feat: add public ip address support for /res/api-management/service

[tony-box]

Description

Closes #1104

Adds APIM support for PublicIPAddress

Pipeline Reference

Pipeline

Type of Change

• Update to CI Environment or utlities (Non-module effecting changes)
• Azure Verified Module updates:
  • Bugfix containing backwards compatible bug fixes, and I have NOT bumped the MAJOR or MINOR version in version.json:
    • Someone has opened a bug report issue, and I have included "Closes #{bug_report_issue_number}" in the PR description.
    • The bug was found by the module author, and no one has opened an issue to report it yet.
  • Feature update backwards compatible feature updates, and I have bumped the MINOR version in version.json.
  • Breaking changes and I have bumped the MAJOR version in version.json.
  • Update to documentation

Checklist

• I'm sure there are no other open Pull Requests for the same update/change
• I have run Set-AVMModule locally to generate the supporting module files.
• My corresponding pipelines / checks run clean and green without any errors or warnings

[AlexanderSehr]

Beware, PR invaders

[AlexanderSehr]

Just doublecheckinf if this was intended. You're more than welcome to remove these notes that originally came from CARML. Just want to make sure you did know about them 😉

[AlexanderSehr]

Ideally, to be explicit, we'd call this publicIpAddressResourceId. That being said, the parameter sohuld probably be nullable, as the pipeline seems to not like the '' as a value

[AlexanderSehr]

Why this change? It seems to bring back the RP warning
/home/runner/work/bicep-registry-modules/bicep-registry-modules/avm/res/api-management/service/main.bicep(142,16) : Warning BCP321: Expected a value of type "string" but the provided value is of type "'SystemAssigned' | 'SystemAssigned,UserAssigned' | 'UserAssigned' | null".

[AlexanderSehr]

Beware, you're not using the latest Bicep version which is why every Bicep file (& JSON file) got re-formatted / updated.

Please upgrade to the latest (check bicep --version) and run Set-AVMModule -Recurse on the root folder path of this module again :)

[AlexanderSehr]

This and the next is just a recommendation to align with other test cases. Feel free to reject if you prefer the original implementation 😉

The rationale is that some inner resources like the subnet name or network properties don't need to be globally unique. Hence there is no need to have them as parameters.
The same could be set for, for example the VNETName, but these we usually pass in regardless to have a single location where one could find all the main resource names (with namePrefix & all).

Suggested change

	@description('VNet name')
	param vnetName string = 'VNet'
	@description('Address prefix')
	param vnetAddressPrefix string = '10.0.0.0/16'
	@description('Subnet Prefix')
	param subnetPrefix string = '10.0.0.0/24'
	@description('Subnet Name')
	param subnetName string = 'Subnet'
	@description('DNS Prefix')
	param dnsLabelPrefix string
	@description('Required. The DNS prefix for the Public IP')
	param publicIpDnsLabelPrefix string
	@description('Required. The name of the Virtual Network to create.')
	param virtualNetworkName string
	@description('Required. The name of the NSG to create.')
	param networkSecurityGroupName string
	var addressPrefix = '10.0.0.0/16'

[AlexanderSehr]

For rationale, see other comment.

Suggested change

	resource vnet 'Microsoft.Network/virtualNetworks@2023-04-01' = {
	name: vnetName
	location: location
	properties: {
	addressSpace: {
	addressPrefixes: [
	vnetAddressPrefix
	]
	}
	subnets: [
	{
	name: subnetName
	properties: {
	addressPrefix: subnetPrefix
	networkSecurityGroup: {
	id: nsg.id
	}
	serviceEndpoints: [
	{
	service: 'Microsoft.Storage'
	}
	{
	service: 'Microsoft.Sql'
	}
	{
	service: 'Microsoft.KeyVault'
	}
	]
	}
	}
	]
	}
	}
	resource nsg 'Microsoft.Network/networkSecurityGroups@2020-06-01' = {
	name: 'testNSG'
	resource vnet 'Microsoft.Network/virtualNetworks@2023-04-01' = {
	name: virtualNetworkName
	location: location
	properties: {
	addressSpace: {
	addressPrefixes: [
	addressPrefix
	]
	}
	subnets: [
	{
	name: 'default'
	properties: {
	addressPrefix: cidrSubnet(addressPrefix, 24, 0)
	networkSecurityGroup: {
	id: nsg.id
	}
	serviceEndpoints: [
	{
	service: 'Microsoft.Storage'
	}
	{
	service: 'Microsoft.Sql'
	}
	{
	service: 'Microsoft.KeyVault'
	}
	]
	}
	}
	]
	}
	}
	resource nsg 'Microsoft.Network/networkSecurityGroups@2020-06-01' = {
	name: networkSecurityGroupName

[AlexanderSehr]

See other comment

Suggested change

	domainNameLabel: dnsLabelPrefix
	domainNameLabel: publicIpDnsLabelPrefix

[AlexanderSehr]

Suggested change

	dnsLabelPrefix: 'dep-${namePrefix}-dnsprefix-${uniqueString(deployment().name, resourceLocation)}'
	publicIpDnsLabelPrefix: 'dep-${namePrefix}-dnsprefix-${uniqueString(deployment().name, resourceLocation)}'

[tony-box]

Been a bit busy, but thank you for all the recommendations @AlexanderSehr -- I didn't do a thorough review of the way this was set up during the CARML -> AVM migraiton so there are still a lot of relics from CARML. I will make the changes you suggested. I'm still working on fixing the max test deployment which includes creating a publicIP. have been running into issues with it and have even raised an Azure support ticket. I'm still working on my branch so there will be more updates coming

[tony-box]

I am going to re-do this whole pull request now that I have my local branches sorted out and the commits cleaned up. Stay tuned...

[eriqua]

Hey @tony-box is this PR still valid or should we close it as superseded?

[tony-box]

closing this PR which will be superceeded by #2453