forked from Azure/bicep-registry-modules
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Loading status checks…
Merge pull request #4 from segraef/avm/res/network/application-securi…
…ty-group feat: avm/res/network/application-security-group
Showing
10 changed files
with
1,107 additions
and
1 deletion.
There are no files selected for viewing
This CODEOWNERS file contains errors …
CODEOWNERS errors
-
Unknown owner on line 1: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
* @Azure/bicep-admins @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 1: make sure the team @Azure/bicep-admins exists, is publicly visible, and has write access to the repository
* @Azure/bicep-admins @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 2: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
/.github/ @Azure/bicep-admins @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 2: make sure the team @Azure/bicep-admins exists, is publicly visible, and has write access to the repository
/.github/ @Azure/bicep-admins @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 3: make sure the team @Azure/bicep-admins exists, is publicly visible, and has write access to the repository
/scripts/ @Azure/bicep-admins @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 3: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
/scripts/ @Azure/bicep-admins @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 4: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
/avm/ @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 5: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
/avm/utilities/ @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 8: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…t-service-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 8: make sure the team @Azure/avm-res-apimanagement-service-module-owners-bicep exists, is publicly visible, and has write access to the repository
…m/res/api-management/service/ @Azure/avm-res-apimanagement-service-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 19: make sure the team @Azure/avm-res-automation-automationaccount-module-owners-bicep exists, is publicly visible, and has write access to the repository
…utomation/automation-account/ @Azure/avm-res-automation-automationaccount-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 19: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…onaccount-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 20: make sure the team @Azure/avm-res-batch-batchaccount-module-owners-bicep exists, is publicly visible, and has write access to the repository
/avm/res/batch/batch-account/ @Azure/avm-res-batch-batchaccount-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 20: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…chaccount-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 23: make sure the team @Azure/avm-res-cognitiveservices-account-module-owners-bicep exists, is publicly visible, and has write access to the repository
…s/cognitive-services/account/ @Azure/avm-res-cognitiveservices-account-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 23: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…s-account-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 30: make sure the team @Azure/avm-res-compute-sshpublickey-module-owners-bicep exists, is publicly visible, and has write access to the repository
…m/res/compute/ssh-public-key/ @Azure/avm-res-compute-sshpublickey-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 30: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…publickey-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 39: make sure the team @Azure/avm-res-datafactory-factory-module-owners-bicep exists, is publicly visible, and has write access to the repository
…avm/res/data-factory/factory/ @Azure/avm-res-datafactory-factory-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 39: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…y-factory-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 42: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…bleserver-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 42: make sure the team @Azure/avm-res-dbforpostgresql-flexibleserver-module-owners-bicep exists, is publicly visible, and has write access to the repository
…-postgre-sql/flexible-server/ @Azure/avm-res-dbforpostgresql-flexibleserver-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 50: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…seaccount-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 50: make sure the team @Azure/avm-res-documentdb-databaseaccount-module-owners-bicep exists, is publicly visible, and has write access to the repository
…document-db/database-account/ @Azure/avm-res-documentdb-databaseaccount-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 51: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…id-domain-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 51: make sure the team @Azure/avm-res-eventgrid-domain-module-owners-bicep exists, is publicly visible, and has write access to the repository
/avm/res/event-grid/domain/ @Azure/avm-res-eventgrid-domain-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 52: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…stemtopic-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 52: make sure the team @Azure/avm-res-eventgrid-systemtopic-module-owners-bicep exists, is publicly visible, and has write access to the repository
…/res/event-grid/system-topic/ @Azure/avm-res-eventgrid-systemtopic-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 53: make sure the team @Azure/avm-res-eventgrid-topic-module-owners-bicep exists, is publicly visible, and has write access to the repository
/avm/res/event-grid/topic/ @Azure/avm-res-eventgrid-topic-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 53: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…rid-topic-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 57: make sure the team @Azure/avm-res-insights-actiongroup-module-owners-bicep exists, is publicly visible, and has write access to the repository
…vm/res/insights/action-group/ @Azure/avm-res-insights-actiongroup-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 57: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…tiongroup-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 58: make sure the team @Azure/avm-res-insights-activitylogalert-module-owners-bicep exists, is publicly visible, and has write access to the repository
…/insights/activity-log-alert/ @Azure/avm-res-insights-activitylogalert-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 58: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…ylogalert-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 59: make sure the team @Azure/avm-res-insights-component-module-owners-bicep exists, is publicly visible, and has write access to the repository
/avm/res/insights/component/ @Azure/avm-res-insights-component-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 59: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…component-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 60: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…nendpoint-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 60: make sure the team @Azure/avm-res-insights-datacollectionendpoint-module-owners-bicep exists, is publicly visible, and has write access to the repository
…hts/data-collection-endpoint/ @Azure/avm-res-insights-datacollectionendpoint-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 61: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…ctionrule-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 61: make sure the team @Azure/avm-res-insights-datacollectionrule-module-owners-bicep exists, is publicly visible, and has write access to the repository
…nsights/data-collection-rule/ @Azure/avm-res-insights-datacollectionrule-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 62: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…icsetting-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 62: make sure the team @Azure/avm-res-insights-diagnosticsetting-module-owners-bicep exists, is publicly visible, and has write access to the repository
…/insights/diagnostic-setting/ @Azure/avm-res-insights-diagnosticsetting-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 63: make sure the team @Azure/avm-res-insights-metricalert-module-owners-bicep exists, is publicly visible, and has write access to the repository
…vm/res/insights/metric-alert/ @Azure/avm-res-insights-metricalert-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 63: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…tricalert-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 65: make sure the team @Azure/avm-res-insights-scheduledqueryrule-module-owners-bicep exists, is publicly visible, and has write access to the repository
…nsights/scheduled-query-rule/ @Azure/avm-res-insights-scheduledqueryrule-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 65: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…queryrule-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 66: make sure the team @Azure/avm-res-insights-webtest-module-owners-bicep exists, is publicly visible, and has write access to the repository
/avm/res/insights/webtest/ @Azure/avm-res-insights-webtest-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 66: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…s-webtest-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 67: make sure the team @Azure/avm-res-keyvault-vault-module-owners-bicep exists, is publicly visible, and has write access to the repository
/avm/res/key-vault/vault/ @Azure/avm-res-keyvault-vault-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 67: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…ult-vault-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 68: make sure the team @Azure/avm-res-kubernetesconfiguration-extension-module-owners-bicep exists, is publicly visible, and has write access to the repository
…etes-configuration/extension/ @Azure/avm-res-kubernetesconfiguration-extension-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 68: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…extension-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 69: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…iguration-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 69: make sure the team @Azure/avm-res-kubernetesconfiguration-fluxconfiguration-module-owners-bicep exists, is publicly visible, and has write access to the repository
…iguration/flux-configuration/ @Azure/avm-res-kubernetesconfiguration-fluxconfiguration-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 71: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…-workflow-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 71: make sure the team @Azure/avm-res-logic-workflow-module-owners-bicep exists, is publicly visible, and has write access to the repository
/avm/res/logic/workflow/ @Azure/avm-res-logic-workflow-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 73: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…iguration-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 73: make sure the team @Azure/avm-res-maintenance-maintenanceconfiguration-module-owners-bicep exists, is publicly visible, and has write access to the repository
…ce/maintenance-configuration/ @Azure/avm-res-maintenance-maintenanceconfiguration-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 74: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…didentity-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 74: make sure the team @Azure/avm-res-managedidentity-userassignedidentity-module-owners-bicep exists, is publicly visible, and has write access to the repository
…ntity/user-assigned-identity/ @Azure/avm-res-managedidentity-userassignedidentity-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 80: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…ritygroup-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 80: make sure the team @Azure/avm-res-network-applicationsecuritygroup-module-owners-bicep exists, is publicly visible, and has write access to the repository
…k/application-security-group/ @Azure/avm-res-network-applicationsecuritygroup-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 82: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…stionhost-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 82: make sure the team @Azure/avm-res-network-bastionhost-module-owners-bicep exists, is publicly visible, and has write access to the repository
…avm/res/network/bastion-host/ @Azure/avm-res-network-bastionhost-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 84: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…ctionplan-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 84: make sure the team @Azure/avm-res-network-ddosprotectionplan-module-owners-bicep exists, is publicly visible, and has write access to the repository
…network/ddos-protection-plan/ @Azure/avm-res-network-ddosprotectionplan-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 85: make sure the team @Azure/avm-res-network-dnsforwardingruleset-module-owners-bicep exists, is publicly visible, and has write access to the repository
…twork/dns-forwarding-ruleset/ @Azure/avm-res-network-dnsforwardingruleset-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 85: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…ngruleset-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 86: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…sresolver-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 86: make sure the team @Azure/avm-res-network-dnsresolver-module-owners-bicep exists, is publicly visible, and has write access to the repository
…avm/res/network/dns-resolver/ @Azure/avm-res-network-dnsresolver-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 87: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…k-dnszone-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 87: make sure the team @Azure/avm-res-network-dnszone-module-owners-bicep exists, is publicly visible, and has write access to the repository
/avm/res/network/dns-zone/ @Azure/avm-res-network-dnszone-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 88: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…tecircuit-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 88: make sure the team @Azure/avm-res-network-expressroutecircuit-module-owners-bicep exists, is publicly visible, and has write access to the repository
…etwork/express-route-circuit/ @Azure/avm-res-network-expressroutecircuit-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 89: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…tegateway-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 89: make sure the team @Azure/avm-res-network-expressroutegateway-module-owners-bicep exists, is publicly visible, and has write access to the repository
…etwork/express-route-gateway/ @Azure/avm-res-network-expressroutegateway-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 94: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…dbalancer-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 94: make sure the team @Azure/avm-res-network-loadbalancer-module-owners-bicep exists, is publicly visible, and has write access to the repository
…vm/res/network/load-balancer/ @Azure/avm-res-network-loadbalancer-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 97: make sure the team @Azure/avm-res-network-networkinterface-module-owners-bicep exists, is publicly visible, and has write access to the repository
…es/network/network-interface/ @Azure/avm-res-network-networkinterface-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 97: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…interface-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 99: make sure the team @Azure/avm-res-network-networksecuritygroup-module-owners-bicep exists, is publicly visible, and has write access to the repository
…twork/network-security-group/ @Azure/avm-res-network-networksecuritygroup-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 99: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…ritygroup-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 101: make sure the team @Azure/avm-res-network-privatednszone-module-owners-bicep exists, is publicly visible, and has write access to the repository
…res/network/private-dns-zone/ @Azure/avm-res-network-privatednszone-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 101: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…tednszone-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 102: make sure the team @Azure/avm-res-network-privateendpoint-module-owners-bicep exists, is publicly visible, and has write access to the repository
…res/network/private-endpoint/ @Azure/avm-res-network-privateendpoint-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 102: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…eendpoint-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 104: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…ipaddress-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 104: make sure the team @Azure/avm-res-network-publicipaddress-module-owners-bicep exists, is publicly visible, and has write access to the repository
…es/network/public-ip-address/ @Azure/avm-res-network-publicipaddress-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 105: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…cipprefix-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 105: make sure the team @Azure/avm-res-network-publicipprefix-module-owners-bicep exists, is publicly visible, and has write access to the repository
…res/network/public-ip-prefix/ @Azure/avm-res-network-publicipprefix-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 106: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…outetable-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 106: make sure the team @Azure/avm-res-network-routetable-module-owners-bicep exists, is publicly visible, and has write access to the repository
/avm/res/network/route-table/ @Azure/avm-res-network-routetable-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 108: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…erprofile-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 108: make sure the team @Azure/avm-res-network-trafficmanagerprofile-module-owners-bicep exists, is publicly visible, and has write access to the repository
…etwork/trafficmanagerprofile/ @Azure/avm-res-network-trafficmanagerprofile-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 110: make sure the team @Azure/avm-res-network-virtualnetwork-module-owners-bicep exists, is publicly visible, and has write access to the repository
…/res/network/virtual-network/ @Azure/avm-res-network-virtualnetwork-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 110: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…alnetwork-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 115: make sure the team @Azure/avm-res-operationalinsights-workspace-module-owners-bicep exists, is publicly visible, and has write access to the repository
…erational-insights/workspace/ @Azure/avm-res-operationalinsights-workspace-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 115: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…workspace-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 116: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…-solution-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 116: make sure the team @Azure/avm-res-operationsmanagement-solution-module-owners-bicep exists, is publicly visible, and has write access to the repository
…erations-management/solution/ @Azure/avm-res-operationsmanagement-solution-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 118: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…-capacity-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 118: make sure the team @Azure/avm-res-powerbidedicated-capacity-module-owners-bicep exists, is publicly visible, and has write access to the repository
…/power-bi-dedicated/capacity/ @Azure/avm-res-powerbidedicated-capacity-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 122: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…aph-query-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 122: make sure the team @Azure/avm-res-resourcegraph-query-module-owners-bicep exists, is publicly visible, and has write access to the repository
…avm/res/resource-graph/query/ @Azure/avm-res-resourcegraph-query-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 123: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…entscript-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 123: make sure the team @Azure/avm-res-resources-deploymentscript-module-owners-bicep exists, is publicly visible, and has write access to the repository
…/resources/deployment-script/ @Azure/avm-res-resources-deploymentscript-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 124: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…urcegroup-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 124: make sure the team @Azure/avm-res-resources-resourcegroup-module-owners-bicep exists, is publicly visible, and has write access to the repository
…res/resources/resource-group/ @Azure/avm-res-resources-resourcegroup-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 126: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…chservice-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 126: make sure the team @Azure/avm-res-search-searchservice-module-owners-bicep exists, is publicly visible, and has write access to the repository
…vm/res/search/search-service/ @Azure/avm-res-search-searchservice-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 127: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…namespace-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 127: make sure the team @Azure/avm-res-servicebus-namespace-module-owners-bicep exists, is publicly visible, and has write access to the repository
…vm/res/service-bus/namespace/ @Azure/avm-res-servicebus-namespace-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 132: make sure the team @Azure/avm-res-sql-server-module-owners-bicep exists, is publicly visible, and has write access to the repository
/avm/res/sql/server/ @Azure/avm-res-sql-server-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 132: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…ql-server-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 139: make sure the team @Azure/avm-core-team-technical-bicep exists, is publicly visible, and has write access to the repository
…erverfarm-module-owners-bicep @Azure/avm-core-team-technical-bicep
-
Unknown owner on line 139: make sure the team @Azure/avm-res-web-serverfarm-module-owners-bicep exists, is publicly visible, and has write access to the repository
/avm/res/web/serverfarm/ @Azure/avm-res-web-serverfarm-module-owners-bicep @Azure/avm-core-team-technical-bicep
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
83 changes: 83 additions & 0 deletions
83
.github/workflows/avm.res.network.application-security-group.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,83 @@ | ||
name: "avm.res.network.application-security-group" | ||
|
||
on: | ||
schedule: | ||
- cron: "0 12 1/15 * *" # Bi-Weekly Test (on 1st & 15th of month) | ||
workflow_dispatch: | ||
inputs: | ||
staticValidation: | ||
type: boolean | ||
description: "Execute static validation" | ||
required: false | ||
default: true | ||
deploymentValidation: | ||
type: boolean | ||
description: "Execute deployment validation" | ||
required: false | ||
default: true | ||
removeDeployment: | ||
type: boolean | ||
description: "Remove deployed module" | ||
required: false | ||
default: true | ||
|
||
push: | ||
branches: | ||
- main | ||
paths: | ||
- ".github/actions/templates/avm-**" | ||
- ".github/workflows/avm.template.module.yml" | ||
- ".github/workflows/avm.res.network.application-security-group.yml" | ||
- "avm/res/network/application-security-group/**" | ||
- "avm/utilities/pipelines/**" | ||
- "!*/**/README.md" | ||
|
||
env: | ||
modulePath: "avm/res/network/application-security-group" | ||
workflowPath: ".github/workflows/avm.res.network.application-security-group.yml" | ||
|
||
concurrency: | ||
group: ${{ github.workflow }} | ||
|
||
jobs: | ||
########################### | ||
# Initialize pipeline # | ||
########################### | ||
job_initialize_pipeline: | ||
runs-on: ubuntu-20.04 | ||
name: "Initialize pipeline" | ||
steps: | ||
- name: "Checkout" | ||
uses: actions/checkout@v4 | ||
with: | ||
fetch-depth: 0 | ||
- name: "Set input parameters to output variables" | ||
id: get-workflow-param | ||
uses: ./.github/actions/templates/avm-getWorkflowInput | ||
with: | ||
workflowPath: "${{ env.workflowPath}}" | ||
- name: "Get module test file paths" | ||
id: get-module-test-file-paths | ||
uses: ./.github/actions/templates/avm-getModuleTestFiles | ||
with: | ||
modulePath: "${{ env.modulePath }}" | ||
outputs: | ||
workflowInput: ${{ steps.get-workflow-param.outputs.workflowInput }} | ||
moduleTestFilePaths: ${{ steps.get-module-test-file-paths.outputs.moduleTestFilePaths }} | ||
psRuleModuleTestFilePaths: ${{ steps.get-module-test-file-paths.outputs.psRuleModuleTestFilePaths }} | ||
modulePath: "${{ env.modulePath }}" | ||
|
||
############################## | ||
# Call reusable workflow # | ||
############################## | ||
call-workflow-passing-data: | ||
name: "Run" | ||
needs: | ||
- job_initialize_pipeline | ||
uses: ./.github/workflows/avm.template.module.yml | ||
with: | ||
workflowInput: "${{ needs.job_initialize_pipeline.outputs.workflowInput }}" | ||
moduleTestFilePaths: "${{ needs.job_initialize_pipeline.outputs.moduleTestFilePaths }}" | ||
psRuleModuleTestFilePaths: "${{ needs.job_initialize_pipeline.outputs.psRuleModuleTestFilePaths }}" | ||
modulePath: "${{ needs.job_initialize_pipeline.outputs.modulePath}}" | ||
secrets: inherit |
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,124 @@ | ||
metadata name = 'Application Security Groups (ASG)' | ||
metadata description = 'This module deploys an Application Security Group (ASG).' | ||
metadata owner = 'Azure/module-maintainers' | ||
|
||
@description('Required. Name of the Application Security Group.') | ||
param name string | ||
|
||
@description('Optional. Location for all resources.') | ||
param location string = resourceGroup().location | ||
|
||
@description('Optional. The lock settings of the service.') | ||
param lock lockType | ||
|
||
@description('Optional. Array of role assignments to create.') | ||
param roleAssignments roleAssignmentType | ||
|
||
@description('Optional. Tags of the resource.') | ||
param tags object? | ||
|
||
@description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') | ||
param enableTelemetry bool = true | ||
|
||
var builtInRoleNames = { | ||
Contributor: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c') | ||
Owner: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635') | ||
Reader: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'acdd72a7-3385-48ef-bd42-f606fba81ae7') | ||
'Role Based Access Control Administrator (Preview)': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'f58310d9-a9f6-439a-9e8d-f62e7b41a168') | ||
'User Access Administrator': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '18d7d88d-d35e-4fb5-a5c3-7773c20a72d9') | ||
} | ||
|
||
resource avmTelemetry 'Microsoft.Resources/deployments@2023-07-01' = if (enableTelemetry) { | ||
name: '46d3xbcp.res.network-applicationsecuritygroup.${replace('-..--..-', '.', '-')}.${substring(uniqueString(deployment().name, location), 0, 4)}' | ||
properties: { | ||
mode: 'Incremental' | ||
template: { | ||
'$schema': 'https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#' | ||
contentVersion: '1.0.0.0' | ||
resources: [] | ||
outputs: { | ||
telemetry: { | ||
type: 'String' | ||
value: 'For more information, see https://aka.ms/avm/TelemetryInfo' | ||
} | ||
} | ||
} | ||
} | ||
} | ||
|
||
resource applicationSecurityGroup 'Microsoft.Network/applicationSecurityGroups@2023-04-01' = { | ||
name: name | ||
location: location | ||
tags: tags | ||
properties: {} | ||
} | ||
|
||
resource applicationSecurityGroup_lock 'Microsoft.Authorization/locks@2020-05-01' = if (!empty(lock ?? {}) && lock.?kind != 'None') { | ||
name: lock.?name ?? 'lock-${name}' | ||
properties: { | ||
level: lock.?kind ?? '' | ||
notes: lock.?kind == 'CanNotDelete' ? 'Cannot delete resource or child resources.' : 'Cannot delete or modify the resource or child resources.' | ||
} | ||
scope: applicationSecurityGroup | ||
} | ||
|
||
resource applicationSecurityGroup_roleAssignments 'Microsoft.Authorization/roleAssignments@2022-04-01' = [for (roleAssignment, index) in (roleAssignments ?? []): { | ||
name: guid(applicationSecurityGroup.id, roleAssignment.principalId, roleAssignment.roleDefinitionIdOrName) | ||
properties: { | ||
roleDefinitionId: contains(builtInRoleNames, roleAssignment.roleDefinitionIdOrName) ? builtInRoleNames[roleAssignment.roleDefinitionIdOrName] : contains(roleAssignment.roleDefinitionIdOrName, '/providers/Microsoft.Authorization/roleDefinitions/') ? roleAssignment.roleDefinitionIdOrName : subscriptionResourceId('Microsoft.Authorization/roleDefinitions', roleAssignment.roleDefinitionIdOrName) | ||
principalId: roleAssignment.principalId | ||
description: roleAssignment.?description | ||
principalType: roleAssignment.?principalType | ||
condition: roleAssignment.?condition | ||
conditionVersion: !empty(roleAssignment.?condition) ? (roleAssignment.?conditionVersion ?? '2.0') : null // Must only be set if condtion is set | ||
delegatedManagedIdentityResourceId: roleAssignment.?delegatedManagedIdentityResourceId | ||
} | ||
scope: applicationSecurityGroup | ||
}] | ||
|
||
@description('The resource group the application security group was deployed into.') | ||
output resourceGroupName string = resourceGroup().name | ||
|
||
@description('The resource ID of the application security group.') | ||
output resourceId string = applicationSecurityGroup.id | ||
|
||
@description('The name of the application security group.') | ||
output name string = applicationSecurityGroup.name | ||
|
||
@description('The location the resource was deployed into.') | ||
output location string = applicationSecurityGroup.location | ||
|
||
// =============== // | ||
// Definitions // | ||
// =============== // | ||
|
||
type lockType = { | ||
@description('Optional. Specify the name of lock.') | ||
name: string? | ||
|
||
@description('Optional. Specify the type of lock.') | ||
kind: ('CanNotDelete' | 'ReadOnly' | 'None')? | ||
}? | ||
|
||
type roleAssignmentType = { | ||
@description('Required. The role to assign. You can provide either the display name of the role definition, the role definition GUID, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') | ||
roleDefinitionIdOrName: string | ||
|
||
@description('Required. The principal ID of the principal (user/group/identity) to assign the role to.') | ||
principalId: string | ||
|
||
@description('Optional. The principal type of the assigned principal ID.') | ||
principalType: ('ServicePrincipal' | 'Group' | 'User' | 'ForeignGroup' | 'Device')? | ||
|
||
@description('Optional. The description of the role assignment.') | ||
description: string? | ||
|
||
@description('Optional. The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase "foo_storage_container".') | ||
condition: string? | ||
|
||
@description('Optional. Version of the condition.') | ||
conditionVersion: '2.0'? | ||
|
||
@description('Optional. The Resource Id of the delegated managed identity resource.') | ||
delegatedManagedIdentityResourceId: string? | ||
}[]? |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,254 @@ | ||
{ | ||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", | ||
"languageVersion": "2.0", | ||
"contentVersion": "1.0.0.0", | ||
"metadata": { | ||
"_generator": { | ||
"name": "bicep", | ||
"version": "0.23.1.45101", | ||
"templateHash": "7585363260345918497" | ||
}, | ||
"name": "Application Security Groups (ASG)", | ||
"description": "This module deploys an Application Security Group (ASG).", | ||
"owner": "Azure/module-maintainers" | ||
}, | ||
"definitions": { | ||
"lockType": { | ||
"type": "object", | ||
"properties": { | ||
"name": { | ||
"type": "string", | ||
"nullable": true, | ||
"metadata": { | ||
"description": "Optional. Specify the name of lock." | ||
} | ||
}, | ||
"kind": { | ||
"type": "string", | ||
"allowedValues": [ | ||
"CanNotDelete", | ||
"None", | ||
"ReadOnly" | ||
], | ||
"nullable": true, | ||
"metadata": { | ||
"description": "Optional. Specify the type of lock." | ||
} | ||
} | ||
}, | ||
"nullable": true | ||
}, | ||
"roleAssignmentType": { | ||
"type": "array", | ||
"items": { | ||
"type": "object", | ||
"properties": { | ||
"roleDefinitionIdOrName": { | ||
"type": "string", | ||
"metadata": { | ||
"description": "Required. The role to assign. You can provide either the display name of the role definition, the role definition GUID, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'." | ||
} | ||
}, | ||
"principalId": { | ||
"type": "string", | ||
"metadata": { | ||
"description": "Required. The principal ID of the principal (user/group/identity) to assign the role to." | ||
} | ||
}, | ||
"principalType": { | ||
"type": "string", | ||
"allowedValues": [ | ||
"Device", | ||
"ForeignGroup", | ||
"Group", | ||
"ServicePrincipal", | ||
"User" | ||
], | ||
"nullable": true, | ||
"metadata": { | ||
"description": "Optional. The principal type of the assigned principal ID." | ||
} | ||
}, | ||
"description": { | ||
"type": "string", | ||
"nullable": true, | ||
"metadata": { | ||
"description": "Optional. The description of the role assignment." | ||
} | ||
}, | ||
"condition": { | ||
"type": "string", | ||
"nullable": true, | ||
"metadata": { | ||
"description": "Optional. The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase \"foo_storage_container\"." | ||
} | ||
}, | ||
"conditionVersion": { | ||
"type": "string", | ||
"allowedValues": [ | ||
"2.0" | ||
], | ||
"nullable": true, | ||
"metadata": { | ||
"description": "Optional. Version of the condition." | ||
} | ||
}, | ||
"delegatedManagedIdentityResourceId": { | ||
"type": "string", | ||
"nullable": true, | ||
"metadata": { | ||
"description": "Optional. The Resource Id of the delegated managed identity resource." | ||
} | ||
} | ||
} | ||
}, | ||
"nullable": true | ||
} | ||
}, | ||
"parameters": { | ||
"name": { | ||
"type": "string", | ||
"metadata": { | ||
"description": "Required. Name of the Application Security Group." | ||
} | ||
}, | ||
"location": { | ||
"type": "string", | ||
"defaultValue": "[resourceGroup().location]", | ||
"metadata": { | ||
"description": "Optional. Location for all resources." | ||
} | ||
}, | ||
"lock": { | ||
"$ref": "#/definitions/lockType", | ||
"metadata": { | ||
"description": "Optional. The lock settings of the service." | ||
} | ||
}, | ||
"roleAssignments": { | ||
"$ref": "#/definitions/roleAssignmentType", | ||
"metadata": { | ||
"description": "Optional. Array of role assignments to create." | ||
} | ||
}, | ||
"tags": { | ||
"type": "object", | ||
"nullable": true, | ||
"metadata": { | ||
"description": "Optional. Tags of the resource." | ||
} | ||
}, | ||
"enableTelemetry": { | ||
"type": "bool", | ||
"defaultValue": true, | ||
"metadata": { | ||
"description": "Optional. Enable telemetry via a Globally Unique Identifier (GUID)." | ||
} | ||
} | ||
}, | ||
"variables": { | ||
"builtInRoleNames": { | ||
"Contributor": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c')]", | ||
"Owner": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635')]", | ||
"Reader": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'acdd72a7-3385-48ef-bd42-f606fba81ae7')]", | ||
"Role Based Access Control Administrator (Preview)": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'f58310d9-a9f6-439a-9e8d-f62e7b41a168')]", | ||
"User Access Administrator": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '18d7d88d-d35e-4fb5-a5c3-7773c20a72d9')]" | ||
} | ||
}, | ||
"resources": { | ||
"avmTelemetry": { | ||
"condition": "[parameters('enableTelemetry')]", | ||
"type": "Microsoft.Resources/deployments", | ||
"apiVersion": "2023-07-01", | ||
"name": "[format('46d3xbcp.res.network-applicationsecuritygroup.{0}.{1}', replace('-..--..-', '.', '-'), substring(uniqueString(deployment().name, parameters('location')), 0, 4))]", | ||
"properties": { | ||
"mode": "Incremental", | ||
"template": { | ||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", | ||
"contentVersion": "1.0.0.0", | ||
"resources": [], | ||
"outputs": { | ||
"telemetry": { | ||
"type": "String", | ||
"value": "For more information, see https://aka.ms/avm/TelemetryInfo" | ||
} | ||
} | ||
} | ||
} | ||
}, | ||
"applicationSecurityGroup": { | ||
"type": "Microsoft.Network/applicationSecurityGroups", | ||
"apiVersion": "2023-04-01", | ||
"name": "[parameters('name')]", | ||
"location": "[parameters('location')]", | ||
"tags": "[parameters('tags')]", | ||
"properties": {} | ||
}, | ||
"applicationSecurityGroup_lock": { | ||
"condition": "[and(not(empty(coalesce(parameters('lock'), createObject()))), not(equals(tryGet(parameters('lock'), 'kind'), 'None')))]", | ||
"type": "Microsoft.Authorization/locks", | ||
"apiVersion": "2020-05-01", | ||
"scope": "[format('Microsoft.Network/applicationSecurityGroups/{0}', parameters('name'))]", | ||
"name": "[coalesce(tryGet(parameters('lock'), 'name'), format('lock-{0}', parameters('name')))]", | ||
"properties": { | ||
"level": "[coalesce(tryGet(parameters('lock'), 'kind'), '')]", | ||
"notes": "[if(equals(tryGet(parameters('lock'), 'kind'), 'CanNotDelete'), 'Cannot delete resource or child resources.', 'Cannot delete or modify the resource or child resources.')]" | ||
}, | ||
"dependsOn": [ | ||
"applicationSecurityGroup" | ||
] | ||
}, | ||
"applicationSecurityGroup_roleAssignments": { | ||
"copy": { | ||
"name": "applicationSecurityGroup_roleAssignments", | ||
"count": "[length(coalesce(parameters('roleAssignments'), createArray()))]" | ||
}, | ||
"type": "Microsoft.Authorization/roleAssignments", | ||
"apiVersion": "2022-04-01", | ||
"scope": "[format('Microsoft.Network/applicationSecurityGroups/{0}', parameters('name'))]", | ||
"name": "[guid(resourceId('Microsoft.Network/applicationSecurityGroups', parameters('name')), coalesce(parameters('roleAssignments'), createArray())[copyIndex()].principalId, coalesce(parameters('roleAssignments'), createArray())[copyIndex()].roleDefinitionIdOrName)]", | ||
"properties": { | ||
"roleDefinitionId": "[if(contains(variables('builtInRoleNames'), coalesce(parameters('roleAssignments'), createArray())[copyIndex()].roleDefinitionIdOrName), variables('builtInRoleNames')[coalesce(parameters('roleAssignments'), createArray())[copyIndex()].roleDefinitionIdOrName], if(contains(coalesce(parameters('roleAssignments'), createArray())[copyIndex()].roleDefinitionIdOrName, '/providers/Microsoft.Authorization/roleDefinitions/'), coalesce(parameters('roleAssignments'), createArray())[copyIndex()].roleDefinitionIdOrName, subscriptionResourceId('Microsoft.Authorization/roleDefinitions', coalesce(parameters('roleAssignments'), createArray())[copyIndex()].roleDefinitionIdOrName)))]", | ||
"principalId": "[coalesce(parameters('roleAssignments'), createArray())[copyIndex()].principalId]", | ||
"description": "[tryGet(coalesce(parameters('roleAssignments'), createArray())[copyIndex()], 'description')]", | ||
"principalType": "[tryGet(coalesce(parameters('roleAssignments'), createArray())[copyIndex()], 'principalType')]", | ||
"condition": "[tryGet(coalesce(parameters('roleAssignments'), createArray())[copyIndex()], 'condition')]", | ||
"conditionVersion": "[if(not(empty(tryGet(coalesce(parameters('roleAssignments'), createArray())[copyIndex()], 'condition'))), coalesce(tryGet(coalesce(parameters('roleAssignments'), createArray())[copyIndex()], 'conditionVersion'), '2.0'), null())]", | ||
"delegatedManagedIdentityResourceId": "[tryGet(coalesce(parameters('roleAssignments'), createArray())[copyIndex()], 'delegatedManagedIdentityResourceId')]" | ||
}, | ||
"dependsOn": [ | ||
"applicationSecurityGroup" | ||
] | ||
} | ||
}, | ||
"outputs": { | ||
"resourceGroupName": { | ||
"type": "string", | ||
"metadata": { | ||
"description": "The resource group the application security group was deployed into." | ||
}, | ||
"value": "[resourceGroup().name]" | ||
}, | ||
"resourceId": { | ||
"type": "string", | ||
"metadata": { | ||
"description": "The resource ID of the application security group." | ||
}, | ||
"value": "[resourceId('Microsoft.Network/applicationSecurityGroups', parameters('name'))]" | ||
}, | ||
"name": { | ||
"type": "string", | ||
"metadata": { | ||
"description": "The name of the application security group." | ||
}, | ||
"value": "[parameters('name')]" | ||
}, | ||
"location": { | ||
"type": "string", | ||
"metadata": { | ||
"description": "The location the resource was deployed into." | ||
}, | ||
"value": "[reference('applicationSecurityGroup', '2023-04-01', 'full').location]" | ||
} | ||
} | ||
} |
46 changes: 46 additions & 0 deletions
46
avm/res/network/application-security-group/tests/e2e/defaults/main.test.bicep
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
targetScope = 'subscription' | ||
|
||
metadata name = 'Using only defaults' | ||
metadata description = 'This instance deploys the module with the minimum set of required parameters.' | ||
|
||
// ========== // | ||
// Parameters // | ||
// ========== // | ||
|
||
@description('Optional. The name of the resource group to deploy for testing purposes.') | ||
@maxLength(90) | ||
param resourceGroupName string = 'dep-${namePrefix}-network.applicationsecuritygroups-${serviceShort}-rg' | ||
|
||
@description('Optional. The location to deploy resources to.') | ||
param location string = deployment().location | ||
|
||
@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') | ||
param serviceShort string = 'nasgmin' | ||
|
||
@description('Optional. A token to inject into the name of each resource.') | ||
param namePrefix string = '#_namePrefix_#' | ||
|
||
// ============ // | ||
// Dependencies // | ||
// ============ // | ||
|
||
// General resources | ||
// ================= | ||
resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { | ||
name: resourceGroupName | ||
location: location | ||
} | ||
|
||
// ============== // | ||
// Test Execution // | ||
// ============== // | ||
|
||
@batchSize(1) | ||
module testDeployment '../../../main.bicep' = [for iteration in [ 'init', 'idem' ]: { | ||
scope: resourceGroup | ||
name: '${uniqueString(deployment().name, location)}-test-${serviceShort}-${iteration}' | ||
params: { | ||
name: '${namePrefix}${serviceShort}001' | ||
location: location | ||
} | ||
}] |
13 changes: 13 additions & 0 deletions
13
avm/res/network/application-security-group/tests/e2e/max/dependencies.bicep
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
@description('Optional. The location to deploy to.') | ||
param location string = resourceGroup().location | ||
|
||
@description('Required. The name of the Managed Identity to create.') | ||
param managedIdentityName string | ||
|
||
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { | ||
name: managedIdentityName | ||
location: location | ||
} | ||
|
||
@description('The principal ID of the created Managed Identity.') | ||
output managedIdentityPrincipalId string = managedIdentity.properties.principalId |
81 changes: 81 additions & 0 deletions
81
avm/res/network/application-security-group/tests/e2e/max/main.test.bicep
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
targetScope = 'subscription' | ||
|
||
metadata name = 'Using large parameter set' | ||
metadata description = 'This instance deploys the module with most of its features enabled.' | ||
|
||
// ========== // | ||
// Parameters // | ||
// ========== // | ||
|
||
@description('Optional. The name of the resource group to deploy for testing purposes.') | ||
@maxLength(90) | ||
param resourceGroupName string = 'dep-${namePrefix}-network.applicationsecuritygroups-${serviceShort}-rg' | ||
|
||
@description('Optional. The location to deploy resources to.') | ||
param location string = deployment().location | ||
|
||
@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') | ||
param serviceShort string = 'nasgmax' | ||
|
||
@description('Optional. A token to inject into the name of each resource.') | ||
param namePrefix string = '#_namePrefix_#' | ||
|
||
// ============ // | ||
// Dependencies // | ||
// ============ // | ||
|
||
// General resources | ||
// ================= | ||
resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { | ||
name: resourceGroupName | ||
location: location | ||
} | ||
|
||
module nestedDependencies 'dependencies.bicep' = { | ||
scope: resourceGroup | ||
name: '${uniqueString(deployment().name, location)}-nestedDependencies' | ||
params: { | ||
managedIdentityName: 'dep-${namePrefix}-msi-${serviceShort}' | ||
location: location | ||
} | ||
} | ||
|
||
// ============== // | ||
// Test Execution // | ||
// ============== // | ||
|
||
@batchSize(1) | ||
module testDeployment '../../../main.bicep' = [for iteration in [ 'init', 'idem' ]: { | ||
scope: resourceGroup | ||
name: '${uniqueString(deployment().name, location)}-test-${serviceShort}-${iteration}' | ||
params: { | ||
name: '${namePrefix}${serviceShort}001' | ||
location: location | ||
lock: { | ||
kind: 'CanNotDelete' | ||
name: 'myCustomLockName' | ||
} | ||
roleAssignments: [ | ||
{ | ||
roleDefinitionIdOrName: 'Owner' | ||
principalId: nestedDependencies.outputs.managedIdentityPrincipalId | ||
principalType: 'ServicePrincipal' | ||
} | ||
{ | ||
roleDefinitionIdOrName: 'b24988ac-6180-42a0-ab88-20f7382dd24c' | ||
principalId: nestedDependencies.outputs.managedIdentityPrincipalId | ||
principalType: 'ServicePrincipal' | ||
} | ||
{ | ||
roleDefinitionIdOrName: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'acdd72a7-3385-48ef-bd42-f606fba81ae7') | ||
principalId: nestedDependencies.outputs.managedIdentityPrincipalId | ||
principalType: 'ServicePrincipal' | ||
} | ||
] | ||
tags: { | ||
'hidden-title': 'This is visible in the resource name' | ||
Environment: 'Non-Prod' | ||
Role: 'DeploymentValidation' | ||
} | ||
} | ||
}] |
55 changes: 55 additions & 0 deletions
55
avm/res/network/application-security-group/tests/e2e/waf-aligned/main.test.bicep
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
targetScope = 'subscription' | ||
|
||
metadata name = 'WAF-aligned' | ||
metadata description = 'This instance deploys the module in alignment with the best-practices of the Azure Well-Architected Framework.' | ||
|
||
// ========== // | ||
// Parameters // | ||
// ========== // | ||
|
||
@description('Optional. The name of the resource group to deploy for testing purposes.') | ||
@maxLength(90) | ||
param resourceGroupName string = 'dep-${namePrefix}-network.applicationsecuritygroups-${serviceShort}-rg' | ||
|
||
@description('Optional. The location to deploy resources to.') | ||
param location string = deployment().location | ||
|
||
@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') | ||
param serviceShort string = 'nasgwaf' | ||
|
||
@description('Optional. A token to inject into the name of each resource.') | ||
param namePrefix string = '#_namePrefix_#' | ||
|
||
// ============ // | ||
// Dependencies // | ||
// ============ // | ||
|
||
// General resources | ||
// ================= | ||
resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { | ||
name: resourceGroupName | ||
location: location | ||
} | ||
|
||
// ============== // | ||
// Test Execution // | ||
// ============== // | ||
|
||
@batchSize(1) | ||
module testDeployment '../../../main.bicep' = [for iteration in [ 'init', 'idem' ]: { | ||
scope: resourceGroup | ||
name: '${uniqueString(deployment().name, location)}-test-${serviceShort}-${iteration}' | ||
params: { | ||
name: '${namePrefix}${serviceShort}001' | ||
location: location | ||
lock: { | ||
kind: 'CanNotDelete' | ||
name: 'myCustomLockName' | ||
} | ||
tags: { | ||
'hidden-title': 'This is visible in the resource name' | ||
Environment: 'Non-Prod' | ||
Role: 'DeploymentValidation' | ||
} | ||
} | ||
}] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
{ | ||
"$schema": "https://aka.ms/bicep-registry-module-version-file-schema#", | ||
"version": "0.1", | ||
"pathFilters": [ | ||
"./main.json" | ||
] | ||
} |