From f60885b8c0e550d997c026de838763342c83eda0 Mon Sep 17 00:00:00 2001 From: oliverlabs <70239916+oliverlabs@users.noreply.github.com> Date: Wed, 30 Aug 2023 16:14:29 +0100 Subject: [PATCH] updated bicep api versions --- bicep/acragentpool.bicep | 2 +- bicep/aksagentpool.bicep | 2 +- bicep/aksnetcontrib.bicep | 2 +- bicep/appgw.bicep | 10 +++++----- bicep/automationrunbook/aksRbac.bicep | 2 +- bicep/automationrunbook/automation.bicep | 2 +- bicep/firewall.bicep | 10 +++++----- bicep/keyvault.bicep | 2 +- bicep/main.bicep | 22 +++++++++++----------- bicep/network.bicep | 18 +++++++++--------- bicep/networkwatcherflowlog.bicep | 2 +- bicep/nsg.bicep | 4 ++-- 12 files changed, 39 insertions(+), 39 deletions(-) diff --git a/bicep/acragentpool.bicep b/bicep/acragentpool.bicep index 2b45b0e65..8d7a70848 100644 --- a/bicep/acragentpool.bicep +++ b/bicep/acragentpool.bicep @@ -2,7 +2,7 @@ param location string = resourceGroup().location param acrName string param acrPoolSubnetId string = '' -resource acr 'Microsoft.ContainerRegistry/registries@2023-01-01-preview' existing = { +resource acr 'Microsoft.ContainerRegistry/registries@2022-12-01' existing = { name: acrName } diff --git a/bicep/aksagentpool.bicep b/bicep/aksagentpool.bicep index 6fba74382..1879732e7 100644 --- a/bicep/aksagentpool.bicep +++ b/bicep/aksagentpool.bicep @@ -51,7 +51,7 @@ param autoTaintWindows bool = false var taints = autoTaintWindows ? union(nodeTaints, ['sku=Windows:NoSchedule']) : nodeTaints -resource aks 'Microsoft.ContainerService/managedClusters@2021-10-01' existing = { +resource aks 'Microsoft.ContainerService/managedClusters@2023-05-01' existing = { name: AksName } diff --git a/bicep/aksnetcontrib.bicep b/bicep/aksnetcontrib.bicep index 04426dd40..92163d127 100644 --- a/bicep/aksnetcontrib.bicep +++ b/bicep/aksnetcontrib.bicep @@ -17,7 +17,7 @@ var existingAksPodSubnetName = !empty(byoAKSPodSubnetId) ? split(byoAKSPodSubnet var existingAksSubnetName = !empty(byoAKSSubnetId) ? split(byoAKSSubnetId, '/')[10] : '' var existingAksVnetName = !empty(byoAKSSubnetId) ? split(byoAKSSubnetId, '/')[8] : '' -resource existingvnet 'Microsoft.Network/virtualNetworks@2022-07-01' existing = { +resource existingvnet 'Microsoft.Network/virtualNetworks@2023-04-01' existing = { name: existingAksVnetName } resource existingAksSubnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' existing = { diff --git a/bicep/appgw.bicep b/bicep/appgw.bicep index 263d20f86..0c2fada4e 100644 --- a/bicep/appgw.bicep +++ b/bicep/appgw.bicep @@ -11,7 +11,7 @@ param appGWmaxCount int var appgwName = 'agw-${resourceName}' var appgwResourceId = resourceId('Microsoft.Network/applicationGateways', '${appgwName}') -resource appgwpip 'Microsoft.Network/publicIPAddresses@2020-07-01' = { +resource appgwpip 'Microsoft.Network/publicIPAddresses@2023-04-01' = { name: 'pip-agw-${resourceName}' location: location sku: { @@ -131,7 +131,7 @@ var appGwZones = !empty(availabilityZones) ? availabilityZones : [] // 'identity' is always set until this is fixed: // https://github.com/Azure/bicep/issues/387#issuecomment-885671296 -resource appgw 'Microsoft.Network/applicationGateways@2020-07-01' = if (!empty(userAssignedIdentity)) { +resource appgw 'Microsoft.Network/applicationGateways@2023-04-01' = if (!empty(userAssignedIdentity)) { name: appgwName location: location zones: appGwZones @@ -147,7 +147,7 @@ resource appgw 'Microsoft.Network/applicationGateways@2020-07-01' = if (!empty(u param agicPrincipleId string var contributor = subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c') // https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-template#new-service-principal -resource appGwAGICContrib 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = { +resource appGwAGICContrib 'Microsoft.Authorization/roleAssignments@2022-04-01' = { scope: appgw name: guid(resourceGroup().id, appgwName, 'appgwcont') properties: { @@ -158,7 +158,7 @@ resource appGwAGICContrib 'Microsoft.Authorization/roleAssignments@2020-04-01-pr } var reader = subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'acdd72a7-3385-48ef-bd42-f606fba81ae7') -resource appGwAGICRGReader 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = { +resource appGwAGICRGReader 'Microsoft.Authorization/roleAssignments@2022-04-01' = { scope: resourceGroup() name: guid(resourceGroup().id, appgwName, 'rgread') properties: { @@ -189,7 +189,7 @@ var diagProperties = { } ] } -resource appgw_Diag 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (!empty(workspaceId)) { +resource appgw_Diag 'Microsoft.Insights/diagnosticSettings@2016-09-01' = if (!empty(workspaceId)) { scope: appgw name: 'appgwDiag' properties: diagProperties diff --git a/bicep/automationrunbook/aksRbac.bicep b/bicep/automationrunbook/aksRbac.bicep index 79dc82a1d..ade16d319 100644 --- a/bicep/automationrunbook/aksRbac.bicep +++ b/bicep/automationrunbook/aksRbac.bicep @@ -1,7 +1,7 @@ param principalId string param aksName string -resource aks 'Microsoft.ContainerService/managedClusters@2023-03-02-preview' existing = { +resource aks 'Microsoft.ContainerService/managedClusters@2023-05-01' existing = { name: aksName } diff --git a/bicep/automationrunbook/automation.bicep b/bicep/automationrunbook/automation.bicep index 71054dca8..d7a399afd 100644 --- a/bicep/automationrunbook/automation.bicep +++ b/bicep/automationrunbook/automation.bicep @@ -125,7 +125,7 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2022-08-08' } } -resource automationAccountDiagLogging 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if(!empty(loganalyticsWorkspaceId)) { +resource automationAccountDiagLogging 'Microsoft.Insights/diagnosticSettings@2016-09-01' = if(!empty(loganalyticsWorkspaceId)) { name: 'diags' scope: automationAccount properties: { diff --git a/bicep/firewall.bicep b/bicep/firewall.bicep index e0b0e74ef..bb9aa5ab9 100644 --- a/bicep/firewall.bicep +++ b/bicep/firewall.bicep @@ -25,7 +25,7 @@ var managementIpConfig = { } } -resource fw_pip 'Microsoft.Network/publicIPAddresses@2022-07-01' = { +resource fw_pip 'Microsoft.Network/publicIPAddresses@2023-04-01' = { name: firewallPublicIpName location: location sku: { @@ -38,7 +38,7 @@ resource fw_pip 'Microsoft.Network/publicIPAddresses@2022-07-01' = { } } -resource fwManagementIp_pip 'Microsoft.Network/publicIPAddresses@2022-07-01' = if(fwSku=='Basic') { +resource fwManagementIp_pip 'Microsoft.Network/publicIPAddresses@2023-04-01' = if(fwSku=='Basic') { name: firewallManagementPublicIpName location: location sku: { @@ -51,7 +51,7 @@ resource fwManagementIp_pip 'Microsoft.Network/publicIPAddresses@2022-07-01' = i } } -resource fwDiags 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (!empty(workspaceDiagsId)) { +resource fwDiags 'Microsoft.Insights/diagnosticSettings@2016-09-01' = if (!empty(workspaceDiagsId)) { scope: fw name: 'fwDiags' properties: { @@ -91,7 +91,7 @@ resource fwDiags 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if param appDnsZoneName string = '' var fw_name = 'afw-${resourceName}' -resource fw 'Microsoft.Network/azureFirewalls@2022-01-01' = { +resource fw 'Microsoft.Network/azureFirewalls@2023-04-01' = { name: fw_name location: location zones: !empty(availabilityZones) ? availabilityZones : [] @@ -122,7 +122,7 @@ resource fw 'Microsoft.Network/azureFirewalls@2022-01-01' = { } } -resource fwPolicy 'Microsoft.Network/firewallPolicies@2022-01-01' = { +resource fwPolicy 'Microsoft.Network/firewallPolicies@2023-04-01' = { name: 'afwp-${resourceName}' location: location properties: { diff --git a/bicep/keyvault.bicep b/bicep/keyvault.bicep index 2ba5b82aa..8a73cda71 100644 --- a/bicep/keyvault.bicep +++ b/bicep/keyvault.bicep @@ -55,7 +55,7 @@ resource kv 'Microsoft.KeyVault/vaults@2022-07-01' = { } } -resource kvDiags 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (!empty(logAnalyticsWorkspaceId)) { +resource kvDiags 'Microsoft.Insights/diagnosticSettings@2016-09-01' = if (!empty(logAnalyticsWorkspaceId)) { name: 'kvDiags' scope: kv properties: { diff --git a/bicep/main.bicep b/bicep/main.bicep index b7b8af46c..bdc173737 100644 --- a/bicep/main.bicep +++ b/bicep/main.bicep @@ -410,7 +410,7 @@ param acrUntaggedRetentionPolicy int = 30 var acrName = 'cr${replace(resourceName, '-', '')}${uniqueString(resourceGroup().id, resourceName)}' -resource acr 'Microsoft.ContainerRegistry/registries@2023-01-01-preview' = if (!empty(registries_sku)) { +resource acr 'Microsoft.ContainerRegistry/registries@2022-12-01' = if (!empty(registries_sku)) { name: acrName location: location sku: { @@ -449,7 +449,7 @@ output containerRegistryName string = !empty(registries_sku) ? acr.name : '' output containerRegistryId string = !empty(registries_sku) ? acr.id : '' -resource acrDiags 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (createLaw && !empty(registries_sku)) { +resource acrDiags 'Microsoft.Insights/diagnosticSettings@2016-09-01' = if (createLaw && !empty(registries_sku)) { name: 'acrDiags' scope: acr properties: { @@ -622,7 +622,7 @@ resource appGwIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01 var appgwName = 'agw-${resourceName}' var appgwResourceId = deployAppGw ? resourceId('Microsoft.Network/applicationGateways', '${appgwName}') : '' -resource appgwpip 'Microsoft.Network/publicIPAddresses@2022-07-01' = if (deployAppGw) { +resource appgwpip 'Microsoft.Network/publicIPAddresses@2023-04-01' = if (deployAppGw) { name: 'pip-agw-${resourceName}' location: location sku: { @@ -761,7 +761,7 @@ var appgwProperties = union({ } : {}) // 'identity' is always set until this is fixed: https://github.com/Azure/bicep/issues/387#issuecomment-885671296 -resource appgw 'Microsoft.Network/applicationGateways@2022-07-01' = if (deployAppGw) { +resource appgw 'Microsoft.Network/applicationGateways@2023-04-01' = if (deployAppGw) { name: appgwName location: location zones: !empty(availabilityZones) ? availabilityZones : [] @@ -812,7 +812,7 @@ resource appGwAGICMIOp 'Microsoft.Authorization/roleAssignments@2022-04-01' = if } // AppGW Diagnostics -resource appgw_Diag 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (createLaw && deployAppGw) { +resource appgw_Diag 'Microsoft.Insights/diagnosticSettings@2016-09-01' = if (createLaw && deployAppGw) { scope: appgw name: 'appgwDiag' properties: { @@ -1336,7 +1336,7 @@ keyVaultKmsCreateAndPrereqs || !empty(keyVaultKmsByoKeyId) ? azureKeyVaultKms : !empty(serviceMeshProfile) ? { serviceMeshProfile: serviceMeshProfileObj } : {} ) -resource aks 'Microsoft.ContainerService/managedClusters@2023-05-02-preview' = { +resource aks 'Microsoft.ContainerService/managedClusters@2023-05-01' = { name: 'aks-${resourceName}' location: location properties: aksProperties @@ -1532,7 +1532,7 @@ param AksDiagCategories array = [ @description('Enable SysLogs and send to log analytics') param enableSysLog bool = false -resource AksDiags 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (createLaw && omsagent) { +resource AksDiags 'Microsoft.Insights/diagnosticSettings@2016-09-01' = if (createLaw && omsagent) { name: 'aksDiags' scope: aks properties: { @@ -1550,7 +1550,7 @@ resource AksDiags 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = } } -resource sysLog 'Microsoft.Insights/dataCollectionRules@2022-06-01' = if (createLaw && omsagent && enableSysLog) { +resource sysLog 'Microsoft.Insights/dataCollectionRules@2021-04-01' = if (createLaw && omsagent && enableSysLog) { name: 'MSCI-${location}-${aks.name}' location: location kind: 'Linux' @@ -1633,7 +1633,7 @@ resource sysLog 'Microsoft.Insights/dataCollectionRules@2022-06-01' = if (create } } -resource association 'Microsoft.Insights/dataCollectionRuleAssociations@2022-06-01' = if (createLaw && omsagent && enableSysLog) { +resource association 'Microsoft.Insights/dataCollectionRuleAssociations@2021-04-01' = if (createLaw && omsagent && enableSysLog) { name: '${aks.name}-${aks_law.name}-association' scope: aks properties: { @@ -1739,7 +1739,7 @@ output LogAnalyticsId string = (createLaw) ? aks_law.id : '' @description('Create an Event Grid System Topic for AKS events') param createEventGrid bool = false -resource eventGrid 'Microsoft.EventGrid/systemTopics@2021-12-01' = if(createEventGrid) { +resource eventGrid 'Microsoft.EventGrid/systemTopics@2022-06-15' = if(createEventGrid) { name: 'evgt-${aks.name}' location: location identity: { @@ -1753,7 +1753,7 @@ resource eventGrid 'Microsoft.EventGrid/systemTopics@2021-12-01' = if(createEven output eventGridName string = createEventGrid ? eventGrid.name : '' -resource eventGridDiags 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (createLaw && createEventGrid) { +resource eventGridDiags 'Microsoft.Insights/diagnosticSettings@2016-09-01' = if (createLaw && createEventGrid) { name: 'eventGridDiags' scope: eventGrid properties: { diff --git a/bicep/network.bicep b/bicep/network.bicep index 81fe61d80..a9a03ecbc 100644 --- a/bicep/network.bicep +++ b/bicep/network.bicep @@ -120,7 +120,7 @@ var fwmgmt_subnet = { } var routeFwTableName = 'rt-afw-${resourceName}' -resource vnet_udr 'Microsoft.Network/routeTables@2022-07-01' = if (azureFirewalls) { +resource vnet_udr 'Microsoft.Network/routeTables@2023-04-01' = if (azureFirewalls) { name: routeFwTableName location: location properties: { @@ -206,7 +206,7 @@ var subnets = union( output debugSubnets array = subnets var vnetName = 'vnet-${resourceName}' -resource vnet 'Microsoft.Network/virtualNetworks@2022-07-01' = { +resource vnet 'Microsoft.Network/virtualNetworks@2023-04-01' = { name: vnetName location: location properties: { @@ -239,7 +239,7 @@ module aks_vnet_con 'networksubnetrbac.bicep' = if (!empty(aksPrincipleId)) { /* -------------------------------------------------------------------------- Private Link for ACR */ var privateLinkAcrName = 'pl-acr-${resourceName}' -resource privateLinkAcr 'Microsoft.Network/privateEndpoints@2021-08-01' = if (!empty(privateLinkAcrId)) { +resource privateLinkAcr 'Microsoft.Network/privateEndpoints@2023-04-01' = if (!empty(privateLinkAcrId)) { name: privateLinkAcrName location: location properties: { @@ -297,7 +297,7 @@ resource privateDnsAcrZoneGroup 'Microsoft.Network/privateEndpoints/privateDnsZo /* -------------------------------------------------------------------------- Private Link for KeyVault */ var privateLinkAkvName = 'pl-akv-${resourceName}' -resource privateLinkAkv 'Microsoft.Network/privateEndpoints@2021-08-01' = if (!empty(privateLinkAkvId)) { +resource privateLinkAkv 'Microsoft.Network/privateEndpoints@2023-04-01' = if (!empty(privateLinkAkvId)) { name: privateLinkAkvName location: location properties: { @@ -361,7 +361,7 @@ var publicIpAddressName = 'pip-${bastionHostName}' ]) param bastionSku string = 'Standard' -resource bastionPip 'Microsoft.Network/publicIPAddresses@2022-07-01' = if(bastion) { +resource bastionPip 'Microsoft.Network/publicIPAddresses@2023-04-01' = if(bastion) { name: publicIpAddressName location: location sku: { @@ -373,7 +373,7 @@ resource bastionPip 'Microsoft.Network/publicIPAddresses@2022-07-01' = if(bastio } } -resource bastionHost 'Microsoft.Network/bastionHosts@2022-11-01' = if(bastion) { +resource bastionHost 'Microsoft.Network/bastionHosts@2023-04-01' = if(bastion) { name: bastionHostName location: location sku: { @@ -405,7 +405,7 @@ resource log 'Microsoft.OperationalInsights/workspaces@2022-10-01' existing = if param CreateNsgFlowLogs bool = false var flowLogStorageName = take(replace(toLower('stflow${resourceName}${uniqueString(resourceGroup().id, resourceName)}'),'-',''),24) -resource flowLogStor 'Microsoft.Storage/storageAccounts@2021-08-01' = if(CreateNsgFlowLogs && networkSecurityGroups) { +resource flowLogStor 'Microsoft.Storage/storageAccounts@2022-09-01' = if(CreateNsgFlowLogs && networkSecurityGroups) { name: flowLogStorageName kind: 'StorageV2' sku: { @@ -505,7 +505,7 @@ module nsgPrivateLinks 'nsg.bicep' = if(privateLinks && networkSecurityGroups) { ] } -resource natGwIp 'Microsoft.Network/publicIPAddresses@2021-08-01' = [for i in range(0, natGatewayPublicIps): if(natGateway) { +resource natGwIp 'Microsoft.Network/publicIPAddresses@2023-04-01' = [for i in range(0, natGatewayPublicIps): if(natGateway) { name: 'pip-${natGwName}-${i+1}' location: location sku: { @@ -521,7 +521,7 @@ output natGwIpArr array = [for i in range(0, natGatewayPublicIps): natGateway ? var natGwName = 'ng-${resourceName}' -resource natGw 'Microsoft.Network/natGateways@2021-08-01' = if(natGateway) { +resource natGw 'Microsoft.Network/natGateways@2023-04-01' = if(natGateway) { name: natGwName location: location sku: { diff --git a/bicep/networkwatcherflowlog.bicep b/bicep/networkwatcherflowlog.bicep index 2649ef163..913af7a5a 100644 --- a/bicep/networkwatcherflowlog.bicep +++ b/bicep/networkwatcherflowlog.bicep @@ -12,7 +12,7 @@ param workspaceId string = '' param workspaceResourceId string = '' param workspaceRegion string = resourceGroup().location -resource networkWatcher 'Microsoft.Network/networkWatchers@2022-01-01' = { +resource networkWatcher 'Microsoft.Network/networkWatchers@2023-04-01' = { name: 'NetworkWatcher_${location}' location: location properties: {} diff --git a/bicep/nsg.bicep b/bicep/nsg.bicep index f021eb645..501f0094b 100644 --- a/bicep/nsg.bicep +++ b/bicep/nsg.bicep @@ -6,7 +6,7 @@ param workspaceRegion string = resourceGroup().location var nsgName = 'nsg-${resourceName}' -resource nsg 'Microsoft.Network/networkSecurityGroups@2022-11-01' = { +resource nsg 'Microsoft.Network/networkSecurityGroups@2023-04-01' = { name: nsgName location: location } @@ -243,7 +243,7 @@ param NsgDiagnosticCategories array = [ 'NetworkSecurityGroupRuleCounter' ] -resource nsgDiags 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (!empty(workspaceResourceId)) { +resource nsgDiags 'Microsoft.Insights/diagnosticSettings@2016-09-01' = if (!empty(workspaceResourceId)) { name: 'diags-${nsgName}' scope: nsg properties: {