AVD Add-On: Added marketplace terms & other fixes (#1134)

* Fixed API versions for MAG * Added condition for role assignment * Fixed API version for MAG * Fixed API version for MAG * Compiled bicep changes * Moved role definitions, Fixed tags & workspace names * Fixed tags * Fixed workspace names * Moved role definitions, Fixed tags & comment * Moved role definitions; Fixed scopes, tags, & comments * Moved role definitions * Moved role definitions; Fixed tags & comments * Compiled bicep changes * Sorted params, Added marketplace terms deployment & dependency * Added missing params * Added param for session hosts deployment * Compiled bicep changes * Added new element for security groups * Added example of security principal, Updated property name for security principal * Compiled bicep changes * Fixed scopes * Fix tags, Simplified subnet resource ID * Added resources for tagging * Fixed names for app group & workspaces * Fixed tags * Fixed name for app group * Removed param * Compiled bicep changes * Fixed app group name * Added VM plan * Fixed JSON conversion * Updated role assignment for scaling plan mgmt * Moved control plane to mgmt * Moved control plane to management * Added policy & resource group; Updated deployment names; Fixed tags; Moved role assignment & function app; Updated comments * Moved mgmt step * Fixed tags * Fixed tags * Updated SKU & PS version * Moved function resource * Added function resource * Moved function app & function * Fixed resource group scope * Added condition to role assignment * Fixed VM size constraints * Updated naming changes * GitHub Action: Build Bicep to JSON --------- Co-authored-by: github-actions <[email protected]>
Azure · Nov 27, 2024 · 57cce4d · 57cce4d
1 parent b701023
commit 57cce4d
Show file tree

Hide file tree

Showing 29 changed files with 8,321 additions and 9,438 deletions.
diff --git a/src/bicep/add-ons/azure-virtual-desktop/artifacts/Disable-Autoscale.ps1 b/src/bicep/add-ons/azure-virtual-desktop/artifacts/Disable-Autoscale.ps1
@@ -28,14 +28,14 @@ $AzureManagementHeader = @{
 $ScalingPlanExists = (Invoke-RestMethod `
     -Headers $AzureManagementHeader `
     -Method 'GET' `
-    -Uri $($ResourceManagerUriFixed + 'subscriptions/' + $SubscriptionId + '/resourceGroups/' + $ResourceGroupName + '/providers/Microsoft.DesktopVirtualization/scalingPlans?api-version=2024-04-03')).value | Where-Object {$_.name -eq $ScalingPlanName}
+    -Uri $($ResourceManagerUriFixed + 'subscriptions/' + $SubscriptionId + '/resourceGroups/' + $ResourceGroupName + '/providers/Microsoft.DesktopVirtualization/scalingPlans?api-version=2023-09-05')).value | Where-Object {$_.name -eq $ScalingPlanName}
 
 # Disable autoscale for the host pool: https://learn.microsoft.com/rest/api/desktopvirtualization/scaling-plans/update
 if ($ScalingPlanExists)
 {
     Invoke-RestMethod `
-        -Body (@{properties = @{hostPoolReferences = @(@{hostPoolArmPath = $HostPoolResourceId; scalingPlanEnabled = $false})}} | ConvertTo-Json) `
+        -Body (@{properties = @{hostPoolReferences = @(@{hostPoolArmPath = $HostPoolResourceId; scalingPlanEnabled = $false})}} | ConvertTo-Json -Depth 3) `
         -Headers $AzureManagementHeader `
         -Method 'PATCH' `
-        -Uri $($ResourceManagerUriFixed + 'subscriptions/' + $SubscriptionId + '/resourceGroups/' + $ResourceGroupName + '/providers/Microsoft.DesktopVirtualization/scalingPlans/' + $ScalingPlanName + '?api-version=2024-04-03') | Out-Null
+        -Uri $($ResourceManagerUriFixed + 'subscriptions/' + $SubscriptionId + '/resourceGroups/' + $ResourceGroupName + '/providers/Microsoft.DesktopVirtualization/scalingPlans/' + $ScalingPlanName + '?api-version=2023-09-05') | Out-Null
 }
diff --git a/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-AzureMarketplaceTerms.ps1 b/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-AzureMarketplaceTerms.ps1
@@ -2,7 +2,9 @@ param (
     [string]$ImageOffer,
     [string]$ImagePublisher,
     [string]$ImageSku,
-    [string]$ResourceManagerUri
+    [string]$ResourceManagerUri,
+    [string]$SubscriptionId,
+    [string]$UserAssignedIdentityClientId
 )
 
 # Fix the resource manager URI since only AzureCloud contains a trailing slash

diff --git a/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-HostPoolRegistrationToken.ps1 b/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-HostPoolRegistrationToken.ps1
diff --git a/src/bicep/add-ons/azure-virtual-desktop/modules/common/function.bicep b/src/bicep/add-ons/azure-virtual-desktop/modules/common/function.bicep
diff --git a/src/bicep/add-ons/azure-virtual-desktop/modules/controlPlane/controlPlane.bicep b/src/bicep/add-ons/azure-virtual-desktop/modules/controlPlane/controlPlane.bicep
diff --git a/src/bicep/add-ons/azure-virtual-desktop/modules/fslogix/azureFiles/azureFiles.bicep b/src/bicep/add-ons/azure-virtual-desktop/modules/fslogix/azureFiles/azureFiles.bicep
@@ -12,9 +12,7 @@ param encryptionUserAssignedIdentityResourceId string
 param fileShares array
 param fslogixShareSizeInGB int
 param fslogixContainerType string
-param fslogixStorageService string
-param functionAppName string
-param hostPoolName string
+param hostPoolResourceId string
 param keyVaultUri string
 param location string
 param managementVirtualMachineName string
@@ -23,9 +21,7 @@ param namingConvention object
 param netbios string
 param organizationalUnitPath string
 param recoveryServicesVaultName string
-param resourceGroupControlPlane string
 param resourceGroupManagement string
-param resourceGroupStorage string
 param securityPrincipalObjectIds array
 param securityPrincipalNames array
 param serviceToken string
@@ -51,10 +47,10 @@ var smbSettings = {
 }
 var storageAccountNamePrefix = uniqueString(replace(namingConvention.storageAccount, serviceToken, 'file-fslogix'), resourceGroup().id)
 var storageRedundancy = availability == 'availabilityZones' ? '_ZRS' : '_LRS'
-var tagsPrivateEndpoints = union({'cm-resource-parent': '${subscription().id}}/resourceGroups/${resourceGroupControlPlane}/providers/Microsoft.DesktopVirtualization/hostpools/${hostPoolName}'}, contains(tags, 'Microsoft.Network/privateEndpoints') ? tags['Microsoft.Network/privateEndpoints'] : {}, mlzTags)
-var tagsStorageAccounts = union({'cm-resource-parent': '${subscription().id}}/resourceGroups/${resourceGroupControlPlane}/providers/Microsoft.DesktopVirtualization/hostpools/${hostPoolName}'}, contains(tags, 'Microsoft.Storage/storageAccounts') ? tags['Microsoft.Storage/storageAccounts'] : {}, mlzTags)
-var tagsRecoveryServicesVault = union({'cm-resource-parent': '${subscription().id}}/resourceGroups/${resourceGroupControlPlane}/providers/Microsoft.DesktopVirtualization/hostpools/${hostPoolName}'}, contains(tags, 'Microsoft.recoveryServices/vaults') ? tags['Microsoft.recoveryServices/vaults'] : {}, mlzTags)
-var tagsVirtualMachines = union({'cm-resource-parent': '${subscription().id}}/resourceGroups/${resourceGroupControlPlane}/providers/Microsoft.DesktopVirtualization/hostpools/${hostPoolName}'}, contains(tags, 'Microsoft.Compute/virtualMachines') ? tags['Microsoft.Compute/virtualMachines'] : {}, mlzTags)
+var tagsPrivateEndpoints = union({'cm-resource-parent': hostPoolResourceId}, tags[?'Microsoft.Network/privateEndpoints'] ?? {}, mlzTags)
+var tagsStorageAccounts = union({'cm-resource-parent': hostPoolResourceId}, tags[?'Microsoft.Storage/storageAccounts'] ?? {}, mlzTags)
+var tagsRecoveryServicesVault = union({'cm-resource-parent': hostPoolResourceId}, tags[?'Microsoft.recoveryServices/vaults'] ?? {}, mlzTags)
+var tagsVirtualMachines = union({'cm-resource-parent': hostPoolResourceId}, tags[?'Microsoft.Compute/virtualMachines'] ?? {}, mlzTags)
 
 resource storageAccounts 'Microsoft.Storage/storageAccounts@2022-09-01' = [for i in range(0, storageCount): {
   name: take('${storageAccountNamePrefix}${padLeft(i + storageIndex, 2, '0')}', 15)
@@ -206,6 +202,7 @@ resource privateDnsZoneGroups 'Microsoft.Network/privateEndpoints/privateDnsZone
   ]
 }]
 
+// Sets NTFS permissions on the file shares
 module ntfsPermissions '../runCommand.bicep' = {
   name: 'set-ntfs-permissions-${deploymentNameSuffix}'
   scope: resourceGroup(resourceGroupManagement)
@@ -245,7 +242,7 @@ module ntfsPermissions '../runCommand.bicep' = {
       }
       {
         name: 'StorageAccountResourceGroupName'
-        value: resourceGroupStorage
+        value: resourceGroup().name
       }
       {
         name: 'StorageCount'
@@ -283,6 +280,7 @@ module ntfsPermissions '../runCommand.bicep' = {
   ]
 }
 
+// Deploys backup items for Azure Files
 module recoveryServices 'recoveryServices.bicep' = if (enableRecoveryServices) {
   name: 'deploy-backup-${deploymentNameSuffix}'
   scope: resourceGroup(resourceGroupManagement)
@@ -291,7 +289,7 @@ module recoveryServices 'recoveryServices.bicep' = if (enableRecoveryServices) {
     fileShares: fileShares
     location: location
     recoveryServicesVaultName: recoveryServicesVaultName
-    resourceGroupStorage: resourceGroupStorage
+    resourceGroupStorage: resourceGroup().name
     storageAccountNamePrefix: storageAccountNamePrefix
     storageCount: storageCount
     storageIndex: storageIndex
@@ -302,22 +300,4 @@ module recoveryServices 'recoveryServices.bicep' = if (enableRecoveryServices) {
   ]
 }
 
-module autoIncreaseStandardFileShareQuota '../../common/function.bicep' = if (fslogixStorageService == 'AzureFiles Premium' && storageCount > 0) {
-  name: 'deploy-file-share-scaling-${deploymentNameSuffix}'
-  scope: resourceGroup(resourceGroupManagement)
-  params: {
-    files: {
-      'requirements.psd1': loadTextContent('../../../artifacts/auto-increase-file-share/requirements.psd1')
-      'run.ps1': loadTextContent('../../../artifacts/auto-increase-file-share/run.ps1')
-      '../profile.ps1': loadTextContent('../../../artifacts/auto-increase-file-share/profile.ps1')
-    }
-    functionAppName: functionAppName
-    functionName: 'auto-increase-file-share-quota'
-    schedule: '0 */15 * * * *'
-  }
-  dependsOn: [
-    recoveryServices
-  ]
-}
-
 output storageAccountNamePrefix string = storageAccountNamePrefix