddressRanges | Should -BeNullOrEmpty }
+    if ( $null -eq $IpAddressRanges ) { $kv.NetworkAcls.IpAddressRanges | Should -BeNullOrEmpty }
     else {
         $kv.NetworkAcls.IpAddressRanges.Count | Should -Be $IpAddressRanges.Count
 

avm/ptn/data/private-analytical-workspace/tests/e2e/defaults/main.test.bicep

@@ -42,7 +42,12 @@ module testDeployment '../../../main.bicep' = [
     scope: resourceGroup
     name: '${uniqueString(deployment().name, enforcedLocation)}-test-${serviceShort}-${iteration}'
     params: {
-      name: '${namePrefix}${serviceShort}001'
+      name: '${namePrefix}${serviceShort}002'
+      advancedOptions: {
+        keyVault: {
+          enablePurgeProtection: false // For the purposes of the test, we disable purge protection
+        }
+      }
     }
   }
 ]

avm/ptn/data/private-analytical-workspace/tests/e2e/max/main.test.bicep

@@ -42,7 +42,7 @@ module testDeployment '../../../main.bicep' = [
     scope: resourceGroup
     name: '${uniqueString(deployment().name, enforcedLocation)}-test-${serviceShort}-${iteration}'
     params: {
-      name: '${namePrefix}${serviceShort}001'
+      name: '${namePrefix}${serviceShort}002'
       location: enforcedLocation
       tags: {
         Owner: 'Contoso MAX Team'
@@ -57,7 +57,7 @@ module testDeployment '../../../main.bicep' = [
           sku: 'standard'
           enableSoftDelete: false
           softDeleteRetentionInDays: 7
-          enablePurgeProtection: true
+          enablePurgeProtection: false // For the purposes of the test, we disable purge protection
         }
       }
     }

avm/ptn/data/private-analytical-workspace/tests/e2e/min-priv/main.test.bicep

@@ -42,12 +42,17 @@ module testDeployment '../../../main.bicep' = [
     scope: resourceGroup
     name: '${uniqueString(deployment().name, enforcedLocation)}-test-${serviceShort}-${iteration}'
     params: {
-      name: '${namePrefix}${serviceShort}001'
+      name: '${namePrefix}${serviceShort}002'
       tags: {
         Owner: 'Contoso'
         CostCenter: '123-456-789'
       }
       enableDatabricks: false
+      advancedOptions: {
+        keyVault: {
+          enablePurgeProtection: false // For the purposes of the test, we disable purge protection
+        }
+      }
     }
   }
 ]

avm/ptn/data/private-analytical-workspace/tests/e2e/min-pub/main.test.bicep

@@ -16,7 +16,7 @@ param resourceGroupName string = 'dep-${namePrefix}-data-privateanalyticalworksp
 var enforcedLocation = 'northeurope'
 
 @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
-param serviceShort string = 'dpawminpub'
+param serviceShort string = 'dpawminpu'
 
 @description('Optional. A token to inject into the name of each resource. This value can be automatically injected by the CI.')
 param namePrefix string = '#_namePrefix_#'
@@ -42,14 +42,17 @@ module testDeployment '../../../main.bicep' = [
     scope: resourceGroup
     name: '${uniqueString(deployment().name, enforcedLocation)}-test-${serviceShort}-${iteration}'
     params: {
-      name: '${namePrefix}${serviceShort}001'
+      name: '${namePrefix}${serviceShort}002'
       tags: {
         Owner: 'Contoso'
         CostCenter: '123-456-789'
       }
       enableDatabricks: false
       advancedOptions: {
         networkAcls: { ipRules: ['104.43.16.94'] }
+        keyVault: {
+          enablePurgeProtection: false // For the purposes of the test, we disable purge protection
+        }
       }
     }
   }

avm/ptn/data/private-analytical-workspace/tests/e2e/uc01-priv/main.test.bicep

@@ -16,7 +16,7 @@ param resourceGroupName string = 'dep-${namePrefix}-data-privateanalyticalworksp
 var enforcedLocation = 'northeurope'
 
 @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
-param serviceShort string = 'dpawuc01priv'
+param serviceShort string = 'dpawu1pr'
 
 @description('Optional. A token to inject into the name of each resource. This value can be automatically injected by the CI.')
 param namePrefix string = '#_namePrefix_#'
@@ -42,11 +42,16 @@ module testDeployment '../../../main.bicep' = [
     scope: resourceGroup
     name: '${uniqueString(deployment().name, enforcedLocation)}-test-${serviceShort}-${iteration}'
     params: {
-      name: '${namePrefix}${serviceShort}001'
+      name: '${namePrefix}${serviceShort}002'
       tags: {
         Owner: 'Contoso'
         CostCenter: '123-456-789'
       }
+      advancedOptions: {
+        keyVault: {
+          enablePurgeProtection: false // For the purposes of the test, we disable purge protection
+        }
+      }
       enableDatabricks: true
     }
   }

avm/ptn/data/private-analytical-workspace/tests/e2e/uc01-pub/main.test.bicep

@@ -16,7 +16,7 @@ param resourceGroupName string = 'dep-${namePrefix}-data-privateanalyticalworksp
 var enforcedLocation = 'northeurope'
 
 @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
-param serviceShort string = 'dpawuc01pub'
+param serviceShort string = 'dpawu1pu'
 
 @description('Optional. A token to inject into the name of each resource. This value can be automatically injected by the CI.')
 param namePrefix string = '#_namePrefix_#'
@@ -42,14 +42,17 @@ module testDeployment '../../../main.bicep' = [
     scope: resourceGroup
     name: '${uniqueString(deployment().name, enforcedLocation)}-test-${serviceShort}-${iteration}'
     params: {
-      name: '${namePrefix}${serviceShort}001'
+      name: '${namePrefix}${serviceShort}002'
       tags: {
         Owner: 'Contoso'
         CostCenter: '123-456-789'
       }
       enableDatabricks: true
       advancedOptions: {
         networkAcls: { ipRules: ['104.43.16.94'] }
+        keyVault: {
+          enablePurgeProtection: false // For the purposes of the test, we disable purge protection
+        }
       }
     }
   }

avm/ptn/data/private-analytical-workspace/tests/e2e/uc02-priv/main.test.bicep

@@ -16,7 +16,7 @@ param resourceGroupName string = 'dep-${namePrefix}-data-privateanalyticalworksp
 var enforcedLocation = 'northeurope'
 
 @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
-param serviceShort string = 'dpawuc02priv'
+param serviceShort string = 'dpawu2pr'
 
 @description('Optional. A token to inject into the name of each resource. This value can be automatically injected by the CI.')
 param namePrefix string = '#_namePrefix_#'
@@ -51,7 +51,7 @@ module testDeployment '../../../main.bicep' = [
     scope: resourceGroup
     name: '${uniqueString(deployment().name, enforcedLocation)}-test-${serviceShort}-${iteration}'
     params: {
-      name: '${namePrefix}${serviceShort}001'
+      name: '${namePrefix}${serviceShort}002'
       tags: {
         Owner: 'Contoso'
         CostCenter: '123-456-789'
@@ -66,6 +66,9 @@ module testDeployment '../../../main.bicep' = [
           subnetNameFrontend: last(split(nestedDependencies.outputs.subnetResourceIds[1], '/'))
           subnetNameBackend: last(split(nestedDependencies.outputs.subnetResourceIds[2], '/'))
         }
+        keyVault: {
+          enablePurgeProtection: false // For the purposes of the test, we disable purge protection
+        }
       }
     }
   }

avm/ptn/data/private-analytical-workspace/tests/e2e/uc02-pub/main.test.bicep

@@ -16,7 +16,7 @@ param resourceGroupName string = 'dep-${namePrefix}-data-privateanalyticalworksp
 var enforcedLocation = 'northeurope'
 
 @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
-param serviceShort string = 'dpawuc02pub'
+param serviceShort string = 'dpawu2pu'
 
 @description('Optional. A token to inject into the name of each resource. This value can be automatically injected by the CI.')
 param namePrefix string = '#_namePrefix_#'
@@ -51,7 +51,7 @@ module testDeployment '../../../main.bicep' = [
     scope: resourceGroup
     name: '${uniqueString(deployment().name, enforcedLocation)}-test-${serviceShort}-${iteration}'
     params: {
-      name: '${namePrefix}${serviceShort}001'
+      name: '${namePrefix}${serviceShort}002'
       tags: {
         Owner: 'Contoso'
         CostCenter: '123-456-789'
@@ -67,6 +67,9 @@ module testDeployment '../../../main.bicep' = [
           subnetNameFrontend: last(split(nestedDependencies.outputs.subnetResourceIds[1], '/'))
           subnetNameBackend: last(split(nestedDependencies.outputs.subnetResourceIds[2], '/'))
         }
+        keyVault: {
+          enablePurgeProtection: false // For the purposes of the test, we disable purge protection
+        }
       }
     }
   }

avm/ptn/data/private-analytical-workspace/tests/e2e/uc03-priv/main.test.bicep

@@ -16,7 +16,7 @@ param resourceGroupName string = 'dep-${namePrefix}-data-privateanalyticalworksp
 var enforcedLocation = 'northeurope'
 
 @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
-param serviceShort string = 'dpawuc03priv'
+param serviceShort string = 'dpawu3pr'
 
 @description('Optional. A token to inject into the name of each resource. This value can be automatically injected by the CI.')
 param namePrefix string = '#_namePrefix_#'
@@ -53,7 +53,7 @@ module testDeployment '../../../main.bicep' = [
     scope: resourceGroup
     name: '${uniqueString(deployment().name, enforcedLocation)}-test-${serviceShort}-${iteration}'
     params: {
-      name: '${namePrefix}${serviceShort}001'
+      name: '${namePrefix}${serviceShort}002'
       tags: {
         Owner: 'Contoso'
         CostCenter: '123-456-789'
@@ -70,6 +70,9 @@ module testDeployment '../../../main.bicep' = [
           subnetNameFrontend: last(split(nestedDependencies.outputs.subnetResourceIds[1], '/'))
           subnetNameBackend: last(split(nestedDependencies.outputs.subnetResourceIds[2], '/'))
         }
+        keyVault: {
+          enablePurgeProtection: false // For the purposes of the test, we disable purge protection
+        }
       }
     }
   }

avm/ptn/data/private-analytical-workspace/tests/e2e/uc03-pub/dependencies.bicep

@@ -237,6 +237,7 @@ module kv 'br/public:avm/res/key-vault/vault:0.7.0' = {
     name: keyVaultName
     // Non-required parameters
     location: location
+    enablePurgeProtection: false // For the purposes of the test, we disable purge protection
   }
 }
 

avm/ptn/data/private-analytical-workspace/tests/e2e/uc03-pub/main.test.bicep

@@ -16,7 +16,7 @@ param resourceGroupName string = 'dep-${namePrefix}-data-privateanalyticalworksp
 var enforcedLocation = 'northeurope'
 
 @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
-param serviceShort string = 'dpawuc03pub'
+param serviceShort string = 'dpawu3p'
 
 @description('Optional. A token to inject into the name of each resource. This value can be automatically injected by the CI.')
 param namePrefix string = '#_namePrefix_#'
@@ -39,7 +39,7 @@ module nestedDependencies 'dependencies.bicep' = {
     location: enforcedLocation
     virtualNetworkName: 'dep-${namePrefix}-vnet-${serviceShort}'
     logAnalyticsWorkspaceName: 'dep-${namePrefix}-law-${serviceShort}'
-    keyVaultName: 'dep-${namePrefix}-kv-${serviceShort}'
+    keyVaultName: 'dep-${namePrefix}-kv-${serviceShort}-1'
   }
 }
 
@@ -53,7 +53,7 @@ module testDeployment '../../../main.bicep' = [
     scope: resourceGroup
     name: '${uniqueString(deployment().name, enforcedLocation)}-test-${serviceShort}-${iteration}'
     params: {
-      name: '${namePrefix}${serviceShort}001'
+      name: '${namePrefix}${serviceShort}002'
       tags: {
         Owner: 'Contoso'
         CostCenter: '123-456-789'

avm/ptn/data/private-analytical-workspace/tests/e2e/waf-aligned/main.test.bicep

@@ -42,7 +42,7 @@ module testDeployment '../../../main.bicep' = [
     scope: resourceGroup
     name: '${uniqueString(deployment().name, enforcedLocation)}-test-${serviceShort}-${iteration}'
     params: {
-      name: '${namePrefix}${serviceShort}001'
+      name: '${namePrefix}${serviceShort}002'
       location: enforcedLocation
       tags: {
         'hidden-title': 'This is visible in the resource name'
@@ -58,7 +58,7 @@ module testDeployment '../../../main.bicep' = [
           sku: 'standard'
           enableSoftDelete: true
           softDeleteRetentionInDays: 90
-          enablePurgeProtection: true
+          enablePurgeProtection: false // For the purposes of the test, we disable purge protection
         }
       }
     }

avm/ptn/deployment-script/import-image-to-acr/README.md

@@ -550,7 +550,7 @@ This section gives you an overview of all local-referenced module files (i.e., o
 
 | Reference | Type |
 | :-- | :-- |
-| `br/public:avm/res/resources/deployment-script:0.4.0` | Remote reference |
+| `br/public:avm/res/resources/deployment-script:0.5.0` | Remote reference |
 | `br/public:avm/utl/types/avm-common-types:0.2.1` | Remote reference |
 
 ## Notes

avm/ptn/deployment-script/import-image-to-acr/main.bicep

@@ -160,17 +160,16 @@ resource acrRoleAssignmentNewManagedIdentity 'Microsoft.Authorization/roleAssign
   }
 }
 
-module imageImport 'br/public:avm/res/resources/deployment-script:0.4.0' = {
+module imageImport 'br/public:avm/res/resources/deployment-script:0.5.0' = {
   name: name ?? 'ACR-Import-${last(split(replace(image,':','-'),'/'))}'
   scope: resourceGroup()
   params: {
     name: name
     location: location
     tags: tags
     managedIdentities: useExistingManagedIdentity
-      // ? managedIdentities // once the referenced module is using the common type
-      ? { userAssignedResourcesIds: managedIdentities.?userAssignedResourceIds! }
-      : { userAssignedResourcesIds: [newManagedIdentity.id] }
+      ? managedIdentities
+      : { userAssignedResourceIds: [newManagedIdentity.id] }
     kind: 'AzureCLI'
     runOnce: runOnce
     azCliVersion: '2.63.0' // available tags are listed here: https://mcr.microsoft.com/v2/azure-cli/tags/list