diff --git a/avm/res/dev-ops-infrastructure/pool/README.md b/avm/res/dev-ops-infrastructure/pool/README.md index 4cd888f4b4..4ea945d1ab 100644 --- a/avm/res/dev-ops-infrastructure/pool/README.md +++ b/avm/res/dev-ops-infrastructure/pool/README.md @@ -8,7 +8,7 @@ This module deploys the Managed DevOps Pool resource. - [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) -- [Cross-referenced modules](#Cross-referenced-modules) +- [Notes](#Notes) - [Data Collection](#Data-Collection) ## Resource Types @@ -20,10 +20,6 @@ This module deploys the Managed DevOps Pool resource. | `Microsoft.DevOpsInfrastructure/pools` | [2024-04-04-preview](https://learn.microsoft.com/en-us/azure/templates) | | `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) | -## Notes - -The Managed DevOps Pool resource requires external permissions in Azure DevOps. Make sure that the deployment principal has permission in Azure DevOps: [Managed DevOps Pools - Verify Azure DevOps Permissions](https://learn.microsoft.com/en-us/azure/devops/managed-devops-pools/prerequisites?view=azure-devops&tabs=azure-portal#verify-azure-devops-permissions) - ## Usage examples The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. @@ -544,7 +540,6 @@ module pool 'br/public:avm/res/dev-ops-infrastructure/pool:' = {

- ## Parameters **Required parameters** @@ -739,26 +734,24 @@ The type of permission which determines which accounts are admins on the Azure D - Required: No - Type: object -**Optional parameters** +**Required parameters** | Parameter | Type | Description | | :-- | :-- | :-- | -| [`groups`](#parameter-organizationprofilepermissionprofilegroups) | array | Group email addresses. | | [`kind`](#parameter-organizationprofilepermissionprofilekind) | string | Determines who has admin permissions to the Azure DevOps pool. | -| [`users`](#parameter-organizationprofilepermissionprofileusers) | array | User email addresses. | - -### Parameter: `organizationProfile.permissionProfile.groups` -Group email addresses. +**Optional parameters** -- Required: No -- Type: array +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`groups`](#parameter-organizationprofilepermissionprofilegroups) | array | Group email addresses. | +| [`users`](#parameter-organizationprofilepermissionprofileusers) | array | User email addresses. | ### Parameter: `organizationProfile.permissionProfile.kind` Determines who has admin permissions to the Azure DevOps pool. -- Required: No +- Required: Yes - Type: string - Allowed: ```Bicep @@ -769,6 +762,13 @@ Determines who has admin permissions to the Azure DevOps pool. ] ``` +### Parameter: `organizationProfile.permissionProfile.groups` + +Group email addresses. + +- Required: No +- Type: array + ### Parameter: `organizationProfile.permissionProfile.users` User email addresses. @@ -1104,6 +1104,12 @@ Array of role assignments to create. - Required: No - Type: array +- Roles configurable by name: + - `'Contributor'` + - `'Owner'` + - `'Reader'` + - `'Role Based Access Control Administrator (Preview)'` + - `'User Access Administrator'` **Required parameters** @@ -1300,7 +1306,6 @@ Tags of the resource. - Required: No - Type: object - ## Outputs | Output | Type | Description | @@ -1311,9 +1316,9 @@ Tags of the resource. | `resourceId` | string | The resource ID of the Managed DevOps Pool. | | `systemAssignedMIPrincipalId` | string | The principal ID of the system assigned identity. | -## Cross-referenced modules +## Notes -_None_ +The Managed DevOps Pool resource requires external permissions in Azure DevOps. Make sure that the deployment principal has permission in Azure DevOps: [Managed DevOps Pools - Verify Azure DevOps Permissions](https://learn.microsoft.com/en-us/azure/devops/managed-devops-pools/prerequisites?view=azure-devops&tabs=azure-portal#verify-azure-devops-permissions) ## Data Collection diff --git a/avm/res/dev-ops-infrastructure/pool/main.bicep b/avm/res/dev-ops-infrastructure/pool/main.bicep index c64d2bbce5..af61e650fe 100644 --- a/avm/res/dev-ops-infrastructure/pool/main.bicep +++ b/avm/res/dev-ops-infrastructure/pool/main.bicep @@ -292,8 +292,8 @@ type organizationProfileType = { @description('Optional. The type of permission which determines which accounts are admins on the Azure DevOps pool.') permissionProfile: { - @description('Optional. Determines who has admin permissions to the Azure DevOps pool.') - kind: ('CreatorOnly' | 'Inherit' | 'SpecificAccounts')? + @description('Required. Determines who has admin permissions to the Azure DevOps pool.') + kind: 'CreatorOnly' | 'Inherit' | 'SpecificAccounts' @description('Optional. Group email addresses.') groups: string[]? diff --git a/avm/res/dev-ops-infrastructure/pool/main.json b/avm/res/dev-ops-infrastructure/pool/main.json index 38edaf771a..ce80f4d180 100644 --- a/avm/res/dev-ops-infrastructure/pool/main.json +++ b/avm/res/dev-ops-infrastructure/pool/main.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.29.47.4906", - "templateHash": "9138966756251042726" + "version": "0.30.3.12046", + "templateHash": "15191897376801297199" }, "name": "Managed DevOps Pool", "description": "This module deploys the Managed DevOps Pool resource.", @@ -189,9 +189,8 @@ "Inherit", "SpecificAccounts" ], - "nullable": true, "metadata": { - "description": "Optional. Determines who has admin permissions to the Azure DevOps pool." + "description": "Required. Determines who has admin permissions to the Azure DevOps pool." } }, "groups": {