diff --git a/.github/actions/templates/avm-getWorkflowInput/action.yml b/.github/actions/templates/avm-getWorkflowInput/action.yml index b78c1eb7f9..8c686805d9 100644 --- a/.github/actions/templates/avm-getWorkflowInput/action.yml +++ b/.github/actions/templates/avm-getWorkflowInput/action.yml @@ -66,6 +66,11 @@ runs: # Output values to be accessed by next jobs $workflowInput = @{} foreach($parameterName in $parameters.Keys) { + if([String]::IsNullOrEmpty($parameters[$parameterName])) { + Write-Verbose "Skipping parameter [$parameterName] as it has no explicit or default value" -Verbose + continue + } + Write-Verbose ('Passing output [{0}] with value [{1}]' -f $parameterName, $parameters[$parameterName]) -Verbose $workflowInput[$parameterName] = $parameters[$parameterName] } @@ -88,6 +93,12 @@ runs: # Output values to be accessed by next jobs $workflowInput = @{} foreach($parameterName in $workflowParameters.Keys) { + + if([String]::IsNullOrEmpty($workflowParameters[$parameterName])) { + Write-Verbose "Skipping parameter [$parameterName] as it has no explicit or default value" -Verbose + continue + } + Write-Verbose ('Passing output [{0}] with value [{1}]' -f $parameterName, $workflowParameters[$parameterName]) -Verbose $workflowInput[$parameterName] = $workflowParameters[$parameterName].toString() } diff --git a/.github/workflows/platform.publish-tag.yml b/.github/workflows/platform.publish-tag.yml index 1bde3c4950..cf5c8d2f38 100644 --- a/.github/workflows/platform.publish-tag.yml +++ b/.github/workflows/platform.publish-tag.yml @@ -87,7 +87,7 @@ jobs: $functionInput = @{ Version = "${{ steps.publish_tag.outputs.version }}" PublishedModuleName = "${{ steps.publish_tag.outputs.publishedModuleName }}" - GitTagName = "${{ steps.publish_step.outputs.gitTagName }}" + GitTagName = "${{ steps.publish_tag.outputs.gitTagName }}" } diff --git a/avm/res/automation/automation-account/README.md b/avm/res/automation/automation-account/README.md index 26fd342e22..f6f4457d6b 100644 --- a/avm/res/automation/automation-account/README.md +++ b/avm/res/automation/automation-account/README.md @@ -20,7 +20,7 @@ This module deploys an Azure Automation Account. | `Microsoft.Automation/automationAccounts` | [2022-08-08](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Automation/2022-08-08/automationAccounts) | | `Microsoft.Automation/automationAccounts/jobSchedules` | [2022-08-08](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Automation/2022-08-08/automationAccounts/jobSchedules) | | `Microsoft.Automation/automationAccounts/modules` | [2022-08-08](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Automation/2022-08-08/automationAccounts/modules) | -| `Microsoft.Automation/automationAccounts/runbooks` | [2022-08-08](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Automation/2022-08-08/automationAccounts/runbooks) | +| `Microsoft.Automation/automationAccounts/runbooks` | [2023-11-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Automation/2023-11-01/automationAccounts/runbooks) | | `Microsoft.Automation/automationAccounts/schedules` | [2022-08-08](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Automation/2022-08-08/automationAccounts/schedules) | | `Microsoft.Automation/automationAccounts/softwareUpdateConfigurations` | [2019-06-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Automation/2019-06-01/automationAccounts/softwareUpdateConfigurations) | | `Microsoft.Automation/automationAccounts/variables` | [2022-08-08](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Automation/2022-08-08/automationAccounts/variables) | diff --git a/avm/res/automation/automation-account/job-schedule/main.json b/avm/res/automation/automation-account/job-schedule/main.json index 1d7dbb1dfe..713d17c9ac 100644 --- a/avm/res/automation/automation-account/job-schedule/main.json +++ b/avm/res/automation/automation-account/job-schedule/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "3709450248827326388" + "version": "0.26.170.59819", + "templateHash": "1753602189799388874" }, "name": "Automation Account Job Schedules", "description": "This module deploys an Azure Automation Account Job Schedule.", diff --git a/avm/res/automation/automation-account/main.bicep b/avm/res/automation/automation-account/main.bicep index 3f579884c4..d4bf94c7e9 100644 --- a/avm/res/automation/automation-account/main.bicep +++ b/avm/res/automation/automation-account/main.bicep @@ -83,8 +83,8 @@ var formattedUserAssignedIdentities = reduce( var identity = !empty(managedIdentities) ? { type: (managedIdentities.?systemAssigned ?? false) - ? (!empty(managedIdentities.?userAssignedResourceIds ?? {}) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') - : (!empty(managedIdentities.?userAssignedResourceIds ?? {}) ? 'UserAssigned' : null) + ? (!empty(managedIdentities.?userAssignedResourceIds ?? {}) ? 'SystemAssigned, UserAssigned' : 'SystemAssigned') + : (!empty(managedIdentities.?userAssignedResourceIds ?? {}) ? 'UserAssigned' : 'None') userAssignedIdentities: !empty(formattedUserAssignedIdentities) ? formattedUserAssignedIdentities : null } : null @@ -172,7 +172,7 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2022-08-08' } encryption: !empty(customerManagedKey) ? { - keySource: 'Microsoft.KeyVault' + keySource: 'Microsoft.Keyvault' identity: !empty(customerManagedKey.?userAssignedIdentityResourceId) ? { userAssignedIdentity: cMKUserAssignedIdentity.id @@ -180,7 +180,7 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2022-08-08' : null keyVaultProperties: { keyName: customerManagedKey!.keyName - keyVaultUri: cMKKeyVault.properties.vaultUri + keyvaultUri: cMKKeyVault.properties.vaultUri keyVersion: !empty(customerManagedKey.?keyVersion ?? '') ? customerManagedKey!.keyVersion : last(split(cMKKeyVault::cMKKey.properties.keyUriWithVersion, '/')) diff --git a/avm/res/automation/automation-account/main.json b/avm/res/automation/automation-account/main.json index ef54d7a09b..2f891a354c 100644 --- a/avm/res/automation/automation-account/main.json +++ b/avm/res/automation/automation-account/main.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "16001446000186457588" + "version": "0.26.170.59819", + "templateHash": "9883583040461189210" }, "name": "Automation Accounts", "description": "This module deploys an Azure Automation Account.", @@ -629,7 +629,7 @@ }, "variables": { "formattedUserAssignedIdentities": "[reduce(map(coalesce(tryGet(parameters('managedIdentities'), 'userAssignedResourceIds'), createArray()), lambda('id', createObject(format('{0}', lambdaVariables('id')), createObject()))), createObject(), lambda('cur', 'next', union(lambdaVariables('cur'), lambdaVariables('next'))))]", - "identity": "[if(not(empty(parameters('managedIdentities'))), createObject('type', if(coalesce(tryGet(parameters('managedIdentities'), 'systemAssigned'), false()), if(not(empty(coalesce(tryGet(parameters('managedIdentities'), 'userAssignedResourceIds'), createObject()))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(coalesce(tryGet(parameters('managedIdentities'), 'userAssignedResourceIds'), createObject()))), 'UserAssigned', null())), 'userAssignedIdentities', if(not(empty(variables('formattedUserAssignedIdentities'))), variables('formattedUserAssignedIdentities'), null())), null())]", + "identity": "[if(not(empty(parameters('managedIdentities'))), createObject('type', if(coalesce(tryGet(parameters('managedIdentities'), 'systemAssigned'), false()), if(not(empty(coalesce(tryGet(parameters('managedIdentities'), 'userAssignedResourceIds'), createObject()))), 'SystemAssigned, UserAssigned', 'SystemAssigned'), if(not(empty(coalesce(tryGet(parameters('managedIdentities'), 'userAssignedResourceIds'), createObject()))), 'UserAssigned', 'None')), 'userAssignedIdentities', if(not(empty(variables('formattedUserAssignedIdentities'))), variables('formattedUserAssignedIdentities'), null())), null())]", "builtInRoleNames": { "Automation Contributor": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'f353d9bd-d4a6-484e-a77a-8050b599b867')]", "Automation Job Operator": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '4fe576fe-1146-4730-92eb-48519fa6bf9f')]", @@ -704,7 +704,7 @@ "sku": { "name": "[parameters('skuName')]" }, - "encryption": "[if(not(empty(parameters('customerManagedKey'))), createObject('keySource', 'Microsoft.KeyVault', 'identity', if(not(empty(tryGet(parameters('customerManagedKey'), 'userAssignedIdentityResourceId'))), createObject('userAssignedIdentity', extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', split(coalesce(tryGet(parameters('customerManagedKey'), 'userAssignedIdentityResourceId'), '//'), '/')[2], split(coalesce(tryGet(parameters('customerManagedKey'), 'userAssignedIdentityResourceId'), '////'), '/')[4]), 'Microsoft.ManagedIdentity/userAssignedIdentities', last(split(coalesce(tryGet(parameters('customerManagedKey'), 'userAssignedIdentityResourceId'), 'dummyMsi'), '/')))), null()), 'keyVaultProperties', createObject('keyName', parameters('customerManagedKey').keyName, 'keyVaultUri', reference('cMKKeyVault').vaultUri, 'keyVersion', if(not(empty(coalesce(tryGet(parameters('customerManagedKey'), 'keyVersion'), ''))), parameters('customerManagedKey').keyVersion, last(split(reference('cMKKeyVault::cMKKey').keyUriWithVersion, '/'))))), null())]", + "encryption": "[if(not(empty(parameters('customerManagedKey'))), createObject('keySource', 'Microsoft.Keyvault', 'identity', if(not(empty(tryGet(parameters('customerManagedKey'), 'userAssignedIdentityResourceId'))), createObject('userAssignedIdentity', extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', split(coalesce(tryGet(parameters('customerManagedKey'), 'userAssignedIdentityResourceId'), '//'), '/')[2], split(coalesce(tryGet(parameters('customerManagedKey'), 'userAssignedIdentityResourceId'), '////'), '/')[4]), 'Microsoft.ManagedIdentity/userAssignedIdentities', last(split(coalesce(tryGet(parameters('customerManagedKey'), 'userAssignedIdentityResourceId'), 'dummyMsi'), '/')))), null()), 'keyVaultProperties', createObject('keyName', parameters('customerManagedKey').keyName, 'keyvaultUri', reference('cMKKeyVault').vaultUri, 'keyVersion', if(not(empty(coalesce(tryGet(parameters('customerManagedKey'), 'keyVersion'), ''))), parameters('customerManagedKey').keyVersion, last(split(reference('cMKKeyVault::cMKKey').keyUriWithVersion, '/'))))), null())]", "publicNetworkAccess": "[if(not(empty(parameters('publicNetworkAccess'))), if(equals(parameters('publicNetworkAccess'), 'Disabled'), false(), true()), if(not(empty(parameters('privateEndpoints'))), false(), null()))]", "disableLocalAuth": "[parameters('disableLocalAuth')]" }, @@ -830,8 +830,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "8037849223912660600" + "version": "0.26.170.59819", + "templateHash": "17695610509863036784" }, "name": "Automation Account Modules", "description": "This module deploys an Azure Automation Account Module.", @@ -972,8 +972,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "10057879847143996563" + "version": "0.26.170.59819", + "templateHash": "138940659217362139" }, "name": "Automation Account Schedules", "description": "This module deploys an Azure Automation Account Schedule.", @@ -1151,8 +1151,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "14714097202201612277" + "version": "0.26.170.59819", + "templateHash": "6946565957724859459" }, "name": "Automation Account Runbooks", "description": "This module deploys an Azure Automation Account Runbook.", @@ -1178,7 +1178,11 @@ "GraphPowerShell", "GraphPowerShellWorkflow", "PowerShell", - "PowerShellWorkflow" + "PowerShell72", + "PowerShellWorkflow", + "Python2", + "Python3", + "Script" ], "metadata": { "description": "Required. The type of the runbook." @@ -1268,7 +1272,7 @@ }, "runbook": { "type": "Microsoft.Automation/automationAccounts/runbooks", - "apiVersion": "2022-08-08", + "apiVersion": "2023-11-01", "name": "[format('{0}/{1}', parameters('automationAccountName'), parameters('name'))]", "location": "[parameters('location')]", "tags": "[parameters('tags')]", @@ -1310,7 +1314,7 @@ "metadata": { "description": "The location the resource was deployed into." }, - "value": "[reference('runbook', '2022-08-08', 'full').location]" + "value": "[reference('runbook', '2023-11-01', 'full').location]" } } } @@ -1351,8 +1355,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "3709450248827326388" + "version": "0.26.170.59819", + "templateHash": "1753602189799388874" }, "name": "Automation Account Job Schedules", "description": "This module deploys an Azure Automation Account Job Schedule.", @@ -1479,8 +1483,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "1065450815403209329" + "version": "0.26.170.59819", + "templateHash": "12833257216729067514" }, "name": "Automation Account Variables", "description": "This module deploys an Azure Automation Account Variable.", @@ -1594,8 +1598,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "7204307644126778192" + "version": "0.26.170.59819", + "templateHash": "11747347606522833060" }, "name": "Log Analytics Workspace Linked Services", "description": "This module deploys a Log Analytics Workspace Linked Service.", @@ -1913,8 +1917,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "7586828544795723203" + "version": "0.26.170.59819", + "templateHash": "14866221548688198425" }, "name": "Automation Account Software Update Configurations", "description": "This module deploys an Azure Automation Account Software Update Configuration.", diff --git a/avm/res/automation/automation-account/module/main.json b/avm/res/automation/automation-account/module/main.json index 546c8505d5..f8cbfa3d7a 100644 --- a/avm/res/automation/automation-account/module/main.json +++ b/avm/res/automation/automation-account/module/main.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "8037849223912660600" + "version": "0.26.170.59819", + "templateHash": "17695610509863036784" }, "name": "Automation Account Modules", "description": "This module deploys an Azure Automation Account Module.", diff --git a/avm/res/automation/automation-account/runbook/README.md b/avm/res/automation/automation-account/runbook/README.md index b10d9c903b..933591a613 100644 --- a/avm/res/automation/automation-account/runbook/README.md +++ b/avm/res/automation/automation-account/runbook/README.md @@ -14,7 +14,7 @@ This module deploys an Azure Automation Account Runbook. | Resource Type | API Version | | :-- | :-- | -| `Microsoft.Automation/automationAccounts/runbooks` | [2022-08-08](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Automation/2022-08-08/automationAccounts/runbooks) | +| `Microsoft.Automation/automationAccounts/runbooks` | [2023-11-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Automation/2023-11-01/automationAccounts/runbooks) | ## Parameters @@ -69,7 +69,11 @@ The type of the runbook. 'GraphPowerShell' 'GraphPowerShellWorkflow' 'PowerShell' + 'PowerShell72' 'PowerShellWorkflow' + 'Python2' + 'Python3' + 'Script' ] ``` diff --git a/avm/res/automation/automation-account/runbook/main.bicep b/avm/res/automation/automation-account/runbook/main.bicep index 4f41bf68ca..e45047c60a 100644 --- a/avm/res/automation/automation-account/runbook/main.bicep +++ b/avm/res/automation/automation-account/runbook/main.bicep @@ -13,7 +13,11 @@ param automationAccountName string 'GraphPowerShell' 'GraphPowerShellWorkflow' 'PowerShell' + 'PowerShell72' 'PowerShellWorkflow' + 'Python2' + 'Python3' + 'Script' ]) @sys.description('Required. The type of the runbook.') param type string @@ -74,7 +78,7 @@ var publishContentLink = empty(uri) version: !empty(version) ? version : null } -resource runbook 'Microsoft.Automation/automationAccounts/runbooks@2022-08-08' = { +resource runbook 'Microsoft.Automation/automationAccounts/runbooks@2023-11-01' = { name: name parent: automationAccount location: location diff --git a/avm/res/automation/automation-account/runbook/main.json b/avm/res/automation/automation-account/runbook/main.json index 4f23a696b6..327797d353 100644 --- a/avm/res/automation/automation-account/runbook/main.json +++ b/avm/res/automation/automation-account/runbook/main.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "14714097202201612277" + "version": "0.26.170.59819", + "templateHash": "6946565957724859459" }, "name": "Automation Account Runbooks", "description": "This module deploys an Azure Automation Account Runbook.", @@ -32,7 +32,11 @@ "GraphPowerShell", "GraphPowerShellWorkflow", "PowerShell", - "PowerShellWorkflow" + "PowerShell72", + "PowerShellWorkflow", + "Python2", + "Python3", + "Script" ], "metadata": { "description": "Required. The type of the runbook." @@ -122,7 +126,7 @@ }, "runbook": { "type": "Microsoft.Automation/automationAccounts/runbooks", - "apiVersion": "2022-08-08", + "apiVersion": "2023-11-01", "name": "[format('{0}/{1}', parameters('automationAccountName'), parameters('name'))]", "location": "[parameters('location')]", "tags": "[parameters('tags')]", @@ -164,7 +168,7 @@ "metadata": { "description": "The location the resource was deployed into." }, - "value": "[reference('runbook', '2022-08-08', 'full').location]" + "value": "[reference('runbook', '2023-11-01', 'full').location]" } } } \ No newline at end of file diff --git a/avm/res/automation/automation-account/schedule/main.json b/avm/res/automation/automation-account/schedule/main.json index 4a8ef6d870..35ada70ebb 100644 --- a/avm/res/automation/automation-account/schedule/main.json +++ b/avm/res/automation/automation-account/schedule/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "10057879847143996563" + "version": "0.26.170.59819", + "templateHash": "138940659217362139" }, "name": "Automation Account Schedules", "description": "This module deploys an Azure Automation Account Schedule.", diff --git a/avm/res/automation/automation-account/software-update-configuration/main.json b/avm/res/automation/automation-account/software-update-configuration/main.json index 62ca53d37e..f8d5f29235 100644 --- a/avm/res/automation/automation-account/software-update-configuration/main.json +++ b/avm/res/automation/automation-account/software-update-configuration/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "7586828544795723203" + "version": "0.26.170.59819", + "templateHash": "14866221548688198425" }, "name": "Automation Account Software Update Configurations", "description": "This module deploys an Azure Automation Account Software Update Configuration.", diff --git a/avm/res/automation/automation-account/variable/main.json b/avm/res/automation/automation-account/variable/main.json index a7d20d69f2..0bb8e16cda 100644 --- a/avm/res/automation/automation-account/variable/main.json +++ b/avm/res/automation/automation-account/variable/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "1065450815403209329" + "version": "0.26.170.59819", + "templateHash": "12833257216729067514" }, "name": "Automation Account Variables", "description": "This module deploys an Azure Automation Account Variable.", diff --git a/avm/res/cdn/profile/README.md b/avm/res/cdn/profile/README.md index 826e2450fe..e201ef9e08 100644 --- a/avm/res/cdn/profile/README.md +++ b/avm/res/cdn/profile/README.md @@ -84,8 +84,7 @@ module profile 'br/public:avm/res/cdn/profile:' = { } ] location: 'global' - originResponseTimeoutSeconds: 60 - origionGroups: [ + originGroups: [ { loadBalancingSettings: { additionalLatencyInMilliseconds: 50 @@ -101,6 +100,7 @@ module profile 'br/public:avm/res/cdn/profile:' = { ] } ] + originResponseTimeoutSeconds: 60 ruleSets: [ { name: 'deptestcdnpafdruleset' @@ -179,10 +179,7 @@ module profile 'br/public:avm/res/cdn/profile:' = { "location": { "value": "global" }, - "originResponseTimeoutSeconds": { - "value": 60 - }, - "origionGroups": { + "originGroups": { "value": [ { "loadBalancingSettings": { @@ -200,6 +197,9 @@ module profile 'br/public:avm/res/cdn/profile:' = { } ] }, + "originResponseTimeoutSeconds": { + "value": 60 + }, "ruleSets": { "value": [ { @@ -580,7 +580,7 @@ module profile 'br/public:avm/res/cdn/profile:' = { | Parameter | Type | Description | | :-- | :-- | :-- | -| [`origionGroups`](#parameter-origiongroups) | array | Array of origin group objects. Required if the afdEndpoints is specified. | +| [`originGroups`](#parameter-origingroups) | array | Array of origin group objects. Required if the afdEndpoints is specified. | **Optional parameters** @@ -631,7 +631,7 @@ The pricing tier (defines a CDN provider, feature list and rate) of the CDN prof ] ``` -### Parameter: `origionGroups` +### Parameter: `originGroups` Array of origin group objects. Required if the afdEndpoints is specified. diff --git a/avm/res/cdn/profile/main.bicep b/avm/res/cdn/profile/main.bicep index 27d05ae8c1..90ae0b7a5c 100644 --- a/avm/res/cdn/profile/main.bicep +++ b/avm/res/cdn/profile/main.bicep @@ -42,7 +42,7 @@ param secrets array = [] param customDomains array = [] @description('Conditional. Array of origin group objects. Required if the afdEndpoints is specified.') -param origionGroups array = [] +param originGroups array = [] @description('Optional. Array of rule set objects.') param ruleSets array = [] @@ -202,8 +202,8 @@ module profile_customDomains 'customdomain/main.bicep' = [ ] module profile_originGroups 'origingroup/main.bicep' = [ - for (origingroup, index) in origionGroups: { - name: '${uniqueString(deployment().name)}-Profile-OrigionGroup-${index}' + for (origingroup, index) in originGroups: { + name: '${uniqueString(deployment().name)}-Profile-OriginGroup-${index}' params: { name: origingroup.name profileName: profile.name diff --git a/avm/res/cdn/profile/main.json b/avm/res/cdn/profile/main.json index c0f0f30a68..5577657e81 100644 --- a/avm/res/cdn/profile/main.json +++ b/avm/res/cdn/profile/main.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "9474385640753599051" + "version": "0.26.170.59819", + "templateHash": "2222991004022934698" }, "name": "CDN Profiles", "description": "This module deploys a CDN Profile.", @@ -175,7 +175,7 @@ "description": "Optional. Array of custom domain objects." } }, - "origionGroups": { + "originGroups": { "type": "array", "defaultValue": [], "metadata": { @@ -337,8 +337,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "5516612458443504281" + "version": "0.26.170.59819", + "templateHash": "2906172435071993445" }, "name": "CDN Profiles Endpoints", "description": "This module deploys a CDN Profile Endpoint.", @@ -457,8 +457,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "11112660703037023992" + "version": "0.26.170.59819", + "templateHash": "3665403791951260301" }, "name": "CDN Profiles Endpoints Origins", "description": "This module deploys a CDN Profile Endpoint Origin.", @@ -703,8 +703,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "7298174434641608123" + "version": "0.26.170.59819", + "templateHash": "364931243138434002" }, "name": "CDN Profiles Secret", "description": "This module deploys a CDN Profile Secret.", @@ -852,8 +852,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "15657388199001378642" + "version": "0.26.170.59819", + "templateHash": "15721665305636481516" }, "name": "CDN Profiles Custom Domains", "description": "This module deploys a CDN Profile Custom Domains.", @@ -979,11 +979,11 @@ "profile_originGroups": { "copy": { "name": "profile_originGroups", - "count": "[length(parameters('origionGroups'))]" + "count": "[length(parameters('originGroups'))]" }, "type": "Microsoft.Resources/deployments", "apiVersion": "2022-09-01", - "name": "[format('{0}-Profile-OrigionGroup-{1}', uniqueString(deployment().name), copyIndex())]", + "name": "[format('{0}-Profile-OriginGroup-{1}', uniqueString(deployment().name), copyIndex())]", "properties": { "expressionEvaluationOptions": { "scope": "inner" @@ -991,25 +991,25 @@ "mode": "Incremental", "parameters": { "name": { - "value": "[parameters('origionGroups')[copyIndex()].name]" + "value": "[parameters('originGroups')[copyIndex()].name]" }, "profileName": { "value": "[parameters('name')]" }, "loadBalancingSettings": { - "value": "[parameters('origionGroups')[copyIndex()].loadBalancingSettings]" + "value": "[parameters('originGroups')[copyIndex()].loadBalancingSettings]" }, "healthProbeSettings": { - "value": "[tryGet(parameters('origionGroups')[copyIndex()], 'healthProbeSettings')]" + "value": "[tryGet(parameters('originGroups')[copyIndex()], 'healthProbeSettings')]" }, "sessionAffinityState": { - "value": "[tryGet(parameters('origionGroups')[copyIndex()], 'sessionAffinityState')]" + "value": "[tryGet(parameters('originGroups')[copyIndex()], 'sessionAffinityState')]" }, "trafficRestorationTimeToHealedOrNewEndpointsInMinutes": { - "value": "[tryGet(parameters('origionGroups')[copyIndex()], 'trafficRestorationTimeToHealedOrNewEndpointsInMinutes')]" + "value": "[tryGet(parameters('originGroups')[copyIndex()], 'trafficRestorationTimeToHealedOrNewEndpointsInMinutes')]" }, "origins": { - "value": "[parameters('origionGroups')[copyIndex()].origins]" + "value": "[parameters('originGroups')[copyIndex()].origins]" } }, "template": { @@ -1019,8 +1019,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "8706007645911322422" + "version": "0.26.170.59819", + "templateHash": "12438540618132459307" }, "name": "CDN Profiles Origin Group", "description": "This module deploys a CDN Profile Origin Group.", @@ -1156,8 +1156,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "16657064743499074369" + "version": "0.26.170.59819", + "templateHash": "8566106020570825253" }, "name": "CDN Profiles Origin", "description": "This module deploys a CDN Profile Origin.", @@ -1382,8 +1382,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "1809010747275335698" + "version": "0.26.170.59819", + "templateHash": "5891069247146856543" }, "name": "CDN Profiles Rule Sets", "description": "This module deploys a CDN Profile rule set.", @@ -1468,8 +1468,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "8195283154733773558" + "version": "0.26.170.59819", + "templateHash": "4690708071413750601" }, "name": "CDN Profiles Rules", "description": "This module deploys a CDN Profile rule.", @@ -1656,8 +1656,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "8869132357079269087" + "version": "0.26.170.59819", + "templateHash": "3255198433705940781" }, "name": "CDN Profiles AFD Endpoints", "description": "This module deploys a CDN Profile AFD Endpoint.", @@ -1807,8 +1807,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "8525791914559803218" + "version": "0.26.170.59819", + "templateHash": "12469321322924109409" }, "name": "CDN Profiles AFD Endpoint Route", "description": "This module deploys a CDN Profile AFD Endpoint route.", diff --git a/avm/res/cdn/profile/tests/e2e/afd/main.test.bicep b/avm/res/cdn/profile/tests/e2e/afd/main.test.bicep index b559a41236..66f834fa19 100644 --- a/avm/res/cdn/profile/tests/e2e/afd/main.test.bicep +++ b/avm/res/cdn/profile/tests/e2e/afd/main.test.bicep @@ -52,7 +52,7 @@ module testDeployment '../../../main.bicep' = [ certificateType: 'ManagedCertificate' } ] - origionGroups: [ + originGroups: [ { name: 'dep-${namePrefix}-test-${serviceShort}-origin-group' loadBalancingSettings: { diff --git a/avm/res/cdn/profile/version.json b/avm/res/cdn/profile/version.json index 83083db694..9481fea58e 100644 --- a/avm/res/cdn/profile/version.json +++ b/avm/res/cdn/profile/version.json @@ -1,7 +1,7 @@ { "$schema": "https://aka.ms/bicep-registry-module-version-file-schema#", - "version": "0.1", + "version": "0.2", "pathFilters": [ "./main.json" ] -} \ No newline at end of file +} diff --git a/avm/res/cognitive-services/account/main.bicep b/avm/res/cognitive-services/account/main.bicep index 07ffb63489..cefa63b906 100644 --- a/avm/res/cognitive-services/account/main.bicep +++ b/avm/res/cognitive-services/account/main.bicep @@ -9,11 +9,6 @@ param name string @allowed([ 'AIServices' 'AnomalyDetector' - 'Bing.Autosuggest.v7' - 'Bing.CustomSearch' - 'Bing.EntitySearch' - 'Bing.Search.v7' - 'Bing.SpellCheck.v7' 'CognitiveServices' 'ComputerVision' 'ContentModerator' diff --git a/avm/res/compute/gallery/README.md b/avm/res/compute/gallery/README.md index 081835b82b..cf8e00455a 100644 --- a/avm/res/compute/gallery/README.md +++ b/avm/res/compute/gallery/README.md @@ -684,6 +684,7 @@ Tags for all resources. | Output | Type | Description | | :-- | :-- | :-- | +| `imageResourceIds` | array | The resource ids of the deployed images. | | `location` | string | The location the resource was deployed into. | | `name` | string | The name of the deployed image gallery. | | `resourceGroupName` | string | The resource group of the deployed image gallery. | diff --git a/avm/res/compute/gallery/application/main.json b/avm/res/compute/gallery/application/main.json index 9c8df87f87..91e65e1bb1 100644 --- a/avm/res/compute/gallery/application/main.json +++ b/avm/res/compute/gallery/application/main.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "3817884050778525461" + "version": "0.26.170.59819", + "templateHash": "9175012718933553578" }, "name": "Compute Galleries Applications", "description": "This module deploys an Azure Compute Gallery Application.", diff --git a/avm/res/compute/gallery/image/main.json b/avm/res/compute/gallery/image/main.json index 6ff4eedb7d..11f350a32c 100644 --- a/avm/res/compute/gallery/image/main.json +++ b/avm/res/compute/gallery/image/main.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "15034895982698413313" + "version": "0.26.170.59819", + "templateHash": "7059991596058545894" }, "name": "Compute Galleries Image Definitions", "description": "This module deploys an Azure Compute Gallery Image Definition.", diff --git a/avm/res/compute/gallery/main.bicep b/avm/res/compute/gallery/main.bicep index 58b61a145b..2863471472 100644 --- a/avm/res/compute/gallery/main.bicep +++ b/avm/res/compute/gallery/main.bicep @@ -183,6 +183,11 @@ output name string = gallery.name @sys.description('The location the resource was deployed into.') output location string = gallery.location +@sys.description('The resource ids of the deployed images.') +output imageResourceIds array = [ + for index in range(0, length(images ?? [])): galleries_images[index].outputs.resourceId +] + // =============== // // Definitions // // =============== // diff --git a/avm/res/compute/gallery/main.json b/avm/res/compute/gallery/main.json index c2863f574c..1a3c273c2f 100644 --- a/avm/res/compute/gallery/main.json +++ b/avm/res/compute/gallery/main.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "5329218260776835511" + "version": "0.26.170.59819", + "templateHash": "4586802822078326566" }, "name": "Azure Compute Galleries", "description": "This module deploys an Azure Compute Gallery (formerly known as Shared Image Gallery).", @@ -319,8 +319,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "3817884050778525461" + "version": "0.26.170.59819", + "templateHash": "9175012718933553578" }, "name": "Compute Galleries Applications", "description": "This module deploys an Azure Compute Gallery Application.", @@ -676,8 +676,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "15034895982698413313" + "version": "0.26.170.59819", + "templateHash": "7059991596058545894" }, "name": "Compute Galleries Image Definitions", "description": "This module deploys an Azure Compute Gallery Image Definition.", @@ -1111,6 +1111,16 @@ "description": "The location the resource was deployed into." }, "value": "[reference('gallery', '2022-03-03', 'full').location]" + }, + "imageResourceIds": { + "type": "array", + "metadata": { + "description": "The resource ids of the deployed images." + }, + "copy": { + "count": "[length(range(0, length(coalesce(parameters('images'), createArray()))))]", + "input": "[reference(format('galleries_images[{0}]', range(0, length(coalesce(parameters('images'), createArray())))[copyIndex()])).outputs.resourceId.value]" + } } } } \ No newline at end of file diff --git a/avm/res/compute/gallery/version.json b/avm/res/compute/gallery/version.json index 76049e1c4a..13669e6601 100644 --- a/avm/res/compute/gallery/version.json +++ b/avm/res/compute/gallery/version.json @@ -1,6 +1,6 @@ { "$schema": "https://aka.ms/bicep-registry-module-version-file-schema#", - "version": "0.3", + "version": "0.4", "pathFilters": [ "./main.json" ] diff --git a/avm/res/compute/virtual-machine-scale-set/README.md b/avm/res/compute/virtual-machine-scale-set/README.md index 96b8ddefeb..bf45b23c52 100644 --- a/avm/res/compute/virtual-machine-scale-set/README.md +++ b/avm/res/compute/virtual-machine-scale-set/README.md @@ -17,8 +17,8 @@ This module deploys a Virtual Machine Scale Set. | :-- | :-- | | `Microsoft.Authorization/locks` | [2020-05-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2020-05-01/locks) | | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) | -| `Microsoft.Compute/virtualMachineScaleSets` | [2022-11-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Compute/2022-11-01/virtualMachineScaleSets) | -| `Microsoft.Compute/virtualMachineScaleSets/extensions` | [2022-11-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Compute/2022-11-01/virtualMachineScaleSets/extensions) | +| `Microsoft.Compute/virtualMachineScaleSets` | [2023-09-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Compute/2023-09-01/virtualMachineScaleSets) | +| `Microsoft.Compute/virtualMachineScaleSets/extensions` | [2023-09-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Compute/2023-09-01/virtualMachineScaleSets/extensions) | | `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) | ## Usage examples @@ -76,6 +76,9 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s { name: 'ipconfig1' properties: { + publicIPAddressConfiguration: { + name: 'pip-cvmsslinmin' + } subnet: { id: '' } @@ -151,6 +154,9 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s { "name": "ipconfig1", "properties": { + "publicIPAddressConfiguration": { + "name": "pip-cvmsslinmin" + }, "subnet": { "id": "" } @@ -286,7 +292,7 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s name: 'myCustomLockName' } managedIdentities: { - systemAssigned: true + systemAssigned: false userAssignedResourceIds: [ '' ] @@ -297,6 +303,9 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s { name: 'ipconfig1' properties: { + publicIPAddressConfiguration: { + name: 'pip-cvmsslinmax' + } subnet: { id: '' } @@ -481,7 +490,7 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s }, "managedIdentities": { "value": { - "systemAssigned": true, + "systemAssigned": false, "userAssignedResourceIds": [ "" ] @@ -494,6 +503,9 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s { "name": "ipconfig1", "properties": { + "publicIPAddressConfiguration": { + "name": "pip-cvmsslinmax" + }, "subnet": { "id": "" } @@ -609,6 +621,9 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s { name: 'ipconfig1' properties: { + publicIPAddressConfiguration: { + name: 'pip-cvmsslcmk' + } subnet: { id: '' } @@ -707,6 +722,9 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s { "name": "ipconfig1", "properties": { + "publicIPAddressConfiguration": { + "name": "pip-cvmsslcmk" + }, "subnet": { "id": "" } @@ -772,6 +790,9 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s { name: 'ipconfig1' properties: { + publicIPAddressConfiguration: { + name: 'pip-cvmsswinmin' + } subnet: { id: '' } @@ -841,6 +862,9 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s { "name": "ipconfig1", "properties": { + "publicIPAddressConfiguration": { + "name": "pip-cvmsswinmin" + }, "subnet": { "id": "" } @@ -967,7 +991,7 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s name: 'myCustomLockName' } managedIdentities: { - systemAssigned: true + systemAssigned: false userAssignedResourceIds: [ '' ] @@ -978,6 +1002,9 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s { name: 'ipconfig1' properties: { + publicIPAddressConfiguration: { + name: 'pip-cvmsswinmax' + } subnet: { id: '' } @@ -1152,7 +1179,7 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s }, "managedIdentities": { "value": { - "systemAssigned": true, + "systemAssigned": false, "userAssignedResourceIds": [ "" ] @@ -1165,6 +1192,9 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s { "name": "ipconfig1", "properties": { + "publicIPAddressConfiguration": { + "name": "pip-cvmsswinmax" + }, "subnet": { "id": "" } @@ -1315,7 +1345,7 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s } location: '' managedIdentities: { - systemAssigned: true + systemAssigned: false userAssignedResourceIds: [ '' ] @@ -1326,6 +1356,9 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s { name: 'ipconfig1' properties: { + publicIPAddressConfiguration: { + name: 'pip-cvmsswinwaf' + } subnet: { id: '' } @@ -1487,7 +1520,7 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s }, "managedIdentities": { "value": { - "systemAssigned": true, + "systemAssigned": false, "userAssignedResourceIds": [ "" ] @@ -1500,6 +1533,9 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s { "name": "ipconfig1", "properties": { + "publicIPAddressConfiguration": { + "name": "pip-cvmsswinwaf" + }, "subnet": { "id": "" } @@ -1569,6 +1605,7 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s | [`doNotRunExtensionsOnOverprovisionedVMs`](#parameter-donotrunextensionsonoverprovisionedvms) | bool | When Overprovision is enabled, extensions are launched only on the requested number of VMs which are finally kept. This property will hence ensure that the extensions do not run on the extra overprovisioned VMs. | | [`enableAutomaticOSUpgrade`](#parameter-enableautomaticosupgrade) | bool | Indicates whether OS upgrades should automatically be applied to scale set instances in a rolling fashion when a newer version of the OS image becomes available. Default value is false. If this is set to true for Windows based scale sets, enableAutomaticUpdates is automatically set to false and cannot be set to true. | | [`enableAutomaticUpdates`](#parameter-enableautomaticupdates) | bool | Indicates whether Automatic Updates is enabled for the Windows virtual machine. Default value is true. For virtual machine scale sets, this property can be updated and updates will take effect on OS reprovisioning. | +| [`enableCrossZoneUpgrade`](#parameter-enablecrosszoneupgrade) | bool | Allow VMSS to ignore AZ boundaries when constructing upgrade batches. Take into consideration the Update Domain and maxBatchInstancePercent to determine the batch size. | | [`enableEvictionPolicy`](#parameter-enableevictionpolicy) | bool | Specifies the eviction policy for the low priority virtual machine. Will result in 'Deallocate' eviction policy. | | [`enableTelemetry`](#parameter-enabletelemetry) | bool | Enable/Disable usage telemetry for module. | | [`encryptionAtHost`](#parameter-encryptionathost) | bool | This property can be used by user in the request to enable or disable the Host Encryption for the virtual machine. This will enable the encryption for all the disks including Resource/Temp disk at host itself. For security reasons, it is recommended to set encryptionAtHost to True. Restrictions: Cannot be enabled if Azure Disk Encryption (guest-VM encryption using bitlocker/DM-Crypt) is enabled on your virtual machine scale sets. | @@ -1588,16 +1625,20 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s | [`managedIdentities`](#parameter-managedidentities) | object | The managed identity definition for this resource. | | [`maxBatchInstancePercent`](#parameter-maxbatchinstancepercent) | int | The maximum percent of total virtual machine instances that will be upgraded simultaneously by the rolling upgrade in one batch. As this is a maximum, unhealthy instances in previous or future batches can cause the percentage of instances in a batch to decrease to ensure higher reliability. | | [`maxPriceForLowPriorityVm`](#parameter-maxpriceforlowpriorityvm) | string | Specifies the maximum price you are willing to pay for a low priority VM/VMSS. This price is in US Dollars. | +| [`maxSurge`](#parameter-maxsurge) | bool | Create new virtual machines to upgrade the scale set, rather than updating the existing virtual machines. Existing virtual machines will be deleted once the new virtual machines are created for each batch. | | [`maxUnhealthyInstancePercent`](#parameter-maxunhealthyinstancepercent) | int | The maximum percentage of the total virtual machine instances in the scale set that can be simultaneously unhealthy, either as a result of being upgraded, or by being found in an unhealthy state by the virtual machine health checks before the rolling upgrade aborts. This constraint will be checked prior to starting any batch. | | [`maxUnhealthyUpgradedInstancePercent`](#parameter-maxunhealthyupgradedinstancepercent) | int | The maximum percentage of the total virtual machine instances in the scale set that can be simultaneously unhealthy, either as a result of being upgraded, or by being found in an unhealthy state by the virtual machine health checks before the rolling upgrade aborts. This constraint will be checked prior to starting any batch. | | [`monitoringWorkspaceId`](#parameter-monitoringworkspaceid) | string | Resource ID of the monitoring log analytics workspace. | +| [`orchestrationMode`](#parameter-orchestrationmode) | string | Specifies the orchestration mode for the virtual machine scale set. | | [`overprovision`](#parameter-overprovision) | bool | Specifies whether the Virtual Machine Scale Set should be overprovisioned. | | [`pauseTimeBetweenBatches`](#parameter-pausetimebetweenbatches) | string | The wait time between completing the update for all virtual machines in one batch and starting the next batch. The time duration should be specified in ISO 8601 format. | | [`plan`](#parameter-plan) | object | Specifies information about the marketplace image used to create the virtual machine. This element is only used for marketplace images. Before you can use a marketplace image from an API, you must enable the image for programmatic use. | +| [`prioritizeUnhealthyInstances`](#parameter-prioritizeunhealthyinstances) | bool | Upgrade all unhealthy instances in a scale set before any healthy instances. | | [`provisionVMAgent`](#parameter-provisionvmagent) | bool | Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later. | | [`proximityPlacementGroupResourceId`](#parameter-proximityplacementgroupresourceid) | string | Resource ID of a proximity placement group. | | [`publicKeys`](#parameter-publickeys) | array | The list of SSH public keys used to authenticate with linux based VMs. | | [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignments to create. | +| [`rollbackFailedInstancesOnPolicyBreach`](#parameter-rollbackfailedinstancesonpolicybreach) | bool | Rollback failed instances to previous model if the Rolling Upgrade policy is violated. | | [`sasTokenValidityLength`](#parameter-sastokenvaliditylength) | string | SAS token validity length to use to download files from storage accounts. Usage: 'PT8H' - valid for 8 hours; 'P5D' - valid for 5 days; 'P1Y' - valid for 1 year. When not provided, the SAS token will be valid for 8 hours. | | [`scaleInPolicy`](#parameter-scaleinpolicy) | object | Specifies the scale-in policy that decides which virtual machines are chosen for removal when a Virtual Machine Scale Set is scaled-in. | | [`scaleSetFaultDomain`](#parameter-scalesetfaultdomain) | int | Fault Domain count for each placement group. | @@ -1900,6 +1941,14 @@ Indicates whether Automatic Updates is enabled for the Windows virtual machine. - Type: bool - Default: `True` +### Parameter: `enableCrossZoneUpgrade` + +Allow VMSS to ignore AZ boundaries when constructing upgrade batches. Take into consideration the Update Domain and maxBatchInstancePercent to determine the batch size. + +- Required: No +- Type: bool +- Default: `False` + ### Parameter: `enableEvictionPolicy` Specifies the eviction policy for the low priority virtual machine. Will result in 'Deallocate' eviction policy. @@ -2149,6 +2198,14 @@ Specifies the maximum price you are willing to pay for a low priority VM/VMSS. T - Type: string - Default: `''` +### Parameter: `maxSurge` + +Create new virtual machines to upgrade the scale set, rather than updating the existing virtual machines. Existing virtual machines will be deleted once the new virtual machines are created for each batch. + +- Required: No +- Type: bool +- Default: `False` + ### Parameter: `maxUnhealthyInstancePercent` The maximum percentage of the total virtual machine instances in the scale set that can be simultaneously unhealthy, either as a result of being upgraded, or by being found in an unhealthy state by the virtual machine health checks before the rolling upgrade aborts. This constraint will be checked prior to starting any batch. @@ -2173,6 +2230,21 @@ Resource ID of the monitoring log analytics workspace. - Type: string - Default: `''` +### Parameter: `orchestrationMode` + +Specifies the orchestration mode for the virtual machine scale set. + +- Required: No +- Type: string +- Default: `'Flexible'` +- Allowed: + ```Bicep + [ + 'Flexible' + 'Uniform' + ] + ``` + ### Parameter: `overprovision` Specifies whether the Virtual Machine Scale Set should be overprovisioned. @@ -2197,6 +2269,14 @@ Specifies information about the marketplace image used to create the virtual mac - Type: object - Default: `{}` +### Parameter: `prioritizeUnhealthyInstances` + +Upgrade all unhealthy instances in a scale set before any healthy instances. + +- Required: No +- Type: bool +- Default: `False` + ### Parameter: `provisionVMAgent` Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later. @@ -2310,6 +2390,14 @@ The principal type of the assigned principal ID. ] ``` +### Parameter: `rollbackFailedInstancesOnPolicyBreach` + +Rollback failed instances to previous model if the Rolling Upgrade policy is violated. + +- Required: No +- Type: bool +- Default: `False` + ### Parameter: `sasTokenValidityLength` SAS token validity length to use to download files from storage accounts. Usage: 'PT8H' - valid for 8 hours; 'P5D' - valid for 5 days; 'P1Y' - valid for 1 year. When not provided, the SAS token will be valid for 8 hours. diff --git a/avm/res/compute/virtual-machine-scale-set/extension/README.md b/avm/res/compute/virtual-machine-scale-set/extension/README.md index 11e4e8c5ad..f8b36bff7f 100644 --- a/avm/res/compute/virtual-machine-scale-set/extension/README.md +++ b/avm/res/compute/virtual-machine-scale-set/extension/README.md @@ -14,7 +14,7 @@ This module deploys a Virtual Machine Scale Set Extension. | Resource Type | API Version | | :-- | :-- | -| `Microsoft.Compute/virtualMachineScaleSets/extensions` | [2022-11-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Compute/2022-11-01/virtualMachineScaleSets/extensions) | +| `Microsoft.Compute/virtualMachineScaleSets/extensions` | [2023-09-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Compute/2023-09-01/virtualMachineScaleSets/extensions) | ## Parameters diff --git a/avm/res/compute/virtual-machine-scale-set/extension/main.bicep b/avm/res/compute/virtual-machine-scale-set/extension/main.bicep index 5f5074d008..c876201e51 100644 --- a/avm/res/compute/virtual-machine-scale-set/extension/main.bicep +++ b/avm/res/compute/virtual-machine-scale-set/extension/main.bicep @@ -36,11 +36,11 @@ param supressFailures bool = false @description('Required. Indicates whether the extension should be automatically upgraded by the platform if there is a newer version of the extension available.') param enableAutomaticUpgrade bool -resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2022-11-01' existing = { +resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023-09-01' existing = { name: virtualMachineScaleSetName } -resource extension 'Microsoft.Compute/virtualMachineScaleSets/extensions@2022-11-01' = { +resource extension 'Microsoft.Compute/virtualMachineScaleSets/extensions@2023-09-01' = { name: name parent: virtualMachineScaleSet properties: { diff --git a/avm/res/compute/virtual-machine-scale-set/extension/main.json b/avm/res/compute/virtual-machine-scale-set/extension/main.json index 936509ea01..6edd526b76 100644 --- a/avm/res/compute/virtual-machine-scale-set/extension/main.json +++ b/avm/res/compute/virtual-machine-scale-set/extension/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.26.54.24096", - "templateHash": "8948100547542268397" + "templateHash": "1737879623418595926" }, "name": "Virtual Machine Scale Set Extensions", "description": "This module deploys a Virtual Machine Scale Set Extension.", @@ -86,7 +86,7 @@ "resources": [ { "type": "Microsoft.Compute/virtualMachineScaleSets/extensions", - "apiVersion": "2022-11-01", + "apiVersion": "2023-09-01", "name": "[format('{0}/{1}', parameters('virtualMachineScaleSetName'), parameters('name'))]", "properties": { "publisher": "[parameters('publisher')]", diff --git a/avm/res/compute/virtual-machine-scale-set/main.bicep b/avm/res/compute/virtual-machine-scale-set/main.bicep index 0d4fc210a6..1a446e1aff 100644 --- a/avm/res/compute/virtual-machine-scale-set/main.bicep +++ b/avm/res/compute/virtual-machine-scale-set/main.bicep @@ -148,6 +148,18 @@ param lock lockType ]) param upgradePolicyMode string = 'Manual' +@description('Optional. Allow VMSS to ignore AZ boundaries when constructing upgrade batches. Take into consideration the Update Domain and maxBatchInstancePercent to determine the batch size.') +param enableCrossZoneUpgrade bool = false + +@description('Optional. Create new virtual machines to upgrade the scale set, rather than updating the existing virtual machines. Existing virtual machines will be deleted once the new virtual machines are created for each batch.') +param maxSurge bool = false + +@description('Optional. Upgrade all unhealthy instances in a scale set before any healthy instances.') +param prioritizeUnhealthyInstances bool = false + +@description('Optional. Rollback failed instances to previous model if the Rolling Upgrade policy is violated.') +param rollbackFailedInstancesOnPolicyBreach bool = false + @description('Optional. The maximum percent of total virtual machine instances that will be upgraded simultaneously by the rolling upgrade in one batch. As this is a maximum, unhealthy instances in previous or future batches can cause the percentage of instances in a batch to decrease to ensure higher reliability.') param maxBatchInstancePercent int = 20 @@ -177,6 +189,13 @@ param gracePeriod string = 'PT30M' @maxLength(15) param vmNamePrefix string = 'vmssvm' +@description('Optional. Specifies the orchestration mode for the virtual machine scale set.') +@allowed([ + 'Flexible' + 'Uniform' +]) +param orchestrationMode string = 'Flexible' + @description('Optional. Indicates whether virtual machine agent should be provisioned on the virtual machine. When this property is not specified in the request body, default behavior is to set it to true. This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later.') param provisionVMAgent bool = true @@ -393,13 +412,14 @@ resource avmTelemetry 'Microsoft.Resources/deployments@2023-07-01' = } } -resource vmss 'Microsoft.Compute/virtualMachineScaleSets@2022-11-01' = { +resource vmss 'Microsoft.Compute/virtualMachineScaleSets@2023-09-01' = { name: name location: location tags: tags identity: identity zones: availabilityZones properties: { + orchestrationMode: orchestrationMode proximityPlacementGroup: !empty(proximityPlacementGroupResourceId) ? { id: proximityPlacementGroupResourceId @@ -407,12 +427,18 @@ resource vmss 'Microsoft.Compute/virtualMachineScaleSets@2022-11-01' = { : null upgradePolicy: { mode: upgradePolicyMode - rollingUpgradePolicy: { - maxBatchInstancePercent: maxBatchInstancePercent - maxUnhealthyInstancePercent: maxUnhealthyInstancePercent - maxUnhealthyUpgradedInstancePercent: maxUnhealthyUpgradedInstancePercent - pauseTimeBetweenBatches: pauseTimeBetweenBatches - } + rollingUpgradePolicy: upgradePolicyMode == 'Rolling' + ? { + enableCrossZoneUpgrade: enableCrossZoneUpgrade + maxBatchInstancePercent: maxBatchInstancePercent + maxSurge: maxSurge + maxUnhealthyInstancePercent: maxUnhealthyInstancePercent + maxUnhealthyUpgradedInstancePercent: maxUnhealthyUpgradedInstancePercent + pauseTimeBetweenBatches: pauseTimeBetweenBatches + prioritizeUnhealthyInstances: prioritizeUnhealthyInstances + rollbackFailedInstancesOnPolicyBreach: rollbackFailedInstancesOnPolicyBreach + } + : null automaticOSUpgradePolicy: { enableAutomaticOSUpgrade: enableAutomaticOSUpgrade disableAutomaticRollback: disableAutomaticRollback @@ -483,6 +509,7 @@ resource vmss 'Microsoft.Compute/virtualMachineScaleSets@2022-11-01' = { ] } networkProfile: { + networkApiVersion: (orchestrationMode == 'Flexible') ? '2020-11-01' : null networkInterfaceConfigurations: [ for (nicConfiguration, index) in nicConfigurations: { name: '${name}${nicConfiguration.nicSuffix}configuration-${index}' @@ -519,8 +546,10 @@ resource vmss 'Microsoft.Compute/virtualMachineScaleSets@2022-11-01' = { : null scheduledEventsProfile: scheduledEventsProfile } - overprovision: overprovision - doNotRunExtensionsOnOverprovisionedVMs: doNotRunExtensionsOnOverprovisionedVMs + overprovision: (orchestrationMode == 'Uniform') ? overprovision : null + doNotRunExtensionsOnOverprovisionedVMs: (orchestrationMode == 'Uniform') + ? doNotRunExtensionsOnOverprovisionedVMs + : null zoneBalance: zoneBalance == 'true' ? zoneBalance : null platformFaultDomainCount: scaleSetFaultDomain singlePlacementGroup: singlePlacementGroup diff --git a/avm/res/compute/virtual-machine-scale-set/main.json b/avm/res/compute/virtual-machine-scale-set/main.json index 518c5e8df8..c1ce67cf03 100644 --- a/avm/res/compute/virtual-machine-scale-set/main.json +++ b/avm/res/compute/virtual-machine-scale-set/main.json @@ -6,7 +6,7 @@ "_generator": { "name": "bicep", "version": "0.26.54.24096", - "templateHash": "15325819648954627762" + "templateHash": "9133361224761516270" }, "name": "Virtual Machine Scale Sets", "description": "This module deploys a Virtual Machine Scale Set.", @@ -500,6 +500,34 @@ "description": "Optional. Specifies the mode of an upgrade to virtual machines in the scale set.' Manual - You control the application of updates to virtual machines in the scale set. You do this by using the manualUpgrade action. ; Automatic - All virtual machines in the scale set are automatically updated at the same time. - Automatic, Manual, Rolling." } }, + "enableCrossZoneUpgrade": { + "type": "bool", + "defaultValue": false, + "metadata": { + "description": "Optional. Allow VMSS to ignore AZ boundaries when constructing upgrade batches. Take into consideration the Update Domain and maxBatchInstancePercent to determine the batch size." + } + }, + "maxSurge": { + "type": "bool", + "defaultValue": false, + "metadata": { + "description": "Optional. Create new virtual machines to upgrade the scale set, rather than updating the existing virtual machines. Existing virtual machines will be deleted once the new virtual machines are created for each batch." + } + }, + "prioritizeUnhealthyInstances": { + "type": "bool", + "defaultValue": false, + "metadata": { + "description": "Optional. Upgrade all unhealthy instances in a scale set before any healthy instances." + } + }, + "rollbackFailedInstancesOnPolicyBreach": { + "type": "bool", + "defaultValue": false, + "metadata": { + "description": "Optional. Rollback failed instances to previous model if the Rolling Upgrade policy is violated." + } + }, "maxBatchInstancePercent": { "type": "int", "defaultValue": 20, @@ -565,6 +593,17 @@ "description": "Optional. Specifies the computer name prefix for all of the virtual machines in the scale set." } }, + "orchestrationMode": { + "type": "string", + "defaultValue": "Flexible", + "allowedValues": [ + "Flexible", + "Uniform" + ], + "metadata": { + "description": "Optional. Specifies the orchestration mode for the virtual machine scale set." + } + }, "provisionVMAgent": { "type": "bool", "defaultValue": true, @@ -815,22 +854,18 @@ }, "vmss": { "type": "Microsoft.Compute/virtualMachineScaleSets", - "apiVersion": "2022-11-01", + "apiVersion": "2023-09-01", "name": "[parameters('name')]", "location": "[parameters('location')]", "tags": "[parameters('tags')]", "identity": "[variables('identity')]", "zones": "[parameters('availabilityZones')]", "properties": { + "orchestrationMode": "[parameters('orchestrationMode')]", "proximityPlacementGroup": "[if(not(empty(parameters('proximityPlacementGroupResourceId'))), createObject('id', parameters('proximityPlacementGroupResourceId')), null())]", "upgradePolicy": { "mode": "[parameters('upgradePolicyMode')]", - "rollingUpgradePolicy": { - "maxBatchInstancePercent": "[parameters('maxBatchInstancePercent')]", - "maxUnhealthyInstancePercent": "[parameters('maxUnhealthyInstancePercent')]", - "maxUnhealthyUpgradedInstancePercent": "[parameters('maxUnhealthyUpgradedInstancePercent')]", - "pauseTimeBetweenBatches": "[parameters('pauseTimeBetweenBatches')]" - }, + "rollingUpgradePolicy": "[if(equals(parameters('upgradePolicyMode'), 'Rolling'), createObject('enableCrossZoneUpgrade', parameters('enableCrossZoneUpgrade'), 'maxBatchInstancePercent', parameters('maxBatchInstancePercent'), 'maxSurge', parameters('maxSurge'), 'maxUnhealthyInstancePercent', parameters('maxUnhealthyInstancePercent'), 'maxUnhealthyUpgradedInstancePercent', parameters('maxUnhealthyUpgradedInstancePercent'), 'pauseTimeBetweenBatches', parameters('pauseTimeBetweenBatches'), 'prioritizeUnhealthyInstances', parameters('prioritizeUnhealthyInstances'), 'rollbackFailedInstancesOnPolicyBreach', parameters('rollbackFailedInstancesOnPolicyBreach')), null())]", "automaticOSUpgradePolicy": { "enableAutomaticOSUpgrade": "[parameters('enableAutomaticOSUpgrade')]", "disableAutomaticRollback": "[parameters('disableAutomaticRollback')]" @@ -906,7 +941,8 @@ } } } - ] + ], + "networkApiVersion": "[if(equals(parameters('orchestrationMode'), 'Flexible'), '2020-11-01', null())]" }, "diagnosticsProfile": { "bootDiagnostics": { @@ -920,8 +956,8 @@ "billingProfile": "[if(and(not(empty(parameters('vmPriority'))), not(empty(parameters('maxPriceForLowPriorityVm')))), createObject('maxPrice', parameters('maxPriceForLowPriorityVm')), null())]", "scheduledEventsProfile": "[parameters('scheduledEventsProfile')]" }, - "overprovision": "[parameters('overprovision')]", - "doNotRunExtensionsOnOverprovisionedVMs": "[parameters('doNotRunExtensionsOnOverprovisionedVMs')]", + "overprovision": "[if(equals(parameters('orchestrationMode'), 'Uniform'), parameters('overprovision'), null())]", + "doNotRunExtensionsOnOverprovisionedVMs": "[if(equals(parameters('orchestrationMode'), 'Uniform'), parameters('doNotRunExtensionsOnOverprovisionedVMs'), null())]", "zoneBalance": "[if(equals(parameters('zoneBalance'), 'true'), parameters('zoneBalance'), null())]", "platformFaultDomainCount": "[parameters('scaleSetFaultDomain')]", "singlePlacementGroup": "[parameters('singlePlacementGroup')]", @@ -1055,7 +1091,7 @@ "_generator": { "name": "bicep", "version": "0.26.54.24096", - "templateHash": "8948100547542268397" + "templateHash": "1737879623418595926" }, "name": "Virtual Machine Scale Set Extensions", "description": "This module deploys a Virtual Machine Scale Set Extension.", @@ -1136,7 +1172,7 @@ "resources": [ { "type": "Microsoft.Compute/virtualMachineScaleSets/extensions", - "apiVersion": "2022-11-01", + "apiVersion": "2023-09-01", "name": "[format('{0}/{1}', parameters('virtualMachineScaleSetName'), parameters('name'))]", "properties": { "publisher": "[parameters('publisher')]", @@ -1217,7 +1253,7 @@ "_generator": { "name": "bicep", "version": "0.26.54.24096", - "templateHash": "8948100547542268397" + "templateHash": "1737879623418595926" }, "name": "Virtual Machine Scale Set Extensions", "description": "This module deploys a Virtual Machine Scale Set Extension.", @@ -1298,7 +1334,7 @@ "resources": [ { "type": "Microsoft.Compute/virtualMachineScaleSets/extensions", - "apiVersion": "2022-11-01", + "apiVersion": "2023-09-01", "name": "[format('{0}/{1}', parameters('virtualMachineScaleSetName'), parameters('name'))]", "properties": { "publisher": "[parameters('publisher')]", @@ -1386,7 +1422,7 @@ "_generator": { "name": "bicep", "version": "0.26.54.24096", - "templateHash": "8948100547542268397" + "templateHash": "1737879623418595926" }, "name": "Virtual Machine Scale Set Extensions", "description": "This module deploys a Virtual Machine Scale Set Extension.", @@ -1467,7 +1503,7 @@ "resources": [ { "type": "Microsoft.Compute/virtualMachineScaleSets/extensions", - "apiVersion": "2022-11-01", + "apiVersion": "2023-09-01", "name": "[format('{0}/{1}', parameters('virtualMachineScaleSetName'), parameters('name'))]", "properties": { "publisher": "[parameters('publisher')]", @@ -1545,7 +1581,7 @@ "_generator": { "name": "bicep", "version": "0.26.54.24096", - "templateHash": "8948100547542268397" + "templateHash": "1737879623418595926" }, "name": "Virtual Machine Scale Set Extensions", "description": "This module deploys a Virtual Machine Scale Set Extension.", @@ -1626,7 +1662,7 @@ "resources": [ { "type": "Microsoft.Compute/virtualMachineScaleSets/extensions", - "apiVersion": "2022-11-01", + "apiVersion": "2023-09-01", "name": "[format('{0}/{1}', parameters('virtualMachineScaleSetName'), parameters('name'))]", "properties": { "publisher": "[parameters('publisher')]", @@ -1703,7 +1739,7 @@ "_generator": { "name": "bicep", "version": "0.26.54.24096", - "templateHash": "8948100547542268397" + "templateHash": "1737879623418595926" }, "name": "Virtual Machine Scale Set Extensions", "description": "This module deploys a Virtual Machine Scale Set Extension.", @@ -1784,7 +1820,7 @@ "resources": [ { "type": "Microsoft.Compute/virtualMachineScaleSets/extensions", - "apiVersion": "2022-11-01", + "apiVersion": "2023-09-01", "name": "[format('{0}/{1}', parameters('virtualMachineScaleSetName'), parameters('name'))]", "properties": { "publisher": "[parameters('publisher')]", @@ -1865,7 +1901,7 @@ "_generator": { "name": "bicep", "version": "0.26.54.24096", - "templateHash": "8948100547542268397" + "templateHash": "1737879623418595926" }, "name": "Virtual Machine Scale Set Extensions", "description": "This module deploys a Virtual Machine Scale Set Extension.", @@ -1946,7 +1982,7 @@ "resources": [ { "type": "Microsoft.Compute/virtualMachineScaleSets/extensions", - "apiVersion": "2022-11-01", + "apiVersion": "2023-09-01", "name": "[format('{0}/{1}', parameters('virtualMachineScaleSetName'), parameters('name'))]", "properties": { "publisher": "[parameters('publisher')]", @@ -2033,7 +2069,7 @@ "_generator": { "name": "bicep", "version": "0.26.54.24096", - "templateHash": "8948100547542268397" + "templateHash": "1737879623418595926" }, "name": "Virtual Machine Scale Set Extensions", "description": "This module deploys a Virtual Machine Scale Set Extension.", @@ -2114,7 +2150,7 @@ "resources": [ { "type": "Microsoft.Compute/virtualMachineScaleSets/extensions", - "apiVersion": "2022-11-01", + "apiVersion": "2023-09-01", "name": "[format('{0}/{1}', parameters('virtualMachineScaleSetName'), parameters('name'))]", "properties": { "publisher": "[parameters('publisher')]", @@ -2195,7 +2231,7 @@ "_generator": { "name": "bicep", "version": "0.26.54.24096", - "templateHash": "8948100547542268397" + "templateHash": "1737879623418595926" }, "name": "Virtual Machine Scale Set Extensions", "description": "This module deploys a Virtual Machine Scale Set Extension.", @@ -2276,7 +2312,7 @@ "resources": [ { "type": "Microsoft.Compute/virtualMachineScaleSets/extensions", - "apiVersion": "2022-11-01", + "apiVersion": "2023-09-01", "name": "[format('{0}/{1}', parameters('virtualMachineScaleSetName'), parameters('name'))]", "properties": { "publisher": "[parameters('publisher')]", @@ -2349,14 +2385,14 @@ "metadata": { "description": "The principal ID of the system assigned identity." }, - "value": "[coalesce(tryGet(tryGet(reference('vmss', '2022-11-01', 'full'), 'identity'), 'principalId'), '')]" + "value": "[coalesce(tryGet(tryGet(reference('vmss', '2023-09-01', 'full'), 'identity'), 'principalId'), '')]" }, "location": { "type": "string", "metadata": { "description": "The location the resource was deployed into." }, - "value": "[reference('vmss', '2022-11-01', 'full').location]" + "value": "[reference('vmss', '2023-09-01', 'full').location]" } } } \ No newline at end of file diff --git a/avm/res/compute/virtual-machine-scale-set/tests/e2e/linux.defaults/main.test.bicep b/avm/res/compute/virtual-machine-scale-set/tests/e2e/linux.defaults/main.test.bicep index f2bda65417..c762304bb7 100644 --- a/avm/res/compute/virtual-machine-scale-set/tests/e2e/linux.defaults/main.test.bicep +++ b/avm/res/compute/virtual-machine-scale-set/tests/e2e/linux.defaults/main.test.bicep @@ -81,6 +81,9 @@ module testDeployment '../../../main.bicep' = [ subnet: { id: nestedDependencies.outputs.subnetResourceId } + publicIPAddressConfiguration: { + name: '${namePrefix}-pip-${serviceShort}' + } } } ] diff --git a/avm/res/compute/virtual-machine-scale-set/tests/e2e/linux.max/main.test.bicep b/avm/res/compute/virtual-machine-scale-set/tests/e2e/linux.max/main.test.bicep index 1794bd0571..75ece5bcaf 100644 --- a/avm/res/compute/virtual-machine-scale-set/tests/e2e/linux.max/main.test.bicep +++ b/avm/res/compute/virtual-machine-scale-set/tests/e2e/linux.max/main.test.bicep @@ -173,6 +173,9 @@ module testDeployment '../../../main.bicep' = [ subnet: { id: nestedDependencies.outputs.subnetResourceId } + publicIPAddressConfiguration: { + name: '${namePrefix}-pip-${serviceShort}' + } } } ] @@ -195,7 +198,7 @@ module testDeployment '../../../main.bicep' = [ scaleSetFaultDomain: 1 skuCapacity: 1 managedIdentities: { - systemAssigned: true + systemAssigned: false userAssignedResourceIds: [ nestedDependencies.outputs.managedIdentityResourceId ] diff --git a/avm/res/compute/virtual-machine-scale-set/tests/e2e/linux.ssecmk/main.test.bicep b/avm/res/compute/virtual-machine-scale-set/tests/e2e/linux.ssecmk/main.test.bicep index 035f41d15f..0123911437 100644 --- a/avm/res/compute/virtual-machine-scale-set/tests/e2e/linux.ssecmk/main.test.bicep +++ b/avm/res/compute/virtual-machine-scale-set/tests/e2e/linux.ssecmk/main.test.bicep @@ -79,6 +79,9 @@ module testDeployment '../../../main.bicep' = [ subnet: { id: nestedDependencies.outputs.subnetResourceId } + publicIPAddressConfiguration: { + name: '${namePrefix}-pip-${serviceShort}' + } } } ] diff --git a/avm/res/compute/virtual-machine-scale-set/tests/e2e/windows.defaults/main.test.bicep b/avm/res/compute/virtual-machine-scale-set/tests/e2e/windows.defaults/main.test.bicep index 085ffb5828..7ece80db05 100644 --- a/avm/res/compute/virtual-machine-scale-set/tests/e2e/windows.defaults/main.test.bicep +++ b/avm/res/compute/virtual-machine-scale-set/tests/e2e/windows.defaults/main.test.bicep @@ -82,6 +82,9 @@ module testDeployment '../../../main.bicep' = [ subnet: { id: nestedDependencies.outputs.subnetResourceId } + publicIPAddressConfiguration: { + name: '${namePrefix}-pip-${serviceShort}' + } } } ] diff --git a/avm/res/compute/virtual-machine-scale-set/tests/e2e/windows.max/main.test.bicep b/avm/res/compute/virtual-machine-scale-set/tests/e2e/windows.max/main.test.bicep index ecc12d03d8..ae46d40a0c 100644 --- a/avm/res/compute/virtual-machine-scale-set/tests/e2e/windows.max/main.test.bicep +++ b/avm/res/compute/virtual-machine-scale-set/tests/e2e/windows.max/main.test.bicep @@ -174,6 +174,9 @@ module testDeployment '../../../main.bicep' = [ subnet: { id: nestedDependencies.outputs.subnetResourceId } + publicIPAddressConfiguration: { + name: '${namePrefix}-pip-${serviceShort}' + } } } ] @@ -189,7 +192,7 @@ module testDeployment '../../../main.bicep' = [ ] skuCapacity: 1 managedIdentities: { - systemAssigned: true + systemAssigned: false userAssignedResourceIds: [ nestedDependencies.outputs.managedIdentityResourceId ] diff --git a/avm/res/compute/virtual-machine-scale-set/tests/e2e/windows.waf-aligned/main.test.bicep b/avm/res/compute/virtual-machine-scale-set/tests/e2e/windows.waf-aligned/main.test.bicep index 761f393356..0374439530 100644 --- a/avm/res/compute/virtual-machine-scale-set/tests/e2e/windows.waf-aligned/main.test.bicep +++ b/avm/res/compute/virtual-machine-scale-set/tests/e2e/windows.waf-aligned/main.test.bicep @@ -170,6 +170,9 @@ module testDeployment '../../../main.bicep' = [ subnet: { id: nestedDependencies.outputs.subnetResourceId } + publicIPAddressConfiguration: { + name: '${namePrefix}-pip-${serviceShort}' + } } } ] @@ -178,7 +181,7 @@ module testDeployment '../../../main.bicep' = [ ] skuCapacity: 1 managedIdentities: { - systemAssigned: true + systemAssigned: false userAssignedResourceIds: [ nestedDependencies.outputs.managedIdentityResourceId ] diff --git a/avm/res/compute/virtual-machine-scale-set/version.json b/avm/res/compute/virtual-machine-scale-set/version.json index 83083db694..1c035df49f 100644 --- a/avm/res/compute/virtual-machine-scale-set/version.json +++ b/avm/res/compute/virtual-machine-scale-set/version.json @@ -1,6 +1,6 @@ { "$schema": "https://aka.ms/bicep-registry-module-version-file-schema#", - "version": "0.1", + "version": "0.2", "pathFilters": [ "./main.json" ] diff --git a/avm/res/container-service/managed-cluster/README.md b/avm/res/container-service/managed-cluster/README.md index 18b51cc75b..2c6fc4b762 100644 --- a/avm/res/container-service/managed-cluster/README.md +++ b/avm/res/container-service/managed-cluster/README.md @@ -1494,6 +1494,7 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster: ⚠️THIS MODULE IS CURRENTLY ORPHANED.⚠️ -> -> - Only security and bug fixes are being handled by the AVM core team at present. -> - If interested in becoming the module owner of this orphaned module (must be Microsoft FTE), please look for the related "orphaned module" GitHub issue [here](https://aka.ms/AVM/OrphanedModules)! - This module deploys a Scheduled Query Rule. ## Navigation diff --git a/avm/res/insights/scheduled-query-rule/main.json b/avm/res/insights/scheduled-query-rule/main.json index 3f5f174495..c8dad9e133 100644 --- a/avm/res/insights/scheduled-query-rule/main.json +++ b/avm/res/insights/scheduled-query-rule/main.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "11130634754232789940" + "version": "0.26.170.59819", + "templateHash": "15037142199357270998" }, "name": "Scheduled Query Rules", "description": "This module deploys a Scheduled Query Rule.", diff --git a/avm/res/network/virtual-network/README.md b/avm/res/network/virtual-network/README.md index 87cb1ddedc..2618d0811f 100644 --- a/avm/res/network/virtual-network/README.md +++ b/avm/res/network/virtual-network/README.md @@ -188,6 +188,13 @@ module virtualNetwork 'br/public:avm/res/network/virtual-network:' = { privateEndpointNetworkPolicies: 'Disabled' privateLinkServiceNetworkPolicies: 'Enabled' } + { + addressPrefix: '' + name: 'az-subnet-x-004' + natGatewayResourceId: '' + networkSecurityGroupResourceId: '' + routeTableResourceId: '' + } { addressPrefix: '' name: 'AzureBastionSubnet' @@ -319,6 +326,13 @@ module virtualNetwork 'br/public:avm/res/network/virtual-network:' = { "privateEndpointNetworkPolicies": "Disabled", "privateLinkServiceNetworkPolicies": "Enabled" }, + { + "addressPrefix": "", + "name": "az-subnet-x-004", + "natGatewayResourceId": "", + "networkSecurityGroupResourceId": "", + "routeTableResourceId": "" + }, { "addressPrefix": "", "name": "AzureBastionSubnet", diff --git a/avm/res/network/virtual-network/main.bicep b/avm/res/network/virtual-network/main.bicep index e1d6854e1c..28c1db21ae 100644 --- a/avm/res/network/virtual-network/main.bicep +++ b/avm/res/network/virtual-network/main.bicep @@ -130,12 +130,12 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { : [] delegations: contains(subnet, 'delegations') ? subnet.delegations : [] ipAllocations: contains(subnet, 'ipAllocations') ? subnet.ipAllocations : [] - natGateway: contains(subnet, 'natGatewayResourceId') + natGateway: contains(subnet, 'natGatewayResourceId') && !empty(subnet.natGatewayResourceId) ? { id: subnet.natGatewayResourceId } : null - networkSecurityGroup: contains(subnet, 'networkSecurityGroupResourceId') + networkSecurityGroup: contains(subnet, 'networkSecurityGroupResourceId') && !empty(subnet.networkSecurityGroupResourceId) ? { id: subnet.networkSecurityGroupResourceId } @@ -146,7 +146,7 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { privateLinkServiceNetworkPolicies: contains(subnet, 'privateLinkServiceNetworkPolicies') ? subnet.privateLinkServiceNetworkPolicies : null - routeTable: contains(subnet, 'routeTableResourceId') + routeTable: contains(subnet, 'routeTableResourceId') && !empty(subnet.routeTableResourceId) ? { id: subnet.routeTableResourceId } @@ -167,6 +167,7 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { // You can safely remove the below child module (virtualNetwork_subnets) in your consumption of the module (virtualNetworks) to reduce the template size and duplication. //NOTE End : ------------------------------------ +@batchSize(1) module virtualNetwork_subnets 'subnet/main.bicep' = [ for (subnet, index) in subnets: { name: '${uniqueString(deployment().name, location)}-subnet-${index}' diff --git a/avm/res/network/virtual-network/main.json b/avm/res/network/virtual-network/main.json index 8e3664e661..900b04583d 100644 --- a/avm/res/network/virtual-network/main.json +++ b/avm/res/network/virtual-network/main.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "11377673418536997302" + "version": "0.26.170.59819", + "templateHash": "15351421638054038409" }, "name": "Virtual Networks", "description": "This module deploys a Virtual Network (vNet).", @@ -382,11 +382,11 @@ "applicationGatewayIPConfigurations": "[if(contains(parameters('subnets')[copyIndex('subnets')], 'applicationGatewayIPConfigurations'), parameters('subnets')[copyIndex('subnets')].applicationGatewayIPConfigurations, createArray())]", "delegations": "[if(contains(parameters('subnets')[copyIndex('subnets')], 'delegations'), parameters('subnets')[copyIndex('subnets')].delegations, createArray())]", "ipAllocations": "[if(contains(parameters('subnets')[copyIndex('subnets')], 'ipAllocations'), parameters('subnets')[copyIndex('subnets')].ipAllocations, createArray())]", - "natGateway": "[if(contains(parameters('subnets')[copyIndex('subnets')], 'natGatewayResourceId'), createObject('id', parameters('subnets')[copyIndex('subnets')].natGatewayResourceId), null())]", - "networkSecurityGroup": "[if(contains(parameters('subnets')[copyIndex('subnets')], 'networkSecurityGroupResourceId'), createObject('id', parameters('subnets')[copyIndex('subnets')].networkSecurityGroupResourceId), null())]", + "natGateway": "[if(and(contains(parameters('subnets')[copyIndex('subnets')], 'natGatewayResourceId'), not(empty(parameters('subnets')[copyIndex('subnets')].natGatewayResourceId))), createObject('id', parameters('subnets')[copyIndex('subnets')].natGatewayResourceId), null())]", + "networkSecurityGroup": "[if(and(contains(parameters('subnets')[copyIndex('subnets')], 'networkSecurityGroupResourceId'), not(empty(parameters('subnets')[copyIndex('subnets')].networkSecurityGroupResourceId))), createObject('id', parameters('subnets')[copyIndex('subnets')].networkSecurityGroupResourceId), null())]", "privateEndpointNetworkPolicies": "[if(contains(parameters('subnets')[copyIndex('subnets')], 'privateEndpointNetworkPolicies'), parameters('subnets')[copyIndex('subnets')].privateEndpointNetworkPolicies, null())]", "privateLinkServiceNetworkPolicies": "[if(contains(parameters('subnets')[copyIndex('subnets')], 'privateLinkServiceNetworkPolicies'), parameters('subnets')[copyIndex('subnets')].privateLinkServiceNetworkPolicies, null())]", - "routeTable": "[if(contains(parameters('subnets')[copyIndex('subnets')], 'routeTableResourceId'), createObject('id', parameters('subnets')[copyIndex('subnets')].routeTableResourceId), null())]", + "routeTable": "[if(and(contains(parameters('subnets')[copyIndex('subnets')], 'routeTableResourceId'), not(empty(parameters('subnets')[copyIndex('subnets')].routeTableResourceId))), createObject('id', parameters('subnets')[copyIndex('subnets')].routeTableResourceId), null())]", "serviceEndpoints": "[if(contains(parameters('subnets')[copyIndex('subnets')], 'serviceEndpoints'), parameters('subnets')[copyIndex('subnets')].serviceEndpoints, createArray())]", "serviceEndpointPolicies": "[if(contains(parameters('subnets')[copyIndex('subnets')], 'serviceEndpointPolicies'), parameters('subnets')[copyIndex('subnets')].serviceEndpointPolicies, createArray())]" } @@ -483,7 +483,9 @@ "virtualNetwork_subnets": { "copy": { "name": "virtualNetwork_subnets", - "count": "[length(parameters('subnets'))]" + "count": "[length(parameters('subnets'))]", + "mode": "serial", + "batchSize": 1 }, "type": "Microsoft.Resources/deployments", "apiVersion": "2022-09-01", @@ -523,8 +525,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "11309828149329550402" + "version": "0.26.170.59819", + "templateHash": "17306638026226376877" }, "name": "Virtual Network Subnets", "description": "This module deploys a Virtual Network Subnet.", @@ -849,8 +851,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "2926837656927862519" + "version": "0.26.170.59819", + "templateHash": "17624189975510507274" }, "name": "Virtual Network Peerings", "description": "This module deploys a Virtual Network Peering.", @@ -994,8 +996,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "2926837656927862519" + "version": "0.26.170.59819", + "templateHash": "17624189975510507274" }, "name": "Virtual Network Peerings", "description": "This module deploys a Virtual Network Peering.", diff --git a/avm/res/network/virtual-network/tests/e2e/max/main.test.bicep b/avm/res/network/virtual-network/tests/e2e/max/main.test.bicep index 0eff43a79d..6111d452f3 100644 --- a/avm/res/network/virtual-network/tests/e2e/max/main.test.bicep +++ b/avm/res/network/virtual-network/tests/e2e/max/main.test.bicep @@ -151,11 +151,18 @@ module testDeployment '../../../main.bicep' = [ } { addressPrefix: cidrSubnet(addressPrefix, 24, 4) + name: '${namePrefix}-az-subnet-x-004' + networkSecurityGroupResourceId: '' + natGatewayResourceId: '' + routeTableResourceId: '' + } + { + addressPrefix: cidrSubnet(addressPrefix, 24, 5) name: 'AzureBastionSubnet' networkSecurityGroupResourceId: nestedDependencies.outputs.networkSecurityGroupBastionResourceId } { - addressPrefix: cidrSubnet(addressPrefix, 24, 5) + addressPrefix: cidrSubnet(addressPrefix, 24, 6) name: 'AzureFirewallSubnet' } ] diff --git a/avm/utilities/pipelines/staticValidation/psrule/.ps-rule/min-suppress.Rule.yaml b/avm/utilities/pipelines/staticValidation/psrule/.ps-rule/min-suppress.Rule.yaml index b15a2d0b3e..3a57dca060 100644 --- a/avm/utilities/pipelines/staticValidation/psrule/.ps-rule/min-suppress.Rule.yaml +++ b/avm/utilities/pipelines/staticValidation/psrule/.ps-rule/min-suppress.Rule.yaml @@ -15,6 +15,8 @@ spec: - Azure.Cognitive.ManagedIdentity # Automation specific - Azure.Automation.ManagedIdentity + - Azure.Automation.AuditLogs # Diagnostic Settings cannot be set by default, but require user input + - Azure.Automation.PlatformLogs # Diagnostic Settings cannot be set by default, but require user input # Key Vault specific - Azure.KeyVault.Logs - Azure.KeyVault.Firewall