diff --git a/avm/res/web/connection/README.md b/avm/res/web/connection/README.md index 3215e264f7..e64e979609 100644 --- a/avm/res/web/connection/README.md +++ b/avm/res/web/connection/README.md @@ -293,8 +293,8 @@ module connection 'br/public:avm/res/web/connection:' = { | Parameter | Type | Description | | :-- | :-- | :-- | -| [`displayName`](#parameter-displayname) | string | Display name connection. Example: 'blobconnection' when using blobs. It can change depending on the resource. | -| [`name`](#parameter-name) | string | Connection name for connection. Example: 'azureblob' when using blobs. It can change depending on the resource. | +| [`displayName`](#parameter-displayname) | string | Display name connection. Example: `blobconnection` when using blobs. It can change depending on the resource. | +| [`name`](#parameter-name) | string | Connection name for connection. It can change depending on the resource. | **Optional parameters** @@ -306,22 +306,23 @@ module connection 'br/public:avm/res/web/connection:' = { | [`location`](#parameter-location) | string | Location of the deployment. | | [`lock`](#parameter-lock) | object | The lock settings of the service. | | [`nonSecretParameterValues`](#parameter-nonsecretparametervalues) | object | Dictionary of nonsecret parameter values. | -| [`parameterValues`](#parameter-parametervalues) | secureObject | Connection strings or access keys for connection. Example: 'accountName' and 'accessKey' when using blobs. It can change depending on the resource. | +| [`parameterValues`](#parameter-parametervalues) | secureObject | Connection strings or access keys for connection. Example: `accountName` and `accessKey` when using blobs. It can change depending on the resource. | +| [`parameterValueSet`](#parameter-parametervalueset) | object | Additional parameter Value Set used for authentication settings. | | [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignments to create. | -| [`statuses`](#parameter-statuses) | array | Status of the connection. | +| [`statuses`](#parameter-statuses) | array | The status of the connection. | | [`tags`](#parameter-tags) | object | Tags of the resource. | | [`testLinks`](#parameter-testlinks) | array | Links to test the API connection. | ### Parameter: `displayName` -Display name connection. Example: 'blobconnection' when using blobs. It can change depending on the resource. +Display name connection. Example: `blobconnection` when using blobs. It can change depending on the resource. - Required: Yes - Type: string ### Parameter: `name` -Connection name for connection. Example: 'azureblob' when using blobs. It can change depending on the resource. +Connection name for connection. It can change depending on the resource. - Required: Yes - Type: string @@ -401,11 +402,18 @@ Dictionary of nonsecret parameter values. ### Parameter: `parameterValues` -Connection strings or access keys for connection. Example: 'accountName' and 'accessKey' when using blobs. It can change depending on the resource. +Connection strings or access keys for connection. Example: `accountName` and `accessKey` when using blobs. It can change depending on the resource. - Required: No - Type: secureObject +### Parameter: `parameterValueSet` + +Additional parameter Value Set used for authentication settings. + +- Required: No +- Type: object + ### Parameter: `roleAssignments` Array of role assignments to create. @@ -497,7 +505,7 @@ The principal type of the assigned principal ID. ### Parameter: `statuses` -Status of the connection. +The status of the connection. - Required: No - Type: array diff --git a/avm/res/web/connection/main.bicep b/avm/res/web/connection/main.bicep index 96163ff17c..de27304987 100644 --- a/avm/res/web/connection/main.bicep +++ b/avm/res/web/connection/main.bicep @@ -2,46 +2,102 @@ metadata name = 'API Connections' metadata description = 'This module deploys an Azure API Connection.' metadata owner = 'Azure/module-maintainers' -@description('Optional. Specific values for some API connections.') -param api object? - -@description('Required. Connection name for connection. Example: \'azureblob\' when using blobs. It can change depending on the resource.') +@description('Required. Connection name for connection. It can change depending on the resource.') param name string +@description('Optional. Location of the deployment.') +param location string = resourceGroup().location + @description('Optional. Enable/Disable usage telemetry for module.') param enableTelemetry bool = true +// ============ // +// Parameters // +// ============ // + +@description('Optional. Specific values for some API connections.') +@metadata({ + example: ''' + // for a Service Bus connection + { + type: 'Microsoft.Web/locations/managedApis' + id: subscriptionResourceId('Microsoft.Web/locations/managedApis', '${resourceLocation}', 'servicebus') + } +''' +}) +param api object? + @description('Optional. Dictionary of custom parameter values for specific connections.') param customParameterValues object? -@description('Required. Display name connection. Example: \'blobconnection\' when using blobs. It can change depending on the resource.') +@description('Required. Display name connection. Example: `blobconnection` when using blobs. It can change depending on the resource.') param displayName string -@description('Optional. Location of the deployment.') -param location string = resourceGroup().location - @description('Optional. Dictionary of nonsecret parameter values.') #disable-next-line secure-secrets-in-params // Not a secret param nonSecretParameterValues object? -@description('Optional. Connection strings or access keys for connection. Example: \'accountName\' and \'accessKey\' when using blobs. It can change depending on the resource.') +@description('Optional. Connection strings or access keys for connection. Example: `accountName` and `accessKey` when using blobs. It can change depending on the resource.') @secure() +@metadata({ + example: ''' + { + connectionString: 'listKeys('/subscriptions//resourceGroups//Microsoft.ServiceBus/namespaces/AuthorizationRules//RootManagedSharedAccessKey', '2023-01-01').primaryConnectionString' + } + { + rootfolder: fileshareConnection.rootfolder + authType: fileshareConnection.authType + // to add an object, use the any() function + gateway: any({ + name: fileshareConnection.odgw.name + id: resourceId(fileshareConnection.odgw.resourceGroup, 'Microsoft.Web/connectionGateways', fileshareConnection.odgw.name) + type: 'Microsoft.Web/connectionGateways' + }) + username: username + password: password + } + ''' +}) param parameterValues object? +@description('Optional. Additional parameter Value Set used for authentication settings.') +@metadata({ + example: ''' + // for a Service Bus connection + { + name: 'managedIdentityAuth' + values: { + namespaceEndpoint: { + value: 'sb://${dependency.outputs.serviceBusEndpoint}' + } + } + } +''' +}) +param parameterValueSet object? + @description('Optional. Array of role assignments to create.') param roleAssignments roleAssignmentType -@description('Optional. Status of the connection.') -param statuses array? +@description('Optional. The status of the connection.') +param statuses object[]? @description('Optional. The lock settings of the service.') param lock lockType +@metadata({ + example: ''' + { + key1: 'value1' + key2: 'value2' + } + ''' +}) @description('Optional. Tags of the resource.') param tags object? @description('Optional. Links to test the API connection.') -param testLinks array? +param testLinks object[]? var builtInRoleNames = { Contributor: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c') @@ -57,6 +113,10 @@ var builtInRoleNames = { ) } +// ============== // +// Resources // +// ============== // + #disable-next-line no-deployments-resources resource avmTelemetry 'Microsoft.Resources/deployments@2024-03-01' = if (enableTelemetry) { name: '46d3xbcp.res.web-connection.${replace('-..--..-', '.', '-')}.${substring(uniqueString(deployment().name, location), 0, 4)}' @@ -88,6 +148,8 @@ resource connection 'Microsoft.Web/connections@2016-06-01' = { nonSecretParameterValues: nonSecretParameterValues testLinks: testLinks statuses: statuses + #disable-next-line BCP037 // the parameterValueSet is not yet made available in the resource provider, which generates warnings. Disable the warning for now. + parameterValueSet: parameterValueSet } } @@ -122,6 +184,10 @@ resource connection_roleAssignments 'Microsoft.Authorization/roleAssignments@202 } ] +// ============ // +// Outputs // +// ============ // + @description('The resource ID of the connection.') output resourceId string = connection.id diff --git a/avm/res/web/connection/main.json b/avm/res/web/connection/main.json index aba9699e1f..dad6241d48 100644 --- a/avm/res/web/connection/main.json +++ b/avm/res/web/connection/main.json @@ -6,7 +6,7 @@ "_generator": { "name": "bicep", "version": "0.28.1.47646", - "templateHash": "16876360500243904943" + "templateHash": "4760344619510029018" }, "name": "API Connections", "description": "This module deploys an Azure API Connection.", @@ -106,17 +106,17 @@ } }, "parameters": { - "api": { - "type": "object", - "nullable": true, + "name": { + "type": "string", "metadata": { - "description": "Optional. Specific values for some API connections." + "description": "Required. Connection name for connection. It can change depending on the resource." } }, - "name": { + "location": { "type": "string", + "defaultValue": "[resourceGroup().location]", "metadata": { - "description": "Required. Connection name for connection. Example: 'azureblob' when using blobs. It can change depending on the resource." + "description": "Optional. Location of the deployment." } }, "enableTelemetry": { @@ -126,24 +126,25 @@ "description": "Optional. Enable/Disable usage telemetry for module." } }, - "customParameterValues": { + "api": { "type": "object", "nullable": true, "metadata": { - "description": "Optional. Dictionary of custom parameter values for specific connections." + "example": " // for a Service Bus connection\n {\n type: 'Microsoft.Web/locations/managedApis'\n id: subscriptionResourceId('Microsoft.Web/locations/managedApis', '${resourceLocation}', 'servicebus')\n }\n", + "description": "Optional. Specific values for some API connections." } }, - "displayName": { - "type": "string", + "customParameterValues": { + "type": "object", + "nullable": true, "metadata": { - "description": "Required. Display name connection. Example: 'blobconnection' when using blobs. It can change depending on the resource." + "description": "Optional. Dictionary of custom parameter values for specific connections." } }, - "location": { + "displayName": { "type": "string", - "defaultValue": "[resourceGroup().location]", "metadata": { - "description": "Optional. Location of the deployment." + "description": "Required. Display name connection. Example: `blobconnection` when using blobs. It can change depending on the resource." } }, "nonSecretParameterValues": { @@ -157,7 +158,16 @@ "type": "secureObject", "nullable": true, "metadata": { - "description": "Optional. Connection strings or access keys for connection. Example: 'accountName' and 'accessKey' when using blobs. It can change depending on the resource." + "example": " {\n connectionString: 'listKeys('/subscriptions//resourceGroups//Microsoft.ServiceBus/namespaces/AuthorizationRules//RootManagedSharedAccessKey', '2023-01-01').primaryConnectionString'\n }\n {\n rootfolder: fileshareConnection.rootfolder\n authType: fileshareConnection.authType\n // to add an object, use the any() function\n gateway: any({\n name: fileshareConnection.odgw.name\n id: resourceId(fileshareConnection.odgw.resourceGroup, 'Microsoft.Web/connectionGateways', fileshareConnection.odgw.name)\n type: 'Microsoft.Web/connectionGateways'\n })\n username: username\n password: password\n }\n ", + "description": "Optional. Connection strings or access keys for connection. Example: `accountName` and `accessKey` when using blobs. It can change depending on the resource." + } + }, + "parameterValueSet": { + "type": "object", + "nullable": true, + "metadata": { + "example": " // for a Service Bus connection\n {\n name: 'managedIdentityAuth'\n values: {\n namespaceEndpoint: {\n value: 'sb://${dependency.outputs.serviceBusEndpoint}'\n }\n }\n }\n", + "description": "Optional. Additional parameter Value Set used for authentication settings." } }, "roleAssignments": { @@ -168,9 +178,12 @@ }, "statuses": { "type": "array", + "items": { + "type": "object" + }, "nullable": true, "metadata": { - "description": "Optional. Status of the connection." + "description": "Optional. The status of the connection." } }, "lock": { @@ -183,11 +196,15 @@ "type": "object", "nullable": true, "metadata": { + "example": " {\n key1: 'value1'\n key2: 'value2'\n }\n ", "description": "Optional. Tags of the resource." } }, "testLinks": { "type": "array", + "items": { + "type": "object" + }, "nullable": true, "metadata": { "description": "Optional. Links to test the API connection." @@ -237,7 +254,8 @@ "parameterValues": "[parameters('parameterValues')]", "nonSecretParameterValues": "[parameters('nonSecretParameterValues')]", "testLinks": "[parameters('testLinks')]", - "statuses": "[parameters('statuses')]" + "statuses": "[parameters('statuses')]", + "parameterValueSet": "[parameters('parameterValueSet')]" } }, "connection_lock": { diff --git a/avm/res/web/connection/version.json b/avm/res/web/connection/version.json index 83083db694..1c035df49f 100644 --- a/avm/res/web/connection/version.json +++ b/avm/res/web/connection/version.json @@ -1,6 +1,6 @@ { "$schema": "https://aka.ms/bicep-registry-module-version-file-schema#", - "version": "0.1", + "version": "0.2", "pathFilters": [ "./main.json" ]