adjusted

avm/res/network/private-endpoint/README.md

@@ -67,6 +67,7 @@ module privateEndpoint 'br/public:avm/res/network/private-endpoint:<version>' =
             'vault'
           ]
           privateLinkServiceId: '<privateLinkServiceId>'
+          requestMessage: ''
         }
       }
     ]
@@ -131,7 +132,8 @@ module privateEndpoint 'br/public:avm/res/network/private-endpoint:<version>' =
             "groupIds": [
               "vault"
             ],
-            "privateLinkServiceId": "<privateLinkServiceId>"
+            "privateLinkServiceId": "<privateLinkServiceId>",
+            "requestMessage": ""
           }
         }
       ]
@@ -206,6 +208,7 @@ module privateEndpoint 'br/public:avm/res/network/private-endpoint:<version>' =
             'vault'
           ]
           privateLinkServiceId: '<privateLinkServiceId>'
+          requestMessage: ''
         }
       }
     ]
@@ -303,7 +306,8 @@ module privateEndpoint 'br/public:avm/res/network/private-endpoint:<version>' =
             "groupIds": [
               "vault"
             ],
-            "privateLinkServiceId": "<privateLinkServiceId>"
+            "privateLinkServiceId": "<privateLinkServiceId>",
+            "requestMessage": ""
           }
         }
       ]
@@ -381,16 +385,10 @@ module privateEndpoint 'br/public:avm/res/network/private-endpoint:<version>' =
             'vault'
           ]
           privateLinkServiceId: '<privateLinkServiceId>'
+          requestMessage: ''
         }
       }
     ]
-    roleAssignments: [
-      {
-        principalId: '<principalId>'
-        principalType: 'ServicePrincipal'
-        roleDefinitionIdOrName: 'Reader'
-      }
-    ]
     tags: {
       Environment: 'Non-Prod'
       'hidden-title': 'This is visible in the resource name'
@@ -471,20 +469,12 @@ module privateEndpoint 'br/public:avm/res/network/private-endpoint:<version>' =
             "groupIds": [
               "vault"
             ],
-            "privateLinkServiceId": "<privateLinkServiceId>"
+            "privateLinkServiceId": "<privateLinkServiceId>",
+            "requestMessage": ""
           }
         }
       ]
     },
-    "roleAssignments": {
-      "value": [
-        {
-          "principalId": "<principalId>",
-          "principalType": "ServicePrincipal",
-          "roleDefinitionIdOrName": "Reader"
-        }
-      ]
-    },
     "tags": {
       "value": {
         "Environment": "Non-Prod",
@@ -666,6 +656,54 @@ A grouping of information about the connection to the remote resource. Used when
 - Required: No
 - Type: array
 
+
+| Name | Required | Type | Description |
+| :-- | :-- | :--| :-- |
+| [`name`](#parameter-manualprivatelinkserviceconnectionsname) | Yes | string | Required. The name of the private link service connection. |
+| [`properties`](#parameter-manualprivatelinkserviceconnectionsproperties) | Yes | object | Required. Properties of private link service connection. |
+
+### Parameter: `manualPrivateLinkServiceConnections.name`
+
+Required. The name of the private link service connection.
+
+- Required: Yes
+- Type: string
+
+### Parameter: `manualPrivateLinkServiceConnections.properties`
+
+Required. Properties of private link service connection.
+
+- Required: Yes
+- Type: object
+
+| Name | Required | Type | Description |
+| :-- | :-- | :--| :-- |
+| [`groupIds`](#parameter-manualprivatelinkserviceconnectionspropertiesgroupids) | Yes | array | Required. The ID of a group obtained from the remote resource that this private endpoint should connect to. |
+| [`privateLinkServiceId`](#parameter-manualprivatelinkserviceconnectionspropertiesprivatelinkserviceid) | Yes | string | Required. The resource id of private link service. |
+| [`requestMessage`](#parameter-manualprivatelinkserviceconnectionspropertiesrequestmessage) | Yes | string | Optional. A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars. |
+
+### Parameter: `manualPrivateLinkServiceConnections.properties.groupIds`
+
+Required. The ID of a group obtained from the remote resource that this private endpoint should connect to.
+
+- Required: Yes
+- Type: array
+
+### Parameter: `manualPrivateLinkServiceConnections.properties.privateLinkServiceId`
+
+Required. The resource id of private link service.
+
+- Required: Yes
+- Type: string
+
+### Parameter: `manualPrivateLinkServiceConnections.properties.requestMessage`
+
+Optional. A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars.
+
+- Required: Yes
+- Type: string
+
+
 ### Parameter: `name`
 
 Name of the private endpoint resource to create.
@@ -690,6 +728,54 @@ A grouping of information about the connection to the remote resource.
 - Required: No
 - Type: array
 
+
+| Name | Required | Type | Description |
+| :-- | :-- | :--| :-- |
+| [`name`](#parameter-privatelinkserviceconnectionsname) | Yes | string | Required. The name of the private link service connection. |
+| [`properties`](#parameter-privatelinkserviceconnectionsproperties) | Yes | object | Required. Properties of private link service connection. |
+
+### Parameter: `privateLinkServiceConnections.name`
+
+Required. The name of the private link service connection.
+
+- Required: Yes
+- Type: string
+
+### Parameter: `privateLinkServiceConnections.properties`
+
+Required. Properties of private link service connection.
+
+- Required: Yes
+- Type: object
+
+| Name | Required | Type | Description |
+| :-- | :-- | :--| :-- |
+| [`groupIds`](#parameter-privatelinkserviceconnectionspropertiesgroupids) | Yes | array | Required. The ID of a group obtained from the remote resource that this private endpoint should connect to. |
+| [`privateLinkServiceId`](#parameter-privatelinkserviceconnectionspropertiesprivatelinkserviceid) | Yes | string | Required. The resource id of private link service. |
+| [`requestMessage`](#parameter-privatelinkserviceconnectionspropertiesrequestmessage) | Yes | string | Optional. A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars. |
+
+### Parameter: `privateLinkServiceConnections.properties.groupIds`
+
+Required. The ID of a group obtained from the remote resource that this private endpoint should connect to.
+
+- Required: Yes
+- Type: array
+
+### Parameter: `privateLinkServiceConnections.properties.privateLinkServiceId`
+
+Required. The resource id of private link service.
+
+- Required: Yes
+- Type: string
+
+### Parameter: `privateLinkServiceConnections.properties.requestMessage`
+
+Optional. A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars.
+
+- Required: Yes
+- Type: string
+
+
 ### Parameter: `roleAssignments`
 
 Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'.

avm/res/network/private-endpoint/main.bicep

@@ -200,12 +200,12 @@ type manualPrivateLinkServiceConnectionsType = {
   @description('Required. Properties of private link service connection.')
   properties: {
     @description('Required. The ID of a group obtained from the remote resource that this private endpoint should connect to.')
-    groupId: string
+    groupIds: array
 
     @description('Required. The resource id of private link service.')
     privateLinkServiceId: string
 
-    @description('Required. A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars.')
+    @description('Optional. A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars.')
     requestMessage: string
   }
 }[]?
@@ -217,12 +217,12 @@ type privateLinkServiceConnectionsType = {
   @description('Required. Properties of private link service connection.')
   properties: {
     @description('Required. The ID of a group obtained from the remote resource that this private endpoint should connect to.')
-    groupId: string
+    groupIds: array
 
     @description('Required. The resource id of private link service.')
     privateLinkServiceId: string
 
-    @description('Required. A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars.')
+    @description('Optional. A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars.')
     requestMessage: string
   }
 }[]?

avm/res/network/private-endpoint/main.json

@@ -6,7 +6,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.23.1.45101",
-      "templateHash": "13806990273495192495"
+      "templateHash": "10636662892891609347"
     },
     "name": "Private Endpoints",
     "description": "This module deploys a Private Endpoint.",
@@ -145,6 +145,88 @@
       },
       "nullable": true
     },
+    "manualPrivateLinkServiceConnectionsType": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "properties": {
+          "name": {
+            "type": "string",
+            "metadata": {
+              "description": "Required. The name of the private link service connection."
+            }
+          },
+          "properties": {
+            "type": "object",
+            "properties": {
+              "groupIds": {
+                "type": "array",
+                "metadata": {
+                  "description": "Required. The ID of a group obtained from the remote resource that this private endpoint should connect to."
+                }
+              },
+              "privateLinkServiceId": {
+                "type": "string",
+                "metadata": {
+                  "description": "Required. The resource id of private link service."
+                }
+              },
+              "requestMessage": {
+                "type": "string",
+                "metadata": {
+                  "description": "Optional. A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars."
+                }
+              }
+            },
+            "metadata": {
+              "description": "Required. Properties of private link service connection."
+            }
+          }
+        }
+      },
+      "nullable": true
+    },
+    "privateLinkServiceConnectionsType": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "properties": {
+          "name": {
+            "type": "string",
+            "metadata": {
+              "description": "Required. The name of the private link service connection."
+            }
+          },
+          "properties": {
+            "type": "object",
+            "properties": {
+              "groupIds": {
+                "type": "array",
+                "metadata": {
+                  "description": "Required. The ID of a group obtained from the remote resource that this private endpoint should connect to."
+                }
+              },
+              "privateLinkServiceId": {
+                "type": "string",
+                "metadata": {
+                  "description": "Required. The resource id of private link service."
+                }
+              },
+              "requestMessage": {
+                "type": "string",
+                "metadata": {
+                  "description": "Optional. A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars."
+                }
+              }
+            },
+            "metadata": {
+              "description": "Required. Properties of private link service connection."
+            }
+          }
+        }
+      },
+      "nullable": true
+    },
     "customDnsConfigType": {
       "type": "array",
       "items": {
@@ -250,15 +332,13 @@
       }
     },
     "manualPrivateLinkServiceConnections": {
-      "type": "array",
-      "nullable": true,
+      "$ref": "#/definitions/manualPrivateLinkServiceConnectionsType",
       "metadata": {
         "description": "Required. A grouping of information about the connection to the remote resource. Used when the network admin does not have access to approve connections to the remote resource."
       }
     },
     "privateLinkServiceConnections": {
-      "type": "array",
-      "nullable": true,
+      "$ref": "#/definitions/privateLinkServiceConnectionsType",
       "metadata": {
         "description": "Required. A grouping of information about the connection to the remote resource."
       }

avm/res/network/private-endpoint/tests/e2e/defaults/main.test.bicep

@@ -74,6 +74,7 @@ module testDeployment '../../../main.bicep' = [for iteration in [ 'init', 'idem'
           groupIds: [
             'vault'
           ]
+          requestMessage: ''
         }
       }
     ]

avm/res/network/private-endpoint/tests/e2e/max/main.test.bicep

@@ -107,6 +107,7 @@ module testDeployment '../../../main.bicep' = [for iteration in [ 'init', 'idem'
           groupIds: [
             'vault'
           ]
+          requestMessage: ''
         }
       }
     ]

avm/res/network/private-endpoint/tests/e2e/waf-aligned/main.test.bicep

@@ -93,6 +93,7 @@ module testDeployment '../../../main.bicep' = [for iteration in [ 'init', 'idem'
           groupIds: [
             'vault'
           ]
+          requestMessage: ''
         }
       }
     ]