fix: res/web/connection parameter update (Azure#2466)

## Description

Added the parameterValueSet parameter and some documentation
improvements.

Closes Azure#2338 

## Pipeline Reference

<!-- Insert your Pipeline Status Badge below -->

| Pipeline |
| -------- |
|
[![avm.res.web.connection](https://github.com/ReneHezser/bicep-registry-modules/actions/workflows/avm.res.web.connection.yml/badge.svg?branch=web-connections-update)](https://github.com/ReneHezser/bicep-registry-modules/actions/workflows/avm.res.web.connection.yml)
|

## Type of Change

- [ ] Update to CI Environment or utilities (Non-module affecting
changes)
- [x] Azure Verified Module updates:
- [ ] Bugfix containing backwards-compatible bug fixes, and I have NOT
bumped the MAJOR or MINOR version in `version.json`:
- [x] Someone has opened a bug report issue, and I have included "Closes
#{bug_report_issue_number}" in the PR description.
- [ ] The bug was found by the module author, and no one has opened an
issue to report it yet.
- [x] Feature update backwards compatible feature updates, and I have
bumped the MINOR version in `version.json`.
- [ ] Breaking changes and I have bumped the MAJOR version in
`version.json`.
  - [ ] Update to documentation

## Checklist

- [x] I'm sure there are no other open Pull Requests for the same
update/change
- [x] I have run `Set-AVMModule` locally to generate the supporting
module files.
- [x] My corresponding pipelines / checks run clean and green without
any errors or warnings

avm/res/web/connection/README.md

@@ -293,8 +293,8 @@ module connection 'br/public:avm/res/web/connection:<version>' = {
 
 | Parameter | Type | Description |
 | :-- | :-- | :-- |
-| [`displayName`](#parameter-displayname) | string | Display name connection. Example: 'blobconnection' when using blobs. It can change depending on the resource. |
-| [`name`](#parameter-name) | string | Connection name for connection. Example: 'azureblob' when using blobs. It can change depending on the resource. |
+| [`displayName`](#parameter-displayname) | string | Display name connection. Example: `blobconnection` when using blobs. It can change depending on the resource. |
+| [`name`](#parameter-name) | string | Connection name for connection. It can change depending on the resource. |
 
 **Optional parameters**
 
@@ -306,22 +306,23 @@ module connection 'br/public:avm/res/web/connection:<version>' = {
 | [`location`](#parameter-location) | string | Location of the deployment. |
 | [`lock`](#parameter-lock) | object | The lock settings of the service. |
 | [`nonSecretParameterValues`](#parameter-nonsecretparametervalues) | object | Dictionary of nonsecret parameter values. |
-| [`parameterValues`](#parameter-parametervalues) | secureObject | Connection strings or access keys for connection. Example: 'accountName' and 'accessKey' when using blobs.  It can change depending on the resource. |
+| [`parameterValues`](#parameter-parametervalues) | secureObject | Connection strings or access keys for connection. Example: `accountName` and `accessKey` when using blobs. It can change depending on the resource. |
+| [`parameterValueSet`](#parameter-parametervalueset) | object | Additional parameter Value Set used for authentication settings. |
 | [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignments to create. |
-| [`statuses`](#parameter-statuses) | array | Status of the connection. |
+| [`statuses`](#parameter-statuses) | array | The status of the connection. |
 | [`tags`](#parameter-tags) | object | Tags of the resource. |
 | [`testLinks`](#parameter-testlinks) | array | Links to test the API connection. |
 
 ### Parameter: `displayName`
 
-Display name connection. Example: 'blobconnection' when using blobs. It can change depending on the resource.
+Display name connection. Example: `blobconnection` when using blobs. It can change depending on the resource.
 
 - Required: Yes
 - Type: string
 
 ### Parameter: `name`
 
-Connection name for connection. Example: 'azureblob' when using blobs. It can change depending on the resource.
+Connection name for connection. It can change depending on the resource.
 
 - Required: Yes
 - Type: string
@@ -401,11 +402,18 @@ Dictionary of nonsecret parameter values.
 
 ### Parameter: `parameterValues`
 
-Connection strings or access keys for connection. Example: 'accountName' and 'accessKey' when using blobs.  It can change depending on the resource.
+Connection strings or access keys for connection. Example: `accountName` and `accessKey` when using blobs. It can change depending on the resource.
 
 - Required: No
 - Type: secureObject
 
+### Parameter: `parameterValueSet`
+
+Additional parameter Value Set used for authentication settings.
+
+- Required: No
+- Type: object
+
 ### Parameter: `roleAssignments`
 
 Array of role assignments to create.
@@ -497,7 +505,7 @@ The principal type of the assigned principal ID.
 
 ### Parameter: `statuses`
 
-Status of the connection.
+The status of the connection.
 
 - Required: No
 - Type: array

avm/res/web/connection/main.bicep

@@ -2,46 +2,102 @@ metadata name = 'API Connections'
 metadata description = 'This module deploys an Azure API Connection.'
 metadata owner = 'Azure/module-maintainers'
 
-@description('Optional. Specific values for some API connections.')
-param api object?
-
-@description('Required. Connection name for connection. Example: \'azureblob\' when using blobs. It can change depending on the resource.')
+@description('Required. Connection name for connection. It can change depending on the resource.')
 param name string
 
+@description('Optional. Location of the deployment.')
+param location string = resourceGroup().location
+
 @description('Optional. Enable/Disable usage telemetry for module.')
 param enableTelemetry bool = true
 
+// ============ //
+// Parameters   //
+// ============ //
+
+@description('Optional. Specific values for some API connections.')
+@metadata({
+  example: '''
+  // for a Service Bus connection
+  {
+    type: 'Microsoft.Web/locations/managedApis'
+    id: subscriptionResourceId('Microsoft.Web/locations/managedApis', '${resourceLocation}', 'servicebus')
+  }
+'''
+})
+param api object?
+
 @description('Optional. Dictionary of custom parameter values for specific connections.')
 param customParameterValues object?
 
-@description('Required. Display name connection. Example: \'blobconnection\' when using blobs. It can change depending on the resource.')
+@description('Required. Display name connection. Example: `blobconnection` when using blobs. It can change depending on the resource.')
 param displayName string
 
-@description('Optional. Location of the deployment.')
-param location string = resourceGroup().location
-
 @description('Optional. Dictionary of nonsecret parameter values.')
 #disable-next-line secure-secrets-in-params // Not a secret
 param nonSecretParameterValues object?
 
-@description('Optional. Connection strings or access keys for connection. Example: \'accountName\' and \'accessKey\' when using blobs.  It can change depending on the resource.')
+@description('Optional. Connection strings or access keys for connection. Example: `accountName` and `accessKey` when using blobs. It can change depending on the resource.')
 @secure()
+@metadata({
+  example: '''
+    {
+      connectionString: 'listKeys('/subscriptions/<subscriptionId>/resourceGroups/<resourceGroupName>/Microsoft.ServiceBus/namespaces/AuthorizationRules/<serviceBusName>/RootManagedSharedAccessKey', '2023-01-01').primaryConnectionString'
+    }
+    {
+      rootfolder: fileshareConnection.rootfolder
+      authType: fileshareConnection.authType
+      // to add an object, use the any() function
+      gateway: any({
+        name: fileshareConnection.odgw.name
+        id: resourceId(fileshareConnection.odgw.resourceGroup, 'Microsoft.Web/connectionGateways', fileshareConnection.odgw.name)
+        type: 'Microsoft.Web/connectionGateways'
+      })
+      username: username
+      password: password
+    }
+  '''
+})
 param parameterValues object?
 
+@description('Optional. Additional parameter Value Set used for authentication settings.')
+@metadata({
+  example: '''
+  // for a Service Bus connection
+  {
+    name: 'managedIdentityAuth'
+    values: {
+      namespaceEndpoint: {
+        value: 'sb://${dependency.outputs.serviceBusEndpoint}'
+      }
+    }
+  }
+'''
+})
+param parameterValueSet object?
+
 @description('Optional. Array of role assignments to create.')
 param roleAssignments roleAssignmentType
 
-@description('Optional. Status of the connection.')
-param statuses array?
+@description('Optional. The status of the connection.')
+param statuses object[]?
 
 @description('Optional. The lock settings of the service.')
 param lock lockType
 
+@metadata({
+  example: '''
+  {
+      key1: 'value1'
+      key2: 'value2'
+  }
+  '''
+})
 @description('Optional. Tags of the resource.')
 param tags object?
 
 @description('Optional. Links to test the API connection.')
-param testLinks array?
+param testLinks object[]?
 
 var builtInRoleNames = {
   Contributor: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c')
@@ -57,6 +113,10 @@ var builtInRoleNames = {
   )
 }
 
+// ============== //
+// Resources      //
+// ============== //
+
 #disable-next-line no-deployments-resources
 resource avmTelemetry 'Microsoft.Resources/deployments@2024-03-01' = if (enableTelemetry) {
   name: '46d3xbcp.res.web-connection.${replace('-..--..-', '.', '-')}.${substring(uniqueString(deployment().name, location), 0, 4)}'
@@ -88,6 +148,8 @@ resource connection 'Microsoft.Web/connections@2016-06-01' = {
     nonSecretParameterValues: nonSecretParameterValues
     testLinks: testLinks
     statuses: statuses
+    #disable-next-line BCP037 // the parameterValueSet is not yet made available in the resource provider, which generates warnings. Disable the warning for now.
+    parameterValueSet: parameterValueSet
   }
 }
 
@@ -122,6 +184,10 @@ resource connection_roleAssignments 'Microsoft.Authorization/roleAssignments@202
   }
 ]
 
+// ============ //
+// Outputs      //
+// ============ //
+
 @description('The resource ID of the connection.')
 output resourceId string = connection.id
 

avm/res/web/connection/main.json

@@ -6,7 +6,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.28.1.47646",
-      "templateHash": "16876360500243904943"
+      "templateHash": "4760344619510029018"
     },
     "name": "API Connections",
     "description": "This module deploys an Azure API Connection.",
@@ -106,17 +106,17 @@
     }
   },
   "parameters": {
-    "api": {
-      "type": "object",
-      "nullable": true,
+    "name": {
+      "type": "string",
       "metadata": {
-        "description": "Optional. Specific values for some API connections."
+        "description": "Required. Connection name for connection. It can change depending on the resource."
       }
     },
-    "name": {
+    "location": {
       "type": "string",
+      "defaultValue": "[resourceGroup().location]",
       "metadata": {
-        "description": "Required. Connection name for connection. Example: 'azureblob' when using blobs. It can change depending on the resource."
+        "description": "Optional. Location of the deployment."
       }
     },
     "enableTelemetry": {
@@ -126,24 +126,25 @@
         "description": "Optional. Enable/Disable usage telemetry for module."
       }
     },
-    "customParameterValues": {
+    "api": {
       "type": "object",
       "nullable": true,
       "metadata": {
-        "description": "Optional. Dictionary of custom parameter values for specific connections."
+        "example": "  // for a Service Bus connection\n  {\n    type: 'Microsoft.Web/locations/managedApis'\n    id: subscriptionResourceId('Microsoft.Web/locations/managedApis', '${resourceLocation}', 'servicebus')\n  }\n",
+        "description": "Optional. Specific values for some API connections."
       }
     },
-    "displayName": {
-      "type": "string",
+    "customParameterValues": {
+      "type": "object",
+      "nullable": true,
       "metadata": {
-        "description": "Required. Display name connection. Example: 'blobconnection' when using blobs. It can change depending on the resource."
+        "description": "Optional. Dictionary of custom parameter values for specific connections."
       }
     },
-    "location": {
+    "displayName": {
       "type": "string",
-      "defaultValue": "[resourceGroup().location]",
       "metadata": {
-        "description": "Optional. Location of the deployment."
+        "description": "Required. Display name connection. Example: `blobconnection` when using blobs. It can change depending on the resource."
       }
     },
     "nonSecretParameterValues": {
@@ -157,7 +158,16 @@
       "type": "secureObject",
       "nullable": true,
       "metadata": {
-        "description": "Optional. Connection strings or access keys for connection. Example: 'accountName' and 'accessKey' when using blobs.  It can change depending on the resource."
+        "example": "    {\n      connectionString: 'listKeys('/subscriptions/<subscriptionId>/resourceGroups/<resourceGroupName>/Microsoft.ServiceBus/namespaces/AuthorizationRules/<serviceBusName>/RootManagedSharedAccessKey', '2023-01-01').primaryConnectionString'\n    }\n    {\n      rootfolder: fileshareConnection.rootfolder\n      authType: fileshareConnection.authType\n      // to add an object, use the any() function\n      gateway: any({\n        name: fileshareConnection.odgw.name\n        id: resourceId(fileshareConnection.odgw.resourceGroup, 'Microsoft.Web/connectionGateways', fileshareConnection.odgw.name)\n        type: 'Microsoft.Web/connectionGateways'\n      })\n      username: username\n      password: password\n    }\n  ",
+        "description": "Optional. Connection strings or access keys for connection. Example: `accountName` and `accessKey` when using blobs. It can change depending on the resource."
+      }
+    },
+    "parameterValueSet": {
+      "type": "object",
+      "nullable": true,
+      "metadata": {
+        "example": "  // for a Service Bus connection\n  {\n    name: 'managedIdentityAuth'\n    values: {\n      namespaceEndpoint: {\n        value: 'sb://${dependency.outputs.serviceBusEndpoint}'\n      }\n    }\n  }\n",
+        "description": "Optional. Additional parameter Value Set used for authentication settings."
       }
     },
     "roleAssignments": {
@@ -168,9 +178,12 @@
     },
     "statuses": {
       "type": "array",
+      "items": {
+        "type": "object"
+      },
       "nullable": true,
       "metadata": {
-        "description": "Optional. Status of the connection."
+        "description": "Optional. The status of the connection."
       }
     },
     "lock": {
@@ -183,11 +196,15 @@
       "type": "object",
       "nullable": true,
       "metadata": {
+        "example": "  {\n      key1: 'value1'\n      key2: 'value2'\n  }\n  ",
         "description": "Optional. Tags of the resource."
       }
     },
     "testLinks": {
       "type": "array",
+      "items": {
+        "type": "object"
+      },
       "nullable": true,
       "metadata": {
         "description": "Optional. Links to test the API connection."
@@ -237,7 +254,8 @@
         "parameterValues": "[parameters('parameterValues')]",
         "nonSecretParameterValues": "[parameters('nonSecretParameterValues')]",
         "testLinks": "[parameters('testLinks')]",
-        "statuses": "[parameters('statuses')]"
+        "statuses": "[parameters('statuses')]",
+        "parameterValueSet": "[parameters('parameterValueSet')]"
       }
     },
     "connection_lock": {

avm/res/web/connection/version.json

@@ -1,6 +1,6 @@
 {
     "$schema": "https://aka.ms/bicep-registry-module-version-file-schema#",
-    "version": "0.1",
+    "version": "0.2",
     "pathFilters": [
         "./main.json"
     ]