Merge branch 'main' of https://github.com/Azure/bicep-registry-modules

Azure · May 2, 2024 · b87c025 · b87c025
2 parents 83c8dfb + a65ce78
commit b87c025
Show file tree

Hide file tree

Showing 23 changed files with 378 additions and 70 deletions.
diff --git a/.github/workflows/avm.res.network.application-gateway.yml b/.github/workflows/avm.res.network.application-gateway.yml
@@ -30,6 +30,7 @@ on:
       - ".github/workflows/avm.res.network.application-gateway.yml"
       - "avm/res/network/application-gateway/**"
       - "avm/utilities/pipelines/**"
+      - "!avm/utilities/pipelines/platform/**"
       - "!*/**/README.md"
 
 env:

diff --git a/.github/workflows/avm.res.sql.managed-instance.yml b/.github/workflows/avm.res.sql.managed-instance.yml
@@ -29,6 +29,7 @@ on:
       - ".github/workflows/avm.res.sql.managed-instance.yml"
       - "avm/res/sql/managed-instance/**"
       - "avm/utilities/pipelines/**"
+      - "!avm/utilities/pipelines/platform/**"
       - "!*/**/README.md"
 
 env:

diff --git a/avm/res/app-configuration/configuration-store/ORPHANED.md b/avm/res/app-configuration/configuration-store/ORPHANED.md
diff --git a/avm/res/app-configuration/configuration-store/README.md b/avm/res/app-configuration/configuration-store/README.md
@@ -1,10 +1,5 @@
 # App Configuration Stores `[Microsoft.AppConfiguration/configurationStores]`
 
-> ⚠️THIS MODULE IS CURRENTLY ORPHANED.⚠️
-> 
-> - Only security and bug fixes are being handled by the AVM core team at present.
-> - If interested in becoming the module owner of this orphaned module (must be Microsoft FTE), please look for the related "orphaned module" GitHub issue [here](https://aka.ms/AVM/OrphanedModules)!
-
 This module deploys an App Configuration Store.
 
 ## Navigation
@@ -22,6 +17,7 @@ This module deploys an App Configuration Store.
 | :-- | :-- |
 | `Microsoft.AppConfiguration/configurationStores` | [2023-03-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.AppConfiguration/2023-03-01/configurationStores) |
 | `Microsoft.AppConfiguration/configurationStores/keyValues` | [2023-03-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.AppConfiguration/2023-03-01/configurationStores/keyValues) |
+| `Microsoft.AppConfiguration/configurationStores/replicas` | [2023-03-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.AppConfiguration/2023-03-01/configurationStores/replicas) |
 | `Microsoft.Authorization/locks` | [2020-05-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2020-05-01/locks) |
 | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) |
 | `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) |
@@ -58,6 +54,7 @@ module configurationStore 'br/public:avm/res/app-configuration/configuration-sto
     // Required parameters
     name: 'accmin001'
     // Non-required parameters
+    enablePurgeProtection: '<enablePurgeProtection>'
     location: '<location>'
   }
 }
@@ -80,6 +77,9 @@ module configurationStore 'br/public:avm/res/app-configuration/configuration-sto
       "value": "accmin001"
     },
     // Non-required parameters
+    "enablePurgeProtection": {
+      "value": "<enablePurgeProtection>"
+    },
     "location": {
       "value": "<location>"
     }
@@ -112,8 +112,8 @@ module configurationStore 'br/public:avm/res/app-configuration/configuration-sto
       keyVaultResourceId: '<keyVaultResourceId>'
       userAssignedIdentityResourceId: '<userAssignedIdentityResourceId>'
     }
-    disableLocalAuth: false
-    enablePurgeProtection: false
+    disableLocalAuth: '<disableLocalAuth>'
+    enablePurgeProtection: '<enablePurgeProtection>'
     keyValues: [
       {
         contentType: 'contentType'
@@ -167,10 +167,10 @@ module configurationStore 'br/public:avm/res/app-configuration/configuration-sto
       }
     },
     "disableLocalAuth": {
-      "value": false
+      "value": "<disableLocalAuth>"
     },
     "enablePurgeProtection": {
-      "value": false
+      "value": "<enablePurgeProtection>"
     },
     "keyValues": {
       "value": [
@@ -239,8 +239,8 @@ module configurationStore 'br/public:avm/res/app-configuration/configuration-sto
         workspaceResourceId: '<workspaceResourceId>'
       }
     ]
-    disableLocalAuth: false
-    enablePurgeProtection: false
+    disableLocalAuth: '<disableLocalAuth>'
+    enablePurgeProtection: '<enablePurgeProtection>'
     keyValues: [
       {
         contentType: 'contentType'
@@ -270,6 +270,10 @@ module configurationStore 'br/public:avm/res/app-configuration/configuration-sto
         '<managedIdentityResourceId>'
       ]
     }
+    replicaLocations: [
+      'centralus'
+      'westus'
+    ]
     roleAssignments: [
       {
         principalId: '<principalId>'
@@ -334,10 +338,10 @@ module configurationStore 'br/public:avm/res/app-configuration/configuration-sto
       ]
     },
     "disableLocalAuth": {
-      "value": false
+      "value": "<disableLocalAuth>"
     },
     "enablePurgeProtection": {
-      "value": false
+      "value": "<enablePurgeProtection>"
     },
     "keyValues": {
       "value": [
@@ -376,6 +380,12 @@ module configurationStore 'br/public:avm/res/app-configuration/configuration-sto
         ]
       }
     },
+    "replicaLocations": {
+      "value": [
+        "centralus",
+        "westus"
+      ]
+    },
     "roleAssignments": {
       "value": [
         {
@@ -429,8 +439,7 @@ module configurationStore 'br/public:avm/res/app-configuration/configuration-sto
     name: 'accpe001'
     // Non-required parameters
     createMode: 'Default'
-    disableLocalAuth: false
-    enablePurgeProtection: false
+    enablePurgeProtection: '<enablePurgeProtection>'
     location: '<location>'
     privateEndpoints: [
       {
@@ -476,11 +485,8 @@ module configurationStore 'br/public:avm/res/app-configuration/configuration-sto
     "createMode": {
       "value": "Default"
     },
-    "disableLocalAuth": {
-      "value": false
-    },
     "enablePurgeProtection": {
-      "value": false
+      "value": "<enablePurgeProtection>"
     },
     "location": {
       "value": "<location>"
@@ -541,8 +547,8 @@ module configurationStore 'br/public:avm/res/app-configuration/configuration-sto
         workspaceResourceId: '<workspaceResourceId>'
       }
     ]
-    disableLocalAuth: false
-    enablePurgeProtection: false
+    disableLocalAuth: '<disableLocalAuth>'
+    enablePurgeProtection: '<enablePurgeProtection>'
     keyValues: [
       {
         contentType: 'contentType'
@@ -551,6 +557,10 @@ module configurationStore 'br/public:avm/res/app-configuration/configuration-sto
       }
     ]
     location: '<location>'
+    replicaLocations: [
+      'centralus'
+      'westus'
+    ]
     softDeleteRetentionInDays: 1
     tags: {
       Environment: 'Non-Prod'
@@ -592,10 +602,10 @@ module configurationStore 'br/public:avm/res/app-configuration/configuration-sto
       ]
     },
     "disableLocalAuth": {
-      "value": false
+      "value": "<disableLocalAuth>"
     },
     "enablePurgeProtection": {
-      "value": false
+      "value": "<enablePurgeProtection>"
     },
     "keyValues": {
       "value": [
@@ -609,6 +619,12 @@ module configurationStore 'br/public:avm/res/app-configuration/configuration-sto
     "location": {
       "value": "<location>"
     },
+    "replicaLocations": {
+      "value": [
+        "centralus",
+        "westus"
+      ]
+    },
     "softDeleteRetentionInDays": {
       "value": 1
     },
@@ -643,14 +659,15 @@ module configurationStore 'br/public:avm/res/app-configuration/configuration-sto
 | [`customerManagedKey`](#parameter-customermanagedkey) | object | The customer managed key definition. |
 | [`diagnosticSettings`](#parameter-diagnosticsettings) | array | The diagnostic settings of the service. |
 | [`disableLocalAuth`](#parameter-disablelocalauth) | bool | Disables all authentication methods other than AAD authentication. |
-| [`enablePurgeProtection`](#parameter-enablepurgeprotection) | bool | Property specifying whether protection against purge is enabled for this configuration store. |
+| [`enablePurgeProtection`](#parameter-enablepurgeprotection) | bool | Property specifying whether protection against purge is enabled for this configuration store. Defaults to true unless sku is set to Free, since purge protection is not available in Free tier. |
 | [`enableTelemetry`](#parameter-enabletelemetry) | bool | Enable/Disable usage telemetry for module. |
 | [`keyValues`](#parameter-keyvalues) | array | All Key / Values to create. Requires local authentication to be enabled. |
 | [`location`](#parameter-location) | string | Location for all Resources. |
 | [`lock`](#parameter-lock) | object | The lock settings of the service. |
 | [`managedIdentities`](#parameter-managedidentities) | object | The managed identity definition for this resource. |
 | [`privateEndpoints`](#parameter-privateendpoints) | array | Configuration details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible. |
 | [`publicNetworkAccess`](#parameter-publicnetworkaccess) | string | Whether or not public network access is allowed for this resource. For security reasons it should be disabled. If not specified, it will be disabled by default if private endpoints are set. |
+| [`replicaLocations`](#parameter-replicalocations) | array | All Replicas to create. |
 | [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignments to create. |
 | [`sku`](#parameter-sku) | string | Pricing tier of App Configuration. |
 | [`softDeleteRetentionInDays`](#parameter-softdeleteretentionindays) | int | The amount of time in days that the configuration store will be retained when it is soft deleted. |
@@ -858,15 +875,15 @@ Disables all authentication methods other than AAD authentication.
 
 - Required: No
 - Type: bool
-- Default: `False`
+- Default: `True`
 
 ### Parameter: `enablePurgeProtection`
 
-Property specifying whether protection against purge is enabled for this configuration store.
+Property specifying whether protection against purge is enabled for this configuration store. Defaults to true unless sku is set to Free, since purge protection is not available in Free tier.
 
 - Required: No
 - Type: bool
-- Default: `False`
+- Default: `True`
 
 ### Parameter: `enableTelemetry`
 
@@ -1296,6 +1313,13 @@ Whether or not public network access is allowed for this resource. For security
   ]
   ```
 
+### Parameter: `replicaLocations`
+
+All Replicas to create.
+
+- Required: No
+- Type: array
+
 ### Parameter: `roleAssignments`
 
 Array of role assignments to create.

diff --git a/avm/res/app-configuration/configuration-store/key-value/main.json b/avm/res/app-configuration/configuration-store/key-value/main.json
@@ -5,8 +5,8 @@
   "metadata": {
     "_generator": {
       "name": "bicep",
-      "version": "0.26.54.24096",
-      "templateHash": "8492150446155311380"
+      "version": "0.26.170.59819",
+      "templateHash": "4987655092014889247"
     },
     "name": "App Configuration Stores Key Values",
     "description": "This module deploys an App Configuration Store Key Value.",

diff --git a/avm/res/app-configuration/configuration-store/main.bicep b/avm/res/app-configuration/configuration-store/main.bicep
@@ -26,10 +26,10 @@ param sku string = 'Standard'
 param createMode string = 'Default'
 
 @description('Optional. Disables all authentication methods other than AAD authentication.')
-param disableLocalAuth bool = false
+param disableLocalAuth bool = true
 
-@description('Optional. Property specifying whether protection against purge is enabled for this configuration store.')
-param enablePurgeProtection bool = false
+@description('Optional. Property specifying whether protection against purge is enabled for this configuration store. Defaults to true unless sku is set to Free, since purge protection is not available in Free tier.')
+param enablePurgeProtection bool = true
 
 @description('Optional. Whether or not public network access is allowed for this resource. For security reasons it should be disabled. If not specified, it will be disabled by default if private endpoints are set.')
 @allowed([
@@ -49,6 +49,9 @@ param customerManagedKey customerManagedKeyType
 @description('Optional. All Key / Values to create. Requires local authentication to be enabled.')
 param keyValues array?
 
+@description('Optional. All Replicas to create.')
+param replicaLocations array?
+
 @description('Optional. The diagnostic settings of the service.')
 param diagnosticSettings diagnosticSettingType
 
@@ -198,6 +201,16 @@ module configurationStore_keyValues 'key-value/main.bicep' = [
   }
 ]
 
+module configurationStore_replicas 'replicas/main.bicep' = [
+  for (replicaLocation, index) in (replicaLocations ?? []): {
+    name: '${uniqueString(deployment().name, location)}-AppConfig-Replicas-${index}'
+    params: {
+      appConfigurationName: configurationStore.name
+      replicaLocation: replicaLocation
+      name: '${replicaLocation}replica'
+    }
+  }
+]
 resource configurationStore_lock 'Microsoft.Authorization/locks@2020-05-01' =
   if (!empty(lock ?? {}) && lock.?kind != 'None') {
     name: lock.?name ?? 'lock-${name}'