feat: Added UDT for Managed identity and Deployment Scripts

[johnlokerse]

Description

This pull request introduces two user-defined types for the following modules:

• Deployment scripts -> (secure) environment variables (tagging module owner: @sebassem)
• User Assigned Managed Identity -> federated identity credentials (tagging module owner: @elanzel)
• Removed an unused line of code in .github/actions/templates/avm-validateModuleDeployment/action.yml

Extra context regarding @secure() decorator on user-defined type. When the Bicep template is built the type is referred as a secureString so the parameter inherits the secureString type and the parameter is secure during deployment:

Also double checked if the outputs were working and tested it via this Bicep template:

/* Bicepparam
using './testsecureoutput.bicep'

param parTestingParameter = {
  secureList: [
    {
      name: 'test'
      secureValue: 'test123'
    }
  ]
}
*/

param parTestingParameter environmentVariableType

output outTestBool bool = parTestingParameter != null
output outTestArray array = parTestingParameter != null ? parTestingParameter!.secureList : []
output outTestArrayV2 array = parTestingParameter!.secureList ?? []
output outTestString string = first(parTestingParameter.secureList)!.secureValue!

@secure()
type environmentVariableType = {
  secureList: {
    name: string
    secureValue: string?
    value: string?
  }[]
}?

Pipeline Reference

Type of Change

• Update to CI Environment or utlities (Non-module effecting changes)
• Azure Verified Module updates:
  • Bugfix containing backwards compatible bug fixes, and I have NOT bumped the MAJOR or MINOR version in version.json:
    • Someone has opened a bug report issue, and I have included "Closes #{bug_report_issue_number}" in the PR description.
    • The bug was found by the module author, and no one has opened an issue to report it yet.
  • Feature update backwards compatible feature updates, and I have bumped the MINOR version in version.json.
  • Breaking changes and I have bumped the MAJOR version in version.json.
  • Update to documentation

Checklist

• I'm sure there are no other open Pull Requests for the same update/change
• I have run Set-AVMModule locally to generate the supporting module files.
• My corresponding pipelines / checks run clean and green without any errors or warnings

[johnlokerse]

@AlexanderSehr FYI - had some issues with the randomised resource location selector on the deployment of the user-assigned managed identity. It deployed in eastasia, but that region does not support federated credentials. Maybe being able to override the location would be handy.

[AlexanderSehr]

@AlexanderSehr FYI - had some issues with the randomised resource location selector on the deployment of the user-assigned managed identity. It deployed in eastasia, but that region does not support federated credentials. Maybe being able to override the location would be handy

Hey @johnlokerse,
that's indeed unfortunate as the location selector tries to only select regions where the resource exists, yet fails if certain features don't exist.
I worked around it in some other module recently by introducing an additional parameter to enforce a certain location

https://github.com/Azure/bicep-registry-modules/blob/a964d0c128afd8ccfe1d2ecbb3428868214cdf17/avm/res/purview/account/tests/e2e/max/main.test.bicep#L22-24

cc: @eriqua, @ChrisSidebotham fyi

[sebassem]

LGTM :)

It's my own. I shall dismiss