Skip to content

Commit

Permalink
Multiple updates to tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@erschef
erschef committed Oct 2, 2024
1 parent 19d39fb commit 4a309aa
Show file tree
Hide file tree
Showing 8 changed files with 578 additions and 126 deletions.
463 changes: 390 additions & 73 deletions avm/res/network/vpn-server-configuration/README.md
View file

Large diffs are not rendered by default.

28 changes: 12 additions & 16 deletions avm/res/network/vpn-server-configuration/main.bicep
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,34 +8,31 @@ param name string
@description('Optional. Location where all resources will be created.')
param location string = resourceGroup().location

@description('Optional. The audience for the AAD/Entrance authentication.')
@description('Conditional. The audience for the AAD/Entra authentication. Required if configuring Entra ID authentication.')
param aadAudience string?

@description('Optional. The issuer for the AAD/Entrance authentication.')
@description('Conditional. The issuer for the AAD/Entra authentication. Required if configuring Entra ID authentication')
param aadIssuer string?

@description('Optional. The audience for the AAD/Entrance authentication.')
@description('Conditional. The audience for the AAD/Entra authentication. Required if configuring Entra ID authentication')
param aadTenant string?

@description('Optional. The P2S configuration policy groups for the configuration.')
param p2sConfigurationPolicyGroups array = []

@description('Optional. The name of the VpnServerConfiguration that is unique within a resource group.')
param vpnServerConfigurationName string

@description('Optional. The root certificates of the Radius client.')
@description('Optional. The revoked RADIUS client certificates for the configuration.')
param radiusClientRootCertificates array = []

@description('Conditional. The address of the Radius server. Required if configuring Radius.')
@description('Conditional. The address of the RADIUS server. Required if configuring a single RADIUS.')
param radiusServerAddress string?

@description('Optional. The root certificates of the Radius server.')
@description('Optional. The root certificates of the RADIUS server.')
param radiusServerRootCertificates array = []

@description('Optional. The list of Radius servers.')
@description('Optional. The list of RADIUS servers. Required if configuring multiple RADIUS servers.')
param radiusServers array = []

@description('Conditional. The Radius server secret. Required if configuring Radius.')
@description('Conditional. The RADIUS server secret. Required if configuring a single RADIUS server.')
@secure()
param radiusServerSecret string?

Expand All @@ -50,10 +47,10 @@ param vpnAuthenticationTypes array = []
@description('Optional. The IPsec policies for the configuration.')
param vpnClientIpsecPolicies array = []

@description('Optional. The revoked VPN Client certificates for the configuration.')
@description('Optional. The revoked VPN Client certificate thumbprints for the configuration.')
param vpnClientRevokedCertificates array = []

@description('Conditional. The VPN Client root certificates for the configuration. Required if using certificate authentication.')
@description('Conditional. The VPN Client root certificate public keys for the configuration. Required if using certificate authentication.')
param vpnClientRootCertificates array = []

@description('Optional. The allowed VPN protocols for the configuration.')
Expand Down Expand Up @@ -94,7 +91,7 @@ resource avmTelemetry 'Microsoft.Resources/deployments@2024-03-01' = if (enableT
}
}

resource vpnServerConfig 'Microsoft.Network/vpnServerConfigurations@2024-01-01' = {
resource vpnServerConfig 'Microsoft.Network/vpnServerConfigurations@2023-11-01' = {
name: name
location: location
tags: tags
Expand All @@ -114,7 +111,6 @@ resource vpnServerConfig 'Microsoft.Network/vpnServerConfigurations@2024-01-01'
}
}
]
name: vpnServerConfigurationName
radiusClientRootCertificates: [
for clientRootroot in radiusClientRootCertificates: {
name: clientRootroot.name
Expand Down Expand Up @@ -158,7 +154,7 @@ resource vpnServerConfig 'Microsoft.Network/vpnServerConfigurations@2024-01-01'
vpnClientRootCertificates: [
for cert in vpnClientRootCertificates: {
name: cert.name
publicCertData: cert.thumbprint
publicCertData: cert.publicCertData
}
]
vpnProtocols: vpnProtocols
Expand Down
37 changes: 15 additions & 22 deletions avm/res/network/vpn-server-configuration/main.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.29.47.4906",
"templateHash": "8266021575689311349"
"version": "0.30.23.60470",
"templateHash": "11742668183850609496"
},
"name": "VPN Server Configuration",
"description": "This module deploys a VPN Server Configuration for a Virtual Hub P2S Gateway.",
Expand Down Expand Up @@ -57,21 +57,21 @@
"type": "string",
"nullable": true,
"metadata": {
"description": "Optional. The audience for the AAD/Entrance authentication."
"description": "Conditional. The audience for the AAD/Entra authentication. Required if configuring Entra ID authentication."
}
},
"aadIssuer": {
"type": "string",
"nullable": true,
"metadata": {
"description": "Optional. The issuer for the AAD/Entrance authentication."
"description": "Conditional. The issuer for the AAD/Entra authentication. Required if configuring Entra ID authentication"
}
},
"aadTenant": {
"type": "string",
"nullable": true,
"metadata": {
"description": "Optional. The audience for the AAD/Entrance authentication."
"description": "Conditional. The audience for the AAD/Entra authentication. Required if configuring Entra ID authentication"
}
},
"p2sConfigurationPolicyGroups": {
Expand All @@ -81,45 +81,39 @@
"description": "Optional. The P2S configuration policy groups for the configuration."
}
},
"vpnServerConfigurationName": {
"type": "string",
"metadata": {
"description": "Optional. The name of the VpnServerConfiguration that is unique within a resource group."
}
},
"radiusClientRootCertificates": {
"type": "array",
"defaultValue": [],
"metadata": {
"description": "Optional. The root certificates of the Radius client."
"description": "Optional. The revoked RADIUS client certificates for the configuration."
}
},
"radiusServerAddress": {
"type": "string",
"nullable": true,
"metadata": {
"description": "Conditional. The address of the Radius server. Required if configuring Radius."
"description": "Conditional. The address of the RADIUS server. Required if configuring a single RADIUS."
}
},
"radiusServerRootCertificates": {
"type": "array",
"defaultValue": [],
"metadata": {
"description": "Optional. The root certificates of the Radius server."
"description": "Optional. The root certificates of the RADIUS server."
}
},
"radiusServers": {
"type": "array",
"defaultValue": [],
"metadata": {
"description": "Optional. The list of Radius servers."
"description": "Optional. The list of RADIUS servers. Required if configuring multiple RADIUS servers."
}
},
"radiusServerSecret": {
"type": "securestring",
"nullable": true,
"metadata": {
"description": "Conditional. The Radius server secret. Required if configuring Radius."
"description": "Conditional. The RADIUS server secret. Required if configuring a single RADIUS server."
}
},
"vpnAuthenticationTypes": {
Expand All @@ -145,14 +139,14 @@
"type": "array",
"defaultValue": [],
"metadata": {
"description": "Optional. The revoked VPN Client certificates for the configuration."
"description": "Optional. The revoked VPN Client certificate thumbprints for the configuration."
}
},
"vpnClientRootCertificates": {
"type": "array",
"defaultValue": [],
"metadata": {
"description": "Conditional. The VPN Client root certificates for the configuration. Required if using certificate authentication."
"description": "Conditional. The VPN Client root certificate public keys for the configuration. Required if using certificate authentication."
}
},
"vpnProtocols": {
Expand Down Expand Up @@ -210,7 +204,7 @@
},
"vpnServerConfig": {
"type": "Microsoft.Network/vpnServerConfigurations",
"apiVersion": "2024-01-01",
"apiVersion": "2023-11-01",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
Expand Down Expand Up @@ -280,7 +274,7 @@
"count": "[length(parameters('vpnClientRootCertificates'))]",
"input": {
"name": "[parameters('vpnClientRootCertificates')[copyIndex('vpnClientRootCertificates')].name]",
"publicCertData": "[parameters('vpnClientRootCertificates')[copyIndex('vpnClientRootCertificates')].thumbprint]"
"publicCertData": "[parameters('vpnClientRootCertificates')[copyIndex('vpnClientRootCertificates')].publicCertData]"
}
}
],
Expand All @@ -289,7 +283,6 @@
"aadIssuer": "[parameters('aadIssuer')]",
"aadTenant": "[parameters('aadTenant')]"
},
"name": "[parameters('vpnServerConfigurationName')]",
"radiusServerAddress": "[parameters('radiusServerAddress')]",
"radiusServerSecret": "[parameters('radiusServerSecret')]",
"vpnAuthenticationTypes": "[parameters('vpnAuthenticationTypes')]",
Expand Down Expand Up @@ -338,7 +331,7 @@
"metadata": {
"description": "The location the resource was deployed into."
},
"value": "[reference('vpnServerConfig', '2024-01-01', 'full').location]"
"value": "[reference('vpnServerConfig', '2023-11-01', 'full').location]"
}
}
}
2 changes: 1 addition & 1 deletion avm/res/network/vpn-server-configuration/tests/e2e/defaults/dependencies.bicep
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,4 @@ resource virtualWan 'Microsoft.Network/virtualWans@2023-04-01' = {
}

@description('The resource ID of the created Virtual WAN.')
output virtualWWANResourceId string = virtualWan.id
output virtualWANResourceId string = virtualWan.id
29 changes: 26 additions & 3 deletions avm/res/network/vpn-server-configuration/tests/e2e/defaults/main.test.bicep
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@ param serviceShort string = 'vscmin'
@description('Optional. A token to inject into the name of each resource. This value can be automatically injected by the CI.')
param namePrefix string = '#_namePrefix_#'



// ============ //
// Dependencies //
// ============ //
Expand Down Expand Up @@ -52,10 +54,31 @@ module testDeployment '../../../main.bicep' = [
scope: resourceGroup
name: '${uniqueString(deployment().name, resourceLocation)}-test-${serviceShort}-${iteration}'
params: {
// You parameters go here
name: '${namePrefix}${serviceShort}001'
vpnServerConfigurationName: '${namePrefix}${serviceShort}-vpnServerConfig'
location: resourceLocation
name: '${namePrefix}${serviceShort}VPNConfig'
aadAudience: '11111111-1234-4321-1234-111111111111'
aadIssuer: 'https://sts.windows.net/11111111-1111-1111-1111-111111111111/'
aadTenant: 'https://login.microsoftonline.com/11111111-1111-1111-1111-111111111111'
p2sConfigurationPolicyGroups: [
{
userVPNPolicyGroupName: 'DefaultGroup'
policymembers: [
{
name: 'UserGroup1'
attributeType: 'AADGroupId'
attributeValue: '11111111-1111-2222-3333-111111111111'
}
]
priority: '0'
isDefault: 'true'
}
]
vpnAuthenticationTypes: [
'AAD'
]
vpnProtocols: [
'OpenVPN'
]
}
}
]
2 changes: 1 addition & 1 deletion avm/res/network/vpn-server-configuration/tests/e2e/max/dependencies.bicep
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,4 @@ resource virtualWan 'Microsoft.Network/virtualWans@2023-04-01' = {
}

@description('The resource ID of the created Virtual WAN.')
output virtualWWANResourceId string = virtualWan.id
output virtualWANResourceId string = virtualWan.id
Loading

0 comments on commit 4a309aa

Please sign in to comment.