1111 mlz add ons update component order in naming convention (#1118)

* issue 1111 * naming convention and prefix count * GitHub Action: Build Bicep to JSON * Fixed max length in regex * Alphabetized params * GitHub Action: Build Bicep to JSON * Alphabetized params & var value * GitHub Action: Build Bicep to JSON * Alphabetized param, Removed empty line * GitHub Action: Build Bicep to JSON --------- Co-authored-by: github-actions <[email protected]> Co-authored-by: Jason Masten <[email protected]>
Azure · Oct 29, 2024 · cb012df · cb012df
1 parent 87450b7
commit cb012df
Show file tree

Hide file tree

Showing 7 changed files with 128 additions and 50 deletions.
diff --git a/src/bicep/form/mlz.portal.json b/src/bicep/form/mlz.portal.json
@@ -229,13 +229,13 @@
                   "label": "Resource Naming Prefix",
                   "type": "Microsoft.Common.TextBox",
                   "defaultValue": "",
-                  "toolTip": "Specify a prefix (min 3 and max 6 lowercase characters and numbers) to prepend to all resources.",
+                  "toolTip": "Specify a prefix (min 1 and max 6 lowercase characters and numbers) to prepend to all resources.",
                   "constraints": {
                     "required": true,
                     "validations": [
                       {
-                        "regex": "^[a-z][a-z0-9]{1,5}$",
-                        "message": "The prefix must contain alphanumeric characters, begin with a letter, letters must be lowercase, and the length must be between 3 to 6 characters."
+                        "regex": "^[a-z0-9]{1,6}$",
+                        "message": "The prefix must contain alphanumeric characters, letters must be lowercase, and the length must be between 1 to 6 characters."
                       }
                     ]
                   }

diff --git a/src/bicep/mlz.bicep b/src/bicep/mlz.bicep
@@ -7,9 +7,9 @@ targetScope = 'subscription'
 
 // REQUIRED PARAMETERS
 
-@minLength(3)
+@minLength(1)
 @maxLength(6)
-@description('A prefix, 3-6 alphanumeric characters without whitespace, used to prefix resources and generate uniqueness for resources with globally unique naming requirements like Storage Accounts and Log Analytics Workspaces')
+@description('A prefix, 1-6 alphanumeric characters without whitespace, used to prefix resources and generate uniqueness for resources with globally unique naming requirements like Storage Accounts and Log Analytics Workspaces')
 param resourcePrefix string
 
 @allowed([
@@ -725,10 +725,12 @@ module storage 'modules/storage.bicep' = {
     blobsPrivateDnsZoneResourceId: networking.outputs.privateDnsZoneResourceIds.blob
     //deployIdentity: deployIdentity
     deploymentNameSuffix: deploymentNameSuffix
+    filesPrivateDnsZoneResourceId: networking.outputs.privateDnsZoneResourceIds.file
     keyVaultUri: customerManagedKeys.outputs.keyVaultUri
     location: location
     logStorageSkuName: logStorageSkuName
     mlzTags: logic.outputs.mlzTags
+    queuesPrivateDnsZoneResourceId: networking.outputs.privateDnsZoneResourceIds.queue
     resourceGroupNames: resourceGroups.outputs.names
     serviceToken: logic.outputs.tokens.service
     storageEncryptionKeyName: customerManagedKeys.outputs.storageKeyName

diff --git a/src/bicep/mlz.json b/src/bicep/mlz.json
diff --git a/src/bicep/modules/linux-virtual-machine.bicep b/src/bicep/modules/linux-virtual-machine.bicep
@@ -118,7 +118,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2021-04-01' = {
   }
 }
 
-resource guestAttestationExtension 'Microsoft.Compute/virtualMachines/extensions@2021-03-01' = {
+resource guestAttestationExtension 'Microsoft.Compute/virtualMachines/extensions@2024-03-01' = {
   parent: virtualMachine
   name: 'GuestAttestation'
   location: location
@@ -128,7 +128,6 @@ resource guestAttestationExtension 'Microsoft.Compute/virtualMachines/extensions
     type: 'GuestAttestation'
     typeHandlerVersion: '1.0'
     autoUpgradeMinorVersion: true
-    enableAutomaticUpgrade: true
     settings: {
       AttestationConfig: {
         MaaSettings: {

diff --git a/src/bicep/modules/naming-convention.bicep b/src/bicep/modules/naming-convention.bicep
@@ -12,6 +12,7 @@ param networkShortName string
 param resourcePrefix string
 param stampIndex string = '' // Optional: Added to support AVD deployments
 param tokens object = {
+  purpose:'purpose_token'
   resource: 'resource_token'
   service: 'service_token'
 }
@@ -33,8 +34,8 @@ var resourceAbbreviations = loadJsonContent('../data/resourceAbbreviations.json'
 
 */
 
-var namingConvention = '${toLower(resourcePrefix)}-${empty(stampIndex) ? '' : '${stampIndex}-'}${tokens.resource}-${networkName}-${environmentAbbreviation}-${locationAbbreviation}'
-var namingConvention_Service = '${toLower(resourcePrefix)}-${empty(stampIndex) ? '' : '${stampIndex}-'}${tokens.resource}-${tokens.service}-${networkName}-${environmentAbbreviation}-${locationAbbreviation}'
+var namingConvention = '${toLower(resourcePrefix)}-${empty(stampIndex) ? '' : '${stampIndex}-'}${tokens.resource}-${networkName}-${locationAbbreviation}-${environmentAbbreviation}'
+var namingConvention_Service = '${toLower(resourcePrefix)}-${empty(stampIndex) ? '' : '${stampIndex}-'}${tokens.resource}-${networkName}-${tokens.service}-${locationAbbreviation}-${environmentAbbreviation}'
 
 /*
 
@@ -106,8 +107,14 @@ var names = {
   routeTable: replace(namingConvention, tokens.resource, resourceAbbreviations.routeTables)
   storageAccount: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.storageAccounts), networkName, networkShortName)
   storageAccountDiagnosticSetting: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.diagnosticSettings), tokens.service, '${tokens.service}-${resourceAbbreviations.storageAccounts}')
-  storageAccountNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, '${tokens.service}-${resourceAbbreviations.storageAccounts}')
-  storageAccountPrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, '${tokens.service}-${resourceAbbreviations.storageAccounts}')
+  storageAccountBlobNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, '${resourceAbbreviations.storageAccounts}-blob')
+  storageAccountFileNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, '${resourceAbbreviations.storageAccounts}-file')
+  storageAccountQueueNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, '${resourceAbbreviations.storageAccounts}-queue')
+  storageAccountTableNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, '${resourceAbbreviations.storageAccounts}-table')
+  storageAccountBlobPrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, '${resourceAbbreviations.storageAccounts}-blob')
+  storageAccountFilePrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, '${resourceAbbreviations.storageAccounts}-file')
+  storageAccountQueuePrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, '${resourceAbbreviations.storageAccounts}-queue')
+  storageAccountTablePrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, '${resourceAbbreviations.storageAccounts}-table')
   subnet: replace(namingConvention, tokens.resource, resourceAbbreviations.subnets)
   userAssignedIdentity: replace(namingConvention_Service, tokens.resource, resourceAbbreviations.userAssignedIdentities)
   virtualMachine: replace(replace(replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.virtualMachines), environmentAbbreviation, first(environmentAbbreviation)), networkName, ''), '-', '')

diff --git a/src/bicep/modules/storage-account.bicep b/src/bicep/modules/storage-account.bicep
@@ -4,9 +4,11 @@ Licensed under the MIT License.
 */
 
 param blobsPrivateDnsZoneResourceId string
+param filesPrivateDnsZoneResourceId string
 param keyVaultUri string
 param location string
 param mlzTags object
+param queuesPrivateDnsZoneResourceId string
 param serviceToken string
 param skuName string
 param storageEncryptionKeyName string
@@ -16,9 +18,27 @@ param tags object
 param tier object
 param userAssignedIdentityResourceId string
 
-var zones = [
-  blobsPrivateDnsZoneResourceId
-  tablesPrivateDnsZoneResourceId
+var  subResources = [
+  {
+    id: blobsPrivateDnsZoneResourceId
+    nic: tier.namingConvention.storageAccountBlobNetworkInterface
+    pe: tier.namingConvention.storageAccountBlobPrivateEndpoint
+  }
+  {
+    id: filesPrivateDnsZoneResourceId
+    nic: tier.namingConvention.storageAccountFileNetworkInterface
+    pe: tier.namingConvention.storageAccountFilePrivateEndpoint
+  }
+  {
+    id: queuesPrivateDnsZoneResourceId
+    nic: tier.namingConvention.storageAccountQueueNetworkInterface
+    pe: tier.namingConvention.storageAccountQueuePrivateEndpoint
+  }
+  {
+    id: tablesPrivateDnsZoneResourceId
+    nic: tier.namingConvention.storageAccountTableNetworkInterface
+    pe: tier.namingConvention.storageAccountTablePrivateEndpoint
+  }
 ]
 
 resource storageAccount 'Microsoft.Storage/storageAccounts@2023-01-01' = {
@@ -84,19 +104,19 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-01-01' = {
   }
 }
 
-resource privateEndpoints 'Microsoft.Network/privateEndpoints@2023-04-01' = [for (zone, i) in zones: {
-  name: replace(tier.namingConvention.storageAccountPrivateEndpoint, serviceToken, '${split(split(zone, '/')[8], '.')[1]}-log')
+resource privateEndpoints 'Microsoft.Network/privateEndpoints@2023-04-01' = [for (resource, i) in subResources: {
+  name: resource.pe
   location: location
   tags: union(contains(tags, 'Microsoft.Network/privateEndpoints') ? tags['Microsoft.Network/privateEndpoints'] : {}, mlzTags)
   properties: {
-    customNetworkInterfaceName: replace(tier.namingConvention.storageAccountNetworkInterface, serviceToken, '${split(split(zone, '/')[8], '.')[1]}-log')
+    customNetworkInterfaceName: resource.nic
     privateLinkServiceConnections: [
       {
-        name: replace(tier.namingConvention.storageAccountPrivateEndpoint, serviceToken, '${split(split(zone, '/')[8], '.')[1]}-log')
+        name: resource.pe
         properties: {
           privateLinkServiceId: storageAccount.id
           groupIds: [
-            split(split(zone, '/')[8], '.')[1]
+            split(split(resource.id, '/')[8], '.')[1]
           ]
         }
       }
@@ -107,7 +127,7 @@ resource privateEndpoints 'Microsoft.Network/privateEndpoints@2023-04-01' = [for
   }
 }]
 
-resource privateDnsZoneGroups 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2021-08-01' = [for (zone, i) in zones: {
+resource privateDnsZoneGroups 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2021-08-01' = [for (resource, i) in subResources: {
   parent: privateEndpoints[i]
   name: storageAccount.name
   properties: {
@@ -116,7 +136,7 @@ resource privateDnsZoneGroups 'Microsoft.Network/privateEndpoints/privateDnsZone
         name: 'ipconfig1'
         properties: {
           #disable-next-line use-resource-id-functions
-          privateDnsZoneId: zone
+          privateDnsZoneId: resource.id
         }
       }
     ]

diff --git a/src/bicep/modules/storage.bicep b/src/bicep/modules/storage.bicep
@@ -8,10 +8,12 @@ targetScope = 'subscription'
 param blobsPrivateDnsZoneResourceId string
 //param deployIdentity bool
 param deploymentNameSuffix string
+param filesPrivateDnsZoneResourceId string
 param keyVaultUri string
 param location string
 param logStorageSkuName string
 param mlzTags object
+param queuesPrivateDnsZoneResourceId string
 param resourceGroupNames array
 param serviceToken string
 param storageEncryptionKeyName string
@@ -25,9 +27,11 @@ module storageAccount 'storage-account.bicep' = [for (tier, i) in tiers: {
   scope: resourceGroup(tier.subscriptionId, resourceGroupNames[i])
   params: {
     blobsPrivateDnsZoneResourceId: blobsPrivateDnsZoneResourceId
+    filesPrivateDnsZoneResourceId: filesPrivateDnsZoneResourceId
     keyVaultUri: keyVaultUri
     location: location
     mlzTags: mlzTags
+    queuesPrivateDnsZoneResourceId: queuesPrivateDnsZoneResourceId
     serviceToken: serviceToken
     skuName: logStorageSkuName
     storageEncryptionKeyName: storageEncryptionKeyName
@@ -40,5 +44,3 @@ module storageAccount 'storage-account.bicep' = [for (tier, i) in tiers: {
 }]
 
 output storageAccountResourceIds array = [for (tier, i) in tiers: storageAccount[i].outputs.id]
-
-