feat: additional parameters for anf (#2695)

## Description
Additional parameters for NetApp - 

- Active Directory encryption, Kerberos, ldapoverTLS
- Volumes - Cool Access, Zones, replication, 
- Backup Policies, Vaults & backups


<!--
>Thank you for your contribution !
> Please include a summary of the change and which issue is fixed.
> Please also include the context.
> List any dependencies that are required for this change.

Fixes #123
Fixes #456
Closes #123
Closes #456
-->

## Pipeline Reference

<!-- Insert your Pipeline Status Badge below -->


| Pipeline |
| -------- |
|
[![avm.res.net-app.net-app-account](https://github.com/bobmclane999/bicep-registry-modules/actions/workflows/avm.res.net-app.net-app-account.yml/badge.svg?branch=feat--additional-parameters-for-ANF)](https://github.com/bobmclane999/bicep-registry-modules/actions/workflows/avm.res.net-app.net-app-account.yml)
|

## Type of Change

<!-- Use the checkboxes [x] on the options that are relevant. -->

- [ ] Update to CI Environment or utilities (Non-module affecting
changes)
- [x] Azure Verified Module updates:
- [ ] Bugfix containing backwards-compatible bug fixes, and I have NOT
bumped the MAJOR or MINOR version in `version.json`:
- [ ] Someone has opened a bug report issue, and I have included "Closes
#{bug_report_issue_number}" in the PR description.
- [ ] The bug was found by the module author, and no one has opened an
issue to report it yet.
- [ ] Feature update backwards compatible feature updates, and I have
bumped the MINOR version in `version.json`.
- [ ] Breaking changes and I have bumped the MAJOR version in
`version.json`.
  - [ ] Update to documentation

## Checklist

- [x] I'm sure there are no other open Pull Requests for the same
update/change
- [x] I have run `Set-AVMModule` locally to generate the supporting
module files.
- [x] My corresponding pipelines / checks run clean and green without
any errors or warnings

<!-- Please keep up to date with the contribution guide at
https://aka.ms/avm/contribute/bicep -->

---------

Co-authored-by: Jack Tracey <[email protected]>
Co-authored-by: Erika Gressi <[email protected]>

avm/res/net-app/net-app-account/README.md

@@ -18,6 +18,9 @@ This module deploys an Azure NetApp File.
 | `Microsoft.Authorization/locks` | [2020-05-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2020-05-01/locks) |
 | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) |
 | `Microsoft.NetApp/netAppAccounts` | [2023-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.NetApp/2023-07-01/netAppAccounts) |
+| `Microsoft.NetApp/netAppAccounts/backupPolicies` | [2023-11-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.NetApp/2023-11-01/netAppAccounts/backupPolicies) |
+| `Microsoft.NetApp/netAppAccounts/backupVaults` | [2023-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.NetApp/2023-05-01-preview/netAppAccounts/backupVaults) |
+| `Microsoft.NetApp/netAppAccounts/backupVaults/backups` | [2023-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.NetApp/2023-05-01-preview/netAppAccounts/backupVaults/backups) |
 | `Microsoft.NetApp/netAppAccounts/capacityPools` | [2023-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.NetApp/2023-07-01/netAppAccounts/capacityPools) |
 | `Microsoft.NetApp/netAppAccounts/capacityPools/volumes` | [2023-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.NetApp/2023-07-01/netAppAccounts/capacityPools/volumes) |
 
@@ -685,6 +688,7 @@ module netAppAccount 'br/public:avm/res/net-app/net-app-account:<version>' = {
 
 | Parameter | Type | Description |
 | :-- | :-- | :-- |
+| [`adName`](#parameter-adname) | string | Name of the active directory host as part of Kerberos Realm used for Kerberos authentication. |
 | [`aesEncryption`](#parameter-aesencryption) | bool | Enable AES encryption on the SMB Server. |
 | [`capacityPools`](#parameter-capacitypools) | array | Capacity pools to create. |
 | [`customerManagedKey`](#parameter-customermanagedkey) | object | The customer managed key definition. |
@@ -694,11 +698,15 @@ module netAppAccount 'br/public:avm/res/net-app/net-app-account:<version>' = {
 | [`domainJoinUser`](#parameter-domainjoinuser) | string | Required if domainName is specified. Username of Active Directory domain administrator, with permissions to create SMB server machine account in the AD domain. |
 | [`domainName`](#parameter-domainname) | string | Fully Qualified Active Directory DNS Domain Name (e.g. 'contoso.com'). |
 | [`enableTelemetry`](#parameter-enabletelemetry) | bool | Enable/Disable usage telemetry for module. |
+| [`encryptDCConnections`](#parameter-encryptdcconnections) | bool | Specifies whether encryption should be used for communication between SMB server and domain controller (DC). SMB3 only. |
+| [`kdcIP`](#parameter-kdcip) | string | Kerberos Key Distribution Center (KDC) as part of Kerberos Realm used for Kerberos authentication. |
+| [`ldapOverTLS`](#parameter-ldapovertls) | bool | Specifies whether to use TLS when NFS (with/without Kerberos) and SMB volumes communicate with an LDAP server. A server root CA certificate must be uploaded if enabled (serverRootCACertificate). |
 | [`ldapSigning`](#parameter-ldapsigning) | bool | Specifies whether or not the LDAP traffic needs to be signed. |
 | [`location`](#parameter-location) | string | Location for all resources. |
 | [`lock`](#parameter-lock) | object | The lock settings of the service. |
 | [`managedIdentities`](#parameter-managedidentities) | object | The managed identity definition for this resource. |
 | [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignments to create. |
+| [`serverRootCACertificate`](#parameter-serverrootcacertificate) | string | A server Root certificate is required of ldapOverTLS is enabled. |
 | [`smbServerNamePrefix`](#parameter-smbservernameprefix) | string | Required if domainName is specified. NetBIOS name of the SMB server. A computer account with this prefix will be registered in the AD and used to mount volumes. |
 | [`tags`](#parameter-tags) | object | Tags for all resources. |
 
@@ -709,6 +717,14 @@ The name of the NetApp account.
 - Required: Yes
 - Type: string
 
+### Parameter: `adName`
+
+Name of the active directory host as part of Kerberos Realm used for Kerberos authentication.
+
+- Required: No
+- Type: string
+- Default: `''`
+
 ### Parameter: `aesEncryption`
 
 Enable AES encryption on the SMB Server.
@@ -822,6 +838,30 @@ Enable/Disable usage telemetry for module.
 - Type: bool
 - Default: `True`
 
+### Parameter: `encryptDCConnections`
+
+Specifies whether encryption should be used for communication between SMB server and domain controller (DC). SMB3 only.
+
+- Required: No
+- Type: bool
+- Default: `False`
+
+### Parameter: `kdcIP`
+
+Kerberos Key Distribution Center (KDC) as part of Kerberos Realm used for Kerberos authentication.
+
+- Required: No
+- Type: string
+- Default: `''`
+
+### Parameter: `ldapOverTLS`
+
+Specifies whether to use TLS when NFS (with/without Kerberos) and SMB volumes communicate with an LDAP server. A server root CA certificate must be uploaded if enabled (serverRootCACertificate).
+
+- Required: No
+- Type: bool
+- Default: `False`
+
 ### Parameter: `ldapSigning`
 
 Specifies whether or not the LDAP traffic needs to be signed.
@@ -983,6 +1023,14 @@ The principal type of the assigned principal ID.
   ]
   ```
 
+### Parameter: `serverRootCACertificate`
+
+A server Root certificate is required of ldapOverTLS is enabled.
+
+- Required: No
+- Type: string
+- Default: `''`
+
 ### Parameter: `smbServerNamePrefix`
 
 Required if domainName is specified. NetBIOS name of the SMB server. A computer account with this prefix will be registered in the AD and used to mount volumes.
@@ -1007,6 +1055,7 @@ Tags for all resources.
 | `name` | string | The name of the NetApp account. |
 | `resourceGroupName` | string | The name of the Resource Group the NetApp account was created in. |
 | `resourceId` | string | The Resource ID of the NetApp account. |
+| `volumeResourceId` | string | The resource IDs of the volume created in the capacity pool. |
 
 ## Cross-referenced modules
 

avm/res/net-app/net-app-account/capacity-pool/README.md

@@ -15,6 +15,9 @@ This module deploys an Azure NetApp Files Capacity Pool.
 | Resource Type | API Version |
 | :-- | :-- |
 | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) |
+| `Microsoft.NetApp/netAppAccounts/backupPolicies` | [2023-11-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.NetApp/2023-11-01/netAppAccounts/backupPolicies) |
+| `Microsoft.NetApp/netAppAccounts/backupVaults` | [2023-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.NetApp/2023-05-01-preview/netAppAccounts/backupVaults) |
+| `Microsoft.NetApp/netAppAccounts/backupVaults/backups` | [2023-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.NetApp/2023-05-01-preview/netAppAccounts/backupVaults/backups) |
 | `Microsoft.NetApp/netAppAccounts/capacityPools` | [2023-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.NetApp/2023-07-01/netAppAccounts/capacityPools) |
 | `Microsoft.NetApp/netAppAccounts/capacityPools/volumes` | [2023-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.NetApp/2023-07-01/netAppAccounts/capacityPools/volumes) |
 
@@ -25,6 +28,7 @@ This module deploys an Azure NetApp Files Capacity Pool.
 | Parameter | Type | Description |
 | :-- | :-- | :-- |
 | [`name`](#parameter-name) | string | The name of the capacity pool. |
+| [`networkFeatures`](#parameter-networkfeatures) | string | Network features available to the volume, or current state of update (Basic/Standard). |
 | [`size`](#parameter-size) | int | Provisioned size of the pool (in bytes). Allowed values are in 4TiB chunks (value must be multiply of 4398046511104). |
 
 **Conditional parameters**
@@ -53,6 +57,14 @@ The name of the capacity pool.
 - Required: Yes
 - Type: string
 
+### Parameter: `networkFeatures`
+
+Network features available to the volume, or current state of update (Basic/Standard).
+
+- Required: No
+- Type: string
+- Default: `'Standard'`
+
 ### Parameter: `size`
 
 Provisioned size of the pool (in bytes). Allowed values are in 4TiB chunks (value must be multiply of 4398046511104).
@@ -243,6 +255,7 @@ List of volumnes to create in the capacity pool.
 | `name` | string | The name of the Capacity Pool. |
 | `resourceGroupName` | string | The name of the Resource Group the Capacity Pool was created in. |
 | `resourceId` | string | The resource ID of the Capacity Pool. |
+| `volumeResourceId` | string | The resource IDs of the volume created in the capacity pool. |
 
 ## Cross-referenced modules
 

avm/res/net-app/net-app-account/capacity-pool/main.bicep

@@ -23,6 +23,9 @@ param tags object?
 ])
 param serviceLevel string = 'Standard'
 
+@description('Required. Network features available to the volume, or current state of update (Basic/Standard).')
+param networkFeatures string = 'Standard'
+
 @description('Required. Provisioned size of the pool (in bytes). Allowed values are in 4TiB chunks (value must be multiply of 4398046511104).')
 param size int
 
@@ -99,6 +102,28 @@ module capacityPool_volumes 'volume/main.bicep' = [
       roleAssignments: contains(volume, 'roleAssignments') ? volume.roleAssignments : []
       networkFeatures: volume.?networkFeatures
       zones: volume.?zones
+      coolAccess: contains(volume, 'coolAccess') ? volume.coolAccess : false
+      coolAccessRetrievalPolicy: contains(volume, 'coolAccessRetrievalPolicy')
+        ? volume.coolAccessRetrievalPolicy
+        : 'Default'
+      coolnessPeriod: contains(volume, 'coolnessPeriod') ? volume.coolnessPeriod : 0
+      endpointType: contains(volume, 'endpointType') ? volume.endpointType : ''
+      remoteVolumeRegion: contains(volume, 'remoteVolumeRegion') ? volume.remoteVolumeRegion : ''
+      remoteVolumeResourceId: contains(volume, 'remoteVolumeResourceId') ? volume.remoteVolumeResourceId : ''
+      replicationSchedule: contains(volume, 'replicationSchedule') ? volume.replicationSchedule : ''
+      backupPolicyName: contains(volume, 'backupPolicyName') ? volume.backupPolicyName : 'backupPolicy'
+      backupPolicyLocation: contains(volume, 'backupPolicyLocation') ? volume.backupPolicyLocation : ''
+      dailyBackupsToKeep: contains(volume, 'dailyBackupsToKeep') ? volume.dailyBackupsToKeep : 0
+      backupEnabled: contains(volume, 'backupEnabled') ? volume.backupEnabled : false
+      monthlyBackupsToKeep: contains(volume, 'monthlyBackupsToKeep') ? volume.monthlyBackupsToKeep : 0
+      weeklyBackupsToKeep: contains(volume, 'weeklyBackupsToKeep') ? volume.weeklyBackupsToKeep : 0
+      backupVaultName: contains(volume, 'backupVaultName') ? volume.backupVaultName : 'vault'
+      backupVaultLocation: contains(volume, 'backupVaultLocation') ? volume.backupVaultLocation : ''
+      backupName: contains(volume, 'backupName') ? volume.backupName : 'backup'
+      backupLabel: contains(volume, 'backupLabel') ? volume.backupLabel : ''
+      snapshotName: contains(volume, 'snapshotName') ? volume.snapshotName : 'snapshot'
+      useExistingSnapshot: contains(volume, 'useExistingSnapshot') ? volume.useExistingSnapshot : false
+      volumeResourceId: contains(volume, 'volumeResourceId') ? volume.volumeResourceId : ''
     }
   }
 ]
@@ -135,6 +160,9 @@ output resourceGroupName string = resourceGroup().name
 @description('The location the resource was deployed into.')
 output location string = capacityPool.location
 
+@description('The resource IDs of the volume created in the capacity pool.')
+output volumeResourceId string = (volumes != []) ? capacityPool_volumes[0].outputs.resourceId : ''
+
 // =============== //
 //   Definitions   //
 // =============== //