From ae495cd7c3263f1ad53fd65e3969fe9907a7737c Mon Sep 17 00:00:00 2001 From: Mingzhe Jiang Date: Mon, 9 Feb 2026 21:21:58 -0800 Subject: [PATCH 1/3] Regenerate files to align the baseline --- .../remarks/microsoft.aadiam/remarks.json | 7 + .../samples/diagnosticsettings/main.bicep | 40 +++ .../remarks/microsoft.advisor/remarks.json | 7 + .../recommendations/suppressions/main.bicep | 11 + .../samples/actionrules/main.bicep | 7 +- .../samples/prometheusrulegroups/main.bicep | 28 +- .../smartdetectoralertrules/main.bicep | 62 ++-- .../samples/servers/main.bicep | 12 +- .../service/apis/diagnostics/main.bicep | 30 +- .../samples/service/apis/main.bicep | 34 +- .../service/apis/operations/main.bicep | 30 +- .../samples/service/apis/policies/main.bicep | 32 +- .../samples/service/apis/schemas/main.bicep | 24 +- .../service/apis/tagdescriptions/main.bicep | 26 +- .../samples/service/apis/tags/main.bicep | 26 +- .../samples/service/apiversionsets/main.bicep | 12 +- .../service/authorizationservers/main.bicep | 28 +- .../samples/service/backends/main.bicep | 18 +- .../samples/service/caches/main.bicep | 17 +- .../samples/service/certificates/main.bicep | 18 +- .../samples/service/diagnostics/main.bicep | 59 ++-- .../certificateauthorities/main.bicep | 36 +- .../hostnameconfigurations/main.bicep | 38 +-- .../samples/service/gateways/main.bicep | 36 +- .../samples/service/groups/main.bicep | 22 +- .../service/identityproviders/main.bicep | 38 +-- .../samples/service/loggers/main.bicep | 52 +-- .../samples/service/main.bicep | 32 +- .../samples/service/namedvalues/main.bicep | 20 +- .../service/openidconnectproviders/main.bicep | 20 +- .../service/policyfragments/main.bicep | 42 +-- .../samples/service/portalsettings/main.bicep | 34 +- .../samples/service/products/main.bicep | 24 +- .../service/products/policies/main.bicep | 18 +- .../samples/service/products/tags/main.bicep | 42 +-- .../samples/service/schemas/main.bicep | 14 +- .../samples/service/subscriptions/main.bicep | 59 ++-- .../samples/service/tags/main.bicep | 14 +- .../samples/service/users/main.bicep | 32 +- .../samples/containerapps/main.bicep | 42 ++- .../microsoft.app/samples/jobs/main.bicep | 2 - .../certificates/main.bicep | 17 +- .../daprcomponents/main.bicep | 31 +- .../dotnetcomponents/main.bicep | 3 +- .../samples/managedenvironments/main.bicep | 3 +- .../managedenvironments/storages/main.bicep | 53 ++- .../samples/configurationstores/main.bicep | 8 +- .../spring/apiportals/domains/main.bicep | 20 +- .../samples/spring/apiportals/main.bicep | 18 +- .../customizedaccelerators/main.bicep | 10 +- .../spring/applicationaccelerators/main.bicep | 8 +- .../spring/applicationliveviews/main.bicep | 8 +- .../samples/spring/apps/bindings/main.bicep | 38 +-- .../spring/apps/deployments/main.bicep | 22 +- .../samples/spring/apps/main.bicep | 10 +- .../builders/buildpackbindings/main.bicep | 10 +- .../spring/buildservices/builders/main.bicep | 34 +- .../samples/spring/configservers/main.bicep | 8 +- .../spring/configurationservices/main.bicep | 10 +- .../samples/spring/devtoolportals/main.bicep | 14 +- .../spring/gateways/domains/main.bicep | 18 +- .../samples/spring/gateways/main.bicep | 16 +- .../spring/gateways/routeconfigs/main.bicep | 20 +- .../samples/spring/main.bicep | 6 +- .../spring/monitoringsettings/main.bicep | 8 +- .../samples/spring/storages/main.bicep | 24 +- .../samples/locks/main.bicep | 26 +- .../samples/policyassignments/main.bicep | 27 +- .../samples/policydefinitions/main.bicep | 5 +- .../samples/policyexemptions/main.bicep | 33 +- .../samples/policysetdefinitions/main.bicep | 11 +- .../samples/roledefinitions/main.bicep | 5 +- .../certificates/main.bicep | 2 +- .../configurations/main.bicep | 12 +- .../automationaccounts/connections/main.bicep | 6 +- .../connectiontypes/main.bicep | 8 +- .../automationaccounts/credentials/main.bicep | 4 +- .../hybridrunbookworkers/main.bicep | 135 ++++---- .../hybridrunbookworkergroups/main.bicep | 11 +- .../automationaccounts/modules/main.bicep | 8 +- .../powershell72modules/main.bicep | 2 +- .../python3packages/main.bicep | 2 +- .../runbooks/draft/main.bicep | 10 +- .../automationaccounts/runbooks/main.bicep | 8 +- .../automationaccounts/schedules/main.bicep | 8 +- .../softwareupdateconfigurations/main.bicep | 24 +- .../sourcecontrols/main.bicep | 6 +- .../automationaccounts/variables/main.bicep | 4 +- .../privateclouds/authorizations/main.bicep | 8 +- .../samples/privateclouds/main.bicep | 6 +- .../samples/b2cdirectories/main.bicep | 11 +- .../batchaccounts/applications/main.bicep | 31 +- .../batchaccounts/certificates/main.bicep | 10 +- .../samples/batchaccounts/pools/main.bicep | 6 +- .../remarks/microsoft.billing/remarks.json | 7 + .../billingprofiles/main.bicep | 39 +++ .../samples/botservices/channels/main.bicep | 22 +- .../samples/botservices/main.bicep | 19 +- settings/remarks/microsoft.cache/remarks.json | 10 + .../samples/redis/accesspolicies/main.bicep | 8 +- .../redis/accesspolicyassignments/main.bicep | 4 +- .../samples/redis/firewallrules/main.bicep | 14 +- .../redis/linkedservers/main-rg-module.bicep | 58 ++++ .../samples/redis/linkedservers/main.bicep | 23 ++ .../microsoft.cache/samples/redis/main.bicep | 4 +- .../redisenterprise/databases/main.bicep | 10 +- .../samples/redisenterprise/main.bicep | 6 +- .../samples/profiles/afdendpoints/main.bicep | 9 +- .../profiles/afdendpoints/routes/main.bicep | 25 +- .../samples/profiles/customdomains/main.bicep | 27 +- .../samples/profiles/endpoints/main.bicep | 6 +- .../microsoft.cdn/samples/profiles/main.bicep | 7 +- .../samples/profiles/origingroups/main.bicep | 11 +- .../profiles/origingroups/origins/main.bicep | 21 +- .../samples/profiles/rulesets/main.bicep | 9 +- .../profiles/rulesets/rules/main.bicep | 72 ++-- .../profiles/securitypolicies/main.bicep | 27 +- .../samples/certificateorders/main.bicep | 3 +- .../samples/accounts/deployments/main.bicep | 16 +- .../samples/accounts/main.bicep | 14 +- .../samples/accounts/projects/main.bicep | 14 +- .../samples/accounts/raiblocklists/main.bicep | 12 +- .../samples/accounts/raipolicies/main.bicep | 10 +- .../samples/communicationservices/main.bicep | 1 + .../samples/emailservices/domains/main.bicep | 3 +- .../domains/senderusernames/main.bicep | 5 +- .../samples/emailservices/main.bicep | 1 + .../samples/availabilitysets/main.bicep | 6 +- .../capacityreservations/main.bicep | 2 +- .../samples/diskaccesses/main.bicep | 4 +- .../samples/diskencryptionsets/main.bicep | 35 +- .../samples/disks/main.bicep | 14 +- .../samples/galleries/applications/main.bicep | 2 +- .../applications/versions/main.bicep | 85 +++-- .../samples/galleries/images/main.bicep | 8 +- .../samples/hostgroups/hosts/main.bicep | 10 +- .../restorepointcollections/main.bicep | 132 ++++---- .../restorepoints/main.bicep | 72 ++-- .../samples/snapshots/main.bicep | 38 +-- .../virtualmachines/attachdatadisk/main.bicep | 22 +- .../virtualmachines/attachosdisk/main.bicep | 162 +++++---- .../samples/virtualmachines/basic/main.bicep | 60 ++-- .../virtualmachines/extensions/main.bicep | 18 +- .../virtualmachines/runcommands/main.bicep | 114 +++---- .../extensions/main.bicep | 78 +++-- .../virtualmachinescalesets/main.bicep | 100 +++--- .../samples/ledgers/main.bicep | 12 +- .../samples/budgets/main.bicep | 26 +- .../samples/containergroups/main.bicep | 3 +- .../samples/registries/agentpools/main.bicep | 14 +- .../samples/registries/cacherules/main.bicep | 16 +- .../registries/connectedregistries/main.bicep | 29 +- .../registries/credentialsets/main.bicep | 80 ++--- .../samples/registries/main.bicep | 24 +- .../samples/registries/scopemaps/main.bicep | 26 +- .../samples/registries/taskruns/main.bicep | 18 +- .../samples/registries/tasks/main.bicep | 16 +- .../samples/registries/tokens/main.bicep | 22 +- .../samples/registries/webhooks/main.bicep | 34 +- .../samples/fleets/members/main.bicep | 74 ++-- .../managedclusters/agentpools/main.bicep | 4 +- .../samples/managedclusters/main.bicep | 2 +- .../trustedaccessrolebindings/main.bicep | 216 ++++++------ .../samples/scheduledactions/main.bicep | 26 +- .../samples/views/main.bicep | 25 +- .../samples/grafana/main.bicep | 6 +- .../managedprivateendpoints/main.bicep | 16 +- .../samples/workspaces/main.bicep | 8 +- .../virtualnetworkpeerings/main.bicep | 26 +- .../samples/factories/credentials/main.bicep | 5 +- .../samples/factories/dataflows/main.bicep | 34 +- .../samples/factories/datasets/main.bicep | 31 +- .../factories/integrationruntimes/main.bicep | 2 +- .../factories/linkedservices/main.bicep | 50 +-- .../managedvirtualnetworks/main.bicep | 4 +- .../managedprivateendpoints/main.bicep | 22 +- .../samples/factories/pipelines/main.bicep | 2 +- .../samples/factories/triggers/main.bicep | 16 +- .../samples/services/main.bicep | 10 +- .../samples/services/projects/main.bicep | 18 +- .../backupvaults/backupinstances/main.bicep | 89 +++-- .../backupvaults/backuppolicies/main.bicep | 24 +- .../samples/accounts/shares/main.bicep | 2 +- .../samples/servers/configurations/main.bicep | 24 +- .../samples/servers/databases/main.bicep | 24 +- .../samples/servers/firewallrules/main.bicep | 28 +- .../samples/servers/main.bicep | 24 +- .../servers/virtualnetworkrules/main.bicep | 42 +-- .../flexibleservers/administrators/main.bicep | 20 +- .../flexibleservers/configurations/main.bicep | 20 +- .../flexibleservers/databases/main.bicep | 24 +- .../flexibleservers/firewallrules/main.bicep | 22 +- .../samples/flexibleservers/main.bicep | 20 +- .../samples/servers/administrators/main.bicep | 26 +- .../samples/servers/configurations/main.bicep | 26 +- .../samples/servers/databases/main.bicep | 22 +- .../samples/servers/firewallrules/main.bicep | 30 +- .../samples/servers/main.bicep | 20 +- .../servers/virtualnetworkrules/main.bicep | 62 ++-- .../flexibleservers/administrators/main.bicep | 20 +- .../flexibleservers/configurations/main.bicep | 40 +-- .../flexibleservers/databases/main.bicep | 20 +- .../flexibleservers/firewallrules/main.bicep | 26 +- .../samples/flexibleservers/main.bicep | 16 +- .../virtualendpoints/main.bicep | 34 +- .../samples/servergroupsv2/main.bicep | 6 +- .../samples/servers/administrators/main.bicep | 30 +- .../samples/servers/configurations/main.bicep | 24 +- .../samples/servers/databases/main.bicep | 30 +- .../samples/servers/firewallrules/main.bicep | 28 +- .../samples/servers/main.bicep | 24 +- .../servers/virtualnetworkrules/main.bicep | 68 ++-- .../applicationgroups/applications/main.bicep | 27 +- .../samples/applicationgroups/main.bicep | 7 +- .../devcenters/attachednetworks/main.bicep | 38 +-- .../samples/devcenters/catalogs/main.bicep | 2 +- .../devcenters/devboxdefinitions/main.bicep | 4 +- .../devcenters/environmenttypes/main.bicep | 2 +- .../samples/devcenters/main.bicep | 8 +- .../samples/networkconnections/main.bicep | 3 +- .../projects/environmenttypes/main.bicep | 8 +- .../samples/projects/main.bicep | 2 +- .../samples/iothubs/certificates/main.bicep | 18 +- .../samples/iothubs/main.bicep | 10 +- .../certificates/main.bicep | 10 +- .../samples/provisioningservices/main.bicep | 8 +- .../samples/accounts/instances/main.bicep | 56 +-- .../labs/policysets/policies/main.bicep | 9 +- .../samples/labs/schedules/main.bicep | 4 +- .../samples/labs/virtualmachines/main.bicep | 24 +- .../samples/labs/virtualnetworks/main.bicep | 11 +- .../samples/schedules/main.bicep | 65 ++-- .../endpoints/main.bicep | 34 +- .../cassandrakeyspaces/main.bicep | 30 +- .../cassandrakeyspaces/tables/main.bicep | 46 +-- .../gremlindatabases/graphs/main.bicep | 24 +- .../gremlindatabases/main.bicep | 30 +- .../samples/databaseaccounts/main.bicep | 30 +- .../mongodbdatabases/main.bicep | 28 +- .../mongodbroledefinitions/main.bicep | 72 ++-- .../mongodbuserdefinitions/main.bicep | 52 +-- .../databaseaccounts/services/main.bicep | 24 +- .../sqldatabases/containers/main.bicep | 34 +- .../containers/storedprocedures/main.bicep | 40 +-- .../containers/triggers/main.bicep | 34 +- .../userdefinedfunctions/main.bicep | 42 +-- .../databaseaccounts/sqldatabases/main.bicep | 28 +- .../sqlroleassignments/main.bicep | 86 ++--- .../sqlroledefinitions/main.bicep | 24 +- .../databaseaccounts/tables/main.bicep | 32 +- .../mongoclusters/firewallrules/main.bicep | 20 +- .../samples/mongoclusters/users/main.bicep | 6 +- .../samples/elasticsans/main.bicep | 4 +- .../elasticsans/volumegroups/main.bicep | 2 +- .../volumegroups/volumes/main.bicep | 8 +- .../samples/domains/main.bicep | 4 +- .../samples/domains/topics/main.bicep | 2 +- .../samples/eventsubscriptions/main.bicep | 85 +++-- .../samples/namespaces/main.bicep | 6 +- .../eventsubscriptions/main.bicep | 97 +++--- .../samples/systemtopics/main.bicep | 1 + .../samples/topics/main.bicep | 4 +- .../namespaces/authorizationrules/main.bicep | 12 +- .../disasterrecoveryconfigs/main.bicep | 27 +- .../eventhubs/authorizationrules/main.bicep | 18 +- .../eventhubs/consumergroups/main.bicep | 16 +- .../samples/namespaces/eventhubs/main.bicep | 14 +- .../samples/namespaces/main.bicep | 12 +- .../namespaces/schemagroups/main.bicep | 12 +- .../guestconfigurationassignments/main.bicep | 74 ++-- .../samples/clusters/main.bicep | 88 +++-- .../samples/services/main.bicep | 8 +- .../workspaces/dicomservices/main.bicep | 2 +- .../workspaces/fhirservices/main.bicep | 8 +- .../iotconnectors/fhirdestinations/main.bicep | 45 ++- .../workspaces/iotconnectors/main.bicep | 29 +- .../remarks/microsoft.impact/remarks.json | 5 + .../samples/connectors/main.bicep | 1 + .../samples/workloadimpacts/main.bicep | 158 +++++++++ .../remarks/microsoft.insights/remarks.json | 15 + .../samples/actiongroups/main.bicep | 15 +- .../samples/activitylogalerts/main.bicep | 37 +- .../samples/autoscalesettings/main.bicep | 78 ++--- .../components/analyticsitems/main.bicep | 16 +- .../samples/components/main.bicep | 6 +- .../proactivedetectionconfigs/main.bicep | 23 ++ .../datacollectionruleassociations/main.bicep | 144 ++++---- .../samples/datacollectionrules/main.bicep | 6 +- .../samples/diagnosticsettings/main.bicep | 76 ++--- .../samples/logprofiles/main-rg-module.bicep | 38 +++ .../samples/logprofiles/main.bicep | 35 ++ .../samples/metricalerts/main.bicep | 42 ++- .../samples/privatelinkscopes/main.bicep | 2 + .../scopedresources/main.bicep | 9 +- .../samples/scheduledqueryrules/main.bicep | 12 +- .../samples/webtests/main.bicep | 24 +- .../samples/workbooks/main.bicep | 3 +- .../samples/workbooktemplates/main.bicep | 2 +- .../samples/iotapps/main.bicep | 8 +- .../samples/managedhsms/main.bicep | 15 +- .../samples/vaults/accesspolicies/main.bicep | 8 +- .../samples/vaults/keys/main.bicep | 28 +- .../samples/vaults/main.bicep | 28 +- .../samples/vaults/secrets/main.bicep | 8 +- .../samples/extensions/main.bicep | 20 +- .../samples/fluxconfigurations/main.bicep | 52 +-- .../samples/clusters/databases/main.bicep | 18 +- .../databases/principalassignments/main.bicep | 26 +- .../clusters/databases/scripts/main.bicep | 22 +- .../samples/clusters/main.bicep | 16 +- .../managedprivateendpoints/main.bicep | 56 +-- .../clusters/principalassignments/main.bicep | 26 +- .../samples/labplans/main.bicep | 2 +- .../samples/labs/main.bicep | 38 +-- .../samples/labs/schedules/main.bicep | 26 +- .../samples/labs/users/main.bicep | 32 +- .../integrationaccounts/agreements/main.bicep | 76 ++--- .../integrationaccounts/assemblies/main.bicep | 30 +- .../batchconfigurations/main.bicep | 4 +- .../samples/integrationaccounts/main.bicep | 2 +- .../integrationaccounts/maps/main.bicep | 4 +- .../integrationaccounts/partners/main.bicep | 6 +- .../integrationaccounts/schemas/main.bicep | 4 +- .../integrationaccounts/sessions/main.bicep | 9 +- .../samples/workflows/main.bicep | 4 +- .../remarks.json | 5 + .../samples/workspaces/computes/main.bicep | 58 ++-- .../samples/workspaces/datastores/main.bicep | 122 ++++--- .../samples/workspaces/main.bicep | 72 ++-- .../workspaces/outboundrules/main.bicep | 119 +++++++ .../configurationassignments/main.bicep | 134 ++++---- .../federatedidentitycredentials/main.bicep | 6 +- .../samples/accounts/creators/main.bicep | 2 +- .../samples/accounts/main.bicep | 1 + .../mediaservices/accountfilters/main.bicep | 51 ++- .../assets/assetfilters/main.bicep | 29 +- .../samples/mediaservices/assets/main.bicep | 17 +- .../contentkeypolicies/main.bicep | 75 ++-- .../mediaservices/liveevents/main.bicep | 27 +- .../samples/mediaservices/main.bicep | 47 ++- .../streamingendpoints/main.bicep | 19 +- .../streaminglocators/main.bicep | 29 +- .../streamingpolicies/main.bicep | 49 ++- .../mediaservices/transforms/main.bicep | 39 ++- .../samples/migrateprojects/main.bicep | 19 +- .../migrateprojects/solutions/main.bicep | 35 +- .../samples/spatialanchorsaccounts/main.bicep | 2 +- .../mobilenetworks/datanetworks/main.bicep | 4 +- .../mobilenetworks/services/main.bicep | 2 +- .../mobilenetworks/simpolicies/main.bicep | 44 ++- .../samples/mobilenetworks/sites/main.bicep | 2 +- .../samples/mobilenetworks/slices/main.bicep | 2 +- .../packetcorecontrolplanes/main.bicep | 46 ++- .../packetcoredataplanes/main.bicep | 48 ++- .../privateendpointconnections/main.bicep | 50 +-- .../netappaccounts/backuppolicies/main.bicep | 2 +- .../netappaccounts/backupvaults/main.bicep | 2 +- .../netappaccounts/capacitypools/main.bicep | 2 +- .../capacitypools/volumes/main.bicep | 57 ++-- .../volumes/snapshots/main.bicep | 41 ++- .../volumes/volumequotarules/main.bicep | 42 +-- .../snapshotpolicies/main.bicep | 16 +- .../remarks/microsoft.network/remarks.json | 10 + .../samples/applicationgateways/main.bicep | 205 +++++------ .../main.bicep | 2 +- .../samples/azurefirewalls/main.bicep | 62 ++-- .../samples/bastionhosts/main.bicep | 80 +++-- .../forwardingrules/main.bicep | 44 ++- .../samples/dnsforwardingrulesets/main.bicep | 18 +- .../virtualnetworklinks/main.bicep | 68 ++-- .../dnsresolvers/inboundendpoints/main.bicep | 50 ++- .../samples/dnsresolvers/main.bicep | 18 +- .../dnsresolvers/outboundendpoints/main.bicep | 14 +- .../samples/dnszones/a/main.bicep | 7 +- .../samples/dnszones/aaaa/main.bicep | 5 +- .../samples/dnszones/caa/main.bicep | 9 +- .../samples/dnszones/cname/main.bicep | 7 +- .../samples/dnszones/main.bicep | 1 + .../samples/dnszones/mx/main.bicep | 5 +- .../samples/dnszones/ns/main.bicep | 3 +- .../samples/dnszones/ptr/main.bicep | 9 +- .../samples/dnszones/srv/main.bicep | 5 +- .../samples/dnszones/txt/main.bicep | 5 +- .../authorizations/main.bicep | 14 +- .../samples/expressroutecircuits/main.bicep | 14 +- .../peerings/connections/main.bicep | 90 ++--- .../expressroutecircuits/peerings/main.bicep | 26 +- .../expressrouteconnections/main.bicep | 40 +-- .../samples/expressroutegateways/main.bicep | 16 +- .../authorizations/main.bicep | 4 +- .../samples/expressrouteports/main.bicep | 6 +- .../rulecollectiongroups/main.bicep | 2 +- .../main.bicep | 27 +- .../backendaddresspools/main.bicep | 32 +- .../samples/loadbalancers/main.bicep | 22 +- .../samples/localnetworkgateways/main.bicep | 2 +- .../samples/natgateways/main.bicep | 6 +- .../samples/networkinterfaces/main.bicep | 46 ++- .../main-rg-module.bicep | 22 ++ .../networkmanagerconnections/main.bicep | 25 ++ .../connectivityconfigurations/main.bicep | 41 ++- .../networkmanagers/ipampools/main.bicep | 6 +- .../ipampools/staticcidr/main.bicep | 14 +- .../networkmanagers/networkgroups/main.bicep | 8 +- .../networkgroups/staticmembers/main.bicep | 60 ++-- .../scopeconnections/main.bicep | 4 +- .../securityadminconfigurations/main.bicep | 10 +- .../rulecollections/main.bicep | 6 +- .../rulecollections/rules/main.bicep | 12 +- .../verifierworkspace/main.bicep | 12 +- .../reachabilityanalysisintent/main.bicep | 186 +++++----- .../reachabilityanalysisrun/main.bicep | 72 ++-- .../samples/networkprofiles/main.bicep | 18 +- .../securityrules/main.bicep | 9 +- .../networkwatchers/flowlogs/main.bicep | 32 +- .../networkwatchers/packetcaptures/main.bicep | 118 ++++--- .../samples/p2svpngateways/main.bicep | 56 ++- .../samples/privatednszones/a/main.bicep | 3 +- .../samples/privatednszones/aaaa/main.bicep | 5 +- .../samples/privatednszones/cname/main.bicep | 7 +- .../samples/privatednszones/main.bicep | 1 + .../samples/privatednszones/mx/main.bicep | 5 +- .../samples/privatednszones/ptr/main.bicep | 5 +- .../samples/privatednszones/srv/main.bicep | 5 +- .../samples/privatednszones/txt/main.bicep | 7 +- .../virtualnetworklinks/main.bicep | 24 +- .../samples/privateendpoints/main.bicep | 101 +++--- .../samples/privatelinkservices/main.bicep | 38 +-- .../samples/publicipaddresses/main.bicep | 12 +- .../samples/publicipprefixes/main.bicep | 9 +- .../samples/routetables/routes/main.bicep | 6 +- .../azureendpoints/main.bicep | 58 ++-- .../externalendpoints/main.bicep | 7 +- .../samples/trafficmanagerprofiles/main.bicep | 7 +- .../nestedendpoints/main.bicep | 19 +- .../hubvirtualnetworkconnections/main.bicep | 28 +- .../virtualhubs/ipconfigurations/main.bicep | 20 +- .../samples/virtualhubs/main.bicep | 6 +- .../samples/virtualnetworkgateways/main.bicep | 16 +- .../natrules/main.bicep | 38 +-- .../virtualnetworks/subnets/main.bicep | 2 +- .../subnets/withipampool/main.bicep | 16 +- .../virtualnetworkpeerings/main.bicep | 18 +- .../virtualnetworks/withipampool/main.bicep | 10 +- .../samples/vpngateways/main.bicep | 8 +- .../samples/vpngateways/natrules/main.bicep | 52 ++- .../vpngateways/vpnconnections/main.bicep | 104 +++--- .../configurationpolicygroups/main.bicep | 20 +- .../vpnserverconfigurations/main.bicep | 22 +- .../samples/vpnsites/main.bicep | 8 +- .../samples/namespaces/main.bicep | 6 +- .../authorizationrules/main.bicep | 12 +- .../namespaces/notificationhubs/main.bicep | 8 +- .../samples/querypacks/queries/main.bicep | 2 +- .../samples/workspaces/dataexports/main.bicep | 30 +- .../samples/workspaces/datasources/main.bicep | 10 +- .../workspaces/linkedservices/main.bicep | 2 +- .../linkedstorageaccounts/main.bicep | 84 ++--- .../workspaces/savedsearches/main.bicep | 12 +- .../storageinsightconfigs/main.bicep | 30 +- .../workspaces/tables/auditlog/main.bicep | 21 +- .../workspaces/tables/basic/main.bicep | 53 ++- .../tables/datacollectionlogs/main.bicep | 21 +- .../samples/solutions/main.bicep | 10 +- .../samples/spacecrafts/main.bicep | 2 +- .../samples/remediations/main.bicep | 5 +- .../samples/capacities/main.bicep | 6 +- .../microsoft.recoveryservices/remarks.json | 5 + .../samples/vaults/backupconfig/main.bicep | 8 +- .../protecteditems/main.bicep | 288 ++++++++++++++++ .../samples/vaults/backuppolicies/main.bicep | 8 +- .../backupresourceguardproxies/main.bicep | 9 +- .../vaults/backupstorageconfig/main.bicep | 8 +- .../samples/vaults/main.bicep | 6 +- .../vaults/replicationfabrics/main.bicep | 10 +- .../replicationnetworkmappings/main.bicep | 58 ++-- .../main.bicep | 12 +- .../main.bicep | 19 +- .../vaults/replicationpolicies/main.bicep | 12 +- .../namespaces/authorizationrules/main.bicep | 4 +- .../authorizationrules/main.bicep | 6 +- .../namespaces/hybridconnections/main.bicep | 4 +- .../samples/namespaces/main.bicep | 2 +- .../remarks/microsoft.resources/remarks.json | 9 +- .../samples/deployments/main.bicep | 58 ++++ .../samples/deploymentscripts/main.bicep | 4 +- .../samples/searchservices/main.bicep | 10 +- .../sharedprivatelinkresources/main.bicep | 36 +- .../remarks/microsoft.security/remarks.json | 20 ++ .../main.bicep | 18 +- .../samples/assessmentmetadata/main.bicep | 3 + .../samples/assessments/main-rg-module.bicep | 143 ++++++++ .../samples/assessments/main.bicep | 41 +++ .../samples/automations/main.bicep | 43 ++- .../defenderforstoragesettings/main.bicep | 22 +- .../samples/iotsecuritysolutions/main.bicep | 36 +- .../samples/securitycontacts/main.bicep | 5 +- .../workspacesettings/main-rg-module.bicep | 25 ++ .../samples/workspacesettings/main.bicep | 26 ++ .../samples/alertrules/main.bicep | 70 ++-- .../samples/automationrules/main.bicep | 64 ++-- .../samples/dataconnectors/main.bicep | 64 ++-- .../samples/metadata/main.bicep | 76 ++--- .../samples/onboardingstates/main.bicep | 18 +- .../samples/watchlists/main.bicep | 44 +-- .../watchlists/watchlistitems/main.bicep | 54 +-- .../remarks/microsoft.servicebus/remarks.json | 10 + .../namespaces/authorizationrules/main.bicep | 12 +- .../main-rg-module.bicep | 43 +++ .../disasterrecoveryconfigs/main.bicep | 25 ++ .../samples/namespaces/main.bicep | 10 +- .../queues/authorizationrules/main.bicep | 22 +- .../samples/namespaces/queues/main.bicep | 24 +- .../topics/authorizationrules/main.bicep | 22 +- .../samples/namespaces/topics/main.bicep | 12 +- .../topics/subscriptions/main.bicep | 24 +- .../topics/subscriptions/rules/main.bicep | 28 +- .../samples/clusters/main.bicep | 10 +- .../samples/managedclusters/main.bicep | 44 +-- .../managedclusters/nodetypes/main.bicep | 74 ++-- .../samples/linkers/main.bicep | 127 ++++--- .../associations/main.bicep | 28 +- .../trafficcontrollers/frontends/main.bicep | 2 +- .../samples/signalr/main.bicep | 48 +-- .../sharedprivatelinkresources/main.bicep | 44 +-- .../samples/webpubsub/hubs/main.bicep | 10 +- .../samples/webpubsub/main.bicep | 10 +- .../sharedprivatelinkresources/main.bicep | 32 +- .../samples/applications/main.bicep | 105 ++---- settings/remarks/microsoft.sql/remarks.json | 5 + .../samples/instancepools/main.bicep | 159 ++++----- .../samples/servers/administrators/main.bicep | 10 +- .../servers/auditingsettings/main.bicep | 8 +- .../servers/connectionpolicies/main.bicep | 6 +- .../samples/servers/databases/main.bicep | 14 +- .../securityalertpolicies/main.bicep | 20 +- .../transparentdataencryption/main.bicep | 20 +- .../samples/servers/dnsaliases/main.bicep | 10 +- .../samples/servers/elasticpools/main.bicep | 18 +- .../servers/encryptionprotector/main.bicep | 6 +- .../samples/servers/failovergroups/main.bicep | 39 +-- .../samples/servers/firewallrules/main.bicep | 6 +- .../servers/jobagents/credentials/main.bicep | 26 +- .../samples/servers/jobagents/jobs/main.bicep | 34 +- .../servers/jobagents/jobs/steps/main.bicep | 99 ++++++ .../samples/servers/jobagents/main.bicep | 20 +- .../servers/jobagents/targetgroups/main.bicep | 74 ++-- .../microsoft.sql/samples/servers/main.bicep | 4 +- .../servers/outboundfirewallrules/main.bicep | 4 +- .../servers/securityalertpolicies/main.bicep | 12 +- .../sqlvulnerabilityassessments/main.bicep | 4 +- .../servers/virtualnetworkrules/main.bicep | 18 +- .../microsoft.sqlvirtualmachine/remarks.json | 5 + .../sqlvirtualmachinegroups/main.bicep | 8 +- .../sqlvirtualmachines/basic/main.bicep | 108 +++--- .../sqlbestpracticesassessment/main.bicep | 320 ++++++++++++++++++ .../basic/main.bicep | 83 +++-- .../remarks/microsoft.storage/remarks.json | 5 + .../samples/storageaccounts/basic/main.bicep | 24 +- .../immutabilitypolicies/main.bicep | 24 +- .../blobservices/containers/main.bicep | 6 +- .../storageaccounts/blobservices/main.bicep | 32 +- .../encryptionscopes/main.bicep | 138 ++++++++ .../fileservices/shares/main.bicep | 8 +- .../localusers/basic/main.bicep | 30 +- .../managementpolicies/main.bicep | 28 +- .../queueservices/queues/main.bicep | 6 +- .../tableservices/tables/main.bicep | 6 +- .../samples/amlfilesystems/main.bicep | 44 ++- .../samples/caches/main.bicep | 39 ++- .../storagemovers/endpoints/main.bicep | 2 +- .../samples/storagemovers/projects/main.bicep | 4 +- .../storagesyncservices/syncgroups/main.bicep | 2 +- .../streamingjobs/functions/main.bicep | 26 +- .../samples/streamingjobs/inputs/main.bicep | 60 ++-- .../samples/streamingjobs/main.bicep | 14 +- .../samples/streamingjobs/outputs/main.bicep | 102 +++--- .../azureadonlyauthentications/main.bicep | 33 +- .../workspaces/bigdatapools/main.bicep | 38 +-- .../workspaces/firewallrules/main.bicep | 30 +- .../workspaces/integrationruntimes/main.bicep | 34 +- .../samples/workspaces/main.bicep | 27 +- .../main.bicep | 30 +- .../securityalertpolicies/main.bicep | 18 +- .../samples/workspaces/sqlpools/main.bicep | 38 +-- .../vulnerabilityassessments/main.bicep | 21 +- .../sqlpools/workloadgroups/main.bicep | 25 +- .../workloadclassifiers/main.bicep | 48 ++- .../environments/accesspolicies/main.bicep | 10 +- .../environments/eventsources/main.bicep | 87 +++-- .../samples/environments/main.bicep | 8 +- .../environments/referencedatasets/main.bicep | 14 +- .../samples/accounts/main.bicep | 35 +- .../samples/communicationsgateways/main.bicep | 2 +- .../testlines/main.bicep | 16 +- settings/remarks/microsoft.web/remarks.json | 5 + .../samples/serverfarms/main.bicep | 6 +- .../samples/sites/config/main.bicep | 32 +- .../microsoft.web/samples/sites/main.bicep | 22 +- .../sites/publiccertificates/main.bicep | 14 +- .../samples/sites/siteextensions/main.bicep | 54 +-- .../samples/sites/slots/config/main.bicep | 52 +-- .../samples/sites/slots/main.bicep | 62 ++-- .../samples/sourcecontrols/main.bicep | 18 + .../staticsites/customdomains/main.bicep | 4 +- .../samples/staticsites/main.bicep | 2 +- .../configurations/main.bicep | 94 +++-- .../samples/nginxdeployments/main.bicep | 152 ++++----- .../samples/filesystems/main.bicep | 11 +- .../2022-04-01/roledefinitions.md | 5 +- .../microsoft.compute/2024-03-02/disks.md | 14 +- .../2024-05-15/databaseaccounts.md | 30 +- .../microsoft.keyvault/2023-07-01/vaults.md | 28 +- 613 files changed, 9468 insertions(+), 7735 deletions(-) create mode 100644 settings/remarks/microsoft.aadiam/samples/diagnosticsettings/main.bicep create mode 100644 settings/remarks/microsoft.advisor/samples/recommendations/suppressions/main.bicep create mode 100644 settings/remarks/microsoft.billing/samples/billingaccounts/billingprofiles/main.bicep create mode 100644 settings/remarks/microsoft.cache/samples/redis/linkedservers/main-rg-module.bicep create mode 100644 settings/remarks/microsoft.cache/samples/redis/linkedservers/main.bicep create mode 100644 settings/remarks/microsoft.impact/samples/workloadimpacts/main.bicep create mode 100644 settings/remarks/microsoft.insights/samples/components/proactivedetectionconfigs/main.bicep create mode 100644 settings/remarks/microsoft.insights/samples/logprofiles/main-rg-module.bicep create mode 100644 settings/remarks/microsoft.insights/samples/logprofiles/main.bicep create mode 100644 settings/remarks/microsoft.machinelearningservices/samples/workspaces/outboundrules/main.bicep create mode 100644 settings/remarks/microsoft.network/samples/networkmanagerconnections/main-rg-module.bicep create mode 100644 settings/remarks/microsoft.network/samples/networkmanagerconnections/main.bicep create mode 100644 settings/remarks/microsoft.recoveryservices/samples/vaults/backupfabrics/protectioncontainers/protecteditems/main.bicep create mode 100644 settings/remarks/microsoft.resources/samples/deployments/main.bicep create mode 100644 settings/remarks/microsoft.security/samples/assessments/main-rg-module.bicep create mode 100644 settings/remarks/microsoft.security/samples/assessments/main.bicep create mode 100644 settings/remarks/microsoft.security/samples/workspacesettings/main-rg-module.bicep create mode 100644 settings/remarks/microsoft.security/samples/workspacesettings/main.bicep create mode 100644 settings/remarks/microsoft.servicebus/samples/namespaces/disasterrecoveryconfigs/main-rg-module.bicep create mode 100644 settings/remarks/microsoft.servicebus/samples/namespaces/disasterrecoveryconfigs/main.bicep create mode 100644 settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/steps/main.bicep create mode 100644 settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/sqlbestpracticesassessment/main.bicep create mode 100644 settings/remarks/microsoft.storage/samples/storageaccounts/encryptionscopes/main.bicep create mode 100644 settings/remarks/microsoft.web/samples/sourcecontrols/main.bicep diff --git a/settings/remarks/microsoft.aadiam/remarks.json b/settings/remarks/microsoft.aadiam/remarks.json index bc501e82..0ca83ee8 100644 --- a/settings/remarks/microsoft.aadiam/remarks.json +++ b/settings/remarks/microsoft.aadiam/remarks.json @@ -6,5 +6,12 @@ "Path": "samples/diagnosticsettings/main.tf", "Description": "A basic example of deploying Azure Active Directory Diagnostic Setting for Azure Monitor." } + ], + "BicepSamples": [ + { + "ResourceType": "Microsoft.AADIAM/diagnosticSettings", + "Path": "samples/diagnosticsettings/main.bicep", + "Description": "A basic example of deploying Azure Active Directory Diagnostic Setting for Azure Monitor." + } ] } diff --git a/settings/remarks/microsoft.aadiam/samples/diagnosticsettings/main.bicep b/settings/remarks/microsoft.aadiam/samples/diagnosticsettings/main.bicep new file mode 100644 index 00000000..2bcbf99d --- /dev/null +++ b/settings/remarks/microsoft.aadiam/samples/diagnosticsettings/main.bicep @@ -0,0 +1,40 @@ +targetScope = 'tenant' + +param resourceName string = 'acctest0001' +param location string = 'westus' + +resource diagnosticSetting 'Microsoft.AADIAM/diagnosticSettings@2017-04-01' = { + name: '${resourceName}-DS-unique' + properties: { + logs: [ + { + category: 'RiskyUsers' + enabled: true + } + { + category: 'ServicePrincipalSignInLogs' + enabled: true + } + { + category: 'SignInLogs' + enabled: true + } + { + enabled: true + category: 'B2CRequestLogs' + } + { + category: 'UserRiskEvents' + enabled: true + } + { + category: 'NonInteractiveUserSignInLogs' + enabled: true + } + { + category: 'AuditLogs' + enabled: true + } + ] + } +} diff --git a/settings/remarks/microsoft.advisor/remarks.json b/settings/remarks/microsoft.advisor/remarks.json index c0325475..b9c1d588 100644 --- a/settings/remarks/microsoft.advisor/remarks.json +++ b/settings/remarks/microsoft.advisor/remarks.json @@ -6,5 +6,12 @@ "Path": "samples/recommendations/suppressions/main.tf", "Description": "A basic example of deploying Specifies a suppression for an Azure Advisor recommendation." } + ], + "BicepSamples": [ + { + "ResourceType": "Microsoft.Advisor/recommendations/suppressions", + "Path": "samples/recommendations/suppressions/main.bicep", + "Description": "A basic example of deploying Specifies a suppression for an Azure Advisor recommendation." + } ] } diff --git a/settings/remarks/microsoft.advisor/samples/recommendations/suppressions/main.bicep b/settings/remarks/microsoft.advisor/samples/recommendations/suppressions/main.bicep new file mode 100644 index 00000000..64544045 --- /dev/null +++ b/settings/remarks/microsoft.advisor/samples/recommendations/suppressions/main.bicep @@ -0,0 +1,11 @@ +param resourceName string = 'acctest0001' +param location string = 'westus' +param recommendationId string + +resource suppression 'Microsoft.Advisor/recommendations/suppressions@2023-01-01' = { + name: resourceName + properties: { + suppressionId: '' + ttl: '00:30:00' + } +} diff --git a/settings/remarks/microsoft.alertsmanagement/samples/actionrules/main.bicep b/settings/remarks/microsoft.alertsmanagement/samples/actionrules/main.bicep index c6fba9b9..2250350d 100644 --- a/settings/remarks/microsoft.alertsmanagement/samples/actionrules/main.bicep +++ b/settings/remarks/microsoft.alertsmanagement/samples/actionrules/main.bicep @@ -1,18 +1,17 @@ param resourceName string = 'acctest0001' +param location string = 'westeurope' resource actionRule 'Microsoft.AlertsManagement/actionRules@2021-08-08' = { name: resourceName location: 'global' properties: { + enabled: true + scopes: [] actions: [ { actionType: 'RemoveAllActionGroups' } ] description: '' - enabled: true - scopes: [ - resourceGroup().id - ] } } diff --git a/settings/remarks/microsoft.alertsmanagement/samples/prometheusrulegroups/main.bicep b/settings/remarks/microsoft.alertsmanagement/samples/prometheusrulegroups/main.bicep index 3ef991c6..2774d229 100644 --- a/settings/remarks/microsoft.alertsmanagement/samples/prometheusrulegroups/main.bicep +++ b/settings/remarks/microsoft.alertsmanagement/samples/prometheusrulegroups/main.bicep @@ -1,34 +1,34 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource account 'Microsoft.Monitor/accounts@2023-04-03' = { - name: resourceName - location: location - properties: { - publicNetworkAccess: 'Enabled' - } -} - resource prometheusRuleGroup 'Microsoft.AlertsManagement/prometheusRuleGroups@2023-03-01' = { name: resourceName location: location properties: { + scopes: [ + account.id + ] clusterName: '' description: '' enabled: false rules: [ { - enabled: false - expression: '''histogram_quantile(0.99, sum(rate(jobs_duration_seconds_bucket{service="billing-processing"}[5m])) by (job_type)) -''' labels: { team: 'prod' } record: 'job_type:billing_jobs_duration_seconds:99p5m' + enabled: false + expression: '''histogram_quantile(0.99, sum(rate(jobs_duration_seconds_bucket{service="billing-processing"}[5m])) by (job_type)) +''' } ] - scopes: [ - account.id - ] + } +} + +resource account 'Microsoft.Monitor/accounts@2023-04-03' = { + name: resourceName + location: location + properties: { + publicNetworkAccess: 'Enabled' } } diff --git a/settings/remarks/microsoft.alertsmanagement/samples/smartdetectoralertrules/main.bicep b/settings/remarks/microsoft.alertsmanagement/samples/smartdetectoralertrules/main.bicep index 7c2efcf8..8f823c6d 100644 --- a/settings/remarks/microsoft.alertsmanagement/samples/smartdetectoralertrules/main.bicep +++ b/settings/remarks/microsoft.alertsmanagement/samples/smartdetectoralertrules/main.bicep @@ -1,12 +1,39 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource smartDetectorAlertRule 'microsoft.alertsManagement/smartDetectorAlertRules@2019-06-01' = { + name: resourceName + location: 'global' + properties: { + actionGroups: { + customEmailSubject: '' + customWebhookPayload: '' + groupIds: [ + actionGroup.id + ] + } + description: '' + detector: { + id: 'FailureAnomaliesDetector' + } + frequency: 'PT1M' + scope: [ + component.id + ] + severity: 'Sev0' + state: 'Enabled' + } +} + resource actionGroup 'Microsoft.Insights/actionGroups@2023-01-01' = { name: resourceName location: 'global' properties: { + logicAppReceivers: [] + smsReceivers: [] + voiceReceivers: [] + webhookReceivers: [] armRoleReceivers: [] - automationRunbookReceivers: [] azureAppPushReceivers: [] azureFunctionReceivers: [] emailReceivers: [] @@ -14,10 +41,7 @@ resource actionGroup 'Microsoft.Insights/actionGroups@2023-01-01' = { eventHubReceivers: [] groupShortName: 'acctestag' itsmReceivers: [] - logicAppReceivers: [] - smsReceivers: [] - voiceReceivers: [] - webhookReceivers: [] + automationRunbookReceivers: [] } } @@ -26,37 +50,13 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { location: location kind: 'web' properties: { + publicNetworkAccessForIngestion: 'Enabled' Application_Type: 'web' + publicNetworkAccessForQuery: 'Enabled' DisableIpMasking: false DisableLocalAuth: false ForceCustomerStorageForProfiler: false RetentionInDays: 90 SamplingPercentage: 100 - publicNetworkAccessForIngestion: 'Enabled' - publicNetworkAccessForQuery: 'Enabled' - } -} - -resource smartDetectorAlertRule 'microsoft.alertsManagement/smartDetectorAlertRules@2019-06-01' = { - name: resourceName - location: 'global' - properties: { - actionGroups: { - customEmailSubject: '' - customWebhookPayload: '' - groupIds: [ - actionGroup.id - ] - } - description: '' - detector: { - id: 'FailureAnomaliesDetector' - } - frequency: 'PT1M' - scope: [ - component.id - ] - severity: 'Sev0' - state: 'Enabled' } } diff --git a/settings/remarks/microsoft.analysisservices/samples/servers/main.bicep b/settings/remarks/microsoft.analysisservices/samples/servers/main.bicep index 828a8406..1a5e246e 100644 --- a/settings/remarks/microsoft.analysisservices/samples/servers/main.bicep +++ b/settings/remarks/microsoft.analysisservices/samples/servers/main.bicep @@ -4,16 +4,16 @@ param location string = 'westeurope' resource server 'Microsoft.AnalysisServices/servers@2017-08-01' = { name: resourceName location: location + sku: { + name: 'B1' + } properties: { - asAdministrators: { - members: [] - } ipV4FirewallSettings: { enablePowerBIService: false firewallRules: [] } - } - sku: { - name: 'B1' + asAdministrators: { + members: [] + } } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apis/diagnostics/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apis/diagnostics/main.bicep index 6e6d91b8..c88526e7 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apis/diagnostics/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apis/diagnostics/main.bicep @@ -6,28 +6,32 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { location: location kind: 'web' properties: { - Application_Type: 'web' - DisableIpMasking: false DisableLocalAuth: false - ForceCustomerStorageForProfiler: false RetentionInDays: 90 - SamplingPercentage: 100 publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' + Application_Type: 'web' + DisableIpMasking: false + ForceCustomerStorageForProfiler: false + SamplingPercentage: 100 } } resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' @@ -35,15 +39,11 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { publisherName: 'pub1' virtualNetworkType: 'None' } - sku: { - capacity: 0 - name: 'Consumption' - } } resource api 'Microsoft.ApiManagement/service/apis@2021-08-01' = { - parent: service name: '${resourceName};rev=1' + parent: service properties: { apiType: 'http' apiVersion: '' @@ -55,23 +55,23 @@ resource api 'Microsoft.ApiManagement/service/apis@2021-08-01' = { } resource logger 'Microsoft.ApiManagement/service/loggers@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { + isBuffered: true + loggerType: 'applicationInsights' credentials: { instrumentationKey: component.properties.InstrumentationKey } description: '' - isBuffered: true - loggerType: 'applicationInsights' } } resource diagnostic 'Microsoft.ApiManagement/service/apis/diagnostics@2021-08-01' = { - parent: api name: 'applicationinsights' + parent: api properties: { - loggerId: logger.id operationNameFormat: 'Name' + loggerId: logger.id } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apis/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apis/main.bicep index c15f73f6..628c0899 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apis/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apis/main.bicep @@ -1,10 +1,18 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' @@ -14,34 +22,26 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' } } resource api 'Microsoft.ApiManagement/service/apis@2021-08-01' = { - parent: service name: '${resourceName};rev=1' + parent: service properties: { - apiRevisionDescription: '' - apiType: 'http' - apiVersion: '' - apiVersionDescription: '' - authenticationSettings: {} - description: '' - displayName: 'api1' path: 'api1' protocols: [ 'https' ] + authenticationSettings: {} + description: '' serviceUrl: '' subscriptionRequired: true type: 'http' + apiRevisionDescription: '' + apiType: 'http' + apiVersion: '' + apiVersionDescription: '' + displayName: 'api1' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apis/operations/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apis/operations/main.bicep index 28df9ff6..6b824a82 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apis/operations/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apis/operations/main.bicep @@ -1,41 +1,35 @@ -param resourceName string = 'acctest0001' param location string = 'westus' +param resourceName string = 'acctest0001' resource service 'Microsoft.ApiManagement/service@2022-08-01' = { name: '${resourceName}-am' location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { - certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' publisherEmail: 'pub1@email.com' publisherName: 'pub1' virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' + certificates: [] } } resource api 'Microsoft.ApiManagement/service/apis@2022-08-01' = { - parent: service name: '${resourceName}-api;rev=1' + parent: service properties: { - apiRevisionDescription: '' - apiType: 'http' - apiVersionDescription: '' - authenticationSettings: {} description: 'What is my purpose? You parse butter.' - displayName: 'Butter Parser' - path: 'butter-parser' protocols: [ 'http' 'https' @@ -45,14 +39,20 @@ resource api 'Microsoft.ApiManagement/service/apis@2022-08-01' = { header: 'X-Butter-Robot-API-Key' query: 'location' } + apiType: 'http' + authenticationSettings: {} + displayName: 'Butter Parser' + path: 'butter-parser' subscriptionRequired: true type: 'http' + apiRevisionDescription: '' + apiVersionDescription: '' } } resource operation 'Microsoft.ApiManagement/service/apis/operations@2022-08-01' = { - parent: api name: '${resourceName}-operation' + parent: api properties: { description: '' displayName: 'DELETE Resource' diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apis/policies/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apis/policies/main.bicep index 181e1961..e5e62f93 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apis/policies/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apis/policies/main.bicep @@ -4,7 +4,16 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { + disableGateway: false + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' @@ -13,42 +22,33 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } - disableGateway: false - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' } } resource api 'Microsoft.ApiManagement/service/apis@2021-08-01' = { - parent: service name: '${resourceName};rev=1' + parent: service properties: { - apiRevisionDescription: '' - apiType: 'http' + type: 'http' apiVersion: '' - apiVersionDescription: '' authenticationSettings: {} description: '' displayName: 'api1' + serviceUrl: '' + apiRevisionDescription: '' + apiType: 'http' + apiVersionDescription: '' path: 'api1' protocols: [ 'https' ] - serviceUrl: '' subscriptionRequired: true - type: 'http' } } resource policy 'Microsoft.ApiManagement/service/apis/policies@2021-08-01' = { - parent: api name: 'policy' + parent: api properties: { format: 'xml' value: ''' diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apis/schemas/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apis/schemas/main.bicep index e62d1103..8ba31065 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apis/schemas/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apis/schemas/main.bicep @@ -4,8 +4,11 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { - certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' @@ -18,37 +21,34 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { publisherEmail: 'pub1@email.com' publisherName: 'pub1' virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' + certificates: [] } } resource api 'Microsoft.ApiManagement/service/apis@2021-08-01' = { - parent: service name: '${resourceName};rev=1' + parent: service properties: { apiRevisionDescription: '' - apiType: 'http' apiVersion: '' - apiVersionDescription: '' authenticationSettings: {} + path: 'api1' + serviceUrl: '' + type: 'http' + apiType: 'http' + apiVersionDescription: '' description: '' displayName: 'api1' - path: 'api1' protocols: [ 'https' ] - serviceUrl: '' subscriptionRequired: true - type: 'http' } } resource schema 'Microsoft.ApiManagement/service/apis/schemas@2021-08-01' = { - parent: api name: resourceName + parent: api properties: { contentType: 'application/vnd.ms-azure-apim.xsd+xml' document: { diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apis/tagdescriptions/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apis/tagdescriptions/main.bicep index 4f4c4267..e2330250 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apis/tagdescriptions/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apis/tagdescriptions/main.bicep @@ -4,56 +4,56 @@ param location string = 'westus' resource service 'Microsoft.ApiManagement/service@2022-08-01' = { name: '${resourceName}-service' location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { + publisherName: 'pub1' + virtualNetworkType: 'None' certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' } } resource api 'Microsoft.ApiManagement/service/apis@2022-08-01' = { - parent: service name: '${resourceName}-api;rev=1' + parent: service properties: { apiRevisionDescription: '' apiType: 'http' apiVersionDescription: '' authenticationSettings: {} displayName: 'api1' - path: 'api1' protocols: [ 'https' ] subscriptionRequired: true + path: 'api1' type: 'http' } } resource tag 'Microsoft.ApiManagement/service/tags@2022-08-01' = { - parent: service name: '${resourceName}-tag' + parent: service properties: { - displayName: 'acctest0001-tag' + displayName: '${resourceName}-tag' } } resource tagDescription 'Microsoft.ApiManagement/service/apis/tagDescriptions@2022-08-01' = { - parent: api name: '${resourceName}-tag' + parent: api properties: { description: 'tag description' externalDocsDescription: 'external tag description' @@ -62,6 +62,6 @@ resource tagDescription 'Microsoft.ApiManagement/service/apis/tagDescriptions@20 } resource tag1 'Microsoft.ApiManagement/service/apis/tags@2022-08-01' = { - parent: api name: '${resourceName}-tag' + parent: api } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apis/tags/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apis/tags/main.bicep index 9263f2e8..fe282480 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apis/tags/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apis/tags/main.bicep @@ -4,14 +4,18 @@ param location string = 'westus' resource service 'Microsoft.ApiManagement/service@2022-08-01' = { name: '${resourceName}-service' location: location + sku: { + name: 'Consumption' + capacity: 0 + } properties: { certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' @@ -19,34 +23,30 @@ resource service 'Microsoft.ApiManagement/service@2022-08-01' = { publisherName: 'pub1' virtualNetworkType: 'None' } - sku: { - capacity: 0 - name: 'Consumption' - } } resource api 'Microsoft.ApiManagement/service/apis@2022-08-01' = { - parent: service name: '${resourceName}-api;rev=1' + parent: service properties: { - apiRevisionDescription: '' - apiType: 'http' - apiVersionDescription: '' - authenticationSettings: {} displayName: 'api1' - path: 'api1' protocols: [ 'https' ] + apiType: 'http' + apiVersionDescription: '' + path: 'api1' subscriptionRequired: true type: 'http' + apiRevisionDescription: '' + authenticationSettings: {} } } resource tag 'Microsoft.ApiManagement/service/tags@2022-08-01' = { - parent: service name: '${resourceName}-tag' + parent: service properties: { - displayName: 'acctest0001-tag' + displayName: '${resourceName}-tag' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apiversionsets/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apiversionsets/main.bicep index 079e3fb3..3651e9c9 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apiversionsets/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apiversionsets/main.bicep @@ -4,8 +4,11 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { - certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' @@ -18,16 +21,13 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { publisherEmail: 'pub1@email.com' publisherName: 'pub1' virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' + certificates: [] } } resource apiVersionSet 'Microsoft.ApiManagement/service/apiVersionSets@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { description: 'TestDescription1' displayName: 'TestApiVersionSet1230630032559674766' diff --git a/settings/remarks/microsoft.apimanagement/samples/service/authorizationservers/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/authorizationservers/main.bicep index 244a30d9..b1b8ff90 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/authorizationservers/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/authorizationservers/main.bicep @@ -9,48 +9,48 @@ param oauthClientSecret string resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + name: 'Consumption' + capacity: 0 + } properties: { - certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' publisherEmail: 'pub1@email.com' publisherName: 'pub1' virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' + certificates: [] } } resource authorizationServer 'Microsoft.ApiManagement/service/authorizationServers@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { + clientRegistrationEndpoint: 'https://azacceptance.hashicorptest.com/client/register' + defaultScope: '' + resourceOwnerPassword: '' + supportState: false + tokenBodyParameters: [] authorizationEndpoint: 'https://azacceptance.hashicorptest.com/client/authorize' authorizationMethods: [ 'GET' ] clientAuthenticationMethod: [] - clientId: null - clientRegistrationEndpoint: 'https://azacceptance.hashicorptest.com/client/register' - clientSecret: null - defaultScope: '' + clientSecret: '${oauthClientSecret}' description: '' displayName: 'Test Group' grantTypes: [ 'implicit' ] - resourceOwnerPassword: '' resourceOwnerUsername: '' - supportState: false - tokenBodyParameters: [] + clientId: '${oauthClientId}' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/backends/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/backends/main.bicep index aa963401..5319fc94 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/backends/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/backends/main.bicep @@ -4,7 +4,15 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' @@ -14,20 +22,12 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' } } resource backend 'Microsoft.ApiManagement/service/backends@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { protocol: 'http' url: 'https://acctest' diff --git a/settings/remarks/microsoft.apimanagement/samples/service/caches/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/caches/main.bicep index 63f1096f..f46fdb82 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/caches/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/caches/main.bicep @@ -3,6 +3,7 @@ param location string = 'westeurope' resource redis 'Microsoft.Cache/redis@2023-04-01' = { name: resourceName + location: 'eastus' properties: { enableNonSslPort: true minimumTlsVersion: '1.2' @@ -17,7 +18,13 @@ resource redis 'Microsoft.Cache/redis@2023-04-01' = { resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + name: 'Consumption' + capacity: 0 + } properties: { + publisherName: 'pub1' + virtualNetworkType: 'None' certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' @@ -29,20 +36,14 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { disableGateway: false publicNetworkAccess: 'Enabled' publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' } } resource cache 'Microsoft.ApiManagement/service/caches@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { - connectionString: '${redis.name}.redis.cache.windows.net:6380,password=redis.listKeys().primaryKey,ssl=true,abortConnect=False' + connectionString: '${redis.name}.redis.cache.windows.net:6380,password=${redis.listKeys().primaryKey},ssl=true,abortConnect=False' useFromLocation: 'default' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/certificates/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/certificates/main.bicep index 9fa37d0f..c5d0a2f3 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/certificates/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/certificates/main.bicep @@ -4,30 +4,30 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' } } resource certificate 'Microsoft.ApiManagement/service/certificates@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { data: 'MIIKmQIBAzCCCl8GCSqGSIb3DQEHAaCCClAEggpMMIIKSDCCBP8GCSqGSIb3DQEHBqCCBPAwggTsAgEAMIIE5QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIp1c0ydxiVG0CAggAgIIEuA5qATScE+dBHsldt+cfd/PjV+FAei7+lyYXm2IN1TZ1mFEce3T6MlGaqXoHMlYlIEVtvxNp2qpbYyGbboCRYTmB1tHbDbwDAg0bO8J8ing2xOvkoKx+sFX7L0I+FcGz5ucJRoDus6K6GdMgWOi+vlEdliBpH7Lgk+8+SXpFf/JadnEY49Dr4XMUBs/fXe6BxB89b9H/5mUg1SQFuxnGQrdvEW7tNFJR7k9BUO/95X8b4mQZdqfXBzgayOKTcB7JShXA9gjyAbxsF2g5EXlmWNJoRVo8xPcybPgarDdfjM4L0eEzvB4mgn6JimCaHxt9Gb3PGhPJ0mFzVbJTPQgiFpjpREwDWVYk7LeKvjyLn70O9pQyCi8tjZGw5XfIHlt7P+EHEdXXYR7z7gbgNQmWFMjYEX2puAKjYyjYsZ3ZxlWWNsrWZA/lNE5BgIBAcNAT2NBGAGbe4floniM8RPpQJ/Tj53nFQxav2sY/toWRSA8z7/bMGmQZEh9Dun61YJc+yb0dzn0K98FlEw1+Uu4fR8l6/e4xvmpdH3tOVak0xFRJLdILlO9VwJ3Ins8CODFHV4J4DnuMyINonctjTl9qy66+pVf6ePX0Io5k+49hU3u19jZy/oN8xxTGDMGVQinZ19yNC5TJ7RJ4fb682Jk+P8dwc+1icbBydZo3a/n1JdglMjPJK4+f0iW/+KIBFD2oZlEt8/Hi+IzyXT2BJHuZJmPa61vxHurA/urGH06ybpcrSEkBC0Lcm07Ie5Ov/UQVcdwF2MM3f3Iv5hrdRogBmB5pe1sYwNGJanCy4dABwpu+qVrtBGZEdBRl4h6IUTTzFDJltVcAmi60blvB8pCufDnD+PdJobAD5FIcsMDl0hiB7AgDbtOWygE1i/b5GnoVsfOGt4iUclikKxCig4m500IgX/XgUBiY1RwkHIXZQ1mXyWBAnaFgPA7BOt70Qbj9wy9S60FvrElVG9NWXuTdGY+ECWkoEzjiGnCEL+T1Cv43b8SlL5GCCftIUHlM/ss8oBzcJmUJsUsv/ZHTcj3GKyHud5cIT4rli542dDkoZj0O6fsvE+yFM7kZaQrTzuPlstfnvi5OeJQ4+aJBeL+rEXvEspLn02i2Rg1afZAll6fk+epPJOxW2pkrVslDMj/0RfLr4dRi5uzBiJb3pILfCDJs9Nqzj2GMWOFudQn5OHbcbx6dtoB1RcdsZHSGTn+MrjoXey2nmIlg372aLR7tCH06Z66U9FagAr51DZAKq2ry0T6gR4sWtzHlS063xFH4JeCHAJouWqEwgxeBu1zSZneDlMaC1ifcB0fOML8658vi1B697wLP0Muc6UW4mqfuN7AMl1fJQ7vO5oTDgWbPd6bSrLk46zmN3vC3VzMqQVa/1BbKgGkTOaVIZJuK0OuN2hyaVLNvm8XQ2O5QWE6aY2l3fm7m4hbT2AXRd/ulquZRhbQa7jIyjTb6SwLZG9wpvRJ5pR/C1V/QitI4GrViMOgEX+LV2TzXZxmkBV45/dDJ9Vh+2LEUKvcbkWjxZEbgltyCOdDHbTA5ydcNCHi/t/L371N6mCcXJH4FC7za1LpNmXeRIZa4lUuW602YH0DCYTnZ95UqMNyXMIIFQQYJKoZIhvcNAQcBoIIFMgSCBS4wggUqMIIFJgYLKoZIhvcNAQwKAQKgggTuMIIE6jAcBgoqhkiG9w0BDAEDMA4ECMwUHG/3/JVkAgIIAASCBMivDxcmzXtuXLPeu468SGYRJk994sSYqjK6fKP4090KXsDgX+IkggKJWqZqyRb0Dq7EusKpMyrSJNtz9Cfl3+S/vsbX6mGz4TY1g4VNvkyJyUjqUjKIDL2SlULRa7ldEvpOciy0Ms/6PBQXOTyVr5Rd1dFUFSbkLAruIWTULK0OfQoFjuQXmDvunRBrqSbHtjID9m1OwdcTfzMGHjsXth3iSWSTTh5+Eg/6H+/9kGC9VEEURqFD3Gx2kWKjqSlZyf/LSOTBcQ6+qRQZT1B1ZnPAVBU9Xn9Z6Tq0EMNfNg9+pv1GlLBUg1Hqo8RAW1nNOBSBHXS0nq062j48luQOotthKOc1rkjQd91Q9qTLFlU12gllQw+ejHVVvEEPHtxJ7HVr/lvM/5mt2oObTJb01JcfVnYrnI3NnNSWRULx/tznhB2yoKqjtrnZAW3zNU9TQQVyLVjt2lIXhE4oXk0I+Cxmvbh+YJF6XLrATGc6yuL02ZInrC59ufkclcnjnTSGnXWr9gzIndZ6wSS0B+6bMpLxamvE4XDhAQCn6MEGGVcY9nMydxaWU3o7Is0J1nd/KZWgfXeOoZx10olSR22+PBKy8Gsge2mMbR2QvhUKNyXLTV3pOnxtjGf88PhseqDpwZ5++DOSFfi0spsDvfXJNO0F0f0JYrMNXbqlxO4uExj146thivXZVlR1n5Bo4eL0OoVIXn1w/MuU0suQvZm+kD8uVuajyBnJsnhsCWx2eTZ2vzHQTKB2EtYeDPioWSomTVVjIdg8A9pTzvvhe8MzFXvRMXFc9+ToN+uLjJqHRSmpZIGJvZQXCKrlCC9KRjP1HIhJhyfuYoEjTkF3IVeXS1tnA5CH5oilOG+guLKXNPWsrCXEpewz6i907ugx/VWTAmEMzYwMCDzCnW2l+mI8P56nWrwI0vDuk1GhIs6nn+Nhc6FPHD1996zyZ7hfmO7h25tto00IoVgI9QlhwtWLz10ZltLG581JvO7jEwT4u/nYxD7aO0Llb3ytNKihalFZMaY20a1dhVBsPwiWUpZcMmPoYySSiukyw350WiV/Z2NAsyeGRTWpdKcBi7gna0NN6fn0QLSdTcPKutASCplNExnI1IkkBFb3TmlF5HrrwmVht+vqxEHbRjDwEnKkvGcUbLWdjUjSWVNNbCbo8KbLAXcBPcjTHxIRw3gkLcS+yL0//uSENgo/LpHBZsO5d6as820lpYmHIjvyxhAMpMNlOPmUIW+cOgcf328wNaHaVWalIwfSGJdqGgC4msvP8vOcGWYgLkdrqJGWjhDs40x7LuFEBWgpgu6E2FfPOPTsqs5QxNKTgCw/eXjK92dZkdqO0Y7oLavU3OaJeWFJpAuZcC84Rwup2K0d4CXvZ0bOtpISSTr3VZeXRl8SkN2bQtgit9BJ2qGAy9blNObk1q8yOaVppercZMgG96DK23ZQ9uLRmliqytE1tXFKNKegwxGorKodoMwpRzClBz37KIYGJvFOYVya11v3gdcfeMcRTPdZG5dbI6US9DNk6fbShBJpc7PvYgMc8Vr+xEfzZXPnY2M8d+uJJomrU5ZQXcjy9jtyE4ToBz5ajh4Hq6Khlv6v5y2C+GrXb5+2KoSkcAYpTxlzAnjk9pYMZkwxJTAjBgkqhkiG9w0BCRUxFgQURdOwIJIHIprOPt5IqfZOf/7JJoQwMTAhMAkGBSsOAwIaBQAEFCaYzKHAOxuYPxNGezkbQ8Tp9cGsBAiTp8/jb7QK5AICCAAK' password: '' diff --git a/settings/remarks/microsoft.apimanagement/samples/service/diagnostics/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/diagnostics/main.bicep index 247cece4..dc053014 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/diagnostics/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/diagnostics/main.bicep @@ -1,26 +1,19 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource component 'Microsoft.Insights/components@2020-02-02' = { - name: resourceName - location: location - kind: 'web' - properties: { - Application_Type: 'web' - DisableIpMasking: false - DisableLocalAuth: false - ForceCustomerStorageForProfiler: false - RetentionInDays: 90 - SamplingPercentage: 100 - publicNetworkAccessForIngestion: 'Enabled' - publicNetworkAccessForQuery: 'Enabled' - } -} - resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { + disableGateway: false + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' @@ -29,36 +22,42 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } - disableGateway: false - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' } } resource diagnostic 'Microsoft.ApiManagement/service/diagnostics@2021-08-01' = { - parent: service name: 'applicationinsights' + parent: service properties: { - loggerId: logger.id operationNameFormat: 'Name' } } resource logger 'Microsoft.ApiManagement/service/loggers@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { + isBuffered: true + loggerType: 'applicationInsights' credentials: { instrumentationKey: component.properties.InstrumentationKey } description: '' - isBuffered: true - loggerType: 'applicationInsights' + } +} + +resource component 'Microsoft.Insights/components@2020-02-02' = { + name: resourceName + location: location + kind: 'web' + properties: { + publicNetworkAccessForQuery: 'Enabled' + Application_Type: 'web' + DisableIpMasking: false + RetentionInDays: 90 + SamplingPercentage: 100 + publicNetworkAccessForIngestion: 'Enabled' + DisableLocalAuth: false + ForceCustomerStorageForProfiler: false } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/gateways/certificateauthorities/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/gateways/certificateauthorities/main.bicep index d400e9d2..5bb22b77 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/gateways/certificateauthorities/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/gateways/certificateauthorities/main.bicep @@ -10,25 +10,29 @@ param certificatePassword string resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Developer' + } properties: { certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false @@ -37,38 +41,34 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { publisherName: 'pub1' virtualNetworkType: 'None' } - sku: { - capacity: 1 - name: 'Developer' - } } resource certificate 'Microsoft.ApiManagement/service/certificates@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { - data: null - password: null + data: '${certificateData}' + password: '${certificatePassword}' } } resource gateway 'Microsoft.ApiManagement/service/gateways@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { - description: '' locationData: { city: '' countryOrRegion: '' district: '' name: 'test' } + description: '' } } resource certificateAuthority 'Microsoft.ApiManagement/service/gateways/certificateAuthorities@2021-08-01' = { + name: 'azapi_resource.certificate.name' parent: gateway - name: 'certificate.name' properties: { isTrusted: false } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/gateways/hostnameconfigurations/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/gateways/hostnameconfigurations/main.bicep index 30472942..b7a26773 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/gateways/hostnameconfigurations/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/gateways/hostnameconfigurations/main.bicep @@ -4,26 +4,30 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Developer' + } properties: { certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' @@ -31,15 +35,11 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { publisherName: 'pub1' virtualNetworkType: 'None' } - sku: { - capacity: 1 - name: 'Developer' - } } resource certificate 'Microsoft.ApiManagement/service/certificates@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { data: 'MIIKmQIBAzCCCl8GCSqGSIb3DQEHAaCCClAEggpMMIIKSDCCBP8GCSqGSIb3DQEHBqCCBPAwggTsAgEAMIIE5QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIp1c0ydxiVG0CAggAgIIEuA5qATScE+dBHsldt+cfd/PjV+FAei7+lyYXm2IN1TZ1mFEce3T6MlGaqXoHMlYlIEVtvxNp2qpbYyGbboCRYTmB1tHbDbwDAg0bO8J8ing2xOvkoKx+sFX7L0I+FcGz5ucJRoDus6K6GdMgWOi+vlEdliBpH7Lgk+8+SXpFf/JadnEY49Dr4XMUBs/fXe6BxB89b9H/5mUg1SQFuxnGQrdvEW7tNFJR7k9BUO/95X8b4mQZdqfXBzgayOKTcB7JShXA9gjyAbxsF2g5EXlmWNJoRVo8xPcybPgarDdfjM4L0eEzvB4mgn6JimCaHxt9Gb3PGhPJ0mFzVbJTPQgiFpjpREwDWVYk7LeKvjyLn70O9pQyCi8tjZGw5XfIHlt7P+EHEdXXYR7z7gbgNQmWFMjYEX2puAKjYyjYsZ3ZxlWWNsrWZA/lNE5BgIBAcNAT2NBGAGbe4floniM8RPpQJ/Tj53nFQxav2sY/toWRSA8z7/bMGmQZEh9Dun61YJc+yb0dzn0K98FlEw1+Uu4fR8l6/e4xvmpdH3tOVak0xFRJLdILlO9VwJ3Ins8CODFHV4J4DnuMyINonctjTl9qy66+pVf6ePX0Io5k+49hU3u19jZy/oN8xxTGDMGVQinZ19yNC5TJ7RJ4fb682Jk+P8dwc+1icbBydZo3a/n1JdglMjPJK4+f0iW/+KIBFD2oZlEt8/Hi+IzyXT2BJHuZJmPa61vxHurA/urGH06ybpcrSEkBC0Lcm07Ie5Ov/UQVcdwF2MM3f3Iv5hrdRogBmB5pe1sYwNGJanCy4dABwpu+qVrtBGZEdBRl4h6IUTTzFDJltVcAmi60blvB8pCufDnD+PdJobAD5FIcsMDl0hiB7AgDbtOWygE1i/b5GnoVsfOGt4iUclikKxCig4m500IgX/XgUBiY1RwkHIXZQ1mXyWBAnaFgPA7BOt70Qbj9wy9S60FvrElVG9NWXuTdGY+ECWkoEzjiGnCEL+T1Cv43b8SlL5GCCftIUHlM/ss8oBzcJmUJsUsv/ZHTcj3GKyHud5cIT4rli542dDkoZj0O6fsvE+yFM7kZaQrTzuPlstfnvi5OeJQ4+aJBeL+rEXvEspLn02i2Rg1afZAll6fk+epPJOxW2pkrVslDMj/0RfLr4dRi5uzBiJb3pILfCDJs9Nqzj2GMWOFudQn5OHbcbx6dtoB1RcdsZHSGTn+MrjoXey2nmIlg372aLR7tCH06Z66U9FagAr51DZAKq2ry0T6gR4sWtzHlS063xFH4JeCHAJouWqEwgxeBu1zSZneDlMaC1ifcB0fOML8658vi1B697wLP0Muc6UW4mqfuN7AMl1fJQ7vO5oTDgWbPd6bSrLk46zmN3vC3VzMqQVa/1BbKgGkTOaVIZJuK0OuN2hyaVLNvm8XQ2O5QWE6aY2l3fm7m4hbT2AXRd/ulquZRhbQa7jIyjTb6SwLZG9wpvRJ5pR/C1V/QitI4GrViMOgEX+LV2TzXZxmkBV45/dDJ9Vh+2LEUKvcbkWjxZEbgltyCOdDHbTA5ydcNCHi/t/L371N6mCcXJH4FC7za1LpNmXeRIZa4lUuW602YH0DCYTnZ95UqMNyXMIIFQQYJKoZIhvcNAQcBoIIFMgSCBS4wggUqMIIFJgYLKoZIhvcNAQwKAQKgggTuMIIE6jAcBgoqhkiG9w0BDAEDMA4ECMwUHG/3/JVkAgIIAASCBMivDxcmzXtuXLPeu468SGYRJk994sSYqjK6fKP4090KXsDgX+IkggKJWqZqyRb0Dq7EusKpMyrSJNtz9Cfl3+S/vsbX6mGz4TY1g4VNvkyJyUjqUjKIDL2SlULRa7ldEvpOciy0Ms/6PBQXOTyVr5Rd1dFUFSbkLAruIWTULK0OfQoFjuQXmDvunRBrqSbHtjID9m1OwdcTfzMGHjsXth3iSWSTTh5+Eg/6H+/9kGC9VEEURqFD3Gx2kWKjqSlZyf/LSOTBcQ6+qRQZT1B1ZnPAVBU9Xn9Z6Tq0EMNfNg9+pv1GlLBUg1Hqo8RAW1nNOBSBHXS0nq062j48luQOotthKOc1rkjQd91Q9qTLFlU12gllQw+ejHVVvEEPHtxJ7HVr/lvM/5mt2oObTJb01JcfVnYrnI3NnNSWRULx/tznhB2yoKqjtrnZAW3zNU9TQQVyLVjt2lIXhE4oXk0I+Cxmvbh+YJF6XLrATGc6yuL02ZInrC59ufkclcnjnTSGnXWr9gzIndZ6wSS0B+6bMpLxamvE4XDhAQCn6MEGGVcY9nMydxaWU3o7Is0J1nd/KZWgfXeOoZx10olSR22+PBKy8Gsge2mMbR2QvhUKNyXLTV3pOnxtjGf88PhseqDpwZ5++DOSFfi0spsDvfXJNO0F0f0JYrMNXbqlxO4uExj146thivXZVlR1n5Bo4eL0OoVIXn1w/MuU0suQvZm+kD8uVuajyBnJsnhsCWx2eTZ2vzHQTKB2EtYeDPioWSomTVVjIdg8A9pTzvvhe8MzFXvRMXFc9+ToN+uLjJqHRSmpZIGJvZQXCKrlCC9KRjP1HIhJhyfuYoEjTkF3IVeXS1tnA5CH5oilOG+guLKXNPWsrCXEpewz6i907ugx/VWTAmEMzYwMCDzCnW2l+mI8P56nWrwI0vDuk1GhIs6nn+Nhc6FPHD1996zyZ7hfmO7h25tto00IoVgI9QlhwtWLz10ZltLG581JvO7jEwT4u/nYxD7aO0Llb3ytNKihalFZMaY20a1dhVBsPwiWUpZcMmPoYySSiukyw350WiV/Z2NAsyeGRTWpdKcBi7gna0NN6fn0QLSdTcPKutASCplNExnI1IkkBFb3TmlF5HrrwmVht+vqxEHbRjDwEnKkvGcUbLWdjUjSWVNNbCbo8KbLAXcBPcjTHxIRw3gkLcS+yL0//uSENgo/LpHBZsO5d6as820lpYmHIjvyxhAMpMNlOPmUIW+cOgcf328wNaHaVWalIwfSGJdqGgC4msvP8vOcGWYgLkdrqJGWjhDs40x7LuFEBWgpgu6E2FfPOPTsqs5QxNKTgCw/eXjK92dZkdqO0Y7oLavU3OaJeWFJpAuZcC84Rwup2K0d4CXvZ0bOtpISSTr3VZeXRl8SkN2bQtgit9BJ2qGAy9blNObk1q8yOaVppercZMgG96DK23ZQ9uLRmliqytE1tXFKNKegwxGorKodoMwpRzClBz37KIYGJvFOYVya11v3gdcfeMcRTPdZG5dbI6US9DNk6fbShBJpc7PvYgMc8Vr+xEfzZXPnY2M8d+uJJomrU5ZQXcjy9jtyE4ToBz5ajh4Hq6Khlv6v5y2C+GrXb5+2KoSkcAYpTxlzAnjk9pYMZkwxJTAjBgkqhkiG9w0BCRUxFgQURdOwIJIHIprOPt5IqfZOf/7JJoQwMTAhMAkGBSsOAwIaBQAEFCaYzKHAOxuYPxNGezkbQ8Tp9cGsBAiTp8/jb7QK5AICCAAK' password: '' @@ -47,8 +47,8 @@ resource certificate 'Microsoft.ApiManagement/service/certificates@2021-08-01' = } resource gateway 'Microsoft.ApiManagement/service/gateways@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { description: '' locationData: { @@ -61,14 +61,14 @@ resource gateway 'Microsoft.ApiManagement/service/gateways@2021-08-01' = { } resource hostnameConfiguration 'Microsoft.ApiManagement/service/gateways/hostnameConfigurations@2021-08-01' = { - parent: gateway name: resourceName + parent: gateway properties: { - certificateId: certificate.id - hostname: 'host-name-230630032559671742' http2Enabled: true negotiateClientCertificate: false tls10Enabled: false tls11Enabled: false + certificateId: certificate.id + hostname: 'host-name-230630032559671742' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/gateways/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/gateways/main.bicep index e8c528a7..2d71797a 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/gateways/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/gateways/main.bicep @@ -4,49 +4,49 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Developer' + } properties: { + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' } disableGateway: false - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 1 - name: 'Developer' } } resource gateway 'Microsoft.ApiManagement/service/gateways@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { description: '' locationData: { - city: '' countryOrRegion: '' district: '' name: 'test' + city: '' } } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/groups/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/groups/main.bicep index dd41d7a0..cfae5b38 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/groups/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/groups/main.bicep @@ -4,26 +4,30 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Developer' + } properties: { certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' @@ -31,15 +35,11 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { publisherName: 'pub1' virtualNetworkType: 'None' } - sku: { - capacity: 1 - name: 'Developer' - } } resource group 'Microsoft.ApiManagement/service/groups@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { description: '' displayName: 'Test Group' diff --git a/settings/remarks/microsoft.apimanagement/samples/service/identityproviders/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/identityproviders/main.bicep index 53ae60d6..6028868b 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/identityproviders/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/identityproviders/main.bicep @@ -9,26 +9,30 @@ param identityProviderClientSecret string resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Developer' + } properties: { certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' @@ -36,18 +40,14 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { publisherName: 'pub1' virtualNetworkType: 'None' } - sku: { - capacity: 1 - name: 'Developer' - } } resource identityProvider 'Microsoft.ApiManagement/service/identityProviders@2021-08-01' = { - parent: service name: 'twitter' + parent: service properties: { - clientId: null - clientSecret: null + clientId: '${identityProviderClientId}' + clientSecret: '${identityProviderClientSecret}' type: 'twitter' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/loggers/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/loggers/main.bicep index 5c044a15..ee345892 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/loggers/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/loggers/main.bicep @@ -1,49 +1,33 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource component 'Microsoft.Insights/components@2020-02-02' = { - name: resourceName - location: location - kind: 'web' - properties: { - Application_Type: 'web' - DisableIpMasking: false - DisableLocalAuth: false - ForceCustomerStorageForProfiler: false - RetentionInDays: 90 - SamplingPercentage: 100 - publicNetworkAccessForIngestion: 'Enabled' - publicNetworkAccessForQuery: 'Enabled' - } -} - resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' } } resource logger 'Microsoft.ApiManagement/service/loggers@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { credentials: { instrumentationKey: component.properties.InstrumentationKey @@ -53,3 +37,19 @@ resource logger 'Microsoft.ApiManagement/service/loggers@2021-08-01' = { loggerType: 'applicationInsights' } } + +resource component 'Microsoft.Insights/components@2020-02-02' = { + name: resourceName + location: location + kind: 'web' + properties: { + ForceCustomerStorageForProfiler: false + RetentionInDays: 90 + SamplingPercentage: 100 + Application_Type: 'web' + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' + DisableIpMasking: false + DisableLocalAuth: false + } +} diff --git a/settings/remarks/microsoft.apimanagement/samples/service/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/main.bicep index 6d40bf73..f702d7cd 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/main.bicep @@ -4,35 +4,35 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + name: 'Developer' + capacity: 1 + } properties: { + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' } disableGateway: false - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 1 - name: 'Developer' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/namedvalues/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/namedvalues/main.bicep index 872f016c..45c3875f 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/namedvalues/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/namedvalues/main.bicep @@ -4,30 +4,30 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + name: 'Consumption' + capacity: 0 + } properties: { + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' } } resource namedValue 'Microsoft.ApiManagement/service/namedValues@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { displayName: 'TestProperty230630032559683679' secret: false diff --git a/settings/remarks/microsoft.apimanagement/samples/service/openidconnectproviders/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/openidconnectproviders/main.bicep index 5ca9141b..80f16ce6 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/openidconnectproviders/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/openidconnectproviders/main.bicep @@ -9,33 +9,33 @@ param openidClientSecret string resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { - certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' publisherEmail: 'pub1@email.com' publisherName: 'pub1' virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' + certificates: [] } } resource openidConnectProvider 'Microsoft.ApiManagement/service/openidConnectProviders@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { - clientId: null - clientSecret: null + clientId: '${openidClientId}' + clientSecret: '${openidClientSecret}' description: '' displayName: 'Initial Name' metadataEndpoint: 'https://azacceptance.hashicorptest.com/example/foo' diff --git a/settings/remarks/microsoft.apimanagement/samples/service/policyfragments/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/policyfragments/main.bicep index b0ee6500..c3cfef2a 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/policyfragments/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/policyfragments/main.bicep @@ -4,42 +4,42 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Developer' + } properties: { + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' } disableGateway: false - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 1 - name: 'Developer' } } resource policyFragment 'Microsoft.ApiManagement/service/policyFragments@2021-12-01-preview' = { - parent: service name: 'error-handler' + parent: service properties: { description: 'Fragment for Error Handling' format: 'xml' diff --git a/settings/remarks/microsoft.apimanagement/samples/service/portalsettings/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/portalsettings/main.bicep index 5b803d1a..f366333c 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/portalsettings/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/portalsettings/main.bicep @@ -4,42 +4,42 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Developer' + } properties: { + disableGateway: false + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' } - disableGateway: false - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 1 - name: 'Developer' } } resource portalsetting 'Microsoft.ApiManagement/service/portalsettings@2021-08-01' = { - parent: service name: 'signup' + parent: service properties: { enabled: false termsOfService: { diff --git a/settings/remarks/microsoft.apimanagement/samples/service/products/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/products/main.bicep index f85e8ff6..14925720 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/products/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/products/main.bicep @@ -1,10 +1,18 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' @@ -14,25 +22,17 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' } } resource product 'Microsoft.ApiManagement/service/products@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { + subscriptionRequired: false + terms: '' description: '' displayName: 'Test Product' state: 'notPublished' - subscriptionRequired: false - terms: '' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/products/policies/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/products/policies/main.bicep index 3fdf411f..775e19e4 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/products/policies/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/products/policies/main.bicep @@ -4,14 +4,18 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' @@ -19,27 +23,23 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { publisherName: 'pub1' virtualNetworkType: 'None' } - sku: { - capacity: 0 - name: 'Consumption' - } } resource product 'Microsoft.ApiManagement/service/products@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { + terms: '' description: '' displayName: 'Test Product' state: 'notPublished' subscriptionRequired: false - terms: '' } } resource policy2 'Microsoft.ApiManagement/service/products/policies@2021-08-01' = { - parent: product name: 'policy' + parent: product properties: { format: 'rawxml-link' value: 'https://gist.githubusercontent.com/riordanp/ca22f8113afae0eb38cc12d718fd048d/raw/d6ac89a2f35a6881a7729f8cb4883179dc88eea1/example.xml' diff --git a/settings/remarks/microsoft.apimanagement/samples/service/products/tags/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/products/tags/main.bicep index b7bc916b..2916908c 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/products/tags/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/products/tags/main.bicep @@ -1,33 +1,41 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { + disableGateway: false + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } - disableGateway: false - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' } - sku: { - capacity: 0 - name: 'Consumption' +} + +resource serviceTag 'Microsoft.ApiManagement/service/tags@2021-08-01' = { + name: resourceName + parent: service + properties: { + displayName: '${resourceName}' } } resource product 'Microsoft.ApiManagement/service/products@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { description: '' displayName: 'Test Product' @@ -37,15 +45,7 @@ resource product 'Microsoft.ApiManagement/service/products@2021-08-01' = { } } -resource serviceTag 'Microsoft.ApiManagement/service/tags@2021-08-01' = { - parent: service - name: resourceName - properties: { - displayName: 'acctest0001' - } -} - resource tag 'Microsoft.ApiManagement/service/products/tags@2021-08-01' = { + name: 'azapi_resource.service_tag.name' parent: product - name: 'service_tag.name' } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/schemas/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/schemas/main.bicep index beda098c..e14cd77b 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/schemas/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/schemas/main.bicep @@ -4,30 +4,30 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { + virtualNetworkType: 'None' certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' publisherEmail: 'pub1@email.com' publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' } } resource schema 'Microsoft.ApiManagement/service/schemas@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { description: '' schemaType: 'xml' diff --git a/settings/remarks/microsoft.apimanagement/samples/service/subscriptions/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/subscriptions/main.bicep index bd723fb6..0a6817e8 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/subscriptions/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/subscriptions/main.bicep @@ -1,29 +1,33 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Developer' + } properties: { certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' @@ -31,42 +35,37 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { publisherName: 'pub1' virtualNetworkType: 'None' } - sku: { - capacity: 1 - name: 'Developer' - } -} - -resource product 'Microsoft.ApiManagement/service/products@2021-08-01' = { - parent: service - name: resourceName - properties: { - description: '' - displayName: 'Test Product' - state: 'published' - subscriptionRequired: true - terms: '' - } } resource subscription 'Microsoft.ApiManagement/service/subscriptions@2021-08-01' = { - parent: service name: '0f393927-8f2d-499d-906f-c03943328d31' + parent: service properties: { - allowTracing: true displayName: 'Butter Parser API Enterprise Edition' - ownerId: user.id scope: product.id state: 'submitted' + allowTracing: true } } resource user 'Microsoft.ApiManagement/service/users@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { email: 'azure-acctest230630032559695401@example.com' firstName: 'Acceptance' lastName: 'Test' } } + +resource product 'Microsoft.ApiManagement/service/products@2021-08-01' = { + name: resourceName + parent: service + properties: { + displayName: 'Test Product' + state: 'published' + subscriptionRequired: true + terms: '' + description: '' + } +} diff --git a/settings/remarks/microsoft.apimanagement/samples/service/tags/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/tags/main.bicep index bcdae209..72d8fb4e 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/tags/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/tags/main.bicep @@ -4,8 +4,11 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 0 + name: 'Consumption' + } properties: { - certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' @@ -18,17 +21,14 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { publisherEmail: 'pub1@email.com' publisherName: 'pub1' virtualNetworkType: 'None' - } - sku: { - capacity: 0 - name: 'Consumption' + certificates: [] } } resource tag 'Microsoft.ApiManagement/service/tags@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { - displayName: 'acctest0001' + displayName: '${resourceName}' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/users/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/users/main.bicep index cbb54ba1..e7fc0019 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/users/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/users/main.bicep @@ -4,42 +4,42 @@ param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Developer' + } properties: { + virtualNetworkType: 'None' certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' publisherEmail: 'pub1@email.com' publisherName: 'pub1' - virtualNetworkType: 'None' - } - sku: { - capacity: 1 - name: 'Developer' } } resource user 'Microsoft.ApiManagement/service/users@2021-08-01' = { - parent: service name: resourceName + parent: service properties: { email: 'azure-acctest230630032559695401@example.com' firstName: 'Acceptance' diff --git a/settings/remarks/microsoft.app/samples/containerapps/main.bicep b/settings/remarks/microsoft.app/samples/containerapps/main.bicep index 91f538b1..d37d69f7 100644 --- a/settings/remarks/microsoft.app/samples/containerapps/main.bicep +++ b/settings/remarks/microsoft.app/samples/containerapps/main.bicep @@ -1,6 +1,26 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { + name: resourceName + location: location + properties: { + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' + retentionInDays: 30 + sku: { + name: 'PerGB2018' + } + workspaceCapping: { + dailyQuotaGb: -1 + } + features: { + disableLocalAuth: false + enableLogAccessUsingOnlyResourcePermissions: true + } + } +} + resource containerApp 'Microsoft.App/containerApps@2022-03-01' = { name: resourceName location: location @@ -8,7 +28,6 @@ resource containerApp 'Microsoft.App/containerApps@2022-03-01' = { configuration: { activeRevisionsMode: 'Single' } - managedEnvironmentId: managedEnvironment.id template: { containers: [ { @@ -39,30 +58,9 @@ resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { appLogsConfiguration: { destination: 'log-analytics' logAnalyticsConfiguration: { - customerId: workspace.properties.customerId sharedKey: workspace.listKeys().primarySharedKey } } vnetConfiguration: {} } } - -resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { - name: resourceName - location: location - properties: { - features: { - disableLocalAuth: false - enableLogAccessUsingOnlyResourcePermissions: true - } - publicNetworkAccessForIngestion: 'Enabled' - publicNetworkAccessForQuery: 'Enabled' - retentionInDays: 30 - sku: { - name: 'PerGB2018' - } - workspaceCapping: { - dailyQuotaGb: -1 - } - } -} diff --git a/settings/remarks/microsoft.app/samples/jobs/main.bicep b/settings/remarks/microsoft.app/samples/jobs/main.bicep index 890a500a..47c804ce 100644 --- a/settings/remarks/microsoft.app/samples/jobs/main.bicep +++ b/settings/remarks/microsoft.app/samples/jobs/main.bicep @@ -14,7 +14,6 @@ resource job 'Microsoft.App/jobs@2025-01-01' = { replicaTimeout: 10 triggerType: 'Manual' } - environmentId: managedEnvironment.id template: { containers: [ { @@ -42,7 +41,6 @@ resource managedEnvironment 'Microsoft.App/managedEnvironments@2025-01-01' = { appLogsConfiguration: { destination: 'log-analytics' logAnalyticsConfiguration: { - customerId: workspace.properties.customerId sharedKey: workspace.listKeys().primarySharedKey } } diff --git a/settings/remarks/microsoft.app/samples/managedenvironments/certificates/main.bicep b/settings/remarks/microsoft.app/samples/managedenvironments/certificates/main.bicep index eb160a33..d9e9ac86 100644 --- a/settings/remarks/microsoft.app/samples/managedenvironments/certificates/main.bicep +++ b/settings/remarks/microsoft.app/samples/managedenvironments/certificates/main.bicep @@ -11,7 +11,6 @@ resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { appLogsConfiguration: { destination: 'log-analytics' logAnalyticsConfiguration: { - customerId: workspace.properties.customerId sharedKey: workspace.listKeys().primarySharedKey } } @@ -23,12 +22,6 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { - features: { - disableLocalAuth: false - enableLogAccessUsingOnlyResourcePermissions: true - } - publicNetworkAccessForIngestion: 'Enabled' - publicNetworkAccessForQuery: 'Enabled' retentionInDays: 30 sku: { name: 'PerGB2018' @@ -36,15 +29,21 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { workspaceCapping: { dailyQuotaGb: -1 } + features: { + disableLocalAuth: false + enableLogAccessUsingOnlyResourcePermissions: true + } + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' } } resource certificate 'Microsoft.App/managedEnvironments/certificates@2022-03-01' = { - parent: managedEnvironment name: resourceName location: location + parent: managedEnvironment properties: { - password: null + password: '${certificatePassword}' value: 'MIIKEQIBAzCCCdcGCSqGSIb3DQEHAaCCCcgEggnEMIIJwDCCBHcGCSqGSIb3DQEHBqCCBGgwggRkAgEAMIIEXQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIC/GU56w4YWICAggAgIIEME9dVUOUs44yTqMunA5mEqo8YC4evKVXEA8ESnlfh8QVNEpyWzxwx83t6tg0Dfjk4INCGnDrAxqhQ/685mWQ9IM7J944BTznoN6uK9EqMtDVwavqwapvVR+yCCzqCMIQWUrrAiUzNPFQELCaMg1S13pjHOVd0iJSxvJ98Dga35baMyheYnLYksz1OObCyrn4yAHoyVnenqZd46He0ZmQS3pUrnTYe3U56fZDapRE6peRL5ItIpFrytaV7+KLisQdpQKDPkeew/zaf+p1hT57EHfUFgBYWFMgN4f1egqkKKDrh112Z+C6CUlps5N0AYGZ+ozLMNd1t/x87gCH5AuNeQEIBfDkmhLvZWZ5vLOiEKAoAQxFaMK+U+Vih6msysaQ7NhFA+h/NMmdt9RPm9pV7X+Qq7KNKHnhMZ7mNqxKvdidPOj5UGqhnN/OXrY8MykoedDakwwE9ZCY3ZQS9IN8kjwl2m9gJy18A2hZK+m3jEYGfn6tDayN6eAod1q/OnP7Tujp06pZFZ8HyXIbTPApuFYXSbAWhdBuCHGj0PzthLRzN8iv3T1d46oaEjjQddpM683RWH+daFtXLX7gMH4QjHxRND3IxEzHOiehLwOr2w6bgzIEeXksDPqitz/RGLgs4f10B6cvkCuGTXUCAQcel2IN4fM7dpD5uyg40q+xaFjmF/OLRdjS1vCezDvxVbRpazZOxMFMPQykBFcInP4vKURZ09MujElbBHSiglNjYGEC8k1Ehcqmz9GqU5o+9JHYFr2AgRqIIyz7jIjCZxsD0psdVjIPSYac6Qze5BK+qq/cH/ilIaNq3WGgwCtPA1pcicVYAYwB4czTHUfteO1FjlGYqbGu1b4GA4HzPLBUjTaFla4FgnO7je4PT7A3u3xaVAsCC1rZWKM4atYmkckboC4XE14mYlU625Hoap/xvKW6cbVAucBRkxMps/bV1Pik6N3YLeG2KUMQ77yNDGgv3qZ6XpgJ1Um7QZyW1XdQqtktZBror0bNUsG3Kkp/XPNxWhJLPI3baY84dqoRsXaDIh7k+iV+UuX/Tz70PqWThwANHJ2BmkwXUY1cyiHqJ4mBnu9t/oitjVVYr3a5UGKDzQY6Tcjrp22npiDrnEKpdwqUeShqb0mO4cCAksYy6jh7Eirk1Gdlk/tbMBMCN16Wbsh3kk/i9utQAc4R6+VFq5+/26noW/Q24a4onRGjZ5+rUXlGDUjzssJPxXM6906qMZIpdMB2nZMUp4P6UcPgB3t8FQa8SJs3gIFTxmf9Dce1qloHeXGX7UZ3IGZRZPqxXuBOzCbKf5/M2c3Pe6Vl3Jt/LTN22ghKR4VrVz7Ron71NU+CCvH4LbOyEnnzWe1ePO6RCdpRcN1bUJYa1htvWKb9WUMywfLiKjC6Cx+ezfFZ1DYvXsjq6MzKq22/XE4/fM0wggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIGRXiBvDEL+QCAggABIIEyLn7jmjZLfuFF366QMW9j8TolTxeyuMxsaPnEmw1sIc9Y6IlKzCqzGt3qAgSgdTPV6flNJBcoI4oQFhes7EDcpNfrAxzIRBQYS7i2JC/T68GNfkTIlb0sq8oU4JgoGMXDPjhgQ3yUNkn4xnxfpxy7N1mo41LfJVovG8JsBtg0boV2OovxKYTVFg4X1W4KD+BcJMkI+gjlmHcrnWkDFEycEddxznZINaf9LiZsoSh6gvSGXSRBrmFkG5nWXB/Q25r6cxHm4ZNIKYLFyCV8waq5R1fnvuiT62BI8vYyD1NO+Py2FGFO3vqV/7KrrD8x9eijSv2+ooe220Lqi2lR8HNlwrgh9my4Fak6SzQC5E2iAStzZrRtUr3Xfs4di8ixwgpC6HAt/egOCocKI6aJhouJJoihrow4axeKYdsjKgXairNElIu0/aTdKXptdfXuAos2ct42AHDP3TVngH6q+2B8HPyokQjegr+WE6Jfw9aHeLIBIPK3pFAUqH7hDHFt2OM4GZDaDMesNYhFaX+IJqdIbvr97eaLDFgrhVhB4kvRw7E2VW2K9aXDmDlIRP2XmXEcbC31cKzV19A4W7rEuTdJ9IJb06sCmU/jIGSdm9g+fKKXd15K9D+U+kyhCwqzEZt0JYsJIzypq15nL+QQX61renMUwfU13H0RYjjvqU3CGH3shUGcl0FvQoMPQy1a04ZvOsGiqLlR3lkiEbov7a/prJCkH1AAwezUHiSrn/Y7rVWGLHyd4k6Hd7wBvzRia3MmYDertXdEiinyMqPBiVRdd/NkSkjiBgLpHl3VleKJzmrlLfENnMt2iLSr3ZbhmVpJfn6wMhsqdIbkQT3CcSIoVo91U8JL6U38s4kArKtjgHgSUtST6Aw2o06EOWvVSp2BpsLNth/s21vK7Z1xnrZ06fO/msj+ElzsmLpPVGFpG3D8MW1ULZd2VqtK6cPFPyaYjUE3ZahGn50/DIVaSikvv6Yh4YjMBksiBfsLdndvfIit29i/eRTd3T28WPmvY87k6uG8xgYoDlwXmrBHdl57NktM8ND+Z9HUww4/issZkvvh7MdU2YbDOQsBs2kIYf6h2udRpztXBpecyI2WmFW8tsKXhv4vdx+xldEwtHQL4/UWgofkNl2LeABpn00kRjZ+rybD2p7cCmXKQbM+I6Yu564hC1lffAMBrMT5yUFgzCdmkRJT+8xp1C/zxWGx16dFImpTIPNmjGBU6UcfBg+fpFocybQ8s+yb2Xoq/s/NxpYDO5vqQT/rpPtKCQls8DLMssGgGAyvZ+e0qCnfK5BKUKtxA0tz/mXZrt+Ty6w6KjdZ6Ntmjt546tXTBeRrCJZlwJmPKehpeN5HopDQ7LyWqrKXLGlArCLmB1Xz1LUR1vL4KD7RdO/93LWN5EWQDRtoZCVFU/tCqRh+s4Ljw5jsiFBCczoF3z3dDSid3VL864bXB2neq/wHHhChSnODo6HhdaPfGYSFw7m4kFh7tn3MimFyTdJGqtPdLckFCqckZsliZyCqEAu05xgQJqjrnBEH8B/z3Aq3hHWiR0z1v8jPc8MUlBGeaTjl29c8DSx7gBh7c0Qs0yTxHd1TcELijPvy5dwzEenBYXDCbaxPW0Vm9AHsHVF2A2iuzElMCMGCSqGSIb3DQEJFTEWBBRwppPHAzTboDcfcZuQ6/YqIKiy2zAxMCEwCQYFKw4DAhoFAAQUNIuVDYFIRiHWnbIWwMphIFjOWckECND1GYVTSUGNAgIIAA==' } } diff --git a/settings/remarks/microsoft.app/samples/managedenvironments/daprcomponents/main.bicep b/settings/remarks/microsoft.app/samples/managedenvironments/daprcomponents/main.bicep index 225e48b5..dedd0b74 100644 --- a/settings/remarks/microsoft.app/samples/managedenvironments/daprcomponents/main.bicep +++ b/settings/remarks/microsoft.app/samples/managedenvironments/daprcomponents/main.bicep @@ -1,21 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { - name: resourceName - location: location - properties: { - appLogsConfiguration: { - destination: 'log-analytics' - logAnalyticsConfiguration: { - customerId: workspace.properties.customerId - sharedKey: workspace.listKeys().primarySharedKey - } - } - vnetConfiguration: {} - } -} - resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location @@ -36,9 +21,23 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { } } +resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { + name: resourceName + location: location + properties: { + vnetConfiguration: {} + appLogsConfiguration: { + destination: 'log-analytics' + logAnalyticsConfiguration: { + sharedKey: workspace.listKeys().primarySharedKey + } + } + } +} + resource daprComponent 'Microsoft.App/managedEnvironments/daprComponents@2022-03-01' = { - parent: managedEnvironment name: resourceName + parent: managedEnvironment properties: { componentType: 'state.azure.blobstorage' ignoreErrors: false diff --git a/settings/remarks/microsoft.app/samples/managedenvironments/dotnetcomponents/main.bicep b/settings/remarks/microsoft.app/samples/managedenvironments/dotnetcomponents/main.bicep index 9e0a93f6..87123057 100644 --- a/settings/remarks/microsoft.app/samples/managedenvironments/dotnetcomponents/main.bicep +++ b/settings/remarks/microsoft.app/samples/managedenvironments/dotnetcomponents/main.bicep @@ -8,7 +8,6 @@ resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { appLogsConfiguration: { destination: 'log-analytics' logAnalyticsConfiguration: { - customerId: workspace.properties.customerId sharedKey: workspace.listKeys().primarySharedKey } } @@ -37,8 +36,8 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { } resource aspireDashboard 'Microsoft.App/managedEnvironments/dotNetComponents@2024-10-02-preview' = { - parent: managedEnvironment name: resourceName + parent: managedEnvironment properties: { componentType: 'AspireDashboard' configurations: [] diff --git a/settings/remarks/microsoft.app/samples/managedenvironments/main.bicep b/settings/remarks/microsoft.app/samples/managedenvironments/main.bicep index 88753ea0..d080d24d 100644 --- a/settings/remarks/microsoft.app/samples/managedenvironments/main.bicep +++ b/settings/remarks/microsoft.app/samples/managedenvironments/main.bicep @@ -6,11 +6,10 @@ resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { location: location properties: { appLogsConfiguration: { - destination: 'log-analytics' logAnalyticsConfiguration: { - customerId: workspace.properties.customerId sharedKey: workspace.listKeys().primarySharedKey } + destination: 'log-analytics' } vnetConfiguration: {} } diff --git a/settings/remarks/microsoft.app/samples/managedenvironments/storages/main.bicep b/settings/remarks/microsoft.app/samples/managedenvironments/storages/main.bicep index c819d4ca..2312f134 100644 --- a/settings/remarks/microsoft.app/samples/managedenvironments/storages/main.bicep +++ b/settings/remarks/microsoft.app/samples/managedenvironments/storages/main.bicep @@ -1,30 +1,14 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { - name: resourceName - location: location - properties: { - appLogsConfiguration: { - destination: 'log-analytics' - logAnalyticsConfiguration: { - customerId: workspace.properties.customerId - sharedKey: workspace.listKeys().primarySharedKey - } - } - vnetConfiguration: {} - } -} - resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { - accessTier: 'Hot' - allowBlobPublicAccess: true - allowCrossTenantReplication: true - allowSharedKeyAccess: true defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' @@ -38,6 +22,9 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } isHnsEnabled: false + supportsHttpsTrafficOnly: true + accessTier: 'Hot' + allowBlobPublicAccess: true isNfsV3Enabled: false isSftpEnabled: false minimumTlsVersion: 'TLS1_2' @@ -45,10 +32,8 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' + allowCrossTenantReplication: true + allowSharedKeyAccess: true } tags: { environment: 'accTest' @@ -59,6 +44,9 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { + workspaceCapping: { + dailyQuotaGb: -1 + } features: { disableLocalAuth: false enableLogAccessUsingOnlyResourcePermissions: true @@ -69,20 +57,31 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { sku: { name: 'PerGB2018' } - workspaceCapping: { - dailyQuotaGb: -1 + } +} + +resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { + name: resourceName + location: location + properties: { + appLogsConfiguration: { + destination: 'log-analytics' + logAnalyticsConfiguration: { + sharedKey: workspace.listKeys().primarySharedKey + } } + vnetConfiguration: {} } } resource storage 'Microsoft.App/managedEnvironments/storages@2022-03-01' = { - parent: managedEnvironment name: resourceName + parent: managedEnvironment properties: { azureFile: { accessMode: 'ReadWrite' accountKey: storageAccount.listKeys().keys[0].value - accountName: storageAccount.properties.name + accountName: storageAccount.name shareName: 'testsharehkez7' } } diff --git a/settings/remarks/microsoft.appconfiguration/samples/configurationstores/main.bicep b/settings/remarks/microsoft.appconfiguration/samples/configurationstores/main.bicep index e443bc1f..38511033 100644 --- a/settings/remarks/microsoft.appconfiguration/samples/configurationstores/main.bicep +++ b/settings/remarks/microsoft.appconfiguration/samples/configurationstores/main.bicep @@ -4,11 +4,11 @@ param location string = 'westeurope' resource configurationStore 'Microsoft.AppConfiguration/configurationStores@2023-03-01' = { name: resourceName location: location - properties: { - disableLocalAuth: false - enablePurgeProtection: false - } sku: { name: 'standard' } + properties: { + enablePurgeProtection: false + disableLocalAuth: false + } } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/apiportals/domains/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/apiportals/domains/main.bicep index f7d61a68..3c957a06 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/apiportals/domains/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/apiportals/domains/main.bicep @@ -4,32 +4,32 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'E0' } + properties: { + zoneRedundant: false + } } resource apiPortal 'Microsoft.AppPlatform/Spring/apiPortals@2023-05-01-preview' = { - parent: spring name: 'default' + parent: spring + sku: { + name: 'E0' + tier: 'Enterprise' + capacity: 1 + } properties: { gatewayIds: [] httpsOnly: false public: false } - sku: { - capacity: 1 - name: 'E0' - tier: 'Enterprise' - } } resource domain 'Microsoft.AppPlatform/Spring/apiPortals/domains@2023-05-01-preview' = { - parent: apiPortal name: '${resourceName}.azuremicroservices.io' + parent: apiPortal properties: { thumbprint: '' } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/apiportals/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/apiportals/main.bicep index 8397c83d..863457af 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/apiportals/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/apiportals/main.bicep @@ -4,25 +4,25 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'E0' } + properties: { + zoneRedundant: false + } } resource apiPortal 'Microsoft.AppPlatform/Spring/apiPortals@2023-05-01-preview' = { - parent: spring name: 'default' - properties: { - gatewayIds: [] - httpsOnly: false - public: false - } + parent: spring sku: { capacity: 1 name: 'E0' tier: 'Enterprise' } + properties: { + gatewayIds: [] + httpsOnly: false + public: false + } } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/applicationaccelerators/customizedaccelerators/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/applicationaccelerators/customizedaccelerators/main.bicep index cae0847c..b1011c14 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/applicationaccelerators/customizedaccelerators/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/applicationaccelerators/customizedaccelerators/main.bicep @@ -4,22 +4,22 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'E0' } + properties: { + zoneRedundant: false + } } resource applicationAccelerator 'Microsoft.AppPlatform/Spring/applicationAccelerators@2023-05-01-preview' = { - parent: spring name: 'default' + parent: spring } resource customizedAccelerator 'Microsoft.AppPlatform/Spring/applicationAccelerators/customizedAccelerators@2023-05-01-preview' = { - parent: applicationAccelerator name: resourceName + parent: applicationAccelerator properties: { description: '' displayName: '' diff --git a/settings/remarks/microsoft.appplatform/samples/spring/applicationaccelerators/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/applicationaccelerators/main.bicep index 63c0908a..de11f7a9 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/applicationaccelerators/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/applicationaccelerators/main.bicep @@ -4,15 +4,15 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'E0' } + properties: { + zoneRedundant: false + } } resource applicationAccelerator 'Microsoft.AppPlatform/Spring/applicationAccelerators@2023-05-01-preview' = { - parent: spring name: 'default' + parent: spring } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/applicationliveviews/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/applicationliveviews/main.bicep index bfd66a0c..97507179 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/applicationliveviews/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/applicationliveviews/main.bicep @@ -4,15 +4,15 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'E0' } + properties: { + zoneRedundant: false + } } resource applicationLiveView 'Microsoft.AppPlatform/Spring/applicationLiveViews@2023-05-01-preview' = { - parent: spring name: 'default' + parent: spring } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/apps/bindings/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/apps/bindings/main.bicep index f1b5e915..305a460f 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/apps/bindings/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/apps/bindings/main.bicep @@ -4,47 +4,47 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'S0' } -} - -resource redis 'Microsoft.Cache/redis@2023-04-01' = { - name: resourceName - location: location properties: { - enableNonSslPort: true - minimumTlsVersion: '1.2' - sku: { - capacity: 2 - family: 'C' - name: 'Standard' - } + zoneRedundant: false } } resource app 'Microsoft.AppPlatform/Spring/apps@2023-05-01-preview' = { - parent: spring name: resourceName location: location + parent: spring properties: { - customPersistentDisks: [] enableEndToEndTLS: false public: false + customPersistentDisks: [] } } resource binding 'Microsoft.AppPlatform/Spring/apps/bindings@2023-05-01-preview' = { - parent: app name: resourceName + parent: app properties: { bindingParameters: { useSsl: 'true' } - key: 'redis.listKeys().primaryKey' + key: redis.listKeys().primaryKey resourceId: redis.id } } + +resource redis 'Microsoft.Cache/redis@2023-04-01' = { + name: resourceName + location: location + properties: { + sku: { + capacity: 2 + family: 'C' + name: 'Standard' + } + enableNonSslPort: true + minimumTlsVersion: '1.2' + } +} diff --git a/settings/remarks/microsoft.appplatform/samples/spring/apps/deployments/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/apps/deployments/main.bicep index 0d143257..ad6f5344 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/apps/deployments/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/apps/deployments/main.bicep @@ -4,18 +4,18 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'E0' } + properties: { + zoneRedundant: false + } } resource app 'Microsoft.AppPlatform/Spring/apps@2023-05-01-preview' = { - parent: spring name: resourceName location: location + parent: spring properties: { customPersistentDisks: [] enableEndToEndTLS: false @@ -24,26 +24,26 @@ resource app 'Microsoft.AppPlatform/Spring/apps@2023-05-01-preview' = { } resource deployment 'Microsoft.AppPlatform/Spring/apps/deployments@2023-05-01-preview' = { - parent: app name: resourceName + parent: app + sku: { + capacity: 1 + name: 'E0' + tier: 'Enterprise' + } properties: { deploymentSettings: { environmentVariables: {} } source: { customContainer: { - args: [] command: [] containerImage: 'springio/gs-spring-boot-docker' languageFramework: '' server: 'docker.io' + args: [] } type: 'Container' } } - sku: { - capacity: 1 - name: 'E0' - tier: 'Enterprise' - } } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/apps/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/apps/main.bicep index f0248f20..e7c50085 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/apps/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/apps/main.bicep @@ -4,21 +4,21 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'E0' } + properties: { + zoneRedundant: false + } } resource app 'Microsoft.AppPlatform/Spring/apps@2023-05-01-preview' = { - parent: spring name: resourceName location: location + parent: spring properties: { - customPersistentDisks: [] enableEndToEndTLS: false public: false + customPersistentDisks: [] } } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/buildservices/builders/buildpackbindings/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/buildservices/builders/buildpackbindings/main.bicep index 21a9abab..abcadd49 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/buildservices/builders/buildpackbindings/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/buildservices/builders/buildpackbindings/main.bicep @@ -4,17 +4,17 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'E0' } + properties: { + zoneRedundant: false + } } resource buildService 'Microsoft.AppPlatform/Spring/buildServices@2023-05-01-preview' = { - parent: spring name: 'default' + parent: spring properties: {} } @@ -39,8 +39,8 @@ resource builder 'Microsoft.AppPlatform/Spring/buildServices/builders@2023-05-01 } resource buildpackBinding 'Microsoft.AppPlatform/Spring/buildServices/builders/buildpackBindings@2023-05-01-preview' = { - parent: builder name: resourceName + parent: builder properties: { bindingType: 'ApplicationInsights' } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/buildservices/builders/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/buildservices/builders/main.bicep index 649a93ba..968bf270 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/buildservices/builders/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/buildservices/builders/main.bicep @@ -1,23 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { - name: resourceName - location: location - properties: { - zoneRedundant: false - } - sku: { - name: 'E0' - } -} - -resource buildService 'Microsoft.AppPlatform/Spring/buildServices@2023-05-01-preview' = { - parent: spring - name: 'default' - properties: {} -} - resource builder 'Microsoft.AppPlatform/Spring/buildServices/builders@2023-05-01-preview' = { name: resourceName properties: { @@ -37,3 +20,20 @@ resource builder 'Microsoft.AppPlatform/Spring/buildServices/builders@2023-05-01 } } } + +resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { + name: resourceName + location: location + sku: { + name: 'E0' + } + properties: { + zoneRedundant: false + } +} + +resource buildService 'Microsoft.AppPlatform/Spring/buildServices@2023-05-01-preview' = { + name: 'default' + parent: spring + properties: {} +} diff --git a/settings/remarks/microsoft.appplatform/samples/spring/configservers/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/configservers/main.bicep index d683b9a9..f0a27f4b 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/configservers/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/configservers/main.bicep @@ -4,17 +4,17 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'S0' } + properties: { + zoneRedundant: false + } } resource configServer 'Microsoft.AppPlatform/Spring/configServers@2023-05-01-preview' = { - parent: spring name: 'default' + parent: spring properties: { configServer: {} } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/configurationservices/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/configurationservices/main.bicep index 9650fb4d..13158829 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/configurationservices/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/configurationservices/main.bicep @@ -1,20 +1,20 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'E0' } + properties: { + zoneRedundant: false + } } resource configurationService 'Microsoft.AppPlatform/Spring/configurationServices@2023-05-01-preview' = { - parent: spring name: 'default' + parent: spring properties: { settings: { gitProperty: {} diff --git a/settings/remarks/microsoft.appplatform/samples/spring/devtoolportals/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/devtoolportals/main.bicep index 95f0bda9..80b5d0bd 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/devtoolportals/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/devtoolportals/main.bicep @@ -1,21 +1,22 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'E0' } + properties: { + zoneRedundant: false + } } -resource devtoolportal 'Microsoft.AppPlatform/Spring/DevToolPortals@2023-05-01-preview' = { - parent: spring +resource devToolPortal 'Microsoft.AppPlatform/Spring/DevToolPortals@2023-05-01-preview' = { name: 'default' + parent: spring properties: { + public: false features: { applicationAccelerator: { state: 'Disabled' @@ -24,6 +25,5 @@ resource devtoolportal 'Microsoft.AppPlatform/Spring/DevToolPortals@2023-05-01-p state: 'Disabled' } } - public: false } } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/gateways/domains/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/gateways/domains/main.bicep index e0e7e5ac..d3b511ce 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/gateways/domains/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/gateways/domains/main.bicep @@ -4,31 +4,31 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'E0' } + properties: { + zoneRedundant: false + } } resource gateway 'Microsoft.AppPlatform/Spring/gateways@2023-05-01-preview' = { - parent: spring name: 'default' - properties: { - httpsOnly: false - public: false - } + parent: spring sku: { capacity: 1 name: 'E0' tier: 'Enterprise' } + properties: { + httpsOnly: false + public: false + } } resource domain 'Microsoft.AppPlatform/Spring/gateways/domains@2023-05-01-preview' = { - parent: gateway name: '${resourceName}.azuremicroservices.io' + parent: gateway properties: { thumbprint: '' } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/gateways/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/gateways/main.bicep index 4d3c60fa..f11837f6 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/gateways/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/gateways/main.bicep @@ -4,24 +4,24 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'E0' } + properties: { + zoneRedundant: false + } } resource gateway 'Microsoft.AppPlatform/Spring/gateways@2023-05-01-preview' = { - parent: spring name: 'default' - properties: { - httpsOnly: false - public: false - } + parent: spring sku: { capacity: 1 name: 'E0' tier: 'Enterprise' } + properties: { + httpsOnly: false + public: false + } } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/gateways/routeconfigs/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/gateways/routeconfigs/main.bicep index dd36bcdb..5bf03fd5 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/gateways/routeconfigs/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/gateways/routeconfigs/main.bicep @@ -4,18 +4,18 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'E0' } + properties: { + zoneRedundant: false + } } resource app 'Microsoft.AppPlatform/Spring/apps@2023-05-01-preview' = { - parent: spring name: resourceName location: location + parent: spring properties: { customPersistentDisks: [] enableEndToEndTLS: false @@ -24,22 +24,22 @@ resource app 'Microsoft.AppPlatform/Spring/apps@2023-05-01-preview' = { } resource gateway 'Microsoft.AppPlatform/Spring/gateways@2023-05-01-preview' = { - parent: spring name: 'default' - properties: { - httpsOnly: false - public: false - } + parent: spring sku: { capacity: 1 name: 'E0' tier: 'Enterprise' } + properties: { + httpsOnly: false + public: false + } } resource routeConfig 'Microsoft.AppPlatform/Spring/gateways/routeConfigs@2023-05-01-preview' = { - parent: gateway name: resourceName + parent: gateway properties: { appResourceId: app.id protocol: 'HTTP' diff --git a/settings/remarks/microsoft.appplatform/samples/spring/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/main.bicep index 0a56e401..bc5107b6 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/main.bicep @@ -4,10 +4,10 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'S0' } + properties: { + zoneRedundant: false + } } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/monitoringsettings/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/monitoringsettings/main.bicep index 78031b28..c56f9199 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/monitoringsettings/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/monitoringsettings/main.bicep @@ -4,17 +4,17 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'S0' } + properties: { + zoneRedundant: false + } } resource monitoringSetting 'Microsoft.AppPlatform/Spring/monitoringSettings@2023-05-01-preview' = { - parent: spring name: 'default' + parent: spring properties: { traceEnabled: false } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/storages/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/storages/main.bicep index caebb15d..55dbcca3 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/storages/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/storages/main.bicep @@ -4,24 +4,31 @@ param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location - properties: { - zoneRedundant: false - } sku: { name: 'S0' } + properties: { + zoneRedundant: false + } } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_GRS' + } kind: 'StorageV2' properties: { + supportsHttpsTrafficOnly: true accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: true - allowSharedKeyAccess: true defaultToOAuthAuthentication: false + isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false + allowSharedKeyAccess: true encryption: { keySource: 'Microsoft.Storage' services: { @@ -33,24 +40,17 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } - isHnsEnabled: false - isNfsV3Enabled: false - isSftpEnabled: false minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_GRS' } } resource storage 'Microsoft.AppPlatform/Spring/storages@2023-05-01-preview' = { - parent: spring name: resourceName + parent: spring properties: { accountKey: storageAccount.listKeys().keys[0].value accountName: storageAccount.name diff --git a/settings/remarks/microsoft.authorization/samples/locks/main.bicep b/settings/remarks/microsoft.authorization/samples/locks/main.bicep index 01847652..e8a708da 100644 --- a/settings/remarks/microsoft.authorization/samples/locks/main.bicep +++ b/settings/remarks/microsoft.authorization/samples/locks/main.bicep @@ -1,18 +1,13 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' - -resource lock 'Microsoft.Authorization/locks@2020-05-01' = { - scope: publicIPAddress - name: resourceName - properties: { - level: 'CanNotDelete' - notes: '' - } -} +param resourceName string = 'acctest0001' resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { name: resourceName location: location + sku: { + name: 'Basic' + tier: 'Regional' + } properties: { ddosSettings: { protectionMode: 'VirtualNetworkInherited' @@ -21,8 +16,13 @@ resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { publicIPAddressVersion: 'IPv4' publicIPAllocationMethod: 'Static' } - sku: { - name: 'Basic' - tier: 'Regional' +} + +resource lock 'Microsoft.Authorization/locks@2020-05-01' = { + name: resourceName + scope: publicIPAddress + properties: { + level: 'CanNotDelete' + notes: '' } } diff --git a/settings/remarks/microsoft.authorization/samples/policyassignments/main.bicep b/settings/remarks/microsoft.authorization/samples/policyassignments/main.bicep index 13204f20..1fbf1e03 100644 --- a/settings/remarks/microsoft.authorization/samples/policyassignments/main.bicep +++ b/settings/remarks/microsoft.authorization/samples/policyassignments/main.bicep @@ -1,9 +1,11 @@ targetScope = 'subscription' param resourceName string = 'acctest0001' +param location string = 'eastus' resource policyAssignment 'Microsoft.Authorization/policyAssignments@2022-06-01' = { name: resourceName + scope: subscription() properties: { displayName: '' enforcementMode: 'Default' @@ -16,7 +18,6 @@ resource policyAssignment 'Microsoft.Authorization/policyAssignments@2022-06-01' ] } } - policyDefinitionId: policyDefinition.id scope: subscription().id } } @@ -24,6 +25,18 @@ resource policyAssignment 'Microsoft.Authorization/policyAssignments@2022-06-01' resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' = { name: resourceName properties: { + policyRule: { + if: { + not: { + field: 'location' + in: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} + } + } + then: { + effect: 'audit' + } + } + policyType: 'Custom' description: '' displayName: 'my-policy-definition' mode: 'All' @@ -37,17 +50,5 @@ resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' type: 'Array' } } - policyRule: { - if: { - not: { - field: 'location' - in: '[parameters(\'allowedLocations\')]' - } - } - then: { - effect: 'audit' - } - } - policyType: 'Custom' } } diff --git a/settings/remarks/microsoft.authorization/samples/policydefinitions/main.bicep b/settings/remarks/microsoft.authorization/samples/policydefinitions/main.bicep index e4cd4a97..59418177 100644 --- a/settings/remarks/microsoft.authorization/samples/policydefinitions/main.bicep +++ b/settings/remarks/microsoft.authorization/samples/policydefinitions/main.bicep @@ -1,5 +1,6 @@ targetScope = 'subscription' +param location string = 'eastus' param resourceName string = 'acctest0001' resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' = { @@ -10,19 +11,19 @@ resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' mode: 'All' parameters: { allowedLocations: { + type: 'Array' metadata: { description: 'The list of allowed locations for resources.' displayName: 'Allowed locations' strongType: 'location' } - type: 'Array' } } policyRule: { if: { not: { field: 'location' - in: '[parameters(\'allowedLocations\')]' + in: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} } } then: { diff --git a/settings/remarks/microsoft.authorization/samples/policyexemptions/main.bicep b/settings/remarks/microsoft.authorization/samples/policyexemptions/main.bicep index 0b94be00..fd565362 100644 --- a/settings/remarks/microsoft.authorization/samples/policyexemptions/main.bicep +++ b/settings/remarks/microsoft.authorization/samples/policyexemptions/main.bicep @@ -1,13 +1,15 @@ targetScope = 'subscription' +param location string = 'eastus' param resourceName string = 'acctest0001' resource policyAssignment 'Microsoft.Authorization/policyAssignments@2022-06-01' = { name: resourceName + location: 'westeurope' + scope: subscription() properties: { displayName: '' enforcementMode: 'Default' - policyDefinitionId: policyDefinition.id scope: subscription().id } } @@ -15,24 +17,11 @@ resource policyAssignment 'Microsoft.Authorization/policyAssignments@2022-06-01' resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' = { name: resourceName properties: { - description: '' - displayName: 'my-policy-definition' - mode: 'All' - parameters: { - allowedLocations: { - metadata: { - description: 'The list of allowed locations for resources.' - displayName: 'Allowed locations' - strongType: 'location' - } - type: 'Array' - } - } policyRule: { if: { not: { field: 'location' - in: '[parameters(\'allowedLocations\')]' + in: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} } } then: { @@ -40,11 +29,25 @@ resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' } } policyType: 'Custom' + description: '' + displayName: 'my-policy-definition' + mode: 'All' + parameters: { + allowedLocations: { + type: 'Array' + metadata: { + strongType: 'location' + description: 'The list of allowed locations for resources.' + displayName: 'Allowed locations' + } + } + } } } resource policyExemption 'Microsoft.Authorization/policyExemptions@2020-07-01-preview' = { name: resourceName + scope: subscription() properties: { exemptionCategory: 'Mitigated' policyAssignmentId: policyAssignment.id diff --git a/settings/remarks/microsoft.authorization/samples/policysetdefinitions/main.bicep b/settings/remarks/microsoft.authorization/samples/policysetdefinitions/main.bicep index 9dd7d3ef..ced28763 100644 --- a/settings/remarks/microsoft.authorization/samples/policysetdefinitions/main.bicep +++ b/settings/remarks/microsoft.authorization/samples/policysetdefinitions/main.bicep @@ -1,5 +1,6 @@ targetScope = 'subscription' +param location string = 'westus' param resourceName string = 'acctest0001' resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' = { @@ -22,7 +23,7 @@ resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' if: { not: { field: 'location' - in: '[parameters(\'allowedLocations\')]' + in: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} } } then: { @@ -36,14 +37,15 @@ resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' resource policySetDefinition 'Microsoft.Authorization/policySetDefinitions@2025-01-01' = { name: 'acctestpolset-${resourceName}' properties: { + policyType: 'Custom' description: '' - displayName: 'acctestpolset-acctest0001' + displayName: 'acctestpolset-${resourceName}' parameters: { allowedLocations: { metadata: { + strongType: 'location' description: 'The list of allowed locations for resources.' displayName: 'Allowed locations' - strongType: 'location' } type: 'Array' } @@ -53,13 +55,12 @@ resource policySetDefinition 'Microsoft.Authorization/policySetDefinitions@2025- groupNames: [] parameters: { listOfAllowedLocations: { - value: '[parameters(\'allowedLocations\')]' + value: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} } } policyDefinitionId: policyDefinition.id policyDefinitionReferenceId: '' } ] - policyType: 'Custom' } } diff --git a/settings/remarks/microsoft.authorization/samples/roledefinitions/main.bicep b/settings/remarks/microsoft.authorization/samples/roledefinitions/main.bicep index 5f726a3e..1c5be7d6 100644 --- a/settings/remarks/microsoft.authorization/samples/roledefinitions/main.bicep +++ b/settings/remarks/microsoft.authorization/samples/roledefinitions/main.bicep @@ -1,10 +1,12 @@ targetScope = 'subscription' param resourceName string = 'acctest0001' +param location string = 'eastus' resource roleDefinition 'Microsoft.Authorization/roleDefinitions@2018-01-01-preview' = { name: '6faae21a-0cd6-4536-8c23-a278823d12ed' properties: { + type: 'CustomRole' assignableScopes: [ subscription().id ] @@ -19,7 +21,6 @@ resource roleDefinition 'Microsoft.Authorization/roleDefinitions@2018-01-01-prev notDataActions: [] } ] - roleName: 'acctest0001' - type: 'CustomRole' + roleName: resourceName } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/certificates/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/certificates/main.bicep index e4863be0..5d4a62b3 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/certificates/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/certificates/main.bicep @@ -16,8 +16,8 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' } resource certificate 'Microsoft.Automation/automationAccounts/certificates@2020-01-13-preview' = { - parent: automationAccount name: resourceName + parent: automationAccount properties: { base64Value: 'MIIJXQIBAzCCCSMGCSqGSIb3DQEHAaCCCRQEggkQMIIJDDCCA0cGCSqGSIb3DQEHBqCCAzgwggM0AgEAMIIDLQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIgZpS0MR7AtwCAggAgIIDABD/o+pR2WXdr9RKUXVH3+L5/iNcSEAf5IFtBs2DftFE4wF+y32TUsp67M0LY4YfGLs3UEyv6qL2Mf1/nHRL87CaKWza9Dzz1H+TWIffA2fj/AsqLr+6QDJ4Ur9cvmvqdL2xL0hfmWt3RwCn7F0JLBfwLeColacsLkEqwqStGkFvjQ8r2CJ+E0xZ8GRzOdT8TOz0cGNzDl3dkSeRGYqDQ5/5NlGE6n3MJTqhullbff61hM6NBEZyB9xhNNs6zkT5j6Askx40YFpEStdFJ1TQSRMLDoCEpb6lqYY+HQ07ezoxYKvK/XMq43eN15sZz320ktkEkUF5ICyAry+ud1Cd6ReSV6ai4JvOaZGNwLVuFxinAq8TXqpBlqLOQSJCA6dItWo1O4snfPKTqblj8LxRYecLR8Pl9R55iVf2rh6p70b89UviTWrdlnUxhz3Ilb2CDC1dFIZCy8/qVA7pT0NwfNrhCIqv+qUrIRdhMAJkifa61EIQPUKJaWJutpnBHg82T1FKKpuIqgQvHnsctrQegW1KdF1WJKa/p8knRbKKeID4TQxM/c5+GdP+wAfsNjEedoZ4Z9Ud69ZMGYHrv21CgdafSzfhSecuz89kDzG8XNVXjIjhRA3aRkxMXK+xPD2ikmy0kZjBchpTbzy7zfC8SHfKypUkYTSqbQKakgqSQY9Ydd0XxGS+GovQ4TgCDr1qHCP8KYhtYbuW8PPDUblhLOxJzP3AzDbmMuZfFrRzUrq24F8FgOVvFiGrvLVgOXzMOX+mah+cli5fw3XqnBeu72yYhhXi/jxCHZ4C8I2T0okcCu016f4a0T9+dx///F7HsEjIkGI/Vrpiqiwclu1BXdiUwGpWBDvMHjTa0nD/2mqMZzSD6KclmeuQEzGLcgbVUzcg2VYGMfw8PHlDJNCJVZKf6TaK39+M+tW1BRB4/vSjBeZ2rSHDHzIykUGWmowPnb8mb50CaRa3k1iqhGmzcIaGbsDupPc+lTXB+VuaDQT+WAquINnhKQqIsgopDvmh1zCCBb0GCSqGSIb3DQEHAaCCBa4EggWqMIIFpjCCBaIGCyqGSIb3DQEMCgECoIIE7jCCBOowHAYKKoZIhvcNAQwBAzAOBAicxAYjkBRUlAICCAAEggTI6TAZVzV4qOBs34TeAIembvZyAxzknzIMB1jdKWQJgRXbeICY9v4ch68ilhKJGkzexOwqaEcOuB7rG8GKw4f+DIimLTSpHdKXpqVlUbhapQxnKvOvrcX3jJrfBmXu7cqaEXwol5b6Sx4zKbryAyNqACHxD2XOeUFG0man/aoVrJVfyLgv4i+K/I3hNwtaX4NY4Yegmlm05MH+pInHmt2lNKLKJhwgMiImarmoixFymSvt/4bqBfZMzXf4iWzacK+MjHVLZL6B7AeY026AGEOmlH/yEQCpee/LXzkpG3iAABQlVPuioYTv7svTiEi9IQa3qg2xjLQKAC8rsaUabNZ4rRJgmU2BNrzhgkNpKCjtLqpXMUB+hGi8njlLVciIxjElG3xpu829sNCm/hnXUyTiGvamNbQ0LfsFBttXX0OtnYeWoaBQMUsPsnc7HqsPVo2TD29PMs6Pgh2k6H6L7HSUWv5TN7kRFujDGCG79AKjSHTlF6htrioo3ZZRxUMOAWB4KBrLxLrR3Fs1B5etvvUd+nG2GY4sKZf2ezwblfjCqNYX2CmbH8xT+2L0WRBfp+QsOEZP8VnBpO1uSLhqogIr4fs10sWq9CZ8fnE4NRGgb1Di++8OSeXxSiIJox4zsME8HjePUKTajO2l/q22D29CCMh6aPW2cWQSDBbHE80UMrb2ewa/lKohviqm1Z/BaHRyqAf4J5szrroQe0KrFGk/7ju3s4xZ3qagg+vhgQin8csHrolq1mW2RiTSzNgPyTP54axZqAXO75LxcYoexsxZi1anvubc8L49kuD6Sra8SU9Op0GYSLQwtVug0IqYaQbZFiN8CW5cxG6T1F6CBSM91xBBld3Cq8xwTltOBG1u1jXgMHWTeXCBzBPADC8zmJ8Xth4ZBRdOj8krUQI07feTz+xFhVRs4FHgimJBzv9HtqvDaZFUajQyBLRucTqC5pj4bVcZCKPAwTr4dpgb0C4OvYJD92YDI5h1lUgdC1oRERf9gv0j+gfOJwnDNPq8WwmdvHbYdoATPqIqLcfFig5bElX1BRQGnP6CmfUzU/yiN48saHoYw0Xsg/C6pBvI9daxz/8qpsAjacJw/SkUveqLxkSvrRyiDm6mnTb0L/tl/wk0KwOT5SkR7viD7GvG5ChSr9nhfIjcOXEuorNEe8bEgrwrQqinCz9Q3UGZI0ZdsvI+2eK9YRgyp4p2Z4skXlPZP2p9MbTJDLdIAwFsvtwCBfM/SQc93YkkIvT6JQvAs9krhnWbMg5jpgQR7gRZvUyLkscxq1Q0hFmWQ9eeyACgOmC8iC6tjANLaAM9gu6i8PnTWIgy5DKzxyCi8ql0JgCtT+oMVz9bA8HY9sxB5v+qSssQB2j110URUTw77XFHfmas8vR7fajhuOTgBN5ohyidHSC3LlKv6l5r1NbI+66nYDabJn/DEk2VpkJ2+0HhmiW6mTqGSTf2P1prHzGXKnQpxodr5s5Z/X94Nwc3jyhZcDkOOEDpw0DvrwBjjhaTRnMvA7x1Re8aBQC9+5cXnG45x6AGMI1kB/wwE9PLZM7EiyTh2mj2cqZQ84H9uG2MhSBMMKC8fDxB/rezV+2HF4gBHOYbLw6YBZKXVvL1sb07yMOhirBcs1eOMYGgMCMGCSqGSIb3DQEJFTEWBBSuuXuBpo6JiIUJcpFqi4ts2POYEzB5BgkrBgEEAYI3EQExbB5qAE0AaQBjAHIAbwBzAG8AZgB0ACAARQBuAGgAYQBuAGMAZQBkACAAUgBTAEEAIABhAG4AZAAgAEEARQBTACAAQwByAHkAcAB0AG8AZwByAGEAcABoAGkAYwAgAFAAcgBvAHYAaQBkAGUAcjAxMCEwCQYFKw4DAhoFAAQUbe4FrGhxVExQjYdlCaXBHX2nbG4ECAHH8i4dQCJDAgIIAA==' description: '' diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/configurations/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/configurations/main.bicep index bb8b1030..dd7b0c94 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/configurations/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/configurations/main.bicep @@ -5,27 +5,27 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' name: resourceName location: location properties: { - encryption: { - keySource: 'Microsoft.Automation' - } publicNetworkAccess: true sku: { name: 'Basic' } + encryption: { + keySource: 'Microsoft.Automation' + } } } resource configuration 'Microsoft.Automation/automationAccounts/configurations@2022-08-08' = { - parent: automationAccount name: resourceName location: location + parent: automationAccount properties: { - description: 'test' - logVerbose: false source: { type: 'embeddedContent' value: 'configuration acctest {}' } + description: 'test' + logVerbose: false } tags: { ENV: 'prod' diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/connections/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/connections/main.bicep index d8df2325..ac22283e 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/connections/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/connections/main.bicep @@ -18,19 +18,19 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' } resource connection 'Microsoft.Automation/automationAccounts/connections@2020-01-13-preview' = { - parent: automationAccount name: resourceName + parent: automationAccount properties: { connectionType: { name: 'AzureServicePrincipal' } description: '' fieldDefinitionValues: { - ApplicationId: null CertificateThumbprint: '''AEB97B81A68E8988850972916A8B8B6CD8F39813 ''' SubscriptionId: subscription().subscriptionId - TenantId: deployer().tenantId + TenantId: tenant().tenantId + ApplicationId: servicePrincipalApplicationId } } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/connectiontypes/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/connectiontypes/main.bicep index 192e8d59..dc30d716 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/connectiontypes/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/connectiontypes/main.bicep @@ -5,19 +5,19 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' name: resourceName location: location properties: { + sku: { + name: 'Basic' + } encryption: { keySource: 'Microsoft.Automation' } publicNetworkAccess: true - sku: { - name: 'Basic' - } } } resource connectionType 'Microsoft.Automation/automationAccounts/connectionTypes@2020-01-13-preview' = { - parent: automationAccount name: resourceName + parent: automationAccount properties: { fieldDefinitions: { my_def: { diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/credentials/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/credentials/main.bicep index 92ad0950..b7e13255 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/credentials/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/credentials/main.bicep @@ -19,11 +19,11 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' } resource credential 'Microsoft.Automation/automationAccounts/credentials@2020-01-13-preview' = { - parent: automationAccount name: resourceName + parent: automationAccount properties: { description: '' - password: null + password: '${automationCredentialPassword}' userName: 'test_user' } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/hybridrunbookworkers/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/hybridrunbookworkers/main.bicep index 7782f89a..bb4e8884 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/hybridrunbookworkers/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/hybridrunbookworkers/main.bicep @@ -1,23 +1,62 @@ +@secure() +@description('The administrator password for the virtual machine') +param vmAdminPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' @secure() @description('The password for the automation account hybrid runbook worker') param automationWorkerPassword string -@secure() -@description('The administrator password for the virtual machine') -param vmAdminPassword string resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' = { name: resourceName location: location properties: { - encryption: { - keySource: 'Microsoft.Automation' - } publicNetworkAccess: true sku: { name: 'Basic' } + encryption: { + keySource: 'Microsoft.Automation' + } + } +} + +resource credential 'Microsoft.Automation/automationAccounts/credentials@2020-01-13-preview' = { + name: resourceName + parent: automationAccount + properties: { + description: '' + password: '${automationWorkerPassword}' + userName: 'test_user' + } +} + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { + name: 'internal' + parent: virtualNetwork + properties: { + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] + addressPrefix: '10.0.2.0/24' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' } } @@ -34,20 +73,30 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { primary: true privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - subnet: { - id: subnet.id - } + subnet: {} } } ] } } +resource hybridRunbookWorkerGroup 'Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups@2021-06-22' = { + name: resourceName + parent: automationAccount +} + +resource hybridRunbookWorker 'Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/hybridRunbookWorkers@2021-06-22' = { + name: 'c7714056-5ba8-4bbe-920e-2993171164eb' + parent: hybridRunbookWorkerGroup + properties: { + vmResourceId: virtualMachine.id + } +} + resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { name: resourceName location: location properties: { - additionalCapabilities: {} applicationProfile: { galleryApplications: [] } @@ -57,7 +106,6 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { storageUri: '' } } - extensionsTimeBudget: 'PT1H30M' hardwareProfile: { vmSize: 'Standard_D2s_v3' } @@ -72,10 +120,10 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { ] } osProfile: { - adminPassword: null + adminPassword: vmAdminPassword adminUsername: 'adminuser' allowExtensionOperations: true - computerName: 'acctest0001' + computerName: resourceName linuxConfiguration: { disablePasswordAuthentication: false patchSettings: { @@ -89,14 +137,13 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { } secrets: [] } - priority: 'Regular' storageProfile: { dataDisks: [] imageReference: { + version: 'latest' offer: 'UbuntuServer' publisher: 'Canonical' sku: '16.04-LTS' - version: 'latest' } osDisk: { caching: 'ReadWrite' @@ -108,60 +155,8 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { writeAcceleratorEnabled: false } } - } -} - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: resourceName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - subnets: [] - } -} - -resource credential 'Microsoft.Automation/automationAccounts/credentials@2020-01-13-preview' = { - parent: automationAccount - name: resourceName - properties: { - description: '' - password: null - userName: 'test_user' - } -} - -resource hybridRunbookWorkerGroup 'Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups@2021-06-22' = { - parent: automationAccount - name: resourceName - credential: { - name: credential.name - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork - name: 'internal' - properties: { - addressPrefix: '10.0.2.0/24' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] - } -} - -resource hybridRunbookWorker 'Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/hybridRunbookWorkers@2021-06-22' = { - parent: hybridRunbookWorkerGroup - name: 'c7714056-5ba8-4bbe-920e-2993171164eb' - properties: { - vmResourceId: virtualMachine.id + additionalCapabilities: {} + extensionsTimeBudget: 'PT1H30M' + priority: 'Regular' } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/main.bicep index 07bf40b6..ae163f2a 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/main.bicep @@ -1,8 +1,8 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @secure() @description('The password for the automation account credential') param credentialPassword string +param resourceName string = 'acctest0001' resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' = { name: resourceName @@ -19,19 +19,16 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' } resource credential 'Microsoft.Automation/automationAccounts/credentials@2020-01-13-preview' = { - parent: automationAccount name: resourceName + parent: automationAccount properties: { description: '' - password: null + password: '${credentialPassword}' userName: 'test_user' } } resource hybridRunbookWorkerGroup 'Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups@2021-06-22' = { - parent: automationAccount name: resourceName - credential: { - name: credential.name - } + parent: automationAccount } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/modules/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/modules/main.bicep index d664d2d8..fe6099c5 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/modules/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/modules/main.bicep @@ -5,19 +5,19 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' name: resourceName location: location properties: { - encryption: { - keySource: 'Microsoft.Automation' - } publicNetworkAccess: true sku: { name: 'Basic' } + encryption: { + keySource: 'Microsoft.Automation' + } } } resource module 'Microsoft.Automation/automationAccounts/modules@2020-01-13-preview' = { - parent: automationAccount name: 'xActiveDirectory' + parent: automationAccount properties: { contentLink: { uri: 'https://devopsgallerystorage.blob.core.windows.net/packages/xactivedirectory.2.19.0.nupkg' diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/powershell72modules/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/powershell72modules/main.bicep index 64a0d1b0..630c7bbb 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/powershell72modules/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/powershell72modules/main.bicep @@ -16,8 +16,8 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' } resource powerShell72Module 'Microsoft.Automation/automationAccounts/powerShell72Modules@2020-01-13-preview' = { - parent: automationAccount name: 'xActiveDirectory' + parent: automationAccount properties: { contentLink: { uri: 'https://devopsgallerystorage.blob.core.windows.net/packages/xactivedirectory.2.19.0.nupkg' diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/python3packages/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/python3packages/main.bicep index 656fe259..61334e3f 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/python3packages/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/python3packages/main.bicep @@ -17,8 +17,8 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2023-11-01' } resource python3Package 'Microsoft.Automation/automationAccounts/python3Packages@2023-11-01' = { - parent: automationAccount name: resourceName + parent: automationAccount properties: { contentLink: { uri: 'https://files.pythonhosted.org/packages/py3/r/requests/requests-2.31.0-py3-none-any.whl' diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/draft/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/draft/main.bicep index 645c6422..84b33a58 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/draft/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/draft/main.bicep @@ -5,20 +5,20 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' name: resourceName location: location properties: { - encryption: { - keySource: 'Microsoft.Automation' - } publicNetworkAccess: true sku: { name: 'Basic' } + encryption: { + keySource: 'Microsoft.Automation' + } } } resource runbook 'Microsoft.Automation/automationAccounts/runbooks@2019-06-01' = { - parent: automationAccount name: 'Get-AzureVMTutorial' location: location + parent: automationAccount properties: { description: 'This is a test runbook for terraform acceptance test' draft: {} @@ -30,6 +30,6 @@ resource runbook 'Microsoft.Automation/automationAccounts/runbooks@2019-06-01' = } resource draft 'Microsoft.Automation/automationAccounts/runbooks/draft@2018-06-30' = { - parent: runbook name: 'content' + parent: runbook } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/main.bicep index 3e84d9ce..53971680 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/main.bicep @@ -5,20 +5,20 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' name: resourceName location: location properties: { - encryption: { - keySource: 'Microsoft.Automation' - } publicNetworkAccess: true sku: { name: 'Basic' } + encryption: { + keySource: 'Microsoft.Automation' + } } } resource runbook 'Microsoft.Automation/automationAccounts/runbooks@2019-06-01' = { - parent: automationAccount name: 'Get-AzureVMTutorial' location: location + parent: automationAccount properties: { description: 'This is a test runbook for terraform acceptance test' draft: {} diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/schedules/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/schedules/main.bicep index bf571ec0..feca9534 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/schedules/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/schedules/main.bicep @@ -5,19 +5,19 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' name: resourceName location: location properties: { + sku: { + name: 'Basic' + } encryption: { keySource: 'Microsoft.Automation' } publicNetworkAccess: true - sku: { - name: 'Basic' - } } } resource schedule 'Microsoft.Automation/automationAccounts/schedules@2020-01-13-preview' = { - parent: automationAccount name: resourceName + parent: automationAccount properties: { description: '' frequency: 'OneTime' diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/softwareupdateconfigurations/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/softwareupdateconfigurations/main.bicep index 020e8583..465e422a 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/softwareupdateconfigurations/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/softwareupdateconfigurations/main.bicep @@ -16,27 +16,20 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' } resource softwareUpdateConfiguration 'Microsoft.Automation/automationAccounts/softwareUpdateConfigurations@2019-06-01' = { - parent: automationAccount name: resourceName + parent: automationAccount properties: { scheduleInfo: { - description: '' + nextRunOffsetMinutes: 0 + timeZone: 'Etc/UTC' expiryTimeOffsetMinutes: 0 frequency: 'OneTime' + startTimeOffsetMinutes: 0 + description: '' interval: 0 isEnabled: true - nextRunOffsetMinutes: 0 - startTimeOffsetMinutes: 0 - timeZone: 'Etc/UTC' } updateConfiguration: { - duration: 'PT2H' - linux: { - excludedPackageNameMasks: [] - includedPackageClassifications: 'Security' - includedPackageNameMasks: [] - rebootSetting: 'IfRequired' - } operatingSystem: 'Linux' targets: { azureQueries: [ @@ -50,6 +43,13 @@ resource softwareUpdateConfiguration 'Microsoft.Automation/automationAccounts/so } ] } + duration: 'PT2H' + linux: { + excludedPackageNameMasks: [] + includedPackageClassifications: 'Security' + includedPackageNameMasks: [] + rebootSetting: 'IfRequired' + } } } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/sourcecontrols/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/sourcecontrols/main.bicep index 5a18a7a3..ee976165 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/sourcecontrols/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/sourcecontrols/main.bicep @@ -19,18 +19,18 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2023-11-01' } resource sourceControl 'Microsoft.Automation/automationAccounts/sourceControls@2023-11-01' = { - parent: automationAccount name: resourceName + parent: automationAccount properties: { - autoSync: false branch: 'master' folderPath: '/' publishRunbook: false repoUrl: 'https://github.com/Azure-Samples/acr-build-helloworld-node.git' securityToken: { - accessToken: null + accessToken: '${pat}' tokenType: 'PersonalAccessToken' } sourceType: 'GitHub' + autoSync: false } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/variables/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/variables/main.bicep index b64904b1..1a42425c 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/variables/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/variables/main.bicep @@ -16,11 +16,11 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' } resource variable 'Microsoft.Automation/automationAccounts/variables@2020-01-13-preview' = { - parent: automationAccount name: resourceName + parent: automationAccount properties: { description: '' isEncrypted: false - value: '"Hello, Terraform Basic Test."' + value: 'Hello, Terraform Basic Test.' } } diff --git a/settings/remarks/microsoft.avs/samples/privateclouds/authorizations/main.bicep b/settings/remarks/microsoft.avs/samples/privateclouds/authorizations/main.bicep index afde51c0..878f8c7b 100644 --- a/settings/remarks/microsoft.avs/samples/privateclouds/authorizations/main.bicep +++ b/settings/remarks/microsoft.avs/samples/privateclouds/authorizations/main.bicep @@ -4,6 +4,9 @@ param location string = 'centralus' resource privateCloud 'Microsoft.AVS/privateClouds@2022-05-01' = { name: resourceName location: location + sku: { + name: 'av36' + } properties: { internet: 'Disabled' managementCluster: { @@ -11,12 +14,9 @@ resource privateCloud 'Microsoft.AVS/privateClouds@2022-05-01' = { } networkBlock: '192.168.48.0/22' } - sku: { - name: 'av36' - } } resource authorization 'Microsoft.AVS/privateClouds/authorizations@2022-05-01' = { - parent: privateCloud name: resourceName + parent: privateCloud } diff --git a/settings/remarks/microsoft.avs/samples/privateclouds/main.bicep b/settings/remarks/microsoft.avs/samples/privateclouds/main.bicep index 96933b18..a55bba1f 100644 --- a/settings/remarks/microsoft.avs/samples/privateclouds/main.bicep +++ b/settings/remarks/microsoft.avs/samples/privateclouds/main.bicep @@ -4,6 +4,9 @@ param location string = 'centralus' resource privateCloud 'Microsoft.AVS/privateClouds@2022-05-01' = { name: resourceName location: location + sku: { + name: 'av36' + } properties: { internet: 'Disabled' managementCluster: { @@ -11,7 +14,4 @@ resource privateCloud 'Microsoft.AVS/privateClouds@2022-05-01' = { } networkBlock: '192.168.48.0/22' } - sku: { - name: 'av36' - } } diff --git a/settings/remarks/microsoft.azureactivedirectory/samples/b2cdirectories/main.bicep b/settings/remarks/microsoft.azureactivedirectory/samples/b2cdirectories/main.bicep index 5a6c877c..9745b7cf 100644 --- a/settings/remarks/microsoft.azureactivedirectory/samples/b2cdirectories/main.bicep +++ b/settings/remarks/microsoft.azureactivedirectory/samples/b2cdirectories/main.bicep @@ -10,15 +10,14 @@ resource resourceGroup 'Microsoft.Resources/resourceGroups@2020-06-01' = { resource b2cDirectory 'Microsoft.AzureActiveDirectory/b2cDirectories@2021-04-01-preview' = { name: '${resourceName}.onmicrosoft.com' - location: 'United States' + sku: { + name: 'PremiumP1' + tier: 'A0' + } properties: { createTenantProperties: { countryCode: 'US' - displayName: 'acctest0003' + displayName: '${resourceName}' } } - sku: { - name: 'PremiumP1' - tier: 'A0' - } } diff --git a/settings/remarks/microsoft.batch/samples/batchaccounts/applications/main.bicep b/settings/remarks/microsoft.batch/samples/batchaccounts/applications/main.bicep index 1ab86d68..edf32285 100644 --- a/settings/remarks/microsoft.batch/samples/batchaccounts/applications/main.bicep +++ b/settings/remarks/microsoft.batch/samples/batchaccounts/applications/main.bicep @@ -5,27 +5,37 @@ resource batchAccount 'Microsoft.Batch/batchAccounts@2022-10-01' = { name: resourceName location: location properties: { + publicNetworkAccess: 'Enabled' autoStorage: { authenticationMode: 'StorageKeys' - storageAccountId: storageAccount.id } encryption: { keySource: 'Microsoft.Batch' } poolAllocationMode: 'BatchService' - publicNetworkAccess: 'Enabled' } } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { + isNfsV3Enabled: false + isSftpEnabled: false + networkAcls: { + defaultAction: 'Allow' + } accessTier: 'Hot' + allowSharedKeyAccess: true + minimumTlsVersion: 'TLS1_2' + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true allowBlobPublicAccess: true allowCrossTenantReplication: true - allowSharedKeyAccess: true defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' @@ -39,26 +49,15 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } isHnsEnabled: false - isNfsV3Enabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' } } resource application 'Microsoft.Batch/batchAccounts/applications@2022-10-01' = { - parent: batchAccount name: resourceName + parent: batchAccount properties: { - allowUpdates: true defaultVersion: '' displayName: '' + allowUpdates: true } } diff --git a/settings/remarks/microsoft.batch/samples/batchaccounts/certificates/main.bicep b/settings/remarks/microsoft.batch/samples/batchaccounts/certificates/main.bicep index 52dc66f5..a017849a 100644 --- a/settings/remarks/microsoft.batch/samples/batchaccounts/certificates/main.bicep +++ b/settings/remarks/microsoft.batch/samples/batchaccounts/certificates/main.bicep @@ -1,10 +1,10 @@ +@description('The thumbprint of the certificate') +param certificateThumbprint string param resourceName string = 'acctest0001' param location string = 'westeurope' @secure() @description('The base64-encoded certificate data') param certificateData string -@description('The thumbprint of the certificate') -param certificateThumbprint string resource batchAccount 'Microsoft.Batch/batchAccounts@2022-10-01' = { name: resourceName @@ -19,12 +19,12 @@ resource batchAccount 'Microsoft.Batch/batchAccounts@2022-10-01' = { } resource certificate 'Microsoft.Batch/batchAccounts/certificates@2022-10-01' = { - parent: batchAccount name: 'SHA1-${certificateThumbprint}' + parent: batchAccount properties: { - data: null + data: '${certificateData}' format: 'Cer' - thumbprint: null + thumbprint: '${certificateThumbprint}' thumbprintAlgorithm: 'sha1' } } diff --git a/settings/remarks/microsoft.batch/samples/batchaccounts/pools/main.bicep b/settings/remarks/microsoft.batch/samples/batchaccounts/pools/main.bicep index f4661451..46ec22ce 100644 --- a/settings/remarks/microsoft.batch/samples/batchaccounts/pools/main.bicep +++ b/settings/remarks/microsoft.batch/samples/batchaccounts/pools/main.bicep @@ -14,8 +14,8 @@ resource batchAccount 'Microsoft.Batch/batchAccounts@2022-10-01' = { } resource pool 'Microsoft.Batch/batchAccounts/pools@2022-10-01' = { - parent: batchAccount name: resourceName + parent: batchAccount properties: { certificates: null deploymentConfiguration: { @@ -34,18 +34,18 @@ resource pool 'Microsoft.Batch/batchAccounts/pools@2022-10-01' = { } } } + taskSlotsPerNode: 1 displayName: '' interNodeCommunication: 'Enabled' metadata: [] scaleSettings: { fixedScale: { - nodeDeallocationOption: '' resizeTimeout: 'PT15M' targetDedicatedNodes: 1 targetLowPriorityNodes: 0 + nodeDeallocationOption: '' } } - taskSlotsPerNode: 1 vmSize: 'STANDARD_A1' } } diff --git a/settings/remarks/microsoft.billing/remarks.json b/settings/remarks/microsoft.billing/remarks.json index 58191af5..3f70f053 100644 --- a/settings/remarks/microsoft.billing/remarks.json +++ b/settings/remarks/microsoft.billing/remarks.json @@ -6,5 +6,12 @@ "Path": "samples/billingaccounts/billingprofiles/main.tf", "Description": "A basic example of deploying Billing Accounts Billing Profiles." } + ], + "BicepSamples": [ + { + "ResourceType": "Microsoft.Billing/billingAccounts/billingProfiles", + "Path": "samples/billingaccounts/billingprofiles/main.bicep", + "Description": "A basic example of deploying Billing Accounts Billing Profiles." + } ] } diff --git a/settings/remarks/microsoft.billing/samples/billingaccounts/billingprofiles/main.bicep b/settings/remarks/microsoft.billing/samples/billingaccounts/billingprofiles/main.bicep new file mode 100644 index 00000000..db96f363 --- /dev/null +++ b/settings/remarks/microsoft.billing/samples/billingaccounts/billingprofiles/main.bicep @@ -0,0 +1,39 @@ +targetScope = 'tenant' + +param resourceName string = 'acctest0001' +@description('Specify Billing Account Id for Billing Profile') +param billingAccountId string +@description('Specify Payment Method Id (For example: Credit Card and etc)') +param paymentMethodId string +@description('Specify Payment SCA Id for Payment Method Validation') +param paymentScaId string + +resource billingProfile 'Microsoft.Billing/billingAccounts/billingProfiles@2024-04-01' = { + name: resourceName + properties: { + enabledAzurePlans: [ + { + skuId: '0001' + } + ] + shipTo: { + postalCode: '12345-1234' + region: 'WA' + addressLine1: 'TestWay' + city: 'Redmond' + companyName: 'TestCompany' + country: 'US' + isValidAddress: true + } + billTo: { + companyName: 'TestCompany' + country: 'US' + isValidAddress: true + postalCode: '12345-1234' + region: 'WA' + addressLine1: 'TestWay' + city: 'Redmond' + } + displayName: '${resourceName}' + } +} diff --git a/settings/remarks/microsoft.botservice/samples/botservices/channels/main.bicep b/settings/remarks/microsoft.botservice/samples/botservices/channels/main.bicep index 2b1fa1b6..9f03eece 100644 --- a/settings/remarks/microsoft.botservice/samples/botservices/channels/main.bicep +++ b/settings/remarks/microsoft.botservice/samples/botservices/channels/main.bicep @@ -4,29 +4,29 @@ param location string = 'westus' resource botService 'Microsoft.BotService/botServices@2021-05-01-preview' = { name: resourceName location: location + sku: { + name: 'F0' + } kind: 'bot' properties: { - cmekKeyVaultUrl: '' - description: '' - developerAppInsightKey: '' - developerAppInsightsApiKey: '' - developerAppInsightsApplicationId: '' - displayName: 'acctest0001' endpoint: '' iconUrl: 'https://docs.botframework.com/static/devportal/client/images/bot-framework-default.png' isCmekEnabled: false - isStreamingSupported: false msaAppId: '12345678-1234-1234-1234-123456789012' - } - sku: { - name: 'F0' + developerAppInsightKey: '' + developerAppInsightsApiKey: '' + isStreamingSupported: false + cmekKeyVaultUrl: '' + description: '' + developerAppInsightsApplicationId: '' + displayName: '${resourceName}' } } resource channel 'Microsoft.BotService/botServices/channels@2021-05-01-preview' = { - parent: botService name: 'AlexaChannel' location: location + parent: botService kind: 'bot' properties: { channelName: 'AlexaChannel' diff --git a/settings/remarks/microsoft.botservice/samples/botservices/main.bicep b/settings/remarks/microsoft.botservice/samples/botservices/main.bicep index f369a978..127d9095 100644 --- a/settings/remarks/microsoft.botservice/samples/botservices/main.bicep +++ b/settings/remarks/microsoft.botservice/samples/botservices/main.bicep @@ -1,21 +1,24 @@ param resourceName string = 'acctest0001' +param location string = 'westeurope' + +param clientId string resource botService 'Microsoft.BotService/botServices@2021-05-01-preview' = { name: resourceName location: 'global' + sku: { + name: 'F0' + } kind: 'sdk' properties: { + displayName: resourceName + endpoint: '' + luisKey: '' + msaAppId: clientId + luisAppIds: [] developerAppInsightKey: '' developerAppInsightsApiKey: '' developerAppInsightsApplicationId: '' - displayName: 'acctest0001' - endpoint: '' - luisAppIds: [] - luisKey: '' - msaAppId: deployer().objectId - } - sku: { - name: 'F0' } tags: { environment: 'production' diff --git a/settings/remarks/microsoft.cache/remarks.json b/settings/remarks/microsoft.cache/remarks.json index fd40d222..cd140979 100644 --- a/settings/remarks/microsoft.cache/remarks.json +++ b/settings/remarks/microsoft.cache/remarks.json @@ -75,6 +75,16 @@ "ResourceType": "Microsoft.Cache/redisEnterprise/databases", "Path": "samples/redisenterprise/databases/main.bicep", "Description": "A basic example of deploying Redis Enterprise Database." + }, + { + "ResourceType": "Microsoft.Cache/redis/linkedServers", + "Path": "samples/redis/linkedservers/main.bicep", + "Description": "A basic example of deploying Redis Linked Server." + }, + { + "ResourceType": "Microsoft.Cache/redis/linkedServers", + "Path": "samples/redis/linkedservers/main-rg-module.bicep", + "Description": "A basic example of deploying Redis Linked Server." } ] } \ No newline at end of file diff --git a/settings/remarks/microsoft.cache/samples/redis/accesspolicies/main.bicep b/settings/remarks/microsoft.cache/samples/redis/accesspolicies/main.bicep index 81125cb5..a8dc96a1 100644 --- a/settings/remarks/microsoft.cache/samples/redis/accesspolicies/main.bicep +++ b/settings/remarks/microsoft.cache/samples/redis/accesspolicies/main.bicep @@ -5,9 +5,6 @@ resource redis 'Microsoft.Cache/redis@2024-11-01' = { name: resourceName location: location properties: { - disableAccessKeyAuthentication: false - enableNonSslPort: true - minimumTlsVersion: '1.2' publicNetworkAccess: 'Enabled' redisConfiguration: { 'maxmemory-policy': 'volatile-lru' @@ -19,12 +16,15 @@ resource redis 'Microsoft.Cache/redis@2024-11-01' = { family: 'C' name: 'Basic' } + disableAccessKeyAuthentication: false + enableNonSslPort: true + minimumTlsVersion: '1.2' } } resource accessPolicy 'Microsoft.Cache/redis/accessPolicies@2024-11-01' = { - parent: redis name: '${resourceName}-accessPolicy' + parent: redis properties: { permissions: '+@read +@connection +cluster|info allkeys' } diff --git a/settings/remarks/microsoft.cache/samples/redis/accesspolicyassignments/main.bicep b/settings/remarks/microsoft.cache/samples/redis/accesspolicyassignments/main.bicep index 512d5360..8e450a10 100644 --- a/settings/remarks/microsoft.cache/samples/redis/accesspolicyassignments/main.bicep +++ b/settings/remarks/microsoft.cache/samples/redis/accesspolicyassignments/main.bicep @@ -16,11 +16,11 @@ resource redis 'Microsoft.Cache/redis@2023-04-01' = { } resource accessPolicyAssignment 'Microsoft.Cache/redis/accessPolicyAssignments@2024-03-01' = { - parent: redis name: resourceName + parent: redis properties: { + objectIdAlias: 'ServicePrincipal' accessPolicyName: 'Data Contributor' objectId: deployer().objectId - objectIdAlias: 'ServicePrincipal' } } diff --git a/settings/remarks/microsoft.cache/samples/redis/firewallrules/main.bicep b/settings/remarks/microsoft.cache/samples/redis/firewallrules/main.bicep index 7785eb12..f9a30e3f 100644 --- a/settings/remarks/microsoft.cache/samples/redis/firewallrules/main.bicep +++ b/settings/remarks/microsoft.cache/samples/redis/firewallrules/main.bicep @@ -5,6 +5,11 @@ resource redis 'Microsoft.Cache/redis@2024-11-01' = { name: resourceName location: location properties: { + sku: { + capacity: 1 + family: 'P' + name: 'Premium' + } disableAccessKeyAuthentication: false enableNonSslPort: false minimumTlsVersion: '1.2' @@ -16,19 +21,14 @@ resource redis 'Microsoft.Cache/redis@2024-11-01' = { 'preferred-data-persistence-auth-method': '' } redisVersion: '6.0' - sku: { - capacity: 1 - family: 'P' - name: 'Premium' - } } } resource firewallRule 'Microsoft.Cache/redis/firewallRules@2024-11-01' = { - parent: redis name: '${resourceName}_fwrule' + parent: redis properties: { - endIP: '2.3.4.5' startIP: '1.2.3.4' + endIP: '2.3.4.5' } } diff --git a/settings/remarks/microsoft.cache/samples/redis/linkedservers/main-rg-module.bicep b/settings/remarks/microsoft.cache/samples/redis/linkedservers/main-rg-module.bicep new file mode 100644 index 00000000..e9417a74 --- /dev/null +++ b/settings/remarks/microsoft.cache/samples/redis/linkedservers/main-rg-module.bicep @@ -0,0 +1,58 @@ +param resourceName string = 'acctest0001' +param location string = 'westus' + +resource redisPrimary 'Microsoft.Cache/redis@2024-11-01' = { + name: '${resourceName}-primary' + location: location + properties: { + disableAccessKeyAuthentication: false + enableNonSslPort: false + minimumTlsVersion: '1.2' + publicNetworkAccess: 'Enabled' + redisConfiguration: { + 'preferred-data-persistence-auth-method': '' + 'maxmemory-delta': '642' + 'maxmemory-policy': 'allkeys-lru' + 'maxmemory-reserved': '642' + } + redisVersion: '6' + sku: { + capacity: 1 + family: 'P' + name: 'Premium' + } + } +} + +resource redisSecondary 'Microsoft.Cache/redis@2024-11-01' = { + name: '${resourceName}-secondary' + location: location + properties: { + redisConfiguration: { + 'maxmemory-delta': '642' + 'maxmemory-policy': 'allkeys-lru' + 'maxmemory-reserved': '642' + 'preferred-data-persistence-auth-method': '' + } + redisVersion: '6' + sku: { + capacity: 1 + family: 'P' + name: 'Premium' + } + disableAccessKeyAuthentication: false + enableNonSslPort: false + minimumTlsVersion: '1.2' + publicNetworkAccess: 'Enabled' + } +} + +resource linkedServer 'Microsoft.Cache/redis/linkedServers@2024-11-01' = { + name: '${resourceName}-secondary' + parent: redisPrimary + properties: { + linkedRedisCacheId: redisSecondary.id + linkedRedisCacheLocation: location + serverRole: 'Secondary' + } +} diff --git a/settings/remarks/microsoft.cache/samples/redis/linkedservers/main.bicep b/settings/remarks/microsoft.cache/samples/redis/linkedservers/main.bicep new file mode 100644 index 00000000..ad12030e --- /dev/null +++ b/settings/remarks/microsoft.cache/samples/redis/linkedservers/main.bicep @@ -0,0 +1,23 @@ +targetScope = 'subscription' + +param resourceName string = 'acctest0001' +param location string = 'westus' + +resource resourceGroup 'Microsoft.Resources/resourceGroups@2020-06-01' = { + name: resourceName + location: location +} + +resource resourcegroupSecondary 'Microsoft.Resources/resourceGroups@2020-06-01' = { + name: '${resourceName}-secondary' + location: location +} + +module module1 'main-rg-module.bicep' = { + name: 'deploy-rg-resources' + scope: resourceGroup + params: { + resourceName: resourceName + location: location + } +} diff --git a/settings/remarks/microsoft.cache/samples/redis/main.bicep b/settings/remarks/microsoft.cache/samples/redis/main.bicep index b4171f1a..a674cb7f 100644 --- a/settings/remarks/microsoft.cache/samples/redis/main.bicep +++ b/settings/remarks/microsoft.cache/samples/redis/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'eastus' +param resourceName string = 'acctest0001' resource redis 'Microsoft.Cache/redis@2023-04-01' = { name: resourceName @@ -8,9 +8,9 @@ resource redis 'Microsoft.Cache/redis@2023-04-01' = { enableNonSslPort: true minimumTlsVersion: '1.2' sku: { - capacity: 2 family: 'C' name: 'Standard' + capacity: 2 } } } diff --git a/settings/remarks/microsoft.cache/samples/redisenterprise/databases/main.bicep b/settings/remarks/microsoft.cache/samples/redisenterprise/databases/main.bicep index 332151c3..6345b2cf 100644 --- a/settings/remarks/microsoft.cache/samples/redisenterprise/databases/main.bicep +++ b/settings/remarks/microsoft.cache/samples/redisenterprise/databases/main.bicep @@ -4,24 +4,24 @@ param location string = 'westus' resource redisEnterprise 'Microsoft.Cache/redisEnterprise@2025-04-01' = { name: resourceName location: location + sku: { + name: 'Balanced_B0' + } properties: { encryption: {} highAvailability: 'Enabled' minimumTlsVersion: '1.2' } - sku: { - name: 'Balanced_B0' - } } resource defaultDatabase 'Microsoft.Cache/redisEnterprise/databases@2025-04-01' = { - parent: redisEnterprise name: 'default' + parent: redisEnterprise properties: { + port: 10000 clientProtocol: 'Encrypted' clusteringPolicy: 'OSSCluster' evictionPolicy: 'VolatileLRU' modules: [] - port: 10000 } } diff --git a/settings/remarks/microsoft.cache/samples/redisenterprise/main.bicep b/settings/remarks/microsoft.cache/samples/redisenterprise/main.bicep index 1e337bec..1aa9e04a 100644 --- a/settings/remarks/microsoft.cache/samples/redisenterprise/main.bicep +++ b/settings/remarks/microsoft.cache/samples/redisenterprise/main.bicep @@ -4,12 +4,12 @@ param location string = 'eastus' resource redisEnterprise 'Microsoft.Cache/redisEnterprise@2025-04-01' = { name: resourceName location: location + sku: { + name: 'Balanced_B0' + } properties: { encryption: {} highAvailability: 'Enabled' minimumTlsVersion: '1.2' } - sku: { - name: 'Balanced_B0' - } } diff --git a/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/main.bicep index 2e318bc4..10f5512c 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/main.bicep @@ -1,20 +1,21 @@ +param location string = 'westeurope' param resourceName string = 'acctest0001' resource profile 'Microsoft.Cdn/profiles@2021-06-01' = { name: resourceName location: 'global' - properties: { - originResponseTimeoutSeconds: 120 - } sku: { name: 'Standard_AzureFrontDoor' } + properties: { + originResponseTimeoutSeconds: 120 + } } resource afdEndpoint 'Microsoft.Cdn/profiles/afdEndpoints@2021-06-01' = { - parent: profile name: resourceName location: 'global' + parent: profile properties: { enabledState: 'Enabled' } diff --git a/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/routes/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/routes/main.bicep index 76b591ce..0125edac 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/routes/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/routes/main.bicep @@ -1,59 +1,59 @@ param resourceName string = 'acctest0001' +param location string = 'westeurope' resource profile 'Microsoft.Cdn/profiles@2021-06-01' = { name: resourceName location: 'global' - properties: { - originResponseTimeoutSeconds: 120 - } sku: { name: 'Standard_AzureFrontDoor' } + properties: { + originResponseTimeoutSeconds: 120 + } } resource afdEndpoint 'Microsoft.Cdn/profiles/afdEndpoints@2021-06-01' = { - parent: profile name: resourceName location: 'global' + parent: profile properties: { enabledState: 'Enabled' } } resource originGroup 'Microsoft.Cdn/profiles/originGroups@2021-06-01' = { - parent: profile name: resourceName + parent: profile properties: { + trafficRestorationTimeToHealedOrNewEndpointsInMinutes: 10 loadBalancingSettings: { - additionalLatencyInMilliseconds: 0 sampleSize: 16 successfulSamplesRequired: 3 + additionalLatencyInMilliseconds: 0 } sessionAffinityState: 'Enabled' - trafficRestorationTimeToHealedOrNewEndpointsInMinutes: 10 } } resource origin 'Microsoft.Cdn/profiles/originGroups/origins@2021-06-01' = { - parent: originGroup name: resourceName + parent: originGroup properties: { enabledState: 'Enabled' enforceCertificateNameCheck: false - hostName: 'contoso.com' httpPort: 80 httpsPort: 443 + weight: 1 + hostName: 'contoso.com' originHostHeader: 'www.contoso.com' priority: 1 - weight: 1 } } resource route 'Microsoft.Cdn/profiles/afdEndpoints/routes@2021-06-01' = { - parent: afdEndpoint name: resourceName + parent: afdEndpoint properties: { - enabledState: 'Enabled' forwardingProtocol: 'MatchRequest' httpsRedirect: 'Enabled' linkToDefaultDomain: 'Enabled' @@ -67,5 +67,6 @@ resource route 'Microsoft.Cdn/profiles/afdEndpoints/routes@2021-06-01' = { 'Https' 'Http' ] + enabledState: 'Enabled' } } diff --git a/settings/remarks/microsoft.cdn/samples/profiles/customdomains/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/customdomains/main.bicep index 96d9bbca..6c295351 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/customdomains/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/customdomains/main.bicep @@ -1,32 +1,33 @@ +param location string = 'westeurope' param resourceName string = 'acctest0001' -resource dnsZone 'Microsoft.Network/dnsZones@2018-05-01' = { - name: '${resourceName}.com' - location: 'global' -} - resource profile 'Microsoft.Cdn/profiles@2021-06-01' = { name: resourceName location: 'global' - properties: { - originResponseTimeoutSeconds: 120 - } sku: { name: 'Premium_AzureFrontDoor' } + properties: { + originResponseTimeoutSeconds: 120 + } } resource customDomain 'Microsoft.Cdn/profiles/customDomains@2021-06-01' = { - parent: profile name: resourceName + parent: profile properties: { - azureDnsZone: { - id: dnsZone.id - } - hostName: 'fabrikam.acctest0001.com' tlsSettings: { certificateType: 'ManagedCertificate' minimumTlsVersion: 'TLS12' } + azureDnsZone: { + id: dnsZone.id + } + hostName: 'fabrikam.${resourceName}.com' } } + +resource dnsZone 'Microsoft.Network/dnsZones@2018-05-01' = { + name: '${resourceName}.com' + location: 'global' +} diff --git a/settings/remarks/microsoft.cdn/samples/profiles/endpoints/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/endpoints/main.bicep index 572ff490..11025868 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/endpoints/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/endpoints/main.bicep @@ -10,12 +10,10 @@ resource profile 'Microsoft.Cdn/profiles@2020-09-01' = { } resource endpoint 'Microsoft.Cdn/profiles/endpoints@2020-09-01' = { - parent: profile name: resourceName location: location + parent: profile properties: { - isHttpAllowed: true - isHttpsAllowed: true origins: [ { name: 'acceptanceTestCdnOrigin1' @@ -27,5 +25,7 @@ resource endpoint 'Microsoft.Cdn/profiles/endpoints@2020-09-01' = { } ] queryStringCachingBehavior: 'IgnoreQueryString' + isHttpAllowed: true + isHttpsAllowed: true } } diff --git a/settings/remarks/microsoft.cdn/samples/profiles/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/main.bicep index dbd2929d..7b279da8 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/main.bicep @@ -1,12 +1,13 @@ param resourceName string = 'acctest0001' +param location string = 'westeurope' resource profile 'Microsoft.Cdn/profiles@2021-06-01' = { name: resourceName location: 'global' - properties: { - originResponseTimeoutSeconds: 120 - } sku: { name: 'Premium_AzureFrontDoor' } + properties: { + originResponseTimeoutSeconds: 120 + } } diff --git a/settings/remarks/microsoft.cdn/samples/profiles/origingroups/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/origingroups/main.bicep index 4294b4ed..d369a864 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/origingroups/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/origingroups/main.bicep @@ -1,24 +1,25 @@ param resourceName string = 'acctest0001' +param location string = 'westeurope' resource profile 'Microsoft.Cdn/profiles@2021-06-01' = { name: resourceName location: 'global' - properties: { - originResponseTimeoutSeconds: 120 - } sku: { name: 'Standard_AzureFrontDoor' } + properties: { + originResponseTimeoutSeconds: 120 + } } resource originGroup 'Microsoft.Cdn/profiles/originGroups@2021-06-01' = { - parent: profile name: resourceName + parent: profile properties: { loadBalancingSettings: { - additionalLatencyInMilliseconds: 0 sampleSize: 16 successfulSamplesRequired: 3 + additionalLatencyInMilliseconds: 0 } sessionAffinityState: 'Enabled' trafficRestorationTimeToHealedOrNewEndpointsInMinutes: 10 diff --git a/settings/remarks/microsoft.cdn/samples/profiles/origingroups/origins/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/origingroups/origins/main.bicep index a76d00b7..2af31e8c 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/origingroups/origins/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/origingroups/origins/main.bicep @@ -1,41 +1,42 @@ param resourceName string = 'acctest0001' +param location string = 'westeurope' resource profile 'Microsoft.Cdn/profiles@2021-06-01' = { name: resourceName location: 'global' - properties: { - originResponseTimeoutSeconds: 120 - } sku: { name: 'Standard_AzureFrontDoor' } + properties: { + originResponseTimeoutSeconds: 120 + } } resource originGroup 'Microsoft.Cdn/profiles/originGroups@2021-06-01' = { - parent: profile name: resourceName + parent: profile properties: { + trafficRestorationTimeToHealedOrNewEndpointsInMinutes: 10 loadBalancingSettings: { additionalLatencyInMilliseconds: 0 sampleSize: 16 successfulSamplesRequired: 3 } sessionAffinityState: 'Enabled' - trafficRestorationTimeToHealedOrNewEndpointsInMinutes: 10 } } resource origin 'Microsoft.Cdn/profiles/originGroups/origins@2021-06-01' = { - parent: originGroup name: resourceName + parent: originGroup properties: { - enabledState: 'Enabled' - enforceCertificateNameCheck: false - hostName: 'contoso.com' - httpPort: 80 httpsPort: 443 originHostHeader: 'www.contoso.com' priority: 1 + enforceCertificateNameCheck: false + hostName: 'contoso.com' weight: 1 + enabledState: 'Enabled' + httpPort: 80 } } diff --git a/settings/remarks/microsoft.cdn/samples/profiles/rulesets/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/rulesets/main.bicep index 2ee48591..ca746d21 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/rulesets/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/rulesets/main.bicep @@ -1,17 +1,18 @@ param resourceName string = 'acctest0001' +param location string = 'westeurope' resource profile 'Microsoft.Cdn/profiles@2021-06-01' = { name: resourceName location: 'global' - properties: { - originResponseTimeoutSeconds: 120 - } sku: { name: 'Standard_AzureFrontDoor' } + properties: { + originResponseTimeoutSeconds: 120 + } } resource ruleSet 'Microsoft.Cdn/profiles/ruleSets@2021-06-01' = { - parent: profile name: resourceName + parent: profile } diff --git a/settings/remarks/microsoft.cdn/samples/profiles/rulesets/rules/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/rulesets/rules/main.bicep index 7908e707..2101bca7 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/rulesets/rules/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/rulesets/rules/main.bicep @@ -1,64 +1,38 @@ param resourceName string = 'acctest0001' +param location string = 'westus' param cdnLocation string = 'global' resource profile 'Microsoft.Cdn/profiles@2024-09-01' = { name: '${resourceName}-profile' - properties: { - originResponseTimeoutSeconds: 120 - } + location: cdnLocation sku: { name: 'Standard_AzureFrontDoor' } -} - -resource originGroup 'Microsoft.Cdn/profiles/originGroups@2024-09-01' = { - parent: profile - name: '${resourceName}-origingroup' properties: { - loadBalancingSettings: { - additionalLatencyInMilliseconds: 0 - sampleSize: 16 - successfulSamplesRequired: 3 - } - sessionAffinityState: 'Enabled' - trafficRestorationTimeToHealedOrNewEndpointsInMinutes: 10 + originResponseTimeoutSeconds: 120 } } resource ruleSet 'Microsoft.Cdn/profiles/ruleSets@2024-09-01' = { + name: 'ruleSet${substring(resourceName, (length(resourceName) - 4), 3)}' parent: profile - name: 'ruleSet${substring(resourceName, length(resourceName) - 4, 4)}' -} - -resource origin 'Microsoft.Cdn/profiles/originGroups/origins@2024-09-01' = { - parent: originGroup - name: '${resourceName}-origin' - properties: { - enabledState: 'Enabled' - enforceCertificateNameCheck: false - hostName: 'contoso.com' - httpPort: 80 - httpsPort: 443 - originHostHeader: 'www.contoso.com' - priority: 1 - weight: 1 - } } resource rule 'Microsoft.Cdn/profiles/ruleSets/rules@2024-09-01' = { + name: 'rule${substring(resourceName, (length(resourceName) - 4), 3)}' parent: ruleSet - name: 'rule${substring(resourceName, length(resourceName) - 4, 4)}' properties: { actions: [ { name: 'RouteConfigurationOverride' parameters: { + typeName: 'DeliveryRuleRouteConfigurationOverrideActionParameters' cacheConfiguration: { - cacheBehavior: 'OverrideIfOriginMissing' - cacheDuration: '23:59:59' isCompressionEnabled: 'Disabled' queryParameters: 'clientIp={client_ip}' queryStringCachingBehavior: 'IgnoreSpecifiedQueryStrings' + cacheBehavior: 'OverrideIfOriginMissing' + cacheDuration: '23:59:59' } originGroupOverride: { forwardingProtocol: 'HttpsOnly' @@ -66,7 +40,6 @@ resource rule 'Microsoft.Cdn/profiles/ruleSets/rules@2024-09-01' = { id: originGroup.id } } - typeName: 'DeliveryRuleRouteConfigurationOverrideActionParameters' } } ] @@ -75,3 +48,32 @@ resource rule 'Microsoft.Cdn/profiles/ruleSets/rules@2024-09-01' = { order: 1 } } + +resource originGroup 'Microsoft.Cdn/profiles/originGroups@2024-09-01' = { + name: '${resourceName}-origingroup' + parent: profile + properties: { + loadBalancingSettings: { + additionalLatencyInMilliseconds: 0 + sampleSize: 16 + successfulSamplesRequired: 3 + } + sessionAffinityState: 'Enabled' + trafficRestorationTimeToHealedOrNewEndpointsInMinutes: 10 + } +} + +resource origin 'Microsoft.Cdn/profiles/originGroups/origins@2024-09-01' = { + name: '${resourceName}-origin' + parent: originGroup + properties: { + enforceCertificateNameCheck: false + hostName: 'contoso.com' + httpPort: 80 + originHostHeader: 'www.contoso.com' + priority: 1 + weight: 1 + enabledState: 'Enabled' + httpsPort: 443 + } +} diff --git a/settings/remarks/microsoft.cdn/samples/profiles/securitypolicies/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/securitypolicies/main.bicep index 59c3d517..02904ace 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/securitypolicies/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/securitypolicies/main.bicep @@ -1,8 +1,12 @@ +param location string = 'westeurope' param resourceName string = 'acctest0001' -resource frontdoorwebapplicationfirewallpolicy 'Microsoft.Network/FrontDoorWebApplicationFirewallPolicies@2020-11-01' = { +resource frontDoorWebApplicationFirewallPolicy 'Microsoft.Network/FrontDoorWebApplicationFirewallPolicies@2020-11-01' = { name: resourceName location: 'global' + sku: { + name: 'Premium_AzureFrontDoor' + } properties: { customRules: { rules: [ @@ -20,10 +24,10 @@ resource frontdoorwebapplicationfirewallpolicy 'Microsoft.Network/FrontDoorWebAp operator: 'IPMatch' } ] - name: 'Rule1' priority: 1 - rateLimitDurationInMinutes: 1 rateLimitThreshold: 10 + name: 'Rule1' + rateLimitDurationInMinutes: 1 ruleType: 'MatchRule' } ] @@ -62,9 +66,6 @@ resource frontdoorwebapplicationfirewallpolicy 'Microsoft.Network/FrontDoorWebAp redirectUrl: 'https://www.fabrikam.com' } } - sku: { - name: 'Premium_AzureFrontDoor' - } } resource dnsZone 'Microsoft.Network/dnsZones@2018-05-01' = { @@ -75,22 +76,22 @@ resource dnsZone 'Microsoft.Network/dnsZones@2018-05-01' = { resource profile 'Microsoft.Cdn/profiles@2021-06-01' = { name: resourceName location: 'global' - properties: { - originResponseTimeoutSeconds: 120 - } sku: { name: 'Premium_AzureFrontDoor' } + properties: { + originResponseTimeoutSeconds: 120 + } } resource customDomain 'Microsoft.Cdn/profiles/customDomains@2021-06-01' = { - parent: profile name: resourceName + parent: profile properties: { azureDnsZone: { id: dnsZone.id } - hostName: 'fabrikam.acctest0001.com' + hostName: 'fabrikam.${resourceName}.com' tlsSettings: { certificateType: 'ManagedCertificate' minimumTlsVersion: 'TLS12' @@ -99,8 +100,8 @@ resource customDomain 'Microsoft.Cdn/profiles/customDomains@2021-06-01' = { } resource securityPolicy 'Microsoft.Cdn/profiles/securityPolicies@2021-06-01' = { - parent: profile name: resourceName + parent: profile properties: { parameters: { associations: [ @@ -117,7 +118,7 @@ resource securityPolicy 'Microsoft.Cdn/profiles/securityPolicies@2021-06-01' = { ] type: 'WebApplicationFirewall' wafPolicy: { - id: frontdoorwebapplicationfirewallpolicy.id + id: frontDoorWebApplicationFirewallPolicy.id } } } diff --git a/settings/remarks/microsoft.certificateregistration/samples/certificateorders/main.bicep b/settings/remarks/microsoft.certificateregistration/samples/certificateorders/main.bicep index 9d9cd839..26827e98 100644 --- a/settings/remarks/microsoft.certificateregistration/samples/certificateorders/main.bicep +++ b/settings/remarks/microsoft.certificateregistration/samples/certificateorders/main.bicep @@ -1,13 +1,14 @@ param resourceName string = 'acctest0001' +param location string = 'westeurope' resource certificateOrder 'Microsoft.CertificateRegistration/certificateOrders@2021-02-01' = { name: resourceName location: 'global' properties: { + validityInYears: 1 autoRenew: true distinguishedName: 'CN=example.com' keySize: 2048 productType: 'StandardDomainValidatedSsl' - validityInYears: 1 } } diff --git a/settings/remarks/microsoft.cognitiveservices/samples/accounts/deployments/main.bicep b/settings/remarks/microsoft.cognitiveservices/samples/accounts/deployments/main.bicep index a8ce9a6c..4eb963bf 100644 --- a/settings/remarks/microsoft.cognitiveservices/samples/accounts/deployments/main.bicep +++ b/settings/remarks/microsoft.cognitiveservices/samples/accounts/deployments/main.bicep @@ -4,29 +4,29 @@ param location string = 'eastus' resource account 'Microsoft.CognitiveServices/accounts@2022-10-01' = { name: resourceName location: location - identity: { - type: 'None' - userAssignedIdentities: null + sku: { + name: 'S0' } kind: 'OpenAI' properties: { - disableLocalAuth: false dynamicThrottlingEnabled: false publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: false + disableLocalAuth: false } - sku: { - name: 'S0' + identity: { + type: 'None' + userAssignedIdentities: null } } resource deployment 'Microsoft.CognitiveServices/accounts/deployments@2023-05-01' = { - parent: account name: 'testdep' + parent: account properties: { model: { - format: 'OpenAI' name: 'text-embedding-ada-002' + format: 'OpenAI' } } } diff --git a/settings/remarks/microsoft.cognitiveservices/samples/accounts/main.bicep b/settings/remarks/microsoft.cognitiveservices/samples/accounts/main.bicep index f5ae4140..bad0624d 100644 --- a/settings/remarks/microsoft.cognitiveservices/samples/accounts/main.bicep +++ b/settings/remarks/microsoft.cognitiveservices/samples/accounts/main.bicep @@ -4,19 +4,19 @@ param location string = 'westus2' resource account 'Microsoft.CognitiveServices/accounts@2022-10-01' = { name: resourceName location: location + sku: { + tier: 'Standard' + name: 'S0' + } kind: 'SpeechServices' properties: { + dynamicThrottlingEnabled: false + publicNetworkAccess: 'Enabled' + restrictOutboundNetworkAccess: false allowedFqdnList: [] apiProperties: {} customSubDomainName: 'acctest-cogacc-230630032807723157' disableLocalAuth: false - dynamicThrottlingEnabled: false - publicNetworkAccess: 'Enabled' - restrictOutboundNetworkAccess: false - } - sku: { - name: 'S0' - tier: 'Standard' } } diff --git a/settings/remarks/microsoft.cognitiveservices/samples/accounts/projects/main.bicep b/settings/remarks/microsoft.cognitiveservices/samples/accounts/projects/main.bicep index 9c0ebd8c..0669007f 100644 --- a/settings/remarks/microsoft.cognitiveservices/samples/accounts/projects/main.bicep +++ b/settings/remarks/microsoft.cognitiveservices/samples/accounts/projects/main.bicep @@ -4,26 +4,26 @@ param location string = 'westus2' resource account 'Microsoft.CognitiveServices/accounts@2025-06-01' = { name: resourceName location: location + sku: { + name: 'S0' + } kind: 'AIServices' properties: { + restrictOutboundNetworkAccess: false allowProjectManagement: true - customSubDomainName: 'cog-acctest0001' + customSubDomainName: 'cog-${resourceName}' disableLocalAuth: false dynamicThrottlingEnabled: false publicNetworkAccess: 'Enabled' - restrictOutboundNetworkAccess: false - } - sku: { - name: 'S0' } } resource project 'Microsoft.CognitiveServices/accounts/projects@2025-06-01' = { - parent: account name: resourceName location: location + parent: account properties: { + displayName: 'project-${resourceName}' description: 'test project' - displayName: 'project-acctest0001' } } diff --git a/settings/remarks/microsoft.cognitiveservices/samples/accounts/raiblocklists/main.bicep b/settings/remarks/microsoft.cognitiveservices/samples/accounts/raiblocklists/main.bicep index de03fb57..965a3010 100644 --- a/settings/remarks/microsoft.cognitiveservices/samples/accounts/raiblocklists/main.bicep +++ b/settings/remarks/microsoft.cognitiveservices/samples/accounts/raiblocklists/main.bicep @@ -4,24 +4,24 @@ param location string = 'westus' resource account 'Microsoft.CognitiveServices/accounts@2024-10-01' = { name: '${resourceName}-ca' location: location + sku: { + name: 'S0' + } kind: 'OpenAI' properties: { - allowedFqdnList: [] - apiProperties: {} customSubDomainName: '' disableLocalAuth: false dynamicThrottlingEnabled: false publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: false - } - sku: { - name: 'S0' + allowedFqdnList: [] + apiProperties: {} } } resource raiBlocklist 'Microsoft.CognitiveServices/accounts/raiBlocklists@2024-10-01' = { - parent: account name: '${resourceName}-crb' + parent: account properties: { description: 'Acceptance test data new azurerm resource' } diff --git a/settings/remarks/microsoft.cognitiveservices/samples/accounts/raipolicies/main.bicep b/settings/remarks/microsoft.cognitiveservices/samples/accounts/raipolicies/main.bicep index 8aba460d..b1210231 100644 --- a/settings/remarks/microsoft.cognitiveservices/samples/accounts/raipolicies/main.bicep +++ b/settings/remarks/microsoft.cognitiveservices/samples/accounts/raipolicies/main.bicep @@ -4,6 +4,9 @@ param location string = 'eastus' resource account 'Microsoft.CognitiveServices/accounts@2022-10-01' = { name: resourceName location: location + sku: { + name: 'S0' + } kind: 'OpenAI' properties: { disableLocalAuth: false @@ -11,23 +14,20 @@ resource account 'Microsoft.CognitiveServices/accounts@2022-10-01' = { publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: false } - sku: { - name: 'S0' - } } resource raiPolicy 'Microsoft.CognitiveServices/accounts/raiPolicies@2024-10-01' = { - parent: account name: 'NoModerationPolicy' + parent: account properties: { basePolicyName: 'Microsoft.Default' contentFilters: [ { - blocking: true enabled: true name: 'Hate' severityThreshold: 'High' source: 'Prompt' + blocking: true } ] } diff --git a/settings/remarks/microsoft.communication/samples/communicationservices/main.bicep b/settings/remarks/microsoft.communication/samples/communicationservices/main.bicep index df28431d..b9027222 100644 --- a/settings/remarks/microsoft.communication/samples/communicationservices/main.bicep +++ b/settings/remarks/microsoft.communication/samples/communicationservices/main.bicep @@ -1,3 +1,4 @@ +param location string = 'westeurope' param resourceName string = 'acctest0001' resource communicationService 'Microsoft.Communication/communicationServices@2023-03-31' = { diff --git a/settings/remarks/microsoft.communication/samples/emailservices/domains/main.bicep b/settings/remarks/microsoft.communication/samples/emailservices/domains/main.bicep index f41783c0..d39ebcd7 100644 --- a/settings/remarks/microsoft.communication/samples/emailservices/domains/main.bicep +++ b/settings/remarks/microsoft.communication/samples/emailservices/domains/main.bicep @@ -1,3 +1,4 @@ +param location string = 'westeurope' param resourceName string = 'acctest0001' resource emailService 'Microsoft.Communication/emailServices@2023-04-01-preview' = { @@ -9,9 +10,9 @@ resource emailService 'Microsoft.Communication/emailServices@2023-04-01-preview' } resource domain 'Microsoft.Communication/emailServices/domains@2023-04-01-preview' = { - parent: emailService name: 'example.com' location: 'global' + parent: emailService properties: { domainManagement: 'CustomerManaged' userEngagementTracking: 'Disabled' diff --git a/settings/remarks/microsoft.communication/samples/emailservices/domains/senderusernames/main.bicep b/settings/remarks/microsoft.communication/samples/emailservices/domains/senderusernames/main.bicep index f31ba812..8d662207 100644 --- a/settings/remarks/microsoft.communication/samples/emailservices/domains/senderusernames/main.bicep +++ b/settings/remarks/microsoft.communication/samples/emailservices/domains/senderusernames/main.bicep @@ -1,4 +1,5 @@ param resourceName string = 'acctest0001' +param location string = 'westeurope' resource emailService 'Microsoft.Communication/emailServices@2023-04-01-preview' = { name: resourceName @@ -9,9 +10,9 @@ resource emailService 'Microsoft.Communication/emailServices@2023-04-01-preview' } resource domain 'Microsoft.Communication/emailServices/domains@2023-04-01-preview' = { - parent: emailService name: 'example.com' location: 'global' + parent: emailService properties: { domainManagement: 'CustomerManaged' userEngagementTracking: 'Disabled' @@ -19,8 +20,8 @@ resource domain 'Microsoft.Communication/emailServices/domains@2023-04-01-previe } resource senderUsername 'Microsoft.Communication/emailServices/domains/senderUsernames@2023-04-01-preview' = { - parent: domain name: 'TestSenderUserName' + parent: domain properties: { displayName: 'TestDisplayName' username: 'TestSenderUserName' diff --git a/settings/remarks/microsoft.communication/samples/emailservices/main.bicep b/settings/remarks/microsoft.communication/samples/emailservices/main.bicep index f1ddb214..f283e665 100644 --- a/settings/remarks/microsoft.communication/samples/emailservices/main.bicep +++ b/settings/remarks/microsoft.communication/samples/emailservices/main.bicep @@ -1,4 +1,5 @@ param resourceName string = 'acctest0001' +param location string = 'westeurope' resource emailService 'Microsoft.Communication/emailServices@2023-03-31' = { name: resourceName diff --git a/settings/remarks/microsoft.compute/samples/availabilitysets/main.bicep b/settings/remarks/microsoft.compute/samples/availabilitysets/main.bicep index 52496255..079d8079 100644 --- a/settings/remarks/microsoft.compute/samples/availabilitysets/main.bicep +++ b/settings/remarks/microsoft.compute/samples/availabilitysets/main.bicep @@ -4,11 +4,11 @@ param location string = 'westeurope' resource availabilitySet 'Microsoft.Compute/availabilitySets@2021-11-01' = { name: resourceName location: location + sku: { + name: 'Aligned' + } properties: { platformFaultDomainCount: 3 platformUpdateDomainCount: 5 } - sku: { - name: 'Aligned' - } } diff --git a/settings/remarks/microsoft.compute/samples/capacityreservationgroups/capacityreservations/main.bicep b/settings/remarks/microsoft.compute/samples/capacityreservationgroups/capacityreservations/main.bicep index db2d3eeb..466c9af0 100644 --- a/settings/remarks/microsoft.compute/samples/capacityreservationgroups/capacityreservations/main.bicep +++ b/settings/remarks/microsoft.compute/samples/capacityreservationgroups/capacityreservations/main.bicep @@ -7,9 +7,9 @@ resource capacityReservationGroup 'Microsoft.Compute/capacityReservationGroups@2 } resource capacityReservation 'Microsoft.Compute/capacityReservationGroups/capacityReservations@2022-03-01' = { - parent: capacityReservationGroup name: '${resourceName}-ccr' location: location + parent: capacityReservationGroup sku: { capacity: 2 name: 'Standard_F2' diff --git a/settings/remarks/microsoft.compute/samples/diskaccesses/main.bicep b/settings/remarks/microsoft.compute/samples/diskaccesses/main.bicep index d194267d..07c011ad 100644 --- a/settings/remarks/microsoft.compute/samples/diskaccesses/main.bicep +++ b/settings/remarks/microsoft.compute/samples/diskaccesses/main.bicep @@ -1,11 +1,11 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource diskAccess 'Microsoft.Compute/diskAccesses@2022-03-02' = { name: resourceName location: location tags: { - 'cost-center': 'ops' environment: 'acctest' + 'cost-center': 'ops' } } diff --git a/settings/remarks/microsoft.compute/samples/diskencryptionsets/main.bicep b/settings/remarks/microsoft.compute/samples/diskencryptionsets/main.bicep index bcc6162e..4e474a99 100644 --- a/settings/remarks/microsoft.compute/samples/diskencryptionsets/main.bicep +++ b/settings/remarks/microsoft.compute/samples/diskencryptionsets/main.bicep @@ -1,38 +1,23 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource diskEncryptionSet 'Microsoft.Compute/diskEncryptionSets@2022-03-02' = { - name: resourceName - location: location - properties: { - activeKey: { - keyUrl: key.properties.keyUriWithVersion - sourceVault: { - id: vault.id - } - } - encryptionType: 'EncryptionAtRestWithCustomerKey' - rotationToLatestKeyVersionEnabled: false - } -} - resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { name: resourceName location: location properties: { - accessPolicies: [] - enableSoftDelete: true sku: { family: 'A' name: 'standard' } - tenantId: deployer().tenantId + accessPolicies: [] + enableSoftDelete: true + tenantId: tenant().tenantId } } resource key 'Microsoft.KeyVault/vaults/keys@2023-02-01' = { - parent: vault name: resourceName + parent: vault properties: { keyOps: [ 'encrypt' @@ -46,3 +31,15 @@ resource key 'Microsoft.KeyVault/vaults/keys@2023-02-01' = { kty: 'RSA' } } + +resource diskEncryptionSet 'Microsoft.Compute/diskEncryptionSets@2022-03-02' = { + name: resourceName + location: location + properties: { + activeKey: { + sourceVault: {} + } + encryptionType: 'EncryptionAtRestWithCustomerKey' + rotationToLatestKeyVersionEnabled: false + } +} diff --git a/settings/remarks/microsoft.compute/samples/disks/main.bicep b/settings/remarks/microsoft.compute/samples/disks/main.bicep index 9da32a6f..214f2c92 100644 --- a/settings/remarks/microsoft.compute/samples/disks/main.bicep +++ b/settings/remarks/microsoft.compute/samples/disks/main.bicep @@ -4,19 +4,19 @@ param location string = 'westeurope' resource disk 'Microsoft.Compute/disks@2022-03-02' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } properties: { - creationData: { - createOption: 'Empty' - } - diskSizeGB: 10 encryption: { type: 'EncryptionAtRestWithPlatformKey' } networkAccessPolicy: 'AllowAll' osType: '' publicNetworkAccess: 'Enabled' - } - sku: { - name: 'Standard_LRS' + creationData: { + createOption: 'Empty' + } + diskSizeGB: 10 } } diff --git a/settings/remarks/microsoft.compute/samples/galleries/applications/main.bicep b/settings/remarks/microsoft.compute/samples/galleries/applications/main.bicep index 1f8ab269..d2e4de89 100644 --- a/settings/remarks/microsoft.compute/samples/galleries/applications/main.bicep +++ b/settings/remarks/microsoft.compute/samples/galleries/applications/main.bicep @@ -10,9 +10,9 @@ resource gallery 'Microsoft.Compute/galleries@2022-03-03' = { } resource application 'Microsoft.Compute/galleries/applications@2022-03-03' = { - parent: gallery name: resourceName location: location + parent: gallery properties: { supportedOSType: 'Linux' } diff --git a/settings/remarks/microsoft.compute/samples/galleries/applications/versions/main.bicep b/settings/remarks/microsoft.compute/samples/galleries/applications/versions/main.bicep index cbc629ca..eac3ae8f 100644 --- a/settings/remarks/microsoft.compute/samples/galleries/applications/versions/main.bicep +++ b/settings/remarks/microsoft.compute/samples/galleries/applications/versions/main.bicep @@ -1,23 +1,28 @@ param resourceName string = 'acctest0001' param location string = 'westus' -resource gallery 'Microsoft.Compute/galleries@2022-03-03' = { - name: '${resourceName}sig' - location: location - properties: { - description: '' - } -} - resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { name: '${resourceName}acc' location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { + minimumTlsVersion: 'TLS1_2' + networkAcls: { + bypass: 'AzureServices' + defaultAction: 'Allow' + ipRules: [] + resourceAccessRules: [] + virtualNetworkRules: [] + } + allowSharedKeyAccess: true + isSftpEnabled: false + allowCrossTenantReplication: false + isHnsEnabled: false accessTier: 'Hot' allowBlobPublicAccess: true - allowCrossTenantReplication: false - allowSharedKeyAccess: true defaultToOAuthAuthentication: false dnsEndpointType: 'Standard' encryption: { @@ -31,60 +36,57 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } } } - isHnsEnabled: false isLocalUserEnabled: true isNfsV3Enabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' - networkAcls: { - bypass: 'AzureServices' - defaultAction: 'Allow' - ipRules: [] - resourceAccessRules: [] - virtualNetworkRules: [] - } publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true } - sku: { - name: 'Standard_LRS' - } -} - -resource application 'Microsoft.Compute/galleries/applications@2022-03-03' = { - parent: gallery - name: '${resourceName}-app' - location: location - properties: { - supportedOSType: 'Linux' - } } -// The blob service is a singleton named 'default' under the storage account -resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2023-05-01' existing = { - parent: storageAccount +resource storageaccountBlobservices 'Microsoft.Storage/storageAccounts/blobServices@2023-05-01' = { name: 'default' + parent: storageAccount } resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2023-05-01' = { - parent: blobService name: 'mycontainer' + parent: storageaccountBlobservices properties: { publicAccess: 'Blob' } } +resource gallery 'Microsoft.Compute/galleries@2022-03-03' = { + name: '${resourceName}sig' + location: location + properties: { + description: '' + } +} + +resource application 'Microsoft.Compute/galleries/applications@2022-03-03' = { + name: '${resourceName}-app' + location: location + parent: gallery + properties: { + supportedOSType: 'Linux' + } +} + resource version 'Microsoft.Compute/galleries/applications/versions@2022-03-03' = { - parent: application name: '0.0.1' location: location + parent: application + dependsOn: [ + container + ] properties: { publishingProfile: { enableHealthCheck: false excludeFromLatest: false manageActions: { - install: '[install command]' - remove: '[remove command]' + install: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} + remove: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} update: '' } source: { @@ -93,7 +95,7 @@ resource version 'Microsoft.Compute/galleries/applications/versions@2022-03-03' } targetRegions: [ { - name: 'westus' + name: location regionalReplicaCount: 1 storageAccountType: 'Standard_LRS' } @@ -103,7 +105,4 @@ resource version 'Microsoft.Compute/galleries/applications/versions@2022-03-03' allowDeletionOfReplicatedLocations: true } } - dependsOn: [ - container - ] } diff --git a/settings/remarks/microsoft.compute/samples/galleries/images/main.bicep b/settings/remarks/microsoft.compute/samples/galleries/images/main.bicep index 58285d6e..6ed2e71d 100644 --- a/settings/remarks/microsoft.compute/samples/galleries/images/main.bicep +++ b/settings/remarks/microsoft.compute/samples/galleries/images/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource gallery 'Microsoft.Compute/galleries@2022-03-03' = { name: resourceName @@ -10,12 +10,11 @@ resource gallery 'Microsoft.Compute/galleries@2022-03-03' = { } resource image 'Microsoft.Compute/galleries/images@2022-03-03' = { - parent: gallery name: resourceName location: location + parent: gallery properties: { architecture: 'x64' - description: '' disallowed: { diskTypes: [] } @@ -26,6 +25,8 @@ resource image 'Microsoft.Compute/galleries/images@2022-03-03' = { publisher: 'AccTesPublisher230630032848825313' sku: 'AccTesSku230630032848825313' } + releaseNoteUri: '' + description: '' osState: 'Generalized' osType: 'Linux' privacyStatementUri: '' @@ -33,6 +34,5 @@ resource image 'Microsoft.Compute/galleries/images@2022-03-03' = { memory: {} vCPUs: {} } - releaseNoteUri: '' } } diff --git a/settings/remarks/microsoft.compute/samples/hostgroups/hosts/main.bicep b/settings/remarks/microsoft.compute/samples/hostgroups/hosts/main.bicep index 7d01a4fb..95e327a4 100644 --- a/settings/remarks/microsoft.compute/samples/hostgroups/hosts/main.bicep +++ b/settings/remarks/microsoft.compute/samples/hostgroups/hosts/main.bicep @@ -10,15 +10,15 @@ resource hostGroup 'Microsoft.Compute/hostGroups@2021-11-01' = { } resource host 'Microsoft.Compute/hostGroups/hosts@2021-11-01' = { - parent: hostGroup name: resourceName location: location + parent: hostGroup + sku: { + name: 'DSv3-Type1' + } properties: { - autoReplaceOnFailure: true licenseType: 'None' platformFaultDomain: 1 - } - sku: { - name: 'DSv3-Type1' + autoReplaceOnFailure: true } } diff --git a/settings/remarks/microsoft.compute/samples/restorepointcollections/main.bicep b/settings/remarks/microsoft.compute/samples/restorepointcollections/main.bicep index 1963c586..c1d29a3b 100644 --- a/settings/remarks/microsoft.compute/samples/restorepointcollections/main.bicep +++ b/settings/remarks/microsoft.compute/samples/restorepointcollections/main.bicep @@ -1,12 +1,41 @@ param resourceName string = 'acctest0001' param location string = 'eastus' +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + privateEndpointVNetPolicies: 'Disabled' + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { + name: resourceName + parent: virtualNetwork + properties: { + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] + addressPrefix: '10.0.0.0/24' + defaultOutboundAccess: true + delegations: [] + } +} + resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { name: resourceName location: location properties: { - enableAcceleratedNetworking: false - enableIPForwarding: false ipConfigurations: [ { name: 'internal' @@ -14,12 +43,12 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { primary: false privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - subnet: { - id: subnet.id - } + subnet: {} } } ] + enableAcceleratedNetworking: false + enableIPForwarding: false } } @@ -27,9 +56,7 @@ resource restorePointCollection 'Microsoft.Compute/restorePointCollections@2024- name: resourceName location: location properties: { - source: { - id: virtualMachine.id - } + source: {} } } @@ -37,17 +64,6 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { name: resourceName location: location properties: { - additionalCapabilities: {} - applicationProfile: { - galleryApplications: [] - } - diagnosticsProfile: { - bootDiagnostics: { - enabled: false - storageUri: '' - } - } - extensionsTimeBudget: 'PT1H30M' hardwareProfile: { vmSize: 'Standard_F2' } @@ -61,10 +77,32 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { } ] } + priority: 'Regular' + storageProfile: { + osDisk: { + writeAcceleratorEnabled: false + caching: 'ReadWrite' + createOption: 'FromImage' + managedDisk: { + storageAccountType: 'Standard_LRS' + } + osType: 'Linux' + } + dataDisks: [] + imageReference: { + version: 'latest' + offer: '0001-com-ubuntu-server-jammy' + publisher: 'Canonical' + sku: '22_04-lts' + } + } + applicationProfile: { + galleryApplications: [] + } osProfile: { adminUsername: 'adminuser' allowExtensionOperations: true - computerName: 'acctest0001' + computerName: resourceName linuxConfiguration: { disablePasswordAuthentication: true patchSettings: { @@ -83,55 +121,13 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { } secrets: [] } - priority: 'Regular' - storageProfile: { - dataDisks: [] - imageReference: { - offer: '0001-com-ubuntu-server-jammy' - publisher: 'Canonical' - sku: '22_04-lts' - version: 'latest' - } - osDisk: { - caching: 'ReadWrite' - createOption: 'FromImage' - managedDisk: { - storageAccountType: 'Standard_LRS' - } - osType: 'Linux' - writeAcceleratorEnabled: false + additionalCapabilities: {} + diagnosticsProfile: { + bootDiagnostics: { + enabled: false + storageUri: '' } } - } -} - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { - name: resourceName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - privateEndpointVNetPolicies: 'Disabled' - subnets: [] - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { - parent: virtualNetwork - name: resourceName - properties: { - addressPrefix: '10.0.0.0/24' - defaultOutboundAccess: true - delegations: [] - privateEndpointNetworkPolicies: 'Disabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] + extensionsTimeBudget: 'PT1H30M' } } diff --git a/settings/remarks/microsoft.compute/samples/restorepointcollections/restorepoints/main.bicep b/settings/remarks/microsoft.compute/samples/restorepointcollections/restorepoints/main.bicep index 79442794..09c1c4a6 100644 --- a/settings/remarks/microsoft.compute/samples/restorepointcollections/restorepoints/main.bicep +++ b/settings/remarks/microsoft.compute/samples/restorepointcollections/restorepoints/main.bicep @@ -1,35 +1,11 @@ param resourceName string = 'acctest0001' param location string = 'westus' -resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { - name: '${resourceName}-nic' - location: location - properties: { - enableAcceleratedNetworking: false - enableIPForwarding: false - ipConfigurations: [ - { - name: 'internal' - properties: { - primary: false - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - subnet: { - id: subnet.id - } - } - } - ] - } -} - resource restorePointCollection 'Microsoft.Compute/restorePointCollections@2024-03-01' = { name: '${resourceName}-rpc' location: location properties: { - source: { - id: virtualMachine.id - } + source: {} } } @@ -37,7 +13,6 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { name: '${resourceName}-vm' location: location properties: { - additionalCapabilities: {} applicationProfile: { galleryApplications: [] } @@ -47,10 +22,6 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { storageUri: '' } } - extensionsTimeBudget: 'PT1H30M' - hardwareProfile: { - vmSize: 'Standard_F2' - } networkProfile: { networkInterfaces: [ { @@ -61,10 +32,12 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { } ] } + additionalCapabilities: {} + extensionsTimeBudget: 'PT1H30M' + hardwareProfile: { + vmSize: 'Standard_F2' + } osProfile: { - adminUsername: 'adminuser' - allowExtensionOperations: true - computerName: 'acctest0001-vm' linuxConfiguration: { disablePasswordAuthentication: true patchSettings: { @@ -82,6 +55,9 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { } } secrets: [] + adminUsername: 'adminuser' + allowExtensionOperations: true + computerName: '${resourceName}-vm' } priority: 'Regular' storageProfile: { @@ -123,21 +99,41 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { } resource restorePoint 'Microsoft.Compute/restorePointCollections/restorePoints@2024-03-01' = { - parent: restorePointCollection name: '${resourceName}-rp' + parent: restorePointCollection properties: {} } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { - parent: virtualNetwork name: '${resourceName}-subnet' + parent: virtualNetwork properties: { - addressPrefix: '10.0.0.0/24' - defaultOutboundAccess: true - delegations: [] privateEndpointNetworkPolicies: 'Disabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] serviceEndpoints: [] + addressPrefix: '10.0.0.0/24' + defaultOutboundAccess: true + delegations: [] + } +} + +resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { + name: '${resourceName}-nic' + location: location + properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + properties: { + privateIPAllocationMethod: 'Dynamic' + subnet: {} + primary: false + privateIPAddressVersion: 'IPv4' + } + name: 'internal' + } + ] } } diff --git a/settings/remarks/microsoft.compute/samples/snapshots/main.bicep b/settings/remarks/microsoft.compute/samples/snapshots/main.bicep index a79e0b2c..17fa20d3 100644 --- a/settings/remarks/microsoft.compute/samples/snapshots/main.bicep +++ b/settings/remarks/microsoft.compute/samples/snapshots/main.bicep @@ -1,38 +1,38 @@ param resourceName string = 'acctest0001' param location string = 'westus' -resource disk 'Microsoft.Compute/disks@2023-04-02' = { - name: '${resourceName}disk' +resource snapshot 'Microsoft.Compute/snapshots@2022-03-02' = { + name: '${resourceName}snapshot' location: location properties: { creationData: { - createOption: 'Empty' - performancePlus: false - } - diskSizeGB: 10 - encryption: { - type: 'EncryptionAtRestWithPlatformKey' + sourceUri: disk.id + createOption: 'Copy' } + diskSizeGB: 20 + incremental: false networkAccessPolicy: 'AllowAll' - optimizedForFrequentAttach: false publicNetworkAccess: 'Enabled' } - sku: { - name: 'Standard_LRS' - } } -resource snapshot 'Microsoft.Compute/snapshots@2022-03-02' = { - name: '${resourceName}snapshot' +resource disk 'Microsoft.Compute/disks@2023-04-02' = { + name: '${resourceName}disk' location: location + sku: { + name: 'Standard_LRS' + } properties: { - creationData: { - createOption: 'Copy' - sourceUri: disk.id + diskSizeGB: 10 + encryption: { + type: 'EncryptionAtRestWithPlatformKey' } - diskSizeGB: 20 - incremental: false networkAccessPolicy: 'AllowAll' + optimizedForFrequentAttach: false publicNetworkAccess: 'Enabled' + creationData: { + performancePlus: false + createOption: 'Empty' + } } } diff --git a/settings/remarks/microsoft.compute/samples/virtualmachines/attachdatadisk/main.bicep b/settings/remarks/microsoft.compute/samples/virtualmachines/attachdatadisk/main.bicep index f176ad72..42220e37 100644 --- a/settings/remarks/microsoft.compute/samples/virtualmachines/attachdatadisk/main.bicep +++ b/settings/remarks/microsoft.compute/samples/virtualmachines/attachdatadisk/main.bicep @@ -1,10 +1,10 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator username for the virtual machine') param adminUsername string @secure() @description('The administrator password for the virtual machine') param adminPassword string +param resourceName string = 'acctest0001' var attachedDataDiskName = 'myattacheddatadisk1' var osDiskName = 'myosdisk1' @@ -13,7 +13,12 @@ var dataDiskName = 'mydatadisk1' resource attachedDisk 'Microsoft.Compute/disks@2022-03-02' = { name: attachedDataDiskName location: location + sku: { + name: 'Standard_LRS' + } properties: { + osType: 'Linux' + publicNetworkAccess: 'Enabled' creationData: { createOption: 'Empty' } @@ -22,11 +27,6 @@ resource attachedDisk 'Microsoft.Compute/disks@2022-03-02' = { type: 'EncryptionAtRestWithPlatformKey' } networkAccessPolicy: 'AllowAll' - osType: 'Linux' - publicNetworkAccess: 'Enabled' - } - sku: { - name: 'Standard_LRS' } } @@ -43,9 +43,7 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { primary: true privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - subnet: { - id: subnet.id - } + subnet: {} } } ] @@ -79,10 +77,10 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { } storageProfile: { imageReference: { + version: 'latest' offer: 'UbuntuServer' publisher: 'Canonical' sku: '16.04-LTS' - version: 'latest' } osDisk: { caching: 'ReadWrite' @@ -92,7 +90,6 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { } dataDisks: [ { - caching: 'ReadWrite' createOption: 'Empty' name: dataDiskName diskSizeGB: 1 @@ -100,6 +97,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { managedDisk: { storageAccountType: 'Standard_LRS' } + caching: 'ReadWrite' } { caching: 'ReadWrite' @@ -132,8 +130,8 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: resourceName + parent: virtualNetwork properties: { addressPrefix: '10.0.2.0/24' delegations: [] diff --git a/settings/remarks/microsoft.compute/samples/virtualmachines/attachosdisk/main.bicep b/settings/remarks/microsoft.compute/samples/virtualmachines/attachosdisk/main.bicep index f066b25c..0eef5057 100644 --- a/settings/remarks/microsoft.compute/samples/virtualmachines/attachosdisk/main.bicep +++ b/settings/remarks/microsoft.compute/samples/virtualmachines/attachosdisk/main.bicep @@ -1,3 +1,4 @@ +param attachedResourceName string = 'acctest0002' param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator username for the virtual machine') @@ -5,7 +6,6 @@ param adminUsername string @secure() @description('The administrator password for the virtual machine') param adminPassword string -param attachedResourceName string = 'acctest0002' var osDiskName = 'myosdisk1' var attachedOsDiskName = 'myosdisk2' @@ -14,53 +14,32 @@ resource managedDisk 'Microsoft.Compute/disks@2023-10-02' existing = { name: osDiskName } -resource attachedManagedDisk 'Microsoft.Compute/disks@2023-10-02' = { - name: attachedOsDiskName +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName location: location properties: { - creationData: { - createOption: 'Copy' - sourceResourceId: snapshot.id - } - diskSizeGB: 30 - encryption: { - type: 'EncryptionAtRestWithPlatformKey' + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] } - hyperVGeneration: 'V1' - networkAccessPolicy: 'AllowAll' - osType: 'Linux' - publicNetworkAccess: 'Enabled' - supportedCapabilities: { - architecture: 'x64' + dhcpOptions: { + dnsServers: [] } + subnets: [] } - sku: { - name: 'Standard_LRS' - } - zones: [ - '1' - ] } -resource attachedNetworkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { - name: attachedResourceName - location: location +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { + name: resourceName + parent: virtualNetwork properties: { - enableAcceleratedNetworking: false - enableIPForwarding: false - ipConfigurations: [ - { - name: 'testconfiguration2' - properties: { - primary: true - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - subnet: { - id: subnet.id - } - } - } - ] + addressPrefix: '10.0.2.0/24' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } @@ -83,7 +62,6 @@ resource attachedVirtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = } storageProfile: { osDisk: { - caching: 'ReadWrite' createOption: 'Attach' name: attachedOsDiskName osType: 'Linux' @@ -91,16 +69,60 @@ resource attachedVirtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = managedDisk: { id: attachedManagedDisk.id } + caching: 'ReadWrite' } } } } +resource attachedManagedDisk 'Microsoft.Compute/disks@2023-10-02' = { + name: attachedOsDiskName + location: location + sku: { + name: 'Standard_LRS' + } + properties: { + creationData: { + createOption: 'Copy' + } + diskSizeGB: 30 + encryption: { + type: 'EncryptionAtRestWithPlatformKey' + } + networkAccessPolicy: 'AllowAll' + publicNetworkAccess: 'Enabled' + osType: 'Linux' + hyperVGeneration: 'V1' + supportedCapabilities: { + architecture: 'x64' + } + } +} + +resource attachedNetworkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { + name: attachedResourceName + location: location + properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + name: 'testconfiguration2' + properties: { + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + subnet: {} + primary: true + } + } + ] + } +} + resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { name: resourceName location: location properties: { - enableAcceleratedNetworking: false enableIPForwarding: false ipConfigurations: [ { @@ -109,18 +131,20 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { primary: true privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - subnet: { - id: subnet.id - } + subnet: {} } } ] + enableAcceleratedNetworking: false } } resource snapshot 'Microsoft.Compute/snapshots@2023-10-02' = { name: resourceName location: location + sku: { + name: 'Standard_ZRS' + } properties: { creationData: { createOption: 'Copy' @@ -130,18 +154,15 @@ resource snapshot 'Microsoft.Compute/snapshots@2023-10-02' = { encryption: { type: 'EncryptionAtRestWithPlatformKey' } - hyperVGeneration: 'V1' incremental: true networkAccessPolicy: 'AllowAll' osType: 'Linux' + hyperVGeneration: 'V1' publicNetworkAccess: 'Enabled' supportedCapabilities: { architecture: 'x64' } } - sku: { - name: 'Standard_ZRS' - } } resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { @@ -170,47 +191,18 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { } } storageProfile: { - imageReference: { - offer: 'UbuntuServer' - publisher: 'Canonical' - sku: '16.04-LTS' - version: 'latest' - } osDisk: { - caching: 'ReadWrite' createOption: 'FromImage' name: osDiskName writeAcceleratorEnabled: false + caching: 'ReadWrite' + } + imageReference: { + publisher: 'Canonical' + sku: '16.04-LTS' + version: 'latest' + offer: 'UbuntuServer' } } } } - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: resourceName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - subnets: [] - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork - name: resourceName - properties: { - addressPrefix: '10.0.2.0/24' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] - } -} diff --git a/settings/remarks/microsoft.compute/samples/virtualmachines/basic/main.bicep b/settings/remarks/microsoft.compute/samples/virtualmachines/basic/main.bicep index 93a31595..fe7c62d6 100644 --- a/settings/remarks/microsoft.compute/samples/virtualmachines/basic/main.bicep +++ b/settings/remarks/microsoft.compute/samples/virtualmachines/basic/main.bicep @@ -1,32 +1,10 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator username for the virtual machine') param adminUsername string @secure() @description('The administrator password for the virtual machine') param adminPassword string - -resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { - name: resourceName - location: location - properties: { - enableAcceleratedNetworking: false - enableIPForwarding: false - ipConfigurations: [ - { - name: 'testconfiguration1' - properties: { - primary: true - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - subnet: { - id: subnet.id - } - } - } - ] - } -} +param resourceName string = 'acctest0001' resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { name: resourceName @@ -46,8 +24,8 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { ] } osProfile: { - adminPassword: null - adminUsername: null + adminPassword: adminPassword + adminUsername: adminUsername computerName: 'hostname230630032848831819' linuxConfiguration: { disablePasswordAuthentication: false @@ -55,16 +33,16 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { } storageProfile: { imageReference: { + version: 'latest' offer: 'UbuntuServer' publisher: 'Canonical' sku: '16.04-LTS' - version: 'latest' } osDisk: { - caching: 'ReadWrite' - createOption: 'FromImage' name: 'myosdisk1' writeAcceleratorEnabled: false + caching: 'ReadWrite' + createOption: 'FromImage' } } } @@ -87,14 +65,34 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: resourceName + parent: virtualNetwork properties: { - addressPrefix: '10.0.2.0/24' - delegations: [] privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] serviceEndpoints: [] + addressPrefix: '10.0.2.0/24' + delegations: [] + } +} + +resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { + name: resourceName + location: location + properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + name: 'testconfiguration1' + properties: { + primary: true + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + subnet: {} + } + } + ] } } diff --git a/settings/remarks/microsoft.compute/samples/virtualmachines/extensions/main.bicep b/settings/remarks/microsoft.compute/samples/virtualmachines/extensions/main.bicep index 1092716f..c38ddd4d 100644 --- a/settings/remarks/microsoft.compute/samples/virtualmachines/extensions/main.bicep +++ b/settings/remarks/microsoft.compute/samples/virtualmachines/extensions/main.bicep @@ -17,9 +17,7 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { primary: true privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - subnet: { - id: subnet.id - } + subnet: {} } } ] @@ -44,7 +42,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { ] } osProfile: { - adminPassword: null + adminPassword: vmAdminPassword adminUsername: 'testadmin' computerName: 'hostname230630032848831819' linuxConfiguration: { @@ -53,10 +51,10 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { } storageProfile: { imageReference: { - offer: 'UbuntuServer' - publisher: 'Canonical' sku: '16.04-LTS' version: 'latest' + offer: 'UbuntuServer' + publisher: 'Canonical' } osDisk: { caching: 'ReadWrite' @@ -85,11 +83,10 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } resource extension 'Microsoft.Compute/virtualMachines/extensions@2023-03-01' = { - parent: virtualMachine name: resourceName location: location + parent: virtualMachine properties: { - autoUpgradeMinorVersion: false enableAutomaticUpgrade: false publisher: 'Microsoft.Azure.Extensions' settings: { @@ -98,6 +95,7 @@ resource extension 'Microsoft.Compute/virtualMachines/extensions@2023-03-01' = { suppressFailures: false type: 'CustomScript' typeHandlerVersion: '2.0' + autoUpgradeMinorVersion: false } tags: { environment: 'Production' @@ -105,14 +103,14 @@ resource extension 'Microsoft.Compute/virtualMachines/extensions@2023-03-01' = { } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: resourceName + parent: virtualNetwork properties: { + serviceEndpoints: [] addressPrefix: '10.0.2.0/24' delegations: [] privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] - serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.compute/samples/virtualmachines/runcommands/main.bicep b/settings/remarks/microsoft.compute/samples/virtualmachines/runcommands/main.bicep index 7a26f542..8915b2f9 100644 --- a/settings/remarks/microsoft.compute/samples/virtualmachines/runcommands/main.bicep +++ b/settings/remarks/microsoft.compute/samples/virtualmachines/runcommands/main.bicep @@ -4,28 +4,6 @@ param location string = 'eastus' @description('The administrator password for the virtual machine') param adminPassword string -resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { - name: '${resourceName}-nic' - location: location - properties: { - enableAcceleratedNetworking: false - enableIPForwarding: false - ipConfigurations: [ - { - name: 'internal' - properties: { - primary: false - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - subnet: { - id: subnet.id - } - } - } - ] - } -} - resource userAssignedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = { name: '${resourceName}-uai' location: location @@ -35,20 +13,32 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { name: '${resourceName}-vm' location: location properties: { - additionalCapabilities: {} - applicationProfile: { - galleryApplications: [] + hardwareProfile: { + vmSize: 'Standard_B2s' } - diagnosticsProfile: { - bootDiagnostics: { - enabled: false - storageUri: '' + priority: 'Regular' + storageProfile: { + dataDisks: [] + imageReference: { + offer: '0001-com-ubuntu-server-jammy' + publisher: 'Canonical' + sku: '22_04-lts' + version: 'latest' + } + osDisk: { + osType: 'Linux' + writeAcceleratorEnabled: false + caching: 'ReadWrite' + createOption: 'FromImage' + managedDisk: { + storageAccountType: 'Premium_LRS' + } } } - extensionsTimeBudget: 'PT1H30M' - hardwareProfile: { - vmSize: 'Standard_B2s' + applicationProfile: { + galleryApplications: [] } + extensionsTimeBudget: 'PT1H30M' networkProfile: { networkInterfaces: [ { @@ -60,10 +50,11 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { ] } osProfile: { - adminPassword: null + secrets: [] + adminPassword: adminPassword adminUsername: 'adminuser' allowExtensionOperations: true - computerName: 'acctest0001-vm' + computerName: '${resourceName}-vm' linuxConfiguration: { disablePasswordAuthentication: false patchSettings: { @@ -75,25 +66,12 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { publicKeys: [] } } - secrets: [] } - priority: 'Regular' - storageProfile: { - dataDisks: [] - imageReference: { - offer: '0001-com-ubuntu-server-jammy' - publisher: 'Canonical' - sku: '22_04-lts' - version: 'latest' - } - osDisk: { - caching: 'ReadWrite' - createOption: 'FromImage' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - osType: 'Linux' - writeAcceleratorEnabled: false + additionalCapabilities: {} + diagnosticsProfile: { + bootDiagnostics: { + enabled: false + storageUri: '' } } } @@ -117,28 +95,28 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { } resource runCommand 'Microsoft.Compute/virtualMachines/runCommands@2023-03-01' = { - parent: virtualMachine name: '${resourceName}-runcommand' location: location + parent: virtualMachine properties: { - asyncExecution: false - errorBlobUri: '' - outputBlobUri: '' parameters: [] protectedParameters: [] - runAsPassword: '' runAsUser: '' source: { script: 'echo \'hello world\'' } timeoutInSeconds: 1200 treatFailureAsDeploymentFailure: true + asyncExecution: false + errorBlobUri: '' + outputBlobUri: '' + runAsPassword: '' } } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { - parent: virtualNetwork name: 'internal' + parent: virtualNetwork properties: { addressPrefix: '10.0.2.0/24' defaultOutboundAccess: true @@ -149,3 +127,23 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { serviceEndpoints: [] } } + +resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { + name: '${resourceName}-nic' + location: location + properties: { + ipConfigurations: [ + { + name: 'internal' + properties: { + primary: false + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + subnet: {} + } + } + ] + enableAcceleratedNetworking: false + enableIPForwarding: false + } +} diff --git a/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/extensions/main.bicep b/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/extensions/main.bicep index 7fd25e57..280d0b7b 100644 --- a/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/extensions/main.bicep +++ b/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/extensions/main.bicep @@ -4,21 +4,13 @@ param location string = 'westeurope' resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023-03-01' = { name: resourceName location: location + sku: { + tier: 'Standard' + capacity: 1 + name: 'Standard_F2' + } properties: { - additionalCapabilities: {} - doNotRunExtensionsOnOverprovisionedVMs: false - orchestrationMode: 'Uniform' - overprovision: true - scaleInPolicy: { - forceDeletion: false - rules: [ - 'Default' - ] - } singlePlacementGroup: true - upgradePolicy: { - mode: 'Manual' - } virtualMachineProfile: { diagnosticsProfile: { bootDiagnostics: { @@ -34,35 +26,34 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- { name: 'example' properties: { - dnsSettings: { - dnsServers: [] - } - enableAcceleratedNetworking: false enableIPForwarding: false ipConfigurations: [ { name: 'internal' properties: { + privateIPAddressVersion: 'IPv4' + subnet: {} applicationGatewayBackendAddressPools: [] applicationSecurityGroups: [] loadBalancerBackendAddressPools: [] loadBalancerInboundNatPools: [] primary: true - privateIPAddressVersion: 'IPv4' - subnet: { - id: subnet.id - } } } ] primary: true + dnsSettings: { + dnsServers: [] + } + enableAcceleratedNetworking: false } } ] } osProfile: { + secrets: [] adminUsername: 'adminuser' - computerNamePrefix: 'acctest0001' + computerNamePrefix: resourceName linuxConfiguration: { disablePasswordAuthentication: true provisionVMAgent: true @@ -75,7 +66,6 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- ] } } - secrets: [] } priority: 'Regular' storageProfile: { @@ -87,21 +77,29 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- version: 'latest' } osDisk: { + writeAcceleratorEnabled: false caching: 'ReadWrite' createOption: 'FromImage' managedDisk: { storageAccountType: 'Standard_LRS' } osType: 'Linux' - writeAcceleratorEnabled: false } } } - } - sku: { - capacity: 1 - name: 'Standard_F2' - tier: 'Standard' + additionalCapabilities: {} + doNotRunExtensionsOnOverprovisionedVMs: false + orchestrationMode: 'Uniform' + overprovision: true + scaleInPolicy: { + rules: [ + 'Default' + ] + forceDeletion: false + } + upgradePolicy: { + mode: 'Manual' + } } } @@ -109,44 +107,44 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location properties: { + dhcpOptions: { + dnsServers: [] + } + subnets: [] addressSpace: { addressPrefixes: [ '10.0.0.0/16' ] } - dhcpOptions: { - dnsServers: [] - } - subnets: [] } } resource extension 'Microsoft.Compute/virtualMachineScaleSets/extensions@2023-03-01' = { - parent: virtualMachineScaleSet name: resourceName + parent: virtualMachineScaleSet properties: { autoUpgradeMinorVersion: true enableAutomaticUpgrade: false - provisionAfterExtensions: [] publisher: 'Microsoft.Azure.Extensions' settings: { commandToExecute: 'echo $HOSTNAME' } suppressFailures: false - type: 'CustomScript' typeHandlerVersion: '2.0' + provisionAfterExtensions: [] + type: 'CustomScript' } } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: 'internal' + parent: virtualNetwork properties: { - addressPrefix: '10.0.2.0/24' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] serviceEndpoints: [] + addressPrefix: '10.0.2.0/24' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' } } diff --git a/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/main.bicep b/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/main.bicep index 149cea35..a1384cba 100644 --- a/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/main.bicep +++ b/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/main.bicep @@ -4,11 +4,12 @@ param location string = 'westeurope' resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023-03-01' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Standard_F2' + tier: 'Standard' + } properties: { - additionalCapabilities: {} - doNotRunExtensionsOnOverprovisionedVMs: false - orchestrationMode: 'Uniform' - overprovision: true scaleInPolicy: { forceDeletion: false rules: [ @@ -16,10 +17,50 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- ] } singlePlacementGroup: true + additionalCapabilities: {} + doNotRunExtensionsOnOverprovisionedVMs: false + orchestrationMode: 'Uniform' + overprovision: true upgradePolicy: { mode: 'Manual' } virtualMachineProfile: { + osProfile: { + adminUsername: 'adminuser' + computerNamePrefix: resourceName + linuxConfiguration: { + ssh: { + publicKeys: [ + { + keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+wWK73dCr+jgQOAxNsHAnNNNMEMWOHYEccp6wJm2gotpr9katuF/ZAdou5AaW1C61slRkHRkpRRX9FA9CYBiitZgvCCz+3nWNN7l/Up54Zps/pHWGZLHNJZRYyAB6j5yVLMVHIHriY49d/GZTZVNB8GoJv9Gakwc/fuEZYYl4YDFiGMBP///TzlI4jhiJzjKnEvqPFki5p2ZRJqcbCiF4pJrxUQR/RXqVFQdbRLZgYfJ8xGB878RENq3yQ39d8dVOkq4edbkzwcUmwwwkYVPIoDGsYLaRHnG+To7FvMeyO7xDVQkMKzopTQV8AuKpyvpqu0a9pWOMaiCyDytO7GGN you@me.com' + path: '/home/adminuser/.ssh/authorized_keys' + } + ] + } + disablePasswordAuthentication: true + provisionVMAgent: true + } + secrets: [] + } + priority: 'Regular' + storageProfile: { + dataDisks: [] + imageReference: { + version: 'latest' + offer: 'UbuntuServer' + publisher: 'Canonical' + sku: '16.04-LTS' + } + osDisk: { + writeAcceleratorEnabled: false + caching: 'ReadWrite' + createOption: 'FromImage' + managedDisk: { + storageAccountType: 'Standard_LRS' + } + osType: 'Linux' + } + } diagnosticsProfile: { bootDiagnostics: { enabled: false @@ -43,15 +84,13 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- { name: 'internal' properties: { - applicationGatewayBackendAddressPools: [] - applicationSecurityGroups: [] loadBalancerBackendAddressPools: [] loadBalancerInboundNatPools: [] primary: true privateIPAddressVersion: 'IPv4' - subnet: { - id: subnet.id - } + subnet: {} + applicationGatewayBackendAddressPools: [] + applicationSecurityGroups: [] } } ] @@ -60,49 +99,8 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- } ] } - osProfile: { - adminUsername: 'adminuser' - computerNamePrefix: 'acctest0001' - linuxConfiguration: { - disablePasswordAuthentication: true - provisionVMAgent: true - ssh: { - publicKeys: [ - { - keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+wWK73dCr+jgQOAxNsHAnNNNMEMWOHYEccp6wJm2gotpr9katuF/ZAdou5AaW1C61slRkHRkpRRX9FA9CYBiitZgvCCz+3nWNN7l/Up54Zps/pHWGZLHNJZRYyAB6j5yVLMVHIHriY49d/GZTZVNB8GoJv9Gakwc/fuEZYYl4YDFiGMBP///TzlI4jhiJzjKnEvqPFki5p2ZRJqcbCiF4pJrxUQR/RXqVFQdbRLZgYfJ8xGB878RENq3yQ39d8dVOkq4edbkzwcUmwwwkYVPIoDGsYLaRHnG+To7FvMeyO7xDVQkMKzopTQV8AuKpyvpqu0a9pWOMaiCyDytO7GGN you@me.com' - path: '/home/adminuser/.ssh/authorized_keys' - } - ] - } - } - secrets: [] - } - priority: 'Regular' - storageProfile: { - dataDisks: [] - imageReference: { - offer: 'UbuntuServer' - publisher: 'Canonical' - sku: '16.04-LTS' - version: 'latest' - } - osDisk: { - caching: 'ReadWrite' - createOption: 'FromImage' - managedDisk: { - storageAccountType: 'Standard_LRS' - } - osType: 'Linux' - writeAcceleratorEnabled: false - } - } } } - sku: { - capacity: 1 - name: 'Standard_F2' - tier: 'Standard' - } } resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { @@ -122,8 +120,8 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: 'internal' + parent: virtualNetwork properties: { addressPrefix: '10.0.2.0/24' delegations: [] diff --git a/settings/remarks/microsoft.confidentialledger/samples/ledgers/main.bicep b/settings/remarks/microsoft.confidentialledger/samples/ledgers/main.bicep index 248c723d..f60b984d 100644 --- a/settings/remarks/microsoft.confidentialledger/samples/ledgers/main.bicep +++ b/settings/remarks/microsoft.confidentialledger/samples/ledgers/main.bicep @@ -8,19 +8,19 @@ resource ledger 'Microsoft.ConfidentialLedger/ledgers@2022-05-13' = { name: resourceName location: location properties: { - aadBasedSecurityPrincipals: [ + certBasedSecurityPrincipals: [ { + cert: ledgerCertificate ledgerRoleName: 'Administrator' - principalId: deployer().objectId - tenantId: deployer().tenantId } ] - certBasedSecurityPrincipals: [ + ledgerType: 'Private' + aadBasedSecurityPrincipals: [ { - cert: null ledgerRoleName: 'Administrator' + principalId: deployer().objectId + tenantId: tenant().tenantId } ] - ledgerType: 'Private' } } diff --git a/settings/remarks/microsoft.consumption/samples/budgets/main.bicep b/settings/remarks/microsoft.consumption/samples/budgets/main.bicep index d8ab99ee..78b6b1ba 100644 --- a/settings/remarks/microsoft.consumption/samples/budgets/main.bicep +++ b/settings/remarks/microsoft.consumption/samples/budgets/main.bicep @@ -1,21 +1,36 @@ +targetScope = 'subscription' + param resourceName string = 'acctest0001' +param location string = 'westus' + +resource resourceGroup 'Microsoft.Resources/resourceGroups@2020-06-01' = { + name: resourceName + location: location +} resource budget 'Microsoft.Consumption/budgets@2019-10-01' = { name: resourceName properties: { + timeGrain: 'Monthly' + timePeriod: { + startDate: '2025-08-01T00:00:00Z' + } amount: 1000 category: 'Cost' filter: { tags: { - name: 'foo' - operator: 'In' values: [ 'bar' ] + name: 'foo' + operator: 'In' } } notifications: { 'Actual_EqualTo_90.000000_Percent': { + operator: 'EqualTo' + threshold: 90 + thresholdType: 'Actual' contactEmails: [ 'foo@example.com' 'bar@example.com' @@ -23,14 +38,7 @@ resource budget 'Microsoft.Consumption/budgets@2019-10-01' = { contactGroups: [] contactRoles: [] enabled: true - operator: 'EqualTo' - threshold: 90 - thresholdType: 'Actual' } } - timeGrain: 'Monthly' - timePeriod: { - startDate: '2025-08-01T00:00:00Z' - } } } diff --git a/settings/remarks/microsoft.containerinstance/samples/containergroups/main.bicep b/settings/remarks/microsoft.containerinstance/samples/containergroups/main.bicep index cd16892d..28ea0219 100644 --- a/settings/remarks/microsoft.containerinstance/samples/containergroups/main.bicep +++ b/settings/remarks/microsoft.containerinstance/samples/containergroups/main.bicep @@ -20,8 +20,8 @@ resource containerGroup 'Microsoft.ContainerInstance/containerGroups@2023-05-01' ] resources: { requests: { - cpu: any('0.5') memoryInGB: any('0.5') + cpu: any('0.5') } } } @@ -45,5 +45,4 @@ resource containerGroup 'Microsoft.ContainerInstance/containerGroups@2023-05-01' tags: { environment: 'Testing' } - zones: [] } diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/agentpools/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/agentpools/main.bicep index d5cfa193..127c321c 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/agentpools/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/agentpools/main.bicep @@ -4,14 +4,18 @@ param location string = 'westeurope' resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = { name: resourceName location: location + sku: { + name: 'Premium' + tier: 'Premium' + } properties: { + dataEndpointEnabled: false + networkRuleBypassOptions: 'AzureServices' adminUserEnabled: false anonymousPullEnabled: false - dataEndpointEnabled: false encryption: { status: 'disabled' } - networkRuleBypassOptions: 'AzureServices' policies: { exportPolicy: { status: 'enabled' @@ -29,16 +33,12 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = publicNetworkAccess: 'Enabled' zoneRedundancy: 'Disabled' } - sku: { - name: 'Premium' - tier: 'Premium' - } } resource agentPool 'Microsoft.ContainerRegistry/registries/agentPools@2019-06-01-preview' = { - parent: registry name: resourceName location: location + parent: registry properties: { count: 1 os: 'Linux' diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/cacherules/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/cacherules/main.bicep index a4ecf510..5fe9115b 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/cacherules/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/cacherules/main.bicep @@ -4,32 +4,32 @@ param location string = 'westus' resource registry 'Microsoft.ContainerRegistry/registries@2023-11-01-preview' = { name: '${resourceName}registry' location: location + sku: { + name: 'Basic' + } properties: { + zoneRedundancy: 'Disabled' adminUserEnabled: false anonymousPullEnabled: false dataEndpointEnabled: false networkRuleBypassOptions: 'AzureServices' policies: { - exportPolicy: { - status: 'enabled' - } quarantinePolicy: { status: 'disabled' } retentionPolicy: {} trustPolicy: {} + exportPolicy: { + status: 'enabled' + } } publicNetworkAccess: 'Enabled' - zoneRedundancy: 'Disabled' - } - sku: { - name: 'Basic' } } resource cacheRule 'Microsoft.ContainerRegistry/registries/cacheRules@2023-07-01' = { - parent: registry name: '${resourceName}-cache-rule' + parent: registry properties: { sourceRepository: 'mcr.microsoft.com/hello-world' targetRepository: 'target' diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/connectedregistries/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/connectedregistries/main.bicep index e709e2a0..f28404ad 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/connectedregistries/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/connectedregistries/main.bicep @@ -1,10 +1,15 @@ -param resourceName string = 'acctest0001' param location string = 'westus' +param resourceName string = 'acctest0001' resource registry 'Microsoft.ContainerRegistry/registries@2023-11-01-preview' = { name: '${resourceName}registry' location: location + sku: { + name: 'Premium' + } properties: { + publicNetworkAccess: 'Enabled' + zoneRedundancy: 'Disabled' adminUserEnabled: false anonymousPullEnabled: false dataEndpointEnabled: true @@ -19,17 +24,12 @@ resource registry 'Microsoft.ContainerRegistry/registries@2023-11-01-preview' = retentionPolicy: {} trustPolicy: {} } - publicNetworkAccess: 'Enabled' - zoneRedundancy: 'Disabled' - } - sku: { - name: 'Premium' } } resource connectedRegistry 'Microsoft.ContainerRegistry/registries/connectedRegistries@2023-11-01-preview' = { - parent: registry name: '${resourceName}connectedregistry' + parent: registry properties: { clientTokenIds: null logging: { @@ -39,18 +39,17 @@ resource connectedRegistry 'Microsoft.ContainerRegistry/registries/connectedRegi mode: 'ReadWrite' parent: { syncProperties: { + syncWindow: '' messageTtl: 'P1D' schedule: '* * * * *' - syncWindow: '' - tokenId: token.id } } } } resource scopeMap 'Microsoft.ContainerRegistry/registries/scopeMaps@2023-11-01-preview' = { - parent: registry name: '${resourceName}scopemap' + parent: registry properties: { actions: [ 'repositories/hello-world/content/delete' @@ -58,18 +57,18 @@ resource scopeMap 'Microsoft.ContainerRegistry/registries/scopeMaps@2023-11-01-p 'repositories/hello-world/content/write' 'repositories/hello-world/metadata/read' 'repositories/hello-world/metadata/write' - 'gateway/acctest0001connectedregistry/config/read' - 'gateway/acctest0001connectedregistry/config/write' - 'gateway/acctest0001connectedregistry/message/read' - 'gateway/acctest0001connectedregistry/message/write' + 'gateway/${resourceName}connectedregistry/config/read' + 'gateway/${resourceName}connectedregistry/config/write' + 'gateway/${resourceName}connectedregistry/message/read' + 'gateway/${resourceName}connectedregistry/message/write' ] description: '' } } resource token 'Microsoft.ContainerRegistry/registries/tokens@2023-11-01-preview' = { - parent: registry name: '${resourceName}token' + parent: registry properties: { scopeMapId: scopeMap.id status: 'enabled' diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/credentialsets/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/credentialsets/main.bicep index 83e8da41..292d1af2 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/credentialsets/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/credentialsets/main.bicep @@ -7,36 +7,15 @@ param credentialUsername string = 'testuser' @description('The password for the container registry credential') param credentialPassword string -resource registry 'Microsoft.ContainerRegistry/registries@2023-11-01-preview' = { - name: resourceName - location: location - properties: { - adminUserEnabled: false - anonymousPullEnabled: false - dataEndpointEnabled: false - networkRuleBypassOptions: 'AzureServices' - policies: { - exportPolicy: { - status: 'enabled' - } - quarantinePolicy: { - status: 'disabled' - } - retentionPolicy: {} - trustPolicy: {} - } - publicNetworkAccess: 'Enabled' - zoneRedundancy: 'Disabled' - } - sku: { - name: 'Basic' - } -} - resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { name: '${resourceName}vault' location: location properties: { + enableRbacAuthorization: false + enableSoftDelete: true + enabledForTemplateDeployment: false + publicNetworkAccess: 'Enabled' + tenantId: tenant().tenantId accessPolicies: [ { objectId: deployer().objectId @@ -51,34 +30,55 @@ resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { ] storage: [] } - tenantId: deployer().tenantId + tenantId: tenant().tenantId } ] - createMode: 'default' - enableRbacAuthorization: false - enableSoftDelete: true enabledForDeployment: false enabledForDiskEncryption: false - enabledForTemplateDeployment: false - publicNetworkAccess: 'Enabled' sku: { family: 'A' name: 'standard' } softDeleteRetentionInDays: 7 - tenantId: deployer().tenantId + createMode: 'default' + } +} + +resource registry 'Microsoft.ContainerRegistry/registries@2023-11-01-preview' = { + name: resourceName + location: location + sku: { + name: 'Basic' + } + properties: { + networkRuleBypassOptions: 'AzureServices' + policies: { + exportPolicy: { + status: 'enabled' + } + quarantinePolicy: { + status: 'disabled' + } + retentionPolicy: {} + trustPolicy: {} + } + publicNetworkAccess: 'Enabled' + zoneRedundancy: 'Disabled' + adminUserEnabled: false + anonymousPullEnabled: false + dataEndpointEnabled: false } } resource credentialSet 'Microsoft.ContainerRegistry/registries/credentialSets@2023-07-01' = { - parent: registry name: '${resourceName}-acr-credential-set' + parent: registry properties: { authCredentials: [ { + usernameSecretIdentifier: 'https://${resourceName}vault.vault.azure.net/secrets/username' name: 'Credential1' - passwordSecretIdentifier: 'https://acctest0001vault.vault.azure.net/secrets/password' - usernameSecretIdentifier: 'https://acctest0001vault.vault.azure.net/secrets/username' + passwordSecretIdentifier: 'https://${resourceName}vault.vault.azure.net/secrets/password' } ] loginServer: 'docker.io' @@ -86,17 +86,17 @@ resource credentialSet 'Microsoft.ContainerRegistry/registries/credentialSets@20 } resource passwordSecret 'Microsoft.KeyVault/vaults/secrets@2023-02-01' = { - parent: vault name: 'password' + parent: vault properties: { - value: null + value: '${credentialPassword}' } } resource usernameSecret 'Microsoft.KeyVault/vaults/secrets@2023-02-01' = { - parent: vault name: 'username' + parent: vault properties: { - value: 'testuser' + value: '${credentialUsername}' } } diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/main.bicep index b9e3386c..c3479db2 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/main.bicep @@ -4,33 +4,33 @@ param location string = 'westeurope' resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = { name: resourceName location: location + sku: { + name: 'Standard' + tier: 'Standard' + } properties: { - adminUserEnabled: false - anonymousPullEnabled: false dataEndpointEnabled: false encryption: { status: 'disabled' } networkRuleBypassOptions: 'AzureServices' policies: { - exportPolicy: { - status: 'enabled' - } - quarantinePolicy: { - status: 'disabled' - } retentionPolicy: { status: 'disabled' } trustPolicy: { status: 'disabled' } + exportPolicy: { + status: 'enabled' + } + quarantinePolicy: { + status: 'disabled' + } } publicNetworkAccess: 'Enabled' + adminUserEnabled: false + anonymousPullEnabled: false zoneRedundancy: 'Disabled' } - sku: { - name: 'Standard' - tier: 'Standard' - } } diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/scopemaps/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/scopemaps/main.bicep index b40cc76a..bf93f7c3 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/scopemaps/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/scopemaps/main.bicep @@ -4,14 +4,11 @@ param location string = 'westeurope' resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = { name: resourceName location: location + sku: { + tier: 'Premium' + name: 'Premium' + } properties: { - adminUserEnabled: false - anonymousPullEnabled: false - dataEndpointEnabled: false - encryption: { - status: 'disabled' - } - networkRuleBypassOptions: 'AzureServices' policies: { exportPolicy: { status: 'enabled' @@ -26,18 +23,21 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = status: 'disabled' } } - publicNetworkAccess: 'Enabled' zoneRedundancy: 'Disabled' - } - sku: { - name: 'Premium' - tier: 'Premium' + adminUserEnabled: false + anonymousPullEnabled: false + dataEndpointEnabled: false + publicNetworkAccess: 'Enabled' + encryption: { + status: 'disabled' + } + networkRuleBypassOptions: 'AzureServices' } } resource scopeMap 'Microsoft.ContainerRegistry/registries/scopeMaps@2021-08-01-preview' = { - parent: registry name: resourceName + parent: registry properties: { actions: [ 'repositories/testrepo/content/read' diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/taskruns/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/taskruns/main.bicep index 0789863e..95f527e8 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/taskruns/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/taskruns/main.bicep @@ -4,14 +4,19 @@ param location string = 'westeurope' resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = { name: resourceName location: location + sku: { + name: 'Standard' + tier: 'Standard' + } properties: { - adminUserEnabled: false - anonymousPullEnabled: false - dataEndpointEnabled: false encryption: { status: 'disabled' } networkRuleBypassOptions: 'AzureServices' + publicNetworkAccess: 'Enabled' + adminUserEnabled: false + anonymousPullEnabled: false + dataEndpointEnabled: false policies: { exportPolicy: { status: 'enabled' @@ -26,19 +31,14 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = status: 'disabled' } } - publicNetworkAccess: 'Enabled' zoneRedundancy: 'Disabled' } - sku: { - name: 'Standard' - tier: 'Standard' - } } resource taskRun 'Microsoft.ContainerRegistry/registries/taskRuns@2019-06-01-preview' = { - parent: registry name: resourceName location: location + parent: registry properties: { runRequest: { dockerFilePath: 'Dockerfile' diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/tasks/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/tasks/main.bicep index c31bbd8c..d288908c 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/tasks/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/tasks/main.bicep @@ -4,14 +4,18 @@ param location string = 'westeurope' resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = { name: resourceName location: location + sku: { + name: 'Basic' + tier: 'Basic' + } properties: { adminUserEnabled: false anonymousPullEnabled: false - dataEndpointEnabled: false encryption: { status: 'disabled' } networkRuleBypassOptions: 'AzureServices' + dataEndpointEnabled: false policies: { exportPolicy: { status: 'enabled' @@ -29,20 +33,16 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = publicNetworkAccess: 'Enabled' zoneRedundancy: 'Disabled' } - sku: { - name: 'Basic' - tier: 'Basic' - } } resource task 'Microsoft.ContainerRegistry/registries/tasks@2019-06-01-preview' = { - parent: registry name: resourceName location: location + parent: registry properties: { - isSystemTask: true - status: 'Enabled' step: null timeout: 3600 + isSystemTask: true + status: 'Enabled' } } diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/tokens/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/tokens/main.bicep index b4380ac1..b4b03f75 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/tokens/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/tokens/main.bicep @@ -4,14 +4,15 @@ param location string = 'westeurope' resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = { name: resourceName location: location + sku: { + name: 'Premium' + tier: 'Premium' + } properties: { + networkRuleBypassOptions: 'AzureServices' + publicNetworkAccess: 'Enabled' adminUserEnabled: true - anonymousPullEnabled: false dataEndpointEnabled: false - encryption: { - status: 'disabled' - } - networkRuleBypassOptions: 'AzureServices' policies: { exportPolicy: { status: 'enabled' @@ -26,18 +27,17 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = status: 'disabled' } } - publicNetworkAccess: 'Enabled' zoneRedundancy: 'Disabled' - } - sku: { - name: 'Premium' - tier: 'Premium' + anonymousPullEnabled: false + encryption: { + status: 'disabled' + } } } resource token 'Microsoft.ContainerRegistry/registries/tokens@2021-08-01-preview' = { - parent: registry name: resourceName + parent: registry properties: { scopeMapId: resourceId('Microsoft.ContainerRegistry/registries/scopeMaps', registry.name, '_repositories_pull') status: 'enabled' diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/webhooks/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/webhooks/main.bicep index 23f95fe2..d819c4bd 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/webhooks/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/webhooks/main.bicep @@ -4,18 +4,13 @@ param location string = 'westeurope' resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = { name: resourceName location: location + sku: { + name: 'Standard' + tier: 'Standard' + } properties: { - adminUserEnabled: false - anonymousPullEnabled: false - dataEndpointEnabled: false - encryption: { - status: 'disabled' - } networkRuleBypassOptions: 'AzureServices' policies: { - exportPolicy: { - status: 'enabled' - } quarantinePolicy: { status: 'disabled' } @@ -25,27 +20,32 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = trustPolicy: { status: 'disabled' } + exportPolicy: { + status: 'enabled' + } } publicNetworkAccess: 'Enabled' zoneRedundancy: 'Disabled' - } - sku: { - name: 'Standard' - tier: 'Standard' + anonymousPullEnabled: false + adminUserEnabled: false + dataEndpointEnabled: false + encryption: { + status: 'disabled' + } } } resource webHook 'Microsoft.ContainerRegistry/registries/webHooks@2021-08-01-preview' = { - parent: registry name: resourceName location: location + parent: registry properties: { + scope: '' + serviceUri: 'https://mywebhookreceiver.example/mytag' + status: 'enabled' actions: [ 'push' ] customHeaders: {} - scope: '' - serviceUri: 'https://mywebhookreceiver.example/mytag' - status: 'enabled' } } diff --git a/settings/remarks/microsoft.containerservice/samples/fleets/members/main.bicep b/settings/remarks/microsoft.containerservice/samples/fleets/members/main.bicep index 627308ea..42284263 100644 --- a/settings/remarks/microsoft.containerservice/samples/fleets/members/main.bicep +++ b/settings/remarks/microsoft.containerservice/samples/fleets/members/main.bicep @@ -1,42 +1,52 @@ -param resourceName string = 'acctest0001' param location string = 'westus' - -resource fleet 'Microsoft.ContainerService/fleets@2024-04-01' = { - name: resourceName - location: location - properties: {} -} +param resourceName string = 'acctest0001' resource managedCluster 'Microsoft.ContainerService/managedClusters@2025-02-01' = { name: resourceName location: location + sku: { + name: 'Base' + tier: 'Free' + } properties: { + metricsProfile: { + costAnalysis: { + enabled: false + } + } + nodeResourceGroup: '' addonProfiles: {} agentPoolProfiles: [ { + mode: 'System' + osDiskType: 'Managed' + tags: {} count: 1 enableAutoScaling: false - enableEncryptionAtHost: false - enableFIPS: false - enableNodePublicIP: false enableUltraSSD: false - kubeletDiskType: '' - mode: 'System' - name: 'default' - nodeLabels: {} - osDiskType: 'Managed' - osType: 'Linux' scaleDownMode: 'Delete' - tags: {} + vmSize: 'Standard_B2s' + enableNodePublicIP: false type: 'VirtualMachineScaleSets' upgradeSettings: { drainTimeoutInMinutes: 0 maxSurge: '10%' nodeSoakDurationInMinutes: 0 } - vmSize: 'Standard_B2s' + enableEncryptionAtHost: false + name: 'default' + nodeLabels: {} + osType: 'Linux' + enableFIPS: false + kubeletDiskType: '' } ] + enableRBAC: true + securityProfile: {} + servicePrincipalProfile: { + clientId: 'msi' + } + supportPlan: 'KubernetesOfficial' apiServerAccessProfile: { disableRunCommand: false enablePrivateCluster: false @@ -52,32 +62,22 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2025-02-01' } } disableLocalAccounts: false - dnsPrefix: 'acctest0001' - enableRBAC: true + dnsPrefix: '${resourceName}' kubernetesVersion: '' - metricsProfile: { - costAnalysis: { - enabled: false - } - } - nodeResourceGroup: '' - securityProfile: {} - servicePrincipalProfile: { - clientId: 'msi' - } - supportPlan: 'KubernetesOfficial' - } - sku: { - name: 'Base' - tier: 'Free' } } +resource fleet 'Microsoft.ContainerService/fleets@2024-04-01' = { + name: resourceName + location: location + properties: {} +} + resource member 'Microsoft.ContainerService/fleets/members@2024-04-01' = { - parent: fleet name: resourceName + parent: fleet properties: { - clusterResourceId: managedCluster.id group: 'default' + clusterResourceId: managedCluster.id } } diff --git a/settings/remarks/microsoft.containerservice/samples/managedclusters/agentpools/main.bicep b/settings/remarks/microsoft.containerservice/samples/managedclusters/agentpools/main.bicep index c752f464..1b17cd79 100644 --- a/settings/remarks/microsoft.containerservice/samples/managedclusters/agentpools/main.bicep +++ b/settings/remarks/microsoft.containerservice/samples/managedclusters/agentpools/main.bicep @@ -13,13 +13,13 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2023-04-02-p vmSize: 'Standard_DS2_v2' } ] - dnsPrefix: 'acctest0001' + dnsPrefix: '${resourceName}' } } resource agentPool 'Microsoft.ContainerService/managedClusters/agentPools@2023-04-02-preview' = { - parent: managedCluster name: 'internal' + parent: managedCluster properties: { count: 1 mode: 'User' diff --git a/settings/remarks/microsoft.containerservice/samples/managedclusters/main.bicep b/settings/remarks/microsoft.containerservice/samples/managedclusters/main.bicep index 786bb9f1..63d7517e 100644 --- a/settings/remarks/microsoft.containerservice/samples/managedclusters/main.bicep +++ b/settings/remarks/microsoft.containerservice/samples/managedclusters/main.bicep @@ -5,6 +5,7 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2023-04-02-p name: resourceName location: location properties: { + dnsPrefix: '${resourceName}' agentPoolProfiles: [ { count: 1 @@ -13,6 +14,5 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2023-04-02-p vmSize: 'Standard_DS2_v2' } ] - dnsPrefix: 'acctest0001' } } diff --git a/settings/remarks/microsoft.containerservice/samples/managedclusters/trustedaccessrolebindings/main.bicep b/settings/remarks/microsoft.containerservice/samples/managedclusters/trustedaccessrolebindings/main.bicep index 25a49290..9c8ff611 100644 --- a/settings/remarks/microsoft.containerservice/samples/managedclusters/trustedaccessrolebindings/main.bicep +++ b/settings/remarks/microsoft.containerservice/samples/managedclusters/trustedaccessrolebindings/main.bicep @@ -1,99 +1,33 @@ param resourceName string = 'acctest0001' param location string = 'westus' -resource component 'Microsoft.Insights/components@2020-02-02' = { - name: 'ai-${resourceName}' - location: location - kind: 'web' - properties: { - Application_Type: 'web' - DisableIpMasking: false - DisableLocalAuth: false - ForceCustomerStorageForProfiler: false - RetentionInDays: 90 - SamplingPercentage: 100 - publicNetworkAccessForIngestion: 'Enabled' - publicNetworkAccessForQuery: 'Enabled' - } -} - -resource managedCluster 'Microsoft.ContainerService/managedClusters@2025-02-01' = { - name: 'aks-${resourceName}' - location: location - properties: { - addonProfiles: {} - agentPoolProfiles: [ - { - count: 1 - enableAutoScaling: false - enableEncryptionAtHost: false - enableFIPS: false - enableNodePublicIP: false - enableUltraSSD: false - kubeletDiskType: '' - mode: 'System' - name: 'default' - nodeLabels: {} - osDiskType: 'Managed' - osType: 'Linux' - scaleDownMode: 'Delete' - tags: {} - type: 'VirtualMachineScaleSets' - upgradeSettings: { - drainTimeoutInMinutes: 0 - maxSurge: '10%' - nodeSoakDurationInMinutes: 0 - } - vmSize: 'Standard_B2s' - } - ] - apiServerAccessProfile: { - disableRunCommand: false - enablePrivateCluster: false - enablePrivateClusterPublicFQDN: false - } - autoUpgradeProfile: { - nodeOSUpgradeChannel: 'NodeImage' - upgradeChannel: 'none' - } - azureMonitorProfile: { - metrics: { - enabled: false - } - } - disableLocalAccounts: false - dnsPrefix: 'aks-acctest0001' - enableRBAC: true - kubernetesVersion: '' - metricsProfile: { - costAnalysis: { - enabled: false - } - } - nodeResourceGroup: '' - securityProfile: {} - servicePrincipalProfile: { - clientId: 'msi' - } - supportPlan: 'KubernetesOfficial' - } - sku: { - name: 'Base' - tier: 'Free' - } -} - resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { name: 'st${resourceName}' location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { accessTier: 'Hot' - allowBlobPublicAccess: true - allowCrossTenantReplication: false + minimumTlsVersion: 'TLS1_2' allowSharedKeyAccess: true + isHnsEnabled: false defaultToOAuthAuthentication: false dnsEndpointType: 'Standard' + isNfsV3Enabled: false + isSftpEnabled: false + networkAcls: { + bypass: 'AzureServices' + defaultAction: 'Allow' + ipRules: [] + resourceAccessRules: [] + virtualNetworkRules: [] + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true + allowBlobPublicAccess: true + allowCrossTenantReplication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -105,23 +39,7 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } } } - isHnsEnabled: false isLocalUserEnabled: true - isNfsV3Enabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' - networkAcls: { - bypass: 'AzureServices' - defaultAction: 'Allow' - ipRules: [] - resourceAccessRules: [] - virtualNetworkRules: [] - } - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' } } @@ -130,24 +48,28 @@ resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { location: location properties: { accessPolicies: [] - createMode: 'default' - enableRbacAuthorization: false enabledForDeployment: false enabledForDiskEncryption: false - enabledForTemplateDeployment: false publicNetworkAccess: 'Enabled' sku: { - family: 'A' name: 'standard' + family: 'A' } softDeleteRetentionInDays: 7 - tenantId: deployer().tenantId + createMode: 'default' + enableRbacAuthorization: false + enabledForTemplateDeployment: false + tenantId: tenant().tenantId } } resource workspace 'Microsoft.MachineLearningServices/workspaces@2024-04-01' = { name: 'mlw-${resourceName}' location: location + sku: { + name: 'Basic' + tier: 'Basic' + } kind: 'Default' properties: { applicationInsights: component.id @@ -156,15 +78,77 @@ resource workspace 'Microsoft.MachineLearningServices/workspaces@2024-04-01' = { storageAccount: storageAccount.id v1LegacyMode: false } +} + +resource managedCluster 'Microsoft.ContainerService/managedClusters@2025-02-01' = { + name: 'aks-${resourceName}' + location: location sku: { - name: 'Basic' - tier: 'Basic' + tier: 'Free' + name: 'Base' + } + properties: { + apiServerAccessProfile: { + disableRunCommand: false + enablePrivateCluster: false + enablePrivateClusterPublicFQDN: false + } + azureMonitorProfile: { + metrics: { + enabled: false + } + } + disableLocalAccounts: false + dnsPrefix: 'aks-${resourceName}' + enableRBAC: true + metricsProfile: { + costAnalysis: { + enabled: false + } + } + nodeResourceGroup: '' + servicePrincipalProfile: { + clientId: 'msi' + } + addonProfiles: {} + agentPoolProfiles: [ + { + enableAutoScaling: false + name: 'default' + nodeLabels: {} + enableEncryptionAtHost: false + osDiskType: 'Managed' + tags: {} + type: 'VirtualMachineScaleSets' + upgradeSettings: { + drainTimeoutInMinutes: 0 + maxSurge: '10%' + nodeSoakDurationInMinutes: 0 + } + scaleDownMode: 'Delete' + count: 1 + enableNodePublicIP: false + enableUltraSSD: false + kubeletDiskType: '' + osType: 'Linux' + enableFIPS: false + mode: 'System' + vmSize: 'Standard_B2s' + } + ] + autoUpgradeProfile: { + nodeOSUpgradeChannel: 'NodeImage' + upgradeChannel: 'none' + } + kubernetesVersion: '' + securityProfile: {} + supportPlan: 'KubernetesOfficial' } } resource trustedAccessRoleBinding 'Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings@2025-02-01' = { - parent: managedCluster name: 'tarb-${resourceName}' + parent: managedCluster properties: { roles: [ 'Microsoft.MachineLearningServices/workspaces/mlworkload' @@ -172,3 +156,19 @@ resource trustedAccessRoleBinding 'Microsoft.ContainerService/managedClusters/tr sourceResourceId: workspace.id } } + +resource component 'Microsoft.Insights/components@2020-02-02' = { + name: 'ai-${resourceName}' + location: location + kind: 'web' + properties: { + DisableIpMasking: false + DisableLocalAuth: false + ForceCustomerStorageForProfiler: false + RetentionInDays: 90 + publicNetworkAccessForQuery: 'Enabled' + Application_Type: 'web' + SamplingPercentage: 100 + publicNetworkAccessForIngestion: 'Enabled' + } +} diff --git a/settings/remarks/microsoft.costmanagement/samples/scheduledactions/main.bicep b/settings/remarks/microsoft.costmanagement/samples/scheduledactions/main.bicep index 1eb2dc82..790a130d 100644 --- a/settings/remarks/microsoft.costmanagement/samples/scheduledactions/main.bicep +++ b/settings/remarks/microsoft.costmanagement/samples/scheduledactions/main.bicep @@ -1,11 +1,25 @@ targetScope = 'subscription' param resourceName string = 'acctest0001' +param location string = 'eastus' resource scheduledAction 'Microsoft.CostManagement/scheduledActions@2022-10-01' = { name: resourceName + scope: subscription() kind: 'Email' properties: { + notificationEmail: 'test@test.com' + schedule: { + frequency: 'Daily' + hourOfDay: 0 + startDate: '2023-07-01T00:00:00Z' + weeksOfMonth: null + dayOfMonth: 0 + daysOfWeek: null + endDate: '2023-07-02T00:00:00Z' + } + status: 'Enabled' + viewId: resourceId('Microsoft.CostManagement/views', 'ms:CostByService') displayName: 'CostByServiceViewerz3k' fileDestination: { fileFormats: [] @@ -18,17 +32,5 @@ resource scheduledAction 'Microsoft.CostManagement/scheduledActions@2022-10-01' 'hashicorp@test.com' ] } - notificationEmail: 'test@test.com' - schedule: { - dayOfMonth: 0 - daysOfWeek: null - endDate: '2023-07-02T00:00:00Z' - frequency: 'Daily' - hourOfDay: 0 - startDate: '2023-07-01T00:00:00Z' - weeksOfMonth: null - } - status: 'Enabled' - viewId: resourceId('Microsoft.CostManagement/views', 'ms:CostByService') } } diff --git a/settings/remarks/microsoft.costmanagement/samples/views/main.bicep b/settings/remarks/microsoft.costmanagement/samples/views/main.bicep index be056d90..5294f43a 100644 --- a/settings/remarks/microsoft.costmanagement/samples/views/main.bicep +++ b/settings/remarks/microsoft.costmanagement/samples/views/main.bicep @@ -1,6 +1,5 @@ -targetScope = 'subscription' - param resourceName string = 'acctest0001' +param location string = 'eastus' resource view 'Microsoft.CostManagement/views@2022-10-01' = { name: resourceName @@ -30,17 +29,6 @@ resource view 'Microsoft.CostManagement/views@2022-10-01' = { ] query: { dataSet: { - aggregation: { - totalCost: { - function: 'Sum' - name: 'Cost' - } - totalCostUSD: { - function: 'Sum' - name: 'CostUSD' - } - } - granularity: 'Monthly' grouping: [ { name: 'ResourceGroupName' @@ -53,6 +41,17 @@ resource view 'Microsoft.CostManagement/views@2022-10-01' = { name: 'BillingMonth' } ] + aggregation: { + totalCost: { + function: 'Sum' + name: 'Cost' + } + totalCostUSD: { + function: 'Sum' + name: 'CostUSD' + } + } + granularity: 'Monthly' } timeframe: 'MonthToDate' type: 'Usage' diff --git a/settings/remarks/microsoft.dashboard/samples/grafana/main.bicep b/settings/remarks/microsoft.dashboard/samples/grafana/main.bicep index 042f70ca..a1ea4cbe 100644 --- a/settings/remarks/microsoft.dashboard/samples/grafana/main.bicep +++ b/settings/remarks/microsoft.dashboard/samples/grafana/main.bicep @@ -4,6 +4,9 @@ param location string = 'westeurope' resource grafana 'Microsoft.Dashboard/grafana@2022-08-01' = { name: resourceName location: location + sku: { + name: 'Standard' + } properties: { apiKey: 'Disabled' autoGeneratedDomainNameLabelScope: 'TenantReuse' @@ -11,7 +14,4 @@ resource grafana 'Microsoft.Dashboard/grafana@2022-08-01' = { publicNetworkAccess: 'Enabled' zoneRedundancy: 'Disabled' } - sku: { - name: 'Standard' - } } diff --git a/settings/remarks/microsoft.dashboard/samples/grafana/managedprivateendpoints/main.bicep b/settings/remarks/microsoft.dashboard/samples/grafana/managedprivateendpoints/main.bicep index 71e55b93..e1e986b2 100644 --- a/settings/remarks/microsoft.dashboard/samples/grafana/managedprivateendpoints/main.bicep +++ b/settings/remarks/microsoft.dashboard/samples/grafana/managedprivateendpoints/main.bicep @@ -12,6 +12,9 @@ resource account 'Microsoft.Monitor/accounts@2023-04-03' = { resource grafana 'Microsoft.Dashboard/grafana@2023-09-01' = { name: '${resourceName}-graf' location: location + sku: { + name: 'Standard' + } properties: { apiKey: 'Disabled' autoGeneratedDomainNameLabelScope: 'TenantReuse' @@ -20,22 +23,19 @@ resource grafana 'Microsoft.Dashboard/grafana@2023-09-01' = { publicNetworkAccess: 'Enabled' zoneRedundancy: 'Disabled' } - sku: { - name: 'Standard' - } } resource managedPrivateEndpoint 'Microsoft.Dashboard/grafana/managedPrivateEndpoints@2023-09-01' = { - parent: grafana name: '${resourceName}-mpe' location: location + parent: grafana properties: { - groupIds: [ - 'prometheusMetrics' - ] privateLinkResourceId: account.id - privateLinkResourceRegion: 'eastus' + privateLinkResourceRegion: location privateLinkServiceUrl: '' requestMessage: '' + groupIds: [ + 'prometheusMetrics' + ] } } diff --git a/settings/remarks/microsoft.databricks/samples/workspaces/main.bicep b/settings/remarks/microsoft.databricks/samples/workspaces/main.bicep index 73fa901d..6892df12 100644 --- a/settings/remarks/microsoft.databricks/samples/workspaces/main.bicep +++ b/settings/remarks/microsoft.databricks/samples/workspaces/main.bicep @@ -4,8 +4,11 @@ param location string = 'eastus2' resource workspace 'Microsoft.Databricks/workspaces@2023-02-01' = { name: resourceName location: location + sku: { + name: 'premium' + } properties: { - managedResourceGroupId: resourceId('Microsoft.Resources/resourceGroups', 'databricks-rg-${resourceName}') + managedResourceGroupId: resourceGroup().id parameters: { prepareEncryption: { value: true @@ -16,7 +19,4 @@ resource workspace 'Microsoft.Databricks/workspaces@2023-02-01' = { } publicNetworkAccess: 'Enabled' } - sku: { - name: 'premium' - } } diff --git a/settings/remarks/microsoft.databricks/samples/workspaces/virtualnetworkpeerings/main.bicep b/settings/remarks/microsoft.databricks/samples/workspaces/virtualnetworkpeerings/main.bicep index a75f36b6..bd3413f3 100644 --- a/settings/remarks/microsoft.databricks/samples/workspaces/virtualnetworkpeerings/main.bicep +++ b/settings/remarks/microsoft.databricks/samples/workspaces/virtualnetworkpeerings/main.bicep @@ -20,27 +20,19 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { resource workspace 'Microsoft.Databricks/workspaces@2023-02-01' = { name: resourceName location: location - properties: { - managedResourceGroupId: resourceId('Microsoft.Resources/resourceGroups', 'databricks-rg-${resourceName}') - publicNetworkAccess: 'Enabled' - } sku: { name: 'standard' } + properties: { + publicNetworkAccess: 'Enabled' + managedResourceGroupId: resourceGroup().id + } } resource virtualNetworkPeering 'Microsoft.Databricks/workspaces/virtualNetworkPeerings@2023-02-01' = { - parent: workspace name: resourceName + parent: workspace properties: { - allowForwardedTraffic: false - allowGatewayTransit: false - allowVirtualNetworkAccess: true - databricksAddressSpace: { - addressPrefixes: [ - '10.139.0.0/16' - ] - } remoteAddressSpace: { addressPrefixes: [ '10.0.1.0/24' @@ -50,5 +42,13 @@ resource virtualNetworkPeering 'Microsoft.Databricks/workspaces/virtualNetworkPe id: virtualNetwork.id } useRemoteGateways: false + allowForwardedTraffic: false + allowGatewayTransit: false + allowVirtualNetworkAccess: true + databricksAddressSpace: { + addressPrefixes: [ + '10.139.0.0/16' + ] + } } } diff --git a/settings/remarks/microsoft.datafactory/samples/factories/credentials/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/credentials/main.bicep index 74ba3e81..6d3e1d0e 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/credentials/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/credentials/main.bicep @@ -12,17 +12,18 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { resource userAssignedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = { name: resourceName + location: 'azapi_resource.resourceGroup.location' } resource credential 'Microsoft.DataFactory/factories/credentials@2018-06-01' = { - parent: factory name: resourceName + parent: factory properties: { + type: 'ManagedIdentity' annotations: [ 'test' ] description: 'this is a test' - type: 'ManagedIdentity' typeProperties: { resourceId: userAssignedIdentity.id } diff --git a/settings/remarks/microsoft.datafactory/samples/factories/dataflows/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/dataflows/main.bicep index f8f1274a..57deb90e 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/dataflows/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/dataflows/main.bicep @@ -13,42 +13,42 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { - accessTier: 'Hot' - allowBlobPublicAccess: true - allowCrossTenantReplication: true - allowSharedKeyAccess: true - defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { - queue: { + table: { keyType: 'Service' } - table: { + queue: { keyType: 'Service' } } } - isHnsEnabled: false - isNfsV3Enabled: false isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } + accessTier: 'Hot' + allowBlobPublicAccess: true + defaultToOAuthAuthentication: false + isHnsEnabled: false + isNfsV3Enabled: false + minimumTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' + allowCrossTenantReplication: true + allowSharedKeyAccess: true } } resource dataflow 'Microsoft.DataFactory/factories/dataflows@2018-06-01' = { - parent: factory name: resourceName + parent: factory properties: { description: '' type: 'Flowlet' @@ -69,9 +69,8 @@ source1 sink( { description: '' linkedService: { - parameters: {} - referenceName: linkedservice.name type: 'LinkedServiceReference' + parameters: {} } name: 'sink1' } @@ -81,7 +80,6 @@ source1 sink( description: '' linkedService: { parameters: {} - referenceName: linkedservice.name type: 'LinkedServiceReference' } name: 'source1' @@ -92,8 +90,8 @@ source1 sink( } resource linkedservice 'Microsoft.DataFactory/factories/linkedservices@2018-06-01' = { - parent: factory name: resourceName + parent: factory properties: { description: '' type: 'AzureBlobStorage' diff --git a/settings/remarks/microsoft.datafactory/samples/factories/datasets/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/datasets/main.bicep index 8f874454..87c8eabf 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/datasets/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/datasets/main.bicep @@ -13,13 +13,19 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { + isNfsV3Enabled: false + isSftpEnabled: false + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' accessTier: 'Hot' - allowBlobPublicAccess: true - allowCrossTenantReplication: true allowSharedKeyAccess: true - defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -31,28 +37,21 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } - isHnsEnabled: false - isNfsV3Enabled: false - isSftpEnabled: false minimumTlsVersion: 'TLS1_2' - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' + allowBlobPublicAccess: true + allowCrossTenantReplication: true + defaultToOAuthAuthentication: false + isHnsEnabled: false } } resource dataset 'Microsoft.DataFactory/factories/datasets@2018-06-01' = { - parent: factory name: resourceName + parent: factory properties: { description: '' linkedServiceName: { - referenceName: linkedservice.name type: 'LinkedServiceReference' } type: 'Json' @@ -69,8 +68,8 @@ resource dataset 'Microsoft.DataFactory/factories/datasets@2018-06-01' = { } resource linkedservice 'Microsoft.DataFactory/factories/linkedservices@2018-06-01' = { - parent: factory name: resourceName + parent: factory properties: { description: '' type: 'AzureBlobStorage' diff --git a/settings/remarks/microsoft.datafactory/samples/factories/integrationruntimes/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/integrationruntimes/main.bicep index 0b9e810d..1147b531 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/integrationruntimes/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/integrationruntimes/main.bicep @@ -11,8 +11,8 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { } resource integrationRuntime 'Microsoft.DataFactory/factories/integrationRuntimes@2018-06-01' = { - parent: factory name: resourceName + parent: factory properties: { description: '' type: 'SelfHosted' diff --git a/settings/remarks/microsoft.datafactory/samples/factories/linkedservices/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/linkedservices/main.bicep index 6eb10574..145e99ed 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/linkedservices/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/linkedservices/main.bicep @@ -10,16 +10,32 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { } } +resource linkedservice 'Microsoft.DataFactory/factories/linkedservices@2018-06-01' = { + name: resourceName + parent: factory + properties: { + type: 'AzureBlobStorage' + typeProperties: { + serviceEndpoint: storageAccount.properties.primaryEndpoints.blob + } + description: '' + } +} + resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { - accessTier: 'Hot' - allowBlobPublicAccess: true + minimumTlsVersion: 'TLS1_2' + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' allowCrossTenantReplication: true - allowSharedKeyAccess: true - defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -31,29 +47,13 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } - isHnsEnabled: false isNfsV3Enabled: false isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' - } -} - -resource linkedservice 'Microsoft.DataFactory/factories/linkedservices@2018-06-01' = { - parent: factory - name: resourceName - properties: { - description: '' - type: 'AzureBlobStorage' - typeProperties: { - serviceEndpoint: storageAccount.properties.primaryEndpoints.blob - } + accessTier: 'Hot' + allowBlobPublicAccess: true + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false + isHnsEnabled: false } } diff --git a/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/main.bicep index bf26c35b..1d550e51 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/main.bicep @@ -5,14 +5,14 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { name: resourceName location: location properties: { + repoConfiguration: null globalParameters: {} publicNetworkAccess: 'Enabled' - repoConfiguration: null } } resource managedVirtualNetwork 'Microsoft.DataFactory/factories/managedVirtualNetworks@2018-06-01' = { - parent: factory name: 'default' + parent: factory properties: {} } diff --git a/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/managedprivateendpoints/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/managedprivateendpoints/main.bicep index aecaf32e..77de140a 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/managedprivateendpoints/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/managedprivateendpoints/main.bicep @@ -14,10 +14,14 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } kind: 'BlobStorage' properties: { + minimumTlsVersion: 'TLS1_2' + supportsHttpsTrafficOnly: true accessTier: 'Hot' - allowBlobPublicAccess: true allowCrossTenantReplication: true allowSharedKeyAccess: true defaultToOAuthAuthentication: false @@ -32,30 +36,26 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } - isHnsEnabled: false - isNfsV3Enabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' + allowBlobPublicAccess: true + isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false } } resource managedVirtualNetwork 'Microsoft.DataFactory/factories/managedVirtualNetworks@2018-06-01' = { - parent: factory name: 'default' + parent: factory properties: {} } resource managedPrivateEndpoint 'Microsoft.DataFactory/factories/managedVirtualNetworks/managedPrivateEndpoints@2018-06-01' = { - parent: managedVirtualNetwork name: resourceName + parent: managedVirtualNetwork properties: { groupId: 'blob' privateLinkResourceId: storageAccount.id diff --git a/settings/remarks/microsoft.datafactory/samples/factories/pipelines/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/pipelines/main.bicep index a17dd9d8..8d6c2e91 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/pipelines/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/pipelines/main.bicep @@ -11,8 +11,8 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { } resource pipeline 'Microsoft.DataFactory/factories/pipelines@2018-06-01' = { - parent: factory name: resourceName + parent: factory properties: { annotations: [] description: '' diff --git a/settings/remarks/microsoft.datafactory/samples/factories/triggers/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/triggers/main.bicep index 4921a197..218320a7 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/triggers/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/triggers/main.bicep @@ -11,8 +11,8 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { } resource pipeline 'Microsoft.DataFactory/factories/pipelines@2018-06-01' = { - parent: factory name: resourceName + parent: factory properties: { annotations: [] description: '' @@ -27,9 +27,15 @@ resource pipeline 'Microsoft.DataFactory/factories/pipelines@2018-06-01' = { } resource trigger 'Microsoft.DataFactory/factories/triggers@2018-06-01' = { - parent: factory name: resourceName + parent: factory properties: { + typeProperties: { + frequency: 'Minute' + interval: 15 + maxConcurrency: 50 + startTime: '2022-09-21T00:00:00Z' + } description: '' pipeline: { parameters: {} @@ -39,11 +45,5 @@ resource trigger 'Microsoft.DataFactory/factories/triggers@2018-06-01' = { } } type: 'TumblingWindowTrigger' - typeProperties: { - frequency: 'Minute' - interval: 15 - maxConcurrency: 50 - startTime: '2022-09-21T00:00:00Z' - } } } diff --git a/settings/remarks/microsoft.datamigration/samples/services/main.bicep b/settings/remarks/microsoft.datamigration/samples/services/main.bicep index 655e65d7..6ff14b29 100644 --- a/settings/remarks/microsoft.datamigration/samples/services/main.bicep +++ b/settings/remarks/microsoft.datamigration/samples/services/main.bicep @@ -1,16 +1,14 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource service 'Microsoft.DataMigration/services@2018-04-19' = { name: resourceName location: location - kind: 'Cloud' - properties: { - virtualSubnetId: subnet.id - } sku: { name: 'Standard_1vCores' } + kind: 'Cloud' + properties: {} } resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { @@ -30,8 +28,8 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: resourceName + parent: virtualNetwork properties: { addressPrefix: '10.0.1.0/24' delegations: [] diff --git a/settings/remarks/microsoft.datamigration/samples/services/projects/main.bicep b/settings/remarks/microsoft.datamigration/samples/services/projects/main.bicep index 097ee330..9e30b03f 100644 --- a/settings/remarks/microsoft.datamigration/samples/services/projects/main.bicep +++ b/settings/remarks/microsoft.datamigration/samples/services/projects/main.bicep @@ -1,16 +1,14 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource service 'Microsoft.DataMigration/services@2018-04-19' = { name: resourceName location: location - kind: 'Cloud' - properties: { - virtualSubnetId: subnet.id - } sku: { name: 'Standard_1vCores' } + kind: 'Cloud' + properties: {} } resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { @@ -30,9 +28,9 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } resource project 'Microsoft.DataMigration/services/projects@2018-04-19' = { - parent: service name: resourceName location: location + parent: service properties: { sourcePlatform: 'SQL' targetPlatform: 'SQLDB' @@ -40,14 +38,14 @@ resource project 'Microsoft.DataMigration/services/projects@2018-04-19' = { } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: resourceName + parent: virtualNetwork properties: { - addressPrefix: '10.0.1.0/24' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] serviceEndpoints: [] + addressPrefix: '10.0.1.0/24' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' } } diff --git a/settings/remarks/microsoft.dataprotection/samples/backupvaults/backupinstances/main.bicep b/settings/remarks/microsoft.dataprotection/samples/backupvaults/backupinstances/main.bicep index 85769b4f..32c15701 100644 --- a/settings/remarks/microsoft.dataprotection/samples/backupvaults/backupinstances/main.bicep +++ b/settings/remarks/microsoft.dataprotection/samples/backupvaults/backupinstances/main.bicep @@ -4,84 +4,75 @@ param location string = 'westeurope' @description('The administrator login password for the PostgreSQL server') param administratorLoginPassword string -resource backupVault 'Microsoft.DataProtection/backupVaults@2022-04-01' = { - name: resourceName - location: location - properties: { - storageSettings: [ - { - datastoreType: 'VaultStore' - type: 'LocallyRedundant' - } - ] - } -} - resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { name: resourceName location: location + sku: { + capacity: 2 + family: 'Gen5' + name: 'B_Gen5_2' + tier: 'Basic' + } properties: { - administratorLogin: 'psqladmin' - administratorLoginPassword: null createMode: 'Default' - infrastructureEncryption: 'Disabled' - minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' - sslEnforcement: 'Enabled' storageProfile: { - backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 5120 + backupRetentionDays: 7 } version: '9.5' + administratorLogin: 'psqladmin' + administratorLoginPassword: '${administratorLoginPassword}' + infrastructureEncryption: 'Disabled' + minimalTlsVersion: 'TLS1_2' + sslEnforcement: 'Enabled' } - sku: { - capacity: 2 - family: 'Gen5' - name: 'B_Gen5_2' - tier: 'Basic' +} + +resource backupVault 'Microsoft.DataProtection/backupVaults@2022-04-01' = { + name: resourceName + location: location + properties: { + storageSettings: [ + { + type: 'LocallyRedundant' + datastoreType: 'VaultStore' + } + ] } } resource backupInstance 'Microsoft.DataProtection/backupVaults/backupInstances@2022-04-01' = { - parent: backupVault name: resourceName + parent: backupVault properties: { - dataSourceInfo: { - datasourceType: 'Microsoft.DBforPostgreSQL/servers/databases' - objectType: 'Datasource' - resourceID: database.id - resourceLocation: 'database.location' - resourceName: database.name - resourceType: 'Microsoft.DBforPostgreSQL/servers/databases' - resourceUri: '' - } dataSourceSetInfo: { + resourceUri: '' datasourceType: 'Microsoft.DBforPostgreSQL/servers/databases' objectType: 'DatasourceSet' resourceID: server.id - resourceLocation: 'server.location' + resourceLocation: server.location resourceName: server.name resourceType: 'Microsoft.DBForPostgreSQL/servers' - resourceUri: '' } datasourceAuthCredentials: null - friendlyName: 'acctest0001' + friendlyName: resourceName objectType: 'BackupInstance' - policyInfo: { - policyId: backupPolicy.id + policyInfo: {} + dataSourceInfo: { + objectType: 'Datasource' + resourceType: 'Microsoft.DBforPostgreSQL/servers/databases' + resourceUri: '' + datasourceType: 'Microsoft.DBforPostgreSQL/servers/databases' } } } resource backupPolicy 'Microsoft.DataProtection/backupVaults/backupPolicies@2022-04-01' = { - parent: backupVault name: resourceName + parent: backupVault properties: { - datasourceTypes: [ - 'Microsoft.DBforPostgreSQL/servers/databases' - ] - objectType: 'BackupPolicy' policyRules: [ { backupParameters: { @@ -103,12 +94,12 @@ resource backupPolicy 'Microsoft.DataProtection/backupVaults/backupPolicies@2022 } taggingCriteria: [ { - isDefault: true tagInfo: { id: 'Default_' tagName: 'Default' } taggingPriority: 99 + isDefault: true } ] } @@ -122,8 +113,8 @@ resource backupPolicy 'Microsoft.DataProtection/backupVaults/backupPolicies@2022 objectType: 'AbsoluteDeleteOption' } sourceDataStore: { - dataStoreType: 'VaultStore' objectType: 'DataStoreInfoBase' + dataStoreType: 'VaultStore' } targetDataStoreCopySettings: [] } @@ -132,12 +123,16 @@ resource backupPolicy 'Microsoft.DataProtection/backupVaults/backupPolicies@2022 objectType: 'AzureRetentionRule' } ] + datasourceTypes: [ + 'Microsoft.DBforPostgreSQL/servers/databases' + ] + objectType: 'BackupPolicy' } } resource database 'Microsoft.DBforPostgreSQL/servers/databases@2017-12-01' = { - parent: server name: resourceName + parent: server properties: { charset: 'UTF8' collation: 'English_United States.1252' diff --git a/settings/remarks/microsoft.dataprotection/samples/backupvaults/backuppolicies/main.bicep b/settings/remarks/microsoft.dataprotection/samples/backupvaults/backuppolicies/main.bicep index 0e11a48b..ffe77a45 100644 --- a/settings/remarks/microsoft.dataprotection/samples/backupvaults/backuppolicies/main.bicep +++ b/settings/remarks/microsoft.dataprotection/samples/backupvaults/backuppolicies/main.bicep @@ -15,8 +15,8 @@ resource backupVault 'Microsoft.DataProtection/backupVaults@2022-04-01' = { } resource backupPolicy 'Microsoft.DataProtection/backupVaults/backupPolicies@2022-04-01' = { - parent: backupVault name: resourceName + parent: backupVault properties: { datasourceTypes: [ 'Microsoft.DBforPostgreSQL/servers/databases' @@ -24,14 +24,6 @@ resource backupPolicy 'Microsoft.DataProtection/backupVaults/backupPolicies@2022 objectType: 'BackupPolicy' policyRules: [ { - backupParameters: { - backupType: 'Full' - objectType: 'AzureBackupParams' - } - dataStore: { - dataStoreType: 'VaultStore' - objectType: 'DataStoreInfoBase' - } name: 'BackupIntervals' objectType: 'AzureBackupRule' trigger: { @@ -43,23 +35,31 @@ resource backupPolicy 'Microsoft.DataProtection/backupVaults/backupPolicies@2022 } taggingCriteria: [ { - isDefault: true tagInfo: { - id: 'Default_' tagName: 'Default' + id: 'Default_' } taggingPriority: 99 + isDefault: true } ] } + backupParameters: { + backupType: 'Full' + objectType: 'AzureBackupParams' + } + dataStore: { + objectType: 'DataStoreInfoBase' + dataStoreType: 'VaultStore' + } } { isDefault: true lifecycles: [ { deleteAfter: { - duration: 'P4M' objectType: 'AbsoluteDeleteOption' + duration: 'P4M' } sourceDataStore: { dataStoreType: 'VaultStore' diff --git a/settings/remarks/microsoft.datashare/samples/accounts/shares/main.bicep b/settings/remarks/microsoft.datashare/samples/accounts/shares/main.bicep index 60c29ba6..dc18f972 100644 --- a/settings/remarks/microsoft.datashare/samples/accounts/shares/main.bicep +++ b/settings/remarks/microsoft.datashare/samples/accounts/shares/main.bicep @@ -10,8 +10,8 @@ resource account 'Microsoft.DataShare/accounts@2019-11-01' = { } resource share 'Microsoft.DataShare/accounts/shares@2019-11-01' = { - parent: account name: resourceName + parent: account properties: { description: '' shareKind: 'CopyBased' diff --git a/settings/remarks/microsoft.dbformariadb/samples/servers/configurations/main.bicep b/settings/remarks/microsoft.dbformariadb/samples/servers/configurations/main.bicep index cd3d6b2e..5116c198 100644 --- a/settings/remarks/microsoft.dbformariadb/samples/servers/configurations/main.bicep +++ b/settings/remarks/microsoft.dbformariadb/samples/servers/configurations/main.bicep @@ -9,31 +9,31 @@ param administratorLoginPassword string resource server 'Microsoft.DBforMariaDB/servers@2018-06-01' = { name: resourceName location: location + sku: { + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + capacity: 2 + family: 'Gen5' + } properties: { - administratorLogin: null - administratorLoginPassword: null - createMode: 'Default' - minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' - sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 } + administratorLogin: '${administratorLogin}' + createMode: 'Default' + sslEnforcement: 'Enabled' version: '10.2' - } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' + administratorLoginPassword: '${administratorLoginPassword}' + minimalTlsVersion: 'TLS1_2' } } resource configuration 'Microsoft.DBforMariaDB/servers/configurations@2018-06-01' = { - parent: server name: 'character_set_server' + parent: server properties: { value: 'LATIN1' } diff --git a/settings/remarks/microsoft.dbformariadb/samples/servers/databases/main.bicep b/settings/remarks/microsoft.dbformariadb/samples/servers/databases/main.bicep index deeb5349..a91bcacc 100644 --- a/settings/remarks/microsoft.dbformariadb/samples/servers/databases/main.bicep +++ b/settings/remarks/microsoft.dbformariadb/samples/servers/databases/main.bicep @@ -9,31 +9,31 @@ param administratorLoginPassword string resource server 'Microsoft.DBforMariaDB/servers@2018-06-01' = { name: resourceName location: location + sku: { + tier: 'Basic' + capacity: 2 + family: 'Gen5' + name: 'B_Gen5_2' + } properties: { - administratorLogin: null - administratorLoginPassword: null - createMode: 'Default' - minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' sslEnforcement: 'Enabled' + administratorLogin: '${administratorLogin}' + administratorLoginPassword: '${administratorLoginPassword}' + minimalTlsVersion: 'TLS1_2' storageProfile: { - backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 + backupRetentionDays: 7 } version: '10.2' - } - sku: { - capacity: 2 - family: 'Gen5' - name: 'B_Gen5_2' - tier: 'Basic' + createMode: 'Default' } } resource database 'Microsoft.DBforMariaDB/servers/databases@2018-06-01' = { - parent: server name: resourceName + parent: server properties: { charset: 'utf8' collation: 'utf8_general_ci' diff --git a/settings/remarks/microsoft.dbformariadb/samples/servers/firewallrules/main.bicep b/settings/remarks/microsoft.dbformariadb/samples/servers/firewallrules/main.bicep index a521dad4..26b50fa7 100644 --- a/settings/remarks/microsoft.dbformariadb/samples/servers/firewallrules/main.bicep +++ b/settings/remarks/microsoft.dbformariadb/samples/servers/firewallrules/main.bicep @@ -9,33 +9,33 @@ param administratorLoginPassword string resource server 'Microsoft.DBforMariaDB/servers@2018-06-01' = { name: resourceName location: location + sku: { + family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + capacity: 2 + } properties: { - administratorLogin: null - administratorLoginPassword: null - createMode: 'Default' - minimalTlsVersion: 'TLS1_2' - publicNetworkAccess: 'Enabled' - sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 } version: '10.2' - } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' + administratorLogin: '${administratorLogin}' + administratorLoginPassword: '${administratorLoginPassword}' + createMode: 'Default' + minimalTlsVersion: 'TLS1_2' + publicNetworkAccess: 'Enabled' + sslEnforcement: 'Enabled' } } resource firewallRule 'Microsoft.DBforMariaDB/servers/firewallRules@2018-06-01' = { - parent: server name: resourceName + parent: server properties: { - endIpAddress: '255.255.255.255' startIpAddress: '0.0.0.0' + endIpAddress: '255.255.255.255' } } diff --git a/settings/remarks/microsoft.dbformariadb/samples/servers/main.bicep b/settings/remarks/microsoft.dbformariadb/samples/servers/main.bicep index 2f777e9f..b321f3ab 100644 --- a/settings/remarks/microsoft.dbformariadb/samples/servers/main.bicep +++ b/settings/remarks/microsoft.dbformariadb/samples/servers/main.bicep @@ -9,24 +9,24 @@ param administratorLoginPassword string resource server 'Microsoft.DBforMariaDB/servers@2018-06-01' = { name: resourceName location: location + sku: { + capacity: 2 + family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + } properties: { - administratorLogin: null - administratorLoginPassword: null - createMode: 'Default' - minimalTlsVersion: 'TLS1_2' - publicNetworkAccess: 'Enabled' sslEnforcement: 'Enabled' storageProfile: { + storageMB: 51200 backupRetentionDays: 7 storageAutogrow: 'Enabled' - storageMB: 51200 } version: '10.2' - } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' + administratorLoginPassword: '${administratorLoginPassword}' + createMode: 'Default' + minimalTlsVersion: 'TLS1_2' + publicNetworkAccess: 'Enabled' + administratorLogin: '${administratorLogin}' } } diff --git a/settings/remarks/microsoft.dbformariadb/samples/servers/virtualnetworkrules/main.bicep b/settings/remarks/microsoft.dbformariadb/samples/servers/virtualnetworkrules/main.bicep index a29902eb..c476ec0d 100644 --- a/settings/remarks/microsoft.dbformariadb/samples/servers/virtualnetworkrules/main.bicep +++ b/settings/remarks/microsoft.dbformariadb/samples/servers/virtualnetworkrules/main.bicep @@ -9,25 +9,25 @@ param administratorLoginPassword string resource server 'Microsoft.DBforMariaDB/servers@2018-06-01' = { name: resourceName location: location + sku: { + capacity: 2 + family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + } properties: { - administratorLogin: null - administratorLoginPassword: null - createMode: 'Default' - minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' - sslEnforcement: 'Enabled' storageProfile: { - backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 + backupRetentionDays: 7 } + administratorLogin: '${administratorLogin}' + sslEnforcement: 'Enabled' version: '10.2' - } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' + administratorLoginPassword: '${administratorLoginPassword}' + createMode: 'Default' + minimalTlsVersion: 'TLS1_2' } } @@ -35,25 +35,22 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location properties: { + dhcpOptions: { + dnsServers: [] + } + subnets: [] addressSpace: { addressPrefixes: [ '10.7.29.0/29' ] } - dhcpOptions: { - dnsServers: [] - } - subnets: [] } } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: resourceName + parent: virtualNetwork properties: { - addressPrefix: '10.7.29.0/29' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] serviceEndpoints: [ @@ -61,12 +58,15 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { service: 'Microsoft.Sql' } ] + addressPrefix: '10.7.29.0/29' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' } } resource virtualNetworkRule 'Microsoft.DBforMariaDB/servers/virtualNetworkRules@2018-06-01' = { - parent: server name: resourceName + parent: server properties: { ignoreMissingVnetServiceEndpoint: false virtualNetworkSubnetId: subnet.id diff --git a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/administrators/main.bicep b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/administrators/main.bicep index e74f865d..126cba40 100644 --- a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/administrators/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/administrators/main.bicep @@ -1,18 +1,22 @@ -param resourceName string = 'acctest0001' param location string = 'westus' @secure() @description('The administrator login password for the MySQL flexible server') param administratorLoginPassword string +param resourceName string = 'acctest0001' resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2023-12-30' = { name: '${resourceName}-mysql' location: location + sku: { + tier: 'Burstable' + name: 'Standard_B1ms' + } properties: { administratorLogin: 'tfadmin' - administratorLoginPassword: null + administratorLoginPassword: '${administratorLoginPassword}' backup: { - backupRetentionDays: 7 geoRedundantBackup: 'Disabled' + backupRetentionDays: 7 } dataEncryption: { type: 'SystemManaged' @@ -22,10 +26,6 @@ resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2023-12-30' = { } version: '8.0.21' } - sku: { - name: 'Standard_B1ms' - tier: 'Burstable' - } } resource userAssignedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = { @@ -39,13 +39,13 @@ resource userassignedidentity1 'Microsoft.ManagedIdentity/userAssignedIdentities } resource administrator 'Microsoft.DBforMySQL/flexibleServers/administrators@2023-12-30' = { - parent: flexibleServer name: 'ActiveDirectory' + parent: flexibleServer properties: { + sid: deployer().objectId + tenantId: tenant().tenantId administratorType: 'ActiveDirectory' identityResourceId: userAssignedIdentity.id login: 'sqladmin' - sid: deployer().objectId - tenantId: deployer().tenantId } } diff --git a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/configurations/main.bicep b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/configurations/main.bicep index f6ea8f5b..aa4e48a9 100644 --- a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/configurations/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/configurations/main.bicep @@ -7,9 +7,17 @@ param administratorLoginPassword string resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2023-12-30' = { name: '${resourceName}-mysql' location: location + sku: { + name: 'Standard_B1ms' + tier: 'Burstable' + } properties: { + highAvailability: { + mode: 'Disabled' + } + version: '8.0.21' administratorLogin: 'tfadmin' - administratorLoginPassword: null + administratorLoginPassword: '${administratorLoginPassword}' backup: { backupRetentionDays: 7 geoRedundantBackup: 'Disabled' @@ -17,20 +25,12 @@ resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2023-12-30' = { dataEncryption: { type: 'SystemManaged' } - highAvailability: { - mode: 'Disabled' - } - version: '8.0.21' - } - sku: { - name: 'Standard_B1ms' - tier: 'Burstable' } } resource configuration 'Microsoft.DBforMySQL/flexibleServers/configurations@2023-12-30' = { - parent: flexibleServer name: 'character_set_server' + parent: flexibleServer properties: { value: 'utf8mb4' } diff --git a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/databases/main.bicep b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/databases/main.bicep index 463da0ff..bf312e7d 100644 --- a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/databases/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/databases/main.bicep @@ -9,32 +9,32 @@ param administratorLoginPassword string resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2021-05-01' = { name: resourceName location: location + sku: { + tier: 'Burstable' + name: 'Standard_B1s' + } properties: { - administratorLogin: null - administratorLoginPassword: null + network: {} + version: '' + administratorLogin: '${administratorLogin}' + administratorLoginPassword: '${administratorLoginPassword}' + dataEncryption: { + type: 'SystemManaged' + } backup: { backupRetentionDays: 7 geoRedundantBackup: 'Disabled' } createMode: '' - dataEncryption: { - type: 'SystemManaged' - } highAvailability: { mode: 'Disabled' } - network: {} - version: '' - } - sku: { - name: 'Standard_B1s' - tier: 'Burstable' } } resource database 'Microsoft.DBforMySQL/flexibleServers/databases@2021-05-01' = { - parent: flexibleServer name: resourceName + parent: flexibleServer properties: { charset: 'utf8' collation: 'utf8_unicode_ci' diff --git a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/firewallrules/main.bicep b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/firewallrules/main.bicep index 01af1e66..6e82710c 100644 --- a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/firewallrules/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/firewallrules/main.bicep @@ -1,38 +1,38 @@ -param resourceName string = 'acctest0001' -param location string = 'westeurope' @secure() @description('The administrator password for the MySQL flexible server') param mysqlAdministratorPassword string +param resourceName string = 'acctest0001' +param location string = 'westeurope' resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2021-05-01' = { name: resourceName location: location + sku: { + name: 'Standard_B1s' + tier: 'Burstable' + } properties: { administratorLogin: 'adminTerraform' - administratorLoginPassword: null + administratorLoginPassword: '${mysqlAdministratorPassword}' backup: { backupRetentionDays: 7 geoRedundantBackup: 'Disabled' } createMode: '' - dataEncryption: { - type: 'SystemManaged' - } highAvailability: { mode: 'Disabled' } network: {} + dataEncryption: { + type: 'SystemManaged' + } version: '5.7' } - sku: { - name: 'Standard_B1s' - tier: 'Burstable' - } } resource firewallRule 'Microsoft.DBforMySQL/flexibleServers/firewallRules@2021-05-01' = { - parent: flexibleServer name: resourceName + parent: flexibleServer properties: { endIpAddress: '255.255.255.255' startIpAddress: '0.0.0.0' diff --git a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/main.bicep b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/main.bicep index 93c05978..721d5ce5 100644 --- a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/main.bicep @@ -9,9 +9,17 @@ param administratorLoginPassword string resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2021-05-01' = { name: resourceName location: location + sku: { + name: 'Standard_B1s' + tier: 'Burstable' + } properties: { - administratorLogin: null - administratorLoginPassword: null + highAvailability: { + mode: 'Disabled' + } + network: {} + administratorLogin: '${administratorLogin}' + administratorLoginPassword: '${administratorLoginPassword}' backup: { backupRetentionDays: 7 geoRedundantBackup: 'Disabled' @@ -20,13 +28,5 @@ resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2021-05-01' = { dataEncryption: { type: 'SystemManaged' } - highAvailability: { - mode: 'Disabled' - } - network: {} - } - sku: { - name: 'Standard_B1s' - tier: 'Burstable' } } diff --git a/settings/remarks/microsoft.dbformysql/samples/servers/administrators/main.bicep b/settings/remarks/microsoft.dbformysql/samples/servers/administrators/main.bicep index d06f8361..2cbf148c 100644 --- a/settings/remarks/microsoft.dbformysql/samples/servers/administrators/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/servers/administrators/main.bicep @@ -6,16 +6,23 @@ param administratorLogin string @description('The administrator login password for the MySQL server') param administratorLoginPassword string +param clientId string + resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { name: resourceName location: location + sku: { + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + capacity: 2 + family: 'Gen5' + } properties: { - administratorLogin: null - administratorLoginPassword: null createMode: 'Default' + publicNetworkAccess: 'Enabled' + administratorLoginPassword: '${administratorLoginPassword}' infrastructureEncryption: 'Disabled' minimalTlsVersion: 'TLS1_2' - publicNetworkAccess: 'Enabled' sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 @@ -23,22 +30,17 @@ resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { storageMB: 51200 } version: '5.7' - } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' + administratorLogin: '${administratorLogin}' } } resource administrator 'Microsoft.DBforMySQL/servers/administrators@2017-12-01' = { - parent: server name: 'activeDirectory' + parent: server properties: { administratorType: 'ActiveDirectory' login: 'sqladmin' - sid: deployer().objectId - tenantId: deployer().tenantId + sid: clientId + tenantId: tenant().tenantId } } diff --git a/settings/remarks/microsoft.dbformysql/samples/servers/configurations/main.bicep b/settings/remarks/microsoft.dbformysql/samples/servers/configurations/main.bicep index 28c38190..d20b66d9 100644 --- a/settings/remarks/microsoft.dbformysql/samples/servers/configurations/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/servers/configurations/main.bicep @@ -1,21 +1,27 @@ +@secure() +@description('The administrator login password for the MySQL server') +param administratorLoginPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator login for the MySQL server') param administratorLogin string -@secure() -@description('The administrator login password for the MySQL server') -param administratorLoginPassword string resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { name: resourceName location: location + sku: { + capacity: 2 + family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + } properties: { - administratorLogin: null - administratorLoginPassword: null + administratorLogin: '${administratorLogin}' createMode: 'Default' infrastructureEncryption: 'Disabled' - minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' + administratorLoginPassword: '${administratorLoginPassword}' + minimalTlsVersion: 'TLS1_2' sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 @@ -24,17 +30,11 @@ resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { } version: '5.7' } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' - } } resource configuration 'Microsoft.DBforMySQL/servers/configurations@2017-12-01' = { - parent: server name: 'character_set_server' + parent: server properties: { value: 'latin1' } diff --git a/settings/remarks/microsoft.dbformysql/samples/servers/databases/main.bicep b/settings/remarks/microsoft.dbformysql/samples/servers/databases/main.bicep index 4464b7d9..95992e8c 100644 --- a/settings/remarks/microsoft.dbformysql/samples/servers/databases/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/servers/databases/main.bicep @@ -9,31 +9,31 @@ param administratorLoginPassword string resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { name: resourceName location: location + sku: { + capacity: 2 + family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + } properties: { - administratorLogin: null - administratorLoginPassword: null - createMode: 'Default' + administratorLogin: '${administratorLogin}' infrastructureEncryption: 'Disabled' minimalTlsVersion: 'TLS1_1' - publicNetworkAccess: 'Enabled' sslEnforcement: 'Enabled' storageProfile: { storageAutogrow: 'Enabled' storageMB: 51200 } + administratorLoginPassword: '${administratorLoginPassword}' + createMode: 'Default' + publicNetworkAccess: 'Enabled' version: '5.7' } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' - } } resource database 'Microsoft.DBforMySQL/servers/databases@2017-12-01' = { - parent: server name: resourceName + parent: server properties: { charset: 'utf8' collation: 'utf8_unicode_ci' diff --git a/settings/remarks/microsoft.dbformysql/samples/servers/firewallrules/main.bicep b/settings/remarks/microsoft.dbformysql/samples/servers/firewallrules/main.bicep index 6e518061..2cd7423e 100644 --- a/settings/remarks/microsoft.dbformysql/samples/servers/firewallrules/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/servers/firewallrules/main.bicep @@ -1,40 +1,40 @@ -param resourceName string = 'acctest0001' -param location string = 'westeurope' @description('The administrator login for the MySQL server') param administratorLogin string @secure() @description('The administrator login password for the MySQL server') param administratorLoginPassword string +param resourceName string = 'acctest0001' +param location string = 'westeurope' resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { name: resourceName location: location + sku: { + capacity: 2 + family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + } properties: { - administratorLogin: null - administratorLoginPassword: null - createMode: 'Default' - infrastructureEncryption: 'Disabled' minimalTlsVersion: 'TLS1_2' - publicNetworkAccess: 'Enabled' - sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 } version: '5.7' - } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' + administratorLogin: '${administratorLogin}' + administratorLoginPassword: '${administratorLoginPassword}' + createMode: 'Default' + infrastructureEncryption: 'Disabled' + publicNetworkAccess: 'Enabled' + sslEnforcement: 'Enabled' } } resource firewallRule 'Microsoft.DBforMySQL/servers/firewallRules@2017-12-01' = { - parent: server name: resourceName + parent: server properties: { endIpAddress: '255.255.255.255' startIpAddress: '0.0.0.0' diff --git a/settings/remarks/microsoft.dbformysql/samples/servers/main.bicep b/settings/remarks/microsoft.dbformysql/samples/servers/main.bicep index b2d69497..fbbdb4b3 100644 --- a/settings/remarks/microsoft.dbformysql/samples/servers/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/servers/main.bicep @@ -9,12 +9,16 @@ param administratorLoginPassword string resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { name: resourceName location: location + sku: { + capacity: 2 + family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + } properties: { - administratorLogin: null - administratorLoginPassword: null - createMode: 'Default' - infrastructureEncryption: 'Disabled' minimalTlsVersion: 'TLS1_1' + administratorLogin: '${administratorLogin}' + createMode: 'Default' publicNetworkAccess: 'Enabled' sslEnforcement: 'Enabled' storageProfile: { @@ -22,11 +26,7 @@ resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { storageMB: 51200 } version: '5.7' - } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' + administratorLoginPassword: '${administratorLoginPassword}' + infrastructureEncryption: 'Disabled' } } diff --git a/settings/remarks/microsoft.dbformysql/samples/servers/virtualnetworkrules/main.bicep b/settings/remarks/microsoft.dbformysql/samples/servers/virtualnetworkrules/main.bicep index 8e5a7693..1c2002fc 100644 --- a/settings/remarks/microsoft.dbformysql/samples/servers/virtualnetworkrules/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/servers/virtualnetworkrules/main.bicep @@ -1,36 +1,10 @@ -param resourceName string = 'acctest0001' -param location string = 'westeurope' @description('The administrator login name for the MySQL server') param administratorLogin string @secure() @description('The administrator login password for the MySQL server') param administratorLoginPassword string - -resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { - name: resourceName - location: location - properties: { - administratorLogin: null - administratorLoginPassword: null - createMode: 'Default' - infrastructureEncryption: 'Disabled' - minimalTlsVersion: 'TLS1_2' - publicNetworkAccess: 'Enabled' - sslEnforcement: 'Enabled' - storageProfile: { - backupRetentionDays: 7 - storageAutogrow: 'Enabled' - storageMB: 51200 - } - version: '5.7' - } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' - } -} +param resourceName string = 'acctest0001' +param location string = 'westeurope' resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName @@ -49,8 +23,8 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: resourceName + parent: virtualNetwork properties: { addressPrefix: '10.7.29.0/29' delegations: [] @@ -65,11 +39,37 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { } } +resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { + name: resourceName + location: location + sku: { + capacity: 2 + family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + } + properties: { + administratorLogin: '${administratorLogin}' + createMode: 'Default' + minimalTlsVersion: 'TLS1_2' + version: '5.7' + administratorLoginPassword: '${administratorLoginPassword}' + infrastructureEncryption: 'Disabled' + publicNetworkAccess: 'Enabled' + sslEnforcement: 'Enabled' + storageProfile: { + storageAutogrow: 'Enabled' + storageMB: 51200 + backupRetentionDays: 7 + } + } +} + resource virtualNetworkRule 'Microsoft.DBforMySQL/servers/virtualNetworkRules@2017-12-01' = { - parent: server name: resourceName + parent: server properties: { - ignoreMissingVnetServiceEndpoint: false virtualNetworkSubnetId: subnet.id + ignoreMissingVnetServiceEndpoint: false } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/administrators/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/administrators/main.bicep index a53943c6..bb884ccf 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/administrators/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/administrators/main.bicep @@ -9,15 +9,20 @@ param administratorLoginPassword string resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' = { name: resourceName location: location + sku: { + name: 'Standard_D2s_v3' + tier: 'GeneralPurpose' + } properties: { - administratorLogin: null - administratorLoginPassword: null + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword authConfig: { activeDirectoryAuth: 'Enabled' passwordAuth: 'Enabled' - tenantId: deployer().tenantId + tenantId: tenant().tenantId } availabilityZone: '2' + version: '12' backup: { geoRedundantBackup: 'Disabled' } @@ -28,19 +33,14 @@ resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' = storage: { storageSizeGB: 32 } - version: '12' - } - sku: { - name: 'Standard_D2s_v3' - tier: 'GeneralPurpose' } } resource administrator 'Microsoft.DBforPostgreSQL/flexibleServers/administrators@2022-12-01' = { + name: deployer().objectId parent: flexibleServer - name: 'data.azurerm_client_config.current.object_id' properties: { principalType: 'ServicePrincipal' - tenantId: deployer().tenantId + tenantId: tenant().tenantId } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/configurations/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/configurations/main.bicep index 29b9710c..34300ab8 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/configurations/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/configurations/main.bicep @@ -1,20 +1,21 @@ -param resourceName string = 'acctest0001' -param location string = 'eastus' @secure() @description('The administrator password for the PostgreSQL flexible server') param postgresqlAdministratorPassword string +param resourceName string = 'acctest0001' +param location string = 'eastus' resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2023-06-01-preview' = { name: resourceName location: location - identity: { - type: 'None' - userAssignedIdentities: null + sku: { + name: 'Standard_D2s_v3' + tier: 'GeneralPurpose' } properties: { - administratorLogin: 'adminTerraform' - administratorLoginPassword: null + administratorLoginPassword: '${postgresqlAdministratorPassword}' availabilityZone: '2' + version: '12' + administratorLogin: 'adminTerraform' backup: { geoRedundantBackup: 'Disabled' } @@ -25,31 +26,30 @@ resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2023-06-01-pr storage: { storageSizeGB: 32 } - version: '12' } - sku: { - name: 'Standard_D2s_v3' - tier: 'GeneralPurpose' + identity: { + userAssignedIdentities: null + type: 'None' } } -resource pgbouncerDefaultPoolSize 'Microsoft.DBforPostgreSQL/flexibleServers/configurations@2022-12-01' = { +resource pgbouncerEnabled 'Microsoft.DBforPostgreSQL/flexibleServers/configurations@2022-12-01' = { + name: 'pgbouncer.enabled' parent: flexibleServer - name: 'pgbouncer.default_pool_size' properties: { source: 'user-override' - value: '40' + value: 'true' } - dependsOn: [ - pgbouncerEnabled - ] } -resource pgbouncerEnabled 'Microsoft.DBforPostgreSQL/flexibleServers/configurations@2022-12-01' = { +resource pgbouncerDefaultPoolSize 'Microsoft.DBforPostgreSQL/flexibleServers/configurations@2022-12-01' = { + name: 'pgbouncer.default_pool_size' parent: flexibleServer - name: 'pgbouncer.enabled' + dependsOn: [ + pgbouncerEnabled + ] properties: { + value: '40' source: 'user-override' - value: 'true' } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/databases/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/databases/main.bicep index 36781900..9cf5f3c4 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/databases/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/databases/main.bicep @@ -7,31 +7,31 @@ param postgresqlAdministratorPassword string resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' = { name: resourceName location: location + sku: { + name: 'Standard_D2s_v3' + tier: 'GeneralPurpose' + } properties: { - administratorLogin: 'adminTerraform' - administratorLoginPassword: null - availabilityZone: '2' backup: { geoRedundantBackup: 'Disabled' } + network: {} + version: '12' + administratorLoginPassword: '${postgresqlAdministratorPassword}' highAvailability: { mode: 'Disabled' } - network: {} storage: { storageSizeGB: 32 } - version: '12' - } - sku: { - name: 'Standard_D2s_v3' - tier: 'GeneralPurpose' + administratorLogin: 'adminTerraform' + availabilityZone: '2' } } resource database 'Microsoft.DBforPostgreSQL/flexibleServers/databases@2022-12-01' = { - parent: flexibleServer name: resourceName + parent: flexibleServer properties: { charset: 'UTF8' collation: 'en_US.UTF8' diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/firewallrules/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/firewallrules/main.bicep index 0f1d9126..eba0bcb4 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/firewallrules/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/firewallrules/main.bicep @@ -1,37 +1,37 @@ -param resourceName string = 'acctest0001' -param location string = 'westeurope' @secure() @description('The administrator password for the PostgreSQL flexible server') param postgresqlAdministratorPassword string +param resourceName string = 'acctest0001' +param location string = 'westeurope' resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' = { name: resourceName location: location + sku: { + name: 'Standard_D2s_v3' + tier: 'GeneralPurpose' + } properties: { - administratorLogin: 'adminTerraform' - administratorLoginPassword: null + administratorLoginPassword: '${postgresqlAdministratorPassword}' availabilityZone: '2' - backup: { - geoRedundantBackup: 'Disabled' - } highAvailability: { mode: 'Disabled' } + version: '12' + administratorLogin: 'adminTerraform' + backup: { + geoRedundantBackup: 'Disabled' + } network: {} storage: { storageSizeGB: 32 } - version: '12' - } - sku: { - name: 'Standard_D2s_v3' - tier: 'GeneralPurpose' } } resource firewallRule 'Microsoft.DBforPostgreSQL/flexibleServers/firewallRules@2022-12-01' = { - parent: flexibleServer name: resourceName + parent: flexibleServer properties: { endIpAddress: '122.122.0.0' startIpAddress: '122.122.0.0' diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/main.bicep index bd677693..37112ae4 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/main.bicep @@ -9,13 +9,12 @@ param administratorLoginPassword string resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2023-06-01-preview' = { name: resourceName location: location - identity: { - type: 'None' - userAssignedIdentities: null + sku: { + name: 'Standard_D2s_v3' + tier: 'GeneralPurpose' } properties: { - administratorLogin: null - administratorLoginPassword: null + administratorLoginPassword: '${administratorLoginPassword}' availabilityZone: '2' backup: { geoRedundantBackup: 'Disabled' @@ -28,9 +27,10 @@ resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2023-06-01-pr storageSizeGB: 32 } version: '12' + administratorLogin: '${administratorLogin}' } - sku: { - name: 'Standard_D2s_v3' - tier: 'GeneralPurpose' + identity: { + type: 'None' + userAssignedIdentities: null } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/virtualendpoints/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/virtualendpoints/main.bicep index f32b3bc8..aa04d932 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/virtualendpoints/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/virtualendpoints/main.bicep @@ -1,25 +1,29 @@ -param resourceName string = 'acctest0001' param location string = 'westus' @secure() @description('The administrator login password for the PostgreSQL flexible server') param administratorLoginPassword string +param resourceName string = 'acctest0001' resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2024-08-01' = { name: '${resourceName}-primary' location: location + sku: { + name: 'Standard_D2ads_v5' + tier: 'GeneralPurpose' + } properties: { - administratorLogin: 'psqladmin' - administratorLoginPassword: null - availabilityZone: '1' - backup: { - geoRedundantBackup: 'Disabled' - } + administratorLoginPassword: '${administratorLoginPassword}' highAvailability: { mode: 'Disabled' } network: { publicNetworkAccess: 'Disabled' } + administratorLogin: 'psqladmin' + availabilityZone: '1' + backup: { + geoRedundantBackup: 'Disabled' + } storage: { autoGrow: 'Disabled' storageSizeGB: 32 @@ -27,10 +31,6 @@ resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2024-08-01' = } version: '16' } - sku: { - name: 'Standard_D2ads_v5' - tier: 'GeneralPurpose' - } } resource flexibleserver1 'Microsoft.DBforPostgreSQL/flexibleServers@2024-08-01' = { @@ -38,9 +38,6 @@ resource flexibleserver1 'Microsoft.DBforPostgreSQL/flexibleServers@2024-08-01' location: location properties: { availabilityZone: '1' - backup: { - geoRedundantBackup: 'Disabled' - } createMode: 'Replica' highAvailability: { mode: 'Disabled' @@ -48,19 +45,22 @@ resource flexibleserver1 'Microsoft.DBforPostgreSQL/flexibleServers@2024-08-01' network: { publicNetworkAccess: 'Disabled' } - sourceServerResourceId: flexibleServer.id storage: { - autoGrow: 'Disabled' storageSizeGB: 32 tier: 'P30' + autoGrow: 'Disabled' } version: '16' + backup: { + geoRedundantBackup: 'Disabled' + } + sourceServerResourceId: flexibleServer.id } } resource virtualEndpoint 'Microsoft.DBforPostgreSQL/flexibleServers/virtualEndpoints@2024-08-01' = { - parent: flexibleServer name: resourceName + parent: flexibleServer properties: { endpointType: 'ReadWrite' members: [ diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/servergroupsv2/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/servergroupsv2/main.bicep index b4888c67..0283e193 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/servergroupsv2/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/servergroupsv2/main.bicep @@ -1,14 +1,13 @@ -param resourceName string = 'acctest0001' -param location string = 'westeurope' @secure() @description('The administrator login password for the PostgreSQL server group') param administratorLoginPassword string +param resourceName string = 'acctest0001' +param location string = 'westeurope' resource serverGroupsv2 'Microsoft.DBforPostgreSQL/serverGroupsv2@2022-11-08' = { name: resourceName location: location properties: { - administratorLoginPassword: null coordinatorEnablePublicIpAccess: true coordinatorServerEdition: 'GeneralPurpose' coordinatorStorageQuotaInMb: 131072 @@ -17,5 +16,6 @@ resource serverGroupsv2 'Microsoft.DBforPostgreSQL/serverGroupsv2@2022-11-08' = nodeCount: 0 nodeEnablePublicIpAccess: false nodeServerEdition: 'MemoryOptimized' + administratorLoginPassword: '${administratorLoginPassword}' } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/servers/administrators/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/servers/administrators/main.bicep index 042fc32c..2529e019 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/servers/administrators/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/servers/administrators/main.bicep @@ -8,39 +8,41 @@ param administratorLoginPassword string @description('The administrator login name for the PostgreSQL server admin') param adminLogin string +param clientId string + resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { name: resourceName location: location + sku: { + capacity: 2 + family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + } properties: { - administratorLogin: null - administratorLoginPassword: null + administratorLogin: '${administratorLogin}' + administratorLoginPassword: '${administratorLoginPassword}' createMode: 'Default' - infrastructureEncryption: 'Disabled' minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' sslEnforcement: 'Enabled' storageProfile: { - backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 + backupRetentionDays: 7 } version: '9.6' - } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' + infrastructureEncryption: 'Disabled' } } resource administrator 'Microsoft.DBforPostgreSQL/servers/administrators@2017-12-01' = { - parent: server name: 'activeDirectory' + parent: server properties: { administratorType: 'ActiveDirectory' - login: null - sid: deployer().objectId - tenantId: deployer().tenantId + login: adminLogin + sid: clientId + tenantId: tenant().tenantId } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/servers/configurations/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/servers/configurations/main.bicep index e3a3be58..3f7edd11 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/servers/configurations/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/servers/configurations/main.bicep @@ -1,40 +1,40 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator login for the PostgreSQL server') param administratorLogin string @secure() @description('The administrator login password for the PostgreSQL server') param administratorLoginPassword string +param resourceName string = 'acctest0001' resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { name: resourceName location: location + sku: { + capacity: 2 + family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + } properties: { - administratorLogin: null - administratorLoginPassword: null - createMode: 'Default' + administratorLoginPassword: '${administratorLoginPassword}' infrastructureEncryption: 'Disabled' minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' - sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 } + administratorLogin: '${administratorLogin}' + createMode: 'Default' + sslEnforcement: 'Enabled' version: '9.6' } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' - } } resource configuration 'Microsoft.DBforPostgreSQL/servers/configurations@2017-12-01' = { - parent: server name: 'backslash_quote' + parent: server properties: { value: 'on' } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/servers/databases/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/servers/databases/main.bicep index 3b7730c5..f7c08349 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/servers/databases/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/servers/databases/main.bicep @@ -1,40 +1,40 @@ +@secure() +@description('The administrator login password for the PostgreSQL server') +param administratorLoginPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator login for the PostgreSQL server') param administratorLogin string -@secure() -@description('The administrator login password for the PostgreSQL server') -param administratorLoginPassword string resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { name: resourceName location: location + sku: { + capacity: 2 + family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + } properties: { - administratorLogin: null - administratorLoginPassword: null - createMode: 'Default' infrastructureEncryption: 'Disabled' - minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' - sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 } + administratorLogin: '${administratorLogin}' + administratorLoginPassword: '${administratorLoginPassword}' + createMode: 'Default' + minimalTlsVersion: 'TLS1_2' + sslEnforcement: 'Enabled' version: '9.6' } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' - } } resource database 'Microsoft.DBforPostgreSQL/servers/databases@2017-12-01' = { - parent: server name: resourceName + parent: server properties: { charset: 'UTF8' collation: 'English_United States.1252' diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/servers/firewallrules/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/servers/firewallrules/main.bicep index 5d2022d7..d413fc39 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/servers/firewallrules/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/servers/firewallrules/main.bicep @@ -1,40 +1,40 @@ +@secure() +@description('The administrator login password for the PostgreSQL server') +param administratorLoginPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator login for the PostgreSQL server') param administratorLogin string -@secure() -@description('The administrator login password for the PostgreSQL server') -param administratorLoginPassword string resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { name: resourceName location: location + sku: { + capacity: 2 + family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + } properties: { - administratorLogin: null - administratorLoginPassword: null + administratorLogin: '${administratorLogin}' + administratorLoginPassword: '${administratorLoginPassword}' createMode: 'Default' - infrastructureEncryption: 'Disabled' minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' - sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 } version: '9.6' - } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' + infrastructureEncryption: 'Disabled' + sslEnforcement: 'Enabled' } } resource firewallRule 'Microsoft.DBforPostgreSQL/servers/firewallRules@2017-12-01' = { - parent: server name: resourceName + parent: server properties: { endIpAddress: '255.255.255.255' startIpAddress: '0.0.0.0' diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/servers/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/servers/main.bicep index 39559318..64a4cc89 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/servers/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/servers/main.bicep @@ -1,33 +1,33 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator login name for the PostgreSQL server') param administratorLogin string @secure() @description('The administrator login password for the PostgreSQL server') param administratorLoginPassword string +param resourceName string = 'acctest0001' resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { name: resourceName location: location + sku: { + family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + capacity: 2 + } properties: { - administratorLogin: null - administratorLoginPassword: null - createMode: 'Default' - infrastructureEncryption: 'Disabled' minimalTlsVersion: 'TLS1_2' - publicNetworkAccess: 'Enabled' sslEnforcement: 'Enabled' + administratorLoginPassword: '${administratorLoginPassword}' + createMode: 'Default' + publicNetworkAccess: 'Enabled' storageProfile: { backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 } version: '9.5' - } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' + administratorLogin: '${administratorLogin}' + infrastructureEncryption: 'Disabled' } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/servers/virtualnetworkrules/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/servers/virtualnetworkrules/main.bicep index 471521bb..cc149b88 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/servers/virtualnetworkrules/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/servers/virtualnetworkrules/main.bicep @@ -6,54 +6,26 @@ param administratorLogin string @description('The administrator login password for the PostgreSQL server') param administratorLoginPassword string -resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { - name: resourceName - location: location - properties: { - administratorLogin: null - administratorLoginPassword: null - createMode: 'Default' - infrastructureEncryption: 'Disabled' - minimalTlsVersion: 'TLS1_2' - publicNetworkAccess: 'Enabled' - sslEnforcement: 'Enabled' - storageProfile: { - backupRetentionDays: 7 - storageAutogrow: 'Enabled' - storageMB: 51200 - } - version: '9.5' - } - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' - } -} - resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location properties: { + dhcpOptions: { + dnsServers: [] + } + subnets: [] addressSpace: { addressPrefixes: [ '10.7.29.0/29' ] } - dhcpOptions: { - dnsServers: [] - } - subnets: [] } } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: resourceName + parent: virtualNetwork properties: { - addressPrefix: '10.7.29.0/29' - delegations: [] privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] @@ -62,12 +34,40 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { service: 'Microsoft.Sql' } ] + addressPrefix: '10.7.29.0/29' + delegations: [] + } +} + +resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { + name: resourceName + location: location + sku: { + capacity: 2 + family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + } + properties: { + publicNetworkAccess: 'Enabled' + createMode: 'Default' + minimalTlsVersion: 'TLS1_2' + sslEnforcement: 'Enabled' + storageProfile: { + storageAutogrow: 'Enabled' + storageMB: 51200 + backupRetentionDays: 7 + } + version: '9.5' + administratorLogin: '${administratorLogin}' + administratorLoginPassword: '${administratorLoginPassword}' + infrastructureEncryption: 'Disabled' } } resource virtualNetworkRule 'Microsoft.DBforPostgreSQL/servers/virtualNetworkRules@2017-12-01' = { - parent: server name: resourceName + parent: server properties: { ignoreMissingVnetServiceEndpoint: false virtualNetworkSubnetId: subnet.id diff --git a/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/applications/main.bicep b/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/applications/main.bicep index 190e9064..f6a2fd67 100644 --- a/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/applications/main.bicep +++ b/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/applications/main.bicep @@ -6,31 +6,30 @@ resource applicationGroup 'Microsoft.DesktopVirtualization/applicationGroups@202 location: location properties: { applicationGroupType: 'RemoteApp' - hostPoolArmPath: hostPool.id } } -resource hostPool 'Microsoft.DesktopVirtualization/hostPools@2023-09-05' = { +resource application 'Microsoft.DesktopVirtualization/applicationGroups/applications@2023-09-05' = { name: resourceName location: location + parent: applicationGroup properties: { - hostPoolType: 'Pooled' - loadBalancerType: 'BreadthFirst' - maxSessionLimit: 999999 - preferredAppGroupType: 'Desktop' - publicNetworkAccess: 'Enabled' - startVMOnConnect: false - validationEnvironment: false + commandLineSetting: 'DoNotAllow' + filePath: 'C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe' + showInPortal: false } } -resource application 'Microsoft.DesktopVirtualization/applicationGroups/applications@2023-09-05' = { - parent: applicationGroup +resource hostPool 'Microsoft.DesktopVirtualization/hostPools@2023-09-05' = { name: resourceName location: location properties: { - commandLineSetting: 'DoNotAllow' - filePath: 'C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe' - showInPortal: false + startVMOnConnect: false + validationEnvironment: false + hostPoolType: 'Pooled' + loadBalancerType: 'BreadthFirst' + maxSessionLimit: 999999 + preferredAppGroupType: 'Desktop' + publicNetworkAccess: 'Enabled' } } diff --git a/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/main.bicep b/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/main.bicep index 75e4a4c3..a402031e 100644 --- a/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/main.bicep +++ b/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/main.bicep @@ -8,7 +8,6 @@ resource applicationGroup 'Microsoft.DesktopVirtualization/applicationGroups@202 applicationGroupType: 'Desktop' description: '' friendlyName: '' - hostPoolArmPath: hostPool.id } } @@ -16,17 +15,17 @@ resource hostPool 'Microsoft.DesktopVirtualization/hostPools@2024-04-03' = { name: '${resourceName}-hp' location: location properties: { - customRdpProperty: '' - description: '' friendlyName: '' hostPoolType: 'Pooled' loadBalancerType: 'BreadthFirst' maxSessionLimit: 999999 personalDesktopAssignmentType: '' preferredAppGroupType: 'Desktop' - publicNetworkAccess: 'Enabled' startVMOnConnect: false validationEnvironment: false + customRdpProperty: '' + description: '' + publicNetworkAccess: 'Enabled' vmTemplate: '' } } diff --git a/settings/remarks/microsoft.devcenter/samples/devcenters/attachednetworks/main.bicep b/settings/remarks/microsoft.devcenter/samples/devcenters/attachednetworks/main.bicep index 7cb03984..b6b30cb3 100644 --- a/settings/remarks/microsoft.devcenter/samples/devcenters/attachednetworks/main.bicep +++ b/settings/remarks/microsoft.devcenter/samples/devcenters/attachednetworks/main.bicep @@ -1,24 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource devCenter 'Microsoft.DevCenter/devcenters@2023-04-01' = { - name: resourceName - location: location - identity: { - type: 'SystemAssigned' - userAssignedIdentities: null - } -} - -resource networkConnection 'Microsoft.DevCenter/networkConnections@2023-04-01' = { - name: resourceName - location: 'westeurope' - properties: { - domainJoinType: 'AzureADJoin' - subnetId: subnet.id - } -} - resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location @@ -31,18 +13,34 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } } +resource devCenter 'Microsoft.DevCenter/devcenters@2023-04-01' = { + name: resourceName + location: location + identity: { + type: 'SystemAssigned' + userAssignedIdentities: null + } +} + resource attachNetwork 'Microsoft.DevCenter/devcenters/attachednetworks@2023-04-01' = { - parent: devCenter name: resourceName + parent: devCenter properties: { networkConnectionId: networkConnection.id } } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: resourceName + parent: virtualNetwork properties: { addressPrefix: '10.0.2.0/24' } } + +resource networkConnection 'Microsoft.DevCenter/networkConnections@2023-04-01' = { + name: resourceName + properties: { + domainJoinType: 'AzureADJoin' + } +} diff --git a/settings/remarks/microsoft.devcenter/samples/devcenters/catalogs/main.bicep b/settings/remarks/microsoft.devcenter/samples/devcenters/catalogs/main.bicep index a6a3809a..5d6fd22b 100644 --- a/settings/remarks/microsoft.devcenter/samples/devcenters/catalogs/main.bicep +++ b/settings/remarks/microsoft.devcenter/samples/devcenters/catalogs/main.bicep @@ -8,8 +8,8 @@ resource devCenter 'Microsoft.DevCenter/devCenters@2025-02-01' = { } resource catalog 'Microsoft.DevCenter/devCenters/catalogs@2025-02-01' = { - parent: devCenter name: '${substring(resourceName, 0, 17)}-catalog' + parent: devCenter properties: { adoGit: { branch: 'main' diff --git a/settings/remarks/microsoft.devcenter/samples/devcenters/devboxdefinitions/main.bicep b/settings/remarks/microsoft.devcenter/samples/devcenters/devboxdefinitions/main.bicep index 2368eef0..f8ef3cd2 100644 --- a/settings/remarks/microsoft.devcenter/samples/devcenters/devboxdefinitions/main.bicep +++ b/settings/remarks/microsoft.devcenter/samples/devcenters/devboxdefinitions/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource devCenter 'Microsoft.DevCenter/devcenters@2023-04-01' = { name: resourceName @@ -11,9 +11,9 @@ resource devCenter 'Microsoft.DevCenter/devcenters@2023-04-01' = { } resource devBoxDefinition 'Microsoft.DevCenter/devcenters/devboxdefinitions@2024-10-01-preview' = { - parent: devCenter name: resourceName location: location + parent: devCenter properties: { hibernateSupport: 'Enabled' imageReference: { diff --git a/settings/remarks/microsoft.devcenter/samples/devcenters/environmenttypes/main.bicep b/settings/remarks/microsoft.devcenter/samples/devcenters/environmenttypes/main.bicep index 48152382..7321f16b 100644 --- a/settings/remarks/microsoft.devcenter/samples/devcenters/environmenttypes/main.bicep +++ b/settings/remarks/microsoft.devcenter/samples/devcenters/environmenttypes/main.bicep @@ -8,6 +8,6 @@ resource devCenter 'Microsoft.DevCenter/devCenters@2025-02-01' = { } resource environmentType 'Microsoft.DevCenter/devCenters/environmentTypes@2025-02-01' = { - parent: devCenter name: resourceName + parent: devCenter } diff --git a/settings/remarks/microsoft.devcenter/samples/devcenters/main.bicep b/settings/remarks/microsoft.devcenter/samples/devcenters/main.bicep index c091a718..145349a9 100644 --- a/settings/remarks/microsoft.devcenter/samples/devcenters/main.bicep +++ b/settings/remarks/microsoft.devcenter/samples/devcenters/main.bicep @@ -1,12 +1,12 @@ param resourceName string = 'acctest0001' param location string = 'eastus' -resource devCenter 'Microsoft.DevCenter/devCenters@2025-02-01' = { - name: resourceName +resource userAssignedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = { + name: '${resourceName}-uai' location: location } -resource userAssignedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = { - name: '${resourceName}-uai' +resource devCenter 'Microsoft.DevCenter/devCenters@2025-02-01' = { + name: resourceName location: location } diff --git a/settings/remarks/microsoft.devcenter/samples/networkconnections/main.bicep b/settings/remarks/microsoft.devcenter/samples/networkconnections/main.bicep index b1655e53..6fd54a6c 100644 --- a/settings/remarks/microsoft.devcenter/samples/networkconnections/main.bicep +++ b/settings/remarks/microsoft.devcenter/samples/networkconnections/main.bicep @@ -6,7 +6,6 @@ resource networkConnection 'Microsoft.DevCenter/networkConnections@2023-04-01' = location: location properties: { domainJoinType: 'AzureADJoin' - subnetId: subnet.id } } @@ -23,8 +22,8 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: resourceName + parent: virtualNetwork properties: { addressPrefix: '10.0.2.0/24' } diff --git a/settings/remarks/microsoft.devcenter/samples/projects/environmenttypes/main.bicep b/settings/remarks/microsoft.devcenter/samples/projects/environmenttypes/main.bicep index 85ced5c5..7296c867 100644 --- a/settings/remarks/microsoft.devcenter/samples/projects/environmenttypes/main.bicep +++ b/settings/remarks/microsoft.devcenter/samples/projects/environmenttypes/main.bicep @@ -11,22 +11,22 @@ resource project 'Microsoft.DevCenter/projects@2025-02-01' = { name: '${resourceName}-proj' location: location properties: { - description: '' devCenterId: devCenter.id maxDevBoxesPerUser: 0 + description: '' } } resource environmentType 'Microsoft.DevCenter/devCenters/environmentTypes@2025-02-01' = { - parent: devCenter name: '${resourceName}-envtype' + parent: devCenter } resource environmenttype1 'Microsoft.DevCenter/projects/environmentTypes@2025-02-01' = { + name: 'azapi_resource.environmentType.name' parent: project - name: 'environmentType.name' properties: { - deploymentTargetId: '/subscriptions/subscription().subscriptionId' + deploymentTargetId: '/subscriptions/${subscription().subscriptionId}' status: 'Enabled' } } diff --git a/settings/remarks/microsoft.devcenter/samples/projects/main.bicep b/settings/remarks/microsoft.devcenter/samples/projects/main.bicep index 53ecbc92..b9f60cb0 100644 --- a/settings/remarks/microsoft.devcenter/samples/projects/main.bicep +++ b/settings/remarks/microsoft.devcenter/samples/projects/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westus' +param resourceName string = 'acctest0001' resource devCenter 'Microsoft.DevCenter/devCenters@2025-02-01' = { name: resourceName diff --git a/settings/remarks/microsoft.devices/samples/iothubs/certificates/main.bicep b/settings/remarks/microsoft.devices/samples/iothubs/certificates/main.bicep index eaac0850..3246a71a 100644 --- a/settings/remarks/microsoft.devices/samples/iothubs/certificates/main.bicep +++ b/settings/remarks/microsoft.devices/samples/iothubs/certificates/main.bicep @@ -1,13 +1,18 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @secure() @description('The Base64 encoded certificate content for the IoT Hub') param certificateContent string +param resourceName string = 'acctest0001' -resource iothub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { +resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'B1' + } properties: { + storageEndpoints: {} cloudToDevice: {} enableFileUploadNotifications: false messagingEndpoints: {} @@ -21,19 +26,14 @@ resource iothub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { source: 'DeviceMessages' } } - storageEndpoints: {} - } - sku: { - capacity: 1 - name: 'B1' } } resource certificate 'Microsoft.Devices/IotHubs/certificates@2022-04-30-preview' = { - parent: iothub name: resourceName + parent: iotHub properties: { - certificate: null + certificate: '${certificateContent}' isVerified: false } } diff --git a/settings/remarks/microsoft.devices/samples/iothubs/main.bicep b/settings/remarks/microsoft.devices/samples/iothubs/main.bicep index 036e8dd0..462703d5 100644 --- a/settings/remarks/microsoft.devices/samples/iothubs/main.bicep +++ b/settings/remarks/microsoft.devices/samples/iothubs/main.bicep @@ -1,9 +1,13 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource iothub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { +resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'S1' + } properties: { cloudToDevice: {} enableFileUploadNotifications: false @@ -20,8 +24,4 @@ resource iothub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { } storageEndpoints: {} } - sku: { - capacity: 1 - name: 'S1' - } } diff --git a/settings/remarks/microsoft.devices/samples/provisioningservices/certificates/main.bicep b/settings/remarks/microsoft.devices/samples/provisioningservices/certificates/main.bicep index 0132ce72..9dfdd9a4 100644 --- a/settings/remarks/microsoft.devices/samples/provisioningservices/certificates/main.bicep +++ b/settings/remarks/microsoft.devices/samples/provisioningservices/certificates/main.bicep @@ -4,21 +4,21 @@ param location string = 'westeurope' resource provisioningService 'Microsoft.Devices/provisioningServices@2022-02-05' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'S1' + } properties: { allocationPolicy: 'Hashed' enableDataResidency: false iotHubs: [] publicNetworkAccess: 'Enabled' } - sku: { - capacity: 1 - name: 'S1' - } } resource certificate 'Microsoft.Devices/provisioningServices/certificates@2022-02-05' = { - parent: provisioningService name: resourceName + parent: provisioningService properties: { certificate: 'LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlEYnpDQ0FsZWdBd0lCQWdJSkFJempSRDM2c0liYk1BMEdDU3FHU0liM0RRRUJDd1VBTUUweEN6QUpCZ05WDQpCQVlUQWxWVE1STXdFUVlEVlFRSURBcFRiMjFsTFZOMFlYUmxNUkl3RUFZRFZRUUtEQWwwWlhKeVlXWnZjbTB4DQpGVEFUQmdOVkJBTU1ESFJsY25KaFptOXliUzVwYnpBZ0Z3MHhOekEwTWpFeU1EQTFNamRhR0E4eU1URTNNRE15DQpPREl3TURVeU4xb3dUVEVMTUFrR0ExVUVCaE1DVlZNeEV6QVJCZ05WQkFnTUNsTnZiV1V0VTNSaGRHVXhFakFRDQpCZ05WQkFvTUNYUmxjbkpoWm05eWJURVZNQk1HQTFVRUF3d01kR1Z5Y21GbWIzSnRMbWx2TUlJQklqQU5CZ2txDQpoa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQTNMOUw1c3pUNCtGTHlrVEZOeXlQankvazNCUVRZQWZSDQpRelAyZGhuc3VVS20zY2RQQzBOeVord0VYSVVHaG9ETzJZRzZFWUNoT2w4ZnNEcURPamxvU1VHS3FZdysrbmxwDQpISXVVZ0p4OEl4eEcyWGtBTENqRlU3RW1GK3c3a243NmQwZXpwRUlZeG5MUCtLRzJEVm9ybm9FdDFhTGh2MU1MDQptcGdFWlpQaERiTVNMaFNZV2VUVlJNYXlYTHdxdGZnbkR1bVFTQis4ZC8xSnVKcXJTSTRwRDEySm96VlRoemI2DQpoc2pmYjZSTVg0ZXBQbXJHbjBQYlRQRUVBNmF3bXN4QkNYQjBzMTNuTlF0L08waExNMmFnd3ZBeW96aWxRVitzDQo2MTZDa2drNkRKb1VrcVpoRHk3dlBZTUlSU3I5OGZCd3M2emtyVjZ0VExqbUQ4eEF2b2JlUFFJREFRQUJvMUF3DQpUakFkQmdOVkhRNEVGZ1FVWElxTzQyMXpNTW1iY1JSWDl3Y3RaRkNRdVBJd0h3WURWUjBqQkJnd0ZvQVVYSXFPDQo0MjF6TU1tYmNSUlg5d2N0WkZDUXVQSXdEQVlEVlIwVEJBVXdBd0VCL3pBTkJna3Foa2lHOXcwQkFRc0ZBQU9DDQpBUUVBcjgyTmVUM0JZSk9LTGxVTDZPbTVMalVGNjZld2NKakc5bHRkdnlRd1ZuZU1jcTd0NVVBUHhnQ2h6cU5SDQpWazRkYThQemtYcGpCSnlXZXpIdXBkSk5YM1hxZVVrMmtTeHFRNi9nbWhxdmZJM3k3ZGpyd29PNmp2TUVZMjZXDQpxdGtUTk9SV0RQM1RISkpWaW1DM3pWK0tNVTVVQlZyRXpoT1ZoSFNVNzA5bEJQNzVvMEJCbjN4R3NQcVNxOWs4DQpJb3RJRmZ5QWM2YStYUDMrWk1wdmg3d3FBVW1sN3ZXYTV3bGNYRXhDeDM5aDFiYWxmRFNMR05DNHN3V1BDcDlBDQpNblFSMHArdk1heTloTlAxRWgrOVFZVWFpMTRkNUtTM2NGVitLeEUxY0pSNUhEL2lMbHRubk9FYnBNc0IwZVZPDQpaV2tGdkU3WTVsVzBvVlNBZmluNVR3VEpNUT09DQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0t' } diff --git a/settings/remarks/microsoft.devices/samples/provisioningservices/main.bicep b/settings/remarks/microsoft.devices/samples/provisioningservices/main.bicep index e38ef376..2db45788 100644 --- a/settings/remarks/microsoft.devices/samples/provisioningservices/main.bicep +++ b/settings/remarks/microsoft.devices/samples/provisioningservices/main.bicep @@ -4,14 +4,14 @@ param location string = 'westeurope' resource provisioningService 'Microsoft.Devices/provisioningServices@2022-02-05' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'S1' + } properties: { allocationPolicy: 'Hashed' enableDataResidency: false iotHubs: [] publicNetworkAccess: 'Enabled' } - sku: { - capacity: 1 - name: 'S1' - } } diff --git a/settings/remarks/microsoft.deviceupdate/samples/accounts/instances/main.bicep b/settings/remarks/microsoft.deviceupdate/samples/accounts/instances/main.bicep index 348c8fb1..21270127 100644 --- a/settings/remarks/microsoft.deviceupdate/samples/accounts/instances/main.bicep +++ b/settings/remarks/microsoft.deviceupdate/samples/accounts/instances/main.bicep @@ -1,30 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' - -resource iothub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { - name: resourceName - location: location - properties: { - cloudToDevice: {} - enableFileUploadNotifications: false - messagingEndpoints: {} - routing: { - fallbackRoute: { - condition: 'true' - endpointNames: [ - 'events' - ] - isEnabled: true - source: 'DeviceMessages' - } - } - storageEndpoints: {} - } - sku: { - capacity: 1 - name: 'S1' - } -} +param resourceName string = 'acctest0001' resource account 'Microsoft.DeviceUpdate/accounts@2022-10-01' = { name: resourceName @@ -36,16 +11,41 @@ resource account 'Microsoft.DeviceUpdate/accounts@2022-10-01' = { } resource instance 'Microsoft.DeviceUpdate/accounts/instances@2022-10-01' = { - parent: account name: resourceName location: location + parent: account properties: { accountName: account.name enableDiagnostics: false iotHubs: [ { - resourceId: iothub.id + resourceId: iotHub.id } ] } } + +resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { + name: resourceName + location: location + sku: { + capacity: 1 + name: 'S1' + } + properties: { + storageEndpoints: {} + cloudToDevice: {} + enableFileUploadNotifications: false + messagingEndpoints: {} + routing: { + fallbackRoute: { + condition: 'true' + endpointNames: [ + 'events' + ] + isEnabled: true + source: 'DeviceMessages' + } + } + } +} diff --git a/settings/remarks/microsoft.devtestlab/samples/labs/policysets/policies/main.bicep b/settings/remarks/microsoft.devtestlab/samples/labs/policysets/policies/main.bicep index 94a1f5c2..d2b25310 100644 --- a/settings/remarks/microsoft.devtestlab/samples/labs/policysets/policies/main.bicep +++ b/settings/remarks/microsoft.devtestlab/samples/labs/policysets/policies/main.bicep @@ -6,15 +6,8 @@ resource lab 'Microsoft.DevTestLab/labs@2018-09-15' = { location: location } -// The policy set is a singleton named 'default' under the lab -resource policySet 'Microsoft.DevTestLab/labs/policySets@2018-09-15' existing = { - parent: lab - name: 'default' -} - resource policy 'Microsoft.DevTestLab/labs/policySets/policies@2018-09-15' = { - parent: policySet - name: 'LabVmCount' + name: 'policySets/default/LabVmCount' properties: { description: '' evaluatorType: 'MaxValuePolicy' diff --git a/settings/remarks/microsoft.devtestlab/samples/labs/schedules/main.bicep b/settings/remarks/microsoft.devtestlab/samples/labs/schedules/main.bicep index c4733acb..dbaa851d 100644 --- a/settings/remarks/microsoft.devtestlab/samples/labs/schedules/main.bicep +++ b/settings/remarks/microsoft.devtestlab/samples/labs/schedules/main.bicep @@ -10,10 +10,11 @@ resource lab 'Microsoft.DevTestLab/labs@2018-09-15' = { } resource schedule 'Microsoft.DevTestLab/labs/schedules@2018-09-15' = { - parent: lab name: 'LabVmsShutdown' location: location + parent: lab properties: { + timeZoneId: 'India Standard Time' dailyRecurrence: { time: '0100' } @@ -24,7 +25,6 @@ resource schedule 'Microsoft.DevTestLab/labs/schedules@2018-09-15' = { } status: 'Disabled' taskType: 'LabVmsShutdownTask' - timeZoneId: 'India Standard Time' } tags: { environment: 'Production' diff --git a/settings/remarks/microsoft.devtestlab/samples/labs/virtualmachines/main.bicep b/settings/remarks/microsoft.devtestlab/samples/labs/virtualmachines/main.bicep index ce588176..d32d7be7 100644 --- a/settings/remarks/microsoft.devtestlab/samples/labs/virtualmachines/main.bicep +++ b/settings/remarks/microsoft.devtestlab/samples/labs/virtualmachines/main.bicep @@ -13,11 +13,10 @@ resource lab 'Microsoft.DevTestLab/labs@2018-09-15' = { } resource virtualMachine 'Microsoft.DevTestLab/labs/virtualMachines@2018-09-15' = { - parent: lab name: resourceName location: location + parent: lab properties: { - allowClaim: true disallowPublicIpAddress: false galleryImageReference: { offer: 'WindowsServer' @@ -26,28 +25,33 @@ resource virtualMachine 'Microsoft.DevTestLab/labs/virtualMachines@2018-09-15' = sku: '2012-Datacenter' version: 'latest' } - isAuthenticationWithSshKey: false - labSubnetName: '\'${resourceName}Subnet\'' - labVirtualNetworkId: virtualNetwork.id networkInterface: {} - notes: '' osType: 'Windows' - password: null + password: vmPassword size: 'Standard_F2' + allowClaim: true + isAuthenticationWithSshKey: false + labSubnetName: '${resourceName}Subnet' + notes: '' storageType: 'Standard' userName: 'acct5stU5er' } } resource virtualNetwork 'Microsoft.DevTestLab/labs/virtualNetworks@2018-09-15' = { - parent: lab name: resourceName + parent: lab properties: { description: '' subnetOverrides: [ { - labSubnetName: '\'${resourceName}Subnet\'' - resourceId: resourceId('Microsoft.Network/virtualNetworks/subnets', resourceName, '${resourceName}Subnet') + labSubnetName: '${resourceName}Subnet' + resourceId: resourceId( + 'Microsoft.Network/virtualNetworks/subnets', + resourceGroup().name, + resourceName, + '${resourceName}Subnet' + ) useInVmCreationPermission: 'Allow' usePublicIpAddressPermission: 'Allow' } diff --git a/settings/remarks/microsoft.devtestlab/samples/labs/virtualnetworks/main.bicep b/settings/remarks/microsoft.devtestlab/samples/labs/virtualnetworks/main.bicep index 68435e1e..25065ec0 100644 --- a/settings/remarks/microsoft.devtestlab/samples/labs/virtualnetworks/main.bicep +++ b/settings/remarks/microsoft.devtestlab/samples/labs/virtualnetworks/main.bicep @@ -10,16 +10,21 @@ resource lab 'Microsoft.DevTestLab/labs@2018-09-15' = { } resource virtualNetwork 'Microsoft.DevTestLab/labs/virtualNetworks@2018-09-15' = { - parent: lab name: resourceName + parent: lab properties: { description: '' subnetOverrides: [ { - labSubnetName: '\'${resourceName}Subnet\'' - resourceId: resourceId('Microsoft.Network/virtualNetworks/subnets', resourceName, '${resourceName}Subnet') useInVmCreationPermission: 'Allow' usePublicIpAddressPermission: 'Allow' + labSubnetName: '${resourceName}Subnet' + resourceId: resourceId( + 'Microsoft.Network/virtualNetworks/subnets', + resourceGroup().name, + resourceName, + '${resourceName}Subnet' + ) } ] } diff --git a/settings/remarks/microsoft.devtestlab/samples/schedules/main.bicep b/settings/remarks/microsoft.devtestlab/samples/schedules/main.bicep index 6aa87538..669e94ee 100644 --- a/settings/remarks/microsoft.devtestlab/samples/schedules/main.bicep +++ b/settings/remarks/microsoft.devtestlab/samples/schedules/main.bicep @@ -17,9 +17,7 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { primary: true privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - subnet: { - id: subnet.id - } + subnet: {} } } ] @@ -30,6 +28,9 @@ resource schedule 'Microsoft.DevTestLab/schedules@2018-09-15' = { name: resourceName location: location properties: { + status: 'Enabled' + taskType: 'ComputeVmShutdownTask' + timeZoneId: 'Pacific Standard Time' dailyRecurrence: { time: '0100' } @@ -39,10 +40,6 @@ resource schedule 'Microsoft.DevTestLab/schedules@2018-09-15' = { timeInMinutes: 30 webhookUrl: '' } - status: 'Enabled' - targetResourceId: virtualMachine.id - taskType: 'ComputeVmShutdownTask' - timeZoneId: 'Pacific Standard Time' } tags: { environment: 'Production' @@ -54,6 +51,27 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { location: location properties: { additionalCapabilities: {} + extensionsTimeBudget: 'PT1H30M' + priority: 'Regular' + storageProfile: { + imageReference: { + sku: '18.04-LTS' + version: 'latest' + offer: 'UbuntuServer' + publisher: 'Canonical' + } + osDisk: { + caching: 'ReadWrite' + createOption: 'FromImage' + managedDisk: { + storageAccountType: 'Standard_LRS' + } + name: 'myosdisk-230630033106863551' + osType: 'Linux' + writeAcceleratorEnabled: false + } + dataDisks: [] + } applicationProfile: { galleryApplications: [] } @@ -63,7 +81,6 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { storageUri: '' } } - extensionsTimeBudget: 'PT1H30M' hardwareProfile: { vmSize: 'Standard_B2s' } @@ -78,12 +95,10 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { ] } osProfile: { - adminPassword: null adminUsername: 'testadmin' allowExtensionOperations: true - computerName: 'acctest0001' + computerName: resourceName linuxConfiguration: { - disablePasswordAuthentication: false patchSettings: { assessmentMode: 'ImageDefault' patchMode: 'ImageDefault' @@ -92,28 +107,10 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { ssh: { publicKeys: [] } + disablePasswordAuthentication: false } secrets: [] - } - priority: 'Regular' - storageProfile: { - dataDisks: [] - imageReference: { - offer: 'UbuntuServer' - publisher: 'Canonical' - sku: '18.04-LTS' - version: 'latest' - } - osDisk: { - caching: 'ReadWrite' - createOption: 'FromImage' - managedDisk: { - storageAccountType: 'Standard_LRS' - } - name: 'myosdisk-230630033106863551' - osType: 'Linux' - writeAcceleratorEnabled: false - } + adminPassword: adminPassword } } } @@ -122,6 +119,7 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location properties: { + subnets: [] addressSpace: { addressPrefixes: [ '10.0.0.0/16' @@ -130,19 +128,18 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { dhcpOptions: { dnsServers: [] } - subnets: [] } } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: resourceName + parent: virtualNetwork properties: { + serviceEndpoints: [] addressPrefix: '10.0.2.0/24' delegations: [] privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] - serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.digitaltwins/samples/digitaltwinsinstances/endpoints/main.bicep b/settings/remarks/microsoft.digitaltwins/samples/digitaltwinsinstances/endpoints/main.bicep index 7ed9bdf0..a6f23f9b 100644 --- a/settings/remarks/microsoft.digitaltwins/samples/digitaltwinsinstances/endpoints/main.bicep +++ b/settings/remarks/microsoft.digitaltwins/samples/digitaltwinsinstances/endpoints/main.bicep @@ -6,36 +6,36 @@ resource digitalTwinsInstance 'Microsoft.DigitalTwins/digitalTwinsInstances@2020 location: location } -resource namespace 'Microsoft.ServiceBus/namespaces@2022-01-01-preview' = { +resource endpoint 'Microsoft.DigitalTwins/digitalTwinsInstances/endpoints@2020-12-01' = { name: resourceName - location: location + parent: digitalTwinsInstance properties: { - disableLocalAuth: false - publicNetworkAccess: 'Enabled' - zoneRedundant: false + authenticationType: 'KeyBased' + deadLetterSecret: '' + endpointType: 'ServiceBus' + primaryConnectionString: authorizationRule.listKeys().primaryConnectionString + secondaryConnectionString: authorizationRule.listKeys().secondaryConnectionString } +} + +resource namespace 'Microsoft.ServiceBus/namespaces@2022-01-01-preview' = { + name: resourceName + location: location sku: { capacity: 0 name: 'Standard' tier: 'Standard' } -} - -resource endpoint 'Microsoft.DigitalTwins/digitalTwinsInstances/endpoints@2020-12-01' = { - parent: digitalTwinsInstance - name: resourceName properties: { - authenticationType: 'KeyBased' - deadLetterSecret: '' - endpointType: 'ServiceBus' - primaryConnectionString: 'authorizationRule.listKeys().primaryConnectionString' - secondaryConnectionString: 'authorizationRule.listKeys().secondaryConnectionString' + disableLocalAuth: false + publicNetworkAccess: 'Enabled' + zoneRedundant: false } } resource topic 'Microsoft.ServiceBus/namespaces/topics@2021-06-01-preview' = { - parent: namespace name: resourceName + parent: namespace properties: { enableBatchedOperations: false enableExpress: false @@ -48,8 +48,8 @@ resource topic 'Microsoft.ServiceBus/namespaces/topics@2021-06-01-preview' = { } resource authorizationRule 'Microsoft.ServiceBus/namespaces/topics/authorizationRules@2021-06-01-preview' = { - parent: topic name: resourceName + parent: topic properties: { rights: [ 'Send' diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/main.bicep index 6c9cc2f6..9622bacb 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/main.bicep @@ -6,25 +6,16 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { + virtualNetworkRules: [] capabilities: [ { name: 'EnableCassandra' } ] - consistencyPolicy: { - defaultConsistencyLevel: 'Strong' - maxIntervalInSeconds: 5 - maxStalenessPrefix: 100 - } + enableFreeTier: false databaseAccountOfferType: 'Standard' defaultIdentity: 'FirstPartyIdentity' - disableKeyBasedMetadataWriteAccess: false - disableLocalAuth: false enableAnalyticalStorage: false - enableAutomaticFailover: false - enableFreeTier: false - enableMultipleWriteLocations: false - ipRules: [] isVirtualNetworkFilterEnabled: false locations: [ { @@ -33,20 +24,29 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { locationName: 'West Europe' } ] + publicNetworkAccess: 'Enabled' + disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false + enableAutomaticFailover: false + enableMultipleWriteLocations: false + ipRules: [] + consistencyPolicy: { + defaultConsistencyLevel: 'Strong' + maxIntervalInSeconds: 5 + maxStalenessPrefix: 100 + } networkAclBypass: 'None' networkAclBypassResourceIds: [] - publicNetworkAccess: 'Enabled' - virtualNetworkRules: [] } } resource cassandraKeyspace 'Microsoft.DocumentDB/databaseAccounts/cassandraKeyspaces@2021-10-15' = { - parent: databaseAccount name: resourceName + parent: databaseAccount properties: { options: {} resource: { - id: 'acctest0001' + id: '${resourceName}' } } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/tables/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/tables/main.bicep index 01f22229..e18d0dca 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/tables/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/tables/main.bicep @@ -1,9 +1,9 @@ param resourceName string = 'acctest0001' param location string = 'eastus' -var keyspaceName = '${toLower(resourceName)}ks' -var tableName = '${toLower(resourceName)}tbl' -var accountName = toLower(replace(resourceName, '-', '')) +var keyspaceName = 'resourcenameks' +var tableName = 'resourcenametbl' +var accountName = 'resourcename' resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2024-08-15' = { name: accountName @@ -11,6 +11,17 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2024-08-15' = { kind: 'GlobalDocumentDB' properties: { backupPolicy: null + enableAutomaticFailover: false + enableBurstCapacity: false + locations: [ + { + failoverPriority: 0 + isZoneRedundant: false + locationName: '${location}' + } + ] + minimalTlsVersion: 'Tls12' + virtualNetworkRules: [] capabilities: [ { name: 'EnableCassandra' @@ -22,51 +33,40 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2024-08-15' = { maxStalenessPrefix: 100 } databaseAccountOfferType: 'Standard' - defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false - enableAnalyticalStorage: true - enableAutomaticFailover: false - enableBurstCapacity: false enableFreeTier: false - enableMultipleWriteLocations: false enablePartitionMerge: false - ipRules: [] + networkAclBypassResourceIds: [] + enableAnalyticalStorage: true isVirtualNetworkFilterEnabled: false - locations: [ - { - failoverPriority: 0 - isZoneRedundant: false - locationName: 'eastus' - } - ] - minimalTlsVersion: 'Tls12' networkAclBypass: 'None' - networkAclBypassResourceIds: [] publicNetworkAccess: 'Enabled' - virtualNetworkRules: [] + defaultIdentity: 'FirstPartyIdentity' + enableMultipleWriteLocations: false + ipRules: [] } } resource cassandraKeyspace 'Microsoft.DocumentDB/databaseAccounts/cassandraKeyspaces@2021-10-15' = { - parent: databaseAccount name: keyspaceName + parent: databaseAccount properties: { options: {} resource: { - id: keyspaceName + id: '${keyspaceName}' } } } resource table 'Microsoft.DocumentDB/databaseAccounts/cassandraKeyspaces/tables@2021-10-15' = { - parent: cassandraKeyspace name: tableName + parent: cassandraKeyspace properties: { options: {} resource: { analyticalStorageTtl: 1 - id: tableName + id: '${tableName}' schema: { clusterKeys: [] columns: [ diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/graphs/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/graphs/main.bicep index 497566c8..3d5eb3f7 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/graphs/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/graphs/main.bicep @@ -16,15 +16,16 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { maxIntervalInSeconds: 5 maxStalenessPrefix: 100 } - databaseAccountOfferType: 'Standard' + disableLocalAuth: false + networkAclBypassResourceIds: [] + publicNetworkAccess: 'Enabled' defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false - disableLocalAuth: false enableAnalyticalStorage: false - enableAutomaticFailover: false enableFreeTier: false + networkAclBypass: 'None' + virtualNetworkRules: [] enableMultipleWriteLocations: false - ipRules: [] isVirtualNetworkFilterEnabled: false locations: [ { @@ -33,33 +34,32 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { locationName: 'West Europe' } ] - networkAclBypass: 'None' - networkAclBypassResourceIds: [] - publicNetworkAccess: 'Enabled' - virtualNetworkRules: [] + databaseAccountOfferType: 'Standard' + enableAutomaticFailover: false + ipRules: [] } } resource gremlinDatabase 'Microsoft.DocumentDB/databaseAccounts/gremlinDatabases@2023-04-15' = { - parent: databaseAccount name: resourceName + parent: databaseAccount properties: { options: {} resource: { - id: 'acctest0001' + id: '${resourceName}' } } } resource graph 'Microsoft.DocumentDB/databaseAccounts/gremlinDatabases/graphs@2023-04-15' = { - parent: gremlinDatabase name: resourceName + parent: gremlinDatabase properties: { options: { throughput: 400 } resource: { - id: 'acctest0001' + id: '${resourceName}' partitionKey: { kind: 'Hash' paths: [ diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/main.bicep index a620ab10..2a807513 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/main.bicep @@ -6,26 +6,28 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { - capabilities: [ - { - name: 'EnableGremlin' - } - ] + defaultIdentity: 'FirstPartyIdentity' + isVirtualNetworkFilterEnabled: false consistencyPolicy: { + maxStalenessPrefix: 100 defaultConsistencyLevel: 'Strong' maxIntervalInSeconds: 5 - maxStalenessPrefix: 100 } + disableLocalAuth: false + enableAutomaticFailover: false + ipRules: [] + publicNetworkAccess: 'Enabled' databaseAccountOfferType: 'Standard' - defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false - disableLocalAuth: false enableAnalyticalStorage: false - enableAutomaticFailover: false enableFreeTier: false enableMultipleWriteLocations: false - ipRules: [] - isVirtualNetworkFilterEnabled: false + networkAclBypass: 'None' + capabilities: [ + { + name: 'EnableGremlin' + } + ] locations: [ { failoverPriority: 0 @@ -33,20 +35,18 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { locationName: 'West Europe' } ] - networkAclBypass: 'None' networkAclBypassResourceIds: [] - publicNetworkAccess: 'Enabled' virtualNetworkRules: [] } } resource gremlinDatabase 'Microsoft.DocumentDB/databaseAccounts/gremlinDatabases@2023-04-15' = { - parent: databaseAccount name: resourceName + parent: databaseAccount properties: { options: {} resource: { - id: 'acctest0001' + id: '${resourceName}' } } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/main.bicep index 325a0359..eb48928d 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/main.bicep @@ -6,32 +6,32 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { - capabilities: [] - consistencyPolicy: { - defaultConsistencyLevel: 'BoundedStaleness' - maxIntervalInSeconds: 10 - maxStalenessPrefix: 200 - } - databaseAccountOfferType: 'Standard' - defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false - enableAnalyticalStorage: false enableAutomaticFailover: false - enableFreeTier: false - enableMultipleWriteLocations: false - ipRules: [] - isVirtualNetworkFilterEnabled: false locations: [ { - failoverPriority: 0 isZoneRedundant: false locationName: 'West Europe' + failoverPriority: 0 } ] networkAclBypass: 'None' + databaseAccountOfferType: 'Standard' + enableAnalyticalStorage: false + defaultIdentity: 'FirstPartyIdentity' + isVirtualNetworkFilterEnabled: false networkAclBypassResourceIds: [] - publicNetworkAccess: 'Enabled' virtualNetworkRules: [] + capabilities: [] + enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] + publicNetworkAccess: 'Enabled' + consistencyPolicy: { + defaultConsistencyLevel: 'BoundedStaleness' + maxIntervalInSeconds: 10 + maxStalenessPrefix: 200 + } } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbdatabases/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbdatabases/main.bicep index 55714880..cf602e09 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbdatabases/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbdatabases/main.bicep @@ -11,42 +11,42 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { name: 'EnableMongo' } ] - consistencyPolicy: { - defaultConsistencyLevel: 'Strong' - maxIntervalInSeconds: 5 - maxStalenessPrefix: 100 - } - databaseAccountOfferType: 'Standard' defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false - disableLocalAuth: false - enableAnalyticalStorage: false enableAutomaticFailover: false - enableFreeTier: false enableMultipleWriteLocations: false ipRules: [] - isVirtualNetworkFilterEnabled: false locations: [ { + locationName: 'West Europe' failoverPriority: 0 isZoneRedundant: false - locationName: 'West Europe' } ] networkAclBypass: 'None' - networkAclBypassResourceIds: [] + consistencyPolicy: { + maxIntervalInSeconds: 5 + maxStalenessPrefix: 100 + defaultConsistencyLevel: 'Strong' + } + databaseAccountOfferType: 'Standard' + enableFreeTier: false + isVirtualNetworkFilterEnabled: false publicNetworkAccess: 'Enabled' virtualNetworkRules: [] + disableLocalAuth: false + networkAclBypassResourceIds: [] + enableAnalyticalStorage: false } } resource mongodbDatabase 'Microsoft.DocumentDB/databaseAccounts/mongodbDatabases@2021-10-15' = { - parent: databaseAccount name: resourceName + parent: databaseAccount properties: { options: {} resource: { - id: 'acctest0001' + id: '${resourceName}' } } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbroledefinitions/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbroledefinitions/main.bicep index c6bc4736..4ea8ceb7 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbroledefinitions/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbroledefinitions/main.bicep @@ -1,76 +1,76 @@ -param resourceName string = 'acctest0001' param location string = 'eastus' +param resourceName string = 'acctest0001' -var accountName = toLower(replace(resourceName, '-', '')) -var dbName = '${toLower(resourceName)}db' -var roleName = '${toLower(resourceName)}role' +var dbName = 'resourcenamedb' +var roleName = 'resourcenamerole' +var accountName = 'resourcename' resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2024-08-15' = { name: accountName location: location kind: 'MongoDB' properties: { - backupPolicy: null - capabilities: [ - { - name: 'EnableMongoRoleBasedAccessControl' - } - { - name: 'EnableMongo' - } - ] - consistencyPolicy: { - defaultConsistencyLevel: 'Strong' - maxIntervalInSeconds: 5 - maxStalenessPrefix: 100 - } databaseAccountOfferType: 'Standard' - defaultIdentity: 'FirstPartyIdentity' - disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false enableAnalyticalStorage: false enableAutomaticFailover: false enableBurstCapacity: false - enableFreeTier: false - enableMultipleWriteLocations: false - enablePartitionMerge: false - ipRules: [] - isVirtualNetworkFilterEnabled: false locations: [ { failoverPriority: 0 isZoneRedundant: false - locationName: 'eastus' + locationName: '${location}' } ] + virtualNetworkRules: [] + backupPolicy: null + disableKeyBasedMetadataWriteAccess: false + ipRules: [] + networkAclBypassResourceIds: [] + enablePartitionMerge: false + consistencyPolicy: { + defaultConsistencyLevel: 'Strong' + maxIntervalInSeconds: 5 + maxStalenessPrefix: 100 + } + enableFreeTier: false + isVirtualNetworkFilterEnabled: false minimalTlsVersion: 'Tls12' + defaultIdentity: 'FirstPartyIdentity' + enableMultipleWriteLocations: false networkAclBypass: 'None' - networkAclBypassResourceIds: [] publicNetworkAccess: 'Enabled' - virtualNetworkRules: [] + capabilities: [ + { + name: 'EnableMongoRoleBasedAccessControl' + } + { + name: 'EnableMongo' + } + ] } } resource mongodbDatabase 'Microsoft.DocumentDB/databaseAccounts/mongodbDatabases@2021-10-15' = { - parent: databaseAccount name: dbName + parent: databaseAccount properties: { options: {} resource: { - id: dbName + id: '${dbName}' } } } resource mongodbRoleDefinition 'Microsoft.DocumentDB/databaseAccounts/mongodbRoleDefinitions@2022-11-15' = { - parent: databaseAccount name: '${dbName}.${roleName}' - properties: { - databaseName: dbName - roleName: roleName - type: 1 - } + parent: databaseAccount dependsOn: [ mongodbDatabase ] + properties: { + databaseName: '${dbName}' + roleName: '${roleName}' + type: 1 + } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbuserdefinitions/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbuserdefinitions/main.bicep index 471dae66..db297983 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbuserdefinitions/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbuserdefinitions/main.bicep @@ -9,7 +9,28 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2024-08-15' = { location: location kind: 'MongoDB' properties: { + enableAutomaticFailover: false + minimalTlsVersion: 'Tls12' + networkAclBypass: 'None' + publicNetworkAccess: 'Enabled' + databaseAccountOfferType: 'Standard' + enableMultipleWriteLocations: false + locations: [ + { + failoverPriority: 0 + isZoneRedundant: false + locationName: '${location}' + } + ] + enableAnalyticalStorage: false + enableBurstCapacity: false + enablePartitionMerge: false + ipRules: [] + isVirtualNetworkFilterEnabled: false + networkAclBypassResourceIds: [] + virtualNetworkRules: [] backupPolicy: null + enableFreeTier: false capabilities: [ { name: 'EnableMongoRoleBasedAccessControl' @@ -19,54 +40,33 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2024-08-15' = { } ] consistencyPolicy: { + maxStalenessPrefix: 100 defaultConsistencyLevel: 'Strong' maxIntervalInSeconds: 5 - maxStalenessPrefix: 100 } - databaseAccountOfferType: 'Standard' disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false - enableAnalyticalStorage: false - enableAutomaticFailover: false - enableBurstCapacity: false - enableFreeTier: false - enableMultipleWriteLocations: false - enablePartitionMerge: false - ipRules: [] - isVirtualNetworkFilterEnabled: false - locations: [ - { - failoverPriority: 0 - isZoneRedundant: false - locationName: 'westus' - } - ] - minimalTlsVersion: 'Tls12' - networkAclBypass: 'None' - networkAclBypassResourceIds: [] - publicNetworkAccess: 'Enabled' - virtualNetworkRules: [] } } resource mongodbDatabas 'Microsoft.DocumentDB/databaseAccounts/mongodbDatabases@2021-10-15' = { - parent: databaseAccount name: '${resourceName}-mongodb' + parent: databaseAccount properties: { options: {} resource: { - id: 'acctest0001-mongodb' + id: '${resourceName}-mongodb' } } } resource mongodbUserDefinition 'Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions@2022-11-15' = { - parent: databaseAccount name: '${mongodbDatabas.name}.myUserName' + parent: databaseAccount properties: { databaseName: mongodbDatabas.name mechanisms: 'SCRAM-SHA-256' - password: null + password: mongodbUserPassword userName: 'myUserName' } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/services/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/services/main.bicep index fe8b85c7..95d3b42d 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/services/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/services/main.bicep @@ -1,44 +1,44 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { name: resourceName location: location kind: 'GlobalDocumentDB' properties: { + disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false + isVirtualNetworkFilterEnabled: false + networkAclBypassResourceIds: [] capabilities: [] consistencyPolicy: { defaultConsistencyLevel: 'BoundedStaleness' maxIntervalInSeconds: 5 maxStalenessPrefix: 100 } + publicNetworkAccess: 'Enabled' databaseAccountOfferType: 'Standard' - defaultIdentity: 'FirstPartyIdentity' - disableKeyBasedMetadataWriteAccess: false - disableLocalAuth: false enableAnalyticalStorage: false - enableAutomaticFailover: false - enableFreeTier: false enableMultipleWriteLocations: false ipRules: [] - isVirtualNetworkFilterEnabled: false + virtualNetworkRules: [] + defaultIdentity: 'FirstPartyIdentity' + enableAutomaticFailover: false + enableFreeTier: false locations: [ { + locationName: 'West Europe' failoverPriority: 0 isZoneRedundant: false - locationName: 'West Europe' } ] networkAclBypass: 'None' - networkAclBypassResourceIds: [] - publicNetworkAccess: 'Enabled' - virtualNetworkRules: [] } } resource service 'Microsoft.DocumentDB/databaseAccounts/services@2022-05-15' = { - parent: databaseAccount name: 'SqlDedicatedGateway' + parent: databaseAccount properties: { instanceCount: 1 instanceSize: 'Cosmos.D4s' diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/main.bicep index 145232df..d1b0b5ea 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/main.bicep @@ -6,52 +6,52 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { - capabilities: [] consistencyPolicy: { defaultConsistencyLevel: 'BoundedStaleness' maxIntervalInSeconds: 10 maxStalenessPrefix: 200 } databaseAccountOfferType: 'Standard' - defaultIdentity: 'FirstPartyIdentity' - disableKeyBasedMetadataWriteAccess: false - disableLocalAuth: false - enableAnalyticalStorage: false - enableAutomaticFailover: false - enableFreeTier: false - enableMultipleWriteLocations: false - ipRules: [] - isVirtualNetworkFilterEnabled: false locations: [ { - failoverPriority: 0 isZoneRedundant: false locationName: 'West Europe' + failoverPriority: 0 } ] + capabilities: [] + disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false + enableFreeTier: false + isVirtualNetworkFilterEnabled: false networkAclBypass: 'None' + enableAutomaticFailover: false + enableMultipleWriteLocations: false + ipRules: [] + virtualNetworkRules: [] + defaultIdentity: 'FirstPartyIdentity' + enableAnalyticalStorage: false networkAclBypassResourceIds: [] publicNetworkAccess: 'Enabled' - virtualNetworkRules: [] } } resource sqlDatabase 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2021-10-15' = { - parent: databaseAccount name: resourceName + parent: databaseAccount properties: { + resource: { + id: '${resourceName}' + } options: { throughput: 400 } - resource: { - id: 'acctest0001' - } } } resource container 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers@2023-04-15' = { - parent: sqlDatabase name: resourceName + parent: sqlDatabase properties: { options: {} resource: { diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/storedprocedures/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/storedprocedures/main.bicep index e412697c..f6256b05 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/storedprocedures/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/storedprocedures/main.bicep @@ -6,22 +6,11 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { - capabilities: [] - consistencyPolicy: { - defaultConsistencyLevel: 'Session' - maxIntervalInSeconds: 5 - maxStalenessPrefix: 100 - } - databaseAccountOfferType: 'Standard' - defaultIdentity: 'FirstPartyIdentity' - disableKeyBasedMetadataWriteAccess: false + ipRules: [] + networkAclBypass: 'None' disableLocalAuth: false enableAnalyticalStorage: false - enableAutomaticFailover: false - enableFreeTier: false enableMultipleWriteLocations: false - ipRules: [] - isVirtualNetworkFilterEnabled: false locations: [ { failoverPriority: 0 @@ -29,31 +18,42 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { locationName: 'West Europe' } ] - networkAclBypass: 'None' + isVirtualNetworkFilterEnabled: false + capabilities: [] + consistencyPolicy: { + defaultConsistencyLevel: 'Session' + maxIntervalInSeconds: 5 + maxStalenessPrefix: 100 + } + defaultIdentity: 'FirstPartyIdentity' + disableKeyBasedMetadataWriteAccess: false + enableAutomaticFailover: false + enableFreeTier: false networkAclBypassResourceIds: [] + databaseAccountOfferType: 'Standard' publicNetworkAccess: 'Enabled' virtualNetworkRules: [] } } resource sqlDatabase 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2021-10-15' = { - parent: databaseAccount name: resourceName + parent: databaseAccount properties: { options: {} resource: { - id: 'acctest0001' + id: '${resourceName}' } } } resource container 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers@2023-04-15' = { - parent: sqlDatabase name: resourceName + parent: sqlDatabase properties: { options: {} resource: { - id: 'acctest0001' + id: '${resourceName}' partitionKey: { kind: 'Hash' paths: [ @@ -65,8 +65,8 @@ resource container 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/container } resource storedProcedure 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/storedProcedures@2021-10-15' = { - parent: container name: resourceName + parent: container properties: { options: {} resource: { @@ -76,7 +76,7 @@ resource storedProcedure 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/con response.setBody(''Hello, World''); } ''' - id: 'acctest0001' + id: '${resourceName}' } } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/triggers/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/triggers/main.bicep index e580ac3c..bf72d8bb 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/triggers/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/triggers/main.bicep @@ -1,59 +1,59 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { name: resourceName location: location kind: 'GlobalDocumentDB' properties: { - capabilities: [] consistencyPolicy: { defaultConsistencyLevel: 'Session' maxIntervalInSeconds: 5 maxStalenessPrefix: 100 } - databaseAccountOfferType: 'Standard' - defaultIdentity: 'FirstPartyIdentity' + isVirtualNetworkFilterEnabled: false + ipRules: [] + publicNetworkAccess: 'Enabled' disableKeyBasedMetadataWriteAccess: false - disableLocalAuth: false - enableAnalyticalStorage: false enableAutomaticFailover: false enableFreeTier: false - enableMultipleWriteLocations: false - ipRules: [] - isVirtualNetworkFilterEnabled: false locations: [ { - failoverPriority: 0 isZoneRedundant: false locationName: 'West Europe' + failoverPriority: 0 } ] networkAclBypass: 'None' networkAclBypassResourceIds: [] - publicNetworkAccess: 'Enabled' virtualNetworkRules: [] + capabilities: [] + databaseAccountOfferType: 'Standard' + defaultIdentity: 'FirstPartyIdentity' + disableLocalAuth: false + enableAnalyticalStorage: false + enableMultipleWriteLocations: false } } resource sqlDatabase 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2021-10-15' = { - parent: databaseAccount name: resourceName + parent: databaseAccount properties: { options: {} resource: { - id: 'acctest0001' + id: '${resourceName}' } } } resource container 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers@2023-04-15' = { - parent: sqlDatabase name: resourceName + parent: sqlDatabase properties: { options: {} resource: { - id: 'acctest0001' + id: '${resourceName}' partitionKey: { kind: 'Hash' paths: [ @@ -65,13 +65,13 @@ resource container 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/container } resource trigger 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/triggers@2021-10-15' = { - parent: container name: resourceName + parent: container properties: { options: {} resource: { body: 'function trigger(){}' - id: 'acctest0001' + id: '${resourceName}' triggerOperation: 'All' triggerType: 'Pre' } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/userdefinedfunctions/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/userdefinedfunctions/main.bicep index 4ee0c4fb..bbd9145a 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/userdefinedfunctions/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/userdefinedfunctions/main.bicep @@ -6,22 +6,10 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { - capabilities: [] - consistencyPolicy: { - defaultConsistencyLevel: 'Session' - maxIntervalInSeconds: 5 - maxStalenessPrefix: 100 - } databaseAccountOfferType: 'Standard' - defaultIdentity: 'FirstPartyIdentity' - disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false - enableAnalyticalStorage: false - enableAutomaticFailover: false - enableFreeTier: false - enableMultipleWriteLocations: false - ipRules: [] isVirtualNetworkFilterEnabled: false + defaultIdentity: 'FirstPartyIdentity' locations: [ { failoverPriority: 0 @@ -30,30 +18,42 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { } ] networkAclBypass: 'None' - networkAclBypassResourceIds: [] + capabilities: [] + disableKeyBasedMetadataWriteAccess: false + enableAutomaticFailover: false + enableFreeTier: false publicNetworkAccess: 'Enabled' virtualNetworkRules: [] + consistencyPolicy: { + defaultConsistencyLevel: 'Session' + maxIntervalInSeconds: 5 + maxStalenessPrefix: 100 + } + enableAnalyticalStorage: false + enableMultipleWriteLocations: false + ipRules: [] + networkAclBypassResourceIds: [] } } resource sqlDatabase 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2021-10-15' = { - parent: databaseAccount name: resourceName + parent: databaseAccount properties: { - options: {} resource: { - id: 'acctest0001' + id: '${resourceName}' } + options: {} } } resource container 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers@2023-04-15' = { - parent: sqlDatabase name: resourceName + parent: sqlDatabase properties: { options: {} resource: { - id: 'acctest0001' + id: '${resourceName}' partitionKey: { kind: 'Hash' paths: [ @@ -65,8 +65,8 @@ resource container 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/container } resource userDefinedFunction 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/userDefinedFunctions@2021-10-15' = { - parent: container name: resourceName + parent: container properties: { options: {} resource: { @@ -76,7 +76,7 @@ resource userDefinedFunction 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases response.setBody(''Hello, World''); } ''' - id: 'acctest0001' + id: '${resourceName}' } } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/main.bicep index a5d2f53d..76b0f888 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/main.bicep @@ -6,22 +6,22 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { + isVirtualNetworkFilterEnabled: false + networkAclBypass: 'None' + disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false + enableAnalyticalStorage: false + ipRules: [] + networkAclBypassResourceIds: [] + virtualNetworkRules: [] capabilities: [] consistencyPolicy: { - defaultConsistencyLevel: 'BoundedStaleness' maxIntervalInSeconds: 10 maxStalenessPrefix: 200 + defaultConsistencyLevel: 'BoundedStaleness' } - databaseAccountOfferType: 'Standard' defaultIdentity: 'FirstPartyIdentity' - disableKeyBasedMetadataWriteAccess: false - disableLocalAuth: false - enableAnalyticalStorage: false enableAutomaticFailover: false - enableFreeTier: false - enableMultipleWriteLocations: false - ipRules: [] - isVirtualNetworkFilterEnabled: false locations: [ { failoverPriority: 0 @@ -29,22 +29,22 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { locationName: 'West Europe' } ] - networkAclBypass: 'None' - networkAclBypassResourceIds: [] + databaseAccountOfferType: 'Standard' publicNetworkAccess: 'Enabled' - virtualNetworkRules: [] + enableFreeTier: false + enableMultipleWriteLocations: false } } resource sqlDatabase 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2021-10-15' = { - parent: databaseAccount name: resourceName + parent: databaseAccount properties: { options: { throughput: 400 } resource: { - id: 'acctest0001' + id: '${resourceName}' } } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroleassignments/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroleassignments/main.bicep index f2ac0313..94accaf9 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroleassignments/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroleassignments/main.bicep @@ -2,30 +2,8 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' resource sqlRoleDefinition 'Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions@2021-10-15' existing = { - parent: databaseAccount name: '00000000-0000-0000-0000-000000000001' -} - -resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { - name: resourceName - location: location - properties: { - enableAutoStop: true - enableDiskEncryption: false - enableDoubleEncryption: false - enablePurge: false - enableStreamingIngest: false - engineType: 'V2' - publicIPType: 'IPv4' - publicNetworkAccess: 'Enabled' - restrictOutboundNetworkAccess: 'Disabled' - trustedExternalTenants: [] - } - sku: { - capacity: 1 - name: 'Dev(No SLA)_Standard_D11_v2' - tier: 'Basic' - } + parent: databaseAccount } resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { @@ -33,22 +11,21 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { + enableFreeTier: false + databaseAccountOfferType: 'Standard' + disableKeyBasedMetadataWriteAccess: false + enableMultipleWriteLocations: false + isVirtualNetworkFilterEnabled: false + networkAclBypassResourceIds: [] + virtualNetworkRules: [] capabilities: [] consistencyPolicy: { defaultConsistencyLevel: 'Session' maxIntervalInSeconds: 5 maxStalenessPrefix: 100 } - databaseAccountOfferType: 'Standard' defaultIdentity: 'FirstPartyIdentity' - disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false - enableAnalyticalStorage: false - enableAutomaticFailover: false - enableFreeTier: false - enableMultipleWriteLocations: false - ipRules: [] - isVirtualNetworkFilterEnabled: false locations: [ { failoverPriority: 0 @@ -57,26 +34,49 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { } ] networkAclBypass: 'None' - networkAclBypassResourceIds: [] publicNetworkAccess: 'Enabled' - virtualNetworkRules: [] + enableAutomaticFailover: false + ipRules: [] + enableAnalyticalStorage: false } } -resource database 'Microsoft.Kusto/clusters/databases@2023-05-02' = { - parent: cluster - name: resourceName - location: location - kind: 'ReadWrite' - properties: {} -} - resource sqlRoleAssignment 'Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments@2021-10-15' = { - parent: databaseAccount name: 'ff419bf7-f8ca-ef51-00d2-3576700c341b' + parent: databaseAccount properties: { - principalId: cluster.properties.identity.principalId roleDefinitionId: sqlRoleDefinition.id scope: databaseAccount.id + principalId: cluster.identity.principalId + } +} + +resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { + name: resourceName + location: location + sku: { + tier: 'Basic' + capacity: 1 + name: 'Dev(No SLA)_Standard_D11_v2' } + properties: { + enablePurge: false + restrictOutboundNetworkAccess: 'Disabled' + enableDiskEncryption: false + enableDoubleEncryption: false + enableStreamingIngest: false + engineType: 'V2' + publicIPType: 'IPv4' + publicNetworkAccess: 'Enabled' + trustedExternalTenants: [] + enableAutoStop: true + } +} + +resource database 'Microsoft.Kusto/clusters/databases@2023-05-02' = { + name: resourceName + location: location + parent: cluster + kind: 'ReadWrite' + properties: {} } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroledefinitions/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroledefinitions/main.bicep index d27400e8..2e260e27 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroledefinitions/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroledefinitions/main.bicep @@ -6,22 +6,12 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { - capabilities: [] consistencyPolicy: { defaultConsistencyLevel: 'Strong' maxIntervalInSeconds: 5 maxStalenessPrefix: 100 } - databaseAccountOfferType: 'Standard' - defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false - disableLocalAuth: false - enableAnalyticalStorage: false - enableAutomaticFailover: false - enableFreeTier: false - enableMultipleWriteLocations: false - ipRules: [] - isVirtualNetworkFilterEnabled: false locations: [ { failoverPriority: 0 @@ -29,16 +19,26 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { locationName: 'West Europe' } ] + databaseAccountOfferType: 'Standard' + enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] + isVirtualNetworkFilterEnabled: false networkAclBypass: 'None' networkAclBypassResourceIds: [] publicNetworkAccess: 'Enabled' + capabilities: [] + disableLocalAuth: false + enableAnalyticalStorage: false virtualNetworkRules: [] + defaultIdentity: 'FirstPartyIdentity' + enableAutomaticFailover: false } } resource sqlRoleDefinition 'Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions@2021-10-15' = { - parent: databaseAccount name: 'c3ce1661-d0b9-3476-0a7c-2654ce2f3055' + parent: databaseAccount properties: { assignableScopes: [ databaseAccount.id @@ -50,7 +50,7 @@ resource sqlRoleDefinition 'Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinit ] } ] - roleName: 'acctest0001' + roleName: resourceName type: 'CustomRole' } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/tables/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/tables/main.bicep index 210b7112..36610180 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/tables/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/tables/main.bicep @@ -6,25 +6,23 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { - capabilities: [ - { - name: 'EnableTable' - } - ] consistencyPolicy: { defaultConsistencyLevel: 'Strong' maxIntervalInSeconds: 5 maxStalenessPrefix: 100 } - databaseAccountOfferType: 'Standard' defaultIdentity: 'FirstPartyIdentity' - disableKeyBasedMetadataWriteAccess: false - disableLocalAuth: false + publicNetworkAccess: 'Enabled' + virtualNetworkRules: [] + databaseAccountOfferType: 'Standard' enableAnalyticalStorage: false - enableAutomaticFailover: false - enableFreeTier: false enableMultipleWriteLocations: false ipRules: [] + networkAclBypass: 'None' + networkAclBypassResourceIds: [] + disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false + enableAutomaticFailover: false isVirtualNetworkFilterEnabled: false locations: [ { @@ -33,20 +31,22 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { locationName: 'West Europe' } ] - networkAclBypass: 'None' - networkAclBypassResourceIds: [] - publicNetworkAccess: 'Enabled' - virtualNetworkRules: [] + capabilities: [ + { + name: 'EnableTable' + } + ] + enableFreeTier: false } } resource table 'Microsoft.DocumentDB/databaseAccounts/tables@2021-10-15' = { - parent: databaseAccount name: resourceName + parent: databaseAccount properties: { options: {} resource: { - id: 'acctest0001' + id: '${resourceName}' } } } diff --git a/settings/remarks/microsoft.documentdb/samples/mongoclusters/firewallrules/main.bicep b/settings/remarks/microsoft.documentdb/samples/mongoclusters/firewallrules/main.bicep index 69e3ef43..c6581ca2 100644 --- a/settings/remarks/microsoft.documentdb/samples/mongoclusters/firewallrules/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/mongoclusters/firewallrules/main.bicep @@ -5,21 +5,12 @@ resource mongoCluster 'Microsoft.DocumentDB/mongoClusters@2025-09-01' = { name: resourceName location: location properties: { - authConfig: { - allowedModes: [ - 'MicrosoftEntraID' - ] - } compute: { tier: 'M40' } highAvailability: { targetMode: 'Disabled' } - previewFeatures: [ - 'ShardRebalancer' - ] - publicNetworkAccess: 'Enabled' serverVersion: '5.0' sharding: { shardCount: 1 @@ -27,12 +18,21 @@ resource mongoCluster 'Microsoft.DocumentDB/mongoClusters@2025-09-01' = { storage: { sizeGb: 32 } + authConfig: { + allowedModes: [ + 'MicrosoftEntraID' + ] + } + previewFeatures: [ + 'ShardRebalancer' + ] + publicNetworkAccess: 'Enabled' } } resource firewallRule 'Microsoft.DocumentDB/mongoClusters/firewallRules@2025-09-01' = { - parent: mongoCluster name: resourceName + parent: mongoCluster properties: { endIpAddress: '0.0.0.0' startIpAddress: '0.0.0.0' diff --git a/settings/remarks/microsoft.documentdb/samples/mongoclusters/users/main.bicep b/settings/remarks/microsoft.documentdb/samples/mongoclusters/users/main.bicep index b5f1dd2e..f8153c73 100644 --- a/settings/remarks/microsoft.documentdb/samples/mongoclusters/users/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/mongoclusters/users/main.bicep @@ -22,8 +22,8 @@ resource mongoClusterSSDv2 'Microsoft.DocumentDB/mongoClusters@2025-09-01' = { shardCount: 1 } storage: { - sizeGb: 64 type: 'PremiumSSDv2' + sizeGb: 64 } } } @@ -34,8 +34,8 @@ resource userAssignedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@ } resource mongouserEntraserviceprincipal 'Microsoft.DocumentDB/mongoClusters/users@2025-09-01' = { + name: 'azapi_resource.userAssignedIdentity.output.properties.principalId' parent: mongoClusterSSDv2 - name: 'userAssignedIdentity.properties.principalId' properties: { identityProvider: { properties: { @@ -45,8 +45,8 @@ resource mongouserEntraserviceprincipal 'Microsoft.DocumentDB/mongoClusters/user } roles: [ { - db: 'admin' role: 'root' + db: 'admin' } ] } diff --git a/settings/remarks/microsoft.elasticsan/samples/elasticsans/main.bicep b/settings/remarks/microsoft.elasticsan/samples/elasticsans/main.bicep index 9e0b659a..bf006e9a 100644 --- a/settings/remarks/microsoft.elasticsan/samples/elasticsans/main.bicep +++ b/settings/remarks/microsoft.elasticsan/samples/elasticsans/main.bicep @@ -1,15 +1,15 @@ -param resourceName string = 'acctest0001' param location string = 'westus' +param resourceName string = 'acctest0001' resource elasticSan 'Microsoft.ElasticSan/elasticSans@2023-01-01' = { name: resourceName location: location properties: { - baseSizeTiB: 1 extendedCapacitySizeTiB: 0 sku: { name: 'Premium_LRS' tier: 'Premium' } + baseSizeTiB: 1 } } diff --git a/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/main.bicep b/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/main.bicep index c9205983..53573992 100644 --- a/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/main.bicep +++ b/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/main.bicep @@ -15,8 +15,8 @@ resource elasticSan 'Microsoft.ElasticSan/elasticSans@2023-01-01' = { } resource volumeGroup 'Microsoft.ElasticSan/elasticSans/volumeGroups@2023-01-01' = { - parent: elasticSan name: '${resourceName}-vg' + parent: elasticSan properties: { encryption: 'EncryptionAtRestWithPlatformKey' networkAcls: { diff --git a/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/volumes/main.bicep b/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/volumes/main.bicep index ab0d9770..fcf2c59d 100644 --- a/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/volumes/main.bicep +++ b/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/volumes/main.bicep @@ -5,30 +5,30 @@ resource elasticSan 'Microsoft.ElasticSan/elasticSans@2023-01-01' = { name: '${resourceName}-es' location: location properties: { - baseSizeTiB: 1 extendedCapacitySizeTiB: 0 sku: { name: 'Premium_LRS' tier: 'Premium' } + baseSizeTiB: 1 } } resource volumeGroup 'Microsoft.ElasticSan/elasticSans/volumeGroups@2023-01-01' = { - parent: elasticSan name: '${resourceName}-vg' + parent: elasticSan properties: { + protocolType: 'Iscsi' encryption: 'EncryptionAtRestWithPlatformKey' networkAcls: { virtualNetworkRules: [] } - protocolType: 'Iscsi' } } resource volume 'Microsoft.ElasticSan/elasticSans/volumeGroups/volumes@2023-01-01' = { - parent: volumeGroup name: '${resourceName}-v' + parent: volumeGroup properties: { sizeGiB: 1 } diff --git a/settings/remarks/microsoft.eventgrid/samples/domains/main.bicep b/settings/remarks/microsoft.eventgrid/samples/domains/main.bicep index a9c9a9ec..4725dd49 100644 --- a/settings/remarks/microsoft.eventgrid/samples/domains/main.bicep +++ b/settings/remarks/microsoft.eventgrid/samples/domains/main.bicep @@ -5,11 +5,11 @@ resource domain 'Microsoft.EventGrid/domains@2021-12-01' = { name: resourceName location: location properties: { + inputSchemaMapping: null + publicNetworkAccess: 'Enabled' autoCreateTopicWithFirstSubscription: true autoDeleteTopicWithLastSubscription: true disableLocalAuth: false inputSchema: 'EventGridSchema' - inputSchemaMapping: null - publicNetworkAccess: 'Enabled' } } diff --git a/settings/remarks/microsoft.eventgrid/samples/domains/topics/main.bicep b/settings/remarks/microsoft.eventgrid/samples/domains/topics/main.bicep index 200dc074..d2a95d58 100644 --- a/settings/remarks/microsoft.eventgrid/samples/domains/topics/main.bicep +++ b/settings/remarks/microsoft.eventgrid/samples/domains/topics/main.bicep @@ -15,6 +15,6 @@ resource domain 'Microsoft.EventGrid/domains@2021-12-01' = { } resource topic 'Microsoft.EventGrid/domains/topics@2021-12-01' = { - parent: domain name: resourceName + parent: domain } diff --git a/settings/remarks/microsoft.eventgrid/samples/eventsubscriptions/main.bicep b/settings/remarks/microsoft.eventgrid/samples/eventsubscriptions/main.bicep index cb0ed3cd..7a6ae55b 100644 --- a/settings/remarks/microsoft.eventgrid/samples/eventsubscriptions/main.bicep +++ b/settings/remarks/microsoft.eventgrid/samples/eventsubscriptions/main.bicep @@ -1,17 +1,52 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + properties: { + allowBlobPublicAccess: true + allowCrossTenantReplication: true + encryption: { + keySource: 'Microsoft.Storage' + services: { + queue: { + keyType: 'Service' + } + table: { + keyType: 'Service' + } + } + } + isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true + accessTier: 'Hot' + } +} + resource eventSubscription 'Microsoft.EventGrid/eventSubscriptions@2021-12-01' = { - scope: storageAccount name: resourceName + scope: storageAccount properties: { deadLetterDestination: null destination: { - endpointType: 'EventHub' properties: { deliveryAttributeMappings: null - resourceId: eventhub.id } + endpointType: 'EventHub' } eventDeliverySchema: 'EventGridSchema' filter: { @@ -31,58 +66,22 @@ resource eventSubscription 'Microsoft.EventGrid/eventSubscriptions@2021-12-01' = resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName location: location - properties: { - disableLocalAuth: false - isAutoInflateEnabled: false - publicNetworkAccess: 'Enabled' - zoneRedundant: false - } sku: { capacity: 1 name: 'Standard' tier: 'Standard' } -} - -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - kind: 'StorageV2' properties: { - accessTier: 'Hot' - allowBlobPublicAccess: true - allowCrossTenantReplication: true - allowSharedKeyAccess: true - defaultToOAuthAuthentication: false - encryption: { - keySource: 'Microsoft.Storage' - services: { - queue: { - keyType: 'Service' - } - table: { - keyType: 'Service' - } - } - } - isHnsEnabled: false - isNfsV3Enabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' - networkAcls: { - defaultAction: 'Allow' - } + disableLocalAuth: false + isAutoInflateEnabled: false publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' + zoneRedundant: false } } resource eventhub 'Microsoft.EventHub/namespaces/eventhubs@2021-11-01' = { - parent: namespace name: resourceName + parent: namespace properties: { messageRetentionInDays: 1 partitionCount: 1 diff --git a/settings/remarks/microsoft.eventgrid/samples/namespaces/main.bicep b/settings/remarks/microsoft.eventgrid/samples/namespaces/main.bicep index cac8743f..e59655c9 100644 --- a/settings/remarks/microsoft.eventgrid/samples/namespaces/main.bicep +++ b/settings/remarks/microsoft.eventgrid/samples/namespaces/main.bicep @@ -4,11 +4,11 @@ param location string = 'westus' resource namespace 'Microsoft.EventGrid/namespaces@2023-12-15-preview' = { name: '${resourceName}-ns' location: location - properties: { - publicNetworkAccess: 'Enabled' - } sku: { capacity: 1 name: 'Standard' } + properties: { + publicNetworkAccess: 'Enabled' + } } diff --git a/settings/remarks/microsoft.eventgrid/samples/systemtopics/eventsubscriptions/main.bicep b/settings/remarks/microsoft.eventgrid/samples/systemtopics/eventsubscriptions/main.bicep index 41576cfc..de155e9b 100644 --- a/settings/remarks/microsoft.eventgrid/samples/systemtopics/eventsubscriptions/main.bicep +++ b/settings/remarks/microsoft.eventgrid/samples/systemtopics/eventsubscriptions/main.bicep @@ -1,23 +1,35 @@ param resourceName string = 'acctest0001' param location string = 'westus' -var storageAccountName = '${resourceName}sa01' -var queueName = '${resourceName}queue' -var eventSubscription1Name = '${resourceName}-es1' -var eventSubscription2Name = '${resourceName}-es2' -var systemTopicName = '${resourceName}-st' +var queueServiceId = '${storageAccount.id}/queueServices/default' +var storageAccountName = 'resourceNamesa01' +var queueName = 'resourceNamequeue' +var eventSubscription1Name = 'resourceName-es1' +var eventSubscription2Name = 'resourceName-es2' +var systemTopicName = 'resourceName-st' + +resource systemTopic 'Microsoft.EventGrid/systemTopics@2022-06-15' = { + name: systemTopicName + location: 'global' + properties: { + source: resourceGroup().id + topicType: 'Microsoft.Resources.ResourceGroups' + } +} resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { name: storageAccountName location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { - accessTier: 'Hot' - allowBlobPublicAccess: true allowCrossTenantReplication: false + isNfsV3Enabled: false + minimumTlsVersion: 'TLS1_2' + allowBlobPublicAccess: true allowSharedKeyAccess: true - defaultToOAuthAuthentication: false - dnsEndpointType: 'Standard' encryption: { keySource: 'Microsoft.Storage' services: { @@ -29,11 +41,7 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } } } - isHnsEnabled: false isLocalUserEnabled: true - isNfsV3Enabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' networkAcls: { bypass: 'AzureServices' defaultAction: 'Allow' @@ -41,26 +49,29 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { resourceAccessRules: [] virtualNetworkRules: [] } - publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' + defaultToOAuthAuthentication: false + dnsEndpointType: 'Standard' + isHnsEnabled: false + isSftpEnabled: false + publicNetworkAccess: 'Enabled' + accessTier: 'Hot' } } -resource systemTopic 'Microsoft.EventGrid/systemTopics@2022-06-15' = { - name: systemTopicName - location: 'global' - properties: { - source: resourceGroup().id - topicType: 'Microsoft.Resources.ResourceGroups' - } +resource queue 'Microsoft.Storage/storageAccounts/queueServices/queues@2023-05-01' = { + name: queueName + dependsOn: [ + storageAccount + ] } resource eventSubscription 'Microsoft.EventGrid/systemTopics/eventSubscriptions@2022-06-15' = { - parent: systemTopic name: eventSubscription1Name + parent: systemTopic + dependsOn: [ + queue + ] properties: { deadLetterDestination: null destination: { @@ -76,28 +87,30 @@ resource eventSubscription 'Microsoft.EventGrid/systemTopics/eventSubscriptions@ { key: 'subject' operatorType: 'StringBeginsWith' - values: ['foo'] + values: [ + 'foo' + ] } ] } labels: [] } - dependsOn: [ - queue - ] } resource eventsubscription1 'Microsoft.EventGrid/systemTopics/eventSubscriptions@2022-06-15' = { - parent: systemTopic name: eventSubscription2Name + parent: systemTopic + dependsOn: [ + queue + ] properties: { deadLetterDestination: null destination: { - endpointType: 'StorageQueue' properties: { queueName: queueName resourceId: storageAccount.id } + endpointType: 'StorageQueue' } eventDeliverySchema: 'EventGridSchema' filter: { @@ -105,28 +118,12 @@ resource eventsubscription1 'Microsoft.EventGrid/systemTopics/eventSubscriptions { key: 'subject' operatorType: 'StringEndsWith' - values: ['bar'] + values: [ + 'bar' + ] } ] } labels: [] } - dependsOn: [ - queue - ] -} - -// The queue service is a singleton named 'default' under the storage account -resource queueService 'Microsoft.Storage/storageAccounts/queueServices@2023-05-01' existing = { - parent: storageAccount - name: 'default' -} - -resource queue 'Microsoft.Storage/storageAccounts/queueServices/queues@2023-05-01' = { - parent: queueService - name: queueName - - dependsOn: [ - storageAccount - ] } diff --git a/settings/remarks/microsoft.eventgrid/samples/systemtopics/main.bicep b/settings/remarks/microsoft.eventgrid/samples/systemtopics/main.bicep index 02267b1a..db3c1e98 100644 --- a/settings/remarks/microsoft.eventgrid/samples/systemtopics/main.bicep +++ b/settings/remarks/microsoft.eventgrid/samples/systemtopics/main.bicep @@ -1,4 +1,5 @@ param resourceName string = 'acctest0001' +param location string = 'westeurope' resource systemTopic 'Microsoft.EventGrid/systemTopics@2021-12-01' = { name: resourceName diff --git a/settings/remarks/microsoft.eventgrid/samples/topics/main.bicep b/settings/remarks/microsoft.eventgrid/samples/topics/main.bicep index 7d52cb0d..7036e6b5 100644 --- a/settings/remarks/microsoft.eventgrid/samples/topics/main.bicep +++ b/settings/remarks/microsoft.eventgrid/samples/topics/main.bicep @@ -5,9 +5,9 @@ resource topic 'Microsoft.EventGrid/topics@2021-12-01' = { name: resourceName location: location properties: { - disableLocalAuth: false - inputSchema: 'EventGridSchema' inputSchemaMapping: null publicNetworkAccess: 'Enabled' + disableLocalAuth: false + inputSchema: 'EventGridSchema' } } diff --git a/settings/remarks/microsoft.eventhub/samples/namespaces/authorizationrules/main.bicep b/settings/remarks/microsoft.eventhub/samples/namespaces/authorizationrules/main.bicep index b2e9ba33..23d2c1d0 100644 --- a/settings/remarks/microsoft.eventhub/samples/namespaces/authorizationrules/main.bicep +++ b/settings/remarks/microsoft.eventhub/samples/namespaces/authorizationrules/main.bicep @@ -4,22 +4,22 @@ param location string = 'westeurope' resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName location: location + sku: { + tier: 'Basic' + capacity: 1 + name: 'Basic' + } properties: { disableLocalAuth: false isAutoInflateEnabled: false publicNetworkAccess: 'Enabled' zoneRedundant: false } - sku: { - capacity: 1 - name: 'Basic' - tier: 'Basic' - } } resource authorizationRule 'Microsoft.EventHub/namespaces/authorizationRules@2021-11-01' = { - parent: namespace name: resourceName + parent: namespace properties: { rights: [ 'Listen' diff --git a/settings/remarks/microsoft.eventhub/samples/namespaces/disasterrecoveryconfigs/main.bicep b/settings/remarks/microsoft.eventhub/samples/namespaces/disasterrecoveryconfigs/main.bicep index e6831c27..1a83569a 100644 --- a/settings/remarks/microsoft.eventhub/samples/namespaces/disasterrecoveryconfigs/main.bicep +++ b/settings/remarks/microsoft.eventhub/samples/namespaces/disasterrecoveryconfigs/main.bicep @@ -4,37 +4,38 @@ param location string = 'westeurope' resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName location: location - properties: { - disableLocalAuth: false - isAutoInflateEnabled: false - publicNetworkAccess: 'Enabled' - zoneRedundant: false - } sku: { capacity: 1 name: 'Standard' tier: 'Standard' } -} - -resource namespace2 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { - name: resourceName properties: { - disableLocalAuth: false - isAutoInflateEnabled: false publicNetworkAccess: 'Enabled' zoneRedundant: false + disableLocalAuth: false + isAutoInflateEnabled: false } +} + +resource namespace2 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { + name: resourceName + location: 'westus2' sku: { capacity: 1 name: 'Standard' tier: 'Standard' } + properties: { + publicNetworkAccess: 'Enabled' + zoneRedundant: false + disableLocalAuth: false + isAutoInflateEnabled: false + } } resource disasterRecoveryConfig 'Microsoft.EventHub/namespaces/disasterRecoveryConfigs@2021-11-01' = { - parent: namespace name: resourceName + parent: namespace properties: { partnerNamespace: namespace2.id } diff --git a/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/authorizationrules/main.bicep b/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/authorizationrules/main.bicep index 8101f1a7..8e795956 100644 --- a/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/authorizationrules/main.bicep +++ b/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/authorizationrules/main.bicep @@ -1,25 +1,25 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName location: location - properties: { - disableLocalAuth: false - isAutoInflateEnabled: false - publicNetworkAccess: 'Enabled' - zoneRedundant: false - } sku: { capacity: 1 name: 'Basic' tier: 'Basic' } + properties: { + zoneRedundant: false + disableLocalAuth: false + isAutoInflateEnabled: false + publicNetworkAccess: 'Enabled' + } } resource eventhub 'Microsoft.EventHub/namespaces/eventhubs@2021-11-01' = { - parent: namespace name: resourceName + parent: namespace properties: { messageRetentionInDays: 1 partitionCount: 2 @@ -28,8 +28,8 @@ resource eventhub 'Microsoft.EventHub/namespaces/eventhubs@2021-11-01' = { } resource authorizationRule 'Microsoft.EventHub/namespaces/eventhubs/authorizationRules@2021-11-01' = { - parent: eventhub name: resourceName + parent: eventhub properties: { rights: [ 'Send' diff --git a/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/consumergroups/main.bicep b/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/consumergroups/main.bicep index 044a8065..be576c42 100644 --- a/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/consumergroups/main.bicep +++ b/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/consumergroups/main.bicep @@ -4,22 +4,22 @@ param location string = 'westeurope' resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName location: location - properties: { - disableLocalAuth: false - isAutoInflateEnabled: false - publicNetworkAccess: 'Enabled' - zoneRedundant: false - } sku: { capacity: 1 name: 'Standard' tier: 'Standard' } + properties: { + isAutoInflateEnabled: false + publicNetworkAccess: 'Enabled' + zoneRedundant: false + disableLocalAuth: false + } } resource eventhub 'Microsoft.EventHub/namespaces/eventhubs@2021-11-01' = { - parent: namespace name: resourceName + parent: namespace properties: { messageRetentionInDays: 1 partitionCount: 2 @@ -28,8 +28,8 @@ resource eventhub 'Microsoft.EventHub/namespaces/eventhubs@2021-11-01' = { } resource consumerGroup 'Microsoft.EventHub/namespaces/eventhubs/consumerGroups@2021-11-01' = { - parent: eventhub name: resourceName + parent: eventhub properties: { userMetadata: '' } diff --git a/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/main.bicep b/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/main.bicep index 423bc654..1f75b415 100644 --- a/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/main.bicep +++ b/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/main.bicep @@ -1,25 +1,25 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName location: location + sku: { + tier: 'Standard' + capacity: 1 + name: 'Standard' + } properties: { disableLocalAuth: false isAutoInflateEnabled: false publicNetworkAccess: 'Enabled' zoneRedundant: false } - sku: { - capacity: 1 - name: 'Standard' - tier: 'Standard' - } } resource eventhub 'Microsoft.EventHub/namespaces/eventhubs@2021-11-01' = { - parent: namespace name: resourceName + parent: namespace properties: { messageRetentionInDays: 1 partitionCount: 2 diff --git a/settings/remarks/microsoft.eventhub/samples/namespaces/main.bicep b/settings/remarks/microsoft.eventhub/samples/namespaces/main.bicep index e41aea1f..eb6da542 100644 --- a/settings/remarks/microsoft.eventhub/samples/namespaces/main.bicep +++ b/settings/remarks/microsoft.eventhub/samples/namespaces/main.bicep @@ -4,15 +4,15 @@ param location string = 'westeurope' resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName location: location - properties: { - disableLocalAuth: false - isAutoInflateEnabled: false - publicNetworkAccess: 'Enabled' - zoneRedundant: false - } sku: { capacity: 1 name: 'Standard' tier: 'Standard' } + properties: { + isAutoInflateEnabled: false + publicNetworkAccess: 'Enabled' + zoneRedundant: false + disableLocalAuth: false + } } diff --git a/settings/remarks/microsoft.eventhub/samples/namespaces/schemagroups/main.bicep b/settings/remarks/microsoft.eventhub/samples/namespaces/schemagroups/main.bicep index b61787f7..77283c9e 100644 --- a/settings/remarks/microsoft.eventhub/samples/namespaces/schemagroups/main.bicep +++ b/settings/remarks/microsoft.eventhub/samples/namespaces/schemagroups/main.bicep @@ -4,22 +4,22 @@ param location string = 'westeurope' resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Standard' + tier: 'Standard' + } properties: { disableLocalAuth: false isAutoInflateEnabled: false publicNetworkAccess: 'Enabled' zoneRedundant: false } - sku: { - capacity: 1 - name: 'Standard' - tier: 'Standard' - } } resource schemaGroup 'Microsoft.EventHub/namespaces/schemaGroups@2021-11-01' = { - parent: namespace name: resourceName + parent: namespace properties: { schemaCompatibility: 'Forward' schemaType: 'Avro' diff --git a/settings/remarks/microsoft.guestconfiguration/samples/guestconfigurationassignments/main.bicep b/settings/remarks/microsoft.guestconfiguration/samples/guestconfigurationassignments/main.bicep index 212e175b..356e312e 100644 --- a/settings/remarks/microsoft.guestconfiguration/samples/guestconfigurationassignments/main.bicep +++ b/settings/remarks/microsoft.guestconfiguration/samples/guestconfigurationassignments/main.bicep @@ -4,27 +4,6 @@ param location string = 'westeurope' @description('The administrator password for the virtual machine') param adminPassword string -resource guestConfigurationAssignment 'Microsoft.GuestConfiguration/guestConfigurationAssignments@2020-06-25' = { - scope: virtualMachine - name: 'WhitelistedApplication' - location: location - properties: { - guestConfiguration: { - assignmentType: '' - configurationParameter: [ - { - name: '[InstalledApplication]bwhitelistedapp;Name' - value: 'NotePad,sql' - } - ] - contentHash: '' - contentUri: '' - name: 'WhitelistedApplication' - version: '1.*' - } - } -} - resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { name: resourceName location: location @@ -38,9 +17,7 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { primary: true privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - subnet: { - id: subnet.id - } + subnet: {} } } ] @@ -51,17 +28,12 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { name: resourceName location: location properties: { - additionalCapabilities: {} - applicationProfile: { - galleryApplications: [] - } diagnosticsProfile: { bootDiagnostics: { - enabled: false storageUri: '' + enabled: false } } - extensionsTimeBudget: 'PT1H30M' hardwareProfile: { vmSize: 'Standard_F2' } @@ -76,23 +48,23 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { ] } osProfile: { - adminPassword: null - adminUsername: 'adminuser' - allowExtensionOperations: true computerName: 'acctestvmdro23' secrets: [] windowsConfiguration: { enableAutomaticUpdates: true patchSettings: { - assessmentMode: 'ImageDefault' enableHotpatching: false patchMode: 'AutomaticByOS' + assessmentMode: 'ImageDefault' } provisionVMAgent: true winRM: { listeners: [] } } + adminPassword: adminPassword + adminUsername: 'adminuser' + allowExtensionOperations: true } priority: 'Regular' storageProfile: { @@ -104,15 +76,20 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { version: 'latest' } osDisk: { - caching: 'ReadWrite' - createOption: 'FromImage' managedDisk: { storageAccountType: 'Standard_LRS' } osType: 'Windows' writeAcceleratorEnabled: false + caching: 'ReadWrite' + createOption: 'FromImage' } } + additionalCapabilities: {} + applicationProfile: { + galleryApplications: [] + } + extensionsTimeBudget: 'PT1H30M' } } @@ -133,14 +110,35 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: 'internal' + parent: virtualNetwork properties: { + serviceEndpoints: [] addressPrefix: '10.0.2.0/24' delegations: [] privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] - serviceEndpoints: [] + } +} + +resource guestConfigurationAssignment 'Microsoft.GuestConfiguration/guestConfigurationAssignments@2020-06-25' = { + name: 'WhitelistedApplication' + location: location + scope: virtualMachine + properties: { + guestConfiguration: { + contentHash: '' + contentUri: '' + name: 'WhitelistedApplication' + version: '1.*' + assignmentType: '' + configurationParameter: [ + { + name: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} + value: 'NotePad,sql' + } + ] + } } } diff --git a/settings/remarks/microsoft.hdinsight/samples/clusters/main.bicep b/settings/remarks/microsoft.hdinsight/samples/clusters/main.bicep index ce8260ec..887625ef 100644 --- a/settings/remarks/microsoft.hdinsight/samples/clusters/main.bicep +++ b/settings/remarks/microsoft.hdinsight/samples/clusters/main.bicep @@ -1,3 +1,6 @@ +@secure() +@description('The REST API credential password for the HDInsight cluster gateway') +param restCredentialPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The username for the HDInsight cluster virtual machines') @@ -5,19 +8,31 @@ param vmUsername string @secure() @description('The password for the HDInsight cluster virtual machines') param vmPassword string -@secure() -@description('The REST API credential password for the HDInsight cluster gateway') -param restCredentialPassword string resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { - parent: storageAccount name: 'default' + parent: storageAccount +} + +resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { + name: resourceName + parent: blobService + properties: { + metadata: { + key: 'value' + } + } } resource cluster 'Microsoft.HDInsight/clusters@2018-06-01-preview' = { name: resourceName location: location properties: { + encryptionInTransitProperties: { + isEncryptionInTransitEnabled: false + } + osType: 'Linux' + tier: 'standard' clusterDefinition: { componentVersion: { Spark: '2.4' @@ -31,23 +46,34 @@ resource cluster 'Microsoft.HDInsight/clusters@2018-06-01-preview' = { } kind: 'Spark' } + minSupportedTlsVersion: '1.2' + storageProfile: { + storageaccounts: [ + { + isDefault: true + key: storageAccount.listKeys().keys[0].value + name: '.blob.core.windows.net' + } + ] + } clusterVersion: '4.0.3000.1' computeProfile: { roles: [ { - hardwareProfile: { - vmSize: 'standard_a4_v2' - } - name: 'headnode' osProfile: { linuxOperatingSystemProfile: { - password: vmPassword username: vmUsername + password: vmPassword } } targetInstanceCount: 2 + hardwareProfile: { + vmSize: 'standard_a4_v2' + } + name: 'headnode' } { + targetInstanceCount: 3 hardwareProfile: { vmSize: 'standard_a4_v2' } @@ -58,9 +84,9 @@ resource cluster 'Microsoft.HDInsight/clusters@2018-06-01-preview' = { username: vmUsername } } - targetInstanceCount: 3 } { + targetInstanceCount: 3 hardwareProfile: { vmSize: 'standard_a2_v2' } @@ -71,40 +97,23 @@ resource cluster 'Microsoft.HDInsight/clusters@2018-06-01-preview' = { username: vmUsername } } - targetInstanceCount: 3 } ] } - encryptionInTransitProperties: { - isEncryptionInTransitEnabled: false - } - minSupportedTlsVersion: '1.2' - osType: 'Linux' - storageProfile: { - storageaccounts: [ - { - container: container.name - isDefault: true - key: storageAccount.listKeys().keys[0].value - name: '${storageAccount.name}.blob.core.windows.net' - resourceId: storageAccount.id - } - ] - } - tier: 'standard' } } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { accessTier: 'Hot' - allowBlobPublicAccess: true allowCrossTenantReplication: true allowSharedKeyAccess: true - defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -116,27 +125,16 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } - isHnsEnabled: false isNfsV3Enabled: false isSftpEnabled: false minimumTlsVersion: 'TLS1_2' + publicNetworkAccess: 'Enabled' + allowBlobPublicAccess: true + defaultToOAuthAuthentication: false + isHnsEnabled: false networkAcls: { defaultAction: 'Allow' } - publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true } - sku: { - name: 'Standard_LRS' - } -} - -resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - parent: blobService - name: resourceName - properties: { - metadata: { - key: 'value' - } - } } diff --git a/settings/remarks/microsoft.healthcareapis/samples/services/main.bicep b/settings/remarks/microsoft.healthcareapis/samples/services/main.bicep index 47827fb8..6cdc8773 100644 --- a/settings/remarks/microsoft.healthcareapis/samples/services/main.bicep +++ b/settings/remarks/microsoft.healthcareapis/samples/services/main.bicep @@ -6,6 +6,10 @@ resource service 'Microsoft.HealthcareApis/services@2022-12-01' = { location: location kind: 'fhir' properties: { + cosmosDbConfiguration: { + offerThroughput: 1000 + } + publicNetworkAccess: 'Enabled' accessPolicies: [ { objectId: deployer().objectId @@ -13,9 +17,5 @@ resource service 'Microsoft.HealthcareApis/services@2022-12-01' = { ] authenticationConfiguration: {} corsConfiguration: {} - cosmosDbConfiguration: { - offerThroughput: 1000 - } - publicNetworkAccess: 'Enabled' } } diff --git a/settings/remarks/microsoft.healthcareapis/samples/workspaces/dicomservices/main.bicep b/settings/remarks/microsoft.healthcareapis/samples/workspaces/dicomservices/main.bicep index 1be52aff..e7634a40 100644 --- a/settings/remarks/microsoft.healthcareapis/samples/workspaces/dicomservices/main.bicep +++ b/settings/remarks/microsoft.healthcareapis/samples/workspaces/dicomservices/main.bicep @@ -7,9 +7,9 @@ resource workspace 'Microsoft.HealthcareApis/workspaces@2022-12-01' = { } resource dicomService 'Microsoft.HealthcareApis/workspaces/dicomServices@2022-12-01' = { - parent: workspace name: resourceName location: location + parent: workspace properties: { publicNetworkAccess: 'Enabled' } diff --git a/settings/remarks/microsoft.healthcareapis/samples/workspaces/fhirservices/main.bicep b/settings/remarks/microsoft.healthcareapis/samples/workspaces/fhirservices/main.bicep index 3fb569c6..affcbe04 100644 --- a/settings/remarks/microsoft.healthcareapis/samples/workspaces/fhirservices/main.bicep +++ b/settings/remarks/microsoft.healthcareapis/samples/workspaces/fhirservices/main.bicep @@ -7,16 +7,16 @@ resource workspace 'Microsoft.HealthcareApis/workspaces@2022-12-01' = { } resource fhirService 'Microsoft.HealthcareApis/workspaces/fhirServices@2022-12-01' = { - parent: workspace name: resourceName location: location + parent: workspace kind: 'fhir-R4' properties: { acrConfiguration: {} authenticationConfiguration: { - audience: 'https://acctestfhir.fhir.azurehealthcareapis.com' - authority: 'https://login.microsoftonline.com/deployer().tenantId' + authority: 'https://login.microsoftonline.com/${tenant().tenantId}' smartProxyEnabled: false + audience: 'https://acctestfhir.fhir.azurehealthcareapis.com' } corsConfiguration: { allowCredentials: false @@ -28,9 +28,9 @@ resource fhirService 'Microsoft.HealthcareApis/workspaces/fhirServices@2022-12-0 } resource fhirService2 'Microsoft.HealthcareApis/workspaces/fhirServices@2022-12-01' = { - parent: workspace name: resourceName location: location + parent: workspace kind: 'fhir-R4' properties: { acrConfiguration: {} diff --git a/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/fhirdestinations/main.bicep b/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/fhirdestinations/main.bicep index f2bcb8fc..08347146 100644 --- a/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/fhirdestinations/main.bicep +++ b/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/fhirdestinations/main.bicep @@ -4,86 +4,85 @@ param location string = 'westeurope' resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Standard' + tier: 'Standard' + } properties: { disableLocalAuth: false isAutoInflateEnabled: false publicNetworkAccess: 'Enabled' zoneRedundant: false } - sku: { - capacity: 1 - name: 'Standard' - tier: 'Standard' - } -} - -resource workspace 'Microsoft.HealthcareApis/workspaces@2022-12-01' = { - name: resourceName - location: location } resource eventhub 'Microsoft.EventHub/namespaces/eventhubs@2021-11-01' = { - parent: namespace name: resourceName + parent: namespace properties: { + status: 'Active' messageRetentionInDays: 1 partitionCount: 2 - status: 'Active' } } +resource workspace 'Microsoft.HealthcareApis/workspaces@2022-12-01' = { + name: resourceName + location: location +} + resource fhirService 'Microsoft.HealthcareApis/workspaces/fhirServices@2022-12-01' = { - parent: workspace name: resourceName location: location + parent: workspace kind: 'fhir-R4' properties: { acrConfiguration: {} authenticationConfiguration: { audience: 'https://acctestfhir.fhir.azurehealthcareapis.com' - authority: 'https://login.microsoftonline.com/deployer().tenantId' + authority: 'https://login.microsoftonline.com/${tenant().tenantId}' smartProxyEnabled: false } corsConfiguration: { - allowCredentials: false headers: [] methods: [] origins: [] + allowCredentials: false } } } resource iotConnector 'Microsoft.HealthcareApis/workspaces/iotConnectors@2022-12-01' = { - parent: workspace name: resourceName location: location + parent: workspace properties: { + ingestionEndpointConfiguration: { + eventHubName: eventhub.name + fullyQualifiedEventHubNamespace: '${namespace.name}.servicebus.windows.net' + } deviceMapping: { content: { template: [] templateType: 'CollectionContent' } } - ingestionEndpointConfiguration: { - consumerGroup: consumerGroup.id - eventHubName: eventhub.name - fullyQualifiedEventHubNamespace: '${namespace.name}.servicebus.windows.net' - } } } resource consumerGroup 'Microsoft.EventHub/namespaces/eventhubs/consumerGroups@2021-11-01' = { - parent: eventhub name: resourceName + parent: eventhub properties: { userMetadata: '' } } resource fhirDestination 'Microsoft.HealthcareApis/workspaces/iotConnectors/fhirDestinations@2022-12-01' = { - parent: iotConnector name: resourceName location: location + parent: iotConnector properties: { fhirMapping: { content: { diff --git a/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/main.bicep b/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/main.bicep index eefb1927..565d0667 100644 --- a/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/main.bicep +++ b/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/main.bicep @@ -4,38 +4,38 @@ param location string = 'westeurope' resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName location: location + sku: { + tier: 'Standard' + capacity: 1 + name: 'Standard' + } properties: { disableLocalAuth: false isAutoInflateEnabled: false publicNetworkAccess: 'Enabled' zoneRedundant: false } - sku: { - capacity: 1 - name: 'Standard' - tier: 'Standard' - } -} - -resource workspace 'Microsoft.HealthcareApis/workspaces@2022-12-01' = { - name: resourceName - location: location } resource eventhub 'Microsoft.EventHub/namespaces/eventhubs@2021-11-01' = { - parent: namespace name: resourceName + parent: namespace properties: { + status: 'Active' messageRetentionInDays: 1 partitionCount: 2 - status: 'Active' } } +resource workspace 'Microsoft.HealthcareApis/workspaces@2022-12-01' = { + name: resourceName + location: location +} + resource iotConnector 'Microsoft.HealthcareApis/workspaces/iotConnectors@2022-12-01' = { - parent: workspace name: resourceName location: location + parent: workspace properties: { deviceMapping: { content: { @@ -44,7 +44,6 @@ resource iotConnector 'Microsoft.HealthcareApis/workspaces/iotConnectors@2022-12 } } ingestionEndpointConfiguration: { - consumerGroup: consumerGroup.id eventHubName: eventhub.name fullyQualifiedEventHubNamespace: '${namespace.name}.servicebus.windows.net' } @@ -52,8 +51,8 @@ resource iotConnector 'Microsoft.HealthcareApis/workspaces/iotConnectors@2022-12 } resource consumerGroup 'Microsoft.EventHub/namespaces/eventhubs/consumerGroups@2021-11-01' = { - parent: eventhub name: resourceName + parent: eventhub properties: { userMetadata: '' } diff --git a/settings/remarks/microsoft.impact/remarks.json b/settings/remarks/microsoft.impact/remarks.json index 74e3d285..ad4b99ea 100644 --- a/settings/remarks/microsoft.impact/remarks.json +++ b/settings/remarks/microsoft.impact/remarks.json @@ -17,6 +17,11 @@ "ResourceType": "Microsoft.Impact/connectors", "Path": "samples/connectors/main.bicep", "Description": "A basic example of deploying Impact Connectors." + }, + { + "ResourceType": "Microsoft.Impact/workloadImpacts", + "Path": "samples/workloadimpacts/main.bicep", + "Description": "A basic example of deploying Impact Workload Impacts." } ] } \ No newline at end of file diff --git a/settings/remarks/microsoft.impact/samples/connectors/main.bicep b/settings/remarks/microsoft.impact/samples/connectors/main.bicep index 39b2c82d..e70a791f 100644 --- a/settings/remarks/microsoft.impact/samples/connectors/main.bicep +++ b/settings/remarks/microsoft.impact/samples/connectors/main.bicep @@ -1,6 +1,7 @@ targetScope = 'subscription' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource connector 'Microsoft.Impact/connectors@2024-05-01-preview' = { name: resourceName diff --git a/settings/remarks/microsoft.impact/samples/workloadimpacts/main.bicep b/settings/remarks/microsoft.impact/samples/workloadimpacts/main.bicep new file mode 100644 index 00000000..dc52430c --- /dev/null +++ b/settings/remarks/microsoft.impact/samples/workloadimpacts/main.bicep @@ -0,0 +1,158 @@ +param resourceName string = 'acctest0001' +param location string = 'westeurope' +@secure() +@description('The administrator password for the virtual machine') +param adminPassword string + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { + name: resourceName + parent: virtualNetwork + properties: { + serviceEndpoints: [] + addressPrefix: '10.0.2.0/24' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + } +} + +resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { + name: resourceName + location: location + properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + properties: { + subnet: {} + primary: true + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + } + name: 'testconfiguration1' + } + ] + } +} + +resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { + name: resourceName + location: location + properties: { + osProfile: { + adminUsername: 'testadmin' + computerName: 'hostname230630032848831819' + linuxConfiguration: { + disablePasswordAuthentication: false + } + adminPassword: adminPassword + } + storageProfile: { + imageReference: { + offer: 'UbuntuServer' + publisher: 'Canonical' + sku: '16.04-LTS' + version: 'latest' + } + osDisk: { + caching: 'ReadWrite' + createOption: 'FromImage' + name: 'myosdisk1' + writeAcceleratorEnabled: false + } + } + hardwareProfile: { + vmSize: 'Standard_F2' + } + networkProfile: { + networkInterfaces: [ + { + id: networkInterface.id + properties: { + primary: false + } + } + ] + } + } +} + +resource workloadImpact 'Microsoft.Impact/workloadImpacts@2023-12-01-preview' = { + name: resourceName + properties: { + impactCategory: 'Resource.Availability' + performance: [ + { + actual: 2 + expected: 2 + expectedValueRange: { + min: 1 + max: 5 + } + metricName: 'example' + unit: 'ByteSeconds' + } + ] + startDateTime: '2024-12-03T01:15:00Z' + workload: { + context: 'context' + toolset: 'Ansible' + } + additionalProperties: { + Location: 'DataCenter1' + LogUrl: 'http://example.com/log' + ModelNumber: 'Model123' + NodeId: 'node-123' + PhysicalHostName: 'host123' + SerialNumber: 'SN123456' + CollectTelemetry: true + Manufacturer: 'ManufacturerName' + VmUniqueId: 'vm-unique-id' + } + armCorrelationIds: [ + 'id1' + 'id2' + ] + clientIncidentDetails: { + clientIncidentId: 'id' + clientIncidentSource: 'AzureDevops' + } + connectivity: { + port: 1443 + protocol: 'TCP' + source: { + azureResourceId: virtualMachine.id + } + target: { + azureResourceId: virtualMachine.id + } + } + errorDetails: { + errorCode: 'code' + errorMessage: 'errorMessage' + } + impactDescription: 'impact description' + impactGroupId: 'impact groupid' + impactedResourceId: virtualMachine.id + confidenceLevel: 'High' + endDateTime: '2024-12-04T01:15:00Z' + } +} diff --git a/settings/remarks/microsoft.insights/remarks.json b/settings/remarks/microsoft.insights/remarks.json index 46cad46d..c8cd87ae 100644 --- a/settings/remarks/microsoft.insights/remarks.json +++ b/settings/remarks/microsoft.insights/remarks.json @@ -191,6 +191,21 @@ "ResourceType": "Microsoft.Insights/workbooks", "Path": "samples/workbooks/main.bicep", "Description": "A basic example of deploying Azure Workbook." + }, + { + "ResourceType": "Microsoft.Insights/components/ProactiveDetectionConfigs", + "Path": "samples/components/proactivedetectionconfigs/main.bicep", + "Description": "A basic example of deploying Application Insights Smart Detection Rule." + }, + { + "ResourceType": "Microsoft.Insights/logProfiles", + "Path": "samples/logprofiles/main.bicep", + "Description": "A basic example of deploying Insights Log Profiles." + }, + { + "ResourceType": "Microsoft.Insights/logProfiles", + "Path": "samples/logprofiles/main-rg-module.bicep", + "Description": "A basic example of deploying Insights Log Profiles." } ] } \ No newline at end of file diff --git a/settings/remarks/microsoft.insights/samples/actiongroups/main.bicep b/settings/remarks/microsoft.insights/samples/actiongroups/main.bicep index a50473f2..0a46c86d 100644 --- a/settings/remarks/microsoft.insights/samples/actiongroups/main.bicep +++ b/settings/remarks/microsoft.insights/samples/actiongroups/main.bicep @@ -1,21 +1,22 @@ param resourceName string = 'acctest0001' +param location string = 'westeurope' resource actionGroup 'Microsoft.Insights/actionGroups@2023-01-01' = { name: resourceName location: 'global' properties: { - armRoleReceivers: [] - automationRunbookReceivers: [] - azureAppPushReceivers: [] - azureFunctionReceivers: [] emailReceivers: [] + itsmReceivers: [] + logicAppReceivers: [] + voiceReceivers: [] + automationRunbookReceivers: [] enabled: true eventHubReceivers: [] groupShortName: 'acctestag' - itsmReceivers: [] - logicAppReceivers: [] smsReceivers: [] - voiceReceivers: [] webhookReceivers: [] + armRoleReceivers: [] + azureAppPushReceivers: [] + azureFunctionReceivers: [] } } diff --git a/settings/remarks/microsoft.insights/samples/activitylogalerts/main.bicep b/settings/remarks/microsoft.insights/samples/activitylogalerts/main.bicep index fe95dfcf..6c7d60c5 100644 --- a/settings/remarks/microsoft.insights/samples/activitylogalerts/main.bicep +++ b/settings/remarks/microsoft.insights/samples/activitylogalerts/main.bicep @@ -5,19 +5,19 @@ resource actionGroup 'Microsoft.Insights/actionGroups@2023-01-01' = { name: resourceName location: 'global' properties: { + itsmReceivers: [] + smsReceivers: [] + webhookReceivers: [] armRoleReceivers: [] - automationRunbookReceivers: [] azureAppPushReceivers: [] azureFunctionReceivers: [] emailReceivers: [] enabled: true - eventHubReceivers: [] groupShortName: 'acctestag1' - itsmReceivers: [] logicAppReceivers: [] - smsReceivers: [] voiceReceivers: [] - webhookReceivers: [] + automationRunbookReceivers: [] + eventHubReceivers: [] } } @@ -26,17 +26,17 @@ resource actionGroup2 'Microsoft.Insights/actionGroups@2023-01-01' = { location: 'global' properties: { armRoleReceivers: [] - automationRunbookReceivers: [] azureAppPushReceivers: [] azureFunctionReceivers: [] emailReceivers: [] enabled: true eventHubReceivers: [] + smsReceivers: [] + voiceReceivers: [] + automationRunbookReceivers: [] groupShortName: 'acctestag2' itsmReceivers: [] logicAppReceivers: [] - smsReceivers: [] - voiceReceivers: [] webhookReceivers: [] } } @@ -45,6 +45,8 @@ resource activityLogAlert 'Microsoft.Insights/activityLogAlerts@2020-10-01' = { name: resourceName location: 'global' properties: { + enabled: true + scopes: [] actions: { actionGroups: [ { @@ -93,8 +95,8 @@ resource activityLogAlert 'Microsoft.Insights/activityLogAlerts@2020-10-01' = { { anyOf: [ { - equals: 'PlatformInitiated' field: 'properties.cause' + equals: 'PlatformInitiated' } { equals: 'UserInitiated' @@ -105,24 +107,19 @@ resource activityLogAlert 'Microsoft.Insights/activityLogAlerts@2020-10-01' = { ] } description: 'This is just a test acceptance.' - enabled: true - scopes: [ - resourceGroup().id - storageAccount.id - ] } } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { accessTier: 'Hot' - allowBlobPublicAccess: true allowCrossTenantReplication: true - allowSharedKeyAccess: true - defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -141,10 +138,10 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { networkAcls: { defaultAction: 'Allow' } + allowBlobPublicAccess: true + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true } - sku: { - name: 'Standard_LRS' - } } diff --git a/settings/remarks/microsoft.insights/samples/autoscalesettings/main.bicep b/settings/remarks/microsoft.insights/samples/autoscalesettings/main.bicep index a1ef6631..349f606e 100644 --- a/settings/remarks/microsoft.insights/samples/autoscalesettings/main.bicep +++ b/settings/remarks/microsoft.insights/samples/autoscalesettings/main.bicep @@ -14,56 +14,55 @@ resource autoScaleSetting 'Microsoft.Insights/autoScaleSettings@2022-10-01' = { notifications: [] profiles: [ { - capacity: { - default: '1' - maximum: '10' - minimum: '1' - } - name: 'metricRules' rules: [ { metricTrigger: { + timeGrain: 'PT1M' + timeWindow: 'PT5M' + threshold: 75 + timeAggregation: 'Last' dimensions: [] dividePerInstance: true metricName: 'Percentage CPU' metricNamespace: '' - metricResourceUri: virtualMachineScaleSet.id operator: 'GreaterThan' statistic: 'Average' - threshold: 75 - timeAggregation: 'Last' - timeGrain: 'PT1M' - timeWindow: 'PT5M' } scaleAction: { - cooldown: 'PT1M' direction: 'Increase' type: 'ChangeCount' value: '1' + cooldown: 'PT1M' } } ] + capacity: { + default: '1' + maximum: '10' + minimum: '1' + } + name: 'metricRules' } ] - targetResourceUri: virtualMachineScaleSet.id } } resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023-03-01' = { name: resourceName location: location + sku: { + capacity: 2 + name: 'Standard_F2' + tier: 'Standard' + } properties: { additionalCapabilities: {} - doNotRunExtensionsOnOverprovisionedVMs: false - orchestrationMode: 'Uniform' - overprovision: true scaleInPolicy: { forceDeletion: false rules: [ 'Default' ] } - singlePlacementGroup: true upgradePolicy: { mode: 'Manual' } @@ -80,8 +79,8 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- networkProfile: { networkInterfaceConfigurations: [ { - name: 'TestNetworkProfile-230630033559396108' properties: { + primary: true dnsSettings: { dnsServers: [] } @@ -91,26 +90,24 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- { name: 'TestIPConfiguration' properties: { + privateIPAddressVersion: 'IPv4' + subnet: {} applicationGatewayBackendAddressPools: [] applicationSecurityGroups: [] loadBalancerBackendAddressPools: [] loadBalancerInboundNatPools: [] primary: true - privateIPAddressVersion: 'IPv4' - subnet: { - id: subnet.id - } } } ] - primary: true } + name: 'TestNetworkProfile-230630033559396108' } ] } osProfile: { - adminPassword: null - adminUsername: null + adminPassword: adminPassword + adminUsername: adminUsername computerNamePrefix: 'testvm-230630033559396108' linuxConfiguration: { disablePasswordAuthentication: false @@ -128,29 +125,28 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- } priority: 'Regular' storageProfile: { - dataDisks: [] - imageReference: { - offer: 'UbuntuServer' - publisher: 'Canonical' - sku: '16.04-LTS' - version: 'latest' - } osDisk: { + osType: 'Linux' + writeAcceleratorEnabled: false caching: 'ReadWrite' createOption: 'FromImage' managedDisk: { storageAccountType: 'StandardSSD_LRS' } - osType: 'Linux' - writeAcceleratorEnabled: false + } + dataDisks: [] + imageReference: { + offer: 'UbuntuServer' + publisher: 'Canonical' + sku: '16.04-LTS' + version: 'latest' } } } - } - sku: { - capacity: 2 - name: 'Standard_F2' - tier: 'Standard' + doNotRunExtensionsOnOverprovisionedVMs: false + orchestrationMode: 'Uniform' + overprovision: true + singlePlacementGroup: true } } @@ -158,6 +154,7 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location properties: { + subnets: [] addressSpace: { addressPrefixes: [ '10.0.0.0/16' @@ -166,13 +163,12 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { dhcpOptions: { dnsServers: [] } - subnets: [] } } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: 'internal' + parent: virtualNetwork properties: { addressPrefix: '10.0.2.0/24' delegations: [] diff --git a/settings/remarks/microsoft.insights/samples/components/analyticsitems/main.bicep b/settings/remarks/microsoft.insights/samples/components/analyticsitems/main.bicep index c22f4fd2..a5d7a01b 100644 --- a/settings/remarks/microsoft.insights/samples/components/analyticsitems/main.bicep +++ b/settings/remarks/microsoft.insights/samples/components/analyticsitems/main.bicep @@ -6,22 +6,18 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { location: location kind: 'web' properties: { - Application_Type: 'web' - DisableIpMasking: false - DisableLocalAuth: false - ForceCustomerStorageForProfiler: false RetentionInDays: 90 - SamplingPercentage: 100 publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' + Application_Type: 'web' + DisableLocalAuth: false + SamplingPercentage: 100 + DisableIpMasking: false + ForceCustomerStorageForProfiler: false } } resource analyticsItem 'microsoft.insights/components/analyticsItems@2015-05-01' = { - parent: component name: 'item' - Content: 'requests #test' - Name: 'testquery' - Scope: 'shared' - Type: 'query' + parent: component } diff --git a/settings/remarks/microsoft.insights/samples/components/main.bicep b/settings/remarks/microsoft.insights/samples/components/main.bicep index e36d6913..be5c10c2 100644 --- a/settings/remarks/microsoft.insights/samples/components/main.bicep +++ b/settings/remarks/microsoft.insights/samples/components/main.bicep @@ -7,12 +7,12 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { kind: 'web' properties: { Application_Type: 'web' - DisableIpMasking: false - DisableLocalAuth: false ForceCustomerStorageForProfiler: false RetentionInDays: 90 SamplingPercentage: 100 - publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' + DisableIpMasking: false + DisableLocalAuth: false + publicNetworkAccessForIngestion: 'Enabled' } } diff --git a/settings/remarks/microsoft.insights/samples/components/proactivedetectionconfigs/main.bicep b/settings/remarks/microsoft.insights/samples/components/proactivedetectionconfigs/main.bicep new file mode 100644 index 00000000..92e100bc --- /dev/null +++ b/settings/remarks/microsoft.insights/samples/components/proactivedetectionconfigs/main.bicep @@ -0,0 +1,23 @@ +param resourceName string = 'acctest0001' +param location string = 'westeurope' + +resource component 'Microsoft.Insights/components@2020-02-02' = { + name: resourceName + location: location + kind: 'web' + properties: { + RetentionInDays: 90 + Application_Type: 'web' + DisableLocalAuth: false + ForceCustomerStorageForProfiler: false + SamplingPercentage: 100 + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' + DisableIpMasking: false + } +} + +resource proactiveDetectionConfig 'Microsoft.Insights/components/ProactiveDetectionConfigs@2015-05-01' = { + name: 'slowpageloadtime' + parent: component +} diff --git a/settings/remarks/microsoft.insights/samples/datacollectionruleassociations/main.bicep b/settings/remarks/microsoft.insights/samples/datacollectionruleassociations/main.bicep index 72d5147a..2d268ee5 100644 --- a/settings/remarks/microsoft.insights/samples/datacollectionruleassociations/main.bicep +++ b/settings/remarks/microsoft.insights/samples/datacollectionruleassociations/main.bicep @@ -4,6 +4,35 @@ param location string = 'westeurope' @description('The administrator password for the virtual machine') param adminPassword string +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: 'network-230630033559397415' + location: location + properties: { + subnets: [] + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { + name: 'subnet-230630033559397415' + parent: virtualNetwork + properties: { + addressPrefix: '10.0.2.0/24' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] + } +} + resource dataCollectionRule 'Microsoft.Insights/dataCollectionRules@2022-06-01' = { name: resourceName location: location @@ -27,45 +56,10 @@ resource dataCollectionRule 'Microsoft.Insights/dataCollectionRules@2022-06-01' } } -resource dataCollectionRuleAssociation 'Microsoft.Insights/dataCollectionRuleAssociations@2022-06-01' = { - scope: virtualMachine - name: resourceName - properties: { - dataCollectionRuleId: dataCollectionRule.id - description: '' - } -} - -resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { - name: 'nic-230630033559397415' - location: location - properties: { - enableAcceleratedNetworking: false - enableIPForwarding: false - ipConfigurations: [ - { - name: 'internal' - properties: { - primary: true - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - subnet: { - id: subnet.id - } - } - } - ] - } -} - resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { name: 'machine-230630033559397415' location: location properties: { - additionalCapabilities: {} - applicationProfile: { - galleryApplications: [] - } diagnosticsProfile: { bootDiagnostics: { enabled: false @@ -76,34 +70,38 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { hardwareProfile: { vmSize: 'Standard_B1ls' } - networkProfile: { - networkInterfaces: [ - { - id: networkInterface.id - properties: { - primary: true - } - } - ] - } osProfile: { - adminPassword: null + adminPassword: adminPassword adminUsername: 'adminuser' allowExtensionOperations: true computerName: 'machine-230630033559397415' linuxConfiguration: { + provisionVMAgent: true + ssh: { + publicKeys: [] + } disablePasswordAuthentication: false patchSettings: { assessmentMode: 'ImageDefault' patchMode: 'ImageDefault' } - provisionVMAgent: true - ssh: { - publicKeys: [] - } } secrets: [] } + additionalCapabilities: {} + applicationProfile: { + galleryApplications: [] + } + networkProfile: { + networkInterfaces: [ + { + id: networkInterface.id + properties: { + primary: true + } + } + ] + } priority: 'Regular' storageProfile: { dataDisks: [] @@ -114,43 +112,43 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { version: 'latest' } osDisk: { + osType: 'Linux' + writeAcceleratorEnabled: false caching: 'ReadWrite' createOption: 'FromImage' managedDisk: { storageAccountType: 'Standard_LRS' } - osType: 'Linux' - writeAcceleratorEnabled: false } } } } -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: 'network-230630033559397415' - location: location +resource dataCollectionRuleAssociation 'Microsoft.Insights/dataCollectionRuleAssociations@2022-06-01' = { + name: resourceName + scope: virtualMachine properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - subnets: [] + description: '' + dataCollectionRuleId: dataCollectionRule.id } } -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork - name: 'subnet-230630033559397415' +resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { + name: 'nic-230630033559397415' + location: location properties: { - addressPrefix: '10.0.2.0/24' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + properties: { + primary: true + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + subnet: {} + } + name: 'internal' + } + ] } } diff --git a/settings/remarks/microsoft.insights/samples/datacollectionrules/main.bicep b/settings/remarks/microsoft.insights/samples/datacollectionrules/main.bicep index 30fee3fa..27788640 100644 --- a/settings/remarks/microsoft.insights/samples/datacollectionrules/main.bicep +++ b/settings/remarks/microsoft.insights/samples/datacollectionrules/main.bicep @@ -7,12 +7,12 @@ resource dataCollectionRule 'Microsoft.Insights/dataCollectionRules@2022-06-01' properties: { dataFlows: [ { - destinations: [ - 'test-destination-metrics' - ] streams: [ 'Microsoft-InsightsMetrics' ] + destinations: [ + 'test-destination-metrics' + ] } ] description: '' diff --git a/settings/remarks/microsoft.insights/samples/diagnosticsettings/main.bicep b/settings/remarks/microsoft.insights/samples/diagnosticsettings/main.bicep index 0b673c3a..c55f9338 100644 --- a/settings/remarks/microsoft.insights/samples/diagnosticsettings/main.bicep +++ b/settings/remarks/microsoft.insights/samples/diagnosticsettings/main.bicep @@ -1,49 +1,20 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource diagnosticSetting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = { - scope: vault - name: resourceName - properties: { - eventHubAuthorizationRuleId: authorizationRule.id - eventHubName: namespace.name - logs: [ - { - categoryGroup: 'Audit' - enabled: true - retentionPolicy: { - days: 0 - enabled: false - } - } - ] - metrics: [ - { - category: 'AllMetrics' - enabled: true - retentionPolicy: { - days: 0 - enabled: false - } - } - ] - } -} - resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Basic' + tier: 'Basic' + } properties: { disableLocalAuth: false isAutoInflateEnabled: false publicNetworkAccess: 'Enabled' zoneRedundant: false } - sku: { - capacity: 1 - name: 'Basic' - tier: 'Basic' - } } resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { @@ -52,23 +23,23 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { properties: { accessPolicies: [] createMode: 'default' - enableRbacAuthorization: false enableSoftDelete: true enabledForDeployment: false enabledForDiskEncryption: false - enabledForTemplateDeployment: false publicNetworkAccess: 'Enabled' sku: { - family: 'A' name: 'standard' + family: 'A' } - tenantId: deployer().tenantId + tenantId: tenant().tenantId + enableRbacAuthorization: false + enabledForTemplateDeployment: false } } resource authorizationRule 'Microsoft.EventHub/namespaces/authorizationRules@2021-11-01' = { - parent: namespace name: 'example' + parent: namespace properties: { rights: [ 'Listen' @@ -77,3 +48,30 @@ resource authorizationRule 'Microsoft.EventHub/namespaces/authorizationRules@202 ] } } + +resource diagnosticSetting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = { + name: resourceName + scope: vault + properties: { + logs: [ + { + categoryGroup: 'Audit' + enabled: true + retentionPolicy: { + days: 0 + enabled: false + } + } + ] + metrics: [ + { + category: 'AllMetrics' + enabled: true + retentionPolicy: { + days: 0 + enabled: false + } + } + ] + } +} diff --git a/settings/remarks/microsoft.insights/samples/logprofiles/main-rg-module.bicep b/settings/remarks/microsoft.insights/samples/logprofiles/main-rg-module.bicep new file mode 100644 index 00000000..b80e5c9d --- /dev/null +++ b/settings/remarks/microsoft.insights/samples/logprofiles/main-rg-module.bicep @@ -0,0 +1,38 @@ +param resourceName string = 'acctest0001' +param location string = 'westeurope' + +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_GRS' + } + kind: 'StorageV2' + properties: { + allowBlobPublicAccess: true + allowCrossTenantReplication: true + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false + isNfsV3Enabled: false + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + accessTier: 'Hot' + encryption: { + services: { + queue: { + keyType: 'Service' + } + table: { + keyType: 'Service' + } + } + keySource: 'Microsoft.Storage' + } + isHnsEnabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' + supportsHttpsTrafficOnly: true + } +} diff --git a/settings/remarks/microsoft.insights/samples/logprofiles/main.bicep b/settings/remarks/microsoft.insights/samples/logprofiles/main.bicep new file mode 100644 index 00000000..d7f97dff --- /dev/null +++ b/settings/remarks/microsoft.insights/samples/logprofiles/main.bicep @@ -0,0 +1,35 @@ +targetScope = 'subscription' + +param resourceName string = 'acctest0001' +param location string = 'westeurope' + +resource resourceGroup 'Microsoft.Resources/resourceGroups@2020-06-01' = { + name: resourceName + location: location +} + +resource logProfile 'Microsoft.Insights/logProfiles@2016-03-01' = { + name: resourceName + properties: { + categories: [ + 'Action' + ] + locations: [ + 'westeurope' + 'westeurope' + ] + retentionPolicy: { + enabled: true + days: 7 + } + } +} + +module module1 'main-rg-module.bicep' = { + name: 'deploy-rg-resources' + scope: resourceGroup + params: { + resourceName: resourceName + location: location + } +} diff --git a/settings/remarks/microsoft.insights/samples/metricalerts/main.bicep b/settings/remarks/microsoft.insights/samples/metricalerts/main.bicep index f09c6e22..42dd4ade 100644 --- a/settings/remarks/microsoft.insights/samples/metricalerts/main.bicep +++ b/settings/remarks/microsoft.insights/samples/metricalerts/main.bicep @@ -5,52 +5,61 @@ resource metricAlert 'Microsoft.Insights/metricAlerts@2018-03-01' = { name: resourceName location: 'global' properties: { - actions: [] - autoMitigate: true + scopes: [] criteria: { allOf: [ { - criterionType: 'StaticThresholdCriterion' dimensions: [] metricName: 'UsedCapacity' metricNamespace: 'Microsoft.Storage/storageAccounts' name: 'Metric1' operator: 'GreaterThan' skipMetricValidation: false - threshold: any('55.5') timeAggregation: 'Average' + criterionType: 'StaticThresholdCriterion' + threshold: any('55.5') } ] 'odata.type': 'Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria' } - description: '' - enabled: true evaluationFrequency: 'PT1M' - scopes: [ - storageAccount.id - ] severity: 3 targetResourceRegion: '' targetResourceType: '' windowSize: 'PT1H' + actions: [] + autoMitigate: true + description: '' + enabled: true } tags: { - CUSTOMER: 'CUSTOMERx' Example: 'Example123' terraform: 'Coolllll' test: '123' + CUSTOMER: 'CUSTOMERx' } } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true + allowSharedKeyAccess: true + isHnsEnabled: false + isNfsV3Enabled: false + minimumTlsVersion: 'TLS1_2' + networkAcls: { + defaultAction: 'Allow' + } accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: true - allowSharedKeyAccess: true defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' @@ -63,17 +72,6 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } - isHnsEnabled: false - isNfsV3Enabled: false isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' } } diff --git a/settings/remarks/microsoft.insights/samples/privatelinkscopes/main.bicep b/settings/remarks/microsoft.insights/samples/privatelinkscopes/main.bicep index 59efc1be..cb40125f 100644 --- a/settings/remarks/microsoft.insights/samples/privatelinkscopes/main.bicep +++ b/settings/remarks/microsoft.insights/samples/privatelinkscopes/main.bicep @@ -1,6 +1,8 @@ param resourceName string = 'acctest0001' +param location string = 'westeurope' resource privateLinkScope 'Microsoft.Insights/privateLinkScopes@2019-10-17-preview' = { name: resourceName + location: 'Global' properties: {} } diff --git a/settings/remarks/microsoft.insights/samples/privatelinkscopes/scopedresources/main.bicep b/settings/remarks/microsoft.insights/samples/privatelinkscopes/scopedresources/main.bicep index 05a33bb3..bb5221a5 100644 --- a/settings/remarks/microsoft.insights/samples/privatelinkscopes/scopedresources/main.bicep +++ b/settings/remarks/microsoft.insights/samples/privatelinkscopes/scopedresources/main.bicep @@ -7,24 +7,25 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { kind: 'web' properties: { Application_Type: 'web' + ForceCustomerStorageForProfiler: false + SamplingPercentage: 100 + publicNetworkAccessForQuery: 'Enabled' DisableIpMasking: false DisableLocalAuth: false - ForceCustomerStorageForProfiler: false RetentionInDays: 90 - SamplingPercentage: 100 publicNetworkAccessForIngestion: 'Enabled' - publicNetworkAccessForQuery: 'Enabled' } } resource privateLinkScope 'Microsoft.Insights/privateLinkScopes@2019-10-17-preview' = { name: resourceName + location: 'Global' properties: {} } resource scopedResource 'Microsoft.Insights/privateLinkScopes/scopedResources@2019-10-17-preview' = { - parent: privateLinkScope name: resourceName + parent: privateLinkScope properties: { linkedResourceId: component.id } diff --git a/settings/remarks/microsoft.insights/samples/scheduledqueryrules/main.bicep b/settings/remarks/microsoft.insights/samples/scheduledqueryrules/main.bicep index fae18770..01d86e7c 100644 --- a/settings/remarks/microsoft.insights/samples/scheduledqueryrules/main.bicep +++ b/settings/remarks/microsoft.insights/samples/scheduledqueryrules/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource component 'Microsoft.Insights/components@2020-02-02' = { name: resourceName @@ -8,11 +8,11 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { properties: { Application_Type: 'web' DisableIpMasking: false - DisableLocalAuth: false - ForceCustomerStorageForProfiler: false RetentionInDays: 90 SamplingPercentage: 100 publicNetworkAccessForIngestion: 'Enabled' + DisableLocalAuth: false + ForceCustomerStorageForProfiler: false publicNetworkAccessForQuery: 'Enabled' } } @@ -22,7 +22,6 @@ resource scheduledQueryRule 'Microsoft.Insights/scheduledQueryRules@2021-08-01' location: location kind: 'LogAlert' properties: { - autoMitigate: false checkWorkspaceAlertsStorageConfigured: false criteria: { allOf: [ @@ -37,14 +36,15 @@ resource scheduledQueryRule 'Microsoft.Insights/scheduledQueryRules@2021-08-01' } ] } - enabled: true evaluationFrequency: 'PT5M' scopes: [ component.id ] severity: 3 - skipQueryValidation: false targetResourceTypes: null windowSize: 'PT5M' + autoMitigate: false + enabled: true + skipQueryValidation: false } } diff --git a/settings/remarks/microsoft.insights/samples/webtests/main.bicep b/settings/remarks/microsoft.insights/samples/webtests/main.bicep index 072fc674..979871b7 100644 --- a/settings/remarks/microsoft.insights/samples/webtests/main.bicep +++ b/settings/remarks/microsoft.insights/samples/webtests/main.bicep @@ -6,13 +6,13 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { location: location kind: 'web' properties: { - Application_Type: 'web' DisableIpMasking: false DisableLocalAuth: false ForceCustomerStorageForProfiler: false RetentionInDays: 90 SamplingPercentage: 100 publicNetworkAccessForIngestion: 'Enabled' + Application_Type: 'web' publicNetworkAccessForQuery: 'Enabled' } } @@ -22,22 +22,18 @@ resource webTest 'Microsoft.Insights/webTests@2022-06-15' = { location: location kind: 'standard' properties: { - Description: '' + RetryEnabled: false + SyntheticMonitorId: resourceName Enabled: false Frequency: 300 Kind: 'standard' - Locations: [ - { - Id: 'us-tx-sn1-azr' - } - ] - Name: 'acctest0001' + Name: resourceName Request: { FollowRedirects: false Headers: [ { - key: 'x-header' value: 'testheader' + key: 'x-header' } { key: 'x-header-2' @@ -48,15 +44,19 @@ resource webTest 'Microsoft.Insights/webTests@2022-06-15' = { ParseDependentRequests: false RequestUrl: 'http://microsoft.com' } - RetryEnabled: false - SyntheticMonitorId: 'acctest0001' Timeout: 30 ValidationRules: { ExpectedHttpStatusCode: 200 SSLCheck: false } + Description: '' + Locations: [ + { + Id: 'us-tx-sn1-azr' + } + ] } tags: { - 'hidden-link:azapi_resource.component.id': 'Resource' + 'hidden-link:${component.id}': 'Resource' } } diff --git a/settings/remarks/microsoft.insights/samples/workbooks/main.bicep b/settings/remarks/microsoft.insights/samples/workbooks/main.bicep index 50f54680..9cb7e9e0 100644 --- a/settings/remarks/microsoft.insights/samples/workbooks/main.bicep +++ b/settings/remarks/microsoft.insights/samples/workbooks/main.bicep @@ -1,3 +1,4 @@ +param resourceName string = 'acctest0001' param location string = 'westeurope' resource workbook 'Microsoft.Insights/workbooks@2022-04-01' = { @@ -7,7 +8,7 @@ resource workbook 'Microsoft.Insights/workbooks@2022-04-01' = { properties: { category: 'workbook' displayName: 'acctest-amw-230630032616547405' - serializedData: '{"fallbackResourceIds":["Azure Monitor"],"isLocked":false,"items":[{"content":{"json":"Test2022"},"name":"text - 0","type":1}],"version":"Notebook/1.0"}' + serializedData: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} sourceId: 'azure monitor' } } diff --git a/settings/remarks/microsoft.insights/samples/workbooktemplates/main.bicep b/settings/remarks/microsoft.insights/samples/workbooktemplates/main.bicep index 5538419d..c3de877f 100644 --- a/settings/remarks/microsoft.insights/samples/workbooktemplates/main.bicep +++ b/settings/remarks/microsoft.insights/samples/workbooktemplates/main.bicep @@ -7,11 +7,11 @@ resource workbookTemplate 'Microsoft.Insights/workbookTemplates@2020-11-20' = { properties: { galleries: [ { + type: 'workbook' category: 'workbook' name: 'test' order: 0 resourceType: 'Azure Monitor' - type: 'workbook' } ] priority: 0 diff --git a/settings/remarks/microsoft.iotcentral/samples/iotapps/main.bicep b/settings/remarks/microsoft.iotcentral/samples/iotapps/main.bicep index 464310e5..7fe41657 100644 --- a/settings/remarks/microsoft.iotcentral/samples/iotapps/main.bicep +++ b/settings/remarks/microsoft.iotcentral/samples/iotapps/main.bicep @@ -4,13 +4,13 @@ param location string = 'westeurope' resource iotApp 'Microsoft.IoTCentral/iotApps@2021-11-01-preview' = { name: resourceName location: location + sku: { + name: 'ST1' + } properties: { - displayName: 'acctest0001' + displayName: '${resourceName}' publicNetworkAccess: 'Enabled' subdomain: 'subdomain-2306300333537' template: 'iotc-pnp-preview@1.0.0' } - sku: { - name: 'ST1' - } } diff --git a/settings/remarks/microsoft.keyvault/samples/managedhsms/main.bicep b/settings/remarks/microsoft.keyvault/samples/managedhsms/main.bicep index bed18d28..805fe61c 100644 --- a/settings/remarks/microsoft.keyvault/samples/managedhsms/main.bicep +++ b/settings/remarks/microsoft.keyvault/samples/managedhsms/main.bicep @@ -1,21 +1,22 @@ +param resourceName string = 'acctest0001' param location string = 'westeurope' resource managedHSM 'Microsoft.KeyVault/managedHSMs@2021-10-01' = { name: 'kvHsm230630033342437496' location: location + sku: { + family: 'B' + name: 'Standard_B1' + } properties: { + publicNetworkAccess: 'Enabled' + softDeleteRetentionInDays: 90 + tenantId: tenant().tenantId createMode: 'default' enablePurgeProtection: false enableSoftDelete: true initialAdminObjectIds: [ deployer().objectId ] - publicNetworkAccess: 'Enabled' - softDeleteRetentionInDays: 90 - tenantId: deployer().tenantId - } - sku: { - family: 'B' - name: 'Standard_B1' } } diff --git a/settings/remarks/microsoft.keyvault/samples/vaults/accesspolicies/main.bicep b/settings/remarks/microsoft.keyvault/samples/vaults/accesspolicies/main.bicep index 439d976c..59203d63 100644 --- a/settings/remarks/microsoft.keyvault/samples/vaults/accesspolicies/main.bicep +++ b/settings/remarks/microsoft.keyvault/samples/vaults/accesspolicies/main.bicep @@ -5,19 +5,19 @@ resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { name: resourceName location: location properties: { - accessPolicies: [] enableSoftDelete: true + tenantId: tenant().tenantId sku: { family: 'A' name: 'standard' } - tenantId: deployer().tenantId + accessPolicies: [] } } resource putAccesspolicy 'Microsoft.KeyVault/vaults/accessPolicies@2023-02-01' = { - parent: vault name: 'add' + parent: vault properties: { accessPolicies: [ { @@ -34,7 +34,7 @@ resource putAccesspolicy 'Microsoft.KeyVault/vaults/accessPolicies@2023-02-01' = ] storage: [] } - tenantId: deployer().tenantId + tenantId: tenant().tenantId } ] } diff --git a/settings/remarks/microsoft.keyvault/samples/vaults/keys/main.bicep b/settings/remarks/microsoft.keyvault/samples/vaults/keys/main.bicep index 01dbf532..e85badfd 100644 --- a/settings/remarks/microsoft.keyvault/samples/vaults/keys/main.bicep +++ b/settings/remarks/microsoft.keyvault/samples/vaults/keys/main.bicep @@ -5,28 +5,26 @@ resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { name: resourceName location: location properties: { - accessPolicies: [] - enablePurgeProtection: true - enableSoftDelete: true sku: { - family: 'A' name: 'standard' + family: 'A' } - tenantId: deployer().tenantId + accessPolicies: [] + enableSoftDelete: true + enablePurgeProtection: true + tenantId: tenant().tenantId } } resource putAccesspolicy 'Microsoft.KeyVault/vaults/accessPolicies@2023-02-01' = { - parent: vault name: 'add' + parent: vault properties: { accessPolicies: [ { + tenantId: tenant().tenantId objectId: deployer().objectId permissions: { - certificates: [ - 'ManageContacts' - ] keys: [ 'Get' 'Create' @@ -46,16 +44,21 @@ resource putAccesspolicy 'Microsoft.KeyVault/vaults/accessPolicies@2023-02-01' = 'Get' ] storage: [] + certificates: [ + 'ManageContacts' + ] } - tenantId: deployer().tenantId } ] } } resource putKey 'Microsoft.KeyVault/vaults/keys@2023-02-01' = { - parent: vault name: resourceName + parent: vault + dependsOn: [ + putAccesspolicy + ] properties: { keyOps: [ 'encrypt' @@ -68,7 +71,4 @@ resource putKey 'Microsoft.KeyVault/vaults/keys@2023-02-01' = { keySize: 2048 kty: 'RSA' } - dependsOn: [ - putAccesspolicy - ] } diff --git a/settings/remarks/microsoft.keyvault/samples/vaults/main.bicep b/settings/remarks/microsoft.keyvault/samples/vaults/main.bicep index dbd1ed80..a5234c93 100644 --- a/settings/remarks/microsoft.keyvault/samples/vaults/main.bicep +++ b/settings/remarks/microsoft.keyvault/samples/vaults/main.bicep @@ -5,36 +5,36 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { name: resourceName location: location properties: { + publicNetworkAccess: 'Enabled' + sku: { + family: 'A' + name: 'standard' + } + softDeleteRetentionInDays: 7 + tenantId: tenant().tenantId accessPolicies: [ { objectId: deployer().objectId permissions: { + secrets: [ + 'Set' + ] + storage: [] certificates: [ 'ManageContacts' ] keys: [ 'Create' ] - secrets: [ - 'Set' - ] - storage: [] } - tenantId: deployer().tenantId + tenantId: tenant().tenantId } ] - createMode: 'default' enableRbacAuthorization: false - enableSoftDelete: true enabledForDeployment: false enabledForDiskEncryption: false enabledForTemplateDeployment: false - publicNetworkAccess: 'Enabled' - sku: { - family: 'A' - name: 'standard' - } - softDeleteRetentionInDays: 7 - tenantId: deployer().tenantId + createMode: 'default' + enableSoftDelete: true } } diff --git a/settings/remarks/microsoft.keyvault/samples/vaults/secrets/main.bicep b/settings/remarks/microsoft.keyvault/samples/vaults/secrets/main.bicep index a761e6f5..afc77277 100644 --- a/settings/remarks/microsoft.keyvault/samples/vaults/secrets/main.bicep +++ b/settings/remarks/microsoft.keyvault/samples/vaults/secrets/main.bicep @@ -5,19 +5,19 @@ resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { name: resourceName location: location properties: { - accessPolicies: [] - enableSoftDelete: true sku: { family: 'A' name: 'standard' } - tenantId: deployer().tenantId + accessPolicies: [] + enableSoftDelete: true + tenantId: tenant().tenantId } } resource putSecret 'Microsoft.KeyVault/vaults/secrets@2023-02-01' = { - parent: vault name: resourceName + parent: vault properties: { value: 'szechuan' } diff --git a/settings/remarks/microsoft.kubernetesconfiguration/samples/extensions/main.bicep b/settings/remarks/microsoft.kubernetesconfiguration/samples/extensions/main.bicep index f3c96a80..db4aa7a1 100644 --- a/settings/remarks/microsoft.kubernetesconfiguration/samples/extensions/main.bicep +++ b/settings/remarks/microsoft.kubernetesconfiguration/samples/extensions/main.bicep @@ -1,15 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource extension 'Microsoft.KubernetesConfiguration/extensions@2022-11-01' = { - scope: managedCluster - name: resourceName - properties: { - autoUpgradeMinorVersion: true - extensionType: 'microsoft.flux' - } -} - resource managedCluster 'Microsoft.ContainerService/managedClusters@2023-04-02-preview' = { name: resourceName location: location @@ -22,6 +13,15 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2023-04-02-p vmSize: 'Standard_DS2_v2' } ] - dnsPrefix: 'acctest0001' + dnsPrefix: '${resourceName}' + } +} + +resource extension 'Microsoft.KubernetesConfiguration/extensions@2022-11-01' = { + name: resourceName + scope: managedCluster + properties: { + autoUpgradeMinorVersion: true + extensionType: 'microsoft.flux' } } diff --git a/settings/remarks/microsoft.kubernetesconfiguration/samples/fluxconfigurations/main.bicep b/settings/remarks/microsoft.kubernetesconfiguration/samples/fluxconfigurations/main.bicep index 342721d7..d5dcda9b 100644 --- a/settings/remarks/microsoft.kubernetesconfiguration/samples/fluxconfigurations/main.bicep +++ b/settings/remarks/microsoft.kubernetesconfiguration/samples/fluxconfigurations/main.bicep @@ -1,9 +1,25 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource managedCluster 'Microsoft.ContainerService/managedClusters@2023-04-02-preview' = { + name: resourceName + location: location + properties: { + agentPoolProfiles: [ + { + count: 1 + mode: 'System' + name: 'default' + vmSize: 'Standard_DS2_v2' + } + ] + dnsPrefix: '${resourceName}' + } +} + resource extension 'Microsoft.KubernetesConfiguration/extensions@2022-11-01' = { - scope: managedCluster name: resourceName + scope: managedCluster properties: { autoUpgradeMinorVersion: true extensionType: 'microsoft.flux' @@ -11,16 +27,20 @@ resource extension 'Microsoft.KubernetesConfiguration/extensions@2022-11-01' = { } resource fluxConfiguration 'Microsoft.KubernetesConfiguration/fluxConfigurations@2022-03-01' = { - scope: managedCluster name: resourceName + scope: managedCluster + dependsOn: [ + extension + ] properties: { + suspend: false gitRepository: { - repositoryRef: { - branch: 'branch' - } syncIntervalInSeconds: 120 timeoutInSeconds: 120 url: 'https://github.com/Azure/arc-k8s-demo' + repositoryRef: { + branch: 'branch' + } } kustomizations: { applications: { @@ -35,36 +55,16 @@ resource fluxConfiguration 'Microsoft.KubernetesConfiguration/fluxConfigurations timeoutInSeconds: 600 } shared: { - force: false path: 'cluster-config/shared' prune: false retryIntervalInSeconds: 60 syncIntervalInSeconds: 60 timeoutInSeconds: 600 + force: false } } namespace: 'flux-system' scope: 'cluster' sourceKind: 'GitRepository' - suspend: false - } - dependsOn: [ - extension - ] -} - -resource managedCluster 'Microsoft.ContainerService/managedClusters@2023-04-02-preview' = { - name: resourceName - location: location - properties: { - agentPoolProfiles: [ - { - count: 1 - mode: 'System' - name: 'default' - vmSize: 'Standard_DS2_v2' - } - ] - dnsPrefix: 'acctest0001' } } diff --git a/settings/remarks/microsoft.kusto/samples/clusters/databases/main.bicep b/settings/remarks/microsoft.kusto/samples/clusters/databases/main.bicep index e7f447c8..c9967356 100644 --- a/settings/remarks/microsoft.kusto/samples/clusters/databases/main.bicep +++ b/settings/remarks/microsoft.kusto/samples/clusters/databases/main.bicep @@ -4,29 +4,29 @@ param location string = 'westeurope' resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Dev(No SLA)_Standard_D11_v2' + tier: 'Basic' + } properties: { enableAutoStop: true enableDiskEncryption: false enableDoubleEncryption: false + engineType: 'V2' + publicNetworkAccess: 'Enabled' + trustedExternalTenants: [] enablePurge: false enableStreamingIngest: false - engineType: 'V2' publicIPType: 'IPv4' - publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' - trustedExternalTenants: [] - } - sku: { - capacity: 1 - name: 'Dev(No SLA)_Standard_D11_v2' - tier: 'Basic' } } resource database 'Microsoft.Kusto/clusters/databases@2023-05-02' = { - parent: cluster name: resourceName location: location + parent: cluster kind: 'ReadWrite' properties: {} } diff --git a/settings/remarks/microsoft.kusto/samples/clusters/databases/principalassignments/main.bicep b/settings/remarks/microsoft.kusto/samples/clusters/databases/principalassignments/main.bicep index fd2d641b..b2add1b7 100644 --- a/settings/remarks/microsoft.kusto/samples/clusters/databases/principalassignments/main.bicep +++ b/settings/remarks/microsoft.kusto/samples/clusters/databases/principalassignments/main.bicep @@ -1,43 +1,45 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +param clientId string + resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Dev(No SLA)_Standard_D11_v2' + tier: 'Basic' + } properties: { + restrictOutboundNetworkAccess: 'Disabled' + trustedExternalTenants: [] enableAutoStop: true enableDiskEncryption: false + engineType: 'V2' enableDoubleEncryption: false enablePurge: false enableStreamingIngest: false - engineType: 'V2' publicIPType: 'IPv4' publicNetworkAccess: 'Enabled' - restrictOutboundNetworkAccess: 'Disabled' - trustedExternalTenants: [] - } - sku: { - capacity: 1 - name: 'Dev(No SLA)_Standard_D11_v2' - tier: 'Basic' } } resource database 'Microsoft.Kusto/clusters/databases@2023-05-02' = { - parent: cluster name: resourceName location: location + parent: cluster kind: 'ReadWrite' properties: {} } resource principalAssignment 'Microsoft.Kusto/clusters/databases/principalAssignments@2023-05-02' = { - parent: database name: resourceName + parent: database properties: { - principalId: deployer().objectId + principalId: clientId principalType: 'App' role: 'Viewer' - tenantId: deployer().tenantId + tenantId: tenant().tenantId } } diff --git a/settings/remarks/microsoft.kusto/samples/clusters/databases/scripts/main.bicep b/settings/remarks/microsoft.kusto/samples/clusters/databases/scripts/main.bicep index de6d36b8..65d3d151 100644 --- a/settings/remarks/microsoft.kusto/samples/clusters/databases/scripts/main.bicep +++ b/settings/remarks/microsoft.kusto/samples/clusters/databases/scripts/main.bicep @@ -4,38 +4,37 @@ param location string = 'westeurope' resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Dev(No SLA)_Standard_D11_v2' + tier: 'Basic' + } properties: { - enableAutoStop: true enableDiskEncryption: false enableDoubleEncryption: false enablePurge: false enableStreamingIngest: false engineType: 'V2' - publicIPType: 'IPv4' publicNetworkAccess: 'Enabled' - restrictOutboundNetworkAccess: 'Disabled' trustedExternalTenants: [] - } - sku: { - capacity: 1 - name: 'Dev(No SLA)_Standard_D11_v2' - tier: 'Basic' + enableAutoStop: true + publicIPType: 'IPv4' + restrictOutboundNetworkAccess: 'Disabled' } } resource database 'Microsoft.Kusto/clusters/databases@2023-05-02' = { - parent: cluster name: resourceName location: location + parent: cluster kind: 'ReadWrite' properties: {} } resource script 'Microsoft.Kusto/clusters/databases/scripts@2023-05-02' = { - parent: database name: 'create-table-script' + parent: database properties: { - continueOnErrors: false forceUpdateTag: '9e2e7874-aa37-7041-81b7-06397f03a37d' scriptContent: '''.create table TestTable(Id:string, Name:string, _ts:long, _timestamp:datetime) .create table TestTable ingestion json mapping "TestMapping" @@ -47,5 +46,6 @@ resource script 'Microsoft.Kusto/clusters/databases/scripts@2023-05-02' = { '']'' .alter table TestTable policy ingestionbatching "{''MaximumBatchingTimeSpan'': ''0:0:10'', ''MaximumNumberOfItems'': 10000}" ''' + continueOnErrors: false } } diff --git a/settings/remarks/microsoft.kusto/samples/clusters/main.bicep b/settings/remarks/microsoft.kusto/samples/clusters/main.bicep index 1a464e0e..a2f57e43 100644 --- a/settings/remarks/microsoft.kusto/samples/clusters/main.bicep +++ b/settings/remarks/microsoft.kusto/samples/clusters/main.bicep @@ -4,21 +4,21 @@ param location string = 'westeurope' resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Dev(No SLA)_Standard_D11_v2' + tier: 'Basic' + } properties: { enableAutoStop: true enableDiskEncryption: false - enableDoubleEncryption: false enablePurge: false enableStreamingIngest: false - engineType: 'V2' publicIPType: 'IPv4' publicNetworkAccess: 'Enabled' - restrictOutboundNetworkAccess: 'Disabled' trustedExternalTenants: [] - } - sku: { - capacity: 1 - name: 'Dev(No SLA)_Standard_D11_v2' - tier: 'Basic' + enableDoubleEncryption: false + engineType: 'V2' + restrictOutboundNetworkAccess: 'Disabled' } } diff --git a/settings/remarks/microsoft.kusto/samples/clusters/managedprivateendpoints/main.bicep b/settings/remarks/microsoft.kusto/samples/clusters/managedprivateendpoints/main.bicep index d595fe4c..2eb79c40 100644 --- a/settings/remarks/microsoft.kusto/samples/clusters/managedprivateendpoints/main.bicep +++ b/settings/remarks/microsoft.kusto/samples/clusters/managedprivateendpoints/main.bicep @@ -4,37 +4,47 @@ param location string = 'westeurope' resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Dev(No SLA)_Standard_D11_v2' + tier: 'Basic' + } properties: { - enableAutoStop: true - enableDiskEncryption: false - enableDoubleEncryption: false enablePurge: false - enableStreamingIngest: false engineType: 'V2' publicIPType: 'IPv4' - publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' trustedExternalTenants: [] + enableAutoStop: true + enableDiskEncryption: false + enableDoubleEncryption: false + enableStreamingIngest: false + publicNetworkAccess: 'Enabled' } - sku: { - capacity: 1 - name: 'Dev(No SLA)_Standard_D11_v2' - tier: 'Basic' +} + +resource managedPrivateEndpoint 'Microsoft.Kusto/clusters/managedPrivateEndpoints@2023-05-02' = { + name: resourceName + parent: cluster + properties: { + groupId: 'blob' + privateLinkResourceId: storageAccount.id } } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { + isNfsV3Enabled: false + supportsHttpsTrafficOnly: true accessTier: 'Hot' - allowBlobPublicAccess: true - allowCrossTenantReplication: true - allowSharedKeyAccess: true defaultToOAuthAuthentication: false encryption: { - keySource: 'Microsoft.Storage' services: { queue: { keyType: 'Service' @@ -43,27 +53,17 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { keyType: 'Service' } } + keySource: 'Microsoft.Storage' } - isHnsEnabled: false - isNfsV3Enabled: false isSftpEnabled: false minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' - } -} - -resource managedPrivateEndpoint 'Microsoft.Kusto/clusters/managedPrivateEndpoints@2023-05-02' = { - parent: cluster - name: resourceName - properties: { - groupId: 'blob' - privateLinkResourceId: storageAccount.id + allowBlobPublicAccess: true + allowCrossTenantReplication: true + allowSharedKeyAccess: true + isHnsEnabled: false } } diff --git a/settings/remarks/microsoft.kusto/samples/clusters/principalassignments/main.bicep b/settings/remarks/microsoft.kusto/samples/clusters/principalassignments/main.bicep index bfe0741d..5a84a59e 100644 --- a/settings/remarks/microsoft.kusto/samples/clusters/principalassignments/main.bicep +++ b/settings/remarks/microsoft.kusto/samples/clusters/principalassignments/main.bicep @@ -1,35 +1,37 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +param clientId string + resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Dev(No SLA)_Standard_D11_v2' + tier: 'Basic' + } properties: { + publicNetworkAccess: 'Enabled' + trustedExternalTenants: [] + enableDoubleEncryption: false + restrictOutboundNetworkAccess: 'Disabled' enableAutoStop: true enableDiskEncryption: false - enableDoubleEncryption: false enablePurge: false enableStreamingIngest: false engineType: 'V2' publicIPType: 'IPv4' - publicNetworkAccess: 'Enabled' - restrictOutboundNetworkAccess: 'Disabled' - trustedExternalTenants: [] - } - sku: { - capacity: 1 - name: 'Dev(No SLA)_Standard_D11_v2' - tier: 'Basic' } } resource principalAssignment 'Microsoft.Kusto/clusters/principalAssignments@2023-05-02' = { - parent: cluster name: resourceName + parent: cluster properties: { - principalId: deployer().objectId + principalId: clientId principalType: 'App' role: 'AllDatabasesViewer' - tenantId: deployer().tenantId + tenantId: tenant().tenantId } } diff --git a/settings/remarks/microsoft.labservices/samples/labplans/main.bicep b/settings/remarks/microsoft.labservices/samples/labplans/main.bicep index 8b9e5b62..8d5d8966 100644 --- a/settings/remarks/microsoft.labservices/samples/labplans/main.bicep +++ b/settings/remarks/microsoft.labservices/samples/labplans/main.bicep @@ -6,7 +6,7 @@ resource labPlan 'Microsoft.LabServices/labPlans@2022-08-01' = { location: location properties: { allowedRegions: [ - 'westeurope' + '${location}' ] } } diff --git a/settings/remarks/microsoft.labservices/samples/labs/main.bicep b/settings/remarks/microsoft.labservices/samples/labs/main.bicep index 16a69b18..a5635d60 100644 --- a/settings/remarks/microsoft.labservices/samples/labs/main.bicep +++ b/settings/remarks/microsoft.labservices/samples/labs/main.bicep @@ -8,42 +8,42 @@ resource lab 'Microsoft.LabServices/labs@2022-08-01' = { name: resourceName location: location properties: { - autoShutdownProfile: { - shutdownOnDisconnect: 'Disabled' - shutdownOnIdle: 'None' - shutdownWhenNotConnected: 'Disabled' - } - connectionProfile: { - clientRdpAccess: 'None' - clientSshAccess: 'None' - webRdpAccess: 'None' - webSshAccess: 'None' - } - securityProfile: { - openAccess: 'Disabled' - } title: 'Test Title' virtualMachineProfile: { + usageQuota: 'PT0S' + useSharedPassword: 'Disabled' additionalCapabilities: { installGpuDrivers: 'Disabled' } adminUser: { - password: null + password: '${adminPassword}' username: 'testadmin' } createOption: 'Image' imageReference: { - offer: '0001-com-ubuntu-server-focal' - publisher: 'canonical' sku: '20_04-lts' version: 'latest' + offer: '0001-com-ubuntu-server-focal' + publisher: 'canonical' } sku: { capacity: 1 name: 'Classic_Fsv2_2_4GB_128_S_SSD' } - usageQuota: 'PT0S' - useSharedPassword: 'Disabled' + } + autoShutdownProfile: { + shutdownOnDisconnect: 'Disabled' + shutdownOnIdle: 'None' + shutdownWhenNotConnected: 'Disabled' + } + connectionProfile: { + clientRdpAccess: 'None' + clientSshAccess: 'None' + webRdpAccess: 'None' + webSshAccess: 'None' + } + securityProfile: { + openAccess: 'Disabled' } } } diff --git a/settings/remarks/microsoft.labservices/samples/labs/schedules/main.bicep b/settings/remarks/microsoft.labservices/samples/labs/schedules/main.bicep index 2794d8e2..9666c05b 100644 --- a/settings/remarks/microsoft.labservices/samples/labs/schedules/main.bicep +++ b/settings/remarks/microsoft.labservices/samples/labs/schedules/main.bicep @@ -8,17 +8,6 @@ resource lab 'Microsoft.LabServices/labs@2022-08-01' = { name: resourceName location: location properties: { - autoShutdownProfile: { - shutdownOnDisconnect: 'Disabled' - shutdownOnIdle: 'None' - shutdownWhenNotConnected: 'Disabled' - } - connectionProfile: { - clientRdpAccess: 'None' - clientSshAccess: 'None' - webRdpAccess: 'None' - webSshAccess: 'None' - } securityProfile: { openAccess: 'Disabled' } @@ -28,7 +17,7 @@ resource lab 'Microsoft.LabServices/labs@2022-08-01' = { installGpuDrivers: 'Disabled' } adminUser: { - password: null + password: '${adminPassword}' username: 'testadmin' } createOption: 'Image' @@ -45,12 +34,23 @@ resource lab 'Microsoft.LabServices/labs@2022-08-01' = { usageQuota: 'PT0S' useSharedPassword: 'Disabled' } + autoShutdownProfile: { + shutdownOnDisconnect: 'Disabled' + shutdownOnIdle: 'None' + shutdownWhenNotConnected: 'Disabled' + } + connectionProfile: { + webSshAccess: 'None' + clientRdpAccess: 'None' + clientSshAccess: 'None' + webRdpAccess: 'None' + } } } resource schedule 'Microsoft.LabServices/labs/schedules@2022-08-01' = { - parent: lab name: resourceName + parent: lab properties: { stopAt: '2023-06-30T04:33:55Z' timeZoneId: 'America/Los_Angeles' diff --git a/settings/remarks/microsoft.labservices/samples/labs/users/main.bicep b/settings/remarks/microsoft.labservices/samples/labs/users/main.bicep index 9453127f..bc41bbbb 100644 --- a/settings/remarks/microsoft.labservices/samples/labs/users/main.bicep +++ b/settings/remarks/microsoft.labservices/samples/labs/users/main.bicep @@ -8,30 +8,17 @@ resource lab 'Microsoft.LabServices/labs@2022-08-01' = { name: resourceName location: location properties: { - autoShutdownProfile: { - shutdownOnDisconnect: 'Disabled' - shutdownOnIdle: 'None' - shutdownWhenNotConnected: 'Disabled' - } connectionProfile: { + webSshAccess: 'None' clientRdpAccess: 'None' clientSshAccess: 'None' webRdpAccess: 'None' - webSshAccess: 'None' } securityProfile: { openAccess: 'Disabled' } title: 'Test Title' virtualMachineProfile: { - additionalCapabilities: { - installGpuDrivers: 'Disabled' - } - adminUser: { - password: null - username: 'testadmin' - } - createOption: 'Image' imageReference: { offer: '0001-com-ubuntu-server-focal' publisher: 'canonical' @@ -44,15 +31,28 @@ resource lab 'Microsoft.LabServices/labs@2022-08-01' = { } usageQuota: 'PT0S' useSharedPassword: 'Disabled' + additionalCapabilities: { + installGpuDrivers: 'Disabled' + } + adminUser: { + username: 'testadmin' + password: '${adminPassword}' + } + createOption: 'Image' + } + autoShutdownProfile: { + shutdownOnDisconnect: 'Disabled' + shutdownOnIdle: 'None' + shutdownWhenNotConnected: 'Disabled' } } } resource user 'Microsoft.LabServices/labs/users@2022-08-01' = { - parent: lab name: resourceName + parent: lab properties: { - additionalUsageQuota: 'PT0S' email: 'terraform-acctest@hashicorp.com' + additionalUsageQuota: 'PT0S' } } diff --git a/settings/remarks/microsoft.logic/samples/integrationaccounts/agreements/main.bicep b/settings/remarks/microsoft.logic/samples/integrationaccounts/agreements/main.bicep index 21d7e4b9..a1d52ff2 100644 --- a/settings/remarks/microsoft.logic/samples/integrationaccounts/agreements/main.bicep +++ b/settings/remarks/microsoft.logic/samples/integrationaccounts/agreements/main.bicep @@ -4,46 +4,40 @@ param location string = 'westeurope' resource integrationAccount 'Microsoft.Logic/integrationAccounts@2019-05-01' = { name: resourceName location: location - properties: {} sku: { name: 'Standard' } + properties: {} } resource agreement 'Microsoft.Logic/integrationAccounts/agreements@2019-05-01' = { - parent: integrationAccount name: resourceName + parent: integrationAccount properties: { agreementType: 'AS2' content: { aS2: { receiveAgreement: { protocolSettings: { - acknowledgementConnectionSettings: { - ignoreCertificateNameMismatch: false - keepHttpConnectionAlive: false - supportHttpStatusCodeContinue: false - unfoldHttpHeaders: false - } envelopeSettings: { + suspendMessageOnFileNameGenerationError: true + transmitFileNameInMimeHeader: false autogenerateFileName: false fileNameTemplate: '%FILE().ReceivedFileName%' messageContentType: 'text/plain' - suspendMessageOnFileNameGenerationError: true - transmitFileNameInMimeHeader: false } errorSettings: { resendIfMDNNotReceived: false suspendDuplicateMessage: false } mdnSettings: { - dispositionNotificationTo: 'http://localhost' - micHashingAlgorithm: 'SHA1' needMDN: false sendInboundMDNToMessageBox: true sendMDNAsynchronously: false signMDN: false signOutboundMDNIfOptional: false + dispositionNotificationTo: 'http://localhost' + micHashingAlgorithm: 'SHA1' } messageConnectionSettings: { ignoreCertificateNameMismatch: false @@ -61,21 +55,27 @@ resource agreement 'Microsoft.Logic/integrationAccounts/agreements@2019-05-01' = overrideGroupSigningCertificate: false } validationSettings: { - checkCertificateRevocationListOnReceive: false - checkCertificateRevocationListOnSend: false checkDuplicateMessage: false compressMessage: false encryptMessage: false encryptionAlgorithm: 'DES3' - interchangeDuplicatesValidityDays: 5 overrideMessageProperties: false + checkCertificateRevocationListOnReceive: false + interchangeDuplicatesValidityDays: 5 signMessage: false signingAlgorithm: 'Default' + checkCertificateRevocationListOnSend: false + } + acknowledgementConnectionSettings: { + supportHttpStatusCodeContinue: false + unfoldHttpHeaders: false + ignoreCertificateNameMismatch: false + keepHttpConnectionAlive: false } } receiverBusinessIdentity: { - qualifier: 'AS2Identity' value: 'FabrikamNY' + qualifier: 'AS2Identity' } senderBusinessIdentity: { qualifier: 'AS2Identity' @@ -84,6 +84,18 @@ resource agreement 'Microsoft.Logic/integrationAccounts/agreements@2019-05-01' = } sendAgreement: { protocolSettings: { + validationSettings: { + overrideMessageProperties: false + signingAlgorithm: 'Default' + checkDuplicateMessage: false + compressMessage: false + encryptionAlgorithm: 'DES3' + interchangeDuplicatesValidityDays: 5 + signMessage: false + checkCertificateRevocationListOnReceive: false + checkCertificateRevocationListOnSend: false + encryptMessage: false + } acknowledgementConnectionSettings: { ignoreCertificateNameMismatch: false keepHttpConnectionAlive: false @@ -91,24 +103,24 @@ resource agreement 'Microsoft.Logic/integrationAccounts/agreements@2019-05-01' = unfoldHttpHeaders: false } envelopeSettings: { + transmitFileNameInMimeHeader: false autogenerateFileName: false fileNameTemplate: '%FILE().ReceivedFileName%' messageContentType: 'text/plain' suspendMessageOnFileNameGenerationError: true - transmitFileNameInMimeHeader: false } errorSettings: { resendIfMDNNotReceived: false suspendDuplicateMessage: false } mdnSettings: { - dispositionNotificationTo: 'http://localhost' - micHashingAlgorithm: 'SHA1' - needMDN: false sendInboundMDNToMessageBox: true sendMDNAsynchronously: false signMDN: false signOutboundMDNIfOptional: false + dispositionNotificationTo: 'http://localhost' + micHashingAlgorithm: 'SHA1' + needMDN: false } messageConnectionSettings: { ignoreCertificateNameMismatch: false @@ -117,25 +129,13 @@ resource agreement 'Microsoft.Logic/integrationAccounts/agreements@2019-05-01' = unfoldHttpHeaders: true } securitySettings: { - enableNRRForInboundDecodedMessages: false - enableNRRForInboundEncodedMessages: false - enableNRRForInboundMDN: false enableNRRForOutboundDecodedMessages: false enableNRRForOutboundEncodedMessages: false enableNRRForOutboundMDN: false overrideGroupSigningCertificate: false - } - validationSettings: { - checkCertificateRevocationListOnReceive: false - checkCertificateRevocationListOnSend: false - checkDuplicateMessage: false - compressMessage: false - encryptMessage: false - encryptionAlgorithm: 'DES3' - interchangeDuplicatesValidityDays: 5 - overrideMessageProperties: false - signMessage: false - signingAlgorithm: 'Default' + enableNRRForInboundDecodedMessages: false + enableNRRForInboundEncodedMessages: false + enableNRRForInboundMDN: false } } receiverBusinessIdentity: { @@ -153,18 +153,16 @@ resource agreement 'Microsoft.Logic/integrationAccounts/agreements@2019-05-01' = qualifier: 'AS2Identity' value: 'FabrikamDC' } - guestPartner: partner2.name hostIdentity: { qualifier: 'AS2Identity' value: 'FabrikamNY' } - hostPartner: partner.name } } resource partner 'Microsoft.Logic/integrationAccounts/partners@2019-05-01' = { - parent: integrationAccount name: resourceName + parent: integrationAccount properties: { content: { b2b: { @@ -181,8 +179,8 @@ resource partner 'Microsoft.Logic/integrationAccounts/partners@2019-05-01' = { } resource partner2 'Microsoft.Logic/integrationAccounts/partners@2019-05-01' = { - parent: integrationAccount name: '${resourceName}another' + parent: integrationAccount properties: { content: { b2b: { diff --git a/settings/remarks/microsoft.logic/samples/integrationaccounts/assemblies/main.bicep b/settings/remarks/microsoft.logic/samples/integrationaccounts/assemblies/main.bicep index f52d2ca9..e468a575 100644 --- a/settings/remarks/microsoft.logic/samples/integrationaccounts/assemblies/main.bicep +++ b/settings/remarks/microsoft.logic/samples/integrationaccounts/assemblies/main.bicep @@ -4,23 +4,26 @@ param location string = 'westus' resource integrationAccount 'Microsoft.Logic/integrationAccounts@2019-05-01' = { name: '${resourceName}-ia' location: location - properties: {} sku: { name: 'Standard' } + properties: {} } resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { name: replace(substring(toLower('${resourceName}sa'), 0, 24), '-', '') location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { accessTier: 'Hot' + dnsEndpointType: 'Standard' + publicNetworkAccess: 'Enabled' allowBlobPublicAccess: true - allowCrossTenantReplication: false allowSharedKeyAccess: true defaultToOAuthAuthentication: false - dnsEndpointType: 'Standard' encryption: { keySource: 'Microsoft.Storage' services: { @@ -34,9 +37,8 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } isHnsEnabled: false isLocalUserEnabled: true - isNfsV3Enabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' + supportsHttpsTrafficOnly: true + allowCrossTenantReplication: false networkAcls: { bypass: 'AzureServices' defaultAction: 'Allow' @@ -44,24 +46,22 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { resourceAccessRules: [] virtualNetworkRules: [] } - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' } } resource assembly 'Microsoft.Logic/integrationAccounts/assemblies@2019-05-01' = { - parent: integrationAccount name: '${resourceName}-assembly' + parent: integrationAccount properties: { - assemblyName: 'TestAssembly2' - assemblyVersion: '2.2.2.2' - content: 'dGVzdA==' contentType: 'application/octet-stream' metadata: { foo: 'bar2' } + assemblyName: 'TestAssembly2' + assemblyVersion: '2.2.2.2' + content: 'dGVzdA==' } } diff --git a/settings/remarks/microsoft.logic/samples/integrationaccounts/batchconfigurations/main.bicep b/settings/remarks/microsoft.logic/samples/integrationaccounts/batchconfigurations/main.bicep index ffb5d1cd..032a54e7 100644 --- a/settings/remarks/microsoft.logic/samples/integrationaccounts/batchconfigurations/main.bicep +++ b/settings/remarks/microsoft.logic/samples/integrationaccounts/batchconfigurations/main.bicep @@ -4,15 +4,15 @@ param location string = 'westeurope' resource integrationAccount 'Microsoft.Logic/integrationAccounts@2019-05-01' = { name: resourceName location: location - properties: {} sku: { name: 'Standard' } + properties: {} } resource batchConfiguration 'Microsoft.Logic/integrationAccounts/batchConfigurations@2019-05-01' = { - parent: integrationAccount name: resourceName + parent: integrationAccount properties: { batchGroupName: 'TestBatchGroup' releaseCriteria: { diff --git a/settings/remarks/microsoft.logic/samples/integrationaccounts/main.bicep b/settings/remarks/microsoft.logic/samples/integrationaccounts/main.bicep index 8f755960..a3120411 100644 --- a/settings/remarks/microsoft.logic/samples/integrationaccounts/main.bicep +++ b/settings/remarks/microsoft.logic/samples/integrationaccounts/main.bicep @@ -4,8 +4,8 @@ param location string = 'westeurope' resource integrationAccount 'Microsoft.Logic/integrationAccounts@2019-05-01' = { name: resourceName location: location - properties: {} sku: { name: 'Basic' } + properties: {} } diff --git a/settings/remarks/microsoft.logic/samples/integrationaccounts/maps/main.bicep b/settings/remarks/microsoft.logic/samples/integrationaccounts/maps/main.bicep index 5cf9e450..6c6af484 100644 --- a/settings/remarks/microsoft.logic/samples/integrationaccounts/maps/main.bicep +++ b/settings/remarks/microsoft.logic/samples/integrationaccounts/maps/main.bicep @@ -4,15 +4,15 @@ param location string = 'westeurope' resource integrationAccount 'Microsoft.Logic/integrationAccounts@2019-05-01' = { name: resourceName location: location - properties: {} sku: { name: 'Basic' } + properties: {} } resource map 'Microsoft.Logic/integrationAccounts/maps@2019-05-01' = { - parent: integrationAccount name: resourceName + parent: integrationAccount properties: { content: '''' + runtimeVersion: 'Java_8' + type: 'Jar' + } + } +} + +resource linker 'Microsoft.ServiceLinker/linkers@2022-05-01' = { + name: resourceName + scope: deployment + properties: { + clientType: 'none' + targetService: { + resourceProperties: null + type: 'AzureResource' + } + authInfo: { + authType: 'systemAssignedIdentity' + } } } @@ -17,22 +68,14 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { - capabilities: [] consistencyPolicy: { defaultConsistencyLevel: 'BoundedStaleness' maxIntervalInSeconds: 10 maxStalenessPrefix: 200 } - databaseAccountOfferType: 'Standard' defaultIdentity: 'FirstPartyIdentity' - disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false - enableAnalyticalStorage: false - enableAutomaticFailover: false - enableFreeTier: false - enableMultipleWriteLocations: false ipRules: [] - isVirtualNetworkFilterEnabled: false locations: [ { failoverPriority: 0 @@ -40,74 +83,30 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { locationName: 'West Europe' } ] - networkAclBypass: 'None' networkAclBypassResourceIds: [] - publicNetworkAccess: 'Enabled' + disableKeyBasedMetadataWriteAccess: false + capabilities: [] + enableMultipleWriteLocations: false + isVirtualNetworkFilterEnabled: false virtualNetworkRules: [] - } -} - -resource linker 'Microsoft.ServiceLinker/linkers@2022-05-01' = { - scope: deployment - name: resourceName - properties: { - authInfo: { - authType: 'systemAssignedIdentity' - } - clientType: 'none' - targetService: { - id: sqlDatabase.id - resourceProperties: null - type: 'AzureResource' - } - } -} - -resource app 'Microsoft.AppPlatform/Spring/apps@2023-05-01-preview' = { - parent: spring - name: resourceName - location: location - properties: { - customPersistentDisks: [] - enableEndToEndTLS: false - public: false + databaseAccountOfferType: 'Standard' + enableAnalyticalStorage: false + enableAutomaticFailover: false + enableFreeTier: false + networkAclBypass: 'None' + publicNetworkAccess: 'Enabled' } } resource sqlDatabase 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2021-10-15' = { - parent: databaseAccount name: resourceName + parent: databaseAccount properties: { options: { throughput: 400 } resource: { - id: 'acctest0001' + id: '${resourceName}' } } } - -resource deployment 'Microsoft.AppPlatform/Spring/apps/deployments@2023-05-01-preview' = { - parent: app - name: 'deploy-q4uff' - properties: { - deploymentSettings: { - environmentVariables: {} - resourceRequests: { - cpu: '1' - memory: '1Gi' - } - } - source: { - jvmOptions: '' - relativePath: '' - runtimeVersion: 'Java_8' - type: 'Jar' - } - } - sku: { - capacity: 1 - name: 'S0' - tier: 'Standard' - } -} diff --git a/settings/remarks/microsoft.servicenetworking/samples/trafficcontrollers/associations/main.bicep b/settings/remarks/microsoft.servicenetworking/samples/trafficcontrollers/associations/main.bicep index 1b9932b2..a0929393 100644 --- a/settings/remarks/microsoft.servicenetworking/samples/trafficcontrollers/associations/main.bicep +++ b/settings/remarks/microsoft.servicenetworking/samples/trafficcontrollers/associations/main.bicep @@ -1,15 +1,12 @@ -param resourceName string = 'acctest0001' param location string = 'westus' - -resource trafficController 'Microsoft.ServiceNetworking/trafficControllers@2023-11-01' = { - name: '${resourceName}-tc' - location: location -} +param resourceName string = 'acctest0001' resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { name: '${resourceName}-vnet' location: location properties: { + privateEndpointVNetPolicies: 'Disabled' + subnets: [] addressSpace: { addressPrefixes: [ '10.0.0.0/16' @@ -18,27 +15,30 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { dhcpOptions: { dnsServers: [] } - privateEndpointVNetPolicies: 'Disabled' - subnets: [] } } +resource trafficController 'Microsoft.ServiceNetworking/trafficControllers@2023-11-01' = { + name: '${resourceName}-tc' + location: location +} + resource association 'Microsoft.ServiceNetworking/trafficControllers/associations@2023-11-01' = { - parent: trafficController name: '${resourceName}-assoc' location: location + parent: trafficController properties: { associationType: 'subnets' - subnet: { - id: subnet.id - } + subnet: {} } } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { - parent: virtualNetwork name: '${resourceName}-subnet' + parent: virtualNetwork properties: { + serviceEndpointPolicies: [] + serviceEndpoints: [] addressPrefix: '10.0.1.0/24' defaultOutboundAccess: true delegations: [ @@ -51,7 +51,5 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { ] privateEndpointNetworkPolicies: 'Disabled' privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.servicenetworking/samples/trafficcontrollers/frontends/main.bicep b/settings/remarks/microsoft.servicenetworking/samples/trafficcontrollers/frontends/main.bicep index 1d959084..af33f2f6 100644 --- a/settings/remarks/microsoft.servicenetworking/samples/trafficcontrollers/frontends/main.bicep +++ b/settings/remarks/microsoft.servicenetworking/samples/trafficcontrollers/frontends/main.bicep @@ -7,8 +7,8 @@ resource trafficController 'Microsoft.ServiceNetworking/trafficControllers@2023- } resource frontend 'Microsoft.ServiceNetworking/trafficControllers/frontends@2023-11-01' = { - parent: trafficController name: '${resourceName}-frontend' location: location + parent: trafficController properties: {} } diff --git a/settings/remarks/microsoft.signalrservice/samples/signalr/main.bicep b/settings/remarks/microsoft.signalrservice/samples/signalr/main.bicep index cf280b4f..bdde427f 100644 --- a/settings/remarks/microsoft.signalrservice/samples/signalr/main.bicep +++ b/settings/remarks/microsoft.signalrservice/samples/signalr/main.bicep @@ -4,29 +4,13 @@ param location string = 'westeurope' resource signalR 'Microsoft.SignalRService/signalR@2023-02-01' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Standard_S1' + } properties: { - cors: {} disableAadAuth: false disableLocalAuth: false - features: [ - { - flag: 'ServiceMode' - value: 'Default' - } - { - flag: 'EnableConnectivityLogs' - value: 'False' - } - { - flag: 'EnableMessagingLogs' - value: 'False' - } - { - flag: 'EnableLiveTrace' - value: 'False' - } - ] - publicNetworkAccess: 'Enabled' resourceLogConfiguration: { categories: [ { @@ -49,12 +33,28 @@ resource signalR 'Microsoft.SignalRService/signalR@2023-02-01' = { tls: { clientCertEnabled: false } + cors: {} + features: [ + { + flag: 'ServiceMode' + value: 'Default' + } + { + flag: 'EnableConnectivityLogs' + value: 'False' + } + { + flag: 'EnableMessagingLogs' + value: 'False' + } + { + flag: 'EnableLiveTrace' + value: 'False' + } + ] + publicNetworkAccess: 'Enabled' upstream: { templates: [] } } - sku: { - capacity: 1 - name: 'Standard_S1' - } } diff --git a/settings/remarks/microsoft.signalrservice/samples/signalr/sharedprivatelinkresources/main.bicep b/settings/remarks/microsoft.signalrservice/samples/signalr/sharedprivatelinkresources/main.bicep index 8e2ebab2..7f85da90 100644 --- a/settings/remarks/microsoft.signalrservice/samples/signalr/sharedprivatelinkresources/main.bicep +++ b/settings/remarks/microsoft.signalrservice/samples/signalr/sharedprivatelinkresources/main.bicep @@ -4,10 +4,18 @@ param location string = 'westeurope' resource signalR 'Microsoft.SignalRService/signalR@2023-02-01' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Standard_S1' + } properties: { + upstream: { + templates: [] + } cors: {} - disableAadAuth: false disableLocalAuth: false + publicNetworkAccess: 'Enabled' + disableAadAuth: false features: [ { flag: 'ServiceMode' @@ -26,7 +34,6 @@ resource signalR 'Microsoft.SignalRService/signalR@2023-02-01' = { value: 'False' } ] - publicNetworkAccess: 'Enabled' resourceLogConfiguration: { categories: [ { @@ -49,13 +56,16 @@ resource signalR 'Microsoft.SignalRService/signalR@2023-02-01' = { tls: { clientCertEnabled: false } - upstream: { - templates: [] - } } - sku: { - capacity: 1 - name: 'Standard_S1' +} + +resource sharedPrivateLinkResource 'Microsoft.SignalRService/signalR/sharedPrivateLinkResources@2023-02-01' = { + name: resourceName + parent: signalR + properties: { + groupId: 'vault' + privateLinkResourceId: vault.id + requestMessage: 'please approve' } } @@ -78,31 +88,21 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { ] storage: [] } - tenantId: deployer().tenantId + tenantId: tenant().tenantId } ] createMode: 'default' - enableRbacAuthorization: false enableSoftDelete: true enabledForDeployment: false - enabledForDiskEncryption: false enabledForTemplateDeployment: false publicNetworkAccess: 'Enabled' + enableRbacAuthorization: false + enabledForDiskEncryption: false sku: { family: 'A' name: 'standard' } softDeleteRetentionInDays: 7 - tenantId: deployer().tenantId - } -} - -resource sharedPrivateLinkResource 'Microsoft.SignalRService/signalR/sharedPrivateLinkResources@2023-02-01' = { - parent: signalR - name: resourceName - properties: { - groupId: 'vault' - privateLinkResourceId: vault.id - requestMessage: 'please approve' + tenantId: tenant().tenantId } } diff --git a/settings/remarks/microsoft.signalrservice/samples/webpubsub/hubs/main.bicep b/settings/remarks/microsoft.signalrservice/samples/webpubsub/hubs/main.bicep index fe288f3f..377ec535 100644 --- a/settings/remarks/microsoft.signalrservice/samples/webpubsub/hubs/main.bicep +++ b/settings/remarks/microsoft.signalrservice/samples/webpubsub/hubs/main.bicep @@ -4,6 +4,10 @@ param location string = 'westeurope' resource webPubSub 'Microsoft.SignalRService/webPubSub@2023-02-01' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Standard_S1' + } properties: { disableAadAuth: false disableLocalAuth: false @@ -12,15 +16,11 @@ resource webPubSub 'Microsoft.SignalRService/webPubSub@2023-02-01' = { clientCertEnabled: false } } - sku: { - capacity: 1 - name: 'Standard_S1' - } } resource hub 'Microsoft.SignalRService/webPubSub/hubs@2023-02-01' = { - parent: webPubSub name: resourceName + parent: webPubSub properties: { anonymousConnectPolicy: 'Deny' eventListeners: [] diff --git a/settings/remarks/microsoft.signalrservice/samples/webpubsub/main.bicep b/settings/remarks/microsoft.signalrservice/samples/webpubsub/main.bicep index 9e647d23..1ba41a43 100644 --- a/settings/remarks/microsoft.signalrservice/samples/webpubsub/main.bicep +++ b/settings/remarks/microsoft.signalrservice/samples/webpubsub/main.bicep @@ -4,16 +4,16 @@ param location string = 'westeurope' resource webPubSub 'Microsoft.SignalRService/webPubSub@2023-02-01' = { name: resourceName location: location + sku: { + name: 'Standard_S1' + capacity: 1 + } properties: { - disableAadAuth: false disableLocalAuth: false publicNetworkAccess: 'Enabled' tls: { clientCertEnabled: false } - } - sku: { - capacity: 1 - name: 'Standard_S1' + disableAadAuth: false } } diff --git a/settings/remarks/microsoft.signalrservice/samples/webpubsub/sharedprivatelinkresources/main.bicep b/settings/remarks/microsoft.signalrservice/samples/webpubsub/sharedprivatelinkresources/main.bicep index 054ee992..2ddbcb72 100644 --- a/settings/remarks/microsoft.signalrservice/samples/webpubsub/sharedprivatelinkresources/main.bicep +++ b/settings/remarks/microsoft.signalrservice/samples/webpubsub/sharedprivatelinkresources/main.bicep @@ -5,6 +5,16 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { name: resourceName location: location properties: { + enableRbacAuthorization: false + enabledForDeployment: false + enabledForTemplateDeployment: false + publicNetworkAccess: 'Enabled' + sku: { + family: 'A' + name: 'standard' + } + softDeleteRetentionInDays: 7 + tenantId: tenant().tenantId accessPolicies: [ { objectId: deployer().objectId @@ -20,28 +30,22 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { ] storage: [] } - tenantId: deployer().tenantId + tenantId: tenant().tenantId } ] createMode: 'default' - enableRbacAuthorization: false enableSoftDelete: true - enabledForDeployment: false enabledForDiskEncryption: false - enabledForTemplateDeployment: false - publicNetworkAccess: 'Enabled' - sku: { - family: 'A' - name: 'standard' - } - softDeleteRetentionInDays: 7 - tenantId: deployer().tenantId } } resource webPubSub 'Microsoft.SignalRService/webPubSub@2023-02-01' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'Standard_S1' + } properties: { disableAadAuth: false disableLocalAuth: false @@ -50,15 +54,11 @@ resource webPubSub 'Microsoft.SignalRService/webPubSub@2023-02-01' = { clientCertEnabled: false } } - sku: { - capacity: 1 - name: 'Standard_S1' - } } resource sharedPrivateLinkResource 'Microsoft.SignalRService/webPubSub/sharedPrivateLinkResources@2023-02-01' = { - parent: webPubSub name: resourceName + parent: webPubSub properties: { groupId: 'vault' privateLinkResourceId: vault.id diff --git a/settings/remarks/microsoft.solutions/samples/applications/main.bicep b/settings/remarks/microsoft.solutions/samples/applications/main.bicep index 70a405e6..ff7d60dd 100644 --- a/settings/remarks/microsoft.solutions/samples/applications/main.bicep +++ b/settings/remarks/microsoft.solutions/samples/applications/main.bicep @@ -6,31 +6,21 @@ resource application 'Microsoft.Solutions/applications@2021-07-01' = { location: location kind: 'ServiceCatalog' properties: { - applicationDefinitionId: applicationDefinition.id - managedResourceGroupId: '/subscriptions/subscription().subscriptionId/resourceGroups/acctest0001-infragroup' + managedResourceGroupId: '/subscriptions/${subscription().subscriptionId}/resourceGroups/${resourceName}-infragroup' parameters: { - arrayParameter: { - value: [ - 'value_1' - 'value_2' - ] - } - boolParameter: { - value: true - } intParameter: { value: 100 } objectParameter: { value: { - nested_array: [ - 'value_1' - 'value_2' - ] nested_bool: true nested_object: { key_0: 0 } + nested_array: [ + 'value_1' + 'value_2' + ] } } secureStringParameter: { @@ -39,6 +29,15 @@ resource application 'Microsoft.Solutions/applications@2021-07-01' = { stringParameter: { value: 'value_1' } + arrayParameter: { + value: [ + 'value_1' + 'value_2' + ] + } + boolParameter: { + value: true + } } } } @@ -47,83 +46,17 @@ resource applicationDefinition 'Microsoft.Solutions/applicationDefinitions@2021- name: '${resourceName}-appdef' location: location properties: { + displayName: 'TestManagedAppDefinition' + isEnabled: true + lockLevel: 'ReadOnly' + mainTemplate: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} authorizations: [ { principalId: deployer().objectId roleDefinitionId: 'b24988ac-6180-42a0-ab88-20f7382dd24c' } ] - createUiDefinition: ''' { - "$schema": "https://schema.management.azure.com/schemas/0.1.2-preview/CreateUIDefinition.MultiVm.json#", - "handler": "Microsoft.Azure.CreateUIDef", - "version": "0.1.2-preview", - "parameters": { - "basics": [], - "steps": [], - "outputs": {} - } - } -''' + createUiDefinition: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} description: 'Test Managed App Definition' - displayName: 'TestManagedAppDefinition' - isEnabled: true - lockLevel: 'ReadOnly' - mainTemplate: ''' { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "parameters": { - - "boolParameter": { - "type": "bool" - }, - "intParameter": { - "type": "int" - }, - "stringParameter": { - "type": "string" - }, - "secureStringParameter": { - "type": "secureString" - }, - "objectParameter": { - "type": "object" - }, - "arrayParameter": { - "type": "array" - } - - }, - "variables": {}, - "resources": [], - "outputs": { - "boolOutput": { - "type": "bool", - "value": true - }, - "intOutput": { - "type": "int", - "value": 100 - }, - "stringOutput": { - "type": "string", - "value": "stringOutputValue" - }, - "objectOutput": { - "type": "object", - "value": { - "nested_bool": true, - "nested_array": ["value_1", "value_2"], - "nested_object": { - "key_0": 0 - } - } - }, - "arrayOutput": { - "type": "array", - "value": ["value_1", "value_2"] - } - } - } -''' } } diff --git a/settings/remarks/microsoft.sql/remarks.json b/settings/remarks/microsoft.sql/remarks.json index 4435dec1..7c2e5798 100644 --- a/settings/remarks/microsoft.sql/remarks.json +++ b/settings/remarks/microsoft.sql/remarks.json @@ -257,6 +257,11 @@ "ResourceType": "Microsoft.Sql/servers/virtualNetworkRules", "Path": "samples/servers/virtualnetworkrules/main.bicep", "Description": "A basic example of deploying Azure SQL Virtual Network Rule." + }, + { + "ResourceType": "Microsoft.Sql/servers/jobAgents/jobs/steps", + "Path": "samples/servers/jobagents/jobs/steps/main.bicep", + "Description": "A basic example of deploying Elastic Job Step." } ] } \ No newline at end of file diff --git a/settings/remarks/microsoft.sql/samples/instancepools/main.bicep b/settings/remarks/microsoft.sql/samples/instancepools/main.bicep index b18f9384..cf725c55 100644 --- a/settings/remarks/microsoft.sql/samples/instancepools/main.bicep +++ b/settings/remarks/microsoft.sql/samples/instancepools/main.bicep @@ -1,32 +1,82 @@ param resourceName string = 'acctest0001' +param location string = 'westeurope' resource subnet 'Microsoft.Network/virtualNetworks/subnets@2023-04-01' existing = { + name: resourceName parent: virtualNetwork +} + +resource routeTable 'Microsoft.Network/routeTables@2023-04-01' = { name: resourceName + location: 'azapi_resource.resourceGroup.location' + properties: { + disableBgpRoutePropagation: false + } } -resource instancePool 'Microsoft.Sql/instancePools@2022-05-01-preview' = { +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { name: resourceName + location: 'azapi_resource.resourceGroup.location' properties: { - licenseType: 'LicenseIncluded' - subnetId: subnet.id - vCores: 8 + subnets: [ + { + name: 'Default' + properties: { + addressPrefix: '10.0.0.0/24' + } + } + { + name: resourceName + properties: { + addressPrefix: '10.0.1.0/24' + networkSecurityGroup: { + id: networkSecurityGroup.id + } + routeTable: { + id: routeTable.id + } + delegations: [ + { + name: 'miDelegation' + properties: { + serviceName: 'Microsoft.Sql/managedInstances' + } + } + ] + } + } + ] + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } } +} + +resource instancePool 'Microsoft.Sql/instancePools@2022-05-01-preview' = { + name: resourceName + location: 'azapi_resource.resourceGroup.location' sku: { family: 'Gen5' name: 'GP_Gen5' tier: 'GeneralPurpose' } + properties: { + licenseType: 'LicenseIncluded' + subnetId: subnet.id + vCores: 8 + } } resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2023-04-01' = { name: resourceName + location: 'azapi_resource.resourceGroup.location' properties: { securityRules: [ { name: 'allow_tds_inbound' properties: { - access: 'Allow' description: 'Allow access to data' destinationAddressPrefix: '*' destinationPortRange: '1433' @@ -35,62 +85,63 @@ resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2023-04-0 protocol: 'TCP' sourceAddressPrefix: 'VirtualNetwork' sourcePortRange: '*' + access: 'Allow' } } { name: 'allow_redirect_inbound' properties: { - access: 'Allow' - description: 'Allow inbound redirect traffic to Managed Instance inside the virtual network' destinationAddressPrefix: '*' - destinationPortRange: '11000-11999' - direction: 'Inbound' priority: 1100 protocol: 'Tcp' - sourceAddressPrefix: 'VirtualNetwork' sourcePortRange: '*' + destinationPortRange: '11000-11999' + direction: 'Inbound' + sourceAddressPrefix: 'VirtualNetwork' + access: 'Allow' + description: 'Allow inbound redirect traffic to Managed Instance inside the virtual network' } } { name: 'allow_geodr_inbound' properties: { - access: 'Allow' description: 'Allow inbound geodr traffic inside the virtual network' destinationAddressPrefix: '*' destinationPortRange: '5022' - direction: 'Inbound' - priority: 1200 protocol: 'Tcp' sourceAddressPrefix: 'VirtualNetwork' sourcePortRange: '*' + access: 'Allow' + direction: 'Inbound' + priority: 1200 } } { name: 'deny_all_inbound' properties: { + protocol: '*' access: 'Deny' description: 'Deny all other inbound traffic' + sourceAddressPrefix: '*' + sourcePortRange: '*' destinationAddressPrefix: '*' destinationPortRange: '*' direction: 'Inbound' priority: 4096 - protocol: '*' - sourceAddressPrefix: '*' - sourcePortRange: '*' } } { name: 'allow_linkedserver_outbound' properties: { - access: 'Allow' description: 'Allow outbound linkedserver traffic inside the virtual network' - destinationAddressPrefix: 'VirtualNetwork' destinationPortRange: '1433' + sourceAddressPrefix: '*' + destinationAddressPrefix: 'VirtualNetwork' direction: 'Outbound' priority: 1000 protocol: 'Tcp' - sourceAddressPrefix: '*' sourcePortRange: '*' + access: 'Allow' } } { @@ -98,88 +149,42 @@ resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2023-04-0 properties: { access: 'Allow' description: 'Allow outbound redirect traffic to Managed Instance inside the virtual network' - destinationAddressPrefix: 'VirtualNetwork' - destinationPortRange: '11000-11999' direction: 'Outbound' priority: 1100 - protocol: 'Tcp' sourceAddressPrefix: '*' sourcePortRange: '*' + destinationAddressPrefix: 'VirtualNetwork' + destinationPortRange: '11000-11999' + protocol: 'Tcp' } } { name: 'allow_geodr_outbound' properties: { - access: 'Allow' description: 'Allow outbound geodr traffic inside the virtual network' - destinationAddressPrefix: 'VirtualNetwork' destinationPortRange: '5022' - direction: 'Outbound' priority: 1200 - protocol: 'Tcp' sourceAddressPrefix: '*' + access: 'Allow' + destinationAddressPrefix: 'VirtualNetwork' + direction: 'Outbound' + protocol: 'Tcp' sourcePortRange: '*' } } { - name: 'deny_all_outbound' properties: { - access: 'Deny' - description: 'Deny all other outbound traffic' - destinationAddressPrefix: '*' destinationPortRange: '*' direction: 'Outbound' - priority: 4096 protocol: '*' sourceAddressPrefix: '*' sourcePortRange: '*' + access: 'Deny' + description: 'Deny all other outbound traffic' + destinationAddressPrefix: '*' + priority: 4096 } - } - ] - } -} - -resource routeTable 'Microsoft.Network/routeTables@2023-04-01' = { - name: resourceName - properties: { - disableBgpRoutePropagation: false - } -} - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { - name: resourceName - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - subnets: [ - { - name: 'Default' - properties: { - addressPrefix: '10.0.0.0/24' - } - } - { - name: 'acctest0001' - properties: { - addressPrefix: '10.0.1.0/24' - delegations: [ - { - name: 'miDelegation' - properties: { - serviceName: 'Microsoft.Sql/managedInstances' - } - } - ] - networkSecurityGroup: { - id: networkSecurityGroup.id - } - routeTable: { - id: routeTable.id - } - } + name: 'deny_all_outbound' } ] } diff --git a/settings/remarks/microsoft.sql/samples/servers/administrators/main.bicep b/settings/remarks/microsoft.sql/samples/servers/administrators/main.bicep index ebcec94e..6aac6260 100644 --- a/settings/remarks/microsoft.sql/samples/servers/administrators/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/administrators/main.bicep @@ -4,23 +4,25 @@ param location string = 'westeurope' @description('The administrator login password for the SQL server') param administratorLoginPassword string +param clientId string + resource server 'Microsoft.Sql/servers@2015-05-01-preview' = { name: resourceName location: location properties: { administratorLogin: 'mradministrator' - administratorLoginPassword: null + administratorLoginPassword: '${administratorLoginPassword}' version: '12.0' } } resource administrator 'Microsoft.Sql/servers/administrators@2020-11-01-preview' = { - parent: server name: 'ActiveDirectory' + parent: server properties: { administratorType: 'ActiveDirectory' login: 'sqladmin' - sid: deployer().objectId - tenantId: deployer().tenantId + sid: clientId + tenantId: tenant().tenantId } } diff --git a/settings/remarks/microsoft.sql/samples/servers/auditingsettings/main.bicep b/settings/remarks/microsoft.sql/samples/servers/auditingsettings/main.bicep index b8a48ccd..61277fad 100644 --- a/settings/remarks/microsoft.sql/samples/servers/auditingsettings/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/auditingsettings/main.bicep @@ -8,18 +8,18 @@ resource server 'Microsoft.Sql/servers@2022-05-01-preview' = { name: resourceName location: location properties: { - administratorLogin: 'mradministrator' - administratorLoginPassword: null - minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' + administratorLogin: 'mradministrator' + administratorLoginPassword: '${administratorLoginPassword}' + minimalTlsVersion: '1.2' } } resource auditingSettings 'Microsoft.Sql/servers/auditingSettings@2022-05-01-preview' = { - parent: server name: 'default' + parent: server properties: { auditActionsAndGroups: [ 'FAILED_DATABASE_AUTHENTICATION_GROUP' diff --git a/settings/remarks/microsoft.sql/samples/servers/connectionpolicies/main.bicep b/settings/remarks/microsoft.sql/samples/servers/connectionpolicies/main.bicep index 80a772ec..089989b8 100644 --- a/settings/remarks/microsoft.sql/samples/servers/connectionpolicies/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/connectionpolicies/main.bicep @@ -10,18 +10,18 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - administratorLogin: null - administratorLoginPassword: null minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' + administratorLogin: '${administratorLogin}' + administratorLoginPassword: '${administratorLoginPassword}' } } resource connectionPolicy 'Microsoft.Sql/servers/connectionPolicies@2014-04-01' = { - parent: server name: 'default' + parent: server properties: { connectionType: 'Default' } diff --git a/settings/remarks/microsoft.sql/samples/servers/databases/main.bicep b/settings/remarks/microsoft.sql/samples/servers/databases/main.bicep index b6fb2f83..cc660811 100644 --- a/settings/remarks/microsoft.sql/samples/servers/databases/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/databases/main.bicep @@ -8,30 +8,30 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - administratorLogin: 'mradministrator' - administratorLoginPassword: null minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' + administratorLogin: 'mradministrator' + administratorLoginPassword: '${administratorLoginPassword}' } } resource database 'Microsoft.Sql/servers/databases@2021-02-01-preview' = { - parent: server name: resourceName location: location + parent: server properties: { + minCapacity: 0 + readScale: 'Disabled' autoPauseDelay: 0 + requestedBackupStorageRedundancy: 'Geo' + zoneRedundant: false createMode: 'Default' elasticPoolId: '' highAvailabilityReplicaCount: 0 isLedgerOn: false licenseType: 'LicenseIncluded' maintenanceConfigurationId: resourceId('Microsoft.Maintenance/publicMaintenanceConfigurations', 'SQL_Default') - minCapacity: 0 - readScale: 'Disabled' - requestedBackupStorageRedundancy: 'Geo' - zoneRedundant: false } } diff --git a/settings/remarks/microsoft.sql/samples/servers/databases/securityalertpolicies/main.bicep b/settings/remarks/microsoft.sql/samples/servers/databases/securityalertpolicies/main.bicep index 3250298c..46dfb85d 100644 --- a/settings/remarks/microsoft.sql/samples/servers/databases/securityalertpolicies/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/databases/securityalertpolicies/main.bicep @@ -1,35 +1,35 @@ -param resourceName string = 'acctest0001' -param location string = 'westeurope' @secure() @description('The administrator login password for the SQL server') param administratorLoginPassword string +param resourceName string = 'acctest0001' +param location string = 'westeurope' resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - administratorLogin: 'mradministrator' - administratorLoginPassword: null - minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' + administratorLogin: 'mradministrator' + administratorLoginPassword: '${administratorLoginPassword}' + minimalTlsVersion: '1.2' } } resource database 'Microsoft.Sql/servers/databases@2021-02-01-preview' = { - parent: server name: resourceName location: location + parent: server properties: { autoPauseDelay: 0 - createMode: 'Default' elasticPoolId: '' - highAvailabilityReplicaCount: 0 - isLedgerOn: false licenseType: 'LicenseIncluded' maintenanceConfigurationId: resourceId('Microsoft.Maintenance/publicMaintenanceConfigurations', 'SQL_Default') minCapacity: 0 + createMode: 'Default' + highAvailabilityReplicaCount: 0 + isLedgerOn: false readScale: 'Disabled' requestedBackupStorageRedundancy: 'Geo' zoneRedundant: false @@ -37,8 +37,8 @@ resource database 'Microsoft.Sql/servers/databases@2021-02-01-preview' = { } resource securityAlertPolicy 'Microsoft.Sql/servers/databases/securityAlertPolicies@2020-11-01-preview' = { - parent: database name: 'default' + parent: database properties: { state: 'Disabled' } diff --git a/settings/remarks/microsoft.sql/samples/servers/databases/transparentdataencryption/main.bicep b/settings/remarks/microsoft.sql/samples/servers/databases/transparentdataencryption/main.bicep index a2dfb33b..714fd6bd 100644 --- a/settings/remarks/microsoft.sql/samples/servers/databases/transparentdataencryption/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/databases/transparentdataencryption/main.bicep @@ -8,37 +8,37 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - administratorLogin: 'mradministrator' - administratorLoginPassword: null - minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' + administratorLogin: 'mradministrator' + administratorLoginPassword: '${administratorLoginPassword}' + minimalTlsVersion: '1.2' } } resource database 'Microsoft.Sql/servers/databases@2021-02-01-preview' = { - parent: server name: resourceName location: location + parent: server properties: { - autoPauseDelay: 0 - createMode: 'Default' elasticPoolId: '' - highAvailabilityReplicaCount: 0 isLedgerOn: false - licenseType: 'LicenseIncluded' maintenanceConfigurationId: resourceId('Microsoft.Maintenance/publicMaintenanceConfigurations', 'SQL_Default') minCapacity: 0 readScale: 'Disabled' - requestedBackupStorageRedundancy: 'Geo' zoneRedundant: false + autoPauseDelay: 0 + highAvailabilityReplicaCount: 0 + licenseType: 'LicenseIncluded' + requestedBackupStorageRedundancy: 'Geo' + createMode: 'Default' } } resource transparentDataEncryption 'Microsoft.Sql/servers/databases/transparentDataEncryption@2014-04-01' = { - parent: database name: 'current' + parent: database properties: { status: 'Enabled' } diff --git a/settings/remarks/microsoft.sql/samples/servers/dnsaliases/main.bicep b/settings/remarks/microsoft.sql/samples/servers/dnsaliases/main.bicep index 6401087e..6848a4d9 100644 --- a/settings/remarks/microsoft.sql/samples/servers/dnsaliases/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/dnsaliases/main.bicep @@ -10,16 +10,16 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - administratorLogin: null - administratorLoginPassword: null - minimalTlsVersion: '1.2' - publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' + administratorLogin: '${administratorLogin}' + administratorLoginPassword: '${administratorLoginPassword}' + minimalTlsVersion: '1.2' + publicNetworkAccess: 'Enabled' } } resource dnsAlias 'Microsoft.Sql/servers/dnsAliases@2020-11-01-preview' = { - parent: server name: resourceName + parent: server } diff --git a/settings/remarks/microsoft.sql/samples/servers/elasticpools/main.bicep b/settings/remarks/microsoft.sql/samples/servers/elasticpools/main.bicep index 9051a2ab..d529aab8 100644 --- a/settings/remarks/microsoft.sql/samples/servers/elasticpools/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/elasticpools/main.bicep @@ -8,19 +8,25 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - administratorLogin: '4dm1n157r470r' - administratorLoginPassword: null + administratorLoginPassword: '${administratorLoginPassword}' minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' + administratorLogin: '4dm1n157r470r' } } resource elasticPool 'Microsoft.Sql/servers/elasticPools@2020-11-01-preview' = { - parent: server name: resourceName location: location + parent: server + sku: { + name: 'BasicPool' + tier: 'Basic' + capacity: 50 + family: '' + } properties: { maintenanceConfigurationId: resourceId('Microsoft.Maintenance/publicMaintenanceConfigurations', 'SQL_Default') maxSizeBytes: 5242880000 @@ -30,10 +36,4 @@ resource elasticPool 'Microsoft.Sql/servers/elasticPools@2020-11-01-preview' = { } zoneRedundant: false } - sku: { - capacity: 50 - family: '' - name: 'BasicPool' - tier: 'Basic' - } } diff --git a/settings/remarks/microsoft.sql/samples/servers/encryptionprotector/main.bicep b/settings/remarks/microsoft.sql/samples/servers/encryptionprotector/main.bicep index 15f96329..f50c8197 100644 --- a/settings/remarks/microsoft.sql/samples/servers/encryptionprotector/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/encryptionprotector/main.bicep @@ -8,18 +8,18 @@ resource server 'Microsoft.Sql/servers@2023-08-01-preview' = { name: resourceName location: location properties: { - administratorLogin: 'mradministrator' - administratorLoginPassword: null + administratorLoginPassword: '${administratorLoginPassword}' minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' + administratorLogin: 'mradministrator' } } resource encryptionProtector 'Microsoft.Sql/servers/encryptionProtector@2023-08-01-preview' = { - parent: server name: 'current' + parent: server properties: { autoRotationEnabled: false serverKeyName: '' diff --git a/settings/remarks/microsoft.sql/samples/servers/failovergroups/main.bicep b/settings/remarks/microsoft.sql/samples/servers/failovergroups/main.bicep index c7a6ba1c..980ee33a 100644 --- a/settings/remarks/microsoft.sql/samples/servers/failovergroups/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/failovergroups/main.bicep @@ -9,56 +9,57 @@ resource server 'Microsoft.Sql/servers@2023-08-01-preview' = { name: '${resourceName}-primary' location: location properties: { - administratorLogin: 'mradministrator' - administratorLoginPassword: null - minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' + administratorLogin: 'mradministrator' + administratorLoginPassword: '${administratorLoginPassword}' + minimalTlsVersion: '1.2' } } resource server1 'Microsoft.Sql/servers@2023-08-01-preview' = { name: '${resourceName}-secondary' + location: secondaryLocation properties: { + restrictOutboundNetworkAccess: 'Disabled' + version: '12.0' administratorLogin: 'mradministrator' - administratorLoginPassword: null + administratorLoginPassword: '${administratorLoginPassword}' minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' - restrictOutboundNetworkAccess: 'Disabled' - version: '12.0' } } resource database 'Microsoft.Sql/servers/databases@2023-08-01-preview' = { - parent: server name: '${resourceName}-db' location: location + parent: server + sku: { + name: 'S1' + } properties: { - autoPauseDelay: 0 - collation: 'SQL_Latin1_General_CP1_CI_AS' - createMode: 'Default' elasticPoolId: '' - encryptionProtectorAutoRotation: false highAvailabilityReplicaCount: 0 - isLedgerOn: false + requestedBackupStorageRedundancy: 'Geo' licenseType: '' + readScale: 'Disabled' + secondaryType: '' + autoPauseDelay: 0 + encryptionProtectorAutoRotation: false maxSizeBytes: 214748364800 minCapacity: 0 - readScale: 'Disabled' - requestedBackupStorageRedundancy: 'Geo' sampleName: '' - secondaryType: '' zoneRedundant: false - } - sku: { - name: 'S1' + collation: 'SQL_Latin1_General_CP1_CI_AS' + createMode: 'Default' + isLedgerOn: false } } resource failoverGroup 'Microsoft.Sql/servers/failoverGroups@2023-08-01-preview' = { - parent: server name: '${resourceName}-fg' + parent: server properties: { databases: [ database.id diff --git a/settings/remarks/microsoft.sql/samples/servers/firewallrules/main.bicep b/settings/remarks/microsoft.sql/samples/servers/firewallrules/main.bicep index aa411a36..26015afe 100644 --- a/settings/remarks/microsoft.sql/samples/servers/firewallrules/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/firewallrules/main.bicep @@ -8,18 +8,18 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - administratorLogin: 'msincredible' - administratorLoginPassword: null + administratorLoginPassword: '${administratorLoginPassword}' minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' + administratorLogin: 'msincredible' } } resource firewallRule 'Microsoft.Sql/servers/firewallRules@2020-11-01-preview' = { - parent: server name: resourceName + parent: server properties: { endIpAddress: '255.255.255.255' startIpAddress: '0.0.0.0' diff --git a/settings/remarks/microsoft.sql/samples/servers/jobagents/credentials/main.bicep b/settings/remarks/microsoft.sql/samples/servers/jobagents/credentials/main.bicep index 1520d8b1..d1d6b4af 100644 --- a/settings/remarks/microsoft.sql/samples/servers/jobagents/credentials/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/jobagents/credentials/main.bicep @@ -13,47 +13,47 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { + version: '12.0' administratorLogin: '4dministr4t0r' - administratorLoginPassword: null + administratorLoginPassword: '${administratorLoginPassword}' minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' - version: '12.0' } } resource database 'Microsoft.Sql/servers/databases@2021-02-01-preview' = { - parent: server name: resourceName location: location + parent: server properties: { + minCapacity: 0 + requestedBackupStorageRedundancy: 'Geo' + zoneRedundant: false autoPauseDelay: 0 - collation: 'SQL_Latin1_General_CP1_CI_AS' - createMode: 'Default' - elasticPoolId: '' highAvailabilityReplicaCount: 0 isLedgerOn: false - minCapacity: 0 readScale: 'Disabled' - requestedBackupStorageRedundancy: 'Geo' - zoneRedundant: false + collation: 'SQL_Latin1_General_CP1_CI_AS' + createMode: 'Default' + elasticPoolId: '' } } resource jobAgent 'Microsoft.Sql/servers/jobAgents@2020-11-01-preview' = { - parent: server name: resourceName location: location + parent: server properties: { databaseId: database.id } } resource credential 'Microsoft.Sql/servers/jobAgents/credentials@2020-11-01-preview' = { - parent: jobAgent name: resourceName + parent: jobAgent properties: { - password: null - username: null + password: '${sqlAdminPassword}' + username: '${sqlAdminUsername}' } } diff --git a/settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/main.bicep b/settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/main.bicep index 67bbb970..19eb34d5 100644 --- a/settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/main.bicep @@ -8,56 +8,56 @@ resource server 'Microsoft.Sql/servers@2023-08-01-preview' = { name: '${resourceName}-server' location: location properties: { - administratorLogin: '4dm1n157r470r' - administratorLoginPassword: null minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' + administratorLogin: '4dm1n157r470r' + administratorLoginPassword: '${administratorLoginPassword}' } } resource database 'Microsoft.Sql/servers/databases@2023-08-01-preview' = { - parent: server name: '${resourceName}-db' location: location + parent: server + sku: { + name: 'S1' + } properties: { autoPauseDelay: 0 + maintenanceConfigurationId: '/subscriptions/${subscription().subscriptionId}/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default' + sampleName: '' collation: 'SQL_Latin1_General_CP1_CI_AS' - createMode: 'Default' elasticPoolId: '' + readScale: 'Disabled' + zoneRedundant: false + createMode: 'Default' encryptionProtectorAutoRotation: false + licenseType: '' highAvailabilityReplicaCount: 0 isLedgerOn: false - licenseType: '' - maintenanceConfigurationId: '/subscriptions/subscription().subscriptionId/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default' minCapacity: 0 - readScale: 'Disabled' requestedBackupStorageRedundancy: 'Geo' - sampleName: '' secondaryType: '' - zoneRedundant: false - } - sku: { - name: 'S1' } } resource jobAgent 'Microsoft.Sql/servers/jobAgents@2023-08-01-preview' = { - parent: server name: '${resourceName}-job-agent' location: location - properties: { - databaseId: database.id - } + parent: server sku: { name: 'JA100' } + properties: { + databaseId: database.id + } } resource job 'Microsoft.Sql/servers/jobAgents/jobs@2023-08-01-preview' = { - parent: jobAgent name: '${resourceName}-job' + parent: jobAgent properties: { description: '' } diff --git a/settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/steps/main.bicep b/settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/steps/main.bicep new file mode 100644 index 00000000..e4c12a5f --- /dev/null +++ b/settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/steps/main.bicep @@ -0,0 +1,99 @@ +param resourceName string = 'acctest0001' +param location string = 'westus' +@secure() +@description('The administrator login password for the SQL server') +param administratorLoginPassword string +@secure() +@description('The password for the SQL job credential') +param jobCredentialPassword string + +var maintenanceConfigId = '/subscriptions/${subscription().subscriptionId}/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default' + +resource server 'Microsoft.Sql/servers@2023-08-01-preview' = { + name: '${resourceName}-server' + location: location + properties: { + administratorLoginPassword: '${administratorLoginPassword}' + minimalTlsVersion: '1.2' + publicNetworkAccess: 'Enabled' + restrictOutboundNetworkAccess: 'Disabled' + version: '12.0' + administratorLogin: '4dm1n157r470r' + } +} + +resource jobAgent 'Microsoft.Sql/servers/jobAgents@2023-08-01-preview' = { + name: '${resourceName}-job-agent' + location: location + parent: server + sku: { + name: 'JA100' + } + properties: { + databaseId: database.id + } +} + +resource job 'Microsoft.Sql/servers/jobAgents/jobs@2023-08-01-preview' = { + name: '${resourceName}-job' + parent: jobAgent + properties: { + description: '' + } +} + +resource targetGroup 'Microsoft.Sql/servers/jobAgents/targetGroups@2023-08-01-preview' = { + name: '${resourceName}-target-group' + parent: jobAgent + properties: { + members: [] + } +} + +resource step 'Microsoft.Sql/servers/jobAgents/jobs/steps@2023-08-01-preview' = { + name: '${resourceName}-job-step' + parent: job + properties: { + credential: credential.id + executionOptions: { + initialRetryIntervalSeconds: 1 + maximumRetryIntervalSeconds: 120 + retryAttempts: 10 + retryIntervalBackoffMultiplier: 2 + timeoutSeconds: 43200 + } + stepId: 1 + targetGroup: targetGroup.id + action: { + value: '''IF NOT EXISTS (SELECT * FROM sys.objects WHERE [name] = N''Person'') + CREATE TABLE Person ( + FirstName NVARCHAR(50), + LastName NVARCHAR(50), + ); +''' + } + } +} + +resource database 'Microsoft.Sql/servers/databases@2023-08-01-preview' = { + name: '${resourceName}-db' + location: location + parent: server + sku: { + name: 'S1' + } + properties: { + collation: 'SQL_Latin1_General_CP1_CI_AS' + createMode: 'Default' + maintenanceConfigurationId: '${maintenanceConfigId}' + } +} + +resource credential 'Microsoft.Sql/servers/jobAgents/credentials@2023-08-01-preview' = { + name: '${resourceName}-job-credential' + parent: jobAgent + properties: { + password: '${jobCredentialPassword}' + username: 'testusername' + } +} diff --git a/settings/remarks/microsoft.sql/samples/servers/jobagents/main.bicep b/settings/remarks/microsoft.sql/samples/servers/jobagents/main.bicep index a30fcdd9..bfc38e00 100644 --- a/settings/remarks/microsoft.sql/samples/servers/jobagents/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/jobagents/main.bicep @@ -8,38 +8,38 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - administratorLogin: '4dministr4t0r' - administratorLoginPassword: null + administratorLoginPassword: '${sqlAdministratorPassword}' minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' + administratorLogin: '4dministr4t0r' } } resource database 'Microsoft.Sql/servers/databases@2021-02-01-preview' = { - parent: server name: resourceName location: location + parent: server properties: { - autoPauseDelay: 0 - collation: 'SQL_Latin1_General_CP1_CI_AS' - createMode: 'Default' - elasticPoolId: '' - highAvailabilityReplicaCount: 0 isLedgerOn: false maintenanceConfigurationId: resourceId('Microsoft.Maintenance/publicMaintenanceConfigurations', 'SQL_Default') + zoneRedundant: false + autoPauseDelay: 0 + elasticPoolId: '' minCapacity: 0 readScale: 'Disabled' requestedBackupStorageRedundancy: 'Geo' - zoneRedundant: false + collation: 'SQL_Latin1_General_CP1_CI_AS' + createMode: 'Default' + highAvailabilityReplicaCount: 0 } } resource jobAgent 'Microsoft.Sql/servers/jobAgents@2020-11-01-preview' = { - parent: server name: resourceName location: location + parent: server properties: { databaseId: database.id } diff --git a/settings/remarks/microsoft.sql/samples/servers/jobagents/targetgroups/main.bicep b/settings/remarks/microsoft.sql/samples/servers/jobagents/targetgroups/main.bicep index 008aa16c..b5d99dde 100644 --- a/settings/remarks/microsoft.sql/samples/servers/jobagents/targetgroups/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/jobagents/targetgroups/main.bicep @@ -11,66 +11,66 @@ resource server 'Microsoft.Sql/servers@2023-08-01-preview' = { name: '${resourceName}-server' location: location properties: { + version: '12.0' administratorLogin: '4dm1n157r470r' - administratorLoginPassword: null + administratorLoginPassword: '${administratorLoginPassword}' minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' - version: '12.0' } } -resource database 'Microsoft.Sql/servers/databases@2023-08-01-preview' = { +resource jobAgent 'Microsoft.Sql/servers/jobAgents@2023-08-01-preview' = { + name: '${resourceName}-job-agent' + location: location parent: server + sku: { + name: 'JA100' + } + properties: { + databaseId: database.id + } +} + +resource targetGroup 'Microsoft.Sql/servers/jobAgents/targetGroups@2023-08-01-preview' = { + name: '${resourceName}-target-group' + parent: jobAgent + properties: { + members: [] + } +} + +resource database 'Microsoft.Sql/servers/databases@2023-08-01-preview' = { name: '${resourceName}-db' location: location + parent: server + sku: { + name: 'S1' + } properties: { autoPauseDelay: 0 - collation: 'SQL_Latin1_General_CP1_CI_AS' - createMode: 'Default' - elasticPoolId: '' - encryptionProtectorAutoRotation: false highAvailabilityReplicaCount: 0 isLedgerOn: false + zoneRedundant: false + elasticPoolId: '' + requestedBackupStorageRedundancy: 'Geo' + secondaryType: '' + collation: 'SQL_Latin1_General_CP1_CI_AS' licenseType: '' - maintenanceConfigurationId: '/subscriptions/subscription().subscriptionId/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default' - minCapacity: 0 + maintenanceConfigurationId: '/subscriptions/${subscription().subscriptionId}/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default' readScale: 'Disabled' - requestedBackupStorageRedundancy: 'Geo' + createMode: 'Default' + encryptionProtectorAutoRotation: false + minCapacity: 0 sampleName: '' - secondaryType: '' - zoneRedundant: false - } - sku: { - name: 'S1' - } -} - -resource jobAgent 'Microsoft.Sql/servers/jobAgents@2023-08-01-preview' = { - parent: server - name: '${resourceName}-job-agent' - location: location - properties: { - databaseId: database.id - } - sku: { - name: 'JA100' } } resource credential 'Microsoft.Sql/servers/jobAgents/credentials@2023-08-01-preview' = { - parent: jobAgent name: '${resourceName}-job-credential' - properties: { - password: null - username: 'testusername' - } -} - -resource targetGroup 'Microsoft.Sql/servers/jobAgents/targetGroups@2023-08-01-preview' = { parent: jobAgent - name: '${resourceName}-target-group' properties: { - members: [] + password: '${jobCredentialPassword}' + username: 'testusername' } } diff --git a/settings/remarks/microsoft.sql/samples/servers/main.bicep b/settings/remarks/microsoft.sql/samples/servers/main.bicep index 2df7ea10..a3d53b80 100644 --- a/settings/remarks/microsoft.sql/samples/servers/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/main.bicep @@ -8,11 +8,11 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - administratorLogin: 'mradministrator' - administratorLoginPassword: null + administratorLoginPassword: '${sqlAdministratorPassword}' minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' + administratorLogin: 'mradministrator' } } diff --git a/settings/remarks/microsoft.sql/samples/servers/outboundfirewallrules/main.bicep b/settings/remarks/microsoft.sql/samples/servers/outboundfirewallrules/main.bicep index 9e3d5381..ee37e2d7 100644 --- a/settings/remarks/microsoft.sql/samples/servers/outboundfirewallrules/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/outboundfirewallrules/main.bicep @@ -9,7 +9,7 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { location: location properties: { administratorLogin: 'msincredible' - administratorLoginPassword: null + administratorLoginPassword: '${adminPassword}' minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Enabled' @@ -18,7 +18,7 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { } resource outboundFirewallRule 'Microsoft.Sql/servers/outboundFirewallRules@2021-02-01-preview' = { - parent: server name: 'sql230630033612934212.database.windows.net' + parent: server properties: {} } diff --git a/settings/remarks/microsoft.sql/samples/servers/securityalertpolicies/main.bicep b/settings/remarks/microsoft.sql/samples/servers/securityalertpolicies/main.bicep index e63e42f1..9923fcb9 100644 --- a/settings/remarks/microsoft.sql/samples/servers/securityalertpolicies/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/securityalertpolicies/main.bicep @@ -1,24 +1,24 @@ +@secure() +@description('The administrator login password for the SQL server') +param administratorLoginPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator login name for the SQL server') param administratorLogin string -@secure() -@description('The administrator login password for the SQL server') -param administratorLoginPassword string resource server 'Microsoft.Sql/servers@2015-05-01-preview' = { name: resourceName location: location properties: { - administratorLogin: null - administratorLoginPassword: null + administratorLogin: '${administratorLogin}' + administratorLoginPassword: '${administratorLoginPassword}' version: '12.0' } } resource securityAlertPolicy 'Microsoft.Sql/servers/securityAlertPolicies@2017-03-01-preview' = { - parent: server name: 'Default' + parent: server properties: { state: 'Disabled' } diff --git a/settings/remarks/microsoft.sql/samples/servers/sqlvulnerabilityassessments/main.bicep b/settings/remarks/microsoft.sql/samples/servers/sqlvulnerabilityassessments/main.bicep index ba2ba40a..120d09ba 100644 --- a/settings/remarks/microsoft.sql/samples/servers/sqlvulnerabilityassessments/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/sqlvulnerabilityassessments/main.bicep @@ -9,7 +9,7 @@ resource server 'Microsoft.Sql/servers@2022-05-01-preview' = { location: location properties: { administratorLogin: 'mradministrator' - administratorLoginPassword: null + administratorLoginPassword: '${administratorLoginPassword}' minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' @@ -18,8 +18,8 @@ resource server 'Microsoft.Sql/servers@2022-05-01-preview' = { } resource sqlVulnerabilityAssessments 'Microsoft.Sql/servers/sqlVulnerabilityAssessments@2022-05-01-preview' = { - parent: server name: 'default' + parent: server properties: { state: 'Enabled' } diff --git a/settings/remarks/microsoft.sql/samples/servers/virtualnetworkrules/main.bicep b/settings/remarks/microsoft.sql/samples/servers/virtualnetworkrules/main.bicep index 9cab05b5..c0f0b60c 100644 --- a/settings/remarks/microsoft.sql/samples/servers/virtualnetworkrules/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/virtualnetworkrules/main.bicep @@ -1,19 +1,19 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @secure() @description('The administrator password for the SQL server') param sqlAdministratorPassword string +param resourceName string = 'acctest0001' resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - administratorLogin: 'missadmin' - administratorLoginPassword: null + administratorLoginPassword: '${sqlAdministratorPassword}' minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' + administratorLogin: 'missadmin' } } @@ -34,25 +34,25 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: resourceName + parent: virtualNetwork properties: { - addressPrefix: '10.7.28.0/25' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' - privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] serviceEndpoints: [ { service: 'Microsoft.Sql' } ] + addressPrefix: '10.7.28.0/25' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' } } resource virtualNetworkRule 'Microsoft.Sql/servers/virtualNetworkRules@2020-11-01-preview' = { - parent: server name: resourceName + parent: server properties: { ignoreMissingVnetServiceEndpoint: false virtualNetworkSubnetId: subnet.id diff --git a/settings/remarks/microsoft.sqlvirtualmachine/remarks.json b/settings/remarks/microsoft.sqlvirtualmachine/remarks.json index 806f1091..49519a97 100644 --- a/settings/remarks/microsoft.sqlvirtualmachine/remarks.json +++ b/settings/remarks/microsoft.sqlvirtualmachine/remarks.json @@ -27,6 +27,11 @@ "ResourceType": "Microsoft.SqlVirtualMachine/sqlVirtualMachines", "Path": "samples/sqlvirtualmachines/basic/main.bicep", "Description": "A basic example of deploying Microsoft SQL Virtual Machine." + }, + { + "ResourceType": "Microsoft.SqlVirtualMachine/sqlVirtualMachines", + "Path": "samples/sqlvirtualmachines/sqlbestpracticesassessment/main.bicep", + "Description": "A sqlbestpracticesassessment example of deploying Microsoft SQL Virtual Machine." } ] } \ No newline at end of file diff --git a/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachinegroups/main.bicep b/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachinegroups/main.bicep index 386b1a28..093e3697 100644 --- a/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachinegroups/main.bicep +++ b/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachinegroups/main.bicep @@ -8,14 +8,14 @@ resource sqlVirtualMachineGroup 'Microsoft.SqlVirtualMachine/sqlVirtualMachineGr sqlImageOffer: 'SQL2017-WS2016' sqlImageSku: 'Developer' wsfcDomainProfile: { - clusterBootstrapAccount: '' clusterOperatorAccount: '' - clusterSubnetType: 'SingleSubnet' - domainFqdn: 'testdomain.com' ouPath: '' sqlServiceAccount: '' - storageAccountPrimaryKey: '' storageAccountUrl: '' + clusterBootstrapAccount: '' + clusterSubnetType: 'SingleSubnet' + domainFqdn: 'testdomain.com' + storageAccountPrimaryKey: '' } } } diff --git a/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/basic/main.bicep b/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/basic/main.bicep index dc0fcf1d..fdf94dcd 100644 --- a/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/basic/main.bicep +++ b/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/basic/main.bicep @@ -1,61 +1,59 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @secure() @description('The administrator password for the SQL virtual machine') param vmAdminPassword string +param resourceName string = 'acctest0001' resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { name: resourceName + location: 'azapi_resource.resourceGroup.location' properties: { - auxiliaryMode: 'None' - auxiliarySku: 'None' disableTcpStateTracking: false dnsSettings: { dnsServers: [] } - enableAcceleratedNetworking: false - enableIPForwarding: false ipConfigurations: [ { - name: 'testconfiguration1' properties: { primary: true privateIPAddress: '10.0.0.4' privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - publicIPAddress: { - id: publicIPAddress.id - } - subnet: { - id: subnet.id - } + publicIPAddress: {} + subnet: {} } type: 'Microsoft.Network/networkInterfaces/ipConfigurations' + name: 'testconfiguration1' } ] nicType: 'Standard' + auxiliaryMode: 'None' + enableAcceleratedNetworking: false + enableIPForwarding: false + auxiliarySku: 'None' } } resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2024-05-01' = { name: resourceName + location: 'azapi_resource.resourceGroup.location' properties: { securityRules: [ { name: 'MSSQLRule' properties: { access: 'Allow' - destinationAddressPrefix: '*' - destinationAddressPrefixes: [] destinationPortRange: '1433' - destinationPortRanges: [] - direction: 'Inbound' priority: 1001 protocol: 'Tcp' - sourceAddressPrefix: '167.220.255.0/25' sourceAddressPrefixes: [] sourcePortRange: '*' sourcePortRanges: [] + destinationAddressPrefix: '*' + destinationAddressPrefixes: [] + destinationPortRanges: [] + direction: 'Inbound' + sourceAddressPrefix: '167.220.255.0/25' } } ] @@ -64,6 +62,11 @@ resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2024-05-0 resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = { name: resourceName + location: 'azapi_resource.resourceGroup.location' + sku: { + name: 'Basic' + tier: 'Regional' + } properties: { ddosSettings: { protectionMode: 'VirtualNetworkInherited' @@ -73,78 +76,75 @@ resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = { publicIPAddressVersion: 'IPv4' publicIPAllocationMethod: 'Dynamic' } - sku: { - name: 'Basic' - tier: 'Regional' - } } resource sqlvirtualMachine 'Microsoft.SqlVirtualMachine/sqlVirtualMachines@2023-10-01' = { - name: 'virtualMachine.name' + name: 'azapi_resource.virtualMachine.name' + location: 'azapi_resource.virtualMachine.location' properties: { + sqlManagement: 'Full' + sqlServerLicenseType: 'PAYG' enableAutomaticUpgrade: true leastPrivilegeMode: 'Enabled' sqlImageOffer: 'SQL2017-WS2016' sqlImageSku: 'Developer' - sqlManagement: 'Full' - sqlServerLicenseType: 'PAYG' - virtualMachineResourceId: virtualMachine.id } } resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-07-01' = { name: resourceName + location: 'azapi_resource.resourceGroup.location' properties: { - hardwareProfile: { - vmSize: 'Standard_F2s' - } - networkProfile: { - networkInterfaces: [ - { - id: networkInterface.id - properties: { - primary: false - } - } - ] - } osProfile: { - adminPassword: null - adminUsername: 'testadmin' - allowExtensionOperations: true computerName: 'winhost01' secrets: [] windowsConfiguration: { enableAutomaticUpdates: true patchSettings: { - assessmentMode: 'ImageDefault' patchMode: 'AutomaticByOS' + assessmentMode: 'ImageDefault' } provisionVMAgent: true timeZone: 'Pacific Standard Time' } + adminUsername: 'testadmin' + adminPassword: vmAdminPassword + allowExtensionOperations: true } storageProfile: { - dataDisks: [] - imageReference: { - offer: 'SQL2017-WS2016' - publisher: 'MicrosoftSQLServer' - sku: 'SQLDEV' - version: 'latest' - } osDisk: { - caching: 'ReadOnly' - createOption: 'FromImage' + name: 'acctvm-250116171212663925OSDisk' + writeAcceleratorEnabled: false deleteOption: 'Detach' diskSizeGB: 127 managedDisk: { storageAccountType: 'Premium_LRS' } - name: 'acctvm-250116171212663925OSDisk' osType: 'Windows' - writeAcceleratorEnabled: false + caching: 'ReadOnly' + createOption: 'FromImage' + } + dataDisks: [] + imageReference: { + sku: 'SQLDEV' + version: 'latest' + offer: 'SQL2017-WS2016' + publisher: 'MicrosoftSQLServer' } } + hardwareProfile: { + vmSize: 'Standard_F2s' + } + networkProfile: { + networkInterfaces: [ + { + properties: { + primary: false + } + id: networkInterface.id + } + ] + } } } @@ -161,8 +161,8 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: resourceName + parent: virtualNetwork properties: { addressPrefix: '10.0.0.0/24' networkSecurityGroup: { diff --git a/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/sqlbestpracticesassessment/main.bicep b/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/sqlbestpracticesassessment/main.bicep new file mode 100644 index 00000000..affbf7b1 --- /dev/null +++ b/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/sqlbestpracticesassessment/main.bicep @@ -0,0 +1,320 @@ +param resourceName string = 'acctest0001' +param location string = 'westeurope' +@secure() +@description('The administrator password for the virtual machine') +param adminPassword string + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { + name: resourceName + parent: virtualNetwork + properties: { + addressPrefix: '10.0.0.0/24' + networkSecurityGroup: { + id: networkSecurityGroup.id + } + } +} + +resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-07-01' = { + name: resourceName + location: 'azapi_resource.resourceGroup.location' + properties: { + osProfile: { + adminUsername: 'testadmin' + adminPassword: adminPassword + allowExtensionOperations: true + computerName: 'winhost01' + secrets: [] + windowsConfiguration: { + timeZone: 'Pacific Standard Time' + enableAutomaticUpdates: true + patchSettings: { + patchMode: 'AutomaticByOS' + assessmentMode: 'ImageDefault' + } + provisionVMAgent: true + } + } + storageProfile: { + dataDisks: [] + imageReference: { + offer: 'SQL2017-WS2016' + publisher: 'MicrosoftSQLServer' + sku: 'SQLDEV' + version: 'latest' + } + osDisk: { + managedDisk: { + storageAccountType: 'Premium_LRS' + } + name: 'acctvm-250116171212663925OSDisk' + caching: 'ReadOnly' + deleteOption: 'Detach' + diskSizeGB: 127 + osType: 'Windows' + writeAcceleratorEnabled: false + createOption: 'FromImage' + } + } + hardwareProfile: { + vmSize: 'Standard_F2s' + } + networkProfile: { + networkInterfaces: [ + { + properties: { + primary: false + } + id: networkInterface.id + } + ] + } + } +} + +resource dataCollectionRuleAssociation 'Microsoft.Insights/dataCollectionRuleAssociations@2022-06-01' = { + name: 'azapi_resource.workspace.output.properties.customerId_azapi_resource.resourceGroup.location_DCRA_1' + scope: virtualMachine + properties: { + dataCollectionRuleId: dataCollectionRule.id + } +} + +resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { + name: resourceName + location: 'azapi_resource.resourceGroup.location' + properties: { + dnsSettings: { + dnsServers: [] + } + enableAcceleratedNetworking: false + ipConfigurations: [ + { + properties: { + subnet: {} + primary: true + privateIPAddress: '10.0.0.4' + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + publicIPAddress: {} + } + type: 'Microsoft.Network/networkInterfaces/ipConfigurations' + name: 'testconfiguration1' + } + ] + disableTcpStateTracking: false + enableIPForwarding: false + nicType: 'Standard' + auxiliaryMode: 'None' + auxiliarySku: 'None' + } +} + +resource workspace 'Microsoft.OperationalInsights/workspaces@2020-08-01' = { + name: resourceName + location: 'azapi_resource.resourceGroup.location' + properties: { + features: { + disableLocalAuth: false + enableLogAccessUsingOnlyResourcePermissions: true + legacy: 0 + searchVersion: 1 + } + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' + retentionInDays: 30 + sku: { + name: 'PerGB2018' + } + workspaceCapping: { + dailyQuotaGb: -1 + } + } +} + +resource table 'Microsoft.OperationalInsights/workspaces/tables@2023-09-01' = { + name: 'SqlAssessment_CL' + parent: workspace + properties: { + schema: { + columns: [ + { + name: 'TimeGenerated' + type: 'datetime' + } + { + name: 'RawData' + type: 'string' + } + ] + name: 'SqlAssessment_CL' + } + } +} + +resource dataCollectionEndpoint 'Microsoft.Insights/dataCollectionEndpoints@2022-06-01' = { + name: '${location}-DCE-1' + location: 'azapi_resource.resourceGroup.location' + properties: { + networkAcls: { + publicNetworkAccess: 'Enabled' + } + } +} + +resource dataCollectionRule 'Microsoft.Insights/dataCollectionRules@2022-06-01' = { + name: 'azapi_resource.workspace.output.properties.customerId_azapi_resource.resourceGroup.location_DCR_1' + location: 'azapi_resource.resourceGroup.location' + dependsOn: [ + table + ] + properties: { + dataFlows: [ + { + outputStream: 'Custom-SqlAssessment_CL' + streams: [ + 'Custom-SqlAssessment_CL' + ] + transformKql: 'source' + destinations: [] + } + ] + dataSources: { + logFiles: [ + { + filePatterns: [ + 'C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft SQL Server IaaS Agent\\Assessment\\*.csv' + ] + format: 'text' + name: 'Custom-SqlAssessment_CL' + settings: { + text: { + recordStartTimestampFormat: 'ISO 8601' + } + } + streams: [ + 'Custom-SqlAssessment_CL' + ] + } + ] + } + description: '' + destinations: { + logAnalytics: [ + {} + ] + } + streamDeclarations: { + 'Custom-SqlAssessment_CL': { + columns: [ + { + name: 'TimeGenerated' + type: 'datetime' + } + { + type: 'string' + name: 'RawData' + } + ] + } + } + dataCollectionEndpointId: dataCollectionEndpoint.id + } +} + +resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2024-05-01' = { + name: resourceName + location: 'azapi_resource.resourceGroup.location' + properties: { + securityRules: [ + { + name: 'MSSQLRule' + properties: { + destinationPortRange: '1433' + priority: 1001 + sourceAddressPrefix: '167.220.255.0/25' + sourcePortRange: '*' + access: 'Allow' + destinationAddressPrefixes: [] + destinationPortRanges: [] + direction: 'Inbound' + protocol: 'Tcp' + sourceAddressPrefixes: [] + sourcePortRanges: [] + destinationAddressPrefix: '*' + } + } + ] + } +} + +resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = { + name: resourceName + location: 'azapi_resource.resourceGroup.location' + sku: { + name: 'Basic' + tier: 'Regional' + } + properties: { + ddosSettings: { + protectionMode: 'VirtualNetworkInherited' + } + idleTimeoutInMinutes: 4 + ipTags: [] + publicIPAddressVersion: 'IPv4' + publicIPAllocationMethod: 'Dynamic' + } +} + +resource extension 'Microsoft.Compute/virtualMachines/extensions@2024-07-01' = { + name: 'AzureMonitorWindowsAgent' + location: 'westeurope' + parent: virtualMachine + properties: { + suppressFailures: false + type: 'AzureMonitorWindowsAgent' + typeHandlerVersion: '1.0' + autoUpgradeMinorVersion: true + enableAutomaticUpgrade: true + publisher: 'Microsoft.Azure.Monitor' + } +} + +resource sqlvirtualMachine 'Microsoft.SqlVirtualMachine/sqlVirtualMachines@2023-10-01' = { + name: 'azapi_resource.virtualMachine.name' + location: 'azapi_resource.virtualMachine.location' + dependsOn: [ + dataCollectionRuleAssociation + extension + ] + properties: { + sqlImageSku: 'Developer' + sqlManagement: 'Full' + assessmentSettings: { + enable: true + runImmediately: false + schedule: { + dayOfWeek: 'Monday' + enable: true + startTime: '00:00' + weeklyInterval: 1 + } + } + sqlServerLicenseType: 'PAYG' + enableAutomaticUpgrade: true + leastPrivilegeMode: 'Enabled' + sqlImageOffer: 'SQL2017-WS2016' + } +} diff --git a/settings/remarks/microsoft.standbypool/samples/standbycontainergrouppools/basic/main.bicep b/settings/remarks/microsoft.standbypool/samples/standbycontainergrouppools/basic/main.bicep index 05908b4d..4ac3b4cd 100644 --- a/settings/remarks/microsoft.standbypool/samples/standbycontainergrouppools/basic/main.bicep +++ b/settings/remarks/microsoft.standbypool/samples/standbycontainergrouppools/basic/main.bicep @@ -1,17 +1,44 @@ param resourceName string = 'acctest0001' param location string = 'eastus' +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: '${resourceName}-vnet' + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { + name: '${resourceName}-subnet' + parent: virtualNetwork + properties: { + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] + addressPrefix: '10.0.2.0/24' + delegations: [] + } +} + resource containerGroupProfile 'Microsoft.ContainerInstance/containerGroupProfiles@2024-05-01-preview' = { name: '${resourceName}-contianerGroup' location: location properties: { + sku: 'Standard' containers: [ { name: 'mycontainergroupprofile' properties: { - command: [] - environmentVariables: [] - image: 'mcr.microsoft.com/azuredocs/aci-helloworld:latest' ports: [ { port: 8000 @@ -23,6 +50,9 @@ resource containerGroupProfile 'Microsoft.ContainerInstance/containerGroupProfil memoryInGB: any('1.5') } } + command: [] + environmentVariables: [] + image: 'mcr.microsoft.com/azuredocs/aci-helloworld:latest' } } ] @@ -37,62 +67,29 @@ resource containerGroupProfile 'Microsoft.ContainerInstance/containerGroupProfil type: 'Public' } osType: 'Linux' - sku: 'Standard' } } resource standbyContainerGroupPool 'Microsoft.StandbyPool/standbyContainerGroupPools@2025-03-01' = { name: '${resourceName}-CGPool' - location: 'eastus' properties: { + zones: [ + '1' + '2' + '3' + ] containerGroupProperties: { containerGroupProfile: { id: containerGroupProfile.id revision: 1 } subnetIds: [ - { - id: subnet.id - } + {} ] } elasticityProfile: { - maxReadyCapacity: 5 refillPolicy: 'always' + maxReadyCapacity: 5 } - zones: [ - '1' - '2' - '3' - ] - } -} - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: '${resourceName}-vnet' - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - subnets: [] - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork - name: '${resourceName}-subnet' - properties: { - addressPrefix: '10.0.2.0/24' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.storage/remarks.json b/settings/remarks/microsoft.storage/remarks.json index 52ce7558..7c107a8e 100644 --- a/settings/remarks/microsoft.storage/remarks.json +++ b/settings/remarks/microsoft.storage/remarks.json @@ -107,6 +107,11 @@ "ResourceType": "Microsoft.Storage/storageAccounts/tableServices/tables", "Path": "samples/storageaccounts/tableservices/tables/main.bicep", "Description": "A basic example of deploying Table within Azure Storage." + }, + { + "ResourceType": "Microsoft.Storage/storageAccounts/encryptionScopes", + "Path": "samples/storageaccounts/encryptionscopes/main.bicep", + "Description": "A basic example of deploying Storage Encryption Scope." } ] } \ No newline at end of file diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/basic/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/basic/main.bicep index 5c7e206f..a893d66e 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/basic/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/basic/main.bicep @@ -1,14 +1,23 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { - accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: true + isHnsEnabled: false + isSftpEnabled: false + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true allowSharedKeyAccess: true defaultToOAuthAuthentication: false encryption: { @@ -22,17 +31,8 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } - isHnsEnabled: false isNfsV3Enabled: false - isSftpEnabled: false minimumTlsVersion: 'TLS1_2' - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' + accessTier: 'Hot' } } diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/containers/immutabilitypolicies/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/containers/immutabilitypolicies/main.bicep index c7c59b53..8bf8ac41 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/containers/immutabilitypolicies/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/containers/immutabilitypolicies/main.bicep @@ -2,22 +2,13 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { - parent: storageAccount name: 'default' -} - -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - properties: {} - sku: { - name: 'Standard_LRS' - } + parent: storageAccount } resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - parent: blobService name: resourceName + parent: blobService properties: { metadata: { key: 'value' @@ -26,10 +17,19 @@ resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@20 } resource immutabilityPolicy 'Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies@2023-05-01' = { - parent: container name: 'default' + parent: container properties: { allowProtectedAppendWrites: false immutabilityPeriodSinceCreationInDays: 4 } } + +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_LRS' + } + properties: {} +} diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/containers/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/containers/main.bicep index 4efc6c29..efb64a7a 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/containers/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/containers/main.bicep @@ -2,22 +2,22 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { - parent: storageAccount name: 'default' + parent: storageAccount } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location - properties: {} sku: { name: 'Standard_LRS' } + properties: {} } resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - parent: blobService name: resourceName + parent: blobService properties: { metadata: { key: 'value' diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/main.bicep index e53e1805..530e54d4 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/main.bicep @@ -4,13 +4,13 @@ param location string = 'westeurope' resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { - accessTier: 'Hot' - allowBlobPublicAccess: true allowCrossTenantReplication: true allowSharedKeyAccess: true - defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -23,24 +23,30 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } isHnsEnabled: false - isNfsV3Enabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' + accessTier: 'Hot' + defaultToOAuthAuthentication: false + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' + allowBlobPublicAccess: true } } resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2021-09-01' = { - parent: storageAccount name: 'default' + parent: storageAccount properties: { + lastAccessTimeTrackingPolicy: { + enable: false + } + restorePolicy: { + enabled: false + } changeFeed: { enabled: true } @@ -52,11 +58,5 @@ resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2021-09-01' enabled: false } isVersioningEnabled: true - lastAccessTimeTrackingPolicy: { - enable: false - } - restorePolicy: { - enabled: false - } } } diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/encryptionscopes/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/encryptionscopes/main.bicep new file mode 100644 index 00000000..f109f86b --- /dev/null +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/encryptionscopes/main.bicep @@ -0,0 +1,138 @@ +param resourceName string = 'acctest0001' +param location string = 'westus' + +resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { + name: '${resourceName}sa' + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + properties: { + accessTier: 'Hot' + allowBlobPublicAccess: true + allowCrossTenantReplication: false + defaultToOAuthAuthentication: false + minimumTlsVersion: 'TLS1_2' + supportsHttpsTrafficOnly: true + encryption: { + keySource: 'Microsoft.Storage' + services: { + queue: { + keyType: 'Service' + } + table: { + keyType: 'Service' + } + } + } + isHnsEnabled: false + isLocalUserEnabled: true + networkAcls: { + resourceAccessRules: [] + virtualNetworkRules: [] + bypass: 'AzureServices' + defaultAction: 'Allow' + ipRules: [] + } + publicNetworkAccess: 'Enabled' + allowSharedKeyAccess: true + dnsEndpointType: 'Standard' + isNfsV3Enabled: false + isSftpEnabled: false + } +} + +resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { + name: '${resourceName}-kv' + location: location + dependsOn: [ + storageAccount + ] + properties: { + createMode: 'default' + enableRbacAuthorization: false + enableSoftDelete: true + enabledForDiskEncryption: false + publicNetworkAccess: 'Enabled' + tenantId: tenant().tenantId + accessPolicies: [ + { + permissions: { + keys: [ + 'Get' + 'Create' + 'Delete' + 'List' + 'Restore' + 'Recover' + 'UnwrapKey' + 'WrapKey' + 'Purge' + 'Encrypt' + 'Decrypt' + 'Sign' + 'Verify' + 'GetRotationPolicy' + ] + secrets: [] + storage: [] + certificates: [] + } + tenantId: tenant().tenantId + objectId: deployer().objectId + } + { + permissions: { + certificates: [] + keys: [ + 'Get' + 'UnwrapKey' + 'WrapKey' + ] + secrets: [] + storage: [] + } + tenantId: tenant().tenantId + objectId: storageAccount.identity.principalId + } + ] + enablePurgeProtection: true + enabledForDeployment: false + enabledForTemplateDeployment: false + sku: { + family: 'A' + name: 'standard' + } + } +} + +resource encryptionScope 'Microsoft.Storage/storageAccounts/encryptionScopes@2023-05-01' = { + name: '${resourceName}-scope' + parent: storageAccount + dependsOn: [ + vault + ] + properties: { + keyVaultProperties: {} + source: 'Microsoft.KeyVault' + state: 'Enabled' + } +} + +resource key 'Microsoft.KeyVault/vaults/keys@2023-02-01' = { + name: '${resourceName}-key' + parent: vault + properties: { + keyOps: [ + 'encrypt' + 'decrypt' + 'sign' + 'verify' + 'wrapKey' + 'unwrapKey' + ] + keySize: 2048 + kty: 'RSA' + } +} diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/fileservices/shares/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/fileservices/shares/main.bicep index 0ba2cdcb..399462b2 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/fileservices/shares/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/fileservices/shares/main.bicep @@ -1,23 +1,23 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource fileService 'Microsoft.Storage/storageAccounts/fileServices@2022-09-01' existing = { - parent: storageAccount name: 'default' + parent: storageAccount } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location - properties: {} sku: { name: 'Standard_LRS' } + properties: {} } resource share 'Microsoft.Storage/storageAccounts/fileServices/shares@2022-09-01' = { - parent: fileService name: resourceName + parent: fileService properties: { accessTier: 'Cool' } diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/localusers/basic/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/localusers/basic/main.bicep index 3575fd63..828bbddc 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/localusers/basic/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/localusers/basic/main.bicep @@ -4,13 +4,16 @@ param location string = 'westeurope' resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { - accessTier: 'Hot' + isHnsEnabled: false + isNfsV3Enabled: false + minimumTlsVersion: 'TLS1_2' + supportsHttpsTrafficOnly: true allowBlobPublicAccess: true - allowCrossTenantReplication: true - allowSharedKeyAccess: true - defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -22,35 +25,32 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } - isHnsEnabled: false - isNfsV3Enabled: false isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' + accessTier: 'Hot' + allowCrossTenantReplication: true + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false } } resource localUser 'Microsoft.Storage/storageAccounts/localUsers@2021-09-01' = { - parent: storageAccount name: resourceName + parent: storageAccount properties: { - hasSharedKey: true - hasSshKey: false hasSshPassword: false homeDirectory: 'containername/' permissionScopes: [ { + service: 'blob' permissions: 'cwl' resourceName: 'containername' - service: 'blob' } ] + hasSharedKey: true + hasSshKey: false } } diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/managementpolicies/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/managementpolicies/main.bicep index 7464c6f1..b2045bed 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/managementpolicies/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/managementpolicies/main.bicep @@ -4,15 +4,25 @@ param location string = 'westeurope' resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } kind: 'BlobStorage' properties: { + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: true allowSharedKeyAccess: true defaultToOAuthAuthentication: false + isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false encryption: { - keySource: 'Microsoft.Storage' services: { queue: { keyType: 'Service' @@ -21,29 +31,20 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { keyType: 'Service' } } + keySource: 'Microsoft.Storage' } - isHnsEnabled: false - isNfsV3Enabled: false - isSftpEnabled: false minimumTlsVersion: 'TLS1_2' - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' } } resource managementPolicy 'Microsoft.Storage/storageAccounts/managementPolicies@2021-09-01' = { - parent: storageAccount name: 'default' + parent: storageAccount properties: { policy: { rules: [ { + type: 'Lifecycle' definition: { actions: { baseBlob: { @@ -74,7 +75,6 @@ resource managementPolicy 'Microsoft.Storage/storageAccounts/managementPolicies@ } enabled: true name: 'rule-1' - type: 'Lifecycle' } ] } diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/queueservices/queues/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/queueservices/queues/main.bicep index 4a063a33..72b6812f 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/queueservices/queues/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/queueservices/queues/main.bicep @@ -2,22 +2,22 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' resource queueService 'Microsoft.Storage/storageAccounts/queueServices@2022-09-01' existing = { - parent: storageAccount name: 'default' + parent: storageAccount } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location - properties: {} sku: { name: 'Standard_LRS' } + properties: {} } resource queue 'Microsoft.Storage/storageAccounts/queueServices/queues@2022-09-01' = { - parent: queueService name: resourceName + parent: queueService properties: { metadata: { key: 'value' diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/tableservices/tables/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/tableservices/tables/main.bicep index a5e05ede..0dd9805a 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/tableservices/tables/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/tableservices/tables/main.bicep @@ -2,22 +2,22 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' resource tableService 'Microsoft.Storage/storageAccounts/tableServices@2022-09-01' existing = { - parent: storageAccount name: 'default' + parent: storageAccount } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location - properties: {} sku: { name: 'Standard_LRS' } + properties: {} } resource table 'Microsoft.Storage/storageAccounts/tableServices/tables@2022-09-01' = { - parent: tableService name: resourceName + parent: tableService properties: { signedIdentifiers: [] } diff --git a/settings/remarks/microsoft.storagecache/samples/amlfilesystems/main.bicep b/settings/remarks/microsoft.storagecache/samples/amlfilesystems/main.bicep index 6eb0dde6..83835bb3 100644 --- a/settings/remarks/microsoft.storagecache/samples/amlfilesystems/main.bicep +++ b/settings/remarks/microsoft.storagecache/samples/amlfilesystems/main.bicep @@ -1,29 +1,12 @@ -param resourceName string = 'acctest0001' param location string = 'westus' - -resource amlFilesystem 'Microsoft.StorageCache/amlFilesystems@2024-07-01' = { - name: '${resourceName}-amlfs' - location: location - properties: { - filesystemSubnet: subnet.id - maintenanceWindow: { - dayOfWeek: 'Friday' - timeOfDayUTC: '22:00' - } - storageCapacityTiB: 8 - } - sku: { - name: 'AMLFS-Durable-Premium-250' - } - zones: [ - '1' - ] -} +param resourceName string = 'acctest0001' resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { name: '${resourceName}-vnet' location: location properties: { + privateEndpointVNetPolicies: 'Disabled' + subnets: [] addressSpace: { addressPrefixes: [ '10.0.0.0/16' @@ -32,21 +15,34 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { dhcpOptions: { dnsServers: [] } - privateEndpointVNetPolicies: 'Disabled' - subnets: [] } } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { - parent: virtualNetwork name: '${resourceName}-subnet' + parent: virtualNetwork properties: { + serviceEndpoints: [] addressPrefix: '10.0.2.0/24' defaultOutboundAccess: true delegations: [] privateEndpointNetworkPolicies: 'Disabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] - serviceEndpoints: [] + } +} + +resource amlFilesystem 'Microsoft.StorageCache/amlFilesystems@2024-07-01' = { + name: '${resourceName}-amlfs' + location: location + sku: { + name: 'AMLFS-Durable-Premium-250' + } + properties: { + maintenanceWindow: { + dayOfWeek: 'Friday' + timeOfDayUTC: '22:00' + } + storageCapacityTiB: 8 } } diff --git a/settings/remarks/microsoft.storagecache/samples/caches/main.bicep b/settings/remarks/microsoft.storagecache/samples/caches/main.bicep index 459e9c0d..2e65192d 100644 --- a/settings/remarks/microsoft.storagecache/samples/caches/main.bicep +++ b/settings/remarks/microsoft.storagecache/samples/caches/main.bicep @@ -1,22 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource cach 'Microsoft.StorageCache/caches@2023-01-01' = { - name: resourceName - location: location - properties: { - cacheSizeGB: 3072 - networkSettings: { - mtu: 1500 - ntpServer: 'time.windows.com' - } - subnet: subnet.id - } - sku: { - name: 'Standard_2G' - } -} - resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location @@ -34,14 +18,29 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - parent: virtualNetwork name: resourceName + parent: virtualNetwork properties: { - addressPrefix: '10.0.2.0/24' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] serviceEndpoints: [] + addressPrefix: '10.0.2.0/24' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' + } +} + +resource cach 'Microsoft.StorageCache/caches@2023-01-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_2G' + } + properties: { + networkSettings: { + mtu: 1500 + ntpServer: 'time.windows.com' + } + cacheSizeGB: 3072 } } diff --git a/settings/remarks/microsoft.storagemover/samples/storagemovers/endpoints/main.bicep b/settings/remarks/microsoft.storagemover/samples/storagemovers/endpoints/main.bicep index 7163200e..586d5994 100644 --- a/settings/remarks/microsoft.storagemover/samples/storagemovers/endpoints/main.bicep +++ b/settings/remarks/microsoft.storagemover/samples/storagemovers/endpoints/main.bicep @@ -8,8 +8,8 @@ resource storageMover 'Microsoft.StorageMover/storageMovers@2023-03-01' = { } resource endpoint 'Microsoft.StorageMover/storageMovers/endpoints@2023-03-01' = { - parent: storageMover name: resourceName + parent: storageMover properties: { endpointType: 'NfsMount' export: '' diff --git a/settings/remarks/microsoft.storagemover/samples/storagemovers/projects/main.bicep b/settings/remarks/microsoft.storagemover/samples/storagemovers/projects/main.bicep index f621af83..58772540 100644 --- a/settings/remarks/microsoft.storagemover/samples/storagemovers/projects/main.bicep +++ b/settings/remarks/microsoft.storagemover/samples/storagemovers/projects/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'eastus' +param resourceName string = 'acctest0001' resource storageMover 'Microsoft.StorageMover/storageMovers@2023-03-01' = { name: resourceName @@ -8,7 +8,7 @@ resource storageMover 'Microsoft.StorageMover/storageMovers@2023-03-01' = { } resource project 'Microsoft.StorageMover/storageMovers/projects@2023-03-01' = { - parent: storageMover name: resourceName + parent: storageMover properties: {} } diff --git a/settings/remarks/microsoft.storagesync/samples/storagesyncservices/syncgroups/main.bicep b/settings/remarks/microsoft.storagesync/samples/storagesyncservices/syncgroups/main.bicep index cc582be8..58353ad4 100644 --- a/settings/remarks/microsoft.storagesync/samples/storagesyncservices/syncgroups/main.bicep +++ b/settings/remarks/microsoft.storagesync/samples/storagesyncservices/syncgroups/main.bicep @@ -10,6 +10,6 @@ resource storageSyncService 'Microsoft.StorageSync/storageSyncServices@2020-03-0 } resource syncGroup 'Microsoft.StorageSync/storageSyncServices/syncGroups@2020-03-01' = { - parent: storageSyncService name: resourceName + parent: storageSyncService } diff --git a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/functions/main.bicep b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/functions/main.bicep index 1e464e7a..485e81d0 100644 --- a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/functions/main.bicep +++ b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/functions/main.bicep @@ -5,18 +5,6 @@ resource streamingJob 'Microsoft.StreamAnalytics/streamingJobs@2020-03-01' = { name: resourceName location: location properties: { - cluster: {} - compatibilityLevel: '1.0' - contentStoragePolicy: 'SystemAccount' - dataLocale: 'en-GB' - eventsLateArrivalMaxDelayInSeconds: 60 - eventsOutOfOrderMaxDelayInSeconds: 50 - eventsOutOfOrderPolicy: 'Adjust' - jobType: 'Cloud' - outputErrorPolicy: 'Drop' - sku: { - name: 'Standard' - } transformation: { name: 'main' properties: { @@ -27,12 +15,24 @@ resource streamingJob 'Microsoft.StreamAnalytics/streamingJobs@2020-03-01' = { streamingUnits: 3 } } + cluster: {} + compatibilityLevel: '1.0' + contentStoragePolicy: 'SystemAccount' + eventsOutOfOrderMaxDelayInSeconds: 50 + outputErrorPolicy: 'Drop' + dataLocale: 'en-GB' + eventsLateArrivalMaxDelayInSeconds: 60 + eventsOutOfOrderPolicy: 'Adjust' + jobType: 'Cloud' + sku: { + name: 'Standard' + } } } resource function 'Microsoft.StreamAnalytics/streamingJobs/functions@2020-03-01' = { - parent: streamingJob name: resourceName + parent: streamingJob properties: { properties: { binding: { diff --git a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/inputs/main.bicep b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/inputs/main.bicep index 444d70e6..26a40090 100644 --- a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/inputs/main.bicep +++ b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/inputs/main.bicep @@ -1,47 +1,22 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource iothub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { - name: resourceName - location: location - properties: { - cloudToDevice: {} - enableFileUploadNotifications: false - messagingEndpoints: {} - routing: { - fallbackRoute: { - condition: 'true' - endpointNames: [ - 'events' - ] - isEnabled: true - source: 'DeviceMessages' - } - } - storageEndpoints: {} - } - sku: { - capacity: 1 - name: 'S1' - } -} - resource streamingJob 'Microsoft.StreamAnalytics/streamingJobs@2020-03-01' = { name: resourceName location: location properties: { cluster: {} compatibilityLevel: '1.0' - contentStoragePolicy: 'SystemAccount' dataLocale: 'en-GB' eventsLateArrivalMaxDelayInSeconds: 60 eventsOutOfOrderMaxDelayInSeconds: 50 eventsOutOfOrderPolicy: 'Adjust' - jobType: 'Cloud' outputErrorPolicy: 'Drop' sku: { name: 'Standard' } + contentStoragePolicy: 'SystemAccount' + jobType: 'Cloud' transformation: { name: 'main' properties: { @@ -56,15 +31,15 @@ resource streamingJob 'Microsoft.StreamAnalytics/streamingJobs@2020-03-01' = { } resource input 'Microsoft.StreamAnalytics/streamingJobs/inputs@2020-03-01' = { - parent: streamingJob name: resourceName + parent: streamingJob properties: { datasource: { properties: { consumerGroupName: '$Default' endpoint: 'messages/events' - iotHubNamespace: iothub.name - sharedAccessPolicyKey: iothub.listkeys().value[0].primaryKey + iotHubNamespace: iotHub.name + sharedAccessPolicyKey: iotHub.listKeys().value[0].primaryKey sharedAccessPolicyName: 'iothubowner' } type: 'Microsoft.Devices/IotHubs' @@ -76,3 +51,28 @@ resource input 'Microsoft.StreamAnalytics/streamingJobs/inputs@2020-03-01' = { type: 'Stream' } } + +resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { + name: resourceName + location: location + sku: { + capacity: 1 + name: 'S1' + } + properties: { + routing: { + fallbackRoute: { + endpointNames: [ + 'events' + ] + isEnabled: true + source: 'DeviceMessages' + condition: 'true' + } + } + storageEndpoints: {} + cloudToDevice: {} + enableFileUploadNotifications: false + messagingEndpoints: {} + } +} diff --git a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/main.bicep b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/main.bicep index d84d889c..0b564dec 100644 --- a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/main.bicep +++ b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/main.bicep @@ -5,14 +5,7 @@ resource streamingJob 'Microsoft.StreamAnalytics/streamingJobs@2020-03-01' = { name: resourceName location: location properties: { - cluster: {} - compatibilityLevel: '1.0' - contentStoragePolicy: 'SystemAccount' dataLocale: 'en-GB' - eventsLateArrivalMaxDelayInSeconds: 60 - eventsOutOfOrderMaxDelayInSeconds: 50 - eventsOutOfOrderPolicy: 'Adjust' - jobType: 'Cloud' outputErrorPolicy: 'Drop' sku: { name: 'Standard' @@ -27,5 +20,12 @@ resource streamingJob 'Microsoft.StreamAnalytics/streamingJobs@2020-03-01' = { streamingUnits: 3 } } + compatibilityLevel: '1.0' + contentStoragePolicy: 'SystemAccount' + eventsLateArrivalMaxDelayInSeconds: 60 + eventsOutOfOrderMaxDelayInSeconds: 50 + eventsOutOfOrderPolicy: 'Adjust' + jobType: 'Cloud' + cluster: {} } } diff --git a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/outputs/main.bicep b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/outputs/main.bicep index a164e7d9..643315ba 100644 --- a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/outputs/main.bicep +++ b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/outputs/main.bicep @@ -1,58 +1,11 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - kind: 'StorageV2' - properties: { - accessTier: 'Hot' - allowBlobPublicAccess: true - allowCrossTenantReplication: true - allowSharedKeyAccess: true - defaultToOAuthAuthentication: false - encryption: { - keySource: 'Microsoft.Storage' - services: { - queue: { - keyType: 'Service' - } - table: { - keyType: 'Service' - } - } - } - isHnsEnabled: false - isNfsV3Enabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' - } -} - resource streamingJob 'Microsoft.StreamAnalytics/streamingJobs@2020-03-01' = { name: resourceName location: location properties: { - cluster: {} - compatibilityLevel: '1.0' - contentStoragePolicy: 'SystemAccount' - dataLocale: 'en-GB' - eventsLateArrivalMaxDelayInSeconds: 60 eventsOutOfOrderMaxDelayInSeconds: 50 - eventsOutOfOrderPolicy: 'Adjust' - jobType: 'Cloud' - outputErrorPolicy: 'Drop' - sku: { - name: 'Standard' - } transformation: { name: 'main' properties: { @@ -63,24 +16,71 @@ resource streamingJob 'Microsoft.StreamAnalytics/streamingJobs@2020-03-01' = { streamingUnits: 3 } } + cluster: {} + compatibilityLevel: '1.0' + contentStoragePolicy: 'SystemAccount' + eventsLateArrivalMaxDelayInSeconds: 60 + eventsOutOfOrderPolicy: 'Adjust' + jobType: 'Cloud' + outputErrorPolicy: 'Drop' + sku: { + name: 'Standard' + } + dataLocale: 'en-GB' } } resource output 'Microsoft.StreamAnalytics/streamingJobs/outputs@2021-10-01-preview' = { - parent: streamingJob name: resourceName + parent: streamingJob properties: { + serialization: null datasource: { properties: { - accountKey: storageAccount.listKeys().keys[0].value - accountName: storageAccount.name batchSize: 100 partitionKey: 'foo' rowKey: 'bar' table: 'foobar' + accountKey: storageAccount.listKeys().keys[0].value + accountName: storageAccount.name } type: 'Microsoft.Storage/Table' } - serialization: null + } +} + +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + properties: { + allowBlobPublicAccess: true + allowCrossTenantReplication: true + defaultToOAuthAuthentication: false + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true + accessTier: 'Hot' + allowSharedKeyAccess: true + encryption: { + keySource: 'Microsoft.Storage' + services: { + queue: { + keyType: 'Service' + } + table: { + keyType: 'Service' + } + } + } + isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' } } diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/azureadonlyauthentications/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/azureadonlyauthentications/main.bicep index 9c13441c..764a8af2 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/azureadonlyauthentications/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/azureadonlyauthentications/main.bicep @@ -7,49 +7,48 @@ param sqlAdministratorLogin string param sqlAdministratorLoginPassword string resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { - parent: storageAccount name: 'default' -} - -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - kind: 'StorageV2' - properties: {} - sku: { - name: 'Standard_LRS' - } + parent: storageAccount } resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { name: resourceName location: location properties: { + publicNetworkAccess: 'Enabled' + sqlAdministratorLogin: sqlAdministratorLogin + sqlAdministratorLoginPassword: sqlAdministratorLoginPassword defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs - filesystem: container.name } managedVirtualNetwork: '' - publicNetworkAccess: 'Enabled' - sqlAdministratorLogin: sqlAdministratorLogin - sqlAdministratorLoginPassword: sqlAdministratorLoginPassword } } resource synapseAzureadOnlyAuthentication 'Microsoft.Synapse/workspaces/azureADOnlyAuthentications@2021-06-01-preview' = { - parent: workspace name: 'default' + parent: workspace properties: { azureADOnlyAuthentication: true } } resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - parent: blobService name: resourceName + parent: blobService properties: { metadata: { key: 'value' } } } + +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + properties: {} +} diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/bigdatapools/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/bigdatapools/main.bicep index 8414c368..f2f22d6f 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/bigdatapools/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/bigdatapools/main.bicep @@ -1,73 +1,71 @@ +@secure() +@description('The SQL administrator login password for the Synapse workspace') +param sqlAdministratorLoginPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The SQL administrator login for the Synapse workspace') param sqlAdministratorLogin string -@secure() -@description('The SQL administrator login password for the Synapse workspace') -param sqlAdministratorLoginPassword string resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { - parent: storageAccount name: 'default' + parent: storageAccount } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location - kind: 'StorageV2' - properties: {} sku: { name: 'Standard_LRS' } + kind: 'StorageV2' + properties: {} } resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { name: resourceName location: location properties: { + sqlAdministratorLoginPassword: sqlAdministratorLoginPassword defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs - filesystem: container.name } - managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' sqlAdministratorLogin: sqlAdministratorLogin - sqlAdministratorLoginPassword: sqlAdministratorLoginPassword } } resource bigDataPool 'Microsoft.Synapse/workspaces/bigDataPools@2021-06-01-preview' = { - parent: workspace name: resourceName location: location + parent: workspace properties: { - autoPause: { - enabled: false - } - autoScale: { - enabled: false - } - cacheSize: 0 defaultSparkLogFolder: '/logs' dynamicExecutorAllocation: { + minExecutors: 0 enabled: false maxExecutors: 0 - minExecutors: 0 } - isComputeIsolationEnabled: false nodeCount: 3 nodeSize: 'Small' nodeSizeFamily: 'MemoryOptimized' + isComputeIsolationEnabled: false sessionLevelPackagesEnabled: false sparkEventsFolder: '/events' sparkVersion: '2.4' + autoPause: { + enabled: false + } + autoScale: { + enabled: false + } + cacheSize: 0 } } resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - parent: blobService name: resourceName + parent: blobService properties: { metadata: { key: 'value' diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/firewallrules/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/firewallrules/main.bicep index b556f446..5315008a 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/firewallrules/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/firewallrules/main.bicep @@ -1,24 +1,14 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The SQL administrator login for the Synapse workspace') param sqlAdministratorLogin string @secure() @description('The SQL administrator login password for the Synapse workspace') param sqlAdministratorLoginPassword string +param resourceName string = 'acctest0001' resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { - parent: storageAccount name: 'default' -} - -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - kind: 'StorageV2' - properties: {} - sku: { - name: 'Standard_LRS' - } + parent: storageAccount } resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { @@ -27,9 +17,7 @@ resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { properties: { defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs - filesystem: container.name } - managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' sqlAdministratorLogin: sqlAdministratorLogin @@ -38,8 +26,8 @@ resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { } resource firewallRule 'Microsoft.Synapse/workspaces/firewallRules@2021-06-01' = { - parent: workspace name: 'AllowAll' + parent: workspace properties: { endIpAddress: '255.255.255.255' startIpAddress: '0.0.0.0' @@ -47,11 +35,21 @@ resource firewallRule 'Microsoft.Synapse/workspaces/firewallRules@2021-06-01' = } resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - parent: blobService name: resourceName + parent: blobService properties: { metadata: { key: 'value' } } } + +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + properties: {} +} diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/integrationruntimes/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/integrationruntimes/main.bicep index 32629f13..28246e5a 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/integrationruntimes/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/integrationruntimes/main.bicep @@ -7,39 +7,27 @@ param sqlAdministratorLogin string param sqlAdministratorLoginPassword string resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { - parent: storageAccount name: 'default' -} - -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - kind: 'StorageV2' - properties: {} - sku: { - name: 'Standard_LRS' - } + parent: storageAccount } resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { name: resourceName location: location properties: { + publicNetworkAccess: 'Enabled' + sqlAdministratorLogin: sqlAdministratorLogin + sqlAdministratorLoginPassword: sqlAdministratorLoginPassword defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs - filesystem: container.name } - managedVirtualNetwork: 'default' - publicNetworkAccess: 'Enabled' - sqlAdministratorLogin: sqlAdministratorLogin - sqlAdministratorLoginPassword: sqlAdministratorLoginPassword } } resource integrationRuntime 'Microsoft.Synapse/workspaces/integrationRuntimes@2021-06-01-preview' = { - parent: workspace name: resourceName + parent: workspace properties: { description: 'test' type: 'SelfHosted' @@ -47,11 +35,21 @@ resource integrationRuntime 'Microsoft.Synapse/workspaces/integrationRuntimes@20 } resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - parent: blobService name: resourceName + parent: blobService properties: { metadata: { key: 'value' } } } + +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + properties: {} +} diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/main.bicep index 63bdfeb2..070a8e49 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/main.bicep @@ -7,41 +7,40 @@ param sqlAdministratorLogin string param sqlAdministratorLoginPassword string resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { - parent: storageAccount name: 'default' -} - -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - kind: 'StorageV2' - properties: {} - sku: { - name: 'Standard_LRS' - } + parent: storageAccount } resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { name: resourceName location: location properties: { + sqlAdministratorLoginPassword: sqlAdministratorLoginPassword defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs - filesystem: container.name } managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' sqlAdministratorLogin: sqlAdministratorLogin - sqlAdministratorLoginPassword: sqlAdministratorLoginPassword } } resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - parent: blobService name: resourceName + parent: blobService properties: { metadata: { key: 'value' } } } + +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + properties: {} +} diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/managedidentitysqlcontrolsettings/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/managedidentitysqlcontrolsettings/main.bicep index 2b54ab6d..aed187c0 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/managedidentitysqlcontrolsettings/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/managedidentitysqlcontrolsettings/main.bicep @@ -7,18 +7,28 @@ param sqlAdministratorLogin string param sqlAdministratorLoginPassword string resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { - parent: storageAccount name: 'default' + parent: storageAccount +} + +resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { + name: resourceName + parent: blobService + properties: { + metadata: { + key: 'value' + } + } } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location - kind: 'StorageV2' - properties: {} sku: { name: 'Standard_LRS' } + kind: 'StorageV2' + properties: {} } resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { @@ -27,9 +37,7 @@ resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { properties: { defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs - filesystem: container.name } - managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' sqlAdministratorLogin: sqlAdministratorLogin @@ -38,21 +46,11 @@ resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { } resource managedIdentitySqlControlSetting 'Microsoft.Synapse/workspaces/managedIdentitySqlControlSettings@2021-06-01' = { - parent: workspace name: 'default' + parent: workspace properties: { grantSqlControlToManagedIdentity: { desiredState: 'Disabled' } } } - -resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - parent: blobService - name: resourceName - properties: { - metadata: { - key: 'value' - } - } -} diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/securityalertpolicies/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/securityalertpolicies/main.bicep index 2a327d4b..abc963de 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/securityalertpolicies/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/securityalertpolicies/main.bicep @@ -1,24 +1,24 @@ +@secure() +@description('The SQL administrator login password for the Synapse workspace') +param sqlAdministratorLoginPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The SQL administrator login name for the Synapse workspace') param sqlAdministratorLogin string -@secure() -@description('The SQL administrator login password for the Synapse workspace') -param sqlAdministratorLoginPassword string resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { - parent: storageAccount name: 'default' + parent: storageAccount } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location - kind: 'StorageV2' - properties: {} sku: { name: 'Standard_LRS' } + kind: 'StorageV2' + properties: {} } resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { @@ -27,9 +27,7 @@ resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { properties: { defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs - filesystem: container.name } - managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' sqlAdministratorLogin: sqlAdministratorLogin @@ -38,8 +36,8 @@ resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { } resource securityAlertPolicy 'Microsoft.Synapse/workspaces/securityAlertPolicies@2021-06-01' = { - parent: workspace name: 'Default' + parent: workspace properties: { state: 'Enabled' storageAccountAccessKey: storageAccount.listKeys().keys[0].value @@ -48,8 +46,8 @@ resource securityAlertPolicy 'Microsoft.Synapse/workspaces/securityAlertPolicies } resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - parent: blobService name: resourceName + parent: blobService properties: { metadata: { key: 'value' diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/main.bicep index b6f07408..86f971a0 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/main.bicep @@ -7,54 +7,52 @@ param sqlAdministratorLogin string param sqlAdministratorLoginPassword string resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { - parent: storageAccount name: 'default' + parent: storageAccount +} + +resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { + name: resourceName + parent: blobService + properties: { + metadata: { + key: 'value' + } + } } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location - kind: 'StorageV2' - properties: {} sku: { name: 'Standard_LRS' } + kind: 'StorageV2' + properties: {} } resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { name: resourceName location: location properties: { + publicNetworkAccess: 'Enabled' + sqlAdministratorLogin: sqlAdministratorLogin + sqlAdministratorLoginPassword: sqlAdministratorLoginPassword defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs - filesystem: container.name } - managedVirtualNetwork: '' - publicNetworkAccess: 'Enabled' - sqlAdministratorLogin: sqlAdministratorLogin - sqlAdministratorLoginPassword: sqlAdministratorLoginPassword } } resource sqlPool 'Microsoft.Synapse/workspaces/sqlPools@2021-06-01' = { - parent: workspace name: resourceName location: location - properties: { - createMode: 'Default' - } + parent: workspace sku: { name: 'DW100c' } -} - -resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - parent: blobService - name: resourceName properties: { - metadata: { - key: 'value' - } + createMode: 'Default' } } diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/vulnerabilityassessments/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/vulnerabilityassessments/main.bicep index efbceb15..5c29a75c 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/vulnerabilityassessments/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/vulnerabilityassessments/main.bicep @@ -7,50 +7,49 @@ param sqlAdministratorLogin string param sqlAdministratorLoginPassword string resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { - parent: storageAccount name: 'default' + parent: storageAccount } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location - kind: 'StorageV2' - properties: {} sku: { name: 'Standard_LRS' } + kind: 'StorageV2' + properties: {} } resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { name: resourceName location: location properties: { + sqlAdministratorLoginPassword: sqlAdministratorLoginPassword defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs - filesystem: container.name } managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' sqlAdministratorLogin: sqlAdministratorLogin - sqlAdministratorLoginPassword: sqlAdministratorLoginPassword } } resource sqlPool 'Microsoft.Synapse/workspaces/sqlPools@2021-06-01' = { - parent: workspace name: resourceName location: location - properties: { - createMode: 'Default' - } + parent: workspace sku: { name: 'DW100c' } + properties: { + createMode: 'Default' + } } resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - parent: blobService name: resourceName + parent: blobService properties: { metadata: { key: 'value' @@ -59,8 +58,8 @@ resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@20 } resource vulnerabilityAssessment 'Microsoft.Synapse/workspaces/sqlPools/vulnerabilityAssessments@2021-06-01' = { - parent: sqlPool name: 'default' + parent: sqlPool properties: { storageAccountAccessKey: storageAccount.listKeys().keys[0].value storageContainerPath: 'https://${storageAccount.name}.blob.core.windows.net/${container.name}/' diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/main.bicep index b92ed4a2..9cd2219a 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/main.bicep @@ -1,24 +1,24 @@ +@secure() +@description('The SQL administrator login password for the Synapse workspace') +param sqlAdministratorLoginPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The SQL administrator login for the Synapse workspace') param sqlAdministratorLogin string -@secure() -@description('The SQL administrator login password for the Synapse workspace') -param sqlAdministratorLoginPassword string resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { - parent: storageAccount name: 'default' + parent: storageAccount } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location - kind: 'StorageV2' - properties: {} sku: { name: 'Standard_LRS' } + kind: 'StorageV2' + properties: {} } resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { @@ -27,7 +27,6 @@ resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { properties: { defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs - filesystem: container.name } managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' @@ -37,20 +36,20 @@ resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { } resource sqlPool 'Microsoft.Synapse/workspaces/sqlPools@2021-06-01' = { - parent: workspace name: resourceName location: location - properties: { - createMode: 'Default' - } + parent: workspace sku: { name: 'DW100c' } + properties: { + createMode: 'Default' + } } resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - parent: blobService name: resourceName + parent: blobService properties: { metadata: { key: 'value' @@ -59,8 +58,8 @@ resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@20 } resource workloadGroup 'Microsoft.Synapse/workspaces/sqlPools/workloadGroups@2021-06-01' = { - parent: sqlPool name: resourceName + parent: sqlPool properties: { importance: 'normal' maxResourcePercent: 100 diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/workloadclassifiers/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/workloadclassifiers/main.bicep index 54aadcb8..d973c11b 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/workloadclassifiers/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/workloadclassifiers/main.bicep @@ -7,51 +7,39 @@ param sqlAdministratorLogin string param sqlAdministratorLoginPassword string resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { - parent: storageAccount name: 'default' -} - -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - kind: 'StorageV2' - properties: {} - sku: { - name: 'Standard_LRS' - } + parent: storageAccount } resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { name: resourceName location: location properties: { - defaultDataLakeStorage: { - accountUrl: storageAccount.properties.primaryEndpoints.dfs - filesystem: container.name - } - managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' sqlAdministratorLogin: sqlAdministratorLogin sqlAdministratorLoginPassword: sqlAdministratorLoginPassword + defaultDataLakeStorage: { + accountUrl: storageAccount.properties.primaryEndpoints.dfs + } } } resource sqlPool 'Microsoft.Synapse/workspaces/sqlPools@2021-06-01' = { - parent: workspace name: resourceName location: location - properties: { - createMode: 'Default' - } + parent: workspace sku: { name: 'DW100c' } + properties: { + createMode: 'Default' + } } resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - parent: blobService name: resourceName + parent: blobService properties: { metadata: { key: 'value' @@ -60,21 +48,31 @@ resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@20 } resource workloadGroup 'Microsoft.Synapse/workspaces/sqlPools/workloadGroups@2021-06-01' = { - parent: sqlPool name: resourceName + parent: sqlPool properties: { + minResourcePercent: 0 + minResourcePercentPerRequest: 3 importance: 'normal' maxResourcePercent: 100 maxResourcePercentPerRequest: 3 - minResourcePercent: 0 - minResourcePercentPerRequest: 3 } } resource workloadClassifier 'Microsoft.Synapse/workspaces/sqlPools/workloadGroups/workloadClassifiers@2021-06-01' = { - parent: workloadGroup name: resourceName + parent: workloadGroup properties: { memberName: 'dbo' } } + +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + properties: {} +} diff --git a/settings/remarks/microsoft.timeseriesinsights/samples/environments/accesspolicies/main.bicep b/settings/remarks/microsoft.timeseriesinsights/samples/environments/accesspolicies/main.bicep index da33ae18..0fd1e511 100644 --- a/settings/remarks/microsoft.timeseriesinsights/samples/environments/accesspolicies/main.bicep +++ b/settings/remarks/microsoft.timeseriesinsights/samples/environments/accesspolicies/main.bicep @@ -4,20 +4,20 @@ param location string = 'westeurope' resource environment 'Microsoft.TimeSeriesInsights/environments@2020-05-15' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'S1' + } kind: 'Gen1' properties: { dataRetentionTime: 'P30D' storageLimitExceededBehavior: 'PurgeOldData' } - sku: { - capacity: 1 - name: 'S1' - } } resource accessPolicy 'Microsoft.TimeSeriesInsights/environments/accessPolicies@2020-05-15' = { - parent: environment name: resourceName + parent: environment properties: { description: '' principalObjectId: 'aGUID' diff --git a/settings/remarks/microsoft.timeseriesinsights/samples/environments/eventsources/main.bicep b/settings/remarks/microsoft.timeseriesinsights/samples/environments/eventsources/main.bicep index 9d649fbb..2b154826 100644 --- a/settings/remarks/microsoft.timeseriesinsights/samples/environments/eventsources/main.bicep +++ b/settings/remarks/microsoft.timeseriesinsights/samples/environments/eventsources/main.bicep @@ -1,41 +1,16 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource iothub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { +resource environment 'Microsoft.TimeSeriesInsights/environments@2020-05-15' = { name: resourceName location: location - properties: { - cloudToDevice: {} - enableFileUploadNotifications: false - messagingEndpoints: {} - routing: { - fallbackRoute: { - condition: 'true' - endpointNames: [ - 'events' - ] - isEnabled: true - source: 'DeviceMessages' - } - } - storageEndpoints: {} - } sku: { capacity: 1 - name: 'B1' - } - tags: { - purpose: 'testing' + name: 'L1' } -} - -resource environment 'Microsoft.TimeSeriesInsights/environments@2020-05-15' = { - name: resourceName - location: location kind: 'Gen2' properties: { storageConfiguration: { - accountName: storageAccount.name managementKey: storageAccount.listKeys().keys[0].value } timeSeriesIdProperties: [ @@ -45,22 +20,18 @@ resource environment 'Microsoft.TimeSeriesInsights/environments@2020-05-15' = { } ] } - sku: { - capacity: 1 - name: 'L1' - } } resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { - accessTier: 'Hot' - allowBlobPublicAccess: true allowCrossTenantReplication: true allowSharedKeyAccess: true - defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -72,32 +43,60 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } - isHnsEnabled: false - isNfsV3Enabled: false isSftpEnabled: false minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' + allowBlobPublicAccess: true + defaultToOAuthAuthentication: false + isHnsEnabled: false + isNfsV3Enabled: false supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' + accessTier: 'Hot' } } resource eventSource 'Microsoft.TimeSeriesInsights/environments/eventSources@2020-05-15' = { - parent: environment name: resourceName location: location + parent: environment kind: 'Microsoft.IoTHub' properties: { + sharedAccessKey: iotHub.listKeys().value[0].primaryKey + timestampPropertyName: '' consumerGroupName: 'test' - eventSourceResourceId: iothub.id - iotHubName: iothub.name + eventSourceResourceId: iotHub.id + iotHubName: iotHub.name keyName: 'iothubowner' - sharedAccessKey: iothub.listkeys().value[0].primaryKey - timestampPropertyName: '' + } +} + +resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { + name: resourceName + location: location + sku: { + capacity: 1 + name: 'B1' + } + properties: { + cloudToDevice: {} + enableFileUploadNotifications: false + messagingEndpoints: {} + routing: { + fallbackRoute: { + condition: 'true' + endpointNames: [ + 'events' + ] + isEnabled: true + source: 'DeviceMessages' + } + } + storageEndpoints: {} + } + tags: { + purpose: 'testing' } } diff --git a/settings/remarks/microsoft.timeseriesinsights/samples/environments/main.bicep b/settings/remarks/microsoft.timeseriesinsights/samples/environments/main.bicep index 773185ef..08f2ef40 100644 --- a/settings/remarks/microsoft.timeseriesinsights/samples/environments/main.bicep +++ b/settings/remarks/microsoft.timeseriesinsights/samples/environments/main.bicep @@ -4,13 +4,13 @@ param location string = 'westeurope' resource environment 'Microsoft.TimeSeriesInsights/environments@2020-05-15' = { name: resourceName location: location + sku: { + name: 'S1' + capacity: 1 + } kind: 'Gen1' properties: { dataRetentionTime: 'P30D' storageLimitExceededBehavior: 'PurgeOldData' } - sku: { - capacity: 1 - name: 'S1' - } } diff --git a/settings/remarks/microsoft.timeseriesinsights/samples/environments/referencedatasets/main.bicep b/settings/remarks/microsoft.timeseriesinsights/samples/environments/referencedatasets/main.bicep index f7bf257f..d3cdcd15 100644 --- a/settings/remarks/microsoft.timeseriesinsights/samples/environments/referencedatasets/main.bicep +++ b/settings/remarks/microsoft.timeseriesinsights/samples/environments/referencedatasets/main.bicep @@ -4,28 +4,28 @@ param location string = 'westeurope' resource environment 'Microsoft.TimeSeriesInsights/environments@2020-05-15' = { name: resourceName location: location + sku: { + capacity: 1 + name: 'S1' + } kind: 'Gen1' properties: { dataRetentionTime: 'P30D' storageLimitExceededBehavior: 'PurgeOldData' } - sku: { - capacity: 1 - name: 'S1' - } } resource referenceDataSet 'Microsoft.TimeSeriesInsights/environments/referenceDataSets@2020-05-15' = { - parent: environment name: resourceName location: location + parent: environment properties: { - dataStringComparisonBehavior: 'Ordinal' keyProperties: [ { - name: 'keyProperty1' type: 'String' + name: 'keyProperty1' } ] + dataStringComparisonBehavior: 'Ordinal' } } diff --git a/settings/remarks/microsoft.videoindexer/samples/accounts/main.bicep b/settings/remarks/microsoft.videoindexer/samples/accounts/main.bicep index 305a02af..d2c42689 100644 --- a/settings/remarks/microsoft.videoindexer/samples/accounts/main.bicep +++ b/settings/remarks/microsoft.videoindexer/samples/accounts/main.bicep @@ -6,7 +6,6 @@ resource account 'Microsoft.VideoIndexer/accounts@2025-04-01' = { location: location properties: { storageServices: { - resourceId: storageAccount.id userAssignedIdentity: '' } } @@ -15,14 +14,26 @@ resource account 'Microsoft.VideoIndexer/accounts@2025-04-01' = { resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { name: '${replace(resourceName, '-', '')}sa' location: location + sku: { + name: 'Standard_LRS' + } kind: 'StorageV2' properties: { + minimumTlsVersion: 'TLS1_2' + networkAcls: { + bypass: 'AzureServices' + defaultAction: 'Allow' + ipRules: [] + resourceAccessRules: [] + virtualNetworkRules: [] + } accessTier: 'Hot' - allowBlobPublicAccess: true - allowCrossTenantReplication: false allowSharedKeyAccess: true - defaultToOAuthAuthentication: false dnsEndpointType: 'Standard' + isLocalUserEnabled: true + allowCrossTenantReplication: false + isNfsV3Enabled: false + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -35,22 +46,10 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } } isHnsEnabled: false - isLocalUserEnabled: true - isNfsV3Enabled: false isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' - networkAcls: { - bypass: 'AzureServices' - defaultAction: 'Allow' - ipRules: [] - resourceAccessRules: [] - virtualNetworkRules: [] - } - publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true - } - sku: { - name: 'Standard_LRS' + allowBlobPublicAccess: true + publicNetworkAccess: 'Enabled' } } diff --git a/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/main.bicep b/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/main.bicep index 259c0806..ecf4b9b7 100644 --- a/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/main.bicep +++ b/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/main.bicep @@ -5,6 +5,7 @@ resource communicationsGateway 'Microsoft.VoiceServices/communicationsGateways@2 name: resourceName location: location properties: { + teamsVoicemailPilotNumber: '1234567890' autoGeneratedDomainNameLabelScope: 'NoReuse' codecs: [ 'PCMA' @@ -44,6 +45,5 @@ resource communicationsGateway 'Microsoft.VoiceServices/communicationsGateways@2 } } ] - teamsVoicemailPilotNumber: '1234567890' } } diff --git a/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/testlines/main.bicep b/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/testlines/main.bicep index 66d475f3..2c48e352 100644 --- a/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/testlines/main.bicep +++ b/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/testlines/main.bicep @@ -5,12 +5,6 @@ resource communicationsGateway 'Microsoft.VoiceServices/communicationsGateways@2 name: resourceName location: location properties: { - autoGeneratedDomainNameLabelScope: 'NoReuse' - codecs: [ - 'PCMA' - ] - connectivity: 'PublicAddress' - e911Type: 'Standard' platforms: [ 'OperatorConnect' ] @@ -45,13 +39,19 @@ resource communicationsGateway 'Microsoft.VoiceServices/communicationsGateways@2 } ] teamsVoicemailPilotNumber: '1234567890' + autoGeneratedDomainNameLabelScope: 'NoReuse' + codecs: [ + 'PCMA' + ] + connectivity: 'PublicAddress' + e911Type: 'Standard' } } -resource testline 'Microsoft.VoiceServices/communicationsGateways/testLines@2023-01-31' = { - parent: communicationsGateway +resource testLine 'Microsoft.VoiceServices/communicationsGateways/testLines@2023-01-31' = { name: resourceName location: location + parent: communicationsGateway properties: { phoneNumber: '123456789' purpose: 'Automated' diff --git a/settings/remarks/microsoft.web/remarks.json b/settings/remarks/microsoft.web/remarks.json index 1a1dfbdd..40a27818 100644 --- a/settings/remarks/microsoft.web/remarks.json +++ b/settings/remarks/microsoft.web/remarks.json @@ -121,6 +121,11 @@ "ResourceType": "Microsoft.Web/staticSites/customDomains", "Path": "samples/staticsites/customdomains/main.bicep", "Description": "A basic example of deploying Static Web App Custom Domain." + }, + { + "ResourceType": "Microsoft.Web/sourcecontrols", + "Path": "samples/sourcecontrols/main.bicep", + "Description": "A basic example of deploying App Service GitHub Token." } ] } diff --git a/settings/remarks/microsoft.web/samples/serverfarms/main.bicep b/settings/remarks/microsoft.web/samples/serverfarms/main.bicep index ac77f6af..1e1d261f 100644 --- a/settings/remarks/microsoft.web/samples/serverfarms/main.bicep +++ b/settings/remarks/microsoft.web/samples/serverfarms/main.bicep @@ -4,13 +4,13 @@ param location string = 'westeurope' resource serverfarm 'Microsoft.Web/serverfarms@2022-09-01' = { name: resourceName location: location + sku: { + name: 'S1' + } properties: { hyperV: false perSiteScaling: false reserved: false zoneRedundant: false } - sku: { - name: 'S1' - } } diff --git a/settings/remarks/microsoft.web/samples/sites/config/main.bicep b/settings/remarks/microsoft.web/samples/sites/config/main.bicep index bdfaa837..ec3bfea2 100644 --- a/settings/remarks/microsoft.web/samples/sites/config/main.bicep +++ b/settings/remarks/microsoft.web/samples/sites/config/main.bicep @@ -1,17 +1,17 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource serverfarm 'Microsoft.Web/serverfarms@2022-09-01' = { name: resourceName location: location + sku: { + name: 'S1' + } properties: { + zoneRedundant: false hyperV: false perSiteScaling: false reserved: false - zoneRedundant: false - } - sku: { - name: 'S1' } } @@ -20,37 +20,37 @@ resource site 'Microsoft.Web/sites@2022-09-01' = { location: location properties: { clientAffinityEnabled: false - clientCertEnabled: false clientCertMode: 'Required' - enabled: true httpsOnly: false publicNetworkAccess: 'Enabled' - serverFarmId: serverfarm.id siteConfig: { - acrUseManagedIdentityCreds: false alwaysOn: true autoHealEnabled: false - ftpsState: 'Disabled' http20Enabled: false - loadBalancing: 'LeastRequests' + remoteDebuggingEnabled: false localMySqlEnabled: false managedPipelineMode: 'Integrated' minTlsVersion: '1.2' - publicNetworkAccess: 'Enabled' - remoteDebuggingEnabled: false scmIpSecurityRestrictionsUseMain: false - scmMinTlsVersion: '1.2' - use32BitWorkerProcess: true vnetRouteAllEnabled: false webSocketsEnabled: false + publicNetworkAccess: 'Enabled' + acrUseManagedIdentityCreds: false + ftpsState: 'Disabled' + loadBalancing: 'LeastRequests' + scmMinTlsVersion: '1.2' + use32BitWorkerProcess: true windowsFxVersion: '' } + clientCertEnabled: false + enabled: true + serverFarmId: serverfarm.id vnetRouteAllEnabled: false } } resource config 'Microsoft.Web/sites/config@2022-09-01' = { - parent: site name: 'azurestorageaccounts' + parent: site properties: {} } diff --git a/settings/remarks/microsoft.web/samples/sites/main.bicep b/settings/remarks/microsoft.web/samples/sites/main.bicep index 84754e11..826bdab9 100644 --- a/settings/remarks/microsoft.web/samples/sites/main.bicep +++ b/settings/remarks/microsoft.web/samples/sites/main.bicep @@ -4,47 +4,47 @@ param location string = 'westeurope' resource serverfarm 'Microsoft.Web/serverfarms@2022-09-01' = { name: resourceName location: location + sku: { + name: 'S1' + } properties: { hyperV: false perSiteScaling: false reserved: false zoneRedundant: false } - sku: { - name: 'S1' - } } resource site 'Microsoft.Web/sites@2022-09-01' = { name: resourceName location: location properties: { - clientAffinityEnabled: false clientCertEnabled: false clientCertMode: 'Required' enabled: true httpsOnly: false publicNetworkAccess: 'Enabled' + vnetRouteAllEnabled: false + clientAffinityEnabled: false serverFarmId: serverfarm.id siteConfig: { + windowsFxVersion: '' + scmMinTlsVersion: '1.2' acrUseManagedIdentityCreds: false alwaysOn: true - autoHealEnabled: false ftpsState: 'Disabled' http20Enabled: false loadBalancing: 'LeastRequests' localMySqlEnabled: false - managedPipelineMode: 'Integrated' minTlsVersion: '1.2' - publicNetworkAccess: 'Enabled' + managedPipelineMode: 'Integrated' remoteDebuggingEnabled: false - scmIpSecurityRestrictionsUseMain: false - scmMinTlsVersion: '1.2' use32BitWorkerProcess: true vnetRouteAllEnabled: false webSocketsEnabled: false - windowsFxVersion: '' + scmIpSecurityRestrictionsUseMain: false + autoHealEnabled: false + publicNetworkAccess: 'Enabled' } - vnetRouteAllEnabled: false } } diff --git a/settings/remarks/microsoft.web/samples/sites/publiccertificates/main.bicep b/settings/remarks/microsoft.web/samples/sites/publiccertificates/main.bicep index b98d9d7a..6e6d45c3 100644 --- a/settings/remarks/microsoft.web/samples/sites/publiccertificates/main.bicep +++ b/settings/remarks/microsoft.web/samples/sites/publiccertificates/main.bicep @@ -4,15 +4,15 @@ param location string = 'westeurope' resource serverfarm 'Microsoft.Web/serverfarms@2021-02-01' = { name: resourceName location: location - kind: 'Windows' - properties: { - isXenon: false - } sku: { - capacity: 1 name: 'S1' size: 'S1' tier: 'Standard' + capacity: 1 + } + kind: 'Windows' + properties: { + isXenon: false } } @@ -20,18 +20,18 @@ resource site 'Microsoft.Web/sites@2021-02-01' = { name: resourceName location: location properties: { + siteConfig: {} clientAffinityEnabled: false clientCertEnabled: false enabled: true httpsOnly: false serverFarmId: serverfarm.id - siteConfig: {} } } resource publicCertificate 'Microsoft.Web/sites/publicCertificates@2022-09-01' = { - parent: site name: resourceName + parent: site properties: { blob: 'LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNzakNDQVpvQ0NRQ01kdDdEdnlnUHREQU5CZ2txaGtpRzl3MEJBUXNGQURBYk1Sa3dGd1lEVlFRRERCQmgKY0drdWRHVnljbUZtYjNKdExtbHZNQjRYRFRFNE1EY3dOVEV3TXpNek1Gb1hEVEk0TURjd01qRXdNek16TUZvdwpHekVaTUJjR0ExVUVBd3dRWVhCcExuUmxjbkpoWm05eWJTNXBiekNDQVNJd0RRWUpLb1pJaHZjTkFRRUJCUUFECmdnRVBBRENDQVFvQ2dnRUJBS1FXMzMyT2wyOENzaWRBaGVEMWFMOVVsOEpXbktMZGFWeEtaM3NzbDVDWGpQRE8KbU03SVhrMFNnYlFuVUM4bElsUEZaaURHYlExc0I2T1RNdW42Wlo0aXBMcDgwZHRsMHJvQ0x0Q25EUU9CR3pDTgpBckNZQW9YUnVyamtYRVk3dHBEMHd3dFU3MiszN2gzSFE0ZzBWUzZWSXRKQ3FKOVFBRFYrSE8yWld1WlRlejcwCk1ob0w2T0xmWlA3SEdZZEpES2dmRVZORjVYbGJWek5BR2tESUpGZGhqTnh5R0d1NU5mc20xcGZRaEF5dW5razcKSlZhbWpVZzVJb2pSZG82M0lTOXd3ek1PZGVHU0FiQmNzSmZZZUNmVmcya3VwUjhxMFRtWit4OTNSbW1PbGJTaQo2NmtFWXhSelo5WUNRZUhKbW4xWWZKOTJCcENVaXk5QTZaMWlhS1VDQXdFQUFUQU5CZ2txaGtpRzl3MEJBUXNGCkFBT0NBUUVBSjdKaGxlY1A3SjQ4d0kyUUhUTWJBTWtrV0J2L2lXcTEvUUlGNHVnSDNaYjVQb3JPditOZmhRMEwKbFdpdy9Tek44QWU5NXZVaXhBR1lITVNhMjhvdW1NNUsxT3NxS0VrVklvMUFvQkg4bkJ6K1ZjVHBSRC9tSFhvdApBSFBBWnQ5ajVMcWVIWCtlblI2UmJJTkFmM2puK1lVM01kVmUwTXNBRGRGQVNWRGZqbVFQMlI3bzlhSmIvUXFPCmczYlpCV3NpQkRFSVNmeWFIMitwZ1VNN3d0d0VvRldtRU1sZ2pMSzFNUkJzMWNEWlhxbkhhQ2QvcnMrTm1XVjkKbmFFdTd4NWZ5UU9rNEhvemtwd2VSK0p4MXNCbFRSc2E0OS9xU0h0LzZVTEtmTzAxL2NUczRpRjcxeWtYUGJoMwpLajljSTJ1bzlhWXRYa3hraEtyR3lVcEE3RkpxV3c9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==' publicCertificateLocation: 'Unknown' diff --git a/settings/remarks/microsoft.web/samples/sites/siteextensions/main.bicep b/settings/remarks/microsoft.web/samples/sites/siteextensions/main.bicep index 94f2c216..7e69e425 100644 --- a/settings/remarks/microsoft.web/samples/sites/siteextensions/main.bicep +++ b/settings/remarks/microsoft.web/samples/sites/siteextensions/main.bicep @@ -1,57 +1,57 @@ +param location string = 'westeurope' param resourceName string = 'acctest0001' param resourceSiteName string = 'acctestsite0001' -param location string = 'westeurope' - -resource serverfarm 'Microsoft.Web/serverfarms@2022-09-01' = { - name: resourceName - location: location - properties: { - hyperV: false - perSiteScaling: false - reserved: false - zoneRedundant: false - } - sku: { - name: 'S1' - } -} resource site 'Microsoft.Web/sites@2022-09-01' = { name: resourceSiteName location: location properties: { - clientAffinityEnabled: false - clientCertEnabled: false - clientCertMode: 'Required' - enabled: true - httpsOnly: false publicNetworkAccess: 'Enabled' serverFarmId: serverfarm.id + clientAffinityEnabled: false + clientCertEnabled: false siteConfig: { acrUseManagedIdentityCreds: false - alwaysOn: true autoHealEnabled: false ftpsState: 'Disabled' http20Enabled: false + use32BitWorkerProcess: true loadBalancing: 'LeastRequests' - localMySqlEnabled: false managedPipelineMode: 'Integrated' minTlsVersion: '1.2' - publicNetworkAccess: 'Enabled' + webSocketsEnabled: false + windowsFxVersion: '' remoteDebuggingEnabled: false scmIpSecurityRestrictionsUseMain: false scmMinTlsVersion: '1.2' - use32BitWorkerProcess: true + alwaysOn: true + localMySqlEnabled: false + publicNetworkAccess: 'Enabled' vnetRouteAllEnabled: false - webSocketsEnabled: false - windowsFxVersion: '' } vnetRouteAllEnabled: false + clientCertMode: 'Required' + enabled: true + httpsOnly: false } } resource dynatraceSiteExtension 'Microsoft.Web/sites/siteextensions@2022-09-01' = { - parent: site name: 'Dynatrace' location: location + parent: site +} + +resource serverfarm 'Microsoft.Web/serverfarms@2022-09-01' = { + name: resourceName + location: location + sku: { + name: 'S1' + } + properties: { + hyperV: false + perSiteScaling: false + reserved: false + zoneRedundant: false + } } diff --git a/settings/remarks/microsoft.web/samples/sites/slots/config/main.bicep b/settings/remarks/microsoft.web/samples/sites/slots/config/main.bicep index a261a10d..adba0877 100644 --- a/settings/remarks/microsoft.web/samples/sites/slots/config/main.bicep +++ b/settings/remarks/microsoft.web/samples/sites/slots/config/main.bicep @@ -4,15 +4,15 @@ param location string = 'westeurope' resource serverfarm 'Microsoft.Web/serverfarms@2022-09-01' = { name: resourceName location: location + sku: { + name: 'S1' + } properties: { hyperV: false perSiteScaling: false reserved: false zoneRedundant: false } - sku: { - name: 'S1' - } } resource site 'Microsoft.Web/sites@2022-09-01' = { @@ -22,71 +22,71 @@ resource site 'Microsoft.Web/sites@2022-09-01' = { clientAffinityEnabled: false clientCertEnabled: false clientCertMode: 'Required' - enabled: true httpsOnly: false - publicNetworkAccess: 'Enabled' serverFarmId: serverfarm.id siteConfig: { - acrUseManagedIdentityCreds: false - alwaysOn: true - autoHealEnabled: false ftpsState: 'Disabled' - http20Enabled: false - loadBalancing: 'LeastRequests' - localMySqlEnabled: false - managedPipelineMode: 'Integrated' minTlsVersion: '1.2' publicNetworkAccess: 'Enabled' + webSocketsEnabled: false + windowsFxVersion: '' + acrUseManagedIdentityCreds: false + http20Enabled: false + managedPipelineMode: 'Integrated' remoteDebuggingEnabled: false - scmIpSecurityRestrictionsUseMain: false scmMinTlsVersion: '1.2' use32BitWorkerProcess: true + alwaysOn: true + autoHealEnabled: false + loadBalancing: 'LeastRequests' + localMySqlEnabled: false + scmIpSecurityRestrictionsUseMain: false vnetRouteAllEnabled: false - webSocketsEnabled: false - windowsFxVersion: '' } vnetRouteAllEnabled: false + enabled: true + publicNetworkAccess: 'Enabled' } } resource slot 'Microsoft.Web/sites/slots@2022-09-01' = { - parent: site name: resourceName location: location + parent: site properties: { + publicNetworkAccess: 'Enabled' + serverFarmId: serverfarm.id + vnetRouteAllEnabled: false clientAffinityEnabled: false - clientCertEnabled: false clientCertExclusionPaths: '' clientCertMode: 'Required' enabled: true httpsOnly: false - publicNetworkAccess: 'Enabled' - serverFarmId: serverfarm.id siteConfig: { acrUseManagedIdentityCreds: false - alwaysOn: true autoHealEnabled: false + loadBalancing: 'LeastRequests' + minTlsVersion: '1.2' ftpsState: 'Disabled' http20Enabled: false - loadBalancing: 'LeastRequests' + vnetRouteAllEnabled: false localMySqlEnabled: false - managedPipelineMode: 'Integrated' - minTlsVersion: '1.2' publicNetworkAccess: 'Enabled' remoteDebuggingEnabled: false scmIpSecurityRestrictionsUseMain: false scmMinTlsVersion: '1.2' use32BitWorkerProcess: false - vnetRouteAllEnabled: false + alwaysOn: true + managedPipelineMode: 'Integrated' webSocketsEnabled: false windowsFxVersion: '' } - vnetRouteAllEnabled: false + clientCertEnabled: false } } resource config 'Microsoft.Web/sites/slots/config@2022-09-01' = { - parent: slot name: 'azurestorageaccounts' + parent: slot properties: {} } diff --git a/settings/remarks/microsoft.web/samples/sites/slots/main.bicep b/settings/remarks/microsoft.web/samples/sites/slots/main.bicep index a38c7b91..c5ec42b8 100644 --- a/settings/remarks/microsoft.web/samples/sites/slots/main.bicep +++ b/settings/remarks/microsoft.web/samples/sites/slots/main.bicep @@ -1,86 +1,86 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource serverfarm 'Microsoft.Web/serverfarms@2022-09-01' = { name: resourceName location: location + sku: { + name: 'S1' + } properties: { hyperV: false perSiteScaling: false reserved: false zoneRedundant: false } - sku: { - name: 'S1' - } } resource site 'Microsoft.Web/sites@2022-09-01' = { name: resourceName location: location properties: { - clientAffinityEnabled: false clientCertEnabled: false clientCertMode: 'Required' - enabled: true httpsOnly: false - publicNetworkAccess: 'Enabled' serverFarmId: serverfarm.id + enabled: true + publicNetworkAccess: 'Enabled' siteConfig: { acrUseManagedIdentityCreds: false alwaysOn: true - autoHealEnabled: false - ftpsState: 'Disabled' http20Enabled: false + scmIpSecurityRestrictionsUseMain: false + windowsFxVersion: '' + ftpsState: 'Disabled' + publicNetworkAccess: 'Enabled' + webSocketsEnabled: false + autoHealEnabled: false + minTlsVersion: '1.2' + remoteDebuggingEnabled: false loadBalancing: 'LeastRequests' localMySqlEnabled: false managedPipelineMode: 'Integrated' - minTlsVersion: '1.2' - publicNetworkAccess: 'Enabled' - remoteDebuggingEnabled: false - scmIpSecurityRestrictionsUseMain: false scmMinTlsVersion: '1.2' use32BitWorkerProcess: true vnetRouteAllEnabled: false - webSocketsEnabled: false - windowsFxVersion: '' } vnetRouteAllEnabled: false + clientAffinityEnabled: false } } resource slot 'Microsoft.Web/sites/slots@2022-09-01' = { - parent: site name: resourceName location: location + parent: site properties: { - clientAffinityEnabled: false - clientCertEnabled: false - clientCertExclusionPaths: '' clientCertMode: 'Required' - enabled: true - httpsOnly: false publicNetworkAccess: 'Enabled' - serverFarmId: serverfarm.id siteConfig: { + use32BitWorkerProcess: false acrUseManagedIdentityCreds: false + minTlsVersion: '1.2' + remoteDebuggingEnabled: false + scmMinTlsVersion: '1.2' + webSocketsEnabled: false alwaysOn: true autoHealEnabled: false - ftpsState: 'Disabled' http20Enabled: false - loadBalancing: 'LeastRequests' - localMySqlEnabled: false - managedPipelineMode: 'Integrated' - minTlsVersion: '1.2' publicNetworkAccess: 'Enabled' - remoteDebuggingEnabled: false scmIpSecurityRestrictionsUseMain: false - scmMinTlsVersion: '1.2' - use32BitWorkerProcess: false + ftpsState: 'Disabled' + managedPipelineMode: 'Integrated' vnetRouteAllEnabled: false - webSocketsEnabled: false windowsFxVersion: '' + loadBalancing: 'LeastRequests' + localMySqlEnabled: false } vnetRouteAllEnabled: false + clientCertExclusionPaths: '' + enabled: true + httpsOnly: false + serverFarmId: serverfarm.id + clientAffinityEnabled: false + clientCertEnabled: false } } diff --git a/settings/remarks/microsoft.web/samples/sourcecontrols/main.bicep b/settings/remarks/microsoft.web/samples/sourcecontrols/main.bicep new file mode 100644 index 00000000..a2fbe90d --- /dev/null +++ b/settings/remarks/microsoft.web/samples/sourcecontrols/main.bicep @@ -0,0 +1,18 @@ +targetScope = 'tenant' + +@secure() +@description('The GitHub access token for source control integration') +param githubToken string +@secure() +@description('The GitHub token secret for source control integration') +param githubTokenSecret string +param resourceName string = 'acctest0001' +param location string = 'eastus' + +resource sourcecontrol 'Microsoft.Web/sourcecontrols@2021-02-01' = { + name: 'GitHub' + properties: { + token: '${githubToken}' + tokenSecret: '${githubTokenSecret}' + } +} diff --git a/settings/remarks/microsoft.web/samples/staticsites/customdomains/main.bicep b/settings/remarks/microsoft.web/samples/staticsites/customdomains/main.bicep index a9b765ba..0f5b6540 100644 --- a/settings/remarks/microsoft.web/samples/staticsites/customdomains/main.bicep +++ b/settings/remarks/microsoft.web/samples/staticsites/customdomains/main.bicep @@ -4,15 +4,15 @@ param location string = 'westus' resource staticSite 'Microsoft.Web/staticSites@2021-02-01' = { name: resourceName location: location - properties: {} sku: { name: 'Free' } + properties: {} } resource customDomain 'Microsoft.Web/staticSites/customDomains@2021-02-01' = { - parent: staticSite name: '${resourceName}.contoso.com' + parent: staticSite properties: { validationMethod: 'dns-txt-token' } diff --git a/settings/remarks/microsoft.web/samples/staticsites/main.bicep b/settings/remarks/microsoft.web/samples/staticsites/main.bicep index 722c6511..4d747091 100644 --- a/settings/remarks/microsoft.web/samples/staticsites/main.bicep +++ b/settings/remarks/microsoft.web/samples/staticsites/main.bicep @@ -4,9 +4,9 @@ param location string = 'westeurope' resource staticSite 'Microsoft.Web/staticSites@2021-02-01' = { name: resourceName location: location - properties: {} sku: { name: 'Free' tier: 'Free' } + properties: {} } diff --git a/settings/remarks/nginx.nginxplus/samples/nginxdeployments/configurations/main.bicep b/settings/remarks/nginx.nginxplus/samples/nginxdeployments/configurations/main.bicep index ea30bb24..ef5224b8 100644 --- a/settings/remarks/nginx.nginxplus/samples/nginxdeployments/configurations/main.bicep +++ b/settings/remarks/nginx.nginxplus/samples/nginxdeployments/configurations/main.bicep @@ -1,72 +1,53 @@ param resourceName string = 'acctest0001' param location string = 'westus' +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { + name: '${resourceName}-vnet' + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + privateEndpointVNetPolicies: 'Disabled' + subnets: [] + } +} + resource nginxDeployment 'Nginx.NginxPlus/nginxDeployments@2024-11-01-preview' = { name: '${resourceName}-nginx' location: location + sku: { + name: 'standardv2_Monthly' + } properties: { - autoUpgradeProfile: { - upgradeChannel: 'stable' - } enableDiagnosticsSupport: false networkProfile: { frontEndIPConfiguration: { publicIPAddresses: [ - { - id: publicIPAddress.id - } + {} ] } - networkInterfaceConfiguration: { - subnetId: subnet.id - } + networkInterfaceConfiguration: {} } scalingProperties: { capacity: 10 } - } - sku: { - name: 'standardv2_Monthly' - } -} - -resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = { - name: '${resourceName}-pip' - location: location - properties: { - ddosSettings: { - protectionMode: 'VirtualNetworkInherited' - } - idleTimeoutInMinutes: 4 - publicIPAddressVersion: 'IPv4' - publicIPAllocationMethod: 'Static' - } - sku: { - name: 'Standard' - } -} - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { - name: '${resourceName}-vnet' - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] + autoUpgradeProfile: { + upgradeChannel: 'stable' } - privateEndpointVNetPolicies: 'Disabled' - subnets: [] } } resource configuration 'Nginx.NginxPlus/nginxDeployments/configurations@2024-11-01-preview' = { - parent: nginxDeployment name: 'default' + parent: nginxDeployment properties: { + rootFile: '/etc/nginx/nginx.conf' files: [ { content: 'aHR0cCB7CiAgICBzZXJ2ZXIgewogICAgICAgIGxpc3RlbiA4MDsKICAgICAgICBsb2NhdGlvbiAvIHsKICAgICAgICAgICAgYXV0aF9iYXNpYyAiUHJvdGVjdGVkIEFyZWEiOwogICAgICAgICAgICBhdXRoX2Jhc2ljX3VzZXJfZmlsZSAvb3B0Ly5odHBhc3N3ZDsKICAgICAgICAgICAgZGVmYXVsdF90eXBlIHRleHQvaHRtbDsKICAgICAgICAgICAgcmV0dXJuIDIwMCAnPCFkb2N0eXBlIGh0bWw+PGh0bWwgbGFuZz0iZW4iPjxoZWFkPjwvaGVhZD48Ym9keT4KICAgICAgICAgICAgICAgIDxkaXY+dGhpcyBvbmUgd2lsbCBiZSB1cGRhdGVkPC9kaXY+CiAgICAgICAgICAgICAgICA8ZGl2PmF0IDEwOjM4IGFtPC9kaXY+CiAgICAgICAgICAgIDwvYm9keT48L2h0bWw+JzsKICAgICAgICB9CiAgICAgICAgaW5jbHVkZSBzaXRlLyouY29uZjsKICAgIH0KfQo=' @@ -79,14 +60,15 @@ resource configuration 'Nginx.NginxPlus/nginxDeployments/configurations@2024-11- virtualPath: '/opt/.htpasswd' } ] - rootFile: '/etc/nginx/nginx.conf' } } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { - parent: virtualNetwork name: '${resourceName}-subnet' + parent: virtualNetwork properties: { + serviceEndpointPolicies: [] + serviceEndpoints: [] addressPrefix: '10.0.2.0/24' defaultOutboundAccess: true delegations: [ @@ -99,7 +81,21 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { ] privateEndpointNetworkPolicies: 'Disabled' privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] + } +} + +resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = { + name: '${resourceName}-pip' + location: location + sku: { + name: 'Standard' + } + properties: { + ddosSettings: { + protectionMode: 'VirtualNetworkInherited' + } + idleTimeoutInMinutes: 4 + publicIPAddressVersion: 'IPv4' + publicIPAllocationMethod: 'Static' } } diff --git a/settings/remarks/nginx.nginxplus/samples/nginxdeployments/main.bicep b/settings/remarks/nginx.nginxplus/samples/nginxdeployments/main.bicep index 21aa7c31..d31d5805 100644 --- a/settings/remarks/nginx.nginxplus/samples/nginxdeployments/main.bicep +++ b/settings/remarks/nginx.nginxplus/samples/nginxdeployments/main.bicep @@ -1,25 +1,83 @@ -param resourceName string = 'acctest0001' param location string = 'westus' +param resourceName string = 'acctest0001' + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { + name: '${resourceName}-vnet' + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + privateEndpointVNetPolicies: 'Disabled' + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { + name: '${resourceName}-subnet' + parent: virtualNetwork + properties: { + defaultOutboundAccess: true + delegations: [ + { + name: 'delegation' + properties: { + serviceName: 'NGINX.NGINXPLUS/nginxDeployments' + } + } + ] + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] + addressPrefix: '10.0.2.0/24' + } +} + +resource subnet1 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { + name: '${resourceName}-subnet2' + parent: virtualNetwork + properties: { + serviceEndpoints: [] + addressPrefix: '10.0.3.0/24' + defaultOutboundAccess: true + delegations: [ + { + name: 'delegation' + properties: { + serviceName: 'NGINX.NGINXPLUS/nginxDeployments' + } + } + ] + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + } +} resource nginxDeployment 'Nginx.NginxPlus/nginxDeployments@2024-11-01-preview' = { name: '${resourceName}-nginx' location: location + sku: { + name: 'standardv2_Monthly' + } properties: { autoUpgradeProfile: { upgradeChannel: 'stable' } enableDiagnosticsSupport: false networkProfile: { + networkInterfaceConfiguration: {} frontEndIPConfiguration: { publicIPAddresses: [ - { - id: publicIPAddress.id - } + {} ] } - networkInterfaceConfiguration: { - subnetId: subnet.id - } } scalingProperties: { autoScaleSettings: { @@ -38,14 +96,15 @@ resource nginxDeployment 'Nginx.NginxPlus/nginxDeployments@2024-11-01-preview' = preferredEmail: 'test@test.com' } } - sku: { - name: 'standardv2_Monthly' - } } resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = { name: '${resourceName}-pip' location: location + sku: { + name: 'Standard' + tier: 'Regional' + } properties: { ddosSettings: { protectionMode: 'VirtualNetworkInherited' @@ -54,84 +113,21 @@ resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = { publicIPAddressVersion: 'IPv4' publicIPAllocationMethod: 'Static' } - sku: { - name: 'Standard' - tier: 'Regional' - } } resource publicipaddress1 'Microsoft.Network/publicIPAddresses@2024-05-01' = { name: '${resourceName}-pip2' location: location - properties: { - ddosSettings: { - protectionMode: 'VirtualNetworkInherited' - } - idleTimeoutInMinutes: 4 - publicIPAddressVersion: 'IPv4' - publicIPAllocationMethod: 'Static' - } sku: { name: 'Standard' tier: 'Regional' } -} - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { - name: '${resourceName}-vnet' - location: location properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] + idleTimeoutInMinutes: 4 + publicIPAddressVersion: 'IPv4' + publicIPAllocationMethod: 'Static' + ddosSettings: { + protectionMode: 'VirtualNetworkInherited' } - privateEndpointVNetPolicies: 'Disabled' - subnets: [] - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { - parent: virtualNetwork - name: '${resourceName}-subnet' - properties: { - addressPrefix: '10.0.2.0/24' - defaultOutboundAccess: true - delegations: [ - { - name: 'delegation' - properties: { - serviceName: 'NGINX.NGINXPLUS/nginxDeployments' - } - } - ] - privateEndpointNetworkPolicies: 'Disabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] - } -} - -resource subnet1 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { - parent: virtualNetwork - name: '${resourceName}-subnet2' - properties: { - addressPrefix: '10.0.3.0/24' - defaultOutboundAccess: true - delegations: [ - { - name: 'delegation' - properties: { - serviceName: 'NGINX.NGINXPLUS/nginxDeployments' - } - } - ] - privateEndpointNetworkPolicies: 'Disabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] } } diff --git a/settings/remarks/qumulo.storage/samples/filesystems/main.bicep b/settings/remarks/qumulo.storage/samples/filesystems/main.bicep index 526a60f7..f6849b71 100644 --- a/settings/remarks/qumulo.storage/samples/filesystems/main.bicep +++ b/settings/remarks/qumulo.storage/samples/filesystems/main.bicep @@ -8,13 +8,12 @@ resource qumuloFileSystem 'Qumulo.Storage/fileSystems@2024-06-19' = { name: resourceName location: location properties: { - adminPassword: null + adminPassword: qumuloPassword availabilityZone: '1' - delegatedSubnetId: subnet.id marketplaceDetails: { + publisherId: 'qumulo1584033880660' offerId: 'qumulo-saas-mpp' planId: 'azure-native-qumulo-v3' - publisherId: 'qumulo1584033880660' } storageSku: 'Cold_LRS' userDetails: { @@ -38,12 +37,10 @@ resource vnet 'Microsoft.Network/virtualNetworks@2024-05-01' = { } resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { - parent: vnet name: resourceName location: location + parent: vnet properties: { - addressPrefix: '10.0.1.0/24' - defaultOutboundAccess: true delegations: [ { name: 'delegation' @@ -57,5 +54,7 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { ] privateEndpointNetworkPolicies: 'Disabled' privateLinkServiceNetworkPolicies: 'Enabled' + addressPrefix: '10.0.1.0/24' + defaultOutboundAccess: true } } diff --git a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.authorization/2022-04-01/roledefinitions.md b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.authorization/2022-04-01/roledefinitions.md index 1007121e..120408b0 100644 --- a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.authorization/2022-04-01/roledefinitions.md +++ b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.authorization/2022-04-01/roledefinitions.md @@ -100,10 +100,12 @@ A basic example of deploying custom Role Definition. targetScope = 'subscription' param resourceName string = 'acctest0001' +param location string = 'eastus' resource roleDefinition 'Microsoft.Authorization/roleDefinitions@2018-01-01-preview' = { name: '6faae21a-0cd6-4536-8c23-a278823d12ed' properties: { + type: 'CustomRole' assignableScopes: [ subscription().id ] @@ -118,8 +120,7 @@ resource roleDefinition 'Microsoft.Authorization/roleDefinitions@2018-01-01-prev notDataActions: [] } ] - roleName: 'acctest0001' - type: 'CustomRole' + roleName: resourceName } } ``` diff --git a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.compute/2024-03-02/disks.md b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.compute/2024-03-02/disks.md index b5950790..923ada7a 100644 --- a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.compute/2024-03-02/disks.md +++ b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.compute/2024-03-02/disks.md @@ -311,20 +311,20 @@ param location string = 'westeurope' resource disk 'Microsoft.Compute/disks@2022-03-02' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } properties: { - creationData: { - createOption: 'Empty' - } - diskSizeGB: 10 encryption: { type: 'EncryptionAtRestWithPlatformKey' } networkAccessPolicy: 'AllowAll' osType: '' publicNetworkAccess: 'Enabled' - } - sku: { - name: 'Standard_LRS' + creationData: { + createOption: 'Empty' + } + diskSizeGB: 10 } } ``` diff --git a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.documentdb/2024-05-15/databaseaccounts.md b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.documentdb/2024-05-15/databaseaccounts.md index 4642b1fb..b82315a4 100644 --- a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.documentdb/2024-05-15/databaseaccounts.md +++ b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.documentdb/2024-05-15/databaseaccounts.md @@ -435,33 +435,33 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { - capabilities: [] - consistencyPolicy: { - defaultConsistencyLevel: 'BoundedStaleness' - maxIntervalInSeconds: 10 - maxStalenessPrefix: 200 - } - databaseAccountOfferType: 'Standard' - defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false - enableAnalyticalStorage: false enableAutomaticFailover: false - enableFreeTier: false - enableMultipleWriteLocations: false - ipRules: [] - isVirtualNetworkFilterEnabled: false locations: [ { - failoverPriority: 0 isZoneRedundant: false locationName: 'West Europe' + failoverPriority: 0 } ] networkAclBypass: 'None' + databaseAccountOfferType: 'Standard' + enableAnalyticalStorage: false + defaultIdentity: 'FirstPartyIdentity' + isVirtualNetworkFilterEnabled: false networkAclBypassResourceIds: [] - publicNetworkAccess: 'Enabled' virtualNetworkRules: [] + capabilities: [] + enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] + publicNetworkAccess: 'Enabled' + consistencyPolicy: { + defaultConsistencyLevel: 'BoundedStaleness' + maxIntervalInSeconds: 10 + maxStalenessPrefix: 200 + } } } ``` diff --git a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.keyvault/2023-07-01/vaults.md b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.keyvault/2023-07-01/vaults.md index a9035a7e..7aa708bb 100644 --- a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.keyvault/2023-07-01/vaults.md +++ b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.keyvault/2023-07-01/vaults.md @@ -210,37 +210,37 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { name: resourceName location: location properties: { + publicNetworkAccess: 'Enabled' + sku: { + family: 'A' + name: 'standard' + } + softDeleteRetentionInDays: 7 + tenantId: tenant().tenantId accessPolicies: [ { objectId: deployer().objectId permissions: { + secrets: [ + 'Set' + ] + storage: [] certificates: [ 'ManageContacts' ] keys: [ 'Create' ] - secrets: [ - 'Set' - ] - storage: [] } - tenantId: deployer().tenantId + tenantId: tenant().tenantId } ] - createMode: 'default' enableRbacAuthorization: false - enableSoftDelete: true enabledForDeployment: false enabledForDiskEncryption: false enabledForTemplateDeployment: false - publicNetworkAccess: 'Enabled' - sku: { - family: 'A' - name: 'standard' - } - softDeleteRetentionInDays: 7 - tenantId: deployer().tenantId + createMode: 'default' + enableSoftDelete: true } } ``` From 8f70a3ced0f10692e3ea98549edcd2c61f2c3e17 Mon Sep 17 00:00:00 2001 From: Mingzhe Jiang Date: Sun, 17 May 2026 22:45:47 -0700 Subject: [PATCH 2/3] Regenerate Bicep samples with updated tf2bicep compiler (660 files) --- .../remarks/microsoft.aadiam/remarks.json | 5 + .../diagnosticsettings/main-rg-module.bicep | 44 +++ .../samples/diagnosticsettings/main.bicep | 15 +- .../recommendations/suppressions/main.bicep | 2 +- .../samples/actionrules/main.bicep | 6 +- .../samples/prometheusrulegroups/main.bicep | 28 +- .../smartdetectoralertrules/main.bicep | 62 ++-- .../samples/servers/main.bicep | 6 +- .../service/apis/diagnostics/main.bicep | 16 +- .../samples/service/apis/main.bicep | 24 +- .../service/apis/operations/main.bicep | 16 +- .../samples/service/apis/policies/main.bicep | 20 +- .../samples/service/apis/schemas/main.bicep | 12 +- .../service/apis/tagdescriptions/main.bicep | 24 +- .../samples/service/apis/tags/main.bicep | 14 +- .../samples/service/apiversionsets/main.bicep | 2 +- .../service/authorizationservers/main.bicep | 20 +- .../samples/service/backends/main.bicep | 8 +- .../samples/service/caches/main.bicep | 6 +- .../samples/service/certificates/main.bicep | 8 +- .../samples/service/diagnostics/main.bicep | 49 +-- .../certificateauthorities/main.bicep | 22 +- .../hostnameconfigurations/main.bicep | 26 +- .../samples/service/gateways/main.bicep | 28 +- .../samples/service/groups/main.bicep | 12 +- .../service/identityproviders/main.bicep | 28 +- .../samples/service/loggers/main.bicep | 16 +- .../samples/service/main.bicep | 26 +- .../samples/service/namedvalues/main.bicep | 12 +- .../service/openidconnectproviders/main.bicep | 16 +- .../service/policyfragments/main.bicep | 32 +- .../samples/service/portalsettings/main.bicep | 24 +- .../samples/service/products/main.bicep | 14 +- .../service/products/policies/main.bicep | 6 +- .../samples/service/products/tags/main.bicep | 32 +- .../samples/service/schemas/main.bicep | 4 +- .../samples/service/subscriptions/main.bicep | 47 +-- .../samples/service/tags/main.bicep | 6 +- .../samples/service/users/main.bicep | 24 +- .../samples/containerapps/main.bicep | 10 +- .../microsoft.app/samples/jobs/main.bicep | 24 +- .../certificates/main.bicep | 15 +- .../daprcomponents/main.bicep | 30 +- .../dotnetcomponents/main.bicep | 3 +- .../samples/managedenvironments/main.bicep | 29 +- .../managedenvironments/storages/main.bicep | 43 +-- .../samples/configurationstores/main.bicep | 2 +- .../spring/apiportals/domains/main.bicep | 2 +- .../samples/spring/apps/bindings/main.bicep | 6 +- .../spring/apps/deployments/main.bicep | 2 +- .../samples/spring/apps/main.bicep | 2 +- .../spring/buildservices/builders/main.bicep | 34 +-- .../spring/configurationservices/main.bicep | 2 +- .../samples/spring/devtoolportals/main.bicep | 4 +- .../spring/gateways/routeconfigs/main.bicep | 22 +- .../samples/spring/storages/main.bicep | 32 +- .../samples/locks/main.bicep | 2 +- .../samples/policyassignments/main.bicep | 25 +- .../samples/policydefinitions/main.bicep | 4 +- .../samples/policyexemptions/main.bicep | 29 +- .../samples/policysetdefinitions/main.bicep | 6 +- .../samples/roledefinitions/main.bicep | 2 +- .../configurations/main.bicep | 10 +- .../automationaccounts/connections/main.bicep | 2 +- .../connectiontypes/main.bicep | 6 +- .../automationaccounts/credentials/main.bicep | 2 +- .../hybridrunbookworkers/main.bicep | 98 +++--- .../hybridrunbookworkergroups/main.bicep | 4 +- .../automationaccounts/modules/main.bicep | 6 +- .../runbooks/draft/main.bicep | 6 +- .../automationaccounts/runbooks/main.bicep | 6 +- .../automationaccounts/schedules/main.bicep | 6 +- .../softwareupdateconfigurations/main.bicep | 22 +- .../sourcecontrols/main.bicep | 6 +- .../samples/privateclouds/main.bicep | 2 +- .../samples/b2cdirectories/main.bicep | 2 +- .../batchaccounts/applications/main.bicep | 23 +- .../batchaccounts/certificates/main.bicep | 10 +- .../samples/batchaccounts/pools/main.bicep | 5 +- .../billingprofiles/main.bicep | 20 +- .../samples/botservices/channels/main.bicep | 14 +- .../samples/botservices/main.bicep | 8 +- .../samples/redis/accesspolicies/main.bicep | 6 +- .../redis/accesspolicyassignments/main.bicep | 2 +- .../samples/redis/firewallrules/main.bicep | 12 +- .../redis/linkedservers/main-rg-module.bicep | 10 +- .../microsoft.cache/samples/redis/main.bicep | 4 +- .../redisenterprise/databases/main.bicep | 2 +- .../samples/profiles/afdendpoints/main.bicep | 2 +- .../profiles/afdendpoints/routes/main.bicep | 30 +- .../samples/profiles/customdomains/main.bicep | 18 +- .../samples/profiles/endpoints/main.bicep | 4 +- .../microsoft.cdn/samples/profiles/main.bicep | 2 +- .../samples/profiles/origingroups/main.bicep | 2 +- .../profiles/origingroups/origins/main.bicep | 10 +- .../profiles/rulesets/rules/main.bicep | 64 ++-- .../profiles/securitypolicies/main.bicep | 78 ++--- .../samples/certificateorders/main.bicep | 2 +- .../samples/accounts/deployments/main.bicep | 5 +- .../samples/accounts/main.bicep | 8 +- .../samples/accounts/projects/main.bicep | 4 +- .../samples/accounts/raiblocklists/main.bicep | 4 +- .../samples/accounts/raipolicies/main.bicep | 2 +- .../samples/communicationservices/main.bicep | 2 +- .../samples/emailservices/domains/main.bicep | 2 +- .../capacityreservations/main.bicep | 2 +- .../capacityreservationgroups/main.bicep | 2 +- .../samples/diskaccesses/main.bicep | 4 +- .../samples/diskencryptionsets/main.bicep | 4 +- .../samples/disks/main.bicep | 10 +- .../samples/galleries/applications/main.bicep | 2 +- .../applications/versions/main.bicep | 58 ++-- .../samples/galleries/images/main.bicep | 7 +- .../samples/hostgroups/hosts/main.bicep | 2 +- .../restorepointcollections/main.bicep | 166 +++++----- .../restorepoints/main.bicep | 34 ++- .../samples/snapshots/main.bicep | 34 +-- .../virtualmachines/attachdatadisk/main.bicep | 52 ++-- .../virtualmachines/attachosdisk/main.bicep | 159 +++++----- .../samples/virtualmachines/basic/main.bicep | 54 ++-- .../virtualmachines/extensions/main.bicep | 12 +- .../virtualmachines/runcommands/main.bicep | 72 ++--- .../extensions/main.bicep | 88 +++--- .../virtualmachinescalesets/main.bicep | 88 +++--- .../samples/ledgers/main.bicep | 12 +- .../samples/budgets/main.bicep | 18 +- .../samples/containergroups/main.bicep | 4 +- .../samples/registries/agentpools/main.bicep | 4 +- .../samples/registries/cacherules/main.bicep | 8 +- .../registries/connectedregistries/main.bicep | 10 +- .../registries/credentialsets/main.bicep | 26 +- .../samples/registries/main.bicep | 16 +- .../samples/registries/scopemaps/main.bicep | 18 +- .../samples/registries/taskruns/main.bicep | 8 +- .../samples/registries/tasks/main.bicep | 5 +- .../samples/registries/tokens/main.bicep | 12 +- .../samples/registries/webhooks/main.bicep | 24 +- .../samples/fleets/members/main.bicep | 64 ++-- .../managedclusters/agentpools/main.bicep | 2 +- .../samples/managedclusters/main.bicep | 2 +- .../trustedaccessrolebindings/main.bicep | 160 +++++----- .../samples/scheduledactions/main.bicep | 24 +- .../samples/views/main.bicep | 22 +- .../managedprivateendpoints/main.bicep | 22 +- .../virtualnetworkpeerings/main.bicep | 18 +- .../samples/factories/credentials/main.bicep | 11 +- .../samples/factories/dataflows/main.bicep | 49 +-- .../samples/factories/datasets/main.bicep | 22 +- .../factories/integrationruntimes/main.bicep | 1 - .../factories/linkedservices/main.bicep | 61 ++-- .../samples/factories/main.bicep | 1 - .../managedvirtualnetworks/main.bicep | 1 - .../managedprivateendpoints/main.bicep | 45 ++- .../samples/factories/pipelines/main.bicep | 3 +- .../samples/factories/triggers/main.bicep | 13 +- .../samples/services/main.bicep | 6 +- .../samples/services/projects/main.bicep | 12 +- .../backupvaults/backupinstances/main.bicep | 86 +++--- .../backupvaults/backuppolicies/main.bicep | 24 +- .../samples/servers/configurations/main.bicep | 16 +- .../samples/servers/databases/main.bicep | 12 +- .../samples/servers/firewallrules/main.bicep | 16 +- .../samples/servers/main.bicep | 12 +- .../servers/virtualnetworkrules/main.bicep | 26 +- .../flexibleservers/administrators/main.bicep | 12 +- .../flexibleservers/configurations/main.bicep | 10 +- .../flexibleservers/databases/main.bicep | 16 +- .../flexibleservers/firewallrules/main.bicep | 12 +- .../samples/flexibleservers/main.bicep | 14 +- .../samples/servers/administrators/main.bicep | 14 +- .../samples/servers/configurations/main.bicep | 12 +- .../samples/servers/databases/main.bicep | 8 +- .../samples/servers/firewallrules/main.bicep | 16 +- .../samples/servers/main.bicep | 10 +- .../servers/virtualnetworkrules/main.bicep | 58 ++-- .../flexibleservers/administrators/main.bicep | 2 +- .../flexibleservers/configurations/main.bicep | 13 +- .../flexibleservers/databases/main.bicep | 14 +- .../flexibleservers/firewallrules/main.bicep | 16 +- .../samples/flexibleservers/main.bicep | 7 +- .../virtualendpoints/main.bicep | 46 +-- .../samples/servergroupsv2/main.bicep | 6 +- .../samples/servers/administrators/main.bicep | 10 +- .../samples/servers/configurations/main.bicep | 10 +- .../samples/servers/databases/main.bicep | 16 +- .../samples/servers/firewallrules/main.bicep | 14 +- .../samples/servers/main.bicep | 18 +- .../servers/virtualnetworkrules/main.bicep | 24 +- .../applicationgroups/applications/main.bicep | 27 +- .../samples/applicationgroups/main.bicep | 7 +- .../devcenters/attachednetworks/main.bicep | 2 +- .../devcenters/devboxdefinitions/main.bicep | 3 +- .../samples/devcenters/main.bicep | 10 +- .../samples/networkconnections/main.bicep | 1 + .../projects/environmenttypes/main.bicep | 24 +- .../samples/projects/main.bicep | 2 +- .../samples/iothubs/certificates/main.bicep | 6 +- .../samples/accounts/instances/main.bicep | 52 ++-- .../labs/policysets/policies/main.bicep | 10 +- .../samples/labs/schedules/main.bicep | 2 +- .../samples/labs/virtualmachines/main.bicep | 51 ++-- .../samples/labs/virtualnetworks/main.bicep | 4 +- .../samples/schedules/main.bicep | 99 +++--- .../endpoints/main.bicep | 24 +- .../cassandrakeyspaces/main.bicep | 28 +- .../cassandrakeyspaces/tables/main.bicep | 45 ++- .../gremlindatabases/graphs/main.bicep | 20 +- .../gremlindatabases/main.bicep | 28 +- .../samples/databaseaccounts/main.bicep | 30 +- .../mongodbdatabases/main.bicep | 26 +- .../mongodbroledefinitions/main.bicep | 61 ++-- .../mongodbuserdefinitions/main.bicep | 67 ++-- .../databaseaccounts/services/main.bicep | 22 +- .../sqldatabases/containers/main.bicep | 30 +- .../containers/storedprocedures/main.bicep | 34 +-- .../containers/triggers/main.bicep | 28 +- .../userdefinedfunctions/main.bicep | 36 +-- .../databaseaccounts/sqldatabases/main.bicep | 26 +- .../sqlroleassignments/main.bicep | 30 +- .../sqlroledefinitions/main.bicep | 22 +- .../databaseaccounts/tables/main.bicep | 30 +- .../mongoclusters/firewallrules/main.bicep | 18 +- .../samples/mongoclusters/users/main.bicep | 4 +- .../samples/elasticsans/main.bicep | 4 +- .../elasticsans/volumegroups/main.bicep | 2 +- .../volumegroups/volumes/main.bicep | 6 +- .../samples/domains/main.bicep | 3 +- .../samples/domains/topics/main.bicep | 1 - .../samples/eventsubscriptions/main.bicep | 11 +- .../eventsubscriptions/main.bicep | 66 ++-- .../samples/systemtopics/main.bicep | 2 +- .../samples/topics/main.bicep | 3 +- .../namespaces/authorizationrules/main.bicep | 2 +- .../disasterrecoveryconfigs/main.bicep | 16 +- .../eventhubs/authorizationrules/main.bicep | 2 +- .../eventhubs/consumergroups/main.bicep | 2 +- .../samples/namespaces/eventhubs/main.bicep | 4 +- .../samples/namespaces/main.bicep | 2 +- .../guestconfigurationassignments/main.bicep | 120 ++++---- .../samples/clusters/main.bicep | 120 ++++---- .../samples/healthbots/main.bicep | 2 +- .../samples/services/main.bicep | 8 +- .../workspaces/fhirservices/main.bicep | 2 +- .../iotconnectors/fhirdestinations/main.bicep | 23 +- .../workspaces/iotconnectors/main.bicep | 53 ++-- .../samples/workloadimpacts/main.bicep | 160 +++++----- .../samples/actiongroups/main.bicep | 16 +- .../samples/activitylogalerts/main.bicep | 33 +- .../samples/autoscalesettings/main.bicep | 122 ++++---- .../components/analyticsitems/main.bicep | 10 +- .../samples/components/main.bicep | 6 +- .../proactivedetectionconfigs/main.bicep | 4 +- .../datacollectionruleassociations/main.bicep | 164 +++++----- .../samples/datacollectionrules/main.bicep | 8 +- .../samples/diagnosticsettings/main.bicep | 8 +- .../samples/logprofiles/main-rg-module.bicep | 17 +- .../samples/logprofiles/main.bicep | 3 +- .../samples/metricalerts/main.bicep | 36 +-- .../scopedresources/main.bicep | 6 +- .../samples/scheduledqueryrules/main.bicep | 14 +- .../samples/webtests/main.bicep | 20 +- .../samples/workbooktemplates/main.bicep | 2 +- .../samples/iotapps/main.bicep | 2 +- .../samples/managedhsms/main.bicep | 6 +- .../samples/vaults/accesspolicies/main.bicep | 4 +- .../samples/vaults/keys/main.bicep | 10 +- .../samples/vaults/main.bicep | 26 +- .../samples/extensions/main.bicep | 2 +- .../samples/fluxconfigurations/main.bicep | 14 +- .../samples/clusters/databases/main.bicep | 6 +- .../databases/principalassignments/main.bicep | 6 +- .../clusters/databases/scripts/main.bicep | 10 +- .../samples/clusters/main.bicep | 6 +- .../managedprivateendpoints/main.bicep | 42 +-- .../clusters/principalassignments/main.bicep | 8 +- .../samples/labplans/main.bicep | 4 +- .../samples/labs/main.bicep | 38 +-- .../samples/labs/schedules/main.bicep | 24 +- .../samples/labs/users/main.bicep | 34 +-- .../integrationaccounts/agreements/main.bicep | 68 +++-- .../integrationaccounts/assemblies/main.bicep | 20 +- .../integrationaccounts/partners/main.bicep | 2 +- .../integrationaccounts/schemas/main.bicep | 2 +- .../samples/workflows/main.bicep | 3 +- .../samples/workspaces/computes/main.bicep | 44 +-- .../samples/workspaces/datastores/main.bicep | 100 +++--- .../samples/workspaces/main.bicep | 34 +-- .../workspaces/outboundrules/main.bicep | 114 +++---- .../configurationassignments/main.bicep | 59 ++-- .../maintenanceconfigurations/main.bicep | 2 +- .../federatedidentitycredentials/main.bicep | 4 +- .../samples/userassignedidentities/main.bicep | 2 +- .../mediaservices/accountfilters/main.bicep | 43 +-- .../assets/assetfilters/main.bicep | 19 +- .../samples/mediaservices/assets/main.bicep | 9 +- .../contentkeypolicies/main.bicep | 75 ++--- .../mediaservices/liveevents/main.bicep | 7 +- .../samples/mediaservices/main.bicep | 17 +- .../streamingendpoints/main.bicep | 37 +-- .../streaminglocators/main.bicep | 19 +- .../streamingpolicies/main.bicep | 41 +-- .../mediaservices/transforms/main.bicep | 33 +- .../samples/migrateprojects/main.bicep | 15 +- .../migrateprojects/solutions/main.bicep | 29 +- .../samples/spatialanchorsaccounts/main.bicep | 2 +- .../mobilenetworks/datanetworks/main.bicep | 2 +- .../mobilenetworks/simpolicies/main.bicep | 35 ++- .../packetcorecontrolplanes/main.bicep | 26 +- .../packetcoredataplanes/main.bicep | 44 +-- .../samples/simgroups/main.bicep | 14 +- .../privateendpointconnections/main.bicep | 27 +- .../netappaccounts/backupvaults/main.bicep | 2 +- .../netappaccounts/capacitypools/main.bicep | 2 +- .../capacitypools/volumes/main.bicep | 84 ++--- .../volumes/snapshots/main.bicep | 48 +-- .../volumes/volumequotarules/main.bicep | 100 +++--- .../snapshotpolicies/main.bicep | 14 +- .../samples/applicationgateways/main.bicep | 192 ++++++------ .../samples/azurefirewalls/main.bicep | 48 +-- .../samples/bastionhosts/main.bicep | 66 ++-- .../forwardingrules/main.bicep | 21 +- .../samples/dnsforwardingrulesets/main.bicep | 46 +-- .../virtualnetworklinks/main.bicep | 47 +-- .../dnsresolvers/inboundendpoints/main.bicep | 48 +-- .../samples/dnsresolvers/main.bicep | 18 +- .../dnsresolvers/outboundendpoints/main.bicep | 24 +- .../samples/dnszones/a/main.bicep | 4 +- .../samples/dnszones/aaaa/main.bicep | 2 +- .../samples/dnszones/caa/main.bicep | 6 +- .../samples/dnszones/ptr/main.bicep | 4 +- .../samples/dnszones/txt/main.bicep | 2 +- .../authorizations/main.bicep | 2 +- .../peerings/connections/main.bicep | 70 ++--- .../expressroutecircuits/peerings/main.bicep | 10 +- .../expressrouteconnections/main.bicep | 106 ++++--- .../samples/expressroutegateways/main.bicep | 34 ++- .../samples/expressrouteports/main.bicep | 4 +- .../main.bicep | 18 +- .../backendaddresspools/main.bicep | 6 +- .../samples/loadbalancers/main.bicep | 6 +- .../samples/localnetworkgateways/main.bicep | 2 +- .../samples/networkinterfaces/main.bicep | 44 +-- .../main-rg-module.bicep | 8 +- .../connectivityconfigurations/main.bicep | 35 +-- .../networkmanagers/ipampools/main.bicep | 2 +- .../ipampools/staticcidr/main.bicep | 8 +- .../networkmanagers/networkgroups/main.bicep | 6 +- .../networkgroups/staticmembers/main.bicep | 58 ++-- .../securityadminconfigurations/main.bicep | 8 +- .../rulecollections/rules/main.bicep | 16 +- .../verifierworkspace/main.bicep | 8 +- .../reachabilityanalysisintent/main.bicep | 86 +++--- .../reachabilityanalysisrun/main.bicep | 100 +++--- .../samples/networkprofiles/main.bicep | 16 +- .../securityrules/main.bicep | 6 +- .../networkwatchers/flowlogs/main.bicep | 62 ++-- .../networkwatchers/packetcaptures/main.bicep | 16 +- .../samples/p2svpngateways/main.bicep | 58 ++-- .../samples/privatednszones/cname/main.bicep | 4 +- .../samples/privatednszones/srv/main.bicep | 2 +- .../samples/privatednszones/txt/main.bicep | 4 +- .../virtualnetworklinks/main.bicep | 24 +- .../samples/privateendpoints/main.bicep | 119 ++++---- .../samples/privatelinkservices/main.bicep | 76 ++--- .../samples/publicipaddresses/main.bicep | 4 +- .../samples/routetables/main.bicep | 2 +- .../samples/routetables/routes/main.bicep | 2 +- .../serviceendpointpolicies/main.bicep | 2 +- .../azureendpoints/main.bicep | 54 ++-- .../externalendpoints/main.bicep | 2 +- .../samples/trafficmanagerprofiles/main.bicep | 6 +- .../nestedendpoints/main.bicep | 14 +- .../hubvirtualnetworkconnections/main.bicep | 52 ++-- .../virtualhubs/ipconfigurations/main.bicep | 8 +- .../samples/virtualhubs/main.bicep | 8 +- .../samples/virtualnetworkgateways/main.bicep | 78 ++--- .../natrules/main.bicep | 86 +++--- .../subnets/withipampool/main.bicep | 32 +- .../virtualnetworkpeerings/main.bicep | 42 +-- .../virtualnetworks/withipampool/main.bicep | 6 +- .../samples/vpngateways/main.bicep | 8 +- .../samples/vpngateways/natrules/main.bicep | 50 +-- .../vpngateways/vpnconnections/main.bicep | 102 ++++--- .../configurationpolicygroups/main.bicep | 18 +- .../vpnserverconfigurations/main.bicep | 22 +- .../samples/vpnsites/main.bicep | 8 +- .../authorizationrules/main.bicep | 2 +- .../samples/workspaces/dataexports/main.bicep | 24 +- .../samples/workspaces/datasources/main.bicep | 8 +- .../workspaces/linkedservices/main.bicep | 28 +- .../linkedstorageaccounts/main.bicep | 32 +- .../workspaces/savedsearches/main.bicep | 10 +- .../storageinsightconfigs/main.bicep | 24 +- .../workspaces/tables/auditlog/main.bicep | 6 +- .../workspaces/tables/basic/main.bicep | 20 +- .../tables/datacollectionlogs/main.bicep | 12 +- .../samples/solutions/main.bicep | 14 +- .../samples/spacecrafts/main.bicep | 4 +- .../samples/remediations/main.bicep | 4 +- .../samples/accounts/main.bicep | 2 +- .../protecteditems/main.bicep | 289 +++++++++--------- .../backupresourceguardproxies/main.bicep | 16 +- .../vaults/replicationfabrics/main.bicep | 2 +- .../replicationnetworkmappings/main.bicep | 74 ++--- .../main.bicep | 2 +- .../vaults/replicationpolicies/main.bicep | 4 +- .../samples/appliances/main.bicep | 2 +- .../samples/deployments/main.bicep | 36 +-- .../samples/deploymentscripts/main.bicep | 4 +- .../samples/searchservices/main.bicep | 4 +- .../sharedprivatelinkresources/main.bicep | 22 +- .../main.bicep | 10 +- .../samples/assessments/main-rg-module.bicep | 144 ++++----- .../samples/assessments/main.bicep | 2 +- .../samples/automations/main.bicep | 24 +- .../samples/iotsecuritysolutions/main.bicep | 26 +- .../samples/securitycontacts/main.bicep | 4 +- .../samples/workspacesettings/main.bicep | 2 +- .../samples/alertrules/main.bicep | 20 +- .../samples/automationrules/main.bicep | 8 +- .../samples/dataconnectors/main.bicep | 12 +- .../samples/metadata/main.bicep | 8 +- .../samples/onboardingstates/main.bicep | 2 +- .../watchlists/watchlistitems/main.bicep | 10 +- .../main-rg-module.bicep | 24 +- .../disasterrecoveryconfigs/main.bicep | 16 +- .../queues/authorizationrules/main.bicep | 8 +- .../samples/namespaces/queues/main.bicep | 12 +- .../topics/authorizationrules/main.bicep | 8 +- .../topics/subscriptions/main.bicep | 10 +- .../topics/subscriptions/rules/main.bicep | 16 +- .../samples/clusters/main.bicep | 10 +- .../samples/managedclusters/main.bicep | 40 +-- .../managedclusters/nodetypes/main.bicep | 66 ++-- .../samples/linkers/main.bicep | 80 ++--- .../associations/main.bicep | 22 +- .../samples/signalr/main.bicep | 40 +-- .../sharedprivatelinkresources/main.bicep | 34 +-- .../samples/webpubsub/main.bicep | 4 +- .../sharedprivatelinkresources/main.bicep | 20 +- .../samples/applications/main.bicep | 35 +-- .../samples/instancepools/main.bicep | 180 +++++------ .../samples/servers/administrators/main.bicep | 2 +- .../servers/auditingsettings/main.bicep | 6 +- .../servers/connectionpolicies/main.bicep | 4 +- .../samples/servers/databases/main.bicep | 16 +- .../securityalertpolicies/main.bicep | 14 +- .../transparentdataencryption/main.bicep | 16 +- .../samples/servers/dnsaliases/main.bicep | 8 +- .../samples/servers/elasticpools/main.bicep | 8 +- .../servers/encryptionprotector/main.bicep | 8 +- .../samples/servers/failovergroups/main.bicep | 72 ++--- .../samples/servers/firewallrules/main.bicep | 4 +- .../servers/jobagents/credentials/main.bicep | 42 +-- .../samples/servers/jobagents/jobs/main.bicep | 58 ++-- .../servers/jobagents/jobs/steps/main.bicep | 42 +-- .../samples/servers/jobagents/main.bicep | 16 +- .../servers/jobagents/targetgroups/main.bicep | 62 ++-- .../microsoft.sql/samples/servers/main.bicep | 4 +- .../servers/outboundfirewallrules/main.bicep | 2 +- .../servers/securityalertpolicies/main.bicep | 4 +- .../sqlvulnerabilityassessments/main.bicep | 2 +- .../servers/virtualnetworkrules/main.bicep | 36 +-- .../sqlvirtualmachinegroups/main.bicep | 8 +- .../sqlvirtualmachines/basic/main.bicep | 147 ++++----- .../sqlbestpracticesassessment/main.bicep | 220 ++++++------- .../basic/main.bicep | 82 ++--- .../samples/storageaccounts/basic/main.bicep | 18 +- .../immutabilitypolicies/main.bicep | 18 +- .../storageaccounts/blobservices/main.bicep | 24 +- .../encryptionscopes/main.bicep | 38 +-- .../fileservices/shares/main.bicep | 2 +- .../localusers/basic/main.bicep | 22 +- .../managementpolicies/main.bicep | 20 +- .../samples/amlfilesystems/main.bicep | 39 +-- .../samples/caches/main.bicep | 37 +-- .../storagemovers/endpoints/main.bicep | 2 +- .../samples/storagemovers/main.bicep | 2 +- .../samples/storagemovers/projects/main.bicep | 2 +- .../storagesyncservices/syncgroups/main.bicep | 2 +- .../streamingjobs/functions/main.bicep | 24 +- .../samples/streamingjobs/inputs/main.bicep | 54 ++-- .../samples/streamingjobs/main.bicep | 14 +- .../samples/streamingjobs/outputs/main.bicep | 99 +++--- .../azureadonlyauthentications/main.bicep | 7 +- .../workspaces/bigdatapools/main.bicep | 45 +-- .../workspaces/firewallrules/main.bicep | 43 +-- .../workspaces/integrationruntimes/main.bicep | 27 +- .../samples/workspaces/main.bicep | 23 +- .../main.bicep | 3 +- .../securityalertpolicies/main.bicep | 27 +- .../samples/workspaces/sqlpools/main.bicep | 45 +-- .../vulnerabilityassessments/main.bicep | 3 +- .../sqlpools/workloadgroups/main.bicep | 7 +- .../workloadclassifiers/main.bicep | 31 +- .../environments/eventsources/main.bicep | 71 ++--- .../samples/environments/main.bicep | 2 +- .../environments/referencedatasets/main.bicep | 4 +- .../samples/accounts/main.bicep | 29 +- .../samples/communicationsgateways/main.bicep | 2 +- .../testlines/main.bicep | 12 +- .../samples/sites/config/main.bicep | 48 +-- .../microsoft.web/samples/sites/main.bicep | 16 +- .../sites/publiccertificates/main.bicep | 4 +- .../samples/sites/siteextensions/main.bicep | 50 +-- .../samples/sites/slots/config/main.bicep | 42 +-- .../samples/sites/slots/main.bicep | 54 ++-- .../samples/sourcecontrols/main.bicep | 8 +- .../configurations/main.bicep | 84 ++--- .../samples/nginxdeployments/main.bicep | 130 ++++---- .../samples/filesystems/main.bicep | 7 +- 511 files changed, 6654 insertions(+), 6351 deletions(-) create mode 100644 settings/remarks/microsoft.aadiam/samples/diagnosticsettings/main-rg-module.bicep diff --git a/settings/remarks/microsoft.aadiam/remarks.json b/settings/remarks/microsoft.aadiam/remarks.json index 0ca83ee8..86d36c40 100644 --- a/settings/remarks/microsoft.aadiam/remarks.json +++ b/settings/remarks/microsoft.aadiam/remarks.json @@ -12,6 +12,11 @@ "ResourceType": "Microsoft.AADIAM/diagnosticSettings", "Path": "samples/diagnosticsettings/main.bicep", "Description": "A basic example of deploying Azure Active Directory Diagnostic Setting for Azure Monitor." + }, + { + "ResourceType": "Microsoft.AADIAM/diagnosticSettings", + "Path": "samples/diagnosticsettings/main-rg-module.bicep", + "Description": "A basic example of deploying Azure Active Directory Diagnostic Setting for Azure Monitor." } ] } diff --git a/settings/remarks/microsoft.aadiam/samples/diagnosticsettings/main-rg-module.bicep b/settings/remarks/microsoft.aadiam/samples/diagnosticsettings/main-rg-module.bicep new file mode 100644 index 00000000..c7898d95 --- /dev/null +++ b/settings/remarks/microsoft.aadiam/samples/diagnosticsettings/main-rg-module.bicep @@ -0,0 +1,44 @@ +param resourceName string = 'acctest0001' +param location string = 'westus' + +resource namespace 'Microsoft.EventHub/namespaces@2024-01-01' = { + name: '${resourceName}-EHN-unique' + location: location + sku: { + capacity: 1 + name: 'Basic' + tier: 'Basic' + } + properties: { + disableLocalAuth: false + isAutoInflateEnabled: false + minimumTlsVersion: '1.2' + publicNetworkAccess: 'Enabled' + } +} + +resource authorizationRule 'Microsoft.EventHub/namespaces/authorizationRules@2024-01-01' = { + name: 'example' + parent: namespace + properties: { + rights: [ + 'Listen' + 'Send' + 'Manage' + ] + } +} + +resource eventhub 'Microsoft.EventHub/namespaces/eventhubs@2024-01-01' = { + name: '${resourceName}-EH-unique' + parent: namespace + properties: { + messageRetentionInDays: 1 + partitionCount: 2 + status: 'Active' + } +} + +// Module outputs for cross-scope references +output authorizationRuleId string = authorizationRule.id +output eventhubName string = eventhub.name diff --git a/settings/remarks/microsoft.aadiam/samples/diagnosticsettings/main.bicep b/settings/remarks/microsoft.aadiam/samples/diagnosticsettings/main.bicep index 2bcbf99d..4dccfa87 100644 --- a/settings/remarks/microsoft.aadiam/samples/diagnosticsettings/main.bicep +++ b/settings/remarks/microsoft.aadiam/samples/diagnosticsettings/main.bicep @@ -3,9 +3,13 @@ targetScope = 'tenant' param resourceName string = 'acctest0001' param location string = 'westus' +param subscriptionId string + resource diagnosticSetting 'Microsoft.AADIAM/diagnosticSettings@2017-04-01' = { name: '${resourceName}-DS-unique' properties: { + eventHubAuthorizationRuleId: module1.outputs.authorizationRuleId + eventHubName: module1.outputs.eventhubName logs: [ { category: 'RiskyUsers' @@ -20,8 +24,8 @@ resource diagnosticSetting 'Microsoft.AADIAM/diagnosticSettings@2017-04-01' = { enabled: true } { - enabled: true category: 'B2CRequestLogs' + enabled: true } { category: 'UserRiskEvents' @@ -38,3 +42,12 @@ resource diagnosticSetting 'Microsoft.AADIAM/diagnosticSettings@2017-04-01' = { ] } } + +module module1 'main-subscription-module.bicep' = { + name: 'deploy-rg-resources' + scope: subscription(subscriptionId) + params: { + resourceName: resourceName + location: location + } +} diff --git a/settings/remarks/microsoft.advisor/samples/recommendations/suppressions/main.bicep b/settings/remarks/microsoft.advisor/samples/recommendations/suppressions/main.bicep index 64544045..a36a9683 100644 --- a/settings/remarks/microsoft.advisor/samples/recommendations/suppressions/main.bicep +++ b/settings/remarks/microsoft.advisor/samples/recommendations/suppressions/main.bicep @@ -1,6 +1,6 @@ -param resourceName string = 'acctest0001' param location string = 'westus' param recommendationId string +param resourceName string = 'acctest0001' resource suppression 'Microsoft.Advisor/recommendations/suppressions@2023-01-01' = { name: resourceName diff --git a/settings/remarks/microsoft.alertsmanagement/samples/actionrules/main.bicep b/settings/remarks/microsoft.alertsmanagement/samples/actionrules/main.bicep index 2250350d..d36d9327 100644 --- a/settings/remarks/microsoft.alertsmanagement/samples/actionrules/main.bicep +++ b/settings/remarks/microsoft.alertsmanagement/samples/actionrules/main.bicep @@ -5,13 +5,15 @@ resource actionRule 'Microsoft.AlertsManagement/actionRules@2021-08-08' = { name: resourceName location: 'global' properties: { - enabled: true - scopes: [] actions: [ { actionType: 'RemoveAllActionGroups' } ] description: '' + enabled: true + scopes: [ + resourceGroup().id + ] } } diff --git a/settings/remarks/microsoft.alertsmanagement/samples/prometheusrulegroups/main.bicep b/settings/remarks/microsoft.alertsmanagement/samples/prometheusrulegroups/main.bicep index 2774d229..3ef991c6 100644 --- a/settings/remarks/microsoft.alertsmanagement/samples/prometheusrulegroups/main.bicep +++ b/settings/remarks/microsoft.alertsmanagement/samples/prometheusrulegroups/main.bicep @@ -1,34 +1,34 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource account 'Microsoft.Monitor/accounts@2023-04-03' = { + name: resourceName + location: location + properties: { + publicNetworkAccess: 'Enabled' + } +} + resource prometheusRuleGroup 'Microsoft.AlertsManagement/prometheusRuleGroups@2023-03-01' = { name: resourceName location: location properties: { - scopes: [ - account.id - ] clusterName: '' description: '' enabled: false rules: [ { + enabled: false + expression: '''histogram_quantile(0.99, sum(rate(jobs_duration_seconds_bucket{service="billing-processing"}[5m])) by (job_type)) +''' labels: { team: 'prod' } record: 'job_type:billing_jobs_duration_seconds:99p5m' - enabled: false - expression: '''histogram_quantile(0.99, sum(rate(jobs_duration_seconds_bucket{service="billing-processing"}[5m])) by (job_type)) -''' } ] - } -} - -resource account 'Microsoft.Monitor/accounts@2023-04-03' = { - name: resourceName - location: location - properties: { - publicNetworkAccess: 'Enabled' + scopes: [ + account.id + ] } } diff --git a/settings/remarks/microsoft.alertsmanagement/samples/smartdetectoralertrules/main.bicep b/settings/remarks/microsoft.alertsmanagement/samples/smartdetectoralertrules/main.bicep index 8f823c6d..7c2efcf8 100644 --- a/settings/remarks/microsoft.alertsmanagement/samples/smartdetectoralertrules/main.bicep +++ b/settings/remarks/microsoft.alertsmanagement/samples/smartdetectoralertrules/main.bicep @@ -1,39 +1,12 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource smartDetectorAlertRule 'microsoft.alertsManagement/smartDetectorAlertRules@2019-06-01' = { - name: resourceName - location: 'global' - properties: { - actionGroups: { - customEmailSubject: '' - customWebhookPayload: '' - groupIds: [ - actionGroup.id - ] - } - description: '' - detector: { - id: 'FailureAnomaliesDetector' - } - frequency: 'PT1M' - scope: [ - component.id - ] - severity: 'Sev0' - state: 'Enabled' - } -} - resource actionGroup 'Microsoft.Insights/actionGroups@2023-01-01' = { name: resourceName location: 'global' properties: { - logicAppReceivers: [] - smsReceivers: [] - voiceReceivers: [] - webhookReceivers: [] armRoleReceivers: [] + automationRunbookReceivers: [] azureAppPushReceivers: [] azureFunctionReceivers: [] emailReceivers: [] @@ -41,7 +14,10 @@ resource actionGroup 'Microsoft.Insights/actionGroups@2023-01-01' = { eventHubReceivers: [] groupShortName: 'acctestag' itsmReceivers: [] - automationRunbookReceivers: [] + logicAppReceivers: [] + smsReceivers: [] + voiceReceivers: [] + webhookReceivers: [] } } @@ -50,13 +26,37 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { location: location kind: 'web' properties: { - publicNetworkAccessForIngestion: 'Enabled' Application_Type: 'web' - publicNetworkAccessForQuery: 'Enabled' DisableIpMasking: false DisableLocalAuth: false ForceCustomerStorageForProfiler: false RetentionInDays: 90 SamplingPercentage: 100 + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' + } +} + +resource smartDetectorAlertRule 'microsoft.alertsManagement/smartDetectorAlertRules@2019-06-01' = { + name: resourceName + location: 'global' + properties: { + actionGroups: { + customEmailSubject: '' + customWebhookPayload: '' + groupIds: [ + actionGroup.id + ] + } + description: '' + detector: { + id: 'FailureAnomaliesDetector' + } + frequency: 'PT1M' + scope: [ + component.id + ] + severity: 'Sev0' + state: 'Enabled' } } diff --git a/settings/remarks/microsoft.analysisservices/samples/servers/main.bicep b/settings/remarks/microsoft.analysisservices/samples/servers/main.bicep index 1a5e246e..ecfb3f0f 100644 --- a/settings/remarks/microsoft.analysisservices/samples/servers/main.bicep +++ b/settings/remarks/microsoft.analysisservices/samples/servers/main.bicep @@ -8,12 +8,12 @@ resource server 'Microsoft.AnalysisServices/servers@2017-08-01' = { name: 'B1' } properties: { + asAdministrators: { + members: [] + } ipV4FirewallSettings: { enablePowerBIService: false firewallRules: [] } - asAdministrators: { - members: [] - } } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apis/diagnostics/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apis/diagnostics/main.bicep index c88526e7..ce211be2 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apis/diagnostics/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apis/diagnostics/main.bicep @@ -6,14 +6,14 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { location: location kind: 'web' properties: { - DisableLocalAuth: false - RetentionInDays: 90 - publicNetworkAccessForIngestion: 'Enabled' - publicNetworkAccessForQuery: 'Enabled' Application_Type: 'web' DisableIpMasking: false + DisableLocalAuth: false ForceCustomerStorageForProfiler: false + RetentionInDays: 90 SamplingPercentage: 100 + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' } } @@ -27,11 +27,11 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { properties: { certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' @@ -58,12 +58,12 @@ resource logger 'Microsoft.ApiManagement/service/loggers@2021-08-01' = { name: resourceName parent: service properties: { - isBuffered: true - loggerType: 'applicationInsights' credentials: { instrumentationKey: component.properties.InstrumentationKey } description: '' + isBuffered: true + loggerType: 'applicationInsights' } } @@ -71,7 +71,7 @@ resource diagnostic 'Microsoft.ApiManagement/service/apis/diagnostics@2021-08-01 name: 'applicationinsights' parent: api properties: { - operationNameFormat: 'Name' loggerId: logger.id + operationNameFormat: 'Name' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apis/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apis/main.bicep index 628c0899..31a9cbe2 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apis/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apis/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName @@ -9,10 +9,6 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Consumption' } properties: { - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' @@ -22,6 +18,10 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' } } @@ -29,19 +29,19 @@ resource api 'Microsoft.ApiManagement/service/apis@2021-08-01' = { name: '${resourceName};rev=1' parent: service properties: { + apiRevisionDescription: '' + apiType: 'http' + apiVersion: '' + apiVersionDescription: '' + authenticationSettings: {} + description: '' + displayName: 'api1' path: 'api1' protocols: [ 'https' ] - authenticationSettings: {} - description: '' serviceUrl: '' subscriptionRequired: true type: 'http' - apiRevisionDescription: '' - apiType: 'http' - apiVersion: '' - apiVersionDescription: '' - displayName: 'api1' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apis/operations/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apis/operations/main.bicep index 6b824a82..7b762618 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apis/operations/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apis/operations/main.bicep @@ -9,19 +9,19 @@ resource service 'Microsoft.ApiManagement/service@2022-08-01' = { name: 'Consumption' } properties: { + certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' publisherEmail: 'pub1@email.com' publisherName: 'pub1' virtualNetworkType: 'None' - certificates: [] } } @@ -29,7 +29,13 @@ resource api 'Microsoft.ApiManagement/service/apis@2022-08-01' = { name: '${resourceName}-api;rev=1' parent: service properties: { + apiRevisionDescription: '' + apiType: 'http' + apiVersionDescription: '' + authenticationSettings: {} description: 'What is my purpose? You parse butter.' + displayName: 'Butter Parser' + path: 'butter-parser' protocols: [ 'http' 'https' @@ -39,14 +45,8 @@ resource api 'Microsoft.ApiManagement/service/apis@2022-08-01' = { header: 'X-Butter-Robot-API-Key' query: 'location' } - apiType: 'http' - authenticationSettings: {} - displayName: 'Butter Parser' - path: 'butter-parser' subscriptionRequired: true type: 'http' - apiRevisionDescription: '' - apiVersionDescription: '' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apis/policies/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apis/policies/main.bicep index e5e62f93..4f3ffbc0 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apis/policies/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apis/policies/main.bicep @@ -9,11 +9,6 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Consumption' } properties: { - disableGateway: false - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' @@ -22,6 +17,11 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } + disableGateway: false + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' } } @@ -29,20 +29,20 @@ resource api 'Microsoft.ApiManagement/service/apis@2021-08-01' = { name: '${resourceName};rev=1' parent: service properties: { - type: 'http' + apiRevisionDescription: '' + apiType: 'http' apiVersion: '' + apiVersionDescription: '' authenticationSettings: {} description: '' displayName: 'api1' - serviceUrl: '' - apiRevisionDescription: '' - apiType: 'http' - apiVersionDescription: '' path: 'api1' protocols: [ 'https' ] + serviceUrl: '' subscriptionRequired: true + type: 'http' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apis/schemas/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apis/schemas/main.bicep index 8ba31065..0714684d 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apis/schemas/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apis/schemas/main.bicep @@ -9,6 +9,7 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Consumption' } properties: { + certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' @@ -21,7 +22,6 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { publisherEmail: 'pub1@email.com' publisherName: 'pub1' virtualNetworkType: 'None' - certificates: [] } } @@ -30,19 +30,19 @@ resource api 'Microsoft.ApiManagement/service/apis@2021-08-01' = { parent: service properties: { apiRevisionDescription: '' - apiVersion: '' - authenticationSettings: {} - path: 'api1' - serviceUrl: '' - type: 'http' apiType: 'http' + apiVersion: '' apiVersionDescription: '' + authenticationSettings: {} description: '' displayName: 'api1' + path: 'api1' protocols: [ 'https' ] + serviceUrl: '' subscriptionRequired: true + type: 'http' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apis/tagdescriptions/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apis/tagdescriptions/main.bicep index e2330250..902ec4fa 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apis/tagdescriptions/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apis/tagdescriptions/main.bicep @@ -9,19 +9,27 @@ resource service 'Microsoft.ApiManagement/service@2022-08-01' = { name: 'Consumption' } properties: { - publisherName: 'pub1' - virtualNetworkType: 'None' certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' + } +} + +resource tag 'Microsoft.ApiManagement/service/tags@2022-08-01' = { + name: '${resourceName}-tag' + parent: service + properties: { + displayName: '${resourceName}-tag' } } @@ -34,23 +42,15 @@ resource api 'Microsoft.ApiManagement/service/apis@2022-08-01' = { apiVersionDescription: '' authenticationSettings: {} displayName: 'api1' + path: 'api1' protocols: [ 'https' ] subscriptionRequired: true - path: 'api1' type: 'http' } } -resource tag 'Microsoft.ApiManagement/service/tags@2022-08-01' = { - name: '${resourceName}-tag' - parent: service - properties: { - displayName: '${resourceName}-tag' - } -} - resource tagDescription 'Microsoft.ApiManagement/service/apis/tagDescriptions@2022-08-01' = { name: '${resourceName}-tag' parent: api diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apis/tags/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apis/tags/main.bicep index fe282480..93312e65 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apis/tags/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apis/tags/main.bicep @@ -5,17 +5,17 @@ resource service 'Microsoft.ApiManagement/service@2022-08-01' = { name: '${resourceName}-service' location: location sku: { - name: 'Consumption' capacity: 0 + name: 'Consumption' } properties: { certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' @@ -29,17 +29,17 @@ resource api 'Microsoft.ApiManagement/service/apis@2022-08-01' = { name: '${resourceName}-api;rev=1' parent: service properties: { + apiRevisionDescription: '' + apiType: 'http' + apiVersionDescription: '' + authenticationSettings: {} displayName: 'api1' + path: 'api1' protocols: [ 'https' ] - apiType: 'http' - apiVersionDescription: '' - path: 'api1' subscriptionRequired: true type: 'http' - apiRevisionDescription: '' - authenticationSettings: {} } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/apiversionsets/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/apiversionsets/main.bicep index 3651e9c9..df4081c4 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/apiversionsets/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/apiversionsets/main.bicep @@ -9,6 +9,7 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Consumption' } properties: { + certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' @@ -21,7 +22,6 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { publisherEmail: 'pub1@email.com' publisherName: 'pub1' virtualNetworkType: 'None' - certificates: [] } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/authorizationservers/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/authorizationservers/main.bicep index b1b8ff90..11aa07a8 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/authorizationservers/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/authorizationservers/main.bicep @@ -10,23 +10,23 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location sku: { - name: 'Consumption' capacity: 0 + name: 'Consumption' } properties: { + certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' publisherEmail: 'pub1@email.com' publisherName: 'pub1' virtualNetworkType: 'None' - certificates: [] } } @@ -34,23 +34,23 @@ resource authorizationServer 'Microsoft.ApiManagement/service/authorizationServe name: resourceName parent: service properties: { - clientRegistrationEndpoint: 'https://azacceptance.hashicorptest.com/client/register' - defaultScope: '' - resourceOwnerPassword: '' - supportState: false - tokenBodyParameters: [] authorizationEndpoint: 'https://azacceptance.hashicorptest.com/client/authorize' authorizationMethods: [ 'GET' ] clientAuthenticationMethod: [] - clientSecret: '${oauthClientSecret}' + clientId: oauthClientId + clientRegistrationEndpoint: 'https://azacceptance.hashicorptest.com/client/register' + clientSecret: oauthClientSecret + defaultScope: '' description: '' displayName: 'Test Group' grantTypes: [ 'implicit' ] + resourceOwnerPassword: '' resourceOwnerUsername: '' - clientId: '${oauthClientId}' + supportState: false + tokenBodyParameters: [] } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/backends/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/backends/main.bicep index 5319fc94..95fb3074 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/backends/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/backends/main.bicep @@ -9,10 +9,6 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Consumption' } properties: { - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' @@ -22,6 +18,10 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/caches/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/caches/main.bicep index f46fdb82..c47cd85d 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/caches/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/caches/main.bicep @@ -19,12 +19,10 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location sku: { - name: 'Consumption' capacity: 0 + name: 'Consumption' } properties: { - publisherName: 'pub1' - virtualNetworkType: 'None' certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' @@ -36,6 +34,8 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { disableGateway: false publicNetworkAccess: 'Enabled' publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/certificates/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/certificates/main.bicep index c5d0a2f3..05769bb8 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/certificates/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/certificates/main.bicep @@ -9,19 +9,19 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Consumption' } properties: { - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/diagnostics/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/diagnostics/main.bicep index dc053014..3308a4e6 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/diagnostics/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/diagnostics/main.bicep @@ -1,5 +1,21 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' + +resource component 'Microsoft.Insights/components@2020-02-02' = { + name: resourceName + location: location + kind: 'web' + properties: { + Application_Type: 'web' + DisableIpMasking: false + DisableLocalAuth: false + ForceCustomerStorageForProfiler: false + RetentionInDays: 90 + SamplingPercentage: 100 + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' + } +} resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName @@ -9,11 +25,6 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Consumption' } properties: { - disableGateway: false - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' @@ -22,6 +33,11 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } + disableGateway: false + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' } } @@ -29,6 +45,7 @@ resource diagnostic 'Microsoft.ApiManagement/service/diagnostics@2021-08-01' = { name: 'applicationinsights' parent: service properties: { + loggerId: logger.id operationNameFormat: 'Name' } } @@ -37,27 +54,11 @@ resource logger 'Microsoft.ApiManagement/service/loggers@2021-08-01' = { name: resourceName parent: service properties: { - isBuffered: true - loggerType: 'applicationInsights' credentials: { instrumentationKey: component.properties.InstrumentationKey } description: '' - } -} - -resource component 'Microsoft.Insights/components@2020-02-02' = { - name: resourceName - location: location - kind: 'web' - properties: { - publicNetworkAccessForQuery: 'Enabled' - Application_Type: 'web' - DisableIpMasking: false - RetentionInDays: 90 - SamplingPercentage: 100 - publicNetworkAccessForIngestion: 'Enabled' - DisableLocalAuth: false - ForceCustomerStorageForProfiler: false + isBuffered: true + loggerType: 'applicationInsights' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/gateways/certificateauthorities/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/gateways/certificateauthorities/main.bicep index 5bb22b77..471aa0d2 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/gateways/certificateauthorities/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/gateways/certificateauthorities/main.bicep @@ -17,22 +17,22 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { properties: { certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false @@ -47,8 +47,8 @@ resource certificate 'Microsoft.ApiManagement/service/certificates@2021-08-01' = name: resourceName parent: service properties: { - data: '${certificateData}' - password: '${certificatePassword}' + data: certificateData + password: certificatePassword } } @@ -56,13 +56,13 @@ resource gateway 'Microsoft.ApiManagement/service/gateways@2021-08-01' = { name: resourceName parent: service properties: { + description: '' locationData: { city: '' countryOrRegion: '' district: '' name: 'test' } - description: '' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/gateways/hostnameconfigurations/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/gateways/hostnameconfigurations/main.bicep index b7a26773..daaebc25 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/gateways/hostnameconfigurations/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/gateways/hostnameconfigurations/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName @@ -11,23 +11,23 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { properties: { certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' @@ -64,11 +64,11 @@ resource hostnameConfiguration 'Microsoft.ApiManagement/service/gateways/hostnam name: resourceName parent: gateway properties: { + certificateId: certificate.id + hostname: 'host-name-230630032559671742' http2Enabled: true negotiateClientCertificate: false tls10Enabled: false tls11Enabled: false - certificateId: certificate.id - hostname: 'host-name-230630032559671742' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/gateways/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/gateways/main.bicep index 2d71797a..7b77fb39 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/gateways/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/gateways/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName @@ -9,31 +9,31 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Developer' } properties: { - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' } disableGateway: false + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' } } @@ -43,10 +43,10 @@ resource gateway 'Microsoft.ApiManagement/service/gateways@2021-08-01' = { properties: { description: '' locationData: { + city: '' countryOrRegion: '' district: '' name: 'test' - city: '' } } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/groups/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/groups/main.bicep index cfae5b38..2029cf6a 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/groups/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/groups/main.bicep @@ -11,23 +11,23 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { properties: { certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' diff --git a/settings/remarks/microsoft.apimanagement/samples/service/identityproviders/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/identityproviders/main.bicep index 6028868b..8f87a089 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/identityproviders/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/identityproviders/main.bicep @@ -16,23 +16,23 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { properties: { certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' @@ -46,8 +46,8 @@ resource identityProvider 'Microsoft.ApiManagement/service/identityProviders@202 name: 'twitter' parent: service properties: { - clientId: '${identityProviderClientId}' - clientSecret: '${identityProviderClientSecret}' + clientId: identityProviderClientId + clientSecret: identityProviderClientSecret type: 'twitter' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/loggers/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/loggers/main.bicep index ee345892..e0cd272f 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/loggers/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/loggers/main.bicep @@ -9,19 +9,19 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Consumption' } properties: { - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' } } @@ -43,13 +43,13 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { location: location kind: 'web' properties: { + Application_Type: 'web' + DisableIpMasking: false + DisableLocalAuth: false ForceCustomerStorageForProfiler: false RetentionInDays: 90 SamplingPercentage: 100 - Application_Type: 'web' publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' - DisableIpMasking: false - DisableLocalAuth: false } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/main.bicep index f702d7cd..dae82c0b 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/main.bicep @@ -5,34 +5,34 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location sku: { - name: 'Developer' capacity: 1 + name: 'Developer' } properties: { - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' } disableGateway: false + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/namedvalues/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/namedvalues/main.bicep index 45c3875f..b428aa30 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/namedvalues/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/namedvalues/main.bicep @@ -5,23 +5,23 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName location: location sku: { - name: 'Consumption' capacity: 0 + name: 'Consumption' } properties: { - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/openidconnectproviders/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/openidconnectproviders/main.bicep index 80f16ce6..5858988b 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/openidconnectproviders/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/openidconnectproviders/main.bicep @@ -1,10 +1,10 @@ +@secure() +@description('The client secret for the OpenID Connect provider') +param openidClientSecret string param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The client ID for the OpenID Connect provider') param openidClientId string -@secure() -@description('The client secret for the OpenID Connect provider') -param openidClientSecret string resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName @@ -14,19 +14,19 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Consumption' } properties: { + certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' publisherEmail: 'pub1@email.com' publisherName: 'pub1' virtualNetworkType: 'None' - certificates: [] } } @@ -34,8 +34,8 @@ resource openidConnectProvider 'Microsoft.ApiManagement/service/openidConnectPro name: resourceName parent: service properties: { - clientId: '${openidClientId}' - clientSecret: '${openidClientSecret}' + clientId: openidClientId + clientSecret: openidClientSecret description: '' displayName: 'Initial Name' metadataEndpoint: 'https://azacceptance.hashicorptest.com/example/foo' diff --git a/settings/remarks/microsoft.apimanagement/samples/service/policyfragments/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/policyfragments/main.bicep index c3cfef2a..2f5cb037 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/policyfragments/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/policyfragments/main.bicep @@ -9,31 +9,31 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Developer' } properties: { - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/portalsettings/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/portalsettings/main.bicep index f366333c..3a1dddbf 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/portalsettings/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/portalsettings/main.bicep @@ -9,31 +9,31 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Developer' } properties: { - disableGateway: false - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' } + disableGateway: false + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/products/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/products/main.bicep index 14925720..7ea8c92c 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/products/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/products/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName @@ -9,10 +9,6 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Consumption' } properties: { - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' @@ -22,6 +18,10 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' } } @@ -29,10 +29,10 @@ resource product 'Microsoft.ApiManagement/service/products@2021-08-01' = { name: resourceName parent: service properties: { - subscriptionRequired: false - terms: '' description: '' displayName: 'Test Product' state: 'notPublished' + subscriptionRequired: false + terms: '' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/products/policies/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/products/policies/main.bicep index 775e19e4..8b50d71b 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/products/policies/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/products/policies/main.bicep @@ -11,11 +11,11 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { properties: { certificates: [] customProperties: { + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' @@ -29,11 +29,11 @@ resource product 'Microsoft.ApiManagement/service/products@2021-08-01' = { name: resourceName parent: service properties: { - terms: '' description: '' displayName: 'Test Product' state: 'notPublished' subscriptionRequired: false + terms: '' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/products/tags/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/products/tags/main.bicep index 2916908c..5e1910dc 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/products/tags/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/products/tags/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName @@ -9,27 +9,19 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Consumption' } properties: { - disableGateway: false - publicNetworkAccess: 'Enabled' - publisherEmail: 'pub1@email.com' - publisherName: 'pub1' - virtualNetworkType: 'None' certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } - } -} - -resource serviceTag 'Microsoft.ApiManagement/service/tags@2021-08-01' = { - name: resourceName - parent: service - properties: { - displayName: '${resourceName}' + disableGateway: false + publicNetworkAccess: 'Enabled' + publisherEmail: 'pub1@email.com' + publisherName: 'pub1' + virtualNetworkType: 'None' } } @@ -45,6 +37,14 @@ resource product 'Microsoft.ApiManagement/service/products@2021-08-01' = { } } +resource serviceTag 'Microsoft.ApiManagement/service/tags@2021-08-01' = { + name: resourceName + parent: service + properties: { + displayName: resourceName + } +} + resource tag 'Microsoft.ApiManagement/service/products/tags@2021-08-01' = { name: 'azapi_resource.service_tag.name' parent: product diff --git a/settings/remarks/microsoft.apimanagement/samples/service/schemas/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/schemas/main.bicep index e14cd77b..b4a32005 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/schemas/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/schemas/main.bicep @@ -9,19 +9,19 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Consumption' } properties: { - virtualNetworkType: 'None' certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' publisherEmail: 'pub1@email.com' publisherName: 'pub1' + virtualNetworkType: 'None' } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/subscriptions/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/subscriptions/main.bicep index 0a6817e8..3d1d86d5 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/subscriptions/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/subscriptions/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName @@ -11,23 +11,23 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { properties: { certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' @@ -37,14 +37,27 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { } } +resource product 'Microsoft.ApiManagement/service/products@2021-08-01' = { + name: resourceName + parent: service + properties: { + description: '' + displayName: 'Test Product' + state: 'published' + subscriptionRequired: true + terms: '' + } +} + resource subscription 'Microsoft.ApiManagement/service/subscriptions@2021-08-01' = { name: '0f393927-8f2d-499d-906f-c03943328d31' parent: service properties: { + allowTracing: true displayName: 'Butter Parser API Enterprise Edition' + ownerId: user.id scope: product.id state: 'submitted' - allowTracing: true } } @@ -57,15 +70,3 @@ resource user 'Microsoft.ApiManagement/service/users@2021-08-01' = { lastName: 'Test' } } - -resource product 'Microsoft.ApiManagement/service/products@2021-08-01' = { - name: resourceName - parent: service - properties: { - displayName: 'Test Product' - state: 'published' - subscriptionRequired: true - terms: '' - description: '' - } -} diff --git a/settings/remarks/microsoft.apimanagement/samples/service/tags/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/tags/main.bicep index 72d8fb4e..d3712ce3 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/tags/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/tags/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName @@ -9,6 +9,7 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Consumption' } properties: { + certificates: [] customProperties: { 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' @@ -21,7 +22,6 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { publisherEmail: 'pub1@email.com' publisherName: 'pub1' virtualNetworkType: 'None' - certificates: [] } } @@ -29,6 +29,6 @@ resource tag 'Microsoft.ApiManagement/service/tags@2021-08-01' = { name: resourceName parent: service properties: { - displayName: '${resourceName}' + displayName: resourceName } } diff --git a/settings/remarks/microsoft.apimanagement/samples/service/users/main.bicep b/settings/remarks/microsoft.apimanagement/samples/service/users/main.bicep index e7fc0019..0378517d 100644 --- a/settings/remarks/microsoft.apimanagement/samples/service/users/main.bicep +++ b/settings/remarks/microsoft.apimanagement/samples/service/users/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: resourceName @@ -9,31 +9,31 @@ resource service 'Microsoft.ApiManagement/service@2021-08-01' = { name: 'Developer' } properties: { - virtualNetworkType: 'None' certificates: [] customProperties: { - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' - 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_GCM_SHA384': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30': 'false' + 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10': 'false' 'Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11': 'false' } disableGateway: false publicNetworkAccess: 'Enabled' publisherEmail: 'pub1@email.com' publisherName: 'pub1' + virtualNetworkType: 'None' } } diff --git a/settings/remarks/microsoft.app/samples/containerapps/main.bicep b/settings/remarks/microsoft.app/samples/containerapps/main.bicep index d37d69f7..a12636c4 100644 --- a/settings/remarks/microsoft.app/samples/containerapps/main.bicep +++ b/settings/remarks/microsoft.app/samples/containerapps/main.bicep @@ -5,6 +5,10 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { + features: { + disableLocalAuth: false + enableLogAccessUsingOnlyResourcePermissions: true + } publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' retentionInDays: 30 @@ -14,10 +18,6 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { workspaceCapping: { dailyQuotaGb: -1 } - features: { - disableLocalAuth: false - enableLogAccessUsingOnlyResourcePermissions: true - } } } @@ -28,6 +28,7 @@ resource containerApp 'Microsoft.App/containerApps@2022-03-01' = { configuration: { activeRevisionsMode: 'Single' } + managedEnvironmentId: managedEnvironment.id template: { containers: [ { @@ -58,6 +59,7 @@ resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { appLogsConfiguration: { destination: 'log-analytics' logAnalyticsConfiguration: { + customerId: workspace.properties.customerId sharedKey: workspace.listKeys().primarySharedKey } } diff --git a/settings/remarks/microsoft.app/samples/jobs/main.bicep b/settings/remarks/microsoft.app/samples/jobs/main.bicep index 47c804ce..2d51c1f5 100644 --- a/settings/remarks/microsoft.app/samples/jobs/main.bicep +++ b/settings/remarks/microsoft.app/samples/jobs/main.bicep @@ -1,6 +1,17 @@ param resourceName string = 'acctest0001' param location string = 'westus' +resource workspace 'Microsoft.OperationalInsights/workspaces@2023-09-01' = { + name: '${resourceName}-law' + location: location + properties: { + retentionInDays: 30 + sku: { + name: 'PerGB2018' + } + } +} + resource job 'Microsoft.App/jobs@2025-01-01' = { name: '${resourceName}-cajob' location: location @@ -14,6 +25,7 @@ resource job 'Microsoft.App/jobs@2025-01-01' = { replicaTimeout: 10 triggerType: 'Manual' } + environmentId: managedEnvironment.id template: { containers: [ { @@ -41,19 +53,9 @@ resource managedEnvironment 'Microsoft.App/managedEnvironments@2025-01-01' = { appLogsConfiguration: { destination: 'log-analytics' logAnalyticsConfiguration: { + customerId: workspace.properties.customerId sharedKey: workspace.listKeys().primarySharedKey } } } } - -resource workspace 'Microsoft.OperationalInsights/workspaces@2023-09-01' = { - name: '${resourceName}-law' - location: location - properties: { - retentionInDays: 30 - sku: { - name: 'PerGB2018' - } - } -} diff --git a/settings/remarks/microsoft.app/samples/managedenvironments/certificates/main.bicep b/settings/remarks/microsoft.app/samples/managedenvironments/certificates/main.bicep index d9e9ac86..9b2590cc 100644 --- a/settings/remarks/microsoft.app/samples/managedenvironments/certificates/main.bicep +++ b/settings/remarks/microsoft.app/samples/managedenvironments/certificates/main.bicep @@ -11,6 +11,7 @@ resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { appLogsConfiguration: { destination: 'log-analytics' logAnalyticsConfiguration: { + customerId: workspace.properties.customerId sharedKey: workspace.listKeys().primarySharedKey } } @@ -22,6 +23,12 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { + features: { + disableLocalAuth: false + enableLogAccessUsingOnlyResourcePermissions: true + } + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' retentionInDays: 30 sku: { name: 'PerGB2018' @@ -29,12 +36,6 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { workspaceCapping: { dailyQuotaGb: -1 } - features: { - disableLocalAuth: false - enableLogAccessUsingOnlyResourcePermissions: true - } - publicNetworkAccessForIngestion: 'Enabled' - publicNetworkAccessForQuery: 'Enabled' } } @@ -43,7 +44,7 @@ resource certificate 'Microsoft.App/managedEnvironments/certificates@2022-03-01' location: location parent: managedEnvironment properties: { - password: '${certificatePassword}' + password: certificatePassword value: 'MIIKEQIBAzCCCdcGCSqGSIb3DQEHAaCCCcgEggnEMIIJwDCCBHcGCSqGSIb3DQEHBqCCBGgwggRkAgEAMIIEXQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIC/GU56w4YWICAggAgIIEME9dVUOUs44yTqMunA5mEqo8YC4evKVXEA8ESnlfh8QVNEpyWzxwx83t6tg0Dfjk4INCGnDrAxqhQ/685mWQ9IM7J944BTznoN6uK9EqMtDVwavqwapvVR+yCCzqCMIQWUrrAiUzNPFQELCaMg1S13pjHOVd0iJSxvJ98Dga35baMyheYnLYksz1OObCyrn4yAHoyVnenqZd46He0ZmQS3pUrnTYe3U56fZDapRE6peRL5ItIpFrytaV7+KLisQdpQKDPkeew/zaf+p1hT57EHfUFgBYWFMgN4f1egqkKKDrh112Z+C6CUlps5N0AYGZ+ozLMNd1t/x87gCH5AuNeQEIBfDkmhLvZWZ5vLOiEKAoAQxFaMK+U+Vih6msysaQ7NhFA+h/NMmdt9RPm9pV7X+Qq7KNKHnhMZ7mNqxKvdidPOj5UGqhnN/OXrY8MykoedDakwwE9ZCY3ZQS9IN8kjwl2m9gJy18A2hZK+m3jEYGfn6tDayN6eAod1q/OnP7Tujp06pZFZ8HyXIbTPApuFYXSbAWhdBuCHGj0PzthLRzN8iv3T1d46oaEjjQddpM683RWH+daFtXLX7gMH4QjHxRND3IxEzHOiehLwOr2w6bgzIEeXksDPqitz/RGLgs4f10B6cvkCuGTXUCAQcel2IN4fM7dpD5uyg40q+xaFjmF/OLRdjS1vCezDvxVbRpazZOxMFMPQykBFcInP4vKURZ09MujElbBHSiglNjYGEC8k1Ehcqmz9GqU5o+9JHYFr2AgRqIIyz7jIjCZxsD0psdVjIPSYac6Qze5BK+qq/cH/ilIaNq3WGgwCtPA1pcicVYAYwB4czTHUfteO1FjlGYqbGu1b4GA4HzPLBUjTaFla4FgnO7je4PT7A3u3xaVAsCC1rZWKM4atYmkckboC4XE14mYlU625Hoap/xvKW6cbVAucBRkxMps/bV1Pik6N3YLeG2KUMQ77yNDGgv3qZ6XpgJ1Um7QZyW1XdQqtktZBror0bNUsG3Kkp/XPNxWhJLPI3baY84dqoRsXaDIh7k+iV+UuX/Tz70PqWThwANHJ2BmkwXUY1cyiHqJ4mBnu9t/oitjVVYr3a5UGKDzQY6Tcjrp22npiDrnEKpdwqUeShqb0mO4cCAksYy6jh7Eirk1Gdlk/tbMBMCN16Wbsh3kk/i9utQAc4R6+VFq5+/26noW/Q24a4onRGjZ5+rUXlGDUjzssJPxXM6906qMZIpdMB2nZMUp4P6UcPgB3t8FQa8SJs3gIFTxmf9Dce1qloHeXGX7UZ3IGZRZPqxXuBOzCbKf5/M2c3Pe6Vl3Jt/LTN22ghKR4VrVz7Ron71NU+CCvH4LbOyEnnzWe1ePO6RCdpRcN1bUJYa1htvWKb9WUMywfLiKjC6Cx+ezfFZ1DYvXsjq6MzKq22/XE4/fM0wggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIGRXiBvDEL+QCAggABIIEyLn7jmjZLfuFF366QMW9j8TolTxeyuMxsaPnEmw1sIc9Y6IlKzCqzGt3qAgSgdTPV6flNJBcoI4oQFhes7EDcpNfrAxzIRBQYS7i2JC/T68GNfkTIlb0sq8oU4JgoGMXDPjhgQ3yUNkn4xnxfpxy7N1mo41LfJVovG8JsBtg0boV2OovxKYTVFg4X1W4KD+BcJMkI+gjlmHcrnWkDFEycEddxznZINaf9LiZsoSh6gvSGXSRBrmFkG5nWXB/Q25r6cxHm4ZNIKYLFyCV8waq5R1fnvuiT62BI8vYyD1NO+Py2FGFO3vqV/7KrrD8x9eijSv2+ooe220Lqi2lR8HNlwrgh9my4Fak6SzQC5E2iAStzZrRtUr3Xfs4di8ixwgpC6HAt/egOCocKI6aJhouJJoihrow4axeKYdsjKgXairNElIu0/aTdKXptdfXuAos2ct42AHDP3TVngH6q+2B8HPyokQjegr+WE6Jfw9aHeLIBIPK3pFAUqH7hDHFt2OM4GZDaDMesNYhFaX+IJqdIbvr97eaLDFgrhVhB4kvRw7E2VW2K9aXDmDlIRP2XmXEcbC31cKzV19A4W7rEuTdJ9IJb06sCmU/jIGSdm9g+fKKXd15K9D+U+kyhCwqzEZt0JYsJIzypq15nL+QQX61renMUwfU13H0RYjjvqU3CGH3shUGcl0FvQoMPQy1a04ZvOsGiqLlR3lkiEbov7a/prJCkH1AAwezUHiSrn/Y7rVWGLHyd4k6Hd7wBvzRia3MmYDertXdEiinyMqPBiVRdd/NkSkjiBgLpHl3VleKJzmrlLfENnMt2iLSr3ZbhmVpJfn6wMhsqdIbkQT3CcSIoVo91U8JL6U38s4kArKtjgHgSUtST6Aw2o06EOWvVSp2BpsLNth/s21vK7Z1xnrZ06fO/msj+ElzsmLpPVGFpG3D8MW1ULZd2VqtK6cPFPyaYjUE3ZahGn50/DIVaSikvv6Yh4YjMBksiBfsLdndvfIit29i/eRTd3T28WPmvY87k6uG8xgYoDlwXmrBHdl57NktM8ND+Z9HUww4/issZkvvh7MdU2YbDOQsBs2kIYf6h2udRpztXBpecyI2WmFW8tsKXhv4vdx+xldEwtHQL4/UWgofkNl2LeABpn00kRjZ+rybD2p7cCmXKQbM+I6Yu564hC1lffAMBrMT5yUFgzCdmkRJT+8xp1C/zxWGx16dFImpTIPNmjGBU6UcfBg+fpFocybQ8s+yb2Xoq/s/NxpYDO5vqQT/rpPtKCQls8DLMssGgGAyvZ+e0qCnfK5BKUKtxA0tz/mXZrt+Ty6w6KjdZ6Ntmjt546tXTBeRrCJZlwJmPKehpeN5HopDQ7LyWqrKXLGlArCLmB1Xz1LUR1vL4KD7RdO/93LWN5EWQDRtoZCVFU/tCqRh+s4Ljw5jsiFBCczoF3z3dDSid3VL864bXB2neq/wHHhChSnODo6HhdaPfGYSFw7m4kFh7tn3MimFyTdJGqtPdLckFCqckZsliZyCqEAu05xgQJqjrnBEH8B/z3Aq3hHWiR0z1v8jPc8MUlBGeaTjl29c8DSx7gBh7c0Qs0yTxHd1TcELijPvy5dwzEenBYXDCbaxPW0Vm9AHsHVF2A2iuzElMCMGCSqGSIb3DQEJFTEWBBRwppPHAzTboDcfcZuQ6/YqIKiy2zAxMCEwCQYFKw4DAhoFAAQUNIuVDYFIRiHWnbIWwMphIFjOWckECND1GYVTSUGNAgIIAA==' } } diff --git a/settings/remarks/microsoft.app/samples/managedenvironments/daprcomponents/main.bicep b/settings/remarks/microsoft.app/samples/managedenvironments/daprcomponents/main.bicep index dedd0b74..277f47e9 100644 --- a/settings/remarks/microsoft.app/samples/managedenvironments/daprcomponents/main.bicep +++ b/settings/remarks/microsoft.app/samples/managedenvironments/daprcomponents/main.bicep @@ -1,6 +1,21 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { + name: resourceName + location: location + properties: { + appLogsConfiguration: { + destination: 'log-analytics' + logAnalyticsConfiguration: { + customerId: workspace.properties.customerId + sharedKey: workspace.listKeys().primarySharedKey + } + } + vnetConfiguration: {} + } +} + resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location @@ -21,20 +36,6 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { } } -resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { - name: resourceName - location: location - properties: { - vnetConfiguration: {} - appLogsConfiguration: { - destination: 'log-analytics' - logAnalyticsConfiguration: { - sharedKey: workspace.listKeys().primarySharedKey - } - } - } -} - resource daprComponent 'Microsoft.App/managedEnvironments/daprComponents@2022-03-01' = { name: resourceName parent: managedEnvironment @@ -42,7 +43,6 @@ resource daprComponent 'Microsoft.App/managedEnvironments/daprComponents@2022-03 componentType: 'state.azure.blobstorage' ignoreErrors: false initTimeout: '5s' - scopes: null version: 'v1' } } diff --git a/settings/remarks/microsoft.app/samples/managedenvironments/dotnetcomponents/main.bicep b/settings/remarks/microsoft.app/samples/managedenvironments/dotnetcomponents/main.bicep index 87123057..a8665a74 100644 --- a/settings/remarks/microsoft.app/samples/managedenvironments/dotnetcomponents/main.bicep +++ b/settings/remarks/microsoft.app/samples/managedenvironments/dotnetcomponents/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { name: resourceName @@ -8,6 +8,7 @@ resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { appLogsConfiguration: { destination: 'log-analytics' logAnalyticsConfiguration: { + customerId: workspace.properties.customerId sharedKey: workspace.listKeys().primarySharedKey } } diff --git a/settings/remarks/microsoft.app/samples/managedenvironments/main.bicep b/settings/remarks/microsoft.app/samples/managedenvironments/main.bicep index d080d24d..c9f0da2d 100644 --- a/settings/remarks/microsoft.app/samples/managedenvironments/main.bicep +++ b/settings/remarks/microsoft.app/samples/managedenvironments/main.bicep @@ -1,20 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { - name: resourceName - location: location - properties: { - appLogsConfiguration: { - logAnalyticsConfiguration: { - sharedKey: workspace.listKeys().primarySharedKey - } - destination: 'log-analytics' - } - vnetConfiguration: {} - } -} - resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location @@ -34,3 +20,18 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { } } } + +resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { + name: resourceName + location: location + properties: { + appLogsConfiguration: { + destination: 'log-analytics' + logAnalyticsConfiguration: { + customerId: workspace.properties.customerId + sharedKey: workspace.listKeys().primarySharedKey + } + } + vnetConfiguration: {} + } +} diff --git a/settings/remarks/microsoft.app/samples/managedenvironments/storages/main.bicep b/settings/remarks/microsoft.app/samples/managedenvironments/storages/main.bicep index 2312f134..7e42e87b 100644 --- a/settings/remarks/microsoft.app/samples/managedenvironments/storages/main.bicep +++ b/settings/remarks/microsoft.app/samples/managedenvironments/storages/main.bicep @@ -1,6 +1,21 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { + name: resourceName + location: location + properties: { + appLogsConfiguration: { + destination: 'log-analytics' + logAnalyticsConfiguration: { + customerId: workspace.properties.customerId + sharedKey: workspace.listKeys().primarySharedKey + } + } + vnetConfiguration: {} + } +} + resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location @@ -9,6 +24,10 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { + accessTier: 'Hot' + allowBlobPublicAccess: true + allowCrossTenantReplication: true + allowSharedKeyAccess: true defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' @@ -22,9 +41,6 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } isHnsEnabled: false - supportsHttpsTrafficOnly: true - accessTier: 'Hot' - allowBlobPublicAccess: true isNfsV3Enabled: false isSftpEnabled: false minimumTlsVersion: 'TLS1_2' @@ -32,8 +48,7 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' - allowCrossTenantReplication: true - allowSharedKeyAccess: true + supportsHttpsTrafficOnly: true } tags: { environment: 'accTest' @@ -44,9 +59,6 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { - workspaceCapping: { - dailyQuotaGb: -1 - } features: { disableLocalAuth: false enableLogAccessUsingOnlyResourcePermissions: true @@ -57,20 +69,9 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { sku: { name: 'PerGB2018' } - } -} - -resource managedEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = { - name: resourceName - location: location - properties: { - appLogsConfiguration: { - destination: 'log-analytics' - logAnalyticsConfiguration: { - sharedKey: workspace.listKeys().primarySharedKey - } + workspaceCapping: { + dailyQuotaGb: -1 } - vnetConfiguration: {} } } diff --git a/settings/remarks/microsoft.appconfiguration/samples/configurationstores/main.bicep b/settings/remarks/microsoft.appconfiguration/samples/configurationstores/main.bicep index 38511033..d2041a6b 100644 --- a/settings/remarks/microsoft.appconfiguration/samples/configurationstores/main.bicep +++ b/settings/remarks/microsoft.appconfiguration/samples/configurationstores/main.bicep @@ -8,7 +8,7 @@ resource configurationStore 'Microsoft.AppConfiguration/configurationStores@2023 name: 'standard' } properties: { - enablePurgeProtection: false disableLocalAuth: false + enablePurgeProtection: false } } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/apiportals/domains/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/apiportals/domains/main.bicep index 3c957a06..aebaea03 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/apiportals/domains/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/apiportals/domains/main.bicep @@ -16,9 +16,9 @@ resource apiPortal 'Microsoft.AppPlatform/Spring/apiPortals@2023-05-01-preview' name: 'default' parent: spring sku: { + capacity: 1 name: 'E0' tier: 'Enterprise' - capacity: 1 } properties: { gatewayIds: [] diff --git a/settings/remarks/microsoft.appplatform/samples/spring/apps/bindings/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/apps/bindings/main.bicep index 305a460f..6873baf8 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/apps/bindings/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/apps/bindings/main.bicep @@ -17,9 +17,9 @@ resource app 'Microsoft.AppPlatform/Spring/apps@2023-05-01-preview' = { location: location parent: spring properties: { + customPersistentDisks: [] enableEndToEndTLS: false public: false - customPersistentDisks: [] } } @@ -39,12 +39,12 @@ resource redis 'Microsoft.Cache/redis@2023-04-01' = { name: resourceName location: location properties: { + enableNonSslPort: true + minimumTlsVersion: '1.2' sku: { capacity: 2 family: 'C' name: 'Standard' } - enableNonSslPort: true - minimumTlsVersion: '1.2' } } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/apps/deployments/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/apps/deployments/main.bicep index ad6f5344..2b6c9df7 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/apps/deployments/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/apps/deployments/main.bicep @@ -37,11 +37,11 @@ resource deployment 'Microsoft.AppPlatform/Spring/apps/deployments@2023-05-01-pr } source: { customContainer: { + args: [] command: [] containerImage: 'springio/gs-spring-boot-docker' languageFramework: '' server: 'docker.io' - args: [] } type: 'Container' } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/apps/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/apps/main.bicep index e7c50085..99d8ce01 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/apps/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/apps/main.bicep @@ -17,8 +17,8 @@ resource app 'Microsoft.AppPlatform/Spring/apps@2023-05-01-preview' = { location: location parent: spring properties: { + customPersistentDisks: [] enableEndToEndTLS: false public: false - customPersistentDisks: [] } } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/buildservices/builders/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/buildservices/builders/main.bicep index 968bf270..eef01af6 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/buildservices/builders/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/buildservices/builders/main.bicep @@ -1,6 +1,23 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { + name: resourceName + location: location + sku: { + name: 'E0' + } + properties: { + zoneRedundant: false + } +} + +resource buildService 'Microsoft.AppPlatform/Spring/buildServices@2023-05-01-preview' = { + name: 'default' + parent: spring + properties: {} +} + resource builder 'Microsoft.AppPlatform/Spring/buildServices/builders@2023-05-01-preview' = { name: resourceName properties: { @@ -20,20 +37,3 @@ resource builder 'Microsoft.AppPlatform/Spring/buildServices/builders@2023-05-01 } } } - -resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { - name: resourceName - location: location - sku: { - name: 'E0' - } - properties: { - zoneRedundant: false - } -} - -resource buildService 'Microsoft.AppPlatform/Spring/buildServices@2023-05-01-preview' = { - name: 'default' - parent: spring - properties: {} -} diff --git a/settings/remarks/microsoft.appplatform/samples/spring/configurationservices/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/configurationservices/main.bicep index 13158829..f2cd6301 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/configurationservices/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/configurationservices/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName diff --git a/settings/remarks/microsoft.appplatform/samples/spring/devtoolportals/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/devtoolportals/main.bicep index 80b5d0bd..701e1f08 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/devtoolportals/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/devtoolportals/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName @@ -16,7 +16,6 @@ resource devToolPortal 'Microsoft.AppPlatform/Spring/DevToolPortals@2023-05-01-p name: 'default' parent: spring properties: { - public: false features: { applicationAccelerator: { state: 'Disabled' @@ -25,5 +24,6 @@ resource devToolPortal 'Microsoft.AppPlatform/Spring/DevToolPortals@2023-05-01-p state: 'Disabled' } } + public: false } } diff --git a/settings/remarks/microsoft.appplatform/samples/spring/gateways/routeconfigs/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/gateways/routeconfigs/main.bicep index 5bf03fd5..53721608 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/gateways/routeconfigs/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/gateways/routeconfigs/main.bicep @@ -12,17 +12,6 @@ resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { } } -resource app 'Microsoft.AppPlatform/Spring/apps@2023-05-01-preview' = { - name: resourceName - location: location - parent: spring - properties: { - customPersistentDisks: [] - enableEndToEndTLS: false - public: false - } -} - resource gateway 'Microsoft.AppPlatform/Spring/gateways@2023-05-01-preview' = { name: 'default' parent: spring @@ -47,3 +36,14 @@ resource routeConfig 'Microsoft.AppPlatform/Spring/gateways/routeConfigs@2023-05 ssoEnabled: false } } + +resource app 'Microsoft.AppPlatform/Spring/apps@2023-05-01-preview' = { + name: resourceName + location: location + parent: spring + properties: { + customPersistentDisks: [] + enableEndToEndTLS: false + public: false + } +} diff --git a/settings/remarks/microsoft.appplatform/samples/spring/storages/main.bicep b/settings/remarks/microsoft.appplatform/samples/spring/storages/main.bicep index 55dbcca3..717b2845 100644 --- a/settings/remarks/microsoft.appplatform/samples/spring/storages/main.bicep +++ b/settings/remarks/microsoft.appplatform/samples/spring/storages/main.bicep @@ -1,17 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { - name: resourceName - location: location - sku: { - name: 'S0' - } - properties: { - zoneRedundant: false - } -} - resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location @@ -20,15 +9,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { - supportsHttpsTrafficOnly: true accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: true - defaultToOAuthAuthentication: false - isHnsEnabled: false - isNfsV3Enabled: false - isSftpEnabled: false allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -40,11 +25,26 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } + isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true + } +} + +resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { + name: resourceName + location: location + sku: { + name: 'S0' + } + properties: { + zoneRedundant: false } } diff --git a/settings/remarks/microsoft.authorization/samples/locks/main.bicep b/settings/remarks/microsoft.authorization/samples/locks/main.bicep index e8a708da..9ecbaf8f 100644 --- a/settings/remarks/microsoft.authorization/samples/locks/main.bicep +++ b/settings/remarks/microsoft.authorization/samples/locks/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { name: resourceName diff --git a/settings/remarks/microsoft.authorization/samples/policyassignments/main.bicep b/settings/remarks/microsoft.authorization/samples/policyassignments/main.bicep index 1fbf1e03..1229c800 100644 --- a/settings/remarks/microsoft.authorization/samples/policyassignments/main.bicep +++ b/settings/remarks/microsoft.authorization/samples/policyassignments/main.bicep @@ -18,6 +18,7 @@ resource policyAssignment 'Microsoft.Authorization/policyAssignments@2022-06-01' ] } } + policyDefinitionId: policyDefinition.id scope: subscription().id } } @@ -25,18 +26,6 @@ resource policyAssignment 'Microsoft.Authorization/policyAssignments@2022-06-01' resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' = { name: resourceName properties: { - policyRule: { - if: { - not: { - field: 'location' - in: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} - } - } - then: { - effect: 'audit' - } - } - policyType: 'Custom' description: '' displayName: 'my-policy-definition' mode: 'All' @@ -50,5 +39,17 @@ resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' type: 'Array' } } + policyRule: { + if: { + not: { + field: 'location' + in: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} + } + } + then: { + effect: 'audit' + } + } + policyType: 'Custom' } } diff --git a/settings/remarks/microsoft.authorization/samples/policydefinitions/main.bicep b/settings/remarks/microsoft.authorization/samples/policydefinitions/main.bicep index 59418177..344037fc 100644 --- a/settings/remarks/microsoft.authorization/samples/policydefinitions/main.bicep +++ b/settings/remarks/microsoft.authorization/samples/policydefinitions/main.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -param location string = 'eastus' param resourceName string = 'acctest0001' +param location string = 'eastus' resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' = { name: resourceName @@ -11,12 +11,12 @@ resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' mode: 'All' parameters: { allowedLocations: { - type: 'Array' metadata: { description: 'The list of allowed locations for resources.' displayName: 'Allowed locations' strongType: 'location' } + type: 'Array' } } policyRule: { diff --git a/settings/remarks/microsoft.authorization/samples/policyexemptions/main.bicep b/settings/remarks/microsoft.authorization/samples/policyexemptions/main.bicep index fd565362..436c9004 100644 --- a/settings/remarks/microsoft.authorization/samples/policyexemptions/main.bicep +++ b/settings/remarks/microsoft.authorization/samples/policyexemptions/main.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -param location string = 'eastus' param resourceName string = 'acctest0001' +param location string = 'eastus' resource policyAssignment 'Microsoft.Authorization/policyAssignments@2022-06-01' = { name: resourceName @@ -10,6 +10,7 @@ resource policyAssignment 'Microsoft.Authorization/policyAssignments@2022-06-01' properties: { displayName: '' enforcementMode: 'Default' + policyDefinitionId: policyDefinition.id scope: subscription().id } } @@ -17,6 +18,19 @@ resource policyAssignment 'Microsoft.Authorization/policyAssignments@2022-06-01' resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' = { name: resourceName properties: { + description: '' + displayName: 'my-policy-definition' + mode: 'All' + parameters: { + allowedLocations: { + metadata: { + description: 'The list of allowed locations for resources.' + displayName: 'Allowed locations' + strongType: 'location' + } + type: 'Array' + } + } policyRule: { if: { not: { @@ -29,19 +43,6 @@ resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' } } policyType: 'Custom' - description: '' - displayName: 'my-policy-definition' - mode: 'All' - parameters: { - allowedLocations: { - type: 'Array' - metadata: { - strongType: 'location' - description: 'The list of allowed locations for resources.' - displayName: 'Allowed locations' - } - } - } } } diff --git a/settings/remarks/microsoft.authorization/samples/policysetdefinitions/main.bicep b/settings/remarks/microsoft.authorization/samples/policysetdefinitions/main.bicep index ced28763..00bc9178 100644 --- a/settings/remarks/microsoft.authorization/samples/policysetdefinitions/main.bicep +++ b/settings/remarks/microsoft.authorization/samples/policysetdefinitions/main.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -param location string = 'westus' param resourceName string = 'acctest0001' +param location string = 'westus' resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' = { name: resourceName @@ -37,15 +37,14 @@ resource policyDefinition 'Microsoft.Authorization/policyDefinitions@2021-06-01' resource policySetDefinition 'Microsoft.Authorization/policySetDefinitions@2025-01-01' = { name: 'acctestpolset-${resourceName}' properties: { - policyType: 'Custom' description: '' displayName: 'acctestpolset-${resourceName}' parameters: { allowedLocations: { metadata: { - strongType: 'location' description: 'The list of allowed locations for resources.' displayName: 'Allowed locations' + strongType: 'location' } type: 'Array' } @@ -62,5 +61,6 @@ resource policySetDefinition 'Microsoft.Authorization/policySetDefinitions@2025- policyDefinitionReferenceId: '' } ] + policyType: 'Custom' } } diff --git a/settings/remarks/microsoft.authorization/samples/roledefinitions/main.bicep b/settings/remarks/microsoft.authorization/samples/roledefinitions/main.bicep index 1c5be7d6..09389be6 100644 --- a/settings/remarks/microsoft.authorization/samples/roledefinitions/main.bicep +++ b/settings/remarks/microsoft.authorization/samples/roledefinitions/main.bicep @@ -6,7 +6,6 @@ param location string = 'eastus' resource roleDefinition 'Microsoft.Authorization/roleDefinitions@2018-01-01-preview' = { name: '6faae21a-0cd6-4536-8c23-a278823d12ed' properties: { - type: 'CustomRole' assignableScopes: [ subscription().id ] @@ -22,5 +21,6 @@ resource roleDefinition 'Microsoft.Authorization/roleDefinitions@2018-01-01-prev } ] roleName: resourceName + type: 'CustomRole' } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/configurations/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/configurations/main.bicep index dd7b0c94..47b2e853 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/configurations/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/configurations/main.bicep @@ -5,13 +5,13 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' name: resourceName location: location properties: { + encryption: { + keySource: 'Microsoft.Automation' + } publicNetworkAccess: true sku: { name: 'Basic' } - encryption: { - keySource: 'Microsoft.Automation' - } } } @@ -20,12 +20,12 @@ resource configuration 'Microsoft.Automation/automationAccounts/configurations@2 location: location parent: automationAccount properties: { + description: 'test' + logVerbose: false source: { type: 'embeddedContent' value: 'configuration acctest {}' } - description: 'test' - logVerbose: false } tags: { ENV: 'prod' diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/connections/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/connections/main.bicep index ac22283e..643e2339 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/connections/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/connections/main.bicep @@ -26,11 +26,11 @@ resource connection 'Microsoft.Automation/automationAccounts/connections@2020-01 } description: '' fieldDefinitionValues: { + ApplicationId: servicePrincipalApplicationId CertificateThumbprint: '''AEB97B81A68E8988850972916A8B8B6CD8F39813 ''' SubscriptionId: subscription().subscriptionId TenantId: tenant().tenantId - ApplicationId: servicePrincipalApplicationId } } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/connectiontypes/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/connectiontypes/main.bicep index dc30d716..8b9c6912 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/connectiontypes/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/connectiontypes/main.bicep @@ -5,13 +5,13 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' name: resourceName location: location properties: { - sku: { - name: 'Basic' - } encryption: { keySource: 'Microsoft.Automation' } publicNetworkAccess: true + sku: { + name: 'Basic' + } } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/credentials/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/credentials/main.bicep index b7e13255..7a7b77d2 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/credentials/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/credentials/main.bicep @@ -23,7 +23,7 @@ resource credential 'Microsoft.Automation/automationAccounts/credentials@2020-01 parent: automationAccount properties: { description: '' - password: '${automationCredentialPassword}' + password: automationCredentialPassword userName: 'test_user' } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/hybridrunbookworkers/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/hybridrunbookworkers/main.bicep index bb4e8884..fbccfb3d 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/hybridrunbookworkers/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/hybridrunbookworkers/main.bicep @@ -1,35 +1,11 @@ -@secure() -@description('The administrator password for the virtual machine') -param vmAdminPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' @secure() @description('The password for the automation account hybrid runbook worker') param automationWorkerPassword string - -resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' = { - name: resourceName - location: location - properties: { - publicNetworkAccess: true - sku: { - name: 'Basic' - } - encryption: { - keySource: 'Microsoft.Automation' - } - } -} - -resource credential 'Microsoft.Automation/automationAccounts/credentials@2020-01-13-preview' = { - name: resourceName - parent: automationAccount - properties: { - description: '' - password: '${automationWorkerPassword}' - userName: 'test_user' - } -} +@secure() +@description('The administrator password for the virtual machine') +param vmAdminPassword string resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName @@ -51,32 +27,26 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: 'internal' parent: virtualNetwork properties: { - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] addressPrefix: '10.0.2.0/24' delegations: [] privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } -resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { +resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' = { name: resourceName location: location properties: { - enableAcceleratedNetworking: false - enableIPForwarding: false - ipConfigurations: [ - { - name: 'testconfiguration1' - properties: { - primary: true - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - subnet: {} - } - } - ] + encryption: { + keySource: 'Microsoft.Automation' + } + publicNetworkAccess: true + sku: { + name: 'Basic' + } } } @@ -97,6 +67,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { name: resourceName location: location properties: { + additionalCapabilities: {} applicationProfile: { galleryApplications: [] } @@ -106,6 +77,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { storageUri: '' } } + extensionsTimeBudget: 'PT1H30M' hardwareProfile: { vmSize: 'Standard_D2s_v3' } @@ -137,13 +109,14 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { } secrets: [] } + priority: 'Regular' storageProfile: { dataDisks: [] imageReference: { - version: 'latest' offer: 'UbuntuServer' publisher: 'Canonical' sku: '16.04-LTS' + version: 'latest' } osDisk: { caching: 'ReadWrite' @@ -155,8 +128,37 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { writeAcceleratorEnabled: false } } - additionalCapabilities: {} - extensionsTimeBudget: 'PT1H30M' - priority: 'Regular' + } +} + +resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { + name: resourceName + location: location + properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + name: 'testconfiguration1' + properties: { + primary: true + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + subnet: { + id: subnet.id + } + } + } + ] + } +} + +resource credential 'Microsoft.Automation/automationAccounts/credentials@2020-01-13-preview' = { + name: resourceName + parent: automationAccount + properties: { + description: '' + password: automationWorkerPassword + userName: 'test_user' } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/main.bicep index ae163f2a..3958b8e8 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/hybridrunbookworkergroups/main.bicep @@ -1,8 +1,8 @@ +param resourceName string = 'acctest0001' param location string = 'westeurope' @secure() @description('The password for the automation account credential') param credentialPassword string -param resourceName string = 'acctest0001' resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' = { name: resourceName @@ -23,7 +23,7 @@ resource credential 'Microsoft.Automation/automationAccounts/credentials@2020-01 parent: automationAccount properties: { description: '' - password: '${credentialPassword}' + password: credentialPassword userName: 'test_user' } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/modules/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/modules/main.bicep index fe6099c5..e006f99e 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/modules/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/modules/main.bicep @@ -5,13 +5,13 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' name: resourceName location: location properties: { + encryption: { + keySource: 'Microsoft.Automation' + } publicNetworkAccess: true sku: { name: 'Basic' } - encryption: { - keySource: 'Microsoft.Automation' - } } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/draft/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/draft/main.bicep index 84b33a58..b05aa278 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/draft/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/draft/main.bicep @@ -5,13 +5,13 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' name: resourceName location: location properties: { + encryption: { + keySource: 'Microsoft.Automation' + } publicNetworkAccess: true sku: { name: 'Basic' } - encryption: { - keySource: 'Microsoft.Automation' - } } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/main.bicep index 53971680..7f2961bc 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/runbooks/main.bicep @@ -5,13 +5,13 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' name: resourceName location: location properties: { + encryption: { + keySource: 'Microsoft.Automation' + } publicNetworkAccess: true sku: { name: 'Basic' } - encryption: { - keySource: 'Microsoft.Automation' - } } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/schedules/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/schedules/main.bicep index feca9534..ccbf55e7 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/schedules/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/schedules/main.bicep @@ -5,13 +5,13 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' name: resourceName location: location properties: { - sku: { - name: 'Basic' - } encryption: { keySource: 'Microsoft.Automation' } publicNetworkAccess: true + sku: { + name: 'Basic' + } } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/softwareupdateconfigurations/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/softwareupdateconfigurations/main.bicep index 465e422a..a71e8940 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/softwareupdateconfigurations/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/softwareupdateconfigurations/main.bicep @@ -20,16 +20,23 @@ resource softwareUpdateConfiguration 'Microsoft.Automation/automationAccounts/so parent: automationAccount properties: { scheduleInfo: { - nextRunOffsetMinutes: 0 - timeZone: 'Etc/UTC' + description: '' expiryTimeOffsetMinutes: 0 frequency: 'OneTime' - startTimeOffsetMinutes: 0 - description: '' interval: 0 isEnabled: true + nextRunOffsetMinutes: 0 + startTimeOffsetMinutes: 0 + timeZone: 'Etc/UTC' } updateConfiguration: { + duration: 'PT2H' + linux: { + excludedPackageNameMasks: [] + includedPackageClassifications: 'Security' + includedPackageNameMasks: [] + rebootSetting: 'IfRequired' + } operatingSystem: 'Linux' targets: { azureQueries: [ @@ -43,13 +50,6 @@ resource softwareUpdateConfiguration 'Microsoft.Automation/automationAccounts/so } ] } - duration: 'PT2H' - linux: { - excludedPackageNameMasks: [] - includedPackageClassifications: 'Security' - includedPackageNameMasks: [] - rebootSetting: 'IfRequired' - } } } } diff --git a/settings/remarks/microsoft.automation/samples/automationaccounts/sourcecontrols/main.bicep b/settings/remarks/microsoft.automation/samples/automationaccounts/sourcecontrols/main.bicep index ee976165..3db9115b 100644 --- a/settings/remarks/microsoft.automation/samples/automationaccounts/sourcecontrols/main.bicep +++ b/settings/remarks/microsoft.automation/samples/automationaccounts/sourcecontrols/main.bicep @@ -1,8 +1,8 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @secure() @description('GitHub Personal Access Token') param pat string +param resourceName string = 'acctest0001' resource automationAccount 'Microsoft.Automation/automationAccounts@2023-11-01' = { name: resourceName @@ -22,15 +22,15 @@ resource sourceControl 'Microsoft.Automation/automationAccounts/sourceControls@2 name: resourceName parent: automationAccount properties: { + autoSync: false branch: 'master' folderPath: '/' publishRunbook: false repoUrl: 'https://github.com/Azure-Samples/acr-build-helloworld-node.git' securityToken: { - accessToken: '${pat}' + accessToken: pat tokenType: 'PersonalAccessToken' } sourceType: 'GitHub' - autoSync: false } } diff --git a/settings/remarks/microsoft.avs/samples/privateclouds/main.bicep b/settings/remarks/microsoft.avs/samples/privateclouds/main.bicep index a55bba1f..afe52b87 100644 --- a/settings/remarks/microsoft.avs/samples/privateclouds/main.bicep +++ b/settings/remarks/microsoft.avs/samples/privateclouds/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'centralus' +param resourceName string = 'acctest0001' resource privateCloud 'Microsoft.AVS/privateClouds@2022-05-01' = { name: resourceName diff --git a/settings/remarks/microsoft.azureactivedirectory/samples/b2cdirectories/main.bicep b/settings/remarks/microsoft.azureactivedirectory/samples/b2cdirectories/main.bicep index 9745b7cf..473d0b28 100644 --- a/settings/remarks/microsoft.azureactivedirectory/samples/b2cdirectories/main.bicep +++ b/settings/remarks/microsoft.azureactivedirectory/samples/b2cdirectories/main.bicep @@ -17,7 +17,7 @@ resource b2cDirectory 'Microsoft.AzureActiveDirectory/b2cDirectories@2021-04-01- properties: { createTenantProperties: { countryCode: 'US' - displayName: '${resourceName}' + displayName: resourceName } } } diff --git a/settings/remarks/microsoft.batch/samples/batchaccounts/applications/main.bicep b/settings/remarks/microsoft.batch/samples/batchaccounts/applications/main.bicep index edf32285..d5691e8a 100644 --- a/settings/remarks/microsoft.batch/samples/batchaccounts/applications/main.bicep +++ b/settings/remarks/microsoft.batch/samples/batchaccounts/applications/main.bicep @@ -5,14 +5,15 @@ resource batchAccount 'Microsoft.Batch/batchAccounts@2022-10-01' = { name: resourceName location: location properties: { - publicNetworkAccess: 'Enabled' autoStorage: { authenticationMode: 'StorageKeys' + storageAccountId: storageAccount.id } encryption: { keySource: 'Microsoft.Batch' } poolAllocationMode: 'BatchService' + publicNetworkAccess: 'Enabled' } } @@ -24,18 +25,10 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { - isNfsV3Enabled: false - isSftpEnabled: false - networkAcls: { - defaultAction: 'Allow' - } accessTier: 'Hot' - allowSharedKeyAccess: true - minimumTlsVersion: 'TLS1_2' - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true allowBlobPublicAccess: true allowCrossTenantReplication: true + allowSharedKeyAccess: true defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' @@ -49,6 +42,14 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true } } @@ -56,8 +57,8 @@ resource application 'Microsoft.Batch/batchAccounts/applications@2022-10-01' = { name: resourceName parent: batchAccount properties: { + allowUpdates: true defaultVersion: '' displayName: '' - allowUpdates: true } } diff --git a/settings/remarks/microsoft.batch/samples/batchaccounts/certificates/main.bicep b/settings/remarks/microsoft.batch/samples/batchaccounts/certificates/main.bicep index a017849a..72e2f24e 100644 --- a/settings/remarks/microsoft.batch/samples/batchaccounts/certificates/main.bicep +++ b/settings/remarks/microsoft.batch/samples/batchaccounts/certificates/main.bicep @@ -1,10 +1,10 @@ +@secure() +@description('The base64-encoded certificate data') +param certificateData string @description('The thumbprint of the certificate') param certificateThumbprint string param resourceName string = 'acctest0001' param location string = 'westeurope' -@secure() -@description('The base64-encoded certificate data') -param certificateData string resource batchAccount 'Microsoft.Batch/batchAccounts@2022-10-01' = { name: resourceName @@ -22,9 +22,9 @@ resource certificate 'Microsoft.Batch/batchAccounts/certificates@2022-10-01' = { name: 'SHA1-${certificateThumbprint}' parent: batchAccount properties: { - data: '${certificateData}' + data: certificateData format: 'Cer' - thumbprint: '${certificateThumbprint}' + thumbprint: certificateThumbprint thumbprintAlgorithm: 'sha1' } } diff --git a/settings/remarks/microsoft.batch/samples/batchaccounts/pools/main.bicep b/settings/remarks/microsoft.batch/samples/batchaccounts/pools/main.bicep index 46ec22ce..3ebd9cd1 100644 --- a/settings/remarks/microsoft.batch/samples/batchaccounts/pools/main.bicep +++ b/settings/remarks/microsoft.batch/samples/batchaccounts/pools/main.bicep @@ -17,7 +17,6 @@ resource pool 'Microsoft.Batch/batchAccounts/pools@2022-10-01' = { name: resourceName parent: batchAccount properties: { - certificates: null deploymentConfiguration: { virtualMachineConfiguration: { imageReference: { @@ -34,18 +33,18 @@ resource pool 'Microsoft.Batch/batchAccounts/pools@2022-10-01' = { } } } - taskSlotsPerNode: 1 displayName: '' interNodeCommunication: 'Enabled' metadata: [] scaleSettings: { fixedScale: { + nodeDeallocationOption: '' resizeTimeout: 'PT15M' targetDedicatedNodes: 1 targetLowPriorityNodes: 0 - nodeDeallocationOption: '' } } + taskSlotsPerNode: 1 vmSize: 'STANDARD_A1' } } diff --git a/settings/remarks/microsoft.billing/samples/billingaccounts/billingprofiles/main.bicep b/settings/remarks/microsoft.billing/samples/billingaccounts/billingprofiles/main.bicep index db96f363..46b427bf 100644 --- a/settings/remarks/microsoft.billing/samples/billingaccounts/billingprofiles/main.bicep +++ b/settings/remarks/microsoft.billing/samples/billingaccounts/billingprofiles/main.bicep @@ -11,29 +11,29 @@ param paymentScaId string resource billingProfile 'Microsoft.Billing/billingAccounts/billingProfiles@2024-04-01' = { name: resourceName properties: { + billTo: { + addressLine1: 'TestWay' + city: 'Redmond' + companyName: 'TestCompany' + country: 'US' + isValidAddress: true + postalCode: '12345-1234' + region: 'WA' + } + displayName: resourceName enabledAzurePlans: [ { skuId: '0001' } ] shipTo: { - postalCode: '12345-1234' - region: 'WA' addressLine1: 'TestWay' city: 'Redmond' companyName: 'TestCompany' country: 'US' isValidAddress: true - } - billTo: { - companyName: 'TestCompany' - country: 'US' - isValidAddress: true postalCode: '12345-1234' region: 'WA' - addressLine1: 'TestWay' - city: 'Redmond' } - displayName: '${resourceName}' } } diff --git a/settings/remarks/microsoft.botservice/samples/botservices/channels/main.bicep b/settings/remarks/microsoft.botservice/samples/botservices/channels/main.bicep index 9f03eece..a678a1ac 100644 --- a/settings/remarks/microsoft.botservice/samples/botservices/channels/main.bicep +++ b/settings/remarks/microsoft.botservice/samples/botservices/channels/main.bicep @@ -9,17 +9,17 @@ resource botService 'Microsoft.BotService/botServices@2021-05-01-preview' = { } kind: 'bot' properties: { + cmekKeyVaultUrl: '' + description: '' + developerAppInsightKey: '' + developerAppInsightsApiKey: '' + developerAppInsightsApplicationId: '' + displayName: resourceName endpoint: '' iconUrl: 'https://docs.botframework.com/static/devportal/client/images/bot-framework-default.png' isCmekEnabled: false - msaAppId: '12345678-1234-1234-1234-123456789012' - developerAppInsightKey: '' - developerAppInsightsApiKey: '' isStreamingSupported: false - cmekKeyVaultUrl: '' - description: '' - developerAppInsightsApplicationId: '' - displayName: '${resourceName}' + msaAppId: '12345678-1234-1234-1234-123456789012' } } diff --git a/settings/remarks/microsoft.botservice/samples/botservices/main.bicep b/settings/remarks/microsoft.botservice/samples/botservices/main.bicep index 127d9095..a1e759f1 100644 --- a/settings/remarks/microsoft.botservice/samples/botservices/main.bicep +++ b/settings/remarks/microsoft.botservice/samples/botservices/main.bicep @@ -11,14 +11,14 @@ resource botService 'Microsoft.BotService/botServices@2021-05-01-preview' = { } kind: 'sdk' properties: { + developerAppInsightKey: '' + developerAppInsightsApiKey: '' + developerAppInsightsApplicationId: '' displayName: resourceName endpoint: '' + luisAppIds: [] luisKey: '' msaAppId: clientId - luisAppIds: [] - developerAppInsightKey: '' - developerAppInsightsApiKey: '' - developerAppInsightsApplicationId: '' } tags: { environment: 'production' diff --git a/settings/remarks/microsoft.cache/samples/redis/accesspolicies/main.bicep b/settings/remarks/microsoft.cache/samples/redis/accesspolicies/main.bicep index a8dc96a1..6e816e11 100644 --- a/settings/remarks/microsoft.cache/samples/redis/accesspolicies/main.bicep +++ b/settings/remarks/microsoft.cache/samples/redis/accesspolicies/main.bicep @@ -5,6 +5,9 @@ resource redis 'Microsoft.Cache/redis@2024-11-01' = { name: resourceName location: location properties: { + disableAccessKeyAuthentication: false + enableNonSslPort: true + minimumTlsVersion: '1.2' publicNetworkAccess: 'Enabled' redisConfiguration: { 'maxmemory-policy': 'volatile-lru' @@ -16,9 +19,6 @@ resource redis 'Microsoft.Cache/redis@2024-11-01' = { family: 'C' name: 'Basic' } - disableAccessKeyAuthentication: false - enableNonSslPort: true - minimumTlsVersion: '1.2' } } diff --git a/settings/remarks/microsoft.cache/samples/redis/accesspolicyassignments/main.bicep b/settings/remarks/microsoft.cache/samples/redis/accesspolicyassignments/main.bicep index 8e450a10..a16b2f3c 100644 --- a/settings/remarks/microsoft.cache/samples/redis/accesspolicyassignments/main.bicep +++ b/settings/remarks/microsoft.cache/samples/redis/accesspolicyassignments/main.bicep @@ -19,8 +19,8 @@ resource accessPolicyAssignment 'Microsoft.Cache/redis/accessPolicyAssignments@2 name: resourceName parent: redis properties: { - objectIdAlias: 'ServicePrincipal' accessPolicyName: 'Data Contributor' objectId: deployer().objectId + objectIdAlias: 'ServicePrincipal' } } diff --git a/settings/remarks/microsoft.cache/samples/redis/firewallrules/main.bicep b/settings/remarks/microsoft.cache/samples/redis/firewallrules/main.bicep index f9a30e3f..1d900f04 100644 --- a/settings/remarks/microsoft.cache/samples/redis/firewallrules/main.bicep +++ b/settings/remarks/microsoft.cache/samples/redis/firewallrules/main.bicep @@ -5,11 +5,6 @@ resource redis 'Microsoft.Cache/redis@2024-11-01' = { name: resourceName location: location properties: { - sku: { - capacity: 1 - family: 'P' - name: 'Premium' - } disableAccessKeyAuthentication: false enableNonSslPort: false minimumTlsVersion: '1.2' @@ -21,6 +16,11 @@ resource redis 'Microsoft.Cache/redis@2024-11-01' = { 'preferred-data-persistence-auth-method': '' } redisVersion: '6.0' + sku: { + capacity: 1 + family: 'P' + name: 'Premium' + } } } @@ -28,7 +28,7 @@ resource firewallRule 'Microsoft.Cache/redis/firewallRules@2024-11-01' = { name: '${resourceName}_fwrule' parent: redis properties: { - startIP: '1.2.3.4' endIP: '2.3.4.5' + startIP: '1.2.3.4' } } diff --git a/settings/remarks/microsoft.cache/samples/redis/linkedservers/main-rg-module.bicep b/settings/remarks/microsoft.cache/samples/redis/linkedservers/main-rg-module.bicep index e9417a74..951c282f 100644 --- a/settings/remarks/microsoft.cache/samples/redis/linkedservers/main-rg-module.bicep +++ b/settings/remarks/microsoft.cache/samples/redis/linkedservers/main-rg-module.bicep @@ -10,10 +10,10 @@ resource redisPrimary 'Microsoft.Cache/redis@2024-11-01' = { minimumTlsVersion: '1.2' publicNetworkAccess: 'Enabled' redisConfiguration: { - 'preferred-data-persistence-auth-method': '' 'maxmemory-delta': '642' 'maxmemory-policy': 'allkeys-lru' 'maxmemory-reserved': '642' + 'preferred-data-persistence-auth-method': '' } redisVersion: '6' sku: { @@ -28,6 +28,10 @@ resource redisSecondary 'Microsoft.Cache/redis@2024-11-01' = { name: '${resourceName}-secondary' location: location properties: { + disableAccessKeyAuthentication: false + enableNonSslPort: false + minimumTlsVersion: '1.2' + publicNetworkAccess: 'Enabled' redisConfiguration: { 'maxmemory-delta': '642' 'maxmemory-policy': 'allkeys-lru' @@ -40,10 +44,6 @@ resource redisSecondary 'Microsoft.Cache/redis@2024-11-01' = { family: 'P' name: 'Premium' } - disableAccessKeyAuthentication: false - enableNonSslPort: false - minimumTlsVersion: '1.2' - publicNetworkAccess: 'Enabled' } } diff --git a/settings/remarks/microsoft.cache/samples/redis/main.bicep b/settings/remarks/microsoft.cache/samples/redis/main.bicep index a674cb7f..b4171f1a 100644 --- a/settings/remarks/microsoft.cache/samples/redis/main.bicep +++ b/settings/remarks/microsoft.cache/samples/redis/main.bicep @@ -1,5 +1,5 @@ -param location string = 'eastus' param resourceName string = 'acctest0001' +param location string = 'eastus' resource redis 'Microsoft.Cache/redis@2023-04-01' = { name: resourceName @@ -8,9 +8,9 @@ resource redis 'Microsoft.Cache/redis@2023-04-01' = { enableNonSslPort: true minimumTlsVersion: '1.2' sku: { + capacity: 2 family: 'C' name: 'Standard' - capacity: 2 } } } diff --git a/settings/remarks/microsoft.cache/samples/redisenterprise/databases/main.bicep b/settings/remarks/microsoft.cache/samples/redisenterprise/databases/main.bicep index 6345b2cf..dcefc4b2 100644 --- a/settings/remarks/microsoft.cache/samples/redisenterprise/databases/main.bicep +++ b/settings/remarks/microsoft.cache/samples/redisenterprise/databases/main.bicep @@ -18,10 +18,10 @@ resource defaultDatabase 'Microsoft.Cache/redisEnterprise/databases@2025-04-01' name: 'default' parent: redisEnterprise properties: { - port: 10000 clientProtocol: 'Encrypted' clusteringPolicy: 'OSSCluster' evictionPolicy: 'VolatileLRU' modules: [] + port: 10000 } } diff --git a/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/main.bicep index 10f5512c..a8031f48 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource profile 'Microsoft.Cdn/profiles@2021-06-01' = { name: resourceName diff --git a/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/routes/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/routes/main.bicep index 0125edac..a4c9af47 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/routes/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/afdendpoints/routes/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource profile 'Microsoft.Cdn/profiles@2021-06-01' = { name: resourceName @@ -12,26 +12,17 @@ resource profile 'Microsoft.Cdn/profiles@2021-06-01' = { } } -resource afdEndpoint 'Microsoft.Cdn/profiles/afdEndpoints@2021-06-01' = { - name: resourceName - location: 'global' - parent: profile - properties: { - enabledState: 'Enabled' - } -} - resource originGroup 'Microsoft.Cdn/profiles/originGroups@2021-06-01' = { name: resourceName parent: profile properties: { - trafficRestorationTimeToHealedOrNewEndpointsInMinutes: 10 loadBalancingSettings: { + additionalLatencyInMilliseconds: 0 sampleSize: 16 successfulSamplesRequired: 3 - additionalLatencyInMilliseconds: 0 } sessionAffinityState: 'Enabled' + trafficRestorationTimeToHealedOrNewEndpointsInMinutes: 10 } } @@ -41,12 +32,21 @@ resource origin 'Microsoft.Cdn/profiles/originGroups/origins@2021-06-01' = { properties: { enabledState: 'Enabled' enforceCertificateNameCheck: false + hostName: 'contoso.com' httpPort: 80 httpsPort: 443 - weight: 1 - hostName: 'contoso.com' originHostHeader: 'www.contoso.com' priority: 1 + weight: 1 + } +} + +resource afdEndpoint 'Microsoft.Cdn/profiles/afdEndpoints@2021-06-01' = { + name: resourceName + location: 'global' + parent: profile + properties: { + enabledState: 'Enabled' } } @@ -54,6 +54,7 @@ resource route 'Microsoft.Cdn/profiles/afdEndpoints/routes@2021-06-01' = { name: resourceName parent: afdEndpoint properties: { + enabledState: 'Enabled' forwardingProtocol: 'MatchRequest' httpsRedirect: 'Enabled' linkToDefaultDomain: 'Enabled' @@ -67,6 +68,5 @@ resource route 'Microsoft.Cdn/profiles/afdEndpoints/routes@2021-06-01' = { 'Https' 'Http' ] - enabledState: 'Enabled' } } diff --git a/settings/remarks/microsoft.cdn/samples/profiles/customdomains/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/customdomains/main.bicep index 6c295351..b30f440f 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/customdomains/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/customdomains/main.bicep @@ -1,6 +1,11 @@ param location string = 'westeurope' param resourceName string = 'acctest0001' +resource dnsZone 'Microsoft.Network/dnsZones@2018-05-01' = { + name: '${resourceName}.com' + location: 'global' +} + resource profile 'Microsoft.Cdn/profiles@2021-06-01' = { name: resourceName location: 'global' @@ -16,18 +21,13 @@ resource customDomain 'Microsoft.Cdn/profiles/customDomains@2021-06-01' = { name: resourceName parent: profile properties: { - tlsSettings: { - certificateType: 'ManagedCertificate' - minimumTlsVersion: 'TLS12' - } azureDnsZone: { id: dnsZone.id } hostName: 'fabrikam.${resourceName}.com' + tlsSettings: { + certificateType: 'ManagedCertificate' + minimumTlsVersion: 'TLS12' + } } } - -resource dnsZone 'Microsoft.Network/dnsZones@2018-05-01' = { - name: '${resourceName}.com' - location: 'global' -} diff --git a/settings/remarks/microsoft.cdn/samples/profiles/endpoints/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/endpoints/main.bicep index 11025868..b07d4ca2 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/endpoints/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/endpoints/main.bicep @@ -14,6 +14,8 @@ resource endpoint 'Microsoft.Cdn/profiles/endpoints@2020-09-01' = { location: location parent: profile properties: { + isHttpAllowed: true + isHttpsAllowed: true origins: [ { name: 'acceptanceTestCdnOrigin1' @@ -25,7 +27,5 @@ resource endpoint 'Microsoft.Cdn/profiles/endpoints@2020-09-01' = { } ] queryStringCachingBehavior: 'IgnoreQueryString' - isHttpAllowed: true - isHttpsAllowed: true } } diff --git a/settings/remarks/microsoft.cdn/samples/profiles/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/main.bicep index 7b279da8..fa8f95d0 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource profile 'Microsoft.Cdn/profiles@2021-06-01' = { name: resourceName diff --git a/settings/remarks/microsoft.cdn/samples/profiles/origingroups/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/origingroups/main.bicep index d369a864..6b741f18 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/origingroups/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/origingroups/main.bicep @@ -17,9 +17,9 @@ resource originGroup 'Microsoft.Cdn/profiles/originGroups@2021-06-01' = { parent: profile properties: { loadBalancingSettings: { + additionalLatencyInMilliseconds: 0 sampleSize: 16 successfulSamplesRequired: 3 - additionalLatencyInMilliseconds: 0 } sessionAffinityState: 'Enabled' trafficRestorationTimeToHealedOrNewEndpointsInMinutes: 10 diff --git a/settings/remarks/microsoft.cdn/samples/profiles/origingroups/origins/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/origingroups/origins/main.bicep index 2af31e8c..d210eb3f 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/origingroups/origins/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/origingroups/origins/main.bicep @@ -16,13 +16,13 @@ resource originGroup 'Microsoft.Cdn/profiles/originGroups@2021-06-01' = { name: resourceName parent: profile properties: { - trafficRestorationTimeToHealedOrNewEndpointsInMinutes: 10 loadBalancingSettings: { additionalLatencyInMilliseconds: 0 sampleSize: 16 successfulSamplesRequired: 3 } sessionAffinityState: 'Enabled' + trafficRestorationTimeToHealedOrNewEndpointsInMinutes: 10 } } @@ -30,13 +30,13 @@ resource origin 'Microsoft.Cdn/profiles/originGroups/origins@2021-06-01' = { name: resourceName parent: originGroup properties: { + enabledState: 'Enabled' + enforceCertificateNameCheck: false + hostName: 'contoso.com' + httpPort: 80 httpsPort: 443 originHostHeader: 'www.contoso.com' priority: 1 - enforceCertificateNameCheck: false - hostName: 'contoso.com' weight: 1 - enabledState: 'Enabled' - httpPort: 80 } } diff --git a/settings/remarks/microsoft.cdn/samples/profiles/rulesets/rules/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/rulesets/rules/main.bicep index 2101bca7..b1a2714e 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/rulesets/rules/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/rulesets/rules/main.bicep @@ -13,6 +13,35 @@ resource profile 'Microsoft.Cdn/profiles@2024-09-01' = { } } +resource originGroup 'Microsoft.Cdn/profiles/originGroups@2024-09-01' = { + name: '${resourceName}-origingroup' + parent: profile + properties: { + loadBalancingSettings: { + additionalLatencyInMilliseconds: 0 + sampleSize: 16 + successfulSamplesRequired: 3 + } + sessionAffinityState: 'Enabled' + trafficRestorationTimeToHealedOrNewEndpointsInMinutes: 10 + } +} + +resource origin 'Microsoft.Cdn/profiles/originGroups/origins@2024-09-01' = { + name: '${resourceName}-origin' + parent: originGroup + properties: { + enabledState: 'Enabled' + enforceCertificateNameCheck: false + hostName: 'contoso.com' + httpPort: 80 + httpsPort: 443 + originHostHeader: 'www.contoso.com' + priority: 1 + weight: 1 + } +} + resource ruleSet 'Microsoft.Cdn/profiles/ruleSets@2024-09-01' = { name: 'ruleSet${substring(resourceName, (length(resourceName) - 4), 3)}' parent: profile @@ -26,13 +55,12 @@ resource rule 'Microsoft.Cdn/profiles/ruleSets/rules@2024-09-01' = { { name: 'RouteConfigurationOverride' parameters: { - typeName: 'DeliveryRuleRouteConfigurationOverrideActionParameters' cacheConfiguration: { + cacheBehavior: 'OverrideIfOriginMissing' + cacheDuration: '23:59:59' isCompressionEnabled: 'Disabled' queryParameters: 'clientIp={client_ip}' queryStringCachingBehavior: 'IgnoreSpecifiedQueryStrings' - cacheBehavior: 'OverrideIfOriginMissing' - cacheDuration: '23:59:59' } originGroupOverride: { forwardingProtocol: 'HttpsOnly' @@ -40,6 +68,7 @@ resource rule 'Microsoft.Cdn/profiles/ruleSets/rules@2024-09-01' = { id: originGroup.id } } + typeName: 'DeliveryRuleRouteConfigurationOverrideActionParameters' } } ] @@ -48,32 +77,3 @@ resource rule 'Microsoft.Cdn/profiles/ruleSets/rules@2024-09-01' = { order: 1 } } - -resource originGroup 'Microsoft.Cdn/profiles/originGroups@2024-09-01' = { - name: '${resourceName}-origingroup' - parent: profile - properties: { - loadBalancingSettings: { - additionalLatencyInMilliseconds: 0 - sampleSize: 16 - successfulSamplesRequired: 3 - } - sessionAffinityState: 'Enabled' - trafficRestorationTimeToHealedOrNewEndpointsInMinutes: 10 - } -} - -resource origin 'Microsoft.Cdn/profiles/originGroups/origins@2024-09-01' = { - name: '${resourceName}-origin' - parent: originGroup - properties: { - enforceCertificateNameCheck: false - hostName: 'contoso.com' - httpPort: 80 - originHostHeader: 'www.contoso.com' - priority: 1 - weight: 1 - enabledState: 'Enabled' - httpsPort: 443 - } -} diff --git a/settings/remarks/microsoft.cdn/samples/profiles/securitypolicies/main.bicep b/settings/remarks/microsoft.cdn/samples/profiles/securitypolicies/main.bicep index 02904ace..f64ea8d3 100644 --- a/settings/remarks/microsoft.cdn/samples/profiles/securitypolicies/main.bicep +++ b/settings/remarks/microsoft.cdn/samples/profiles/securitypolicies/main.bicep @@ -1,5 +1,41 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' + +resource profile 'Microsoft.Cdn/profiles@2021-06-01' = { + name: resourceName + location: 'global' + sku: { + name: 'Premium_AzureFrontDoor' + } + properties: { + originResponseTimeoutSeconds: 120 + } +} + +resource securityPolicy 'Microsoft.Cdn/profiles/securityPolicies@2021-06-01' = { + name: resourceName + parent: profile + properties: { + parameters: { + associations: [ + { + domains: [ + { + id: customDomain.id + } + ] + patternsToMatch: [ + '/*' + ] + } + ] + type: 'WebApplicationFirewall' + wafPolicy: { + id: frontDoorWebApplicationFirewallPolicy.id + } + } + } +} resource frontDoorWebApplicationFirewallPolicy 'Microsoft.Network/FrontDoorWebApplicationFirewallPolicies@2020-11-01' = { name: resourceName @@ -24,10 +60,10 @@ resource frontDoorWebApplicationFirewallPolicy 'Microsoft.Network/FrontDoorWebAp operator: 'IPMatch' } ] - priority: 1 - rateLimitThreshold: 10 name: 'Rule1' + priority: 1 rateLimitDurationInMinutes: 1 + rateLimitThreshold: 10 ruleType: 'MatchRule' } ] @@ -73,17 +109,6 @@ resource dnsZone 'Microsoft.Network/dnsZones@2018-05-01' = { location: 'global' } -resource profile 'Microsoft.Cdn/profiles@2021-06-01' = { - name: resourceName - location: 'global' - sku: { - name: 'Premium_AzureFrontDoor' - } - properties: { - originResponseTimeoutSeconds: 120 - } -} - resource customDomain 'Microsoft.Cdn/profiles/customDomains@2021-06-01' = { name: resourceName parent: profile @@ -98,28 +123,3 @@ resource customDomain 'Microsoft.Cdn/profiles/customDomains@2021-06-01' = { } } } - -resource securityPolicy 'Microsoft.Cdn/profiles/securityPolicies@2021-06-01' = { - name: resourceName - parent: profile - properties: { - parameters: { - associations: [ - { - domains: [ - { - id: customDomain.id - } - ] - patternsToMatch: [ - '/*' - ] - } - ] - type: 'WebApplicationFirewall' - wafPolicy: { - id: frontDoorWebApplicationFirewallPolicy.id - } - } - } -} diff --git a/settings/remarks/microsoft.certificateregistration/samples/certificateorders/main.bicep b/settings/remarks/microsoft.certificateregistration/samples/certificateorders/main.bicep index 26827e98..f5f0906d 100644 --- a/settings/remarks/microsoft.certificateregistration/samples/certificateorders/main.bicep +++ b/settings/remarks/microsoft.certificateregistration/samples/certificateorders/main.bicep @@ -5,10 +5,10 @@ resource certificateOrder 'Microsoft.CertificateRegistration/certificateOrders@2 name: resourceName location: 'global' properties: { - validityInYears: 1 autoRenew: true distinguishedName: 'CN=example.com' keySize: 2048 productType: 'StandardDomainValidatedSsl' + validityInYears: 1 } } diff --git a/settings/remarks/microsoft.cognitiveservices/samples/accounts/deployments/main.bicep b/settings/remarks/microsoft.cognitiveservices/samples/accounts/deployments/main.bicep index 4eb963bf..b4569df4 100644 --- a/settings/remarks/microsoft.cognitiveservices/samples/accounts/deployments/main.bicep +++ b/settings/remarks/microsoft.cognitiveservices/samples/accounts/deployments/main.bicep @@ -9,14 +9,13 @@ resource account 'Microsoft.CognitiveServices/accounts@2022-10-01' = { } kind: 'OpenAI' properties: { + disableLocalAuth: false dynamicThrottlingEnabled: false publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: false - disableLocalAuth: false } identity: { type: 'None' - userAssignedIdentities: null } } @@ -25,8 +24,8 @@ resource deployment 'Microsoft.CognitiveServices/accounts/deployments@2023-05-01 parent: account properties: { model: { - name: 'text-embedding-ada-002' format: 'OpenAI' + name: 'text-embedding-ada-002' } } } diff --git a/settings/remarks/microsoft.cognitiveservices/samples/accounts/main.bicep b/settings/remarks/microsoft.cognitiveservices/samples/accounts/main.bicep index bad0624d..c11e1855 100644 --- a/settings/remarks/microsoft.cognitiveservices/samples/accounts/main.bicep +++ b/settings/remarks/microsoft.cognitiveservices/samples/accounts/main.bicep @@ -5,18 +5,18 @@ resource account 'Microsoft.CognitiveServices/accounts@2022-10-01' = { name: resourceName location: location sku: { - tier: 'Standard' name: 'S0' + tier: 'Standard' } kind: 'SpeechServices' properties: { - dynamicThrottlingEnabled: false - publicNetworkAccess: 'Enabled' - restrictOutboundNetworkAccess: false allowedFqdnList: [] apiProperties: {} customSubDomainName: 'acctest-cogacc-230630032807723157' disableLocalAuth: false + dynamicThrottlingEnabled: false + publicNetworkAccess: 'Enabled' + restrictOutboundNetworkAccess: false } } diff --git a/settings/remarks/microsoft.cognitiveservices/samples/accounts/projects/main.bicep b/settings/remarks/microsoft.cognitiveservices/samples/accounts/projects/main.bicep index 0669007f..afc50104 100644 --- a/settings/remarks/microsoft.cognitiveservices/samples/accounts/projects/main.bicep +++ b/settings/remarks/microsoft.cognitiveservices/samples/accounts/projects/main.bicep @@ -9,12 +9,12 @@ resource account 'Microsoft.CognitiveServices/accounts@2025-06-01' = { } kind: 'AIServices' properties: { - restrictOutboundNetworkAccess: false allowProjectManagement: true customSubDomainName: 'cog-${resourceName}' disableLocalAuth: false dynamicThrottlingEnabled: false publicNetworkAccess: 'Enabled' + restrictOutboundNetworkAccess: false } } @@ -23,7 +23,7 @@ resource project 'Microsoft.CognitiveServices/accounts/projects@2025-06-01' = { location: location parent: account properties: { - displayName: 'project-${resourceName}' description: 'test project' + displayName: 'project-${resourceName}' } } diff --git a/settings/remarks/microsoft.cognitiveservices/samples/accounts/raiblocklists/main.bicep b/settings/remarks/microsoft.cognitiveservices/samples/accounts/raiblocklists/main.bicep index 965a3010..e16e066a 100644 --- a/settings/remarks/microsoft.cognitiveservices/samples/accounts/raiblocklists/main.bicep +++ b/settings/remarks/microsoft.cognitiveservices/samples/accounts/raiblocklists/main.bicep @@ -9,13 +9,13 @@ resource account 'Microsoft.CognitiveServices/accounts@2024-10-01' = { } kind: 'OpenAI' properties: { + allowedFqdnList: [] + apiProperties: {} customSubDomainName: '' disableLocalAuth: false dynamicThrottlingEnabled: false publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: false - allowedFqdnList: [] - apiProperties: {} } } diff --git a/settings/remarks/microsoft.cognitiveservices/samples/accounts/raipolicies/main.bicep b/settings/remarks/microsoft.cognitiveservices/samples/accounts/raipolicies/main.bicep index b1210231..1a37755e 100644 --- a/settings/remarks/microsoft.cognitiveservices/samples/accounts/raipolicies/main.bicep +++ b/settings/remarks/microsoft.cognitiveservices/samples/accounts/raipolicies/main.bicep @@ -23,11 +23,11 @@ resource raiPolicy 'Microsoft.CognitiveServices/accounts/raiPolicies@2024-10-01' basePolicyName: 'Microsoft.Default' contentFilters: [ { + blocking: true enabled: true name: 'Hate' severityThreshold: 'High' source: 'Prompt' - blocking: true } ] } diff --git a/settings/remarks/microsoft.communication/samples/communicationservices/main.bicep b/settings/remarks/microsoft.communication/samples/communicationservices/main.bicep index b9027222..aecb9e5d 100644 --- a/settings/remarks/microsoft.communication/samples/communicationservices/main.bicep +++ b/settings/remarks/microsoft.communication/samples/communicationservices/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource communicationService 'Microsoft.Communication/communicationServices@2023-03-31' = { name: resourceName diff --git a/settings/remarks/microsoft.communication/samples/emailservices/domains/main.bicep b/settings/remarks/microsoft.communication/samples/emailservices/domains/main.bicep index d39ebcd7..6a559db2 100644 --- a/settings/remarks/microsoft.communication/samples/emailservices/domains/main.bicep +++ b/settings/remarks/microsoft.communication/samples/emailservices/domains/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource emailService 'Microsoft.Communication/emailServices@2023-04-01-preview' = { name: resourceName diff --git a/settings/remarks/microsoft.compute/samples/capacityreservationgroups/capacityreservations/main.bicep b/settings/remarks/microsoft.compute/samples/capacityreservationgroups/capacityreservations/main.bicep index 466c9af0..e5c1a67a 100644 --- a/settings/remarks/microsoft.compute/samples/capacityreservationgroups/capacityreservations/main.bicep +++ b/settings/remarks/microsoft.compute/samples/capacityreservationgroups/capacityreservations/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westus' +param resourceName string = 'acctest0001' resource capacityReservationGroup 'Microsoft.Compute/capacityReservationGroups@2022-03-01' = { name: '${resourceName}-ccrg' diff --git a/settings/remarks/microsoft.compute/samples/capacityreservationgroups/main.bicep b/settings/remarks/microsoft.compute/samples/capacityreservationgroups/main.bicep index 1a49be09..3bde9e74 100644 --- a/settings/remarks/microsoft.compute/samples/capacityreservationgroups/main.bicep +++ b/settings/remarks/microsoft.compute/samples/capacityreservationgroups/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource capacityReservationGroup 'Microsoft.Compute/capacityReservationGroups@2022-03-01' = { name: resourceName diff --git a/settings/remarks/microsoft.compute/samples/diskaccesses/main.bicep b/settings/remarks/microsoft.compute/samples/diskaccesses/main.bicep index 07c011ad..d194267d 100644 --- a/settings/remarks/microsoft.compute/samples/diskaccesses/main.bicep +++ b/settings/remarks/microsoft.compute/samples/diskaccesses/main.bicep @@ -1,11 +1,11 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource diskAccess 'Microsoft.Compute/diskAccesses@2022-03-02' = { name: resourceName location: location tags: { - environment: 'acctest' 'cost-center': 'ops' + environment: 'acctest' } } diff --git a/settings/remarks/microsoft.compute/samples/diskencryptionsets/main.bicep b/settings/remarks/microsoft.compute/samples/diskencryptionsets/main.bicep index 4e474a99..a488e001 100644 --- a/settings/remarks/microsoft.compute/samples/diskencryptionsets/main.bicep +++ b/settings/remarks/microsoft.compute/samples/diskencryptionsets/main.bicep @@ -37,7 +37,9 @@ resource diskEncryptionSet 'Microsoft.Compute/diskEncryptionSets@2022-03-02' = { location: location properties: { activeKey: { - sourceVault: {} + sourceVault: { + id: vault.id + } } encryptionType: 'EncryptionAtRestWithCustomerKey' rotationToLatestKeyVersionEnabled: false diff --git a/settings/remarks/microsoft.compute/samples/disks/main.bicep b/settings/remarks/microsoft.compute/samples/disks/main.bicep index 214f2c92..1c5cb60e 100644 --- a/settings/remarks/microsoft.compute/samples/disks/main.bicep +++ b/settings/remarks/microsoft.compute/samples/disks/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource disk 'Microsoft.Compute/disks@2022-03-02' = { name: resourceName @@ -8,15 +8,15 @@ resource disk 'Microsoft.Compute/disks@2022-03-02' = { name: 'Standard_LRS' } properties: { + creationData: { + createOption: 'Empty' + } + diskSizeGB: 10 encryption: { type: 'EncryptionAtRestWithPlatformKey' } networkAccessPolicy: 'AllowAll' osType: '' publicNetworkAccess: 'Enabled' - creationData: { - createOption: 'Empty' - } - diskSizeGB: 10 } } diff --git a/settings/remarks/microsoft.compute/samples/galleries/applications/main.bicep b/settings/remarks/microsoft.compute/samples/galleries/applications/main.bicep index d2e4de89..74dfe61b 100644 --- a/settings/remarks/microsoft.compute/samples/galleries/applications/main.bicep +++ b/settings/remarks/microsoft.compute/samples/galleries/applications/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource gallery 'Microsoft.Compute/galleries@2022-03-03' = { name: resourceName diff --git a/settings/remarks/microsoft.compute/samples/galleries/applications/versions/main.bicep b/settings/remarks/microsoft.compute/samples/galleries/applications/versions/main.bicep index eac3ae8f..687b64e4 100644 --- a/settings/remarks/microsoft.compute/samples/galleries/applications/versions/main.bicep +++ b/settings/remarks/microsoft.compute/samples/galleries/applications/versions/main.bicep @@ -1,6 +1,14 @@ param resourceName string = 'acctest0001' param location string = 'westus' +resource gallery 'Microsoft.Compute/galleries@2022-03-03' = { + name: '${resourceName}sig' + location: location + properties: { + description: '' + } +} + resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { name: '${resourceName}acc' location: location @@ -9,20 +17,10 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } kind: 'StorageV2' properties: { - minimumTlsVersion: 'TLS1_2' - networkAcls: { - bypass: 'AzureServices' - defaultAction: 'Allow' - ipRules: [] - resourceAccessRules: [] - virtualNetworkRules: [] - } - allowSharedKeyAccess: true - isSftpEnabled: false - allowCrossTenantReplication: false - isHnsEnabled: false accessTier: 'Hot' allowBlobPublicAccess: true + allowCrossTenantReplication: false + allowSharedKeyAccess: true defaultToOAuthAuthentication: false dnsEndpointType: 'Standard' encryption: { @@ -36,13 +34,32 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } } } + isHnsEnabled: false isLocalUserEnabled: true isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' + networkAcls: { + bypass: 'AzureServices' + defaultAction: 'Allow' + ipRules: [] + resourceAccessRules: [] + virtualNetworkRules: [] + } publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true } } +resource application 'Microsoft.Compute/galleries/applications@2022-03-03' = { + name: '${resourceName}-app' + location: location + parent: gallery + properties: { + supportedOSType: 'Linux' + } +} + resource storageaccountBlobservices 'Microsoft.Storage/storageAccounts/blobServices@2023-05-01' = { name: 'default' parent: storageAccount @@ -56,23 +73,6 @@ resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@20 } } -resource gallery 'Microsoft.Compute/galleries@2022-03-03' = { - name: '${resourceName}sig' - location: location - properties: { - description: '' - } -} - -resource application 'Microsoft.Compute/galleries/applications@2022-03-03' = { - name: '${resourceName}-app' - location: location - parent: gallery - properties: { - supportedOSType: 'Linux' - } -} - resource version 'Microsoft.Compute/galleries/applications/versions@2022-03-03' = { name: '0.0.1' location: location diff --git a/settings/remarks/microsoft.compute/samples/galleries/images/main.bicep b/settings/remarks/microsoft.compute/samples/galleries/images/main.bicep index 6ed2e71d..fb19224a 100644 --- a/settings/remarks/microsoft.compute/samples/galleries/images/main.bicep +++ b/settings/remarks/microsoft.compute/samples/galleries/images/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource gallery 'Microsoft.Compute/galleries@2022-03-03' = { name: resourceName @@ -15,18 +15,16 @@ resource image 'Microsoft.Compute/galleries/images@2022-03-03' = { parent: gallery properties: { architecture: 'x64' + description: '' disallowed: { diskTypes: [] } - features: null hyperVGeneration: 'V1' identifier: { offer: 'AccTesOffer230630032848825313' publisher: 'AccTesPublisher230630032848825313' sku: 'AccTesSku230630032848825313' } - releaseNoteUri: '' - description: '' osState: 'Generalized' osType: 'Linux' privacyStatementUri: '' @@ -34,5 +32,6 @@ resource image 'Microsoft.Compute/galleries/images@2022-03-03' = { memory: {} vCPUs: {} } + releaseNoteUri: '' } } diff --git a/settings/remarks/microsoft.compute/samples/hostgroups/hosts/main.bicep b/settings/remarks/microsoft.compute/samples/hostgroups/hosts/main.bicep index 95e327a4..89fb8eaf 100644 --- a/settings/remarks/microsoft.compute/samples/hostgroups/hosts/main.bicep +++ b/settings/remarks/microsoft.compute/samples/hostgroups/hosts/main.bicep @@ -17,8 +17,8 @@ resource host 'Microsoft.Compute/hostGroups/hosts@2021-11-01' = { name: 'DSv3-Type1' } properties: { + autoReplaceOnFailure: true licenseType: 'None' platformFaultDomain: 1 - autoReplaceOnFailure: true } } diff --git a/settings/remarks/microsoft.compute/samples/restorepointcollections/main.bicep b/settings/remarks/microsoft.compute/samples/restorepointcollections/main.bicep index c1d29a3b..45ccd4b3 100644 --- a/settings/remarks/microsoft.compute/samples/restorepointcollections/main.bicep +++ b/settings/remarks/microsoft.compute/samples/restorepointcollections/main.bicep @@ -1,62 +1,13 @@ -param resourceName string = 'acctest0001' param location string = 'eastus' - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { - name: resourceName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - privateEndpointVNetPolicies: 'Disabled' - subnets: [] - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { - name: resourceName - parent: virtualNetwork - properties: { - privateEndpointNetworkPolicies: 'Disabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] - addressPrefix: '10.0.0.0/24' - defaultOutboundAccess: true - delegations: [] - } -} - -resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { - name: resourceName - location: location - properties: { - ipConfigurations: [ - { - name: 'internal' - properties: { - primary: false - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - subnet: {} - } - } - ] - enableAcceleratedNetworking: false - enableIPForwarding: false - } -} +param resourceName string = 'acctest0001' resource restorePointCollection 'Microsoft.Compute/restorePointCollections@2024-03-01' = { name: resourceName location: location properties: { - source: {} + source: { + id: virtualMachine.id + } } } @@ -64,6 +15,17 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { name: resourceName location: location properties: { + additionalCapabilities: {} + applicationProfile: { + galleryApplications: [] + } + diagnosticsProfile: { + bootDiagnostics: { + enabled: false + storageUri: '' + } + } + extensionsTimeBudget: 'PT1H30M' hardwareProfile: { vmSize: 'Standard_F2' } @@ -77,28 +39,6 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { } ] } - priority: 'Regular' - storageProfile: { - osDisk: { - writeAcceleratorEnabled: false - caching: 'ReadWrite' - createOption: 'FromImage' - managedDisk: { - storageAccountType: 'Standard_LRS' - } - osType: 'Linux' - } - dataDisks: [] - imageReference: { - version: 'latest' - offer: '0001-com-ubuntu-server-jammy' - publisher: 'Canonical' - sku: '22_04-lts' - } - } - applicationProfile: { - galleryApplications: [] - } osProfile: { adminUsername: 'adminuser' allowExtensionOperations: true @@ -121,13 +61,77 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { } secrets: [] } - additionalCapabilities: {} - diagnosticsProfile: { - bootDiagnostics: { - enabled: false - storageUri: '' + priority: 'Regular' + storageProfile: { + dataDisks: [] + imageReference: { + offer: '0001-com-ubuntu-server-jammy' + publisher: 'Canonical' + sku: '22_04-lts' + version: 'latest' + } + osDisk: { + caching: 'ReadWrite' + createOption: 'FromImage' + managedDisk: { + storageAccountType: 'Standard_LRS' + } + osType: 'Linux' + writeAcceleratorEnabled: false } } - extensionsTimeBudget: 'PT1H30M' + } +} + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + privateEndpointVNetPolicies: 'Disabled' + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { + name: resourceName + parent: virtualNetwork + properties: { + addressPrefix: '10.0.0.0/24' + defaultOutboundAccess: true + delegations: [] + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] + } +} + +resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { + name: resourceName + location: location + properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + name: 'internal' + properties: { + primary: false + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + subnet: { + id: subnet.id + } + } + } + ] } } diff --git a/settings/remarks/microsoft.compute/samples/restorepointcollections/restorepoints/main.bicep b/settings/remarks/microsoft.compute/samples/restorepointcollections/restorepoints/main.bicep index 09c1c4a6..561c06ca 100644 --- a/settings/remarks/microsoft.compute/samples/restorepointcollections/restorepoints/main.bicep +++ b/settings/remarks/microsoft.compute/samples/restorepointcollections/restorepoints/main.bicep @@ -5,7 +5,9 @@ resource restorePointCollection 'Microsoft.Compute/restorePointCollections@2024- name: '${resourceName}-rpc' location: location properties: { - source: {} + source: { + id: virtualMachine.id + } } } @@ -13,6 +15,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { name: '${resourceName}-vm' location: location properties: { + additionalCapabilities: {} applicationProfile: { galleryApplications: [] } @@ -22,6 +25,10 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { storageUri: '' } } + extensionsTimeBudget: 'PT1H30M' + hardwareProfile: { + vmSize: 'Standard_F2' + } networkProfile: { networkInterfaces: [ { @@ -32,12 +39,10 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { } ] } - additionalCapabilities: {} - extensionsTimeBudget: 'PT1H30M' - hardwareProfile: { - vmSize: 'Standard_F2' - } osProfile: { + adminUsername: 'adminuser' + allowExtensionOperations: true + computerName: '${resourceName}-vm' linuxConfiguration: { disablePasswordAuthentication: true patchSettings: { @@ -55,9 +60,6 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { } } secrets: [] - adminUsername: 'adminuser' - allowExtensionOperations: true - computerName: '${resourceName}-vm' } priority: 'Regular' storageProfile: { @@ -108,13 +110,13 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { name: '${resourceName}-subnet' parent: virtualNetwork properties: { + addressPrefix: '10.0.0.0/24' + defaultOutboundAccess: true + delegations: [] privateEndpointNetworkPolicies: 'Disabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] serviceEndpoints: [] - addressPrefix: '10.0.0.0/24' - defaultOutboundAccess: true - delegations: [] } } @@ -126,13 +128,15 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { enableIPForwarding: false ipConfigurations: [ { + name: 'internal' properties: { - privateIPAllocationMethod: 'Dynamic' - subnet: {} primary: false privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + subnet: { + id: subnet.id + } } - name: 'internal' } ] } diff --git a/settings/remarks/microsoft.compute/samples/snapshots/main.bicep b/settings/remarks/microsoft.compute/samples/snapshots/main.bicep index 17fa20d3..28fbbf6c 100644 --- a/settings/remarks/microsoft.compute/samples/snapshots/main.bicep +++ b/settings/remarks/microsoft.compute/samples/snapshots/main.bicep @@ -1,21 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westus' -resource snapshot 'Microsoft.Compute/snapshots@2022-03-02' = { - name: '${resourceName}snapshot' - location: location - properties: { - creationData: { - sourceUri: disk.id - createOption: 'Copy' - } - diskSizeGB: 20 - incremental: false - networkAccessPolicy: 'AllowAll' - publicNetworkAccess: 'Enabled' - } -} - resource disk 'Microsoft.Compute/disks@2023-04-02' = { name: '${resourceName}disk' location: location @@ -23,6 +8,10 @@ resource disk 'Microsoft.Compute/disks@2023-04-02' = { name: 'Standard_LRS' } properties: { + creationData: { + createOption: 'Empty' + performancePlus: false + } diskSizeGB: 10 encryption: { type: 'EncryptionAtRestWithPlatformKey' @@ -30,9 +19,20 @@ resource disk 'Microsoft.Compute/disks@2023-04-02' = { networkAccessPolicy: 'AllowAll' optimizedForFrequentAttach: false publicNetworkAccess: 'Enabled' + } +} + +resource snapshot 'Microsoft.Compute/snapshots@2022-03-02' = { + name: '${resourceName}snapshot' + location: location + properties: { creationData: { - performancePlus: false - createOption: 'Empty' + createOption: 'Copy' + sourceUri: disk.id } + diskSizeGB: 20 + incremental: false + networkAccessPolicy: 'AllowAll' + publicNetworkAccess: 'Enabled' } } diff --git a/settings/remarks/microsoft.compute/samples/virtualmachines/attachdatadisk/main.bicep b/settings/remarks/microsoft.compute/samples/virtualmachines/attachdatadisk/main.bicep index 42220e37..3efb51f6 100644 --- a/settings/remarks/microsoft.compute/samples/virtualmachines/attachdatadisk/main.bicep +++ b/settings/remarks/microsoft.compute/samples/virtualmachines/attachdatadisk/main.bicep @@ -1,34 +1,14 @@ +param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator username for the virtual machine') param adminUsername string @secure() @description('The administrator password for the virtual machine') param adminPassword string -param resourceName string = 'acctest0001' +var dataDiskName = 'mydatadisk1' var attachedDataDiskName = 'myattacheddatadisk1' var osDiskName = 'myosdisk1' -var dataDiskName = 'mydatadisk1' - -resource attachedDisk 'Microsoft.Compute/disks@2022-03-02' = { - name: attachedDataDiskName - location: location - sku: { - name: 'Standard_LRS' - } - properties: { - osType: 'Linux' - publicNetworkAccess: 'Enabled' - creationData: { - createOption: 'Empty' - } - diskSizeGB: 1 - encryption: { - type: 'EncryptionAtRestWithPlatformKey' - } - networkAccessPolicy: 'AllowAll' - } -} resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { name: resourceName @@ -43,7 +23,9 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { primary: true privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - subnet: {} + subnet: { + id: subnet.id + } } } ] @@ -77,10 +59,10 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { } storageProfile: { imageReference: { - version: 'latest' offer: 'UbuntuServer' publisher: 'Canonical' sku: '16.04-LTS' + version: 'latest' } osDisk: { caching: 'ReadWrite' @@ -90,6 +72,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { } dataDisks: [ { + caching: 'ReadWrite' createOption: 'Empty' name: dataDiskName diskSizeGB: 1 @@ -97,7 +80,6 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { managedDisk: { storageAccountType: 'Standard_LRS' } - caching: 'ReadWrite' } { caching: 'ReadWrite' @@ -141,3 +123,23 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { serviceEndpoints: [] } } + +resource attachedDisk 'Microsoft.Compute/disks@2022-03-02' = { + name: attachedDataDiskName + location: location + sku: { + name: 'Standard_LRS' + } + properties: { + creationData: { + createOption: 'Empty' + } + diskSizeGB: 1 + encryption: { + type: 'EncryptionAtRestWithPlatformKey' + } + networkAccessPolicy: 'AllowAll' + osType: 'Linux' + publicNetworkAccess: 'Enabled' + } +} diff --git a/settings/remarks/microsoft.compute/samples/virtualmachines/attachosdisk/main.bicep b/settings/remarks/microsoft.compute/samples/virtualmachines/attachosdisk/main.bicep index 0eef5057..b42a5052 100644 --- a/settings/remarks/microsoft.compute/samples/virtualmachines/attachosdisk/main.bicep +++ b/settings/remarks/microsoft.compute/samples/virtualmachines/attachosdisk/main.bicep @@ -1,4 +1,3 @@ -param attachedResourceName string = 'acctest0002' param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator username for the virtual machine') @@ -6,6 +5,7 @@ param adminUsername string @secure() @description('The administrator password for the virtual machine') param adminPassword string +param attachedResourceName string = 'acctest0002' var osDiskName = 'myosdisk1' var attachedOsDiskName = 'myosdisk2' @@ -14,35 +14,6 @@ resource managedDisk 'Microsoft.Compute/disks@2023-10-02' existing = { name: osDiskName } -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: resourceName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - subnets: [] - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - name: resourceName - parent: virtualNetwork - properties: { - addressPrefix: '10.0.2.0/24' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] - } -} - resource attachedVirtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { name: attachedResourceName location: location @@ -62,6 +33,7 @@ resource attachedVirtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = } storageProfile: { osDisk: { + caching: 'ReadWrite' createOption: 'Attach' name: attachedOsDiskName osType: 'Linux' @@ -69,92 +41,103 @@ resource attachedVirtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = managedDisk: { id: attachedManagedDisk.id } - caching: 'ReadWrite' } } } } -resource attachedManagedDisk 'Microsoft.Compute/disks@2023-10-02' = { - name: attachedOsDiskName +resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { + name: resourceName + location: location + properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + name: 'testconfiguration1' + properties: { + primary: true + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + subnet: { + id: subnet.id + } + } + } + ] + } +} + +resource snapshot 'Microsoft.Compute/snapshots@2023-10-02' = { + name: resourceName location: location sku: { - name: 'Standard_LRS' + name: 'Standard_ZRS' } properties: { creationData: { createOption: 'Copy' + sourceResourceId: managedDisk.id } diskSizeGB: 30 encryption: { type: 'EncryptionAtRestWithPlatformKey' } networkAccessPolicy: 'AllowAll' - publicNetworkAccess: 'Enabled' osType: 'Linux' hyperVGeneration: 'V1' + incremental: true + publicNetworkAccess: 'Enabled' supportedCapabilities: { architecture: 'x64' } } } -resource attachedNetworkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { - name: attachedResourceName +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName location: location properties: { - enableAcceleratedNetworking: false - enableIPForwarding: false - ipConfigurations: [ - { - name: 'testconfiguration2' - properties: { - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - subnet: {} - primary: true - } - } - ] + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] } } -resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: resourceName - location: location + parent: virtualNetwork properties: { - enableIPForwarding: false - ipConfigurations: [ - { - name: 'testconfiguration1' - properties: { - primary: true - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - subnet: {} - } - } - ] - enableAcceleratedNetworking: false + addressPrefix: '10.0.2.0/24' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } -resource snapshot 'Microsoft.Compute/snapshots@2023-10-02' = { - name: resourceName +resource attachedManagedDisk 'Microsoft.Compute/disks@2023-10-02' = { + name: attachedOsDiskName location: location sku: { - name: 'Standard_ZRS' + name: 'Standard_LRS' } properties: { creationData: { createOption: 'Copy' - sourceResourceId: managedDisk.id + sourceResourceId: snapshot.id } diskSizeGB: 30 encryption: { type: 'EncryptionAtRestWithPlatformKey' } - incremental: true networkAccessPolicy: 'AllowAll' osType: 'Linux' hyperVGeneration: 'V1' @@ -165,6 +148,28 @@ resource snapshot 'Microsoft.Compute/snapshots@2023-10-02' = { } } +resource attachedNetworkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { + name: attachedResourceName + location: location + properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + name: 'testconfiguration2' + properties: { + primary: true + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + subnet: { + id: subnet.id + } + } + } + ] + } +} + resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { name: resourceName location: location @@ -191,17 +196,17 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { } } storageProfile: { - osDisk: { - createOption: 'FromImage' - name: osDiskName - writeAcceleratorEnabled: false - caching: 'ReadWrite' - } imageReference: { + offer: 'UbuntuServer' publisher: 'Canonical' sku: '16.04-LTS' version: 'latest' - offer: 'UbuntuServer' + } + osDisk: { + caching: 'ReadWrite' + createOption: 'FromImage' + name: osDiskName + writeAcceleratorEnabled: false } } } diff --git a/settings/remarks/microsoft.compute/samples/virtualmachines/basic/main.bicep b/settings/remarks/microsoft.compute/samples/virtualmachines/basic/main.bicep index fe7c62d6..f25435ac 100644 --- a/settings/remarks/microsoft.compute/samples/virtualmachines/basic/main.bicep +++ b/settings/remarks/microsoft.compute/samples/virtualmachines/basic/main.bicep @@ -1,10 +1,32 @@ +param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator username for the virtual machine') param adminUsername string @secure() @description('The administrator password for the virtual machine') param adminPassword string -param resourceName string = 'acctest0001' + +resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { + name: resourceName + location: location + properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + name: 'testconfiguration1' + properties: { + primary: true + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + subnet: { + id: subnet.id + } + } + } + ] + } +} resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { name: resourceName @@ -33,16 +55,16 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { } storageProfile: { imageReference: { - version: 'latest' offer: 'UbuntuServer' publisher: 'Canonical' sku: '16.04-LTS' + version: 'latest' } osDisk: { - name: 'myosdisk1' - writeAcceleratorEnabled: false caching: 'ReadWrite' createOption: 'FromImage' + name: 'myosdisk1' + writeAcceleratorEnabled: false } } } @@ -68,31 +90,11 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: resourceName parent: virtualNetwork properties: { + addressPrefix: '10.0.2.0/24' + delegations: [] privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] serviceEndpoints: [] - addressPrefix: '10.0.2.0/24' - delegations: [] - } -} - -resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { - name: resourceName - location: location - properties: { - enableAcceleratedNetworking: false - enableIPForwarding: false - ipConfigurations: [ - { - name: 'testconfiguration1' - properties: { - primary: true - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - subnet: {} - } - } - ] } } diff --git a/settings/remarks/microsoft.compute/samples/virtualmachines/extensions/main.bicep b/settings/remarks/microsoft.compute/samples/virtualmachines/extensions/main.bicep index c38ddd4d..01e257c1 100644 --- a/settings/remarks/microsoft.compute/samples/virtualmachines/extensions/main.bicep +++ b/settings/remarks/microsoft.compute/samples/virtualmachines/extensions/main.bicep @@ -17,7 +17,9 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { primary: true privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - subnet: {} + subnet: { + id: subnet.id + } } } ] @@ -51,10 +53,10 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { } storageProfile: { imageReference: { - sku: '16.04-LTS' - version: 'latest' offer: 'UbuntuServer' publisher: 'Canonical' + sku: '16.04-LTS' + version: 'latest' } osDisk: { caching: 'ReadWrite' @@ -87,6 +89,7 @@ resource extension 'Microsoft.Compute/virtualMachines/extensions@2023-03-01' = { location: location parent: virtualMachine properties: { + autoUpgradeMinorVersion: false enableAutomaticUpgrade: false publisher: 'Microsoft.Azure.Extensions' settings: { @@ -95,7 +98,6 @@ resource extension 'Microsoft.Compute/virtualMachines/extensions@2023-03-01' = { suppressFailures: false type: 'CustomScript' typeHandlerVersion: '2.0' - autoUpgradeMinorVersion: false } tags: { environment: 'Production' @@ -106,11 +108,11 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: resourceName parent: virtualNetwork properties: { - serviceEndpoints: [] addressPrefix: '10.0.2.0/24' delegations: [] privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] + serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.compute/samples/virtualmachines/runcommands/main.bicep b/settings/remarks/microsoft.compute/samples/virtualmachines/runcommands/main.bicep index 8915b2f9..5182127d 100644 --- a/settings/remarks/microsoft.compute/samples/virtualmachines/runcommands/main.bicep +++ b/settings/remarks/microsoft.compute/samples/virtualmachines/runcommands/main.bicep @@ -13,32 +13,20 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { name: '${resourceName}-vm' location: location properties: { - hardwareProfile: { - vmSize: 'Standard_B2s' - } - priority: 'Regular' - storageProfile: { - dataDisks: [] - imageReference: { - offer: '0001-com-ubuntu-server-jammy' - publisher: 'Canonical' - sku: '22_04-lts' - version: 'latest' - } - osDisk: { - osType: 'Linux' - writeAcceleratorEnabled: false - caching: 'ReadWrite' - createOption: 'FromImage' - managedDisk: { - storageAccountType: 'Premium_LRS' - } - } - } + additionalCapabilities: {} applicationProfile: { galleryApplications: [] } + diagnosticsProfile: { + bootDiagnostics: { + enabled: false + storageUri: '' + } + } extensionsTimeBudget: 'PT1H30M' + hardwareProfile: { + vmSize: 'Standard_B2s' + } networkProfile: { networkInterfaces: [ { @@ -50,7 +38,6 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { ] } osProfile: { - secrets: [] adminPassword: adminPassword adminUsername: 'adminuser' allowExtensionOperations: true @@ -66,12 +53,25 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { publicKeys: [] } } + secrets: [] } - additionalCapabilities: {} - diagnosticsProfile: { - bootDiagnostics: { - enabled: false - storageUri: '' + priority: 'Regular' + storageProfile: { + dataDisks: [] + imageReference: { + offer: '0001-com-ubuntu-server-jammy' + publisher: 'Canonical' + sku: '22_04-lts' + version: 'latest' + } + osDisk: { + caching: 'ReadWrite' + createOption: 'FromImage' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + osType: 'Linux' + writeAcceleratorEnabled: false } } } @@ -99,18 +99,18 @@ resource runCommand 'Microsoft.Compute/virtualMachines/runCommands@2023-03-01' = location: location parent: virtualMachine properties: { + asyncExecution: false + errorBlobUri: '' + outputBlobUri: '' parameters: [] protectedParameters: [] + runAsPassword: '' runAsUser: '' source: { script: 'echo \'hello world\'' } timeoutInSeconds: 1200 treatFailureAsDeploymentFailure: true - asyncExecution: false - errorBlobUri: '' - outputBlobUri: '' - runAsPassword: '' } } @@ -132,6 +132,8 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { name: '${resourceName}-nic' location: location properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false ipConfigurations: [ { name: 'internal' @@ -139,11 +141,11 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { primary: false privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - subnet: {} + subnet: { + id: subnet.id + } } } ] - enableAcceleratedNetworking: false - enableIPForwarding: false } } diff --git a/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/extensions/main.bicep b/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/extensions/main.bicep index 280d0b7b..644682bd 100644 --- a/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/extensions/main.bicep +++ b/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/extensions/main.bicep @@ -1,16 +1,45 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] + } +} + resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023-03-01' = { name: resourceName location: location sku: { - tier: 'Standard' capacity: 1 name: 'Standard_F2' + tier: 'Standard' } properties: { + additionalCapabilities: {} + doNotRunExtensionsOnOverprovisionedVMs: false + orchestrationMode: 'Uniform' + overprovision: true + scaleInPolicy: { + forceDeletion: false + rules: [ + 'Default' + ] + } singlePlacementGroup: true + upgradePolicy: { + mode: 'Manual' + } virtualMachineProfile: { diagnosticsProfile: { bootDiagnostics: { @@ -26,32 +55,33 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- { name: 'example' properties: { + dnsSettings: { + dnsServers: [] + } + enableAcceleratedNetworking: false enableIPForwarding: false ipConfigurations: [ { name: 'internal' properties: { - privateIPAddressVersion: 'IPv4' - subnet: {} applicationGatewayBackendAddressPools: [] applicationSecurityGroups: [] loadBalancerBackendAddressPools: [] loadBalancerInboundNatPools: [] primary: true + privateIPAddressVersion: 'IPv4' + subnet: { + id: subnet.id + } } } ] primary: true - dnsSettings: { - dnsServers: [] - } - enableAcceleratedNetworking: false } } ] } osProfile: { - secrets: [] adminUsername: 'adminuser' computerNamePrefix: resourceName linuxConfiguration: { @@ -66,6 +96,7 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- ] } } + secrets: [] } priority: 'Regular' storageProfile: { @@ -77,45 +108,16 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- version: 'latest' } osDisk: { - writeAcceleratorEnabled: false caching: 'ReadWrite' createOption: 'FromImage' managedDisk: { storageAccountType: 'Standard_LRS' } osType: 'Linux' + writeAcceleratorEnabled: false } } } - additionalCapabilities: {} - doNotRunExtensionsOnOverprovisionedVMs: false - orchestrationMode: 'Uniform' - overprovision: true - scaleInPolicy: { - rules: [ - 'Default' - ] - forceDeletion: false - } - upgradePolicy: { - mode: 'Manual' - } - } -} - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: resourceName - location: location - properties: { - dhcpOptions: { - dnsServers: [] - } - subnets: [] - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } } } @@ -125,14 +127,14 @@ resource extension 'Microsoft.Compute/virtualMachineScaleSets/extensions@2023-03 properties: { autoUpgradeMinorVersion: true enableAutomaticUpgrade: false + provisionAfterExtensions: [] publisher: 'Microsoft.Azure.Extensions' settings: { commandToExecute: 'echo $HOSTNAME' } suppressFailures: false - typeHandlerVersion: '2.0' - provisionAfterExtensions: [] type: 'CustomScript' + typeHandlerVersion: '2.0' } } @@ -140,11 +142,11 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: 'internal' parent: virtualNetwork properties: { - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] addressPrefix: '10.0.2.0/24' delegations: [] privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/main.bicep b/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/main.bicep index a1384cba..b6938073 100644 --- a/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/main.bicep +++ b/settings/remarks/microsoft.compute/samples/virtualmachinescalesets/main.bicep @@ -10,6 +10,10 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- tier: 'Standard' } properties: { + additionalCapabilities: {} + doNotRunExtensionsOnOverprovisionedVMs: false + orchestrationMode: 'Uniform' + overprovision: true scaleInPolicy: { forceDeletion: false rules: [ @@ -17,50 +21,10 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- ] } singlePlacementGroup: true - additionalCapabilities: {} - doNotRunExtensionsOnOverprovisionedVMs: false - orchestrationMode: 'Uniform' - overprovision: true upgradePolicy: { mode: 'Manual' } virtualMachineProfile: { - osProfile: { - adminUsername: 'adminuser' - computerNamePrefix: resourceName - linuxConfiguration: { - ssh: { - publicKeys: [ - { - keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+wWK73dCr+jgQOAxNsHAnNNNMEMWOHYEccp6wJm2gotpr9katuF/ZAdou5AaW1C61slRkHRkpRRX9FA9CYBiitZgvCCz+3nWNN7l/Up54Zps/pHWGZLHNJZRYyAB6j5yVLMVHIHriY49d/GZTZVNB8GoJv9Gakwc/fuEZYYl4YDFiGMBP///TzlI4jhiJzjKnEvqPFki5p2ZRJqcbCiF4pJrxUQR/RXqVFQdbRLZgYfJ8xGB878RENq3yQ39d8dVOkq4edbkzwcUmwwwkYVPIoDGsYLaRHnG+To7FvMeyO7xDVQkMKzopTQV8AuKpyvpqu0a9pWOMaiCyDytO7GGN you@me.com' - path: '/home/adminuser/.ssh/authorized_keys' - } - ] - } - disablePasswordAuthentication: true - provisionVMAgent: true - } - secrets: [] - } - priority: 'Regular' - storageProfile: { - dataDisks: [] - imageReference: { - version: 'latest' - offer: 'UbuntuServer' - publisher: 'Canonical' - sku: '16.04-LTS' - } - osDisk: { - writeAcceleratorEnabled: false - caching: 'ReadWrite' - createOption: 'FromImage' - managedDisk: { - storageAccountType: 'Standard_LRS' - } - osType: 'Linux' - } - } diagnosticsProfile: { bootDiagnostics: { enabled: false @@ -84,13 +48,15 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- { name: 'internal' properties: { + applicationGatewayBackendAddressPools: [] + applicationSecurityGroups: [] loadBalancerBackendAddressPools: [] loadBalancerInboundNatPools: [] primary: true privateIPAddressVersion: 'IPv4' - subnet: {} - applicationGatewayBackendAddressPools: [] - applicationSecurityGroups: [] + subnet: { + id: subnet.id + } } } ] @@ -99,6 +65,42 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- } ] } + osProfile: { + adminUsername: 'adminuser' + computerNamePrefix: resourceName + linuxConfiguration: { + disablePasswordAuthentication: true + provisionVMAgent: true + ssh: { + publicKeys: [ + { + keyData: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+wWK73dCr+jgQOAxNsHAnNNNMEMWOHYEccp6wJm2gotpr9katuF/ZAdou5AaW1C61slRkHRkpRRX9FA9CYBiitZgvCCz+3nWNN7l/Up54Zps/pHWGZLHNJZRYyAB6j5yVLMVHIHriY49d/GZTZVNB8GoJv9Gakwc/fuEZYYl4YDFiGMBP///TzlI4jhiJzjKnEvqPFki5p2ZRJqcbCiF4pJrxUQR/RXqVFQdbRLZgYfJ8xGB878RENq3yQ39d8dVOkq4edbkzwcUmwwwkYVPIoDGsYLaRHnG+To7FvMeyO7xDVQkMKzopTQV8AuKpyvpqu0a9pWOMaiCyDytO7GGN you@me.com' + path: '/home/adminuser/.ssh/authorized_keys' + } + ] + } + } + secrets: [] + } + priority: 'Regular' + storageProfile: { + dataDisks: [] + imageReference: { + offer: 'UbuntuServer' + publisher: 'Canonical' + sku: '16.04-LTS' + version: 'latest' + } + osDisk: { + caching: 'ReadWrite' + createOption: 'FromImage' + managedDisk: { + storageAccountType: 'Standard_LRS' + } + osType: 'Linux' + writeAcceleratorEnabled: false + } + } } } } diff --git a/settings/remarks/microsoft.confidentialledger/samples/ledgers/main.bicep b/settings/remarks/microsoft.confidentialledger/samples/ledgers/main.bicep index f60b984d..45cb039c 100644 --- a/settings/remarks/microsoft.confidentialledger/samples/ledgers/main.bicep +++ b/settings/remarks/microsoft.confidentialledger/samples/ledgers/main.bicep @@ -8,19 +8,19 @@ resource ledger 'Microsoft.ConfidentialLedger/ledgers@2022-05-13' = { name: resourceName location: location properties: { - certBasedSecurityPrincipals: [ + aadBasedSecurityPrincipals: [ { - cert: ledgerCertificate ledgerRoleName: 'Administrator' + principalId: deployer().objectId + tenantId: tenant().tenantId } ] - ledgerType: 'Private' - aadBasedSecurityPrincipals: [ + certBasedSecurityPrincipals: [ { + cert: ledgerCertificate ledgerRoleName: 'Administrator' - principalId: deployer().objectId - tenantId: tenant().tenantId } ] + ledgerType: 'Private' } } diff --git a/settings/remarks/microsoft.consumption/samples/budgets/main.bicep b/settings/remarks/microsoft.consumption/samples/budgets/main.bicep index 78b6b1ba..a22a15cd 100644 --- a/settings/remarks/microsoft.consumption/samples/budgets/main.bicep +++ b/settings/remarks/microsoft.consumption/samples/budgets/main.bicep @@ -11,26 +11,19 @@ resource resourceGroup 'Microsoft.Resources/resourceGroups@2020-06-01' = { resource budget 'Microsoft.Consumption/budgets@2019-10-01' = { name: resourceName properties: { - timeGrain: 'Monthly' - timePeriod: { - startDate: '2025-08-01T00:00:00Z' - } amount: 1000 category: 'Cost' filter: { tags: { + name: 'foo' + operator: 'In' values: [ 'bar' ] - name: 'foo' - operator: 'In' } } notifications: { 'Actual_EqualTo_90.000000_Percent': { - operator: 'EqualTo' - threshold: 90 - thresholdType: 'Actual' contactEmails: [ 'foo@example.com' 'bar@example.com' @@ -38,7 +31,14 @@ resource budget 'Microsoft.Consumption/budgets@2019-10-01' = { contactGroups: [] contactRoles: [] enabled: true + operator: 'EqualTo' + threshold: 90 + thresholdType: 'Actual' } } + timeGrain: 'Monthly' + timePeriod: { + startDate: '2025-08-01T00:00:00Z' + } } } diff --git a/settings/remarks/microsoft.containerinstance/samples/containergroups/main.bicep b/settings/remarks/microsoft.containerinstance/samples/containergroups/main.bicep index 28ea0219..c9fa9745 100644 --- a/settings/remarks/microsoft.containerinstance/samples/containergroups/main.bicep +++ b/settings/remarks/microsoft.containerinstance/samples/containergroups/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource containerGroup 'Microsoft.ContainerInstance/containerGroups@2023-05-01' = { name: resourceName @@ -20,8 +20,8 @@ resource containerGroup 'Microsoft.ContainerInstance/containerGroups@2023-05-01' ] resources: { requests: { - memoryInGB: any('0.5') cpu: any('0.5') + memoryInGB: any('0.5') } } } diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/agentpools/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/agentpools/main.bicep index 127c321c..a2d0e2c9 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/agentpools/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/agentpools/main.bicep @@ -9,13 +9,13 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = tier: 'Premium' } properties: { - dataEndpointEnabled: false - networkRuleBypassOptions: 'AzureServices' adminUserEnabled: false anonymousPullEnabled: false + dataEndpointEnabled: false encryption: { status: 'disabled' } + networkRuleBypassOptions: 'AzureServices' policies: { exportPolicy: { status: 'enabled' diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/cacherules/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/cacherules/main.bicep index 5fe9115b..b6b4bd14 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/cacherules/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/cacherules/main.bicep @@ -8,22 +8,22 @@ resource registry 'Microsoft.ContainerRegistry/registries@2023-11-01-preview' = name: 'Basic' } properties: { - zoneRedundancy: 'Disabled' adminUserEnabled: false anonymousPullEnabled: false dataEndpointEnabled: false networkRuleBypassOptions: 'AzureServices' policies: { + exportPolicy: { + status: 'enabled' + } quarantinePolicy: { status: 'disabled' } retentionPolicy: {} trustPolicy: {} - exportPolicy: { - status: 'enabled' - } } publicNetworkAccess: 'Enabled' + zoneRedundancy: 'Disabled' } } diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/connectedregistries/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/connectedregistries/main.bicep index f28404ad..5da54f6c 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/connectedregistries/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/connectedregistries/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westus' param resourceName string = 'acctest0001' +param location string = 'westus' resource registry 'Microsoft.ContainerRegistry/registries@2023-11-01-preview' = { name: '${resourceName}registry' @@ -8,8 +8,6 @@ resource registry 'Microsoft.ContainerRegistry/registries@2023-11-01-preview' = name: 'Premium' } properties: { - publicNetworkAccess: 'Enabled' - zoneRedundancy: 'Disabled' adminUserEnabled: false anonymousPullEnabled: false dataEndpointEnabled: true @@ -24,6 +22,8 @@ resource registry 'Microsoft.ContainerRegistry/registries@2023-11-01-preview' = retentionPolicy: {} trustPolicy: {} } + publicNetworkAccess: 'Enabled' + zoneRedundancy: 'Disabled' } } @@ -31,7 +31,6 @@ resource connectedRegistry 'Microsoft.ContainerRegistry/registries/connectedRegi name: '${resourceName}connectedregistry' parent: registry properties: { - clientTokenIds: null logging: { auditLogStatus: 'Disabled' logLevel: 'None' @@ -39,9 +38,10 @@ resource connectedRegistry 'Microsoft.ContainerRegistry/registries/connectedRegi mode: 'ReadWrite' parent: { syncProperties: { - syncWindow: '' messageTtl: 'P1D' schedule: '* * * * *' + syncWindow: '' + tokenId: token.id } } } diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/credentialsets/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/credentialsets/main.bicep index 292d1af2..be55f113 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/credentialsets/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/credentialsets/main.bicep @@ -1,4 +1,3 @@ -param resourceName string = 'acctest0001' param location string = 'eastus' @secure() @description('The username for the container registry credential') @@ -6,16 +5,12 @@ param credentialUsername string = 'testuser' @secure() @description('The password for the container registry credential') param credentialPassword string +param resourceName string = 'acctest0001' resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { name: '${resourceName}vault' location: location properties: { - enableRbacAuthorization: false - enableSoftDelete: true - enabledForTemplateDeployment: false - publicNetworkAccess: 'Enabled' - tenantId: tenant().tenantId accessPolicies: [ { objectId: deployer().objectId @@ -33,14 +28,19 @@ resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { tenantId: tenant().tenantId } ] + createMode: 'default' + enableRbacAuthorization: false + enableSoftDelete: true enabledForDeployment: false enabledForDiskEncryption: false + enabledForTemplateDeployment: false + publicNetworkAccess: 'Enabled' sku: { family: 'A' name: 'standard' } softDeleteRetentionInDays: 7 - createMode: 'default' + tenantId: tenant().tenantId } } @@ -51,6 +51,9 @@ resource registry 'Microsoft.ContainerRegistry/registries@2023-11-01-preview' = name: 'Basic' } properties: { + adminUserEnabled: false + anonymousPullEnabled: false + dataEndpointEnabled: false networkRuleBypassOptions: 'AzureServices' policies: { exportPolicy: { @@ -64,9 +67,6 @@ resource registry 'Microsoft.ContainerRegistry/registries@2023-11-01-preview' = } publicNetworkAccess: 'Enabled' zoneRedundancy: 'Disabled' - adminUserEnabled: false - anonymousPullEnabled: false - dataEndpointEnabled: false } } @@ -76,9 +76,9 @@ resource credentialSet 'Microsoft.ContainerRegistry/registries/credentialSets@20 properties: { authCredentials: [ { - usernameSecretIdentifier: 'https://${resourceName}vault.vault.azure.net/secrets/username' name: 'Credential1' passwordSecretIdentifier: 'https://${resourceName}vault.vault.azure.net/secrets/password' + usernameSecretIdentifier: 'https://${resourceName}vault.vault.azure.net/secrets/username' } ] loginServer: 'docker.io' @@ -89,7 +89,7 @@ resource passwordSecret 'Microsoft.KeyVault/vaults/secrets@2023-02-01' = { name: 'password' parent: vault properties: { - value: '${credentialPassword}' + value: credentialPassword } } @@ -97,6 +97,6 @@ resource usernameSecret 'Microsoft.KeyVault/vaults/secrets@2023-02-01' = { name: 'username' parent: vault properties: { - value: '${credentialUsername}' + value: credentialUsername } } diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/main.bicep index c3479db2..8301524a 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/main.bicep @@ -9,28 +9,28 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = tier: 'Standard' } properties: { + adminUserEnabled: false + anonymousPullEnabled: false dataEndpointEnabled: false encryption: { status: 'disabled' } networkRuleBypassOptions: 'AzureServices' policies: { - retentionPolicy: { - status: 'disabled' - } - trustPolicy: { - status: 'disabled' - } exportPolicy: { status: 'enabled' } quarantinePolicy: { status: 'disabled' } + retentionPolicy: { + status: 'disabled' + } + trustPolicy: { + status: 'disabled' + } } publicNetworkAccess: 'Enabled' - adminUserEnabled: false - anonymousPullEnabled: false zoneRedundancy: 'Disabled' } } diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/scopemaps/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/scopemaps/main.bicep index bf93f7c3..3dfbebf6 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/scopemaps/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/scopemaps/main.bicep @@ -5,10 +5,17 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = name: resourceName location: location sku: { - tier: 'Premium' name: 'Premium' + tier: 'Premium' } properties: { + adminUserEnabled: false + anonymousPullEnabled: false + dataEndpointEnabled: false + encryption: { + status: 'disabled' + } + networkRuleBypassOptions: 'AzureServices' policies: { exportPolicy: { status: 'enabled' @@ -23,15 +30,8 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = status: 'disabled' } } - zoneRedundancy: 'Disabled' - adminUserEnabled: false - anonymousPullEnabled: false - dataEndpointEnabled: false publicNetworkAccess: 'Enabled' - encryption: { - status: 'disabled' - } - networkRuleBypassOptions: 'AzureServices' + zoneRedundancy: 'Disabled' } } diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/taskruns/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/taskruns/main.bicep index 95f527e8..688973da 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/taskruns/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/taskruns/main.bicep @@ -9,14 +9,13 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = tier: 'Standard' } properties: { + adminUserEnabled: false + anonymousPullEnabled: false + dataEndpointEnabled: false encryption: { status: 'disabled' } networkRuleBypassOptions: 'AzureServices' - publicNetworkAccess: 'Enabled' - adminUserEnabled: false - anonymousPullEnabled: false - dataEndpointEnabled: false policies: { exportPolicy: { status: 'enabled' @@ -31,6 +30,7 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = status: 'disabled' } } + publicNetworkAccess: 'Enabled' zoneRedundancy: 'Disabled' } } diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/tasks/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/tasks/main.bicep index d288908c..c2c6b09a 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/tasks/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/tasks/main.bicep @@ -11,11 +11,11 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = properties: { adminUserEnabled: false anonymousPullEnabled: false + dataEndpointEnabled: false encryption: { status: 'disabled' } networkRuleBypassOptions: 'AzureServices' - dataEndpointEnabled: false policies: { exportPolicy: { status: 'enabled' @@ -40,9 +40,8 @@ resource task 'Microsoft.ContainerRegistry/registries/tasks@2019-06-01-preview' location: location parent: registry properties: { - step: null - timeout: 3600 isSystemTask: true status: 'Enabled' + timeout: 3600 } } diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/tokens/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/tokens/main.bicep index b4b03f75..5be6e70b 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/tokens/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/tokens/main.bicep @@ -9,10 +9,13 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = tier: 'Premium' } properties: { - networkRuleBypassOptions: 'AzureServices' - publicNetworkAccess: 'Enabled' adminUserEnabled: true + anonymousPullEnabled: false dataEndpointEnabled: false + encryption: { + status: 'disabled' + } + networkRuleBypassOptions: 'AzureServices' policies: { exportPolicy: { status: 'enabled' @@ -27,11 +30,8 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = status: 'disabled' } } + publicNetworkAccess: 'Enabled' zoneRedundancy: 'Disabled' - anonymousPullEnabled: false - encryption: { - status: 'disabled' - } } } diff --git a/settings/remarks/microsoft.containerregistry/samples/registries/webhooks/main.bicep b/settings/remarks/microsoft.containerregistry/samples/registries/webhooks/main.bicep index d819c4bd..01ecf449 100644 --- a/settings/remarks/microsoft.containerregistry/samples/registries/webhooks/main.bicep +++ b/settings/remarks/microsoft.containerregistry/samples/registries/webhooks/main.bicep @@ -9,8 +9,17 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = tier: 'Standard' } properties: { + adminUserEnabled: false + anonymousPullEnabled: false + dataEndpointEnabled: false + encryption: { + status: 'disabled' + } networkRuleBypassOptions: 'AzureServices' policies: { + exportPolicy: { + status: 'enabled' + } quarantinePolicy: { status: 'disabled' } @@ -20,18 +29,9 @@ resource registry 'Microsoft.ContainerRegistry/registries@2021-08-01-preview' = trustPolicy: { status: 'disabled' } - exportPolicy: { - status: 'enabled' - } } publicNetworkAccess: 'Enabled' zoneRedundancy: 'Disabled' - anonymousPullEnabled: false - adminUserEnabled: false - dataEndpointEnabled: false - encryption: { - status: 'disabled' - } } } @@ -40,12 +40,12 @@ resource webHook 'Microsoft.ContainerRegistry/registries/webHooks@2021-08-01-pre location: location parent: registry properties: { - scope: '' - serviceUri: 'https://mywebhookreceiver.example/mytag' - status: 'enabled' actions: [ 'push' ] customHeaders: {} + scope: '' + serviceUri: 'https://mywebhookreceiver.example/mytag' + status: 'enabled' } } diff --git a/settings/remarks/microsoft.containerservice/samples/fleets/members/main.bicep b/settings/remarks/microsoft.containerservice/samples/fleets/members/main.bicep index 42284263..d3d82bda 100644 --- a/settings/remarks/microsoft.containerservice/samples/fleets/members/main.bicep +++ b/settings/remarks/microsoft.containerservice/samples/fleets/members/main.bicep @@ -1,5 +1,11 @@ -param location string = 'westus' param resourceName string = 'acctest0001' +param location string = 'westus' + +resource fleet 'Microsoft.ContainerService/fleets@2024-04-01' = { + name: resourceName + location: location + properties: {} +} resource managedCluster 'Microsoft.ContainerService/managedClusters@2025-02-01' = { name: resourceName @@ -9,44 +15,32 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2025-02-01' tier: 'Free' } properties: { - metricsProfile: { - costAnalysis: { - enabled: false - } - } - nodeResourceGroup: '' addonProfiles: {} agentPoolProfiles: [ { - mode: 'System' - osDiskType: 'Managed' - tags: {} count: 1 enableAutoScaling: false + enableEncryptionAtHost: false + enableFIPS: false + enableNodePublicIP: false enableUltraSSD: false + kubeletDiskType: '' + mode: 'System' + name: 'default' + nodeLabels: {} + osDiskType: 'Managed' + osType: 'Linux' scaleDownMode: 'Delete' - vmSize: 'Standard_B2s' - enableNodePublicIP: false + tags: {} type: 'VirtualMachineScaleSets' upgradeSettings: { drainTimeoutInMinutes: 0 maxSurge: '10%' nodeSoakDurationInMinutes: 0 } - enableEncryptionAtHost: false - name: 'default' - nodeLabels: {} - osType: 'Linux' - enableFIPS: false - kubeletDiskType: '' + vmSize: 'Standard_B2s' } ] - enableRBAC: true - securityProfile: {} - servicePrincipalProfile: { - clientId: 'msi' - } - supportPlan: 'KubernetesOfficial' apiServerAccessProfile: { disableRunCommand: false enablePrivateCluster: false @@ -62,22 +56,28 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2025-02-01' } } disableLocalAccounts: false - dnsPrefix: '${resourceName}' + dnsPrefix: resourceName + enableRBAC: true kubernetesVersion: '' + metricsProfile: { + costAnalysis: { + enabled: false + } + } + nodeResourceGroup: '' + securityProfile: {} + servicePrincipalProfile: { + clientId: 'msi' + } + supportPlan: 'KubernetesOfficial' } } -resource fleet 'Microsoft.ContainerService/fleets@2024-04-01' = { - name: resourceName - location: location - properties: {} -} - resource member 'Microsoft.ContainerService/fleets/members@2024-04-01' = { name: resourceName parent: fleet properties: { - group: 'default' clusterResourceId: managedCluster.id + group: 'default' } } diff --git a/settings/remarks/microsoft.containerservice/samples/managedclusters/agentpools/main.bicep b/settings/remarks/microsoft.containerservice/samples/managedclusters/agentpools/main.bicep index 1b17cd79..3844a47d 100644 --- a/settings/remarks/microsoft.containerservice/samples/managedclusters/agentpools/main.bicep +++ b/settings/remarks/microsoft.containerservice/samples/managedclusters/agentpools/main.bicep @@ -13,7 +13,7 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2023-04-02-p vmSize: 'Standard_DS2_v2' } ] - dnsPrefix: '${resourceName}' + dnsPrefix: resourceName } } diff --git a/settings/remarks/microsoft.containerservice/samples/managedclusters/main.bicep b/settings/remarks/microsoft.containerservice/samples/managedclusters/main.bicep index 63d7517e..90f29df7 100644 --- a/settings/remarks/microsoft.containerservice/samples/managedclusters/main.bicep +++ b/settings/remarks/microsoft.containerservice/samples/managedclusters/main.bicep @@ -5,7 +5,6 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2023-04-02-p name: resourceName location: location properties: { - dnsPrefix: '${resourceName}' agentPoolProfiles: [ { count: 1 @@ -14,5 +13,6 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2023-04-02-p vmSize: 'Standard_DS2_v2' } ] + dnsPrefix: resourceName } } diff --git a/settings/remarks/microsoft.containerservice/samples/managedclusters/trustedaccessrolebindings/main.bicep b/settings/remarks/microsoft.containerservice/samples/managedclusters/trustedaccessrolebindings/main.bicep index 9c8ff611..ad25ac4d 100644 --- a/settings/remarks/microsoft.containerservice/samples/managedclusters/trustedaccessrolebindings/main.bicep +++ b/settings/remarks/microsoft.containerservice/samples/managedclusters/trustedaccessrolebindings/main.bicep @@ -1,64 +1,22 @@ param resourceName string = 'acctest0001' param location string = 'westus' -resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { - name: 'st${resourceName}' - location: location - sku: { - name: 'Standard_LRS' - } - kind: 'StorageV2' - properties: { - accessTier: 'Hot' - minimumTlsVersion: 'TLS1_2' - allowSharedKeyAccess: true - isHnsEnabled: false - defaultToOAuthAuthentication: false - dnsEndpointType: 'Standard' - isNfsV3Enabled: false - isSftpEnabled: false - networkAcls: { - bypass: 'AzureServices' - defaultAction: 'Allow' - ipRules: [] - resourceAccessRules: [] - virtualNetworkRules: [] - } - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - allowBlobPublicAccess: true - allowCrossTenantReplication: false - encryption: { - keySource: 'Microsoft.Storage' - services: { - queue: { - keyType: 'Service' - } - table: { - keyType: 'Service' - } - } - } - isLocalUserEnabled: true - } -} - resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { name: 'kv${resourceName}' location: location properties: { accessPolicies: [] + createMode: 'default' + enableRbacAuthorization: false enabledForDeployment: false enabledForDiskEncryption: false + enabledForTemplateDeployment: false publicNetworkAccess: 'Enabled' sku: { - name: 'standard' family: 'A' + name: 'standard' } softDeleteRetentionInDays: 7 - createMode: 'default' - enableRbacAuthorization: false - enabledForTemplateDeployment: false tenantId: tenant().tenantId } } @@ -84,40 +42,26 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2025-02-01' name: 'aks-${resourceName}' location: location sku: { - tier: 'Free' name: 'Base' + tier: 'Free' } properties: { - apiServerAccessProfile: { - disableRunCommand: false - enablePrivateCluster: false - enablePrivateClusterPublicFQDN: false - } - azureMonitorProfile: { - metrics: { - enabled: false - } - } - disableLocalAccounts: false - dnsPrefix: 'aks-${resourceName}' - enableRBAC: true - metricsProfile: { - costAnalysis: { - enabled: false - } - } - nodeResourceGroup: '' - servicePrincipalProfile: { - clientId: 'msi' - } addonProfiles: {} agentPoolProfiles: [ { + count: 1 enableAutoScaling: false + enableEncryptionAtHost: false + enableFIPS: false + enableNodePublicIP: false + enableUltraSSD: false + kubeletDiskType: '' + mode: 'System' name: 'default' nodeLabels: {} - enableEncryptionAtHost: false osDiskType: 'Managed' + osType: 'Linux' + scaleDownMode: 'Delete' tags: {} type: 'VirtualMachineScaleSets' upgradeSettings: { @@ -125,23 +69,37 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2025-02-01' maxSurge: '10%' nodeSoakDurationInMinutes: 0 } - scaleDownMode: 'Delete' - count: 1 - enableNodePublicIP: false - enableUltraSSD: false - kubeletDiskType: '' - osType: 'Linux' - enableFIPS: false - mode: 'System' vmSize: 'Standard_B2s' } ] + apiServerAccessProfile: { + disableRunCommand: false + enablePrivateCluster: false + enablePrivateClusterPublicFQDN: false + } autoUpgradeProfile: { nodeOSUpgradeChannel: 'NodeImage' upgradeChannel: 'none' } + azureMonitorProfile: { + metrics: { + enabled: false + } + } + disableLocalAccounts: false + dnsPrefix: 'aks-${resourceName}' + enableRBAC: true kubernetesVersion: '' + metricsProfile: { + costAnalysis: { + enabled: false + } + } + nodeResourceGroup: '' securityProfile: {} + servicePrincipalProfile: { + clientId: 'msi' + } supportPlan: 'KubernetesOfficial' } } @@ -162,13 +120,55 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { location: location kind: 'web' properties: { + Application_Type: 'web' DisableIpMasking: false DisableLocalAuth: false ForceCustomerStorageForProfiler: false RetentionInDays: 90 - publicNetworkAccessForQuery: 'Enabled' - Application_Type: 'web' SamplingPercentage: 100 publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' + } +} + +resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { + name: 'st${resourceName}' + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + properties: { + accessTier: 'Hot' + allowBlobPublicAccess: true + allowCrossTenantReplication: false + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false + dnsEndpointType: 'Standard' + encryption: { + keySource: 'Microsoft.Storage' + services: { + queue: { + keyType: 'Service' + } + table: { + keyType: 'Service' + } + } + } + isHnsEnabled: false + isLocalUserEnabled: true + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' + networkAcls: { + bypass: 'AzureServices' + defaultAction: 'Allow' + ipRules: [] + resourceAccessRules: [] + virtualNetworkRules: [] + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true } } diff --git a/settings/remarks/microsoft.costmanagement/samples/scheduledactions/main.bicep b/settings/remarks/microsoft.costmanagement/samples/scheduledactions/main.bicep index 790a130d..708cd6fe 100644 --- a/settings/remarks/microsoft.costmanagement/samples/scheduledactions/main.bicep +++ b/settings/remarks/microsoft.costmanagement/samples/scheduledactions/main.bicep @@ -1,25 +1,13 @@ targetScope = 'subscription' -param resourceName string = 'acctest0001' param location string = 'eastus' +param resourceName string = 'acctest0001' resource scheduledAction 'Microsoft.CostManagement/scheduledActions@2022-10-01' = { name: resourceName scope: subscription() kind: 'Email' properties: { - notificationEmail: 'test@test.com' - schedule: { - frequency: 'Daily' - hourOfDay: 0 - startDate: '2023-07-01T00:00:00Z' - weeksOfMonth: null - dayOfMonth: 0 - daysOfWeek: null - endDate: '2023-07-02T00:00:00Z' - } - status: 'Enabled' - viewId: resourceId('Microsoft.CostManagement/views', 'ms:CostByService') displayName: 'CostByServiceViewerz3k' fileDestination: { fileFormats: [] @@ -32,5 +20,15 @@ resource scheduledAction 'Microsoft.CostManagement/scheduledActions@2022-10-01' 'hashicorp@test.com' ] } + notificationEmail: 'test@test.com' + schedule: { + dayOfMonth: 0 + endDate: '2023-07-02T00:00:00Z' + frequency: 'Daily' + hourOfDay: 0 + startDate: '2023-07-01T00:00:00Z' + } + status: 'Enabled' + viewId: resourceId('Microsoft.CostManagement/views', 'ms:CostByService') } } diff --git a/settings/remarks/microsoft.costmanagement/samples/views/main.bicep b/settings/remarks/microsoft.costmanagement/samples/views/main.bicep index 5294f43a..04f15e9f 100644 --- a/settings/remarks/microsoft.costmanagement/samples/views/main.bicep +++ b/settings/remarks/microsoft.costmanagement/samples/views/main.bicep @@ -29,6 +29,17 @@ resource view 'Microsoft.CostManagement/views@2022-10-01' = { ] query: { dataSet: { + aggregation: { + totalCost: { + function: 'Sum' + name: 'Cost' + } + totalCostUSD: { + function: 'Sum' + name: 'CostUSD' + } + } + granularity: 'Monthly' grouping: [ { name: 'ResourceGroupName' @@ -41,17 +52,6 @@ resource view 'Microsoft.CostManagement/views@2022-10-01' = { name: 'BillingMonth' } ] - aggregation: { - totalCost: { - function: 'Sum' - name: 'Cost' - } - totalCostUSD: { - function: 'Sum' - name: 'CostUSD' - } - } - granularity: 'Monthly' } timeframe: 'MonthToDate' type: 'Usage' diff --git a/settings/remarks/microsoft.dashboard/samples/grafana/managedprivateendpoints/main.bicep b/settings/remarks/microsoft.dashboard/samples/grafana/managedprivateendpoints/main.bicep index e1e986b2..9fe4ba36 100644 --- a/settings/remarks/microsoft.dashboard/samples/grafana/managedprivateendpoints/main.bicep +++ b/settings/remarks/microsoft.dashboard/samples/grafana/managedprivateendpoints/main.bicep @@ -1,14 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'eastus' -resource account 'Microsoft.Monitor/accounts@2023-04-03' = { - name: '${resourceName}-mw' - location: location - properties: { - publicNetworkAccess: 'Enabled' - } -} - resource grafana 'Microsoft.Dashboard/grafana@2023-09-01' = { name: '${resourceName}-graf' location: location @@ -30,12 +22,20 @@ resource managedPrivateEndpoint 'Microsoft.Dashboard/grafana/managedPrivateEndpo location: location parent: grafana properties: { + groupIds: [ + 'prometheusMetrics' + ] privateLinkResourceId: account.id privateLinkResourceRegion: location privateLinkServiceUrl: '' requestMessage: '' - groupIds: [ - 'prometheusMetrics' - ] + } +} + +resource account 'Microsoft.Monitor/accounts@2023-04-03' = { + name: '${resourceName}-mw' + location: location + properties: { + publicNetworkAccess: 'Enabled' } } diff --git a/settings/remarks/microsoft.databricks/samples/workspaces/virtualnetworkpeerings/main.bicep b/settings/remarks/microsoft.databricks/samples/workspaces/virtualnetworkpeerings/main.bicep index bd3413f3..a958c089 100644 --- a/settings/remarks/microsoft.databricks/samples/workspaces/virtualnetworkpeerings/main.bicep +++ b/settings/remarks/microsoft.databricks/samples/workspaces/virtualnetworkpeerings/main.bicep @@ -24,8 +24,8 @@ resource workspace 'Microsoft.Databricks/workspaces@2023-02-01' = { name: 'standard' } properties: { - publicNetworkAccess: 'Enabled' managedResourceGroupId: resourceGroup().id + publicNetworkAccess: 'Enabled' } } @@ -33,6 +33,14 @@ resource virtualNetworkPeering 'Microsoft.Databricks/workspaces/virtualNetworkPe name: resourceName parent: workspace properties: { + allowForwardedTraffic: false + allowGatewayTransit: false + allowVirtualNetworkAccess: true + databricksAddressSpace: { + addressPrefixes: [ + '10.139.0.0/16' + ] + } remoteAddressSpace: { addressPrefixes: [ '10.0.1.0/24' @@ -42,13 +50,5 @@ resource virtualNetworkPeering 'Microsoft.Databricks/workspaces/virtualNetworkPe id: virtualNetwork.id } useRemoteGateways: false - allowForwardedTraffic: false - allowGatewayTransit: false - allowVirtualNetworkAccess: true - databricksAddressSpace: { - addressPrefixes: [ - '10.139.0.0/16' - ] - } } } diff --git a/settings/remarks/microsoft.datafactory/samples/factories/credentials/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/credentials/main.bicep index 6d3e1d0e..c56fc7e7 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/credentials/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/credentials/main.bicep @@ -6,15 +6,9 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { location: location properties: { publicNetworkAccess: 'Enabled' - repoConfiguration: null } } -resource userAssignedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = { - name: resourceName - location: 'azapi_resource.resourceGroup.location' -} - resource credential 'Microsoft.DataFactory/factories/credentials@2018-06-01' = { name: resourceName parent: factory @@ -29,3 +23,8 @@ resource credential 'Microsoft.DataFactory/factories/credentials@2018-06-01' = { } } } + +resource userAssignedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = { + name: resourceName + location: 'azapi_resource.resourceGroup.location' +} diff --git a/settings/remarks/microsoft.datafactory/samples/factories/dataflows/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/dataflows/main.bicep index 57deb90e..afbd2b0a 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/dataflows/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/dataflows/main.bicep @@ -6,7 +6,18 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { location: location properties: { publicNetworkAccess: 'Enabled' - repoConfiguration: null + } +} + +resource linkedservice 'Microsoft.DataFactory/factories/linkedservices@2018-06-01' = { + name: resourceName + parent: factory + properties: { + description: '' + type: 'AzureBlobStorage' + typeProperties: { + serviceEndpoint: storageAccount.properties.primaryEndpoints.blob + } } } @@ -18,31 +29,31 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { + accessTier: 'Hot' + allowBlobPublicAccess: true + allowCrossTenantReplication: true + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { - table: { + queue: { keyType: 'Service' } - queue: { + table: { keyType: 'Service' } } } + isHnsEnabled: false + isNfsV3Enabled: false isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } - accessTier: 'Hot' - allowBlobPublicAccess: true - defaultToOAuthAuthentication: false - isHnsEnabled: false - isNfsV3Enabled: false - minimumTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true - allowCrossTenantReplication: true - allowSharedKeyAccess: true } } @@ -69,8 +80,9 @@ source1 sink( { description: '' linkedService: { - type: 'LinkedServiceReference' parameters: {} + referenceName: linkedservice.name + type: 'LinkedServiceReference' } name: 'sink1' } @@ -80,6 +92,7 @@ source1 sink( description: '' linkedService: { parameters: {} + referenceName: linkedservice.name type: 'LinkedServiceReference' } name: 'source1' @@ -88,15 +101,3 @@ source1 sink( } } } - -resource linkedservice 'Microsoft.DataFactory/factories/linkedservices@2018-06-01' = { - name: resourceName - parent: factory - properties: { - description: '' - type: 'AzureBlobStorage' - typeProperties: { - serviceEndpoint: storageAccount.properties.primaryEndpoints.blob - } - } -} diff --git a/settings/remarks/microsoft.datafactory/samples/factories/datasets/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/datasets/main.bicep index 87c8eabf..ac8bd507 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/datasets/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/datasets/main.bicep @@ -6,7 +6,6 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { location: location properties: { publicNetworkAccess: 'Enabled' - repoConfiguration: null } } @@ -18,14 +17,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { - isNfsV3Enabled: false - isSftpEnabled: false - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' accessTier: 'Hot' + allowBlobPublicAccess: true + allowCrossTenantReplication: true allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -37,12 +33,15 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } + isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false minimumTlsVersion: 'TLS1_2' + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true - allowBlobPublicAccess: true - allowCrossTenantReplication: true - defaultToOAuthAuthentication: false - isHnsEnabled: false } } @@ -52,6 +51,7 @@ resource dataset 'Microsoft.DataFactory/factories/datasets@2018-06-01' = { properties: { description: '' linkedServiceName: { + referenceName: linkedservice.name type: 'LinkedServiceReference' } type: 'Json' diff --git a/settings/remarks/microsoft.datafactory/samples/factories/integrationruntimes/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/integrationruntimes/main.bicep index 1147b531..bcac3aae 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/integrationruntimes/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/integrationruntimes/main.bicep @@ -6,7 +6,6 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { location: location properties: { publicNetworkAccess: 'Enabled' - repoConfiguration: null } } diff --git a/settings/remarks/microsoft.datafactory/samples/factories/linkedservices/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/linkedservices/main.bicep index 145e99ed..9f7c4796 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/linkedservices/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/linkedservices/main.bicep @@ -1,27 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { - name: resourceName - location: location - properties: { - publicNetworkAccess: 'Enabled' - repoConfiguration: null - } -} - -resource linkedservice 'Microsoft.DataFactory/factories/linkedservices@2018-06-01' = { - name: resourceName - parent: factory - properties: { - type: 'AzureBlobStorage' - typeProperties: { - serviceEndpoint: storageAccount.properties.primaryEndpoints.blob - } - description: '' - } -} - resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location @@ -30,12 +9,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { - minimumTlsVersion: 'TLS1_2' - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' + accessTier: 'Hot' + allowBlobPublicAccess: true allowCrossTenantReplication: true + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -47,13 +25,34 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } + isHnsEnabled: false isNfsV3Enabled: false isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true - accessTier: 'Hot' - allowBlobPublicAccess: true - allowSharedKeyAccess: true - defaultToOAuthAuthentication: false - isHnsEnabled: false + } +} + +resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { + name: resourceName + location: location + properties: { + publicNetworkAccess: 'Enabled' + } +} + +resource linkedservice 'Microsoft.DataFactory/factories/linkedservices@2018-06-01' = { + name: resourceName + parent: factory + properties: { + description: '' + type: 'AzureBlobStorage' + typeProperties: { + serviceEndpoint: storageAccount.properties.primaryEndpoints.blob + } } } diff --git a/settings/remarks/microsoft.datafactory/samples/factories/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/main.bicep index f41575b8..9857bdb8 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/main.bicep @@ -6,6 +6,5 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { location: location properties: { publicNetworkAccess: 'Enabled' - repoConfiguration: null } } diff --git a/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/main.bicep index 1d550e51..04eac6d5 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/main.bicep @@ -5,7 +5,6 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { name: resourceName location: location properties: { - repoConfiguration: null globalParameters: {} publicNetworkAccess: 'Enabled' } diff --git a/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/managedprivateendpoints/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/managedprivateendpoints/main.bicep index 77de140a..dadadff0 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/managedprivateendpoints/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/managedvirtualnetworks/managedprivateendpoints/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { name: resourceName @@ -7,7 +7,21 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { properties: { globalParameters: {} publicNetworkAccess: 'Enabled' - repoConfiguration: null + } +} + +resource managedVirtualNetwork 'Microsoft.DataFactory/factories/managedVirtualNetworks@2018-06-01' = { + name: 'default' + parent: factory + properties: {} +} + +resource managedPrivateEndpoint 'Microsoft.DataFactory/factories/managedVirtualNetworks/managedPrivateEndpoints@2018-06-01' = { + name: resourceName + parent: managedVirtualNetwork + properties: { + groupId: 'blob' + privateLinkResourceId: storageAccount.id } } @@ -19,9 +33,8 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'BlobStorage' properties: { - minimumTlsVersion: 'TLS1_2' - supportsHttpsTrafficOnly: true accessTier: 'Hot' + allowBlobPublicAccess: true allowCrossTenantReplication: true allowSharedKeyAccess: true defaultToOAuthAuthentication: false @@ -36,28 +49,14 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } + isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' - allowBlobPublicAccess: true - isHnsEnabled: false - isNfsV3Enabled: false - isSftpEnabled: false - } -} - -resource managedVirtualNetwork 'Microsoft.DataFactory/factories/managedVirtualNetworks@2018-06-01' = { - name: 'default' - parent: factory - properties: {} -} - -resource managedPrivateEndpoint 'Microsoft.DataFactory/factories/managedVirtualNetworks/managedPrivateEndpoints@2018-06-01' = { - name: resourceName - parent: managedVirtualNetwork - properties: { - groupId: 'blob' - privateLinkResourceId: storageAccount.id + supportsHttpsTrafficOnly: true } } diff --git a/settings/remarks/microsoft.datafactory/samples/factories/pipelines/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/pipelines/main.bicep index 8d6c2e91..7f6118f2 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/pipelines/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/pipelines/main.bicep @@ -1,12 +1,11 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { name: resourceName location: location properties: { publicNetworkAccess: 'Enabled' - repoConfiguration: null } } diff --git a/settings/remarks/microsoft.datafactory/samples/factories/triggers/main.bicep b/settings/remarks/microsoft.datafactory/samples/factories/triggers/main.bicep index 218320a7..176491b5 100644 --- a/settings/remarks/microsoft.datafactory/samples/factories/triggers/main.bicep +++ b/settings/remarks/microsoft.datafactory/samples/factories/triggers/main.bicep @@ -6,7 +6,6 @@ resource factory 'Microsoft.DataFactory/factories@2018-06-01' = { location: location properties: { publicNetworkAccess: 'Enabled' - repoConfiguration: null } } @@ -30,12 +29,6 @@ resource trigger 'Microsoft.DataFactory/factories/triggers@2018-06-01' = { name: resourceName parent: factory properties: { - typeProperties: { - frequency: 'Minute' - interval: 15 - maxConcurrency: 50 - startTime: '2022-09-21T00:00:00Z' - } description: '' pipeline: { parameters: {} @@ -45,5 +38,11 @@ resource trigger 'Microsoft.DataFactory/factories/triggers@2018-06-01' = { } } type: 'TumblingWindowTrigger' + typeProperties: { + frequency: 'Minute' + interval: 15 + maxConcurrency: 50 + startTime: '2022-09-21T00:00:00Z' + } } } diff --git a/settings/remarks/microsoft.datamigration/samples/services/main.bicep b/settings/remarks/microsoft.datamigration/samples/services/main.bicep index 6ff14b29..c08af084 100644 --- a/settings/remarks/microsoft.datamigration/samples/services/main.bicep +++ b/settings/remarks/microsoft.datamigration/samples/services/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource service 'Microsoft.DataMigration/services@2018-04-19' = { name: resourceName @@ -8,7 +8,9 @@ resource service 'Microsoft.DataMigration/services@2018-04-19' = { name: 'Standard_1vCores' } kind: 'Cloud' - properties: {} + properties: { + virtualSubnetId: subnet.id + } } resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { diff --git a/settings/remarks/microsoft.datamigration/samples/services/projects/main.bicep b/settings/remarks/microsoft.datamigration/samples/services/projects/main.bicep index 9e30b03f..64c2f698 100644 --- a/settings/remarks/microsoft.datamigration/samples/services/projects/main.bicep +++ b/settings/remarks/microsoft.datamigration/samples/services/projects/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource service 'Microsoft.DataMigration/services@2018-04-19' = { name: resourceName @@ -8,7 +8,9 @@ resource service 'Microsoft.DataMigration/services@2018-04-19' = { name: 'Standard_1vCores' } kind: 'Cloud' - properties: {} + properties: { + virtualSubnetId: subnet.id + } } resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { @@ -41,11 +43,11 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: resourceName parent: virtualNetwork properties: { - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] addressPrefix: '10.0.1.0/24' delegations: [] privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.dataprotection/samples/backupvaults/backupinstances/main.bicep b/settings/remarks/microsoft.dataprotection/samples/backupvaults/backupinstances/main.bicep index 32c15701..732e956c 100644 --- a/settings/remarks/microsoft.dataprotection/samples/backupvaults/backupinstances/main.bicep +++ b/settings/remarks/microsoft.dataprotection/samples/backupvaults/backupinstances/main.bicep @@ -4,40 +4,14 @@ param location string = 'westeurope' @description('The administrator login password for the PostgreSQL server') param administratorLoginPassword string -resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { - name: resourceName - location: location - sku: { - capacity: 2 - family: 'Gen5' - name: 'B_Gen5_2' - tier: 'Basic' - } - properties: { - createMode: 'Default' - publicNetworkAccess: 'Enabled' - storageProfile: { - storageAutogrow: 'Enabled' - storageMB: 5120 - backupRetentionDays: 7 - } - version: '9.5' - administratorLogin: 'psqladmin' - administratorLoginPassword: '${administratorLoginPassword}' - infrastructureEncryption: 'Disabled' - minimalTlsVersion: 'TLS1_2' - sslEnforcement: 'Enabled' - } -} - resource backupVault 'Microsoft.DataProtection/backupVaults@2022-04-01' = { name: resourceName location: location properties: { storageSettings: [ { - type: 'LocallyRedundant' datastoreType: 'VaultStore' + type: 'LocallyRedundant' } ] } @@ -47,24 +21,28 @@ resource backupInstance 'Microsoft.DataProtection/backupVaults/backupInstances@2 name: resourceName parent: backupVault properties: { - dataSourceSetInfo: { + dataSourceInfo: { + datasourceType: 'Microsoft.DBforPostgreSQL/servers/databases' + objectType: 'Datasource' + resourceID: database.id + resourceLocation: database.location + resourceName: database.name + resourceType: 'Microsoft.DBforPostgreSQL/servers/databases' resourceUri: '' + } + dataSourceSetInfo: { datasourceType: 'Microsoft.DBforPostgreSQL/servers/databases' objectType: 'DatasourceSet' resourceID: server.id resourceLocation: server.location resourceName: server.name resourceType: 'Microsoft.DBForPostgreSQL/servers' + resourceUri: '' } - datasourceAuthCredentials: null friendlyName: resourceName objectType: 'BackupInstance' - policyInfo: {} - dataSourceInfo: { - objectType: 'Datasource' - resourceType: 'Microsoft.DBforPostgreSQL/servers/databases' - resourceUri: '' - datasourceType: 'Microsoft.DBforPostgreSQL/servers/databases' + policyInfo: { + policyId: backupPolicy.id } } } @@ -73,6 +51,10 @@ resource backupPolicy 'Microsoft.DataProtection/backupVaults/backupPolicies@2022 name: resourceName parent: backupVault properties: { + datasourceTypes: [ + 'Microsoft.DBforPostgreSQL/servers/databases' + ] + objectType: 'BackupPolicy' policyRules: [ { backupParameters: { @@ -94,12 +76,12 @@ resource backupPolicy 'Microsoft.DataProtection/backupVaults/backupPolicies@2022 } taggingCriteria: [ { + isDefault: true tagInfo: { id: 'Default_' tagName: 'Default' } taggingPriority: 99 - isDefault: true } ] } @@ -113,8 +95,8 @@ resource backupPolicy 'Microsoft.DataProtection/backupVaults/backupPolicies@2022 objectType: 'AbsoluteDeleteOption' } sourceDataStore: { - objectType: 'DataStoreInfoBase' dataStoreType: 'VaultStore' + objectType: 'DataStoreInfoBase' } targetDataStoreCopySettings: [] } @@ -123,10 +105,32 @@ resource backupPolicy 'Microsoft.DataProtection/backupVaults/backupPolicies@2022 objectType: 'AzureRetentionRule' } ] - datasourceTypes: [ - 'Microsoft.DBforPostgreSQL/servers/databases' - ] - objectType: 'BackupPolicy' + } +} + +resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { + name: resourceName + location: location + sku: { + capacity: 2 + family: 'Gen5' + name: 'B_Gen5_2' + tier: 'Basic' + } + properties: { + administratorLogin: 'psqladmin' + administratorLoginPassword: administratorLoginPassword + createMode: 'Default' + infrastructureEncryption: 'Disabled' + minimalTlsVersion: 'TLS1_2' + publicNetworkAccess: 'Enabled' + sslEnforcement: 'Enabled' + storageProfile: { + backupRetentionDays: 7 + storageAutogrow: 'Enabled' + storageMB: 5120 + } + version: '9.5' } } diff --git a/settings/remarks/microsoft.dataprotection/samples/backupvaults/backuppolicies/main.bicep b/settings/remarks/microsoft.dataprotection/samples/backupvaults/backuppolicies/main.bicep index ffe77a45..d889aa29 100644 --- a/settings/remarks/microsoft.dataprotection/samples/backupvaults/backuppolicies/main.bicep +++ b/settings/remarks/microsoft.dataprotection/samples/backupvaults/backuppolicies/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource backupVault 'Microsoft.DataProtection/backupVaults@2022-04-01' = { name: resourceName @@ -24,6 +24,14 @@ resource backupPolicy 'Microsoft.DataProtection/backupVaults/backupPolicies@2022 objectType: 'BackupPolicy' policyRules: [ { + backupParameters: { + backupType: 'Full' + objectType: 'AzureBackupParams' + } + dataStore: { + dataStoreType: 'VaultStore' + objectType: 'DataStoreInfoBase' + } name: 'BackupIntervals' objectType: 'AzureBackupRule' trigger: { @@ -35,31 +43,23 @@ resource backupPolicy 'Microsoft.DataProtection/backupVaults/backupPolicies@2022 } taggingCriteria: [ { + isDefault: true tagInfo: { - tagName: 'Default' id: 'Default_' + tagName: 'Default' } taggingPriority: 99 - isDefault: true } ] } - backupParameters: { - backupType: 'Full' - objectType: 'AzureBackupParams' - } - dataStore: { - objectType: 'DataStoreInfoBase' - dataStoreType: 'VaultStore' - } } { isDefault: true lifecycles: [ { deleteAfter: { - objectType: 'AbsoluteDeleteOption' duration: 'P4M' + objectType: 'AbsoluteDeleteOption' } sourceDataStore: { dataStoreType: 'VaultStore' diff --git a/settings/remarks/microsoft.dbformariadb/samples/servers/configurations/main.bicep b/settings/remarks/microsoft.dbformariadb/samples/servers/configurations/main.bicep index 5116c198..84376c40 100644 --- a/settings/remarks/microsoft.dbformariadb/samples/servers/configurations/main.bicep +++ b/settings/remarks/microsoft.dbformariadb/samples/servers/configurations/main.bicep @@ -1,33 +1,33 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator login for the MariaDB server') param administratorLogin string @secure() @description('The administrator login password for the MariaDB server') param administratorLoginPassword string +param resourceName string = 'acctest0001' resource server 'Microsoft.DBforMariaDB/servers@2018-06-01' = { name: resourceName location: location sku: { - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' capacity: 2 family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' } properties: { + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword + createMode: 'Default' + minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' + sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 } - administratorLogin: '${administratorLogin}' - createMode: 'Default' - sslEnforcement: 'Enabled' version: '10.2' - administratorLoginPassword: '${administratorLoginPassword}' - minimalTlsVersion: 'TLS1_2' } } diff --git a/settings/remarks/microsoft.dbformariadb/samples/servers/databases/main.bicep b/settings/remarks/microsoft.dbformariadb/samples/servers/databases/main.bicep index a91bcacc..77d40666 100644 --- a/settings/remarks/microsoft.dbformariadb/samples/servers/databases/main.bicep +++ b/settings/remarks/microsoft.dbformariadb/samples/servers/databases/main.bicep @@ -10,24 +10,24 @@ resource server 'Microsoft.DBforMariaDB/servers@2018-06-01' = { name: resourceName location: location sku: { - tier: 'Basic' capacity: 2 family: 'Gen5' name: 'B_Gen5_2' + tier: 'Basic' } properties: { + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword + createMode: 'Default' + minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' sslEnforcement: 'Enabled' - administratorLogin: '${administratorLogin}' - administratorLoginPassword: '${administratorLoginPassword}' - minimalTlsVersion: 'TLS1_2' storageProfile: { + backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 - backupRetentionDays: 7 } version: '10.2' - createMode: 'Default' } } diff --git a/settings/remarks/microsoft.dbformariadb/samples/servers/firewallrules/main.bicep b/settings/remarks/microsoft.dbformariadb/samples/servers/firewallrules/main.bicep index 26b50fa7..f36ec6ae 100644 --- a/settings/remarks/microsoft.dbformariadb/samples/servers/firewallrules/main.bicep +++ b/settings/remarks/microsoft.dbformariadb/samples/servers/firewallrules/main.bicep @@ -10,24 +10,24 @@ resource server 'Microsoft.DBforMariaDB/servers@2018-06-01' = { name: resourceName location: location sku: { + capacity: 2 family: 'Gen5' name: 'GP_Gen5_2' tier: 'GeneralPurpose' - capacity: 2 } properties: { + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword + createMode: 'Default' + minimalTlsVersion: 'TLS1_2' + publicNetworkAccess: 'Enabled' + sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 } version: '10.2' - administratorLogin: '${administratorLogin}' - administratorLoginPassword: '${administratorLoginPassword}' - createMode: 'Default' - minimalTlsVersion: 'TLS1_2' - publicNetworkAccess: 'Enabled' - sslEnforcement: 'Enabled' } } @@ -35,7 +35,7 @@ resource firewallRule 'Microsoft.DBforMariaDB/servers/firewallRules@2018-06-01' name: resourceName parent: server properties: { - startIpAddress: '0.0.0.0' endIpAddress: '255.255.255.255' + startIpAddress: '0.0.0.0' } } diff --git a/settings/remarks/microsoft.dbformariadb/samples/servers/main.bicep b/settings/remarks/microsoft.dbformariadb/samples/servers/main.bicep index b321f3ab..2e274ef6 100644 --- a/settings/remarks/microsoft.dbformariadb/samples/servers/main.bicep +++ b/settings/remarks/microsoft.dbformariadb/samples/servers/main.bicep @@ -16,17 +16,17 @@ resource server 'Microsoft.DBforMariaDB/servers@2018-06-01' = { tier: 'GeneralPurpose' } properties: { + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword + createMode: 'Default' + minimalTlsVersion: 'TLS1_2' + publicNetworkAccess: 'Enabled' sslEnforcement: 'Enabled' storageProfile: { - storageMB: 51200 backupRetentionDays: 7 storageAutogrow: 'Enabled' + storageMB: 51200 } version: '10.2' - administratorLoginPassword: '${administratorLoginPassword}' - createMode: 'Default' - minimalTlsVersion: 'TLS1_2' - publicNetworkAccess: 'Enabled' - administratorLogin: '${administratorLogin}' } } diff --git a/settings/remarks/microsoft.dbformariadb/samples/servers/virtualnetworkrules/main.bicep b/settings/remarks/microsoft.dbformariadb/samples/servers/virtualnetworkrules/main.bicep index c476ec0d..9388f074 100644 --- a/settings/remarks/microsoft.dbformariadb/samples/servers/virtualnetworkrules/main.bicep +++ b/settings/remarks/microsoft.dbformariadb/samples/servers/virtualnetworkrules/main.bicep @@ -16,18 +16,18 @@ resource server 'Microsoft.DBforMariaDB/servers@2018-06-01' = { tier: 'GeneralPurpose' } properties: { + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword + createMode: 'Default' + minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' + sslEnforcement: 'Enabled' storageProfile: { + backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 - backupRetentionDays: 7 } - administratorLogin: '${administratorLogin}' - sslEnforcement: 'Enabled' version: '10.2' - administratorLoginPassword: '${administratorLoginPassword}' - createMode: 'Default' - minimalTlsVersion: 'TLS1_2' } } @@ -35,15 +35,15 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location properties: { - dhcpOptions: { - dnsServers: [] - } - subnets: [] addressSpace: { addressPrefixes: [ '10.7.29.0/29' ] } + dhcpOptions: { + dnsServers: [] + } + subnets: [] } } @@ -51,6 +51,9 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: resourceName parent: virtualNetwork properties: { + addressPrefix: '10.7.29.0/29' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] serviceEndpoints: [ @@ -58,9 +61,6 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { service: 'Microsoft.Sql' } ] - addressPrefix: '10.7.29.0/29' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' } } diff --git a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/administrators/main.bicep b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/administrators/main.bicep index 126cba40..ab9ba936 100644 --- a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/administrators/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/administrators/main.bicep @@ -1,22 +1,22 @@ +param resourceName string = 'acctest0001' param location string = 'westus' @secure() @description('The administrator login password for the MySQL flexible server') param administratorLoginPassword string -param resourceName string = 'acctest0001' resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2023-12-30' = { name: '${resourceName}-mysql' location: location sku: { - tier: 'Burstable' name: 'Standard_B1ms' + tier: 'Burstable' } properties: { administratorLogin: 'tfadmin' - administratorLoginPassword: '${administratorLoginPassword}' + administratorLoginPassword: administratorLoginPassword backup: { - geoRedundantBackup: 'Disabled' backupRetentionDays: 7 + geoRedundantBackup: 'Disabled' } dataEncryption: { type: 'SystemManaged' @@ -42,10 +42,10 @@ resource administrator 'Microsoft.DBforMySQL/flexibleServers/administrators@2023 name: 'ActiveDirectory' parent: flexibleServer properties: { - sid: deployer().objectId - tenantId: tenant().tenantId administratorType: 'ActiveDirectory' identityResourceId: userAssignedIdentity.id login: 'sqladmin' + sid: deployer().objectId + tenantId: tenant().tenantId } } diff --git a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/configurations/main.bicep b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/configurations/main.bicep index aa4e48a9..4f9691be 100644 --- a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/configurations/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/configurations/main.bicep @@ -12,12 +12,8 @@ resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2023-12-30' = { tier: 'Burstable' } properties: { - highAvailability: { - mode: 'Disabled' - } - version: '8.0.21' administratorLogin: 'tfadmin' - administratorLoginPassword: '${administratorLoginPassword}' + administratorLoginPassword: administratorLoginPassword backup: { backupRetentionDays: 7 geoRedundantBackup: 'Disabled' @@ -25,6 +21,10 @@ resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2023-12-30' = { dataEncryption: { type: 'SystemManaged' } + highAvailability: { + mode: 'Disabled' + } + version: '8.0.21' } } diff --git a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/databases/main.bicep b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/databases/main.bicep index bf312e7d..9c2208c8 100644 --- a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/databases/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/databases/main.bicep @@ -10,25 +10,25 @@ resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2021-05-01' = { name: resourceName location: location sku: { - tier: 'Burstable' name: 'Standard_B1s' + tier: 'Burstable' } properties: { - network: {} - version: '' - administratorLogin: '${administratorLogin}' - administratorLoginPassword: '${administratorLoginPassword}' - dataEncryption: { - type: 'SystemManaged' - } + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword backup: { backupRetentionDays: 7 geoRedundantBackup: 'Disabled' } createMode: '' + dataEncryption: { + type: 'SystemManaged' + } highAvailability: { mode: 'Disabled' } + network: {} + version: '' } } diff --git a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/firewallrules/main.bicep b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/firewallrules/main.bicep index 6e82710c..db98a22c 100644 --- a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/firewallrules/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/firewallrules/main.bicep @@ -1,8 +1,8 @@ +param resourceName string = 'acctest0001' +param location string = 'westeurope' @secure() @description('The administrator password for the MySQL flexible server') param mysqlAdministratorPassword string -param resourceName string = 'acctest0001' -param location string = 'westeurope' resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2021-05-01' = { name: resourceName @@ -13,19 +13,19 @@ resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2021-05-01' = { } properties: { administratorLogin: 'adminTerraform' - administratorLoginPassword: '${mysqlAdministratorPassword}' + administratorLoginPassword: mysqlAdministratorPassword backup: { backupRetentionDays: 7 geoRedundantBackup: 'Disabled' } createMode: '' + dataEncryption: { + type: 'SystemManaged' + } highAvailability: { mode: 'Disabled' } network: {} - dataEncryption: { - type: 'SystemManaged' - } version: '5.7' } } diff --git a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/main.bicep b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/main.bicep index 721d5ce5..8c9045fb 100644 --- a/settings/remarks/microsoft.dbformysql/samples/flexibleservers/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/flexibleservers/main.bicep @@ -1,10 +1,10 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator login name for the MySQL flexible server') param administratorLogin string @secure() @description('The administrator login password for the MySQL flexible server') param administratorLoginPassword string +param resourceName string = 'acctest0001' resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2021-05-01' = { name: resourceName @@ -14,12 +14,8 @@ resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2021-05-01' = { tier: 'Burstable' } properties: { - highAvailability: { - mode: 'Disabled' - } - network: {} - administratorLogin: '${administratorLogin}' - administratorLoginPassword: '${administratorLoginPassword}' + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword backup: { backupRetentionDays: 7 geoRedundantBackup: 'Disabled' @@ -28,5 +24,9 @@ resource flexibleServer 'Microsoft.DBforMySQL/flexibleServers@2021-05-01' = { dataEncryption: { type: 'SystemManaged' } + highAvailability: { + mode: 'Disabled' + } + network: {} } } diff --git a/settings/remarks/microsoft.dbformysql/samples/servers/administrators/main.bicep b/settings/remarks/microsoft.dbformysql/samples/servers/administrators/main.bicep index 2cbf148c..fc18bc6c 100644 --- a/settings/remarks/microsoft.dbformysql/samples/servers/administrators/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/servers/administrators/main.bicep @@ -1,10 +1,10 @@ -param resourceName string = 'acctest0001' -param location string = 'westeurope' @description('The administrator login for the MySQL server') param administratorLogin string @secure() @description('The administrator login password for the MySQL server') param administratorLoginPassword string +param resourceName string = 'acctest0001' +param location string = 'westeurope' param clientId string @@ -12,17 +12,18 @@ resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { name: resourceName location: location sku: { - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' capacity: 2 family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' } properties: { + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword createMode: 'Default' - publicNetworkAccess: 'Enabled' - administratorLoginPassword: '${administratorLoginPassword}' infrastructureEncryption: 'Disabled' minimalTlsVersion: 'TLS1_2' + publicNetworkAccess: 'Enabled' sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 @@ -30,7 +31,6 @@ resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { storageMB: 51200 } version: '5.7' - administratorLogin: '${administratorLogin}' } } diff --git a/settings/remarks/microsoft.dbformysql/samples/servers/configurations/main.bicep b/settings/remarks/microsoft.dbformysql/samples/servers/configurations/main.bicep index d20b66d9..5745c725 100644 --- a/settings/remarks/microsoft.dbformysql/samples/servers/configurations/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/servers/configurations/main.bicep @@ -1,10 +1,10 @@ +param location string = 'westeurope' +@description('The administrator login for the MySQL server') +param administratorLogin string @secure() @description('The administrator login password for the MySQL server') param administratorLoginPassword string param resourceName string = 'acctest0001' -param location string = 'westeurope' -@description('The administrator login for the MySQL server') -param administratorLogin string resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { name: resourceName @@ -16,12 +16,12 @@ resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { tier: 'GeneralPurpose' } properties: { - administratorLogin: '${administratorLogin}' + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword createMode: 'Default' infrastructureEncryption: 'Disabled' - publicNetworkAccess: 'Enabled' - administratorLoginPassword: '${administratorLoginPassword}' minimalTlsVersion: 'TLS1_2' + publicNetworkAccess: 'Enabled' sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 diff --git a/settings/remarks/microsoft.dbformysql/samples/servers/databases/main.bicep b/settings/remarks/microsoft.dbformysql/samples/servers/databases/main.bicep index 95992e8c..86e75853 100644 --- a/settings/remarks/microsoft.dbformysql/samples/servers/databases/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/servers/databases/main.bicep @@ -16,17 +16,17 @@ resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { tier: 'GeneralPurpose' } properties: { - administratorLogin: '${administratorLogin}' + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword + createMode: 'Default' infrastructureEncryption: 'Disabled' minimalTlsVersion: 'TLS1_1' + publicNetworkAccess: 'Enabled' sslEnforcement: 'Enabled' storageProfile: { storageAutogrow: 'Enabled' storageMB: 51200 } - administratorLoginPassword: '${administratorLoginPassword}' - createMode: 'Default' - publicNetworkAccess: 'Enabled' version: '5.7' } } diff --git a/settings/remarks/microsoft.dbformysql/samples/servers/firewallrules/main.bicep b/settings/remarks/microsoft.dbformysql/samples/servers/firewallrules/main.bicep index 2cd7423e..74468b49 100644 --- a/settings/remarks/microsoft.dbformysql/samples/servers/firewallrules/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/servers/firewallrules/main.bicep @@ -1,10 +1,10 @@ +param resourceName string = 'acctest0001' +param location string = 'westeurope' @description('The administrator login for the MySQL server') param administratorLogin string @secure() @description('The administrator login password for the MySQL server') param administratorLoginPassword string -param resourceName string = 'acctest0001' -param location string = 'westeurope' resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { name: resourceName @@ -16,19 +16,19 @@ resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { tier: 'GeneralPurpose' } properties: { + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword + createMode: 'Default' + infrastructureEncryption: 'Disabled' minimalTlsVersion: 'TLS1_2' + publicNetworkAccess: 'Enabled' + sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 } version: '5.7' - administratorLogin: '${administratorLogin}' - administratorLoginPassword: '${administratorLoginPassword}' - createMode: 'Default' - infrastructureEncryption: 'Disabled' - publicNetworkAccess: 'Enabled' - sslEnforcement: 'Enabled' } } diff --git a/settings/remarks/microsoft.dbformysql/samples/servers/main.bicep b/settings/remarks/microsoft.dbformysql/samples/servers/main.bicep index fbbdb4b3..04074cfb 100644 --- a/settings/remarks/microsoft.dbformysql/samples/servers/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/servers/main.bicep @@ -1,10 +1,10 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator login for the MySQL server') param administratorLogin string @secure() @description('The administrator login password for the MySQL server') param administratorLoginPassword string +param resourceName string = 'acctest0001' resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { name: resourceName @@ -16,9 +16,11 @@ resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { tier: 'GeneralPurpose' } properties: { - minimalTlsVersion: 'TLS1_1' - administratorLogin: '${administratorLogin}' + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword createMode: 'Default' + infrastructureEncryption: 'Disabled' + minimalTlsVersion: 'TLS1_1' publicNetworkAccess: 'Enabled' sslEnforcement: 'Enabled' storageProfile: { @@ -26,7 +28,5 @@ resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { storageMB: 51200 } version: '5.7' - administratorLoginPassword: '${administratorLoginPassword}' - infrastructureEncryption: 'Disabled' } } diff --git a/settings/remarks/microsoft.dbformysql/samples/servers/virtualnetworkrules/main.bicep b/settings/remarks/microsoft.dbformysql/samples/servers/virtualnetworkrules/main.bicep index 1c2002fc..2eb6dd7e 100644 --- a/settings/remarks/microsoft.dbformysql/samples/servers/virtualnetworkrules/main.bicep +++ b/settings/remarks/microsoft.dbformysql/samples/servers/virtualnetworkrules/main.bicep @@ -1,10 +1,36 @@ +param resourceName string = 'acctest0001' +param location string = 'westeurope' @description('The administrator login name for the MySQL server') param administratorLogin string @secure() @description('The administrator login password for the MySQL server') param administratorLoginPassword string -param resourceName string = 'acctest0001' -param location string = 'westeurope' + +resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { + name: resourceName + location: location + sku: { + capacity: 2 + family: 'Gen5' + name: 'GP_Gen5_2' + tier: 'GeneralPurpose' + } + properties: { + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword + createMode: 'Default' + infrastructureEncryption: 'Disabled' + minimalTlsVersion: 'TLS1_2' + publicNetworkAccess: 'Enabled' + sslEnforcement: 'Enabled' + storageProfile: { + backupRetentionDays: 7 + storageAutogrow: 'Enabled' + storageMB: 51200 + } + version: '5.7' + } +} resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName @@ -39,37 +65,11 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { } } -resource server 'Microsoft.DBforMySQL/servers@2017-12-01' = { - name: resourceName - location: location - sku: { - capacity: 2 - family: 'Gen5' - name: 'GP_Gen5_2' - tier: 'GeneralPurpose' - } - properties: { - administratorLogin: '${administratorLogin}' - createMode: 'Default' - minimalTlsVersion: 'TLS1_2' - version: '5.7' - administratorLoginPassword: '${administratorLoginPassword}' - infrastructureEncryption: 'Disabled' - publicNetworkAccess: 'Enabled' - sslEnforcement: 'Enabled' - storageProfile: { - storageAutogrow: 'Enabled' - storageMB: 51200 - backupRetentionDays: 7 - } - } -} - resource virtualNetworkRule 'Microsoft.DBforMySQL/servers/virtualNetworkRules@2017-12-01' = { name: resourceName parent: server properties: { - virtualNetworkSubnetId: subnet.id ignoreMissingVnetServiceEndpoint: false + virtualNetworkSubnetId: subnet.id } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/administrators/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/administrators/main.bicep index bb884ccf..427cb8d9 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/administrators/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/administrators/main.bicep @@ -22,7 +22,6 @@ resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' = tenantId: tenant().tenantId } availabilityZone: '2' - version: '12' backup: { geoRedundantBackup: 'Disabled' } @@ -33,6 +32,7 @@ resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' = storage: { storageSizeGB: 32 } + version: '12' } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/configurations/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/configurations/main.bicep index 34300ab8..effb3bde 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/configurations/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/configurations/main.bicep @@ -1,8 +1,8 @@ +param resourceName string = 'acctest0001' +param location string = 'eastus' @secure() @description('The administrator password for the PostgreSQL flexible server') param postgresqlAdministratorPassword string -param resourceName string = 'acctest0001' -param location string = 'eastus' resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2023-06-01-preview' = { name: resourceName @@ -12,10 +12,9 @@ resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2023-06-01-pr tier: 'GeneralPurpose' } properties: { - administratorLoginPassword: '${postgresqlAdministratorPassword}' - availabilityZone: '2' - version: '12' administratorLogin: 'adminTerraform' + administratorLoginPassword: postgresqlAdministratorPassword + availabilityZone: '2' backup: { geoRedundantBackup: 'Disabled' } @@ -26,9 +25,9 @@ resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2023-06-01-pr storage: { storageSizeGB: 32 } + version: '12' } identity: { - userAssignedIdentities: null type: 'None' } } @@ -49,7 +48,7 @@ resource pgbouncerDefaultPoolSize 'Microsoft.DBforPostgreSQL/flexibleServers/con pgbouncerEnabled ] properties: { - value: '40' source: 'user-override' + value: '40' } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/databases/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/databases/main.bicep index 9cf5f3c4..8daabf78 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/databases/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/databases/main.bicep @@ -1,8 +1,8 @@ -param resourceName string = 'acctest0001' -param location string = 'westeurope' @secure() @description('The administrator password for the PostgreSQL flexible server') param postgresqlAdministratorPassword string +param resourceName string = 'acctest0001' +param location string = 'westeurope' resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' = { name: resourceName @@ -12,20 +12,20 @@ resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' = tier: 'GeneralPurpose' } properties: { + administratorLogin: 'adminTerraform' + administratorLoginPassword: postgresqlAdministratorPassword + availabilityZone: '2' backup: { geoRedundantBackup: 'Disabled' } - network: {} - version: '12' - administratorLoginPassword: '${postgresqlAdministratorPassword}' highAvailability: { mode: 'Disabled' } + network: {} storage: { storageSizeGB: 32 } - administratorLogin: 'adminTerraform' - availabilityZone: '2' + version: '12' } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/firewallrules/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/firewallrules/main.bicep index eba0bcb4..26ae197c 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/firewallrules/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/firewallrules/main.bicep @@ -1,8 +1,8 @@ +param resourceName string = 'acctest0001' +param location string = 'westeurope' @secure() @description('The administrator password for the PostgreSQL flexible server') param postgresqlAdministratorPassword string -param resourceName string = 'acctest0001' -param location string = 'westeurope' resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' = { name: resourceName @@ -12,20 +12,20 @@ resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' = tier: 'GeneralPurpose' } properties: { - administratorLoginPassword: '${postgresqlAdministratorPassword}' - availabilityZone: '2' - highAvailability: { - mode: 'Disabled' - } - version: '12' administratorLogin: 'adminTerraform' + administratorLoginPassword: postgresqlAdministratorPassword + availabilityZone: '2' backup: { geoRedundantBackup: 'Disabled' } + highAvailability: { + mode: 'Disabled' + } network: {} storage: { storageSizeGB: 32 } + version: '12' } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/main.bicep index 37112ae4..065ad921 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/main.bicep @@ -1,10 +1,10 @@ -param resourceName string = 'acctest0001' param location string = 'eastus' @description('The administrator login name for the PostgreSQL flexible server') param administratorLogin string @secure() @description('The administrator login password for the PostgreSQL flexible server') param administratorLoginPassword string +param resourceName string = 'acctest0001' resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2023-06-01-preview' = { name: resourceName @@ -14,7 +14,8 @@ resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2023-06-01-pr tier: 'GeneralPurpose' } properties: { - administratorLoginPassword: '${administratorLoginPassword}' + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword availabilityZone: '2' backup: { geoRedundantBackup: 'Disabled' @@ -27,10 +28,8 @@ resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2023-06-01-pr storageSizeGB: 32 } version: '12' - administratorLogin: '${administratorLogin}' } identity: { type: 'None' - userAssignedIdentities: null } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/virtualendpoints/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/virtualendpoints/main.bicep index aa04d932..a81cf2e6 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/virtualendpoints/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/flexibleservers/virtualendpoints/main.bicep @@ -1,8 +1,8 @@ +param resourceName string = 'acctest0001' param location string = 'westus' @secure() @description('The administrator login password for the PostgreSQL flexible server') param administratorLoginPassword string -param resourceName string = 'acctest0001' resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2024-08-01' = { name: '${resourceName}-primary' @@ -12,18 +12,18 @@ resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2024-08-01' = tier: 'GeneralPurpose' } properties: { - administratorLoginPassword: '${administratorLoginPassword}' + administratorLogin: 'psqladmin' + administratorLoginPassword: administratorLoginPassword + availabilityZone: '1' + backup: { + geoRedundantBackup: 'Disabled' + } highAvailability: { mode: 'Disabled' } network: { publicNetworkAccess: 'Disabled' } - administratorLogin: 'psqladmin' - availabilityZone: '1' - backup: { - geoRedundantBackup: 'Disabled' - } storage: { autoGrow: 'Disabled' storageSizeGB: 32 @@ -33,11 +33,25 @@ resource flexibleServer 'Microsoft.DBforPostgreSQL/flexibleServers@2024-08-01' = } } +resource virtualEndpoint 'Microsoft.DBforPostgreSQL/flexibleServers/virtualEndpoints@2024-08-01' = { + name: resourceName + parent: flexibleServer + properties: { + endpointType: 'ReadWrite' + members: [ + flexibleserver1.name + ] + } +} + resource flexibleserver1 'Microsoft.DBforPostgreSQL/flexibleServers@2024-08-01' = { name: '${resourceName}-replica' location: location properties: { availabilityZone: '1' + backup: { + geoRedundantBackup: 'Disabled' + } createMode: 'Replica' highAvailability: { mode: 'Disabled' @@ -45,26 +59,12 @@ resource flexibleserver1 'Microsoft.DBforPostgreSQL/flexibleServers@2024-08-01' network: { publicNetworkAccess: 'Disabled' } + sourceServerResourceId: flexibleServer.id storage: { + autoGrow: 'Disabled' storageSizeGB: 32 tier: 'P30' - autoGrow: 'Disabled' } version: '16' - backup: { - geoRedundantBackup: 'Disabled' - } - sourceServerResourceId: flexibleServer.id - } -} - -resource virtualEndpoint 'Microsoft.DBforPostgreSQL/flexibleServers/virtualEndpoints@2024-08-01' = { - name: resourceName - parent: flexibleServer - properties: { - endpointType: 'ReadWrite' - members: [ - flexibleserver1.name - ] } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/servergroupsv2/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/servergroupsv2/main.bicep index 0283e193..f8c8d7bd 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/servergroupsv2/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/servergroupsv2/main.bicep @@ -1,13 +1,14 @@ +param resourceName string = 'acctest0001' +param location string = 'westeurope' @secure() @description('The administrator login password for the PostgreSQL server group') param administratorLoginPassword string -param resourceName string = 'acctest0001' -param location string = 'westeurope' resource serverGroupsv2 'Microsoft.DBforPostgreSQL/serverGroupsv2@2022-11-08' = { name: resourceName location: location properties: { + administratorLoginPassword: administratorLoginPassword coordinatorEnablePublicIpAccess: true coordinatorServerEdition: 'GeneralPurpose' coordinatorStorageQuotaInMb: 131072 @@ -16,6 +17,5 @@ resource serverGroupsv2 'Microsoft.DBforPostgreSQL/serverGroupsv2@2022-11-08' = nodeCount: 0 nodeEnablePublicIpAccess: false nodeServerEdition: 'MemoryOptimized' - administratorLoginPassword: '${administratorLoginPassword}' } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/servers/administrators/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/servers/administrators/main.bicep index 2529e019..1603a3c2 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/servers/administrators/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/servers/administrators/main.bicep @@ -1,4 +1,3 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator login name for the PostgreSQL server') param administratorLogin string @@ -7,6 +6,7 @@ param administratorLogin string param administratorLoginPassword string @description('The administrator login name for the PostgreSQL server admin') param adminLogin string +param resourceName string = 'acctest0001' param clientId string @@ -20,19 +20,19 @@ resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { tier: 'GeneralPurpose' } properties: { - administratorLogin: '${administratorLogin}' - administratorLoginPassword: '${administratorLoginPassword}' + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword createMode: 'Default' + infrastructureEncryption: 'Disabled' minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' sslEnforcement: 'Enabled' storageProfile: { + backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 - backupRetentionDays: 7 } version: '9.6' - infrastructureEncryption: 'Disabled' } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/servers/configurations/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/servers/configurations/main.bicep index 3f7edd11..0aceb79e 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/servers/configurations/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/servers/configurations/main.bicep @@ -1,10 +1,10 @@ +param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator login for the PostgreSQL server') param administratorLogin string @secure() @description('The administrator login password for the PostgreSQL server') param administratorLoginPassword string -param resourceName string = 'acctest0001' resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { name: resourceName @@ -16,18 +16,18 @@ resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { tier: 'GeneralPurpose' } properties: { - administratorLoginPassword: '${administratorLoginPassword}' + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword + createMode: 'Default' infrastructureEncryption: 'Disabled' minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' + sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 } - administratorLogin: '${administratorLogin}' - createMode: 'Default' - sslEnforcement: 'Enabled' version: '9.6' } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/servers/databases/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/servers/databases/main.bicep index f7c08349..069a00e3 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/servers/databases/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/servers/databases/main.bicep @@ -1,10 +1,10 @@ -@secure() -@description('The administrator login password for the PostgreSQL server') -param administratorLoginPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator login for the PostgreSQL server') param administratorLogin string +@secure() +@description('The administrator login password for the PostgreSQL server') +param administratorLoginPassword string resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { name: resourceName @@ -16,18 +16,18 @@ resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { tier: 'GeneralPurpose' } properties: { + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword + createMode: 'Default' infrastructureEncryption: 'Disabled' + minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' + sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 } - administratorLogin: '${administratorLogin}' - administratorLoginPassword: '${administratorLoginPassword}' - createMode: 'Default' - minimalTlsVersion: 'TLS1_2' - sslEnforcement: 'Enabled' version: '9.6' } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/servers/firewallrules/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/servers/firewallrules/main.bicep index d413fc39..7665a393 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/servers/firewallrules/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/servers/firewallrules/main.bicep @@ -1,10 +1,10 @@ -@secure() -@description('The administrator login password for the PostgreSQL server') -param administratorLoginPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator login for the PostgreSQL server') param administratorLogin string +@secure() +@description('The administrator login password for the PostgreSQL server') +param administratorLoginPassword string resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { name: resourceName @@ -16,19 +16,19 @@ resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { tier: 'GeneralPurpose' } properties: { - administratorLogin: '${administratorLogin}' - administratorLoginPassword: '${administratorLoginPassword}' + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword createMode: 'Default' + infrastructureEncryption: 'Disabled' minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' + sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 } version: '9.6' - infrastructureEncryption: 'Disabled' - sslEnforcement: 'Enabled' } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/servers/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/servers/main.bicep index 64a4cc89..b2d4690a 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/servers/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/servers/main.bicep @@ -1,33 +1,33 @@ -param location string = 'westeurope' -@description('The administrator login name for the PostgreSQL server') -param administratorLogin string @secure() @description('The administrator login password for the PostgreSQL server') param administratorLoginPassword string param resourceName string = 'acctest0001' +param location string = 'westeurope' +@description('The administrator login name for the PostgreSQL server') +param administratorLogin string resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { name: resourceName location: location sku: { + capacity: 2 family: 'Gen5' name: 'GP_Gen5_2' tier: 'GeneralPurpose' - capacity: 2 } properties: { - minimalTlsVersion: 'TLS1_2' - sslEnforcement: 'Enabled' - administratorLoginPassword: '${administratorLoginPassword}' + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword createMode: 'Default' + infrastructureEncryption: 'Disabled' + minimalTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' + sslEnforcement: 'Enabled' storageProfile: { backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 } version: '9.5' - administratorLogin: '${administratorLogin}' - infrastructureEncryption: 'Disabled' } } diff --git a/settings/remarks/microsoft.dbforpostgresql/samples/servers/virtualnetworkrules/main.bicep b/settings/remarks/microsoft.dbforpostgresql/samples/servers/virtualnetworkrules/main.bicep index cc149b88..b3f87893 100644 --- a/settings/remarks/microsoft.dbforpostgresql/samples/servers/virtualnetworkrules/main.bicep +++ b/settings/remarks/microsoft.dbforpostgresql/samples/servers/virtualnetworkrules/main.bicep @@ -1,24 +1,24 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator login for the PostgreSQL server') param administratorLogin string @secure() @description('The administrator login password for the PostgreSQL server') param administratorLoginPassword string +param resourceName string = 'acctest0001' resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location properties: { - dhcpOptions: { - dnsServers: [] - } - subnets: [] addressSpace: { addressPrefixes: [ '10.7.29.0/29' ] } + dhcpOptions: { + dnsServers: [] + } + subnets: [] } } @@ -26,6 +26,8 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: resourceName parent: virtualNetwork properties: { + addressPrefix: '10.7.29.0/29' + delegations: [] privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] @@ -34,8 +36,6 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { service: 'Microsoft.Sql' } ] - addressPrefix: '10.7.29.0/29' - delegations: [] } } @@ -49,19 +49,19 @@ resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' = { tier: 'GeneralPurpose' } properties: { - publicNetworkAccess: 'Enabled' + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword createMode: 'Default' + infrastructureEncryption: 'Disabled' minimalTlsVersion: 'TLS1_2' + publicNetworkAccess: 'Enabled' sslEnforcement: 'Enabled' storageProfile: { + backupRetentionDays: 7 storageAutogrow: 'Enabled' storageMB: 51200 - backupRetentionDays: 7 } version: '9.5' - administratorLogin: '${administratorLogin}' - administratorLoginPassword: '${administratorLoginPassword}' - infrastructureEncryption: 'Disabled' } } diff --git a/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/applications/main.bicep b/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/applications/main.bicep index f6a2fd67..a336c1fd 100644 --- a/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/applications/main.bicep +++ b/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/applications/main.bicep @@ -6,17 +6,7 @@ resource applicationGroup 'Microsoft.DesktopVirtualization/applicationGroups@202 location: location properties: { applicationGroupType: 'RemoteApp' - } -} - -resource application 'Microsoft.DesktopVirtualization/applicationGroups/applications@2023-09-05' = { - name: resourceName - location: location - parent: applicationGroup - properties: { - commandLineSetting: 'DoNotAllow' - filePath: 'C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe' - showInPortal: false + hostPoolArmPath: hostPool.id } } @@ -24,12 +14,23 @@ resource hostPool 'Microsoft.DesktopVirtualization/hostPools@2023-09-05' = { name: resourceName location: location properties: { - startVMOnConnect: false - validationEnvironment: false hostPoolType: 'Pooled' loadBalancerType: 'BreadthFirst' maxSessionLimit: 999999 preferredAppGroupType: 'Desktop' publicNetworkAccess: 'Enabled' + startVMOnConnect: false + validationEnvironment: false + } +} + +resource application 'Microsoft.DesktopVirtualization/applicationGroups/applications@2023-09-05' = { + name: resourceName + location: location + parent: applicationGroup + properties: { + commandLineSetting: 'DoNotAllow' + filePath: 'C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe' + showInPortal: false } } diff --git a/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/main.bicep b/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/main.bicep index a402031e..75e4a4c3 100644 --- a/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/main.bicep +++ b/settings/remarks/microsoft.desktopvirtualization/samples/applicationgroups/main.bicep @@ -8,6 +8,7 @@ resource applicationGroup 'Microsoft.DesktopVirtualization/applicationGroups@202 applicationGroupType: 'Desktop' description: '' friendlyName: '' + hostPoolArmPath: hostPool.id } } @@ -15,17 +16,17 @@ resource hostPool 'Microsoft.DesktopVirtualization/hostPools@2024-04-03' = { name: '${resourceName}-hp' location: location properties: { + customRdpProperty: '' + description: '' friendlyName: '' hostPoolType: 'Pooled' loadBalancerType: 'BreadthFirst' maxSessionLimit: 999999 personalDesktopAssignmentType: '' preferredAppGroupType: 'Desktop' + publicNetworkAccess: 'Enabled' startVMOnConnect: false validationEnvironment: false - customRdpProperty: '' - description: '' - publicNetworkAccess: 'Enabled' vmTemplate: '' } } diff --git a/settings/remarks/microsoft.devcenter/samples/devcenters/attachednetworks/main.bicep b/settings/remarks/microsoft.devcenter/samples/devcenters/attachednetworks/main.bicep index b6b30cb3..f7e5177f 100644 --- a/settings/remarks/microsoft.devcenter/samples/devcenters/attachednetworks/main.bicep +++ b/settings/remarks/microsoft.devcenter/samples/devcenters/attachednetworks/main.bicep @@ -18,7 +18,6 @@ resource devCenter 'Microsoft.DevCenter/devcenters@2023-04-01' = { location: location identity: { type: 'SystemAssigned' - userAssignedIdentities: null } } @@ -42,5 +41,6 @@ resource networkConnection 'Microsoft.DevCenter/networkConnections@2023-04-01' = name: resourceName properties: { domainJoinType: 'AzureADJoin' + subnetId: subnet.id } } diff --git a/settings/remarks/microsoft.devcenter/samples/devcenters/devboxdefinitions/main.bicep b/settings/remarks/microsoft.devcenter/samples/devcenters/devboxdefinitions/main.bicep index f8ef3cd2..a9370b0f 100644 --- a/settings/remarks/microsoft.devcenter/samples/devcenters/devboxdefinitions/main.bicep +++ b/settings/remarks/microsoft.devcenter/samples/devcenters/devboxdefinitions/main.bicep @@ -1,12 +1,11 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource devCenter 'Microsoft.DevCenter/devcenters@2023-04-01' = { name: resourceName location: location identity: { type: 'SystemAssigned' - userAssignedIdentities: null } } diff --git a/settings/remarks/microsoft.devcenter/samples/devcenters/main.bicep b/settings/remarks/microsoft.devcenter/samples/devcenters/main.bicep index 145349a9..9ae6d9d5 100644 --- a/settings/remarks/microsoft.devcenter/samples/devcenters/main.bicep +++ b/settings/remarks/microsoft.devcenter/samples/devcenters/main.bicep @@ -1,12 +1,12 @@ -param resourceName string = 'acctest0001' param location string = 'eastus' +param resourceName string = 'acctest0001' -resource userAssignedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = { - name: '${resourceName}-uai' +resource devCenter 'Microsoft.DevCenter/devCenters@2025-02-01' = { + name: resourceName location: location } -resource devCenter 'Microsoft.DevCenter/devCenters@2025-02-01' = { - name: resourceName +resource userAssignedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = { + name: '${resourceName}-uai' location: location } diff --git a/settings/remarks/microsoft.devcenter/samples/networkconnections/main.bicep b/settings/remarks/microsoft.devcenter/samples/networkconnections/main.bicep index 6fd54a6c..e7d7c676 100644 --- a/settings/remarks/microsoft.devcenter/samples/networkconnections/main.bicep +++ b/settings/remarks/microsoft.devcenter/samples/networkconnections/main.bicep @@ -6,6 +6,7 @@ resource networkConnection 'Microsoft.DevCenter/networkConnections@2023-04-01' = location: location properties: { domainJoinType: 'AzureADJoin' + subnetId: subnet.id } } diff --git a/settings/remarks/microsoft.devcenter/samples/projects/environmenttypes/main.bicep b/settings/remarks/microsoft.devcenter/samples/projects/environmenttypes/main.bicep index 7296c867..f49f6f04 100644 --- a/settings/remarks/microsoft.devcenter/samples/projects/environmenttypes/main.bicep +++ b/settings/remarks/microsoft.devcenter/samples/projects/environmenttypes/main.bicep @@ -1,27 +1,16 @@ param resourceName string param location string -resource devCenter 'Microsoft.DevCenter/devCenters@2025-02-01' = { - name: resourceName - location: location - properties: {} -} - resource project 'Microsoft.DevCenter/projects@2025-02-01' = { name: '${resourceName}-proj' location: location properties: { + description: '' devCenterId: devCenter.id maxDevBoxesPerUser: 0 - description: '' } } -resource environmentType 'Microsoft.DevCenter/devCenters/environmentTypes@2025-02-01' = { - name: '${resourceName}-envtype' - parent: devCenter -} - resource environmenttype1 'Microsoft.DevCenter/projects/environmentTypes@2025-02-01' = { name: 'azapi_resource.environmentType.name' parent: project @@ -30,3 +19,14 @@ resource environmenttype1 'Microsoft.DevCenter/projects/environmentTypes@2025-02 status: 'Enabled' } } + +resource devCenter 'Microsoft.DevCenter/devCenters@2025-02-01' = { + name: resourceName + location: location + properties: {} +} + +resource environmentType 'Microsoft.DevCenter/devCenters/environmentTypes@2025-02-01' = { + name: '${resourceName}-envtype' + parent: devCenter +} diff --git a/settings/remarks/microsoft.devcenter/samples/projects/main.bicep b/settings/remarks/microsoft.devcenter/samples/projects/main.bicep index b9f60cb0..53ecbc92 100644 --- a/settings/remarks/microsoft.devcenter/samples/projects/main.bicep +++ b/settings/remarks/microsoft.devcenter/samples/projects/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westus' param resourceName string = 'acctest0001' +param location string = 'westus' resource devCenter 'Microsoft.DevCenter/devCenters@2025-02-01' = { name: resourceName diff --git a/settings/remarks/microsoft.devices/samples/iothubs/certificates/main.bicep b/settings/remarks/microsoft.devices/samples/iothubs/certificates/main.bicep index 3246a71a..050cebd0 100644 --- a/settings/remarks/microsoft.devices/samples/iothubs/certificates/main.bicep +++ b/settings/remarks/microsoft.devices/samples/iothubs/certificates/main.bicep @@ -1,8 +1,8 @@ +param resourceName string = 'acctest0001' param location string = 'westeurope' @secure() @description('The Base64 encoded certificate content for the IoT Hub') param certificateContent string -param resourceName string = 'acctest0001' resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { name: resourceName @@ -12,7 +12,6 @@ resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { name: 'B1' } properties: { - storageEndpoints: {} cloudToDevice: {} enableFileUploadNotifications: false messagingEndpoints: {} @@ -26,6 +25,7 @@ resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { source: 'DeviceMessages' } } + storageEndpoints: {} } } @@ -33,7 +33,7 @@ resource certificate 'Microsoft.Devices/IotHubs/certificates@2022-04-30-preview' name: resourceName parent: iotHub properties: { - certificate: '${certificateContent}' + certificate: certificateContent isVerified: false } } diff --git a/settings/remarks/microsoft.deviceupdate/samples/accounts/instances/main.bicep b/settings/remarks/microsoft.deviceupdate/samples/accounts/instances/main.bicep index 21270127..1988e77c 100644 --- a/settings/remarks/microsoft.deviceupdate/samples/accounts/instances/main.bicep +++ b/settings/remarks/microsoft.deviceupdate/samples/accounts/instances/main.bicep @@ -1,29 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' - -resource account 'Microsoft.DeviceUpdate/accounts@2022-10-01' = { - name: resourceName - location: location - properties: { - publicNetworkAccess: 'Enabled' - sku: 'Standard' - } -} - -resource instance 'Microsoft.DeviceUpdate/accounts/instances@2022-10-01' = { - name: resourceName - location: location - parent: account - properties: { - accountName: account.name - enableDiagnostics: false - iotHubs: [ - { - resourceId: iotHub.id - } - ] - } -} +param location string = 'westeurope' resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { name: resourceName @@ -33,7 +9,6 @@ resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { name: 'S1' } properties: { - storageEndpoints: {} cloudToDevice: {} enableFileUploadNotifications: false messagingEndpoints: {} @@ -47,5 +22,30 @@ resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { source: 'DeviceMessages' } } + storageEndpoints: {} + } +} + +resource account 'Microsoft.DeviceUpdate/accounts@2022-10-01' = { + name: resourceName + location: location + properties: { + publicNetworkAccess: 'Enabled' + sku: 'Standard' + } +} + +resource instance 'Microsoft.DeviceUpdate/accounts/instances@2022-10-01' = { + name: resourceName + location: location + parent: account + properties: { + accountName: account.name + enableDiagnostics: false + iotHubs: [ + { + resourceId: iotHub.id + } + ] } } diff --git a/settings/remarks/microsoft.devtestlab/samples/labs/policysets/policies/main.bicep b/settings/remarks/microsoft.devtestlab/samples/labs/policysets/policies/main.bicep index d2b25310..2f549301 100644 --- a/settings/remarks/microsoft.devtestlab/samples/labs/policysets/policies/main.bicep +++ b/settings/remarks/microsoft.devtestlab/samples/labs/policysets/policies/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westus' +param resourceName string = 'acctest0001' resource lab 'Microsoft.DevTestLab/labs@2018-09-15' = { name: resourceName @@ -7,7 +7,8 @@ resource lab 'Microsoft.DevTestLab/labs@2018-09-15' = { } resource policy 'Microsoft.DevTestLab/labs/policySets/policies@2018-09-15' = { - name: 'policySets/default/LabVmCount' + name: 'LabVmCount' + parent: policySet properties: { description: '' evaluatorType: 'MaxValuePolicy' @@ -16,3 +17,8 @@ resource policy 'Microsoft.DevTestLab/labs/policySets/policies@2018-09-15' = { threshold: '999' } } + +resource policySet 'Microsoft.DevTestLab/labs/policySets@2018-09-15' existing = { + name: 'default' + parent: lab +} diff --git a/settings/remarks/microsoft.devtestlab/samples/labs/schedules/main.bicep b/settings/remarks/microsoft.devtestlab/samples/labs/schedules/main.bicep index dbaa851d..7c56340b 100644 --- a/settings/remarks/microsoft.devtestlab/samples/labs/schedules/main.bicep +++ b/settings/remarks/microsoft.devtestlab/samples/labs/schedules/main.bicep @@ -14,7 +14,6 @@ resource schedule 'Microsoft.DevTestLab/labs/schedules@2018-09-15' = { location: location parent: lab properties: { - timeZoneId: 'India Standard Time' dailyRecurrence: { time: '0100' } @@ -25,6 +24,7 @@ resource schedule 'Microsoft.DevTestLab/labs/schedules@2018-09-15' = { } status: 'Disabled' taskType: 'LabVmsShutdownTask' + timeZoneId: 'India Standard Time' } tags: { environment: 'Production' diff --git a/settings/remarks/microsoft.devtestlab/samples/labs/virtualmachines/main.bicep b/settings/remarks/microsoft.devtestlab/samples/labs/virtualmachines/main.bicep index d32d7be7..bc6155e6 100644 --- a/settings/remarks/microsoft.devtestlab/samples/labs/virtualmachines/main.bicep +++ b/settings/remarks/microsoft.devtestlab/samples/labs/virtualmachines/main.bicep @@ -12,11 +12,33 @@ resource lab 'Microsoft.DevTestLab/labs@2018-09-15' = { } } +resource virtualNetwork 'Microsoft.DevTestLab/labs/virtualNetworks@2018-09-15' = { + name: resourceName + parent: lab + properties: { + description: '' + subnetOverrides: [ + { + labSubnetName: '${resourceName}Subnet' + resourceId: resourceId( + 'Microsoft.Network/virtualNetworks/subnets', + resourceGroup().name, + resourceName, + '${resourceName}Subnet' + ) + useInVmCreationPermission: 'Allow' + usePublicIpAddressPermission: 'Allow' + } + ] + } +} + resource virtualMachine 'Microsoft.DevTestLab/labs/virtualMachines@2018-09-15' = { name: resourceName location: location parent: lab properties: { + allowClaim: true disallowPublicIpAddress: false galleryImageReference: { offer: 'WindowsServer' @@ -25,36 +47,15 @@ resource virtualMachine 'Microsoft.DevTestLab/labs/virtualMachines@2018-09-15' = sku: '2012-Datacenter' version: 'latest' } + isAuthenticationWithSshKey: false + labSubnetName: '${resourceName}Subnet' + labVirtualNetworkId: virtualNetwork.id networkInterface: {} + notes: '' osType: 'Windows' password: vmPassword size: 'Standard_F2' - allowClaim: true - isAuthenticationWithSshKey: false - labSubnetName: '${resourceName}Subnet' - notes: '' storageType: 'Standard' userName: 'acct5stU5er' } } - -resource virtualNetwork 'Microsoft.DevTestLab/labs/virtualNetworks@2018-09-15' = { - name: resourceName - parent: lab - properties: { - description: '' - subnetOverrides: [ - { - labSubnetName: '${resourceName}Subnet' - resourceId: resourceId( - 'Microsoft.Network/virtualNetworks/subnets', - resourceGroup().name, - resourceName, - '${resourceName}Subnet' - ) - useInVmCreationPermission: 'Allow' - usePublicIpAddressPermission: 'Allow' - } - ] - } -} diff --git a/settings/remarks/microsoft.devtestlab/samples/labs/virtualnetworks/main.bicep b/settings/remarks/microsoft.devtestlab/samples/labs/virtualnetworks/main.bicep index 25065ec0..9f6d7df2 100644 --- a/settings/remarks/microsoft.devtestlab/samples/labs/virtualnetworks/main.bicep +++ b/settings/remarks/microsoft.devtestlab/samples/labs/virtualnetworks/main.bicep @@ -16,8 +16,6 @@ resource virtualNetwork 'Microsoft.DevTestLab/labs/virtualNetworks@2018-09-15' = description: '' subnetOverrides: [ { - useInVmCreationPermission: 'Allow' - usePublicIpAddressPermission: 'Allow' labSubnetName: '${resourceName}Subnet' resourceId: resourceId( 'Microsoft.Network/virtualNetworks/subnets', @@ -25,6 +23,8 @@ resource virtualNetwork 'Microsoft.DevTestLab/labs/virtualNetworks@2018-09-15' = resourceName, '${resourceName}Subnet' ) + useInVmCreationPermission: 'Allow' + usePublicIpAddressPermission: 'Allow' } ] } diff --git a/settings/remarks/microsoft.devtestlab/samples/schedules/main.bicep b/settings/remarks/microsoft.devtestlab/samples/schedules/main.bicep index 669e94ee..d5271a3c 100644 --- a/settings/remarks/microsoft.devtestlab/samples/schedules/main.bicep +++ b/settings/remarks/microsoft.devtestlab/samples/schedules/main.bicep @@ -4,33 +4,10 @@ param location string = 'westeurope' @description('The administrator password for the virtual machine') param adminPassword string -resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { - name: resourceName - location: location - properties: { - enableAcceleratedNetworking: false - enableIPForwarding: false - ipConfigurations: [ - { - name: 'testconfiguration1' - properties: { - primary: true - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - subnet: {} - } - } - ] - } -} - resource schedule 'Microsoft.DevTestLab/schedules@2018-09-15' = { name: resourceName location: location properties: { - status: 'Enabled' - taskType: 'ComputeVmShutdownTask' - timeZoneId: 'Pacific Standard Time' dailyRecurrence: { time: '0100' } @@ -40,6 +17,10 @@ resource schedule 'Microsoft.DevTestLab/schedules@2018-09-15' = { timeInMinutes: 30 webhookUrl: '' } + status: 'Enabled' + targetResourceId: virtualMachine.id + taskType: 'ComputeVmShutdownTask' + timeZoneId: 'Pacific Standard Time' } tags: { environment: 'Production' @@ -51,27 +32,6 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { location: location properties: { additionalCapabilities: {} - extensionsTimeBudget: 'PT1H30M' - priority: 'Regular' - storageProfile: { - imageReference: { - sku: '18.04-LTS' - version: 'latest' - offer: 'UbuntuServer' - publisher: 'Canonical' - } - osDisk: { - caching: 'ReadWrite' - createOption: 'FromImage' - managedDisk: { - storageAccountType: 'Standard_LRS' - } - name: 'myosdisk-230630033106863551' - osType: 'Linux' - writeAcceleratorEnabled: false - } - dataDisks: [] - } applicationProfile: { galleryApplications: [] } @@ -81,6 +41,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { storageUri: '' } } + extensionsTimeBudget: 'PT1H30M' hardwareProfile: { vmSize: 'Standard_B2s' } @@ -95,10 +56,12 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { ] } osProfile: { + adminPassword: adminPassword adminUsername: 'testadmin' allowExtensionOperations: true computerName: resourceName linuxConfiguration: { + disablePasswordAuthentication: false patchSettings: { assessmentMode: 'ImageDefault' patchMode: 'ImageDefault' @@ -107,10 +70,28 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { ssh: { publicKeys: [] } - disablePasswordAuthentication: false } secrets: [] - adminPassword: adminPassword + } + priority: 'Regular' + storageProfile: { + dataDisks: [] + imageReference: { + offer: 'UbuntuServer' + publisher: 'Canonical' + sku: '18.04-LTS' + version: 'latest' + } + osDisk: { + caching: 'ReadWrite' + createOption: 'FromImage' + managedDisk: { + storageAccountType: 'Standard_LRS' + } + name: 'myosdisk-230630033106863551' + osType: 'Linux' + writeAcceleratorEnabled: false + } } } } @@ -119,7 +100,6 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location properties: { - subnets: [] addressSpace: { addressPrefixes: [ '10.0.0.0/16' @@ -128,6 +108,7 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { dhcpOptions: { dnsServers: [] } + subnets: [] } } @@ -135,11 +116,33 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: resourceName parent: virtualNetwork properties: { - serviceEndpoints: [] addressPrefix: '10.0.2.0/24' delegations: [] privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] + serviceEndpoints: [] + } +} + +resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { + name: resourceName + location: location + properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + name: 'testconfiguration1' + properties: { + primary: true + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + subnet: { + id: subnet.id + } + } + } + ] } } diff --git a/settings/remarks/microsoft.digitaltwins/samples/digitaltwinsinstances/endpoints/main.bicep b/settings/remarks/microsoft.digitaltwins/samples/digitaltwinsinstances/endpoints/main.bicep index a6f23f9b..bb6af959 100644 --- a/settings/remarks/microsoft.digitaltwins/samples/digitaltwinsinstances/endpoints/main.bicep +++ b/settings/remarks/microsoft.digitaltwins/samples/digitaltwinsinstances/endpoints/main.bicep @@ -6,18 +6,6 @@ resource digitalTwinsInstance 'Microsoft.DigitalTwins/digitalTwinsInstances@2020 location: location } -resource endpoint 'Microsoft.DigitalTwins/digitalTwinsInstances/endpoints@2020-12-01' = { - name: resourceName - parent: digitalTwinsInstance - properties: { - authenticationType: 'KeyBased' - deadLetterSecret: '' - endpointType: 'ServiceBus' - primaryConnectionString: authorizationRule.listKeys().primaryConnectionString - secondaryConnectionString: authorizationRule.listKeys().secondaryConnectionString - } -} - resource namespace 'Microsoft.ServiceBus/namespaces@2022-01-01-preview' = { name: resourceName location: location @@ -33,6 +21,18 @@ resource namespace 'Microsoft.ServiceBus/namespaces@2022-01-01-preview' = { } } +resource endpoint 'Microsoft.DigitalTwins/digitalTwinsInstances/endpoints@2020-12-01' = { + name: resourceName + parent: digitalTwinsInstance + properties: { + authenticationType: 'KeyBased' + deadLetterSecret: '' + endpointType: 'ServiceBus' + primaryConnectionString: authorizationRule.listKeys().primaryConnectionString + secondaryConnectionString: authorizationRule.listKeys().secondaryConnectionString + } +} + resource topic 'Microsoft.ServiceBus/namespaces/topics@2021-06-01-preview' = { name: resourceName parent: namespace diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/main.bicep index 9622bacb..32889b6f 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/main.bicep @@ -6,16 +6,25 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { - virtualNetworkRules: [] capabilities: [ { name: 'EnableCassandra' } ] - enableFreeTier: false + consistencyPolicy: { + defaultConsistencyLevel: 'Strong' + maxIntervalInSeconds: 5 + maxStalenessPrefix: 100 + } databaseAccountOfferType: 'Standard' defaultIdentity: 'FirstPartyIdentity' + disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false enableAnalyticalStorage: false + enableAutomaticFailover: false + enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] isVirtualNetworkFilterEnabled: false locations: [ { @@ -24,19 +33,10 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { locationName: 'West Europe' } ] - publicNetworkAccess: 'Enabled' - disableKeyBasedMetadataWriteAccess: false - disableLocalAuth: false - enableAutomaticFailover: false - enableMultipleWriteLocations: false - ipRules: [] - consistencyPolicy: { - defaultConsistencyLevel: 'Strong' - maxIntervalInSeconds: 5 - maxStalenessPrefix: 100 - } networkAclBypass: 'None' networkAclBypassResourceIds: [] + publicNetworkAccess: 'Enabled' + virtualNetworkRules: [] } } @@ -46,7 +46,7 @@ resource cassandraKeyspace 'Microsoft.DocumentDB/databaseAccounts/cassandraKeysp properties: { options: {} resource: { - id: '${resourceName}' + id: resourceName } } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/tables/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/tables/main.bicep index e18d0dca..a39e3a53 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/tables/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/cassandrakeyspaces/tables/main.bicep @@ -1,27 +1,15 @@ -param resourceName string = 'acctest0001' param location string = 'eastus' +param resourceName string = 'acctest0001' -var keyspaceName = 'resourcenameks' -var tableName = 'resourcenametbl' -var accountName = 'resourcename' +var accountName = toLower(replace(resourceName, '-', '')) +var keyspaceName = '${toLower(resourceName)}ks' +var tableName = '${toLower(resourceName)}tbl' resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2024-08-15' = { name: accountName location: location kind: 'GlobalDocumentDB' properties: { - backupPolicy: null - enableAutomaticFailover: false - enableBurstCapacity: false - locations: [ - { - failoverPriority: 0 - isZoneRedundant: false - locationName: '${location}' - } - ] - minimalTlsVersion: 'Tls12' - virtualNetworkRules: [] capabilities: [ { name: 'EnableCassandra' @@ -33,18 +21,29 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2024-08-15' = { maxStalenessPrefix: 100 } databaseAccountOfferType: 'Standard' + defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false + enableAnalyticalStorage: true + enableAutomaticFailover: false + enableBurstCapacity: false enableFreeTier: false + enableMultipleWriteLocations: false enablePartitionMerge: false - networkAclBypassResourceIds: [] - enableAnalyticalStorage: true + ipRules: [] isVirtualNetworkFilterEnabled: false + locations: [ + { + failoverPriority: 0 + isZoneRedundant: false + locationName: location + } + ] + minimalTlsVersion: 'Tls12' networkAclBypass: 'None' + networkAclBypassResourceIds: [] publicNetworkAccess: 'Enabled' - defaultIdentity: 'FirstPartyIdentity' - enableMultipleWriteLocations: false - ipRules: [] + virtualNetworkRules: [] } } @@ -54,7 +53,7 @@ resource cassandraKeyspace 'Microsoft.DocumentDB/databaseAccounts/cassandraKeysp properties: { options: {} resource: { - id: '${keyspaceName}' + id: keyspaceName } } } @@ -66,7 +65,7 @@ resource table 'Microsoft.DocumentDB/databaseAccounts/cassandraKeyspaces/tables@ options: {} resource: { analyticalStorageTtl: 1 - id: '${tableName}' + id: tableName schema: { clusterKeys: [] columns: [ diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/graphs/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/graphs/main.bicep index 3d5eb3f7..d257903d 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/graphs/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/graphs/main.bicep @@ -16,16 +16,15 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { maxIntervalInSeconds: 5 maxStalenessPrefix: 100 } - disableLocalAuth: false - networkAclBypassResourceIds: [] - publicNetworkAccess: 'Enabled' + databaseAccountOfferType: 'Standard' defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false enableAnalyticalStorage: false + enableAutomaticFailover: false enableFreeTier: false - networkAclBypass: 'None' - virtualNetworkRules: [] enableMultipleWriteLocations: false + ipRules: [] isVirtualNetworkFilterEnabled: false locations: [ { @@ -34,9 +33,10 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { locationName: 'West Europe' } ] - databaseAccountOfferType: 'Standard' - enableAutomaticFailover: false - ipRules: [] + networkAclBypass: 'None' + networkAclBypassResourceIds: [] + publicNetworkAccess: 'Enabled' + virtualNetworkRules: [] } } @@ -46,7 +46,7 @@ resource gremlinDatabase 'Microsoft.DocumentDB/databaseAccounts/gremlinDatabases properties: { options: {} resource: { - id: '${resourceName}' + id: resourceName } } } @@ -59,7 +59,7 @@ resource graph 'Microsoft.DocumentDB/databaseAccounts/gremlinDatabases/graphs@20 throughput: 400 } resource: { - id: '${resourceName}' + id: resourceName partitionKey: { kind: 'Hash' paths: [ diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/main.bicep index 2a807513..df20a18c 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/gremlindatabases/main.bicep @@ -6,28 +6,26 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { - defaultIdentity: 'FirstPartyIdentity' - isVirtualNetworkFilterEnabled: false + capabilities: [ + { + name: 'EnableGremlin' + } + ] consistencyPolicy: { - maxStalenessPrefix: 100 defaultConsistencyLevel: 'Strong' maxIntervalInSeconds: 5 + maxStalenessPrefix: 100 } - disableLocalAuth: false - enableAutomaticFailover: false - ipRules: [] - publicNetworkAccess: 'Enabled' databaseAccountOfferType: 'Standard' + defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false enableAnalyticalStorage: false + enableAutomaticFailover: false enableFreeTier: false enableMultipleWriteLocations: false - networkAclBypass: 'None' - capabilities: [ - { - name: 'EnableGremlin' - } - ] + ipRules: [] + isVirtualNetworkFilterEnabled: false locations: [ { failoverPriority: 0 @@ -35,7 +33,9 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { locationName: 'West Europe' } ] + networkAclBypass: 'None' networkAclBypassResourceIds: [] + publicNetworkAccess: 'Enabled' virtualNetworkRules: [] } } @@ -46,7 +46,7 @@ resource gremlinDatabase 'Microsoft.DocumentDB/databaseAccounts/gremlinDatabases properties: { options: {} resource: { - id: '${resourceName}' + id: resourceName } } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/main.bicep index eb48928d..325a0359 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/main.bicep @@ -6,32 +6,32 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { + capabilities: [] + consistencyPolicy: { + defaultConsistencyLevel: 'BoundedStaleness' + maxIntervalInSeconds: 10 + maxStalenessPrefix: 200 + } + databaseAccountOfferType: 'Standard' + defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false + enableAnalyticalStorage: false enableAutomaticFailover: false + enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] + isVirtualNetworkFilterEnabled: false locations: [ { + failoverPriority: 0 isZoneRedundant: false locationName: 'West Europe' - failoverPriority: 0 } ] networkAclBypass: 'None' - databaseAccountOfferType: 'Standard' - enableAnalyticalStorage: false - defaultIdentity: 'FirstPartyIdentity' - isVirtualNetworkFilterEnabled: false networkAclBypassResourceIds: [] - virtualNetworkRules: [] - capabilities: [] - enableFreeTier: false - enableMultipleWriteLocations: false - ipRules: [] publicNetworkAccess: 'Enabled' - consistencyPolicy: { - defaultConsistencyLevel: 'BoundedStaleness' - maxIntervalInSeconds: 10 - maxStalenessPrefix: 200 - } + virtualNetworkRules: [] } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbdatabases/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbdatabases/main.bicep index cf602e09..a1390b07 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbdatabases/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbdatabases/main.bicep @@ -11,32 +11,32 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { name: 'EnableMongo' } ] + consistencyPolicy: { + defaultConsistencyLevel: 'Strong' + maxIntervalInSeconds: 5 + maxStalenessPrefix: 100 + } + databaseAccountOfferType: 'Standard' defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false + enableAnalyticalStorage: false enableAutomaticFailover: false + enableFreeTier: false enableMultipleWriteLocations: false ipRules: [] + isVirtualNetworkFilterEnabled: false locations: [ { - locationName: 'West Europe' failoverPriority: 0 isZoneRedundant: false + locationName: 'West Europe' } ] networkAclBypass: 'None' - consistencyPolicy: { - maxIntervalInSeconds: 5 - maxStalenessPrefix: 100 - defaultConsistencyLevel: 'Strong' - } - databaseAccountOfferType: 'Standard' - enableFreeTier: false - isVirtualNetworkFilterEnabled: false + networkAclBypassResourceIds: [] publicNetworkAccess: 'Enabled' virtualNetworkRules: [] - disableLocalAuth: false - networkAclBypassResourceIds: [] - enableAnalyticalStorage: false } } @@ -46,7 +46,7 @@ resource mongodbDatabase 'Microsoft.DocumentDB/databaseAccounts/mongodbDatabases properties: { options: {} resource: { - id: '${resourceName}' + id: resourceName } } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbroledefinitions/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbroledefinitions/main.bicep index 4ea8ceb7..8bebc244 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbroledefinitions/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbroledefinitions/main.bicep @@ -1,53 +1,52 @@ -param location string = 'eastus' param resourceName string = 'acctest0001' +param location string = 'eastus' -var dbName = 'resourcenamedb' -var roleName = 'resourcenamerole' -var accountName = 'resourcename' +var roleName = '${toLower(resourceName)}role' +var accountName = toLower(replace(resourceName, '-', '')) +var dbName = '${toLower(resourceName)}db' resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2024-08-15' = { name: accountName location: location kind: 'MongoDB' properties: { + capabilities: [ + { + name: 'EnableMongoRoleBasedAccessControl' + } + { + name: 'EnableMongo' + } + ] + consistencyPolicy: { + defaultConsistencyLevel: 'Strong' + maxIntervalInSeconds: 5 + maxStalenessPrefix: 100 + } databaseAccountOfferType: 'Standard' + defaultIdentity: 'FirstPartyIdentity' + disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false enableAnalyticalStorage: false enableAutomaticFailover: false enableBurstCapacity: false + enableFreeTier: false + enableMultipleWriteLocations: false + enablePartitionMerge: false + ipRules: [] + isVirtualNetworkFilterEnabled: false locations: [ { failoverPriority: 0 isZoneRedundant: false - locationName: '${location}' + locationName: location } ] - virtualNetworkRules: [] - backupPolicy: null - disableKeyBasedMetadataWriteAccess: false - ipRules: [] - networkAclBypassResourceIds: [] - enablePartitionMerge: false - consistencyPolicy: { - defaultConsistencyLevel: 'Strong' - maxIntervalInSeconds: 5 - maxStalenessPrefix: 100 - } - enableFreeTier: false - isVirtualNetworkFilterEnabled: false minimalTlsVersion: 'Tls12' - defaultIdentity: 'FirstPartyIdentity' - enableMultipleWriteLocations: false networkAclBypass: 'None' + networkAclBypassResourceIds: [] publicNetworkAccess: 'Enabled' - capabilities: [ - { - name: 'EnableMongoRoleBasedAccessControl' - } - { - name: 'EnableMongo' - } - ] + virtualNetworkRules: [] } } @@ -57,7 +56,7 @@ resource mongodbDatabase 'Microsoft.DocumentDB/databaseAccounts/mongodbDatabases properties: { options: {} resource: { - id: '${dbName}' + id: dbName } } } @@ -69,8 +68,8 @@ resource mongodbRoleDefinition 'Microsoft.DocumentDB/databaseAccounts/mongodbRol mongodbDatabase ] properties: { - databaseName: '${dbName}' - roleName: '${roleName}' + databaseName: dbName + roleName: roleName type: 1 } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbuserdefinitions/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbuserdefinitions/main.bicep index db297983..5bdd9ed3 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbuserdefinitions/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/mongodbuserdefinitions/main.bicep @@ -9,28 +9,6 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2024-08-15' = { location: location kind: 'MongoDB' properties: { - enableAutomaticFailover: false - minimalTlsVersion: 'Tls12' - networkAclBypass: 'None' - publicNetworkAccess: 'Enabled' - databaseAccountOfferType: 'Standard' - enableMultipleWriteLocations: false - locations: [ - { - failoverPriority: 0 - isZoneRedundant: false - locationName: '${location}' - } - ] - enableAnalyticalStorage: false - enableBurstCapacity: false - enablePartitionMerge: false - ipRules: [] - isVirtualNetworkFilterEnabled: false - networkAclBypassResourceIds: [] - virtualNetworkRules: [] - backupPolicy: null - enableFreeTier: false capabilities: [ { name: 'EnableMongoRoleBasedAccessControl' @@ -40,23 +18,33 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2024-08-15' = { } ] consistencyPolicy: { - maxStalenessPrefix: 100 defaultConsistencyLevel: 'Strong' maxIntervalInSeconds: 5 + maxStalenessPrefix: 100 } + databaseAccountOfferType: 'Standard' disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false - } -} - -resource mongodbDatabas 'Microsoft.DocumentDB/databaseAccounts/mongodbDatabases@2021-10-15' = { - name: '${resourceName}-mongodb' - parent: databaseAccount - properties: { - options: {} - resource: { - id: '${resourceName}-mongodb' - } + enableAnalyticalStorage: false + enableAutomaticFailover: false + enableBurstCapacity: false + enableFreeTier: false + enableMultipleWriteLocations: false + enablePartitionMerge: false + ipRules: [] + isVirtualNetworkFilterEnabled: false + locations: [ + { + failoverPriority: 0 + isZoneRedundant: false + locationName: location + } + ] + minimalTlsVersion: 'Tls12' + networkAclBypass: 'None' + networkAclBypassResourceIds: [] + publicNetworkAccess: 'Enabled' + virtualNetworkRules: [] } } @@ -70,3 +58,14 @@ resource mongodbUserDefinition 'Microsoft.DocumentDB/databaseAccounts/mongodbUse userName: 'myUserName' } } + +resource mongodbDatabas 'Microsoft.DocumentDB/databaseAccounts/mongodbDatabases@2021-10-15' = { + name: '${resourceName}-mongodb' + parent: databaseAccount + properties: { + options: {} + resource: { + id: '${resourceName}-mongodb' + } + } +} diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/services/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/services/main.bicep index 95d3b42d..260c8893 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/services/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/services/main.bicep @@ -1,38 +1,38 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { name: resourceName location: location kind: 'GlobalDocumentDB' properties: { - disableKeyBasedMetadataWriteAccess: false - disableLocalAuth: false - isVirtualNetworkFilterEnabled: false - networkAclBypassResourceIds: [] capabilities: [] consistencyPolicy: { defaultConsistencyLevel: 'BoundedStaleness' maxIntervalInSeconds: 5 maxStalenessPrefix: 100 } - publicNetworkAccess: 'Enabled' databaseAccountOfferType: 'Standard' - enableAnalyticalStorage: false - enableMultipleWriteLocations: false - ipRules: [] - virtualNetworkRules: [] defaultIdentity: 'FirstPartyIdentity' + disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false + enableAnalyticalStorage: false enableAutomaticFailover: false enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] + isVirtualNetworkFilterEnabled: false locations: [ { - locationName: 'West Europe' failoverPriority: 0 isZoneRedundant: false + locationName: 'West Europe' } ] networkAclBypass: 'None' + networkAclBypassResourceIds: [] + publicNetworkAccess: 'Enabled' + virtualNetworkRules: [] } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/main.bicep index d1b0b5ea..da18f016 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/main.bicep @@ -6,33 +6,33 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { + capabilities: [] consistencyPolicy: { defaultConsistencyLevel: 'BoundedStaleness' maxIntervalInSeconds: 10 maxStalenessPrefix: 200 } databaseAccountOfferType: 'Standard' + defaultIdentity: 'FirstPartyIdentity' + disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false + enableAnalyticalStorage: false + enableAutomaticFailover: false + enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] + isVirtualNetworkFilterEnabled: false locations: [ { + failoverPriority: 0 isZoneRedundant: false locationName: 'West Europe' - failoverPriority: 0 } ] - capabilities: [] - disableKeyBasedMetadataWriteAccess: false - disableLocalAuth: false - enableFreeTier: false - isVirtualNetworkFilterEnabled: false networkAclBypass: 'None' - enableAutomaticFailover: false - enableMultipleWriteLocations: false - ipRules: [] - virtualNetworkRules: [] - defaultIdentity: 'FirstPartyIdentity' - enableAnalyticalStorage: false networkAclBypassResourceIds: [] publicNetworkAccess: 'Enabled' + virtualNetworkRules: [] } } @@ -40,12 +40,12 @@ resource sqlDatabase 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2021-10 name: resourceName parent: databaseAccount properties: { - resource: { - id: '${resourceName}' - } options: { throughput: 400 } + resource: { + id: resourceName + } } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/storedprocedures/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/storedprocedures/main.bicep index f6256b05..d3ad5017 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/storedprocedures/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/storedprocedures/main.bicep @@ -6,31 +6,31 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { - ipRules: [] - networkAclBypass: 'None' - disableLocalAuth: false - enableAnalyticalStorage: false - enableMultipleWriteLocations: false - locations: [ - { - failoverPriority: 0 - isZoneRedundant: false - locationName: 'West Europe' - } - ] - isVirtualNetworkFilterEnabled: false capabilities: [] consistencyPolicy: { defaultConsistencyLevel: 'Session' maxIntervalInSeconds: 5 maxStalenessPrefix: 100 } + databaseAccountOfferType: 'Standard' defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false + enableAnalyticalStorage: false enableAutomaticFailover: false enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] + isVirtualNetworkFilterEnabled: false + locations: [ + { + failoverPriority: 0 + isZoneRedundant: false + locationName: 'West Europe' + } + ] + networkAclBypass: 'None' networkAclBypassResourceIds: [] - databaseAccountOfferType: 'Standard' publicNetworkAccess: 'Enabled' virtualNetworkRules: [] } @@ -42,7 +42,7 @@ resource sqlDatabase 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2021-10 properties: { options: {} resource: { - id: '${resourceName}' + id: resourceName } } } @@ -53,7 +53,7 @@ resource container 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/container properties: { options: {} resource: { - id: '${resourceName}' + id: resourceName partitionKey: { kind: 'Hash' paths: [ @@ -76,7 +76,7 @@ resource storedProcedure 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/con response.setBody(''Hello, World''); } ''' - id: '${resourceName}' + id: resourceName } } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/triggers/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/triggers/main.bicep index bf72d8bb..9fccb7d2 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/triggers/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/triggers/main.bicep @@ -1,38 +1,38 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { name: resourceName location: location kind: 'GlobalDocumentDB' properties: { + capabilities: [] consistencyPolicy: { defaultConsistencyLevel: 'Session' maxIntervalInSeconds: 5 maxStalenessPrefix: 100 } - isVirtualNetworkFilterEnabled: false - ipRules: [] - publicNetworkAccess: 'Enabled' + databaseAccountOfferType: 'Standard' + defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false + enableAnalyticalStorage: false enableAutomaticFailover: false enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] + isVirtualNetworkFilterEnabled: false locations: [ { + failoverPriority: 0 isZoneRedundant: false locationName: 'West Europe' - failoverPriority: 0 } ] networkAclBypass: 'None' networkAclBypassResourceIds: [] + publicNetworkAccess: 'Enabled' virtualNetworkRules: [] - capabilities: [] - databaseAccountOfferType: 'Standard' - defaultIdentity: 'FirstPartyIdentity' - disableLocalAuth: false - enableAnalyticalStorage: false - enableMultipleWriteLocations: false } } @@ -42,7 +42,7 @@ resource sqlDatabase 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2021-10 properties: { options: {} resource: { - id: '${resourceName}' + id: resourceName } } } @@ -53,7 +53,7 @@ resource container 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/container properties: { options: {} resource: { - id: '${resourceName}' + id: resourceName partitionKey: { kind: 'Hash' paths: [ @@ -71,7 +71,7 @@ resource trigger 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/ options: {} resource: { body: 'function trigger(){}' - id: '${resourceName}' + id: resourceName triggerOperation: 'All' triggerType: 'Pre' } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/userdefinedfunctions/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/userdefinedfunctions/main.bicep index bbd9145a..a3bddc80 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/userdefinedfunctions/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/containers/userdefinedfunctions/main.bicep @@ -6,10 +6,22 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { + capabilities: [] + consistencyPolicy: { + defaultConsistencyLevel: 'Session' + maxIntervalInSeconds: 5 + maxStalenessPrefix: 100 + } databaseAccountOfferType: 'Standard' + defaultIdentity: 'FirstPartyIdentity' + disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false + enableAnalyticalStorage: false + enableAutomaticFailover: false + enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] isVirtualNetworkFilterEnabled: false - defaultIdentity: 'FirstPartyIdentity' locations: [ { failoverPriority: 0 @@ -18,21 +30,9 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { } ] networkAclBypass: 'None' - capabilities: [] - disableKeyBasedMetadataWriteAccess: false - enableAutomaticFailover: false - enableFreeTier: false + networkAclBypassResourceIds: [] publicNetworkAccess: 'Enabled' virtualNetworkRules: [] - consistencyPolicy: { - defaultConsistencyLevel: 'Session' - maxIntervalInSeconds: 5 - maxStalenessPrefix: 100 - } - enableAnalyticalStorage: false - enableMultipleWriteLocations: false - ipRules: [] - networkAclBypassResourceIds: [] } } @@ -40,10 +40,10 @@ resource sqlDatabase 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2021-10 name: resourceName parent: databaseAccount properties: { + options: {} resource: { - id: '${resourceName}' + id: resourceName } - options: {} } } @@ -53,7 +53,7 @@ resource container 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/container properties: { options: {} resource: { - id: '${resourceName}' + id: resourceName partitionKey: { kind: 'Hash' paths: [ @@ -76,7 +76,7 @@ resource userDefinedFunction 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases response.setBody(''Hello, World''); } ''' - id: '${resourceName}' + id: resourceName } } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/main.bicep index 76b0f888..abb3a58c 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqldatabases/main.bicep @@ -6,22 +6,22 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { - isVirtualNetworkFilterEnabled: false - networkAclBypass: 'None' - disableKeyBasedMetadataWriteAccess: false - disableLocalAuth: false - enableAnalyticalStorage: false - ipRules: [] - networkAclBypassResourceIds: [] - virtualNetworkRules: [] capabilities: [] consistencyPolicy: { + defaultConsistencyLevel: 'BoundedStaleness' maxIntervalInSeconds: 10 maxStalenessPrefix: 200 - defaultConsistencyLevel: 'BoundedStaleness' } + databaseAccountOfferType: 'Standard' defaultIdentity: 'FirstPartyIdentity' + disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false + enableAnalyticalStorage: false enableAutomaticFailover: false + enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] + isVirtualNetworkFilterEnabled: false locations: [ { failoverPriority: 0 @@ -29,10 +29,10 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { locationName: 'West Europe' } ] - databaseAccountOfferType: 'Standard' + networkAclBypass: 'None' + networkAclBypassResourceIds: [] publicNetworkAccess: 'Enabled' - enableFreeTier: false - enableMultipleWriteLocations: false + virtualNetworkRules: [] } } @@ -44,7 +44,7 @@ resource sqlDatabase 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2021-10 throughput: 400 } resource: { - id: '${resourceName}' + id: resourceName } } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroleassignments/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroleassignments/main.bicep index 94accaf9..70fd15e9 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroleassignments/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroleassignments/main.bicep @@ -11,21 +11,22 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { - enableFreeTier: false - databaseAccountOfferType: 'Standard' - disableKeyBasedMetadataWriteAccess: false - enableMultipleWriteLocations: false - isVirtualNetworkFilterEnabled: false - networkAclBypassResourceIds: [] - virtualNetworkRules: [] capabilities: [] consistencyPolicy: { defaultConsistencyLevel: 'Session' maxIntervalInSeconds: 5 maxStalenessPrefix: 100 } + databaseAccountOfferType: 'Standard' defaultIdentity: 'FirstPartyIdentity' + disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false + enableAnalyticalStorage: false + enableAutomaticFailover: false + enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] + isVirtualNetworkFilterEnabled: false locations: [ { failoverPriority: 0 @@ -34,10 +35,9 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { } ] networkAclBypass: 'None' + networkAclBypassResourceIds: [] publicNetworkAccess: 'Enabled' - enableAutomaticFailover: false - ipRules: [] - enableAnalyticalStorage: false + virtualNetworkRules: [] } } @@ -45,9 +45,9 @@ resource sqlRoleAssignment 'Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignm name: 'ff419bf7-f8ca-ef51-00d2-3576700c341b' parent: databaseAccount properties: { + principalId: cluster.identity.principalId roleDefinitionId: sqlRoleDefinition.id scope: databaseAccount.id - principalId: cluster.identity.principalId } } @@ -55,21 +55,21 @@ resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { name: resourceName location: location sku: { - tier: 'Basic' capacity: 1 name: 'Dev(No SLA)_Standard_D11_v2' + tier: 'Basic' } properties: { - enablePurge: false - restrictOutboundNetworkAccess: 'Disabled' + enableAutoStop: true enableDiskEncryption: false enableDoubleEncryption: false + enablePurge: false enableStreamingIngest: false engineType: 'V2' publicIPType: 'IPv4' publicNetworkAccess: 'Enabled' + restrictOutboundNetworkAccess: 'Disabled' trustedExternalTenants: [] - enableAutoStop: true } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroledefinitions/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroledefinitions/main.bicep index 2e260e27..03c49730 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroledefinitions/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/sqlroledefinitions/main.bicep @@ -1,17 +1,27 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { name: resourceName location: location kind: 'GlobalDocumentDB' properties: { + capabilities: [] consistencyPolicy: { defaultConsistencyLevel: 'Strong' maxIntervalInSeconds: 5 maxStalenessPrefix: 100 } + databaseAccountOfferType: 'Standard' + defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false + enableAnalyticalStorage: false + enableAutomaticFailover: false + enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] + isVirtualNetworkFilterEnabled: false locations: [ { failoverPriority: 0 @@ -19,20 +29,10 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { locationName: 'West Europe' } ] - databaseAccountOfferType: 'Standard' - enableFreeTier: false - enableMultipleWriteLocations: false - ipRules: [] - isVirtualNetworkFilterEnabled: false networkAclBypass: 'None' networkAclBypassResourceIds: [] publicNetworkAccess: 'Enabled' - capabilities: [] - disableLocalAuth: false - enableAnalyticalStorage: false virtualNetworkRules: [] - defaultIdentity: 'FirstPartyIdentity' - enableAutomaticFailover: false } } diff --git a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/tables/main.bicep b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/tables/main.bicep index 36610180..edc2b529 100644 --- a/settings/remarks/microsoft.documentdb/samples/databaseaccounts/tables/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/databaseaccounts/tables/main.bicep @@ -6,23 +6,25 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { + capabilities: [ + { + name: 'EnableTable' + } + ] consistencyPolicy: { defaultConsistencyLevel: 'Strong' maxIntervalInSeconds: 5 maxStalenessPrefix: 100 } - defaultIdentity: 'FirstPartyIdentity' - publicNetworkAccess: 'Enabled' - virtualNetworkRules: [] databaseAccountOfferType: 'Standard' - enableAnalyticalStorage: false - enableMultipleWriteLocations: false - ipRules: [] - networkAclBypass: 'None' - networkAclBypassResourceIds: [] + defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false + enableAnalyticalStorage: false enableAutomaticFailover: false + enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] isVirtualNetworkFilterEnabled: false locations: [ { @@ -31,12 +33,10 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { locationName: 'West Europe' } ] - capabilities: [ - { - name: 'EnableTable' - } - ] - enableFreeTier: false + networkAclBypass: 'None' + networkAclBypassResourceIds: [] + publicNetworkAccess: 'Enabled' + virtualNetworkRules: [] } } @@ -46,7 +46,7 @@ resource table 'Microsoft.DocumentDB/databaseAccounts/tables@2021-10-15' = { properties: { options: {} resource: { - id: '${resourceName}' + id: resourceName } } } diff --git a/settings/remarks/microsoft.documentdb/samples/mongoclusters/firewallrules/main.bicep b/settings/remarks/microsoft.documentdb/samples/mongoclusters/firewallrules/main.bicep index c6581ca2..04c65539 100644 --- a/settings/remarks/microsoft.documentdb/samples/mongoclusters/firewallrules/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/mongoclusters/firewallrules/main.bicep @@ -5,12 +5,21 @@ resource mongoCluster 'Microsoft.DocumentDB/mongoClusters@2025-09-01' = { name: resourceName location: location properties: { + authConfig: { + allowedModes: [ + 'MicrosoftEntraID' + ] + } compute: { tier: 'M40' } highAvailability: { targetMode: 'Disabled' } + previewFeatures: [ + 'ShardRebalancer' + ] + publicNetworkAccess: 'Enabled' serverVersion: '5.0' sharding: { shardCount: 1 @@ -18,15 +27,6 @@ resource mongoCluster 'Microsoft.DocumentDB/mongoClusters@2025-09-01' = { storage: { sizeGb: 32 } - authConfig: { - allowedModes: [ - 'MicrosoftEntraID' - ] - } - previewFeatures: [ - 'ShardRebalancer' - ] - publicNetworkAccess: 'Enabled' } } diff --git a/settings/remarks/microsoft.documentdb/samples/mongoclusters/users/main.bicep b/settings/remarks/microsoft.documentdb/samples/mongoclusters/users/main.bicep index f8153c73..101961e7 100644 --- a/settings/remarks/microsoft.documentdb/samples/mongoclusters/users/main.bicep +++ b/settings/remarks/microsoft.documentdb/samples/mongoclusters/users/main.bicep @@ -22,8 +22,8 @@ resource mongoClusterSSDv2 'Microsoft.DocumentDB/mongoClusters@2025-09-01' = { shardCount: 1 } storage: { - type: 'PremiumSSDv2' sizeGb: 64 + type: 'PremiumSSDv2' } } } @@ -45,8 +45,8 @@ resource mongouserEntraserviceprincipal 'Microsoft.DocumentDB/mongoClusters/user } roles: [ { - role: 'root' db: 'admin' + role: 'root' } ] } diff --git a/settings/remarks/microsoft.elasticsan/samples/elasticsans/main.bicep b/settings/remarks/microsoft.elasticsan/samples/elasticsans/main.bicep index bf006e9a..9e0b659a 100644 --- a/settings/remarks/microsoft.elasticsan/samples/elasticsans/main.bicep +++ b/settings/remarks/microsoft.elasticsan/samples/elasticsans/main.bicep @@ -1,15 +1,15 @@ -param location string = 'westus' param resourceName string = 'acctest0001' +param location string = 'westus' resource elasticSan 'Microsoft.ElasticSan/elasticSans@2023-01-01' = { name: resourceName location: location properties: { + baseSizeTiB: 1 extendedCapacitySizeTiB: 0 sku: { name: 'Premium_LRS' tier: 'Premium' } - baseSizeTiB: 1 } } diff --git a/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/main.bicep b/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/main.bicep index 53573992..63acbbac 100644 --- a/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/main.bicep +++ b/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westus' +param resourceName string = 'acctest0001' resource elasticSan 'Microsoft.ElasticSan/elasticSans@2023-01-01' = { name: '${resourceName}-es' diff --git a/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/volumes/main.bicep b/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/volumes/main.bicep index fcf2c59d..4e436369 100644 --- a/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/volumes/main.bicep +++ b/settings/remarks/microsoft.elasticsan/samples/elasticsans/volumegroups/volumes/main.bicep @@ -1,16 +1,16 @@ -param resourceName string = 'acctest0001' param location string = 'westus' +param resourceName string = 'acctest0001' resource elasticSan 'Microsoft.ElasticSan/elasticSans@2023-01-01' = { name: '${resourceName}-es' location: location properties: { + baseSizeTiB: 1 extendedCapacitySizeTiB: 0 sku: { name: 'Premium_LRS' tier: 'Premium' } - baseSizeTiB: 1 } } @@ -18,11 +18,11 @@ resource volumeGroup 'Microsoft.ElasticSan/elasticSans/volumeGroups@2023-01-01' name: '${resourceName}-vg' parent: elasticSan properties: { - protocolType: 'Iscsi' encryption: 'EncryptionAtRestWithPlatformKey' networkAcls: { virtualNetworkRules: [] } + protocolType: 'Iscsi' } } diff --git a/settings/remarks/microsoft.eventgrid/samples/domains/main.bicep b/settings/remarks/microsoft.eventgrid/samples/domains/main.bicep index 4725dd49..7aa94b1e 100644 --- a/settings/remarks/microsoft.eventgrid/samples/domains/main.bicep +++ b/settings/remarks/microsoft.eventgrid/samples/domains/main.bicep @@ -5,11 +5,10 @@ resource domain 'Microsoft.EventGrid/domains@2021-12-01' = { name: resourceName location: location properties: { - inputSchemaMapping: null - publicNetworkAccess: 'Enabled' autoCreateTopicWithFirstSubscription: true autoDeleteTopicWithLastSubscription: true disableLocalAuth: false inputSchema: 'EventGridSchema' + publicNetworkAccess: 'Enabled' } } diff --git a/settings/remarks/microsoft.eventgrid/samples/domains/topics/main.bicep b/settings/remarks/microsoft.eventgrid/samples/domains/topics/main.bicep index d2a95d58..e9acef4e 100644 --- a/settings/remarks/microsoft.eventgrid/samples/domains/topics/main.bicep +++ b/settings/remarks/microsoft.eventgrid/samples/domains/topics/main.bicep @@ -9,7 +9,6 @@ resource domain 'Microsoft.EventGrid/domains@2021-12-01' = { autoDeleteTopicWithLastSubscription: true disableLocalAuth: false inputSchema: 'EventGridSchema' - inputSchemaMapping: null publicNetworkAccess: 'Enabled' } } diff --git a/settings/remarks/microsoft.eventgrid/samples/eventsubscriptions/main.bicep b/settings/remarks/microsoft.eventgrid/samples/eventsubscriptions/main.bicep index 7a6ae55b..8a0ac572 100644 --- a/settings/remarks/microsoft.eventgrid/samples/eventsubscriptions/main.bicep +++ b/settings/remarks/microsoft.eventgrid/samples/eventsubscriptions/main.bicep @@ -9,8 +9,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { + accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: true + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -26,14 +29,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { isNfsV3Enabled: false isSftpEnabled: false minimumTlsVersion: 'TLS1_2' - allowSharedKeyAccess: true - defaultToOAuthAuthentication: false networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true - accessTier: 'Hot' } } @@ -41,12 +41,11 @@ resource eventSubscription 'Microsoft.EventGrid/eventSubscriptions@2021-12-01' = name: resourceName scope: storageAccount properties: { - deadLetterDestination: null destination: { + endpointType: 'EventHub' properties: { - deliveryAttributeMappings: null + resourceId: eventhub.id } - endpointType: 'EventHub' } eventDeliverySchema: 'EventGridSchema' filter: { diff --git a/settings/remarks/microsoft.eventgrid/samples/systemtopics/eventsubscriptions/main.bicep b/settings/remarks/microsoft.eventgrid/samples/systemtopics/eventsubscriptions/main.bicep index de155e9b..08e242f0 100644 --- a/settings/remarks/microsoft.eventgrid/samples/systemtopics/eventsubscriptions/main.bicep +++ b/settings/remarks/microsoft.eventgrid/samples/systemtopics/eventsubscriptions/main.bicep @@ -1,21 +1,12 @@ param resourceName string = 'acctest0001' param location string = 'westus' +var systemTopicName = '${resourceName}-st' +var storageAccountName = '${resourceName}sa01' var queueServiceId = '${storageAccount.id}/queueServices/default' -var storageAccountName = 'resourceNamesa01' -var queueName = 'resourceNamequeue' -var eventSubscription1Name = 'resourceName-es1' -var eventSubscription2Name = 'resourceName-es2' -var systemTopicName = 'resourceName-st' - -resource systemTopic 'Microsoft.EventGrid/systemTopics@2022-06-15' = { - name: systemTopicName - location: 'global' - properties: { - source: resourceGroup().id - topicType: 'Microsoft.Resources.ResourceGroups' - } -} +var queueName = '${resourceName}queue' +var eventSubscription1Name = '${resourceName}-es1' +var eventSubscription2Name = '${resourceName}-es2' resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { name: storageAccountName @@ -25,11 +16,12 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } kind: 'StorageV2' properties: { - allowCrossTenantReplication: false - isNfsV3Enabled: false - minimumTlsVersion: 'TLS1_2' + accessTier: 'Hot' allowBlobPublicAccess: true + allowCrossTenantReplication: false allowSharedKeyAccess: true + defaultToOAuthAuthentication: false + dnsEndpointType: 'Standard' encryption: { keySource: 'Microsoft.Storage' services: { @@ -41,7 +33,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } } } + isHnsEnabled: false isLocalUserEnabled: true + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' networkAcls: { bypass: 'AzureServices' defaultAction: 'Allow' @@ -49,13 +45,8 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { resourceAccessRules: [] virtualNetworkRules: [] } - supportsHttpsTrafficOnly: true - defaultToOAuthAuthentication: false - dnsEndpointType: 'Standard' - isHnsEnabled: false - isSftpEnabled: false publicNetworkAccess: 'Enabled' - accessTier: 'Hot' + supportsHttpsTrafficOnly: true } } @@ -66,14 +57,22 @@ resource queue 'Microsoft.Storage/storageAccounts/queueServices/queues@2023-05-0 ] } -resource eventSubscription 'Microsoft.EventGrid/systemTopics/eventSubscriptions@2022-06-15' = { - name: eventSubscription1Name +resource systemTopic 'Microsoft.EventGrid/systemTopics@2022-06-15' = { + name: systemTopicName + location: 'global' + properties: { + source: resourceGroup().id + topicType: 'Microsoft.Resources.ResourceGroups' + } +} + +resource eventsubscription1 'Microsoft.EventGrid/systemTopics/eventSubscriptions@2022-06-15' = { + name: eventSubscription2Name parent: systemTopic dependsOn: [ queue ] properties: { - deadLetterDestination: null destination: { endpointType: 'StorageQueue' properties: { @@ -86,9 +85,9 @@ resource eventSubscription 'Microsoft.EventGrid/systemTopics/eventSubscriptions@ advancedFilters: [ { key: 'subject' - operatorType: 'StringBeginsWith' + operatorType: 'StringEndsWith' values: [ - 'foo' + 'bar' ] } ] @@ -97,29 +96,28 @@ resource eventSubscription 'Microsoft.EventGrid/systemTopics/eventSubscriptions@ } } -resource eventsubscription1 'Microsoft.EventGrid/systemTopics/eventSubscriptions@2022-06-15' = { - name: eventSubscription2Name +resource eventSubscription 'Microsoft.EventGrid/systemTopics/eventSubscriptions@2022-06-15' = { + name: eventSubscription1Name parent: systemTopic dependsOn: [ queue ] properties: { - deadLetterDestination: null destination: { + endpointType: 'StorageQueue' properties: { queueName: queueName resourceId: storageAccount.id } - endpointType: 'StorageQueue' } eventDeliverySchema: 'EventGridSchema' filter: { advancedFilters: [ { key: 'subject' - operatorType: 'StringEndsWith' + operatorType: 'StringBeginsWith' values: [ - 'bar' + 'foo' ] } ] diff --git a/settings/remarks/microsoft.eventgrid/samples/systemtopics/main.bicep b/settings/remarks/microsoft.eventgrid/samples/systemtopics/main.bicep index db3c1e98..2110e234 100644 --- a/settings/remarks/microsoft.eventgrid/samples/systemtopics/main.bicep +++ b/settings/remarks/microsoft.eventgrid/samples/systemtopics/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource systemTopic 'Microsoft.EventGrid/systemTopics@2021-12-01' = { name: resourceName diff --git a/settings/remarks/microsoft.eventgrid/samples/topics/main.bicep b/settings/remarks/microsoft.eventgrid/samples/topics/main.bicep index 7036e6b5..83835116 100644 --- a/settings/remarks/microsoft.eventgrid/samples/topics/main.bicep +++ b/settings/remarks/microsoft.eventgrid/samples/topics/main.bicep @@ -5,9 +5,8 @@ resource topic 'Microsoft.EventGrid/topics@2021-12-01' = { name: resourceName location: location properties: { - inputSchemaMapping: null - publicNetworkAccess: 'Enabled' disableLocalAuth: false inputSchema: 'EventGridSchema' + publicNetworkAccess: 'Enabled' } } diff --git a/settings/remarks/microsoft.eventhub/samples/namespaces/authorizationrules/main.bicep b/settings/remarks/microsoft.eventhub/samples/namespaces/authorizationrules/main.bicep index 23d2c1d0..12652f1c 100644 --- a/settings/remarks/microsoft.eventhub/samples/namespaces/authorizationrules/main.bicep +++ b/settings/remarks/microsoft.eventhub/samples/namespaces/authorizationrules/main.bicep @@ -5,9 +5,9 @@ resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName location: location sku: { - tier: 'Basic' capacity: 1 name: 'Basic' + tier: 'Basic' } properties: { disableLocalAuth: false diff --git a/settings/remarks/microsoft.eventhub/samples/namespaces/disasterrecoveryconfigs/main.bicep b/settings/remarks/microsoft.eventhub/samples/namespaces/disasterrecoveryconfigs/main.bicep index 1a83569a..9a86144d 100644 --- a/settings/remarks/microsoft.eventhub/samples/namespaces/disasterrecoveryconfigs/main.bicep +++ b/settings/remarks/microsoft.eventhub/samples/namespaces/disasterrecoveryconfigs/main.bicep @@ -1,35 +1,35 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { +resource namespace2 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName - location: location + location: 'westus2' sku: { capacity: 1 name: 'Standard' tier: 'Standard' } properties: { - publicNetworkAccess: 'Enabled' - zoneRedundant: false disableLocalAuth: false isAutoInflateEnabled: false + publicNetworkAccess: 'Enabled' + zoneRedundant: false } } -resource namespace2 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { +resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName - location: 'westus2' + location: location sku: { capacity: 1 name: 'Standard' tier: 'Standard' } properties: { - publicNetworkAccess: 'Enabled' - zoneRedundant: false disableLocalAuth: false isAutoInflateEnabled: false + publicNetworkAccess: 'Enabled' + zoneRedundant: false } } diff --git a/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/authorizationrules/main.bicep b/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/authorizationrules/main.bicep index 8e795956..b76dce4f 100644 --- a/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/authorizationrules/main.bicep +++ b/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/authorizationrules/main.bicep @@ -10,10 +10,10 @@ resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { tier: 'Basic' } properties: { - zoneRedundant: false disableLocalAuth: false isAutoInflateEnabled: false publicNetworkAccess: 'Enabled' + zoneRedundant: false } } diff --git a/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/consumergroups/main.bicep b/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/consumergroups/main.bicep index be576c42..a3837e81 100644 --- a/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/consumergroups/main.bicep +++ b/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/consumergroups/main.bicep @@ -10,10 +10,10 @@ resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { tier: 'Standard' } properties: { + disableLocalAuth: false isAutoInflateEnabled: false publicNetworkAccess: 'Enabled' zoneRedundant: false - disableLocalAuth: false } } diff --git a/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/main.bicep b/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/main.bicep index 1f75b415..59991d26 100644 --- a/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/main.bicep +++ b/settings/remarks/microsoft.eventhub/samples/namespaces/eventhubs/main.bicep @@ -1,13 +1,13 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName location: location sku: { - tier: 'Standard' capacity: 1 name: 'Standard' + tier: 'Standard' } properties: { disableLocalAuth: false diff --git a/settings/remarks/microsoft.eventhub/samples/namespaces/main.bicep b/settings/remarks/microsoft.eventhub/samples/namespaces/main.bicep index eb6da542..d1c4d529 100644 --- a/settings/remarks/microsoft.eventhub/samples/namespaces/main.bicep +++ b/settings/remarks/microsoft.eventhub/samples/namespaces/main.bicep @@ -10,9 +10,9 @@ resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { tier: 'Standard' } properties: { + disableLocalAuth: false isAutoInflateEnabled: false publicNetworkAccess: 'Enabled' zoneRedundant: false - disableLocalAuth: false } } diff --git a/settings/remarks/microsoft.guestconfiguration/samples/guestconfigurationassignments/main.bicep b/settings/remarks/microsoft.guestconfiguration/samples/guestconfigurationassignments/main.bicep index 356e312e..260ebc51 100644 --- a/settings/remarks/microsoft.guestconfiguration/samples/guestconfigurationassignments/main.bicep +++ b/settings/remarks/microsoft.guestconfiguration/samples/guestconfigurationassignments/main.bicep @@ -4,23 +4,32 @@ param location string = 'westeurope' @description('The administrator password for the virtual machine') param adminPassword string -resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location properties: { - enableAcceleratedNetworking: false - enableIPForwarding: false - ipConfigurations: [ - { - name: 'internal' - properties: { - primary: true - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - subnet: {} - } - } - ] + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { + name: 'internal' + parent: virtualNetwork + properties: { + addressPrefix: '10.0.2.0/24' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } @@ -28,12 +37,17 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { name: resourceName location: location properties: { + additionalCapabilities: {} + applicationProfile: { + galleryApplications: [] + } diagnosticsProfile: { bootDiagnostics: { - storageUri: '' enabled: false + storageUri: '' } } + extensionsTimeBudget: 'PT1H30M' hardwareProfile: { vmSize: 'Standard_F2' } @@ -48,23 +62,23 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { ] } osProfile: { + adminPassword: adminPassword + adminUsername: 'adminuser' + allowExtensionOperations: true computerName: 'acctestvmdro23' secrets: [] windowsConfiguration: { enableAutomaticUpdates: true patchSettings: { + assessmentMode: 'ImageDefault' enableHotpatching: false patchMode: 'AutomaticByOS' - assessmentMode: 'ImageDefault' } provisionVMAgent: true winRM: { listeners: [] } } - adminPassword: adminPassword - adminUsername: 'adminuser' - allowExtensionOperations: true } priority: 'Regular' storageProfile: { @@ -76,49 +90,15 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { version: 'latest' } osDisk: { + caching: 'ReadWrite' + createOption: 'FromImage' managedDisk: { storageAccountType: 'Standard_LRS' } osType: 'Windows' writeAcceleratorEnabled: false - caching: 'ReadWrite' - createOption: 'FromImage' } } - additionalCapabilities: {} - applicationProfile: { - galleryApplications: [] - } - extensionsTimeBudget: 'PT1H30M' - } -} - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: resourceName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - subnets: [] - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - name: 'internal' - parent: virtualNetwork - properties: { - serviceEndpoints: [] - addressPrefix: '10.0.2.0/24' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] } } @@ -128,10 +108,6 @@ resource guestConfigurationAssignment 'Microsoft.GuestConfiguration/guestConfigu scope: virtualMachine properties: { guestConfiguration: { - contentHash: '' - contentUri: '' - name: 'WhitelistedApplication' - version: '1.*' assignmentType: '' configurationParameter: [ { @@ -139,6 +115,32 @@ resource guestConfigurationAssignment 'Microsoft.GuestConfiguration/guestConfigu value: 'NotePad,sql' } ] + contentHash: '' + contentUri: '' + name: 'WhitelistedApplication' + version: '1.*' } } } + +resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { + name: resourceName + location: location + properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + name: 'internal' + properties: { + primary: true + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + subnet: { + id: subnet.id + } + } + } + ] + } +} diff --git a/settings/remarks/microsoft.hdinsight/samples/clusters/main.bicep b/settings/remarks/microsoft.hdinsight/samples/clusters/main.bicep index 887625ef..0e945d7d 100644 --- a/settings/remarks/microsoft.hdinsight/samples/clusters/main.bicep +++ b/settings/remarks/microsoft.hdinsight/samples/clusters/main.bicep @@ -1,6 +1,3 @@ -@secure() -@description('The REST API credential password for the HDInsight cluster gateway') -param restCredentialPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The username for the HDInsight cluster virtual machines') @@ -8,12 +5,51 @@ param vmUsername string @secure() @description('The password for the HDInsight cluster virtual machines') param vmPassword string +@secure() +@description('The REST API credential password for the HDInsight cluster gateway') +param restCredentialPassword string resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { name: 'default' parent: storageAccount } +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + properties: { + accessTier: 'Hot' + allowBlobPublicAccess: true + allowCrossTenantReplication: true + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false + encryption: { + keySource: 'Microsoft.Storage' + services: { + queue: { + keyType: 'Service' + } + table: { + keyType: 'Service' + } + } + } + isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true + } +} + resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { name: resourceName parent: blobService @@ -28,11 +64,6 @@ resource cluster 'Microsoft.HDInsight/clusters@2018-06-01-preview' = { name: resourceName location: location properties: { - encryptionInTransitProperties: { - isEncryptionInTransitEnabled: false - } - osType: 'Linux' - tier: 'standard' clusterDefinition: { componentVersion: { Spark: '2.4' @@ -46,34 +77,23 @@ resource cluster 'Microsoft.HDInsight/clusters@2018-06-01-preview' = { } kind: 'Spark' } - minSupportedTlsVersion: '1.2' - storageProfile: { - storageaccounts: [ - { - isDefault: true - key: storageAccount.listKeys().keys[0].value - name: '.blob.core.windows.net' - } - ] - } clusterVersion: '4.0.3000.1' computeProfile: { roles: [ { + hardwareProfile: { + vmSize: 'standard_a4_v2' + } + name: 'headnode' osProfile: { linuxOperatingSystemProfile: { - username: vmUsername password: vmPassword + username: vmUsername } } targetInstanceCount: 2 - hardwareProfile: { - vmSize: 'standard_a4_v2' - } - name: 'headnode' } { - targetInstanceCount: 3 hardwareProfile: { vmSize: 'standard_a4_v2' } @@ -84,9 +104,9 @@ resource cluster 'Microsoft.HDInsight/clusters@2018-06-01-preview' = { username: vmUsername } } + targetInstanceCount: 3 } { - targetInstanceCount: 3 hardwareProfile: { vmSize: 'standard_a2_v2' } @@ -97,44 +117,26 @@ resource cluster 'Microsoft.HDInsight/clusters@2018-06-01-preview' = { username: vmUsername } } + targetInstanceCount: 3 } ] } - } -} - -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - sku: { - name: 'Standard_LRS' - } - kind: 'StorageV2' - properties: { - accessTier: 'Hot' - allowCrossTenantReplication: true - allowSharedKeyAccess: true - encryption: { - keySource: 'Microsoft.Storage' - services: { - queue: { - keyType: 'Service' - } - table: { - keyType: 'Service' - } - } + encryptionInTransitProperties: { + isEncryptionInTransitEnabled: false } - isNfsV3Enabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' - publicNetworkAccess: 'Enabled' - allowBlobPublicAccess: true - defaultToOAuthAuthentication: false - isHnsEnabled: false - networkAcls: { - defaultAction: 'Allow' + minSupportedTlsVersion: '1.2' + osType: 'Linux' + storageProfile: { + storageaccounts: [ + { + container: container.name + isDefault: true + key: storageAccount.listKeys().keys[0].value + name: '${storageAccount.name}.blob.core.windows.net' + resourceId: storageAccount.id + } + ] } - supportsHttpsTrafficOnly: true + tier: 'standard' } } diff --git a/settings/remarks/microsoft.healthbot/samples/healthbots/main.bicep b/settings/remarks/microsoft.healthbot/samples/healthbots/main.bicep index 6a54a915..b6536e24 100644 --- a/settings/remarks/microsoft.healthbot/samples/healthbots/main.bicep +++ b/settings/remarks/microsoft.healthbot/samples/healthbots/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource healthBot 'Microsoft.HealthBot/healthBots@2022-08-08' = { name: resourceName diff --git a/settings/remarks/microsoft.healthcareapis/samples/services/main.bicep b/settings/remarks/microsoft.healthcareapis/samples/services/main.bicep index 6cdc8773..47827fb8 100644 --- a/settings/remarks/microsoft.healthcareapis/samples/services/main.bicep +++ b/settings/remarks/microsoft.healthcareapis/samples/services/main.bicep @@ -6,10 +6,6 @@ resource service 'Microsoft.HealthcareApis/services@2022-12-01' = { location: location kind: 'fhir' properties: { - cosmosDbConfiguration: { - offerThroughput: 1000 - } - publicNetworkAccess: 'Enabled' accessPolicies: [ { objectId: deployer().objectId @@ -17,5 +13,9 @@ resource service 'Microsoft.HealthcareApis/services@2022-12-01' = { ] authenticationConfiguration: {} corsConfiguration: {} + cosmosDbConfiguration: { + offerThroughput: 1000 + } + publicNetworkAccess: 'Enabled' } } diff --git a/settings/remarks/microsoft.healthcareapis/samples/workspaces/fhirservices/main.bicep b/settings/remarks/microsoft.healthcareapis/samples/workspaces/fhirservices/main.bicep index affcbe04..85b8d7f7 100644 --- a/settings/remarks/microsoft.healthcareapis/samples/workspaces/fhirservices/main.bicep +++ b/settings/remarks/microsoft.healthcareapis/samples/workspaces/fhirservices/main.bicep @@ -14,9 +14,9 @@ resource fhirService 'Microsoft.HealthcareApis/workspaces/fhirServices@2022-12-0 properties: { acrConfiguration: {} authenticationConfiguration: { + audience: 'https://acctestfhir.fhir.azurehealthcareapis.com' authority: 'https://login.microsoftonline.com/${tenant().tenantId}' smartProxyEnabled: false - audience: 'https://acctestfhir.fhir.azurehealthcareapis.com' } corsConfiguration: { allowCredentials: false diff --git a/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/fhirdestinations/main.bicep b/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/fhirdestinations/main.bicep index 08347146..2e61b905 100644 --- a/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/fhirdestinations/main.bicep +++ b/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/fhirdestinations/main.bicep @@ -1,6 +1,11 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource workspace 'Microsoft.HealthcareApis/workspaces@2022-12-01' = { + name: resourceName + location: location +} + resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName location: location @@ -21,17 +26,12 @@ resource eventhub 'Microsoft.EventHub/namespaces/eventhubs@2021-11-01' = { name: resourceName parent: namespace properties: { - status: 'Active' messageRetentionInDays: 1 partitionCount: 2 + status: 'Active' } } -resource workspace 'Microsoft.HealthcareApis/workspaces@2022-12-01' = { - name: resourceName - location: location -} - resource fhirService 'Microsoft.HealthcareApis/workspaces/fhirServices@2022-12-01' = { name: resourceName location: location @@ -45,10 +45,10 @@ resource fhirService 'Microsoft.HealthcareApis/workspaces/fhirServices@2022-12-0 smartProxyEnabled: false } corsConfiguration: { + allowCredentials: false headers: [] methods: [] origins: [] - allowCredentials: false } } } @@ -58,16 +58,17 @@ resource iotConnector 'Microsoft.HealthcareApis/workspaces/iotConnectors@2022-12 location: location parent: workspace properties: { - ingestionEndpointConfiguration: { - eventHubName: eventhub.name - fullyQualifiedEventHubNamespace: '${namespace.name}.servicebus.windows.net' - } deviceMapping: { content: { template: [] templateType: 'CollectionContent' } } + ingestionEndpointConfiguration: { + consumerGroup: consumerGroup.id + eventHubName: eventhub.name + fullyQualifiedEventHubNamespace: '${namespace.name}.servicebus.windows.net' + } } } diff --git a/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/main.bicep b/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/main.bicep index 565d0667..02b81503 100644 --- a/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/main.bicep +++ b/settings/remarks/microsoft.healthcareapis/samples/workspaces/iotconnectors/main.bicep @@ -1,13 +1,37 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' + +resource workspace 'Microsoft.HealthcareApis/workspaces@2022-12-01' = { + name: resourceName + location: location +} + +resource iotConnector 'Microsoft.HealthcareApis/workspaces/iotConnectors@2022-12-01' = { + name: resourceName + location: location + parent: workspace + properties: { + deviceMapping: { + content: { + template: [] + templateType: 'CollectionContent' + } + } + ingestionEndpointConfiguration: { + consumerGroup: consumerGroup.id + eventHubName: eventhub.name + fullyQualifiedEventHubNamespace: '${namespace.name}.servicebus.windows.net' + } + } +} resource namespace 'Microsoft.EventHub/namespaces@2022-01-01-preview' = { name: resourceName location: location sku: { - tier: 'Standard' capacity: 1 name: 'Standard' + tier: 'Standard' } properties: { disableLocalAuth: false @@ -21,32 +45,9 @@ resource eventhub 'Microsoft.EventHub/namespaces/eventhubs@2021-11-01' = { name: resourceName parent: namespace properties: { - status: 'Active' messageRetentionInDays: 1 partitionCount: 2 - } -} - -resource workspace 'Microsoft.HealthcareApis/workspaces@2022-12-01' = { - name: resourceName - location: location -} - -resource iotConnector 'Microsoft.HealthcareApis/workspaces/iotConnectors@2022-12-01' = { - name: resourceName - location: location - parent: workspace - properties: { - deviceMapping: { - content: { - template: [] - templateType: 'CollectionContent' - } - } - ingestionEndpointConfiguration: { - eventHubName: eventhub.name - fullyQualifiedEventHubNamespace: '${namespace.name}.servicebus.windows.net' - } + status: 'Active' } } diff --git a/settings/remarks/microsoft.impact/samples/workloadimpacts/main.bicep b/settings/remarks/microsoft.impact/samples/workloadimpacts/main.bicep index dc52430c..94a68e4e 100644 --- a/settings/remarks/microsoft.impact/samples/workloadimpacts/main.bicep +++ b/settings/remarks/microsoft.impact/samples/workloadimpacts/main.bicep @@ -4,6 +4,68 @@ param location string = 'westeurope' @description('The administrator password for the virtual machine') param adminPassword string +resource workloadImpact 'Microsoft.Impact/workloadImpacts@2023-12-01-preview' = { + name: resourceName + properties: { + additionalProperties: { + CollectTelemetry: true + Location: 'DataCenter1' + LogUrl: 'http://example.com/log' + Manufacturer: 'ManufacturerName' + ModelNumber: 'Model123' + NodeId: 'node-123' + PhysicalHostName: 'host123' + SerialNumber: 'SN123456' + VmUniqueId: 'vm-unique-id' + } + armCorrelationIds: [ + 'id1' + 'id2' + ] + clientIncidentDetails: { + clientIncidentId: 'id' + clientIncidentSource: 'AzureDevops' + } + confidenceLevel: 'High' + connectivity: { + port: 1443 + protocol: 'TCP' + source: { + azureResourceId: virtualMachine.id + } + target: { + azureResourceId: virtualMachine.id + } + } + endDateTime: '2024-12-04T01:15:00Z' + errorDetails: { + errorCode: 'code' + errorMessage: 'errorMessage' + } + impactCategory: 'Resource.Availability' + impactDescription: 'impact description' + impactGroupId: 'impact groupid' + impactedResourceId: virtualMachine.id + performance: [ + { + actual: 2 + expected: 2 + expectedValueRange: { + max: 5 + min: 1 + } + metricName: 'example' + unit: 'ByteSeconds' + } + ] + startDateTime: '2024-12-03T01:15:00Z' + workload: { + context: 'context' + toolset: 'Ansible' + } + } +} + resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location @@ -24,12 +86,12 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: resourceName parent: virtualNetwork properties: { - serviceEndpoints: [] addressPrefix: '10.0.2.0/24' delegations: [] privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] + serviceEndpoints: [] } } @@ -41,13 +103,15 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { enableIPForwarding: false ipConfigurations: [ { + name: 'testconfiguration1' properties: { - subnet: {} primary: true privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' + subnet: { + id: subnet.id + } } - name: 'testconfiguration1' } ] } @@ -57,13 +121,26 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { name: resourceName location: location properties: { + hardwareProfile: { + vmSize: 'Standard_F2' + } + networkProfile: { + networkInterfaces: [ + { + id: networkInterface.id + properties: { + primary: false + } + } + ] + } osProfile: { + adminPassword: adminPassword adminUsername: 'testadmin' computerName: 'hostname230630032848831819' linuxConfiguration: { disablePasswordAuthentication: false } - adminPassword: adminPassword } storageProfile: { imageReference: { @@ -79,80 +156,5 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { writeAcceleratorEnabled: false } } - hardwareProfile: { - vmSize: 'Standard_F2' - } - networkProfile: { - networkInterfaces: [ - { - id: networkInterface.id - properties: { - primary: false - } - } - ] - } - } -} - -resource workloadImpact 'Microsoft.Impact/workloadImpacts@2023-12-01-preview' = { - name: resourceName - properties: { - impactCategory: 'Resource.Availability' - performance: [ - { - actual: 2 - expected: 2 - expectedValueRange: { - min: 1 - max: 5 - } - metricName: 'example' - unit: 'ByteSeconds' - } - ] - startDateTime: '2024-12-03T01:15:00Z' - workload: { - context: 'context' - toolset: 'Ansible' - } - additionalProperties: { - Location: 'DataCenter1' - LogUrl: 'http://example.com/log' - ModelNumber: 'Model123' - NodeId: 'node-123' - PhysicalHostName: 'host123' - SerialNumber: 'SN123456' - CollectTelemetry: true - Manufacturer: 'ManufacturerName' - VmUniqueId: 'vm-unique-id' - } - armCorrelationIds: [ - 'id1' - 'id2' - ] - clientIncidentDetails: { - clientIncidentId: 'id' - clientIncidentSource: 'AzureDevops' - } - connectivity: { - port: 1443 - protocol: 'TCP' - source: { - azureResourceId: virtualMachine.id - } - target: { - azureResourceId: virtualMachine.id - } - } - errorDetails: { - errorCode: 'code' - errorMessage: 'errorMessage' - } - impactDescription: 'impact description' - impactGroupId: 'impact groupid' - impactedResourceId: virtualMachine.id - confidenceLevel: 'High' - endDateTime: '2024-12-04T01:15:00Z' } } diff --git a/settings/remarks/microsoft.insights/samples/actiongroups/main.bicep b/settings/remarks/microsoft.insights/samples/actiongroups/main.bicep index 0a46c86d..ebfde871 100644 --- a/settings/remarks/microsoft.insights/samples/actiongroups/main.bicep +++ b/settings/remarks/microsoft.insights/samples/actiongroups/main.bicep @@ -1,22 +1,22 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource actionGroup 'Microsoft.Insights/actionGroups@2023-01-01' = { name: resourceName location: 'global' properties: { - emailReceivers: [] - itsmReceivers: [] - logicAppReceivers: [] - voiceReceivers: [] + armRoleReceivers: [] automationRunbookReceivers: [] + azureAppPushReceivers: [] + azureFunctionReceivers: [] + emailReceivers: [] enabled: true eventHubReceivers: [] groupShortName: 'acctestag' + itsmReceivers: [] + logicAppReceivers: [] smsReceivers: [] + voiceReceivers: [] webhookReceivers: [] - armRoleReceivers: [] - azureAppPushReceivers: [] - azureFunctionReceivers: [] } } diff --git a/settings/remarks/microsoft.insights/samples/activitylogalerts/main.bicep b/settings/remarks/microsoft.insights/samples/activitylogalerts/main.bicep index 6c7d60c5..8d2c8b60 100644 --- a/settings/remarks/microsoft.insights/samples/activitylogalerts/main.bicep +++ b/settings/remarks/microsoft.insights/samples/activitylogalerts/main.bicep @@ -1,23 +1,23 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource actionGroup 'Microsoft.Insights/actionGroups@2023-01-01' = { name: resourceName location: 'global' properties: { - itsmReceivers: [] - smsReceivers: [] - webhookReceivers: [] armRoleReceivers: [] + automationRunbookReceivers: [] azureAppPushReceivers: [] azureFunctionReceivers: [] emailReceivers: [] enabled: true + eventHubReceivers: [] groupShortName: 'acctestag1' + itsmReceivers: [] logicAppReceivers: [] + smsReceivers: [] voiceReceivers: [] - automationRunbookReceivers: [] - eventHubReceivers: [] + webhookReceivers: [] } } @@ -26,17 +26,17 @@ resource actionGroup2 'Microsoft.Insights/actionGroups@2023-01-01' = { location: 'global' properties: { armRoleReceivers: [] + automationRunbookReceivers: [] azureAppPushReceivers: [] azureFunctionReceivers: [] emailReceivers: [] enabled: true eventHubReceivers: [] - smsReceivers: [] - voiceReceivers: [] - automationRunbookReceivers: [] groupShortName: 'acctestag2' itsmReceivers: [] logicAppReceivers: [] + smsReceivers: [] + voiceReceivers: [] webhookReceivers: [] } } @@ -45,8 +45,6 @@ resource activityLogAlert 'Microsoft.Insights/activityLogAlerts@2020-10-01' = { name: resourceName location: 'global' properties: { - enabled: true - scopes: [] actions: { actionGroups: [ { @@ -95,8 +93,8 @@ resource activityLogAlert 'Microsoft.Insights/activityLogAlerts@2020-10-01' = { { anyOf: [ { - field: 'properties.cause' equals: 'PlatformInitiated' + field: 'properties.cause' } { equals: 'UserInitiated' @@ -107,6 +105,11 @@ resource activityLogAlert 'Microsoft.Insights/activityLogAlerts@2020-10-01' = { ] } description: 'This is just a test acceptance.' + enabled: true + scopes: [ + resourceGroup().id + storageAccount.id + ] } } @@ -119,7 +122,10 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { kind: 'StorageV2' properties: { accessTier: 'Hot' + allowBlobPublicAccess: true allowCrossTenantReplication: true + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -138,9 +144,6 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { networkAcls: { defaultAction: 'Allow' } - allowBlobPublicAccess: true - allowSharedKeyAccess: true - defaultToOAuthAuthentication: false publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true } diff --git a/settings/remarks/microsoft.insights/samples/autoscalesettings/main.bicep b/settings/remarks/microsoft.insights/samples/autoscalesettings/main.bicep index 349f606e..d251b047 100644 --- a/settings/remarks/microsoft.insights/samples/autoscalesettings/main.bicep +++ b/settings/remarks/microsoft.insights/samples/autoscalesettings/main.bicep @@ -6,47 +6,6 @@ param adminUsername string @description('The administrator password for the virtual machine scale set') param adminPassword string -resource autoScaleSetting 'Microsoft.Insights/autoScaleSettings@2022-10-01' = { - name: resourceName - location: location - properties: { - enabled: true - notifications: [] - profiles: [ - { - rules: [ - { - metricTrigger: { - timeGrain: 'PT1M' - timeWindow: 'PT5M' - threshold: 75 - timeAggregation: 'Last' - dimensions: [] - dividePerInstance: true - metricName: 'Percentage CPU' - metricNamespace: '' - operator: 'GreaterThan' - statistic: 'Average' - } - scaleAction: { - direction: 'Increase' - type: 'ChangeCount' - value: '1' - cooldown: 'PT1M' - } - } - ] - capacity: { - default: '1' - maximum: '10' - minimum: '1' - } - name: 'metricRules' - } - ] - } -} - resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023-03-01' = { name: resourceName location: location @@ -57,12 +16,16 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- } properties: { additionalCapabilities: {} + doNotRunExtensionsOnOverprovisionedVMs: false + orchestrationMode: 'Uniform' + overprovision: true scaleInPolicy: { forceDeletion: false rules: [ 'Default' ] } + singlePlacementGroup: true upgradePolicy: { mode: 'Manual' } @@ -79,8 +42,8 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- networkProfile: { networkInterfaceConfigurations: [ { + name: 'TestNetworkProfile-230630033559396108' properties: { - primary: true dnsSettings: { dnsServers: [] } @@ -90,18 +53,20 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- { name: 'TestIPConfiguration' properties: { - privateIPAddressVersion: 'IPv4' - subnet: {} applicationGatewayBackendAddressPools: [] applicationSecurityGroups: [] loadBalancerBackendAddressPools: [] loadBalancerInboundNatPools: [] primary: true + privateIPAddressVersion: 'IPv4' + subnet: { + id: subnet.id + } } } ] + primary: true } - name: 'TestNetworkProfile-230630033559396108' } ] } @@ -125,15 +90,6 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- } priority: 'Regular' storageProfile: { - osDisk: { - osType: 'Linux' - writeAcceleratorEnabled: false - caching: 'ReadWrite' - createOption: 'FromImage' - managedDisk: { - storageAccountType: 'StandardSSD_LRS' - } - } dataDisks: [] imageReference: { offer: 'UbuntuServer' @@ -141,12 +97,17 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2023- sku: '16.04-LTS' version: 'latest' } + osDisk: { + caching: 'ReadWrite' + createOption: 'FromImage' + managedDisk: { + storageAccountType: 'StandardSSD_LRS' + } + osType: 'Linux' + writeAcceleratorEnabled: false + } } } - doNotRunExtensionsOnOverprovisionedVMs: false - orchestrationMode: 'Uniform' - overprovision: true - singlePlacementGroup: true } } @@ -154,7 +115,6 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location properties: { - subnets: [] addressSpace: { addressPrefixes: [ '10.0.0.0/16' @@ -163,6 +123,7 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { dhcpOptions: { dnsServers: [] } + subnets: [] } } @@ -178,3 +139,46 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { serviceEndpoints: [] } } + +resource autoScaleSetting 'Microsoft.Insights/autoScaleSettings@2022-10-01' = { + name: resourceName + location: location + properties: { + enabled: true + notifications: [] + profiles: [ + { + capacity: { + default: '1' + maximum: '10' + minimum: '1' + } + name: 'metricRules' + rules: [ + { + metricTrigger: { + dimensions: [] + dividePerInstance: true + metricName: 'Percentage CPU' + metricNamespace: '' + metricResourceUri: virtualMachineScaleSet.id + operator: 'GreaterThan' + statistic: 'Average' + threshold: 75 + timeAggregation: 'Last' + timeGrain: 'PT1M' + timeWindow: 'PT5M' + } + scaleAction: { + cooldown: 'PT1M' + direction: 'Increase' + type: 'ChangeCount' + value: '1' + } + } + ] + } + ] + targetResourceUri: virtualMachineScaleSet.id + } +} diff --git a/settings/remarks/microsoft.insights/samples/components/analyticsitems/main.bicep b/settings/remarks/microsoft.insights/samples/components/analyticsitems/main.bicep index a5d7a01b..d5504cd5 100644 --- a/settings/remarks/microsoft.insights/samples/components/analyticsitems/main.bicep +++ b/settings/remarks/microsoft.insights/samples/components/analyticsitems/main.bicep @@ -6,14 +6,14 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { location: location kind: 'web' properties: { - RetentionInDays: 90 - publicNetworkAccessForIngestion: 'Enabled' - publicNetworkAccessForQuery: 'Enabled' Application_Type: 'web' - DisableLocalAuth: false - SamplingPercentage: 100 DisableIpMasking: false + DisableLocalAuth: false ForceCustomerStorageForProfiler: false + RetentionInDays: 90 + SamplingPercentage: 100 + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' } } diff --git a/settings/remarks/microsoft.insights/samples/components/main.bicep b/settings/remarks/microsoft.insights/samples/components/main.bicep index be5c10c2..e36d6913 100644 --- a/settings/remarks/microsoft.insights/samples/components/main.bicep +++ b/settings/remarks/microsoft.insights/samples/components/main.bicep @@ -7,12 +7,12 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { kind: 'web' properties: { Application_Type: 'web' + DisableIpMasking: false + DisableLocalAuth: false ForceCustomerStorageForProfiler: false RetentionInDays: 90 SamplingPercentage: 100 - publicNetworkAccessForQuery: 'Enabled' - DisableIpMasking: false - DisableLocalAuth: false publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' } } diff --git a/settings/remarks/microsoft.insights/samples/components/proactivedetectionconfigs/main.bicep b/settings/remarks/microsoft.insights/samples/components/proactivedetectionconfigs/main.bicep index 92e100bc..ba3206fa 100644 --- a/settings/remarks/microsoft.insights/samples/components/proactivedetectionconfigs/main.bicep +++ b/settings/remarks/microsoft.insights/samples/components/proactivedetectionconfigs/main.bicep @@ -6,14 +6,14 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { location: location kind: 'web' properties: { - RetentionInDays: 90 Application_Type: 'web' + DisableIpMasking: false DisableLocalAuth: false ForceCustomerStorageForProfiler: false + RetentionInDays: 90 SamplingPercentage: 100 publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' - DisableIpMasking: false } } diff --git a/settings/remarks/microsoft.insights/samples/datacollectionruleassociations/main.bicep b/settings/remarks/microsoft.insights/samples/datacollectionruleassociations/main.bicep index 2d268ee5..399e11d0 100644 --- a/settings/remarks/microsoft.insights/samples/datacollectionruleassociations/main.bicep +++ b/settings/remarks/microsoft.insights/samples/datacollectionruleassociations/main.bicep @@ -4,55 +4,25 @@ param location string = 'westeurope' @description('The administrator password for the virtual machine') param adminPassword string -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: 'network-230630033559397415' - location: location - properties: { - subnets: [] - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - name: 'subnet-230630033559397415' - parent: virtualNetwork - properties: { - addressPrefix: '10.0.2.0/24' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] - } -} - -resource dataCollectionRule 'Microsoft.Insights/dataCollectionRules@2022-06-01' = { - name: resourceName +resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { + name: 'nic-230630033559397415' location: location properties: { - dataFlows: [ + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ { - destinations: [ - 'test-destination-metrics' - ] - streams: [ - 'Microsoft-InsightsMetrics' - ] + name: 'internal' + properties: { + primary: true + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + subnet: { + id: subnet.id + } + } } ] - description: '' - destinations: { - azureMonitorMetrics: { - name: 'test-destination-metrics' - } - } } } @@ -60,6 +30,10 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { name: 'machine-230630033559397415' location: location properties: { + additionalCapabilities: {} + applicationProfile: { + galleryApplications: [] + } diagnosticsProfile: { bootDiagnostics: { enabled: false @@ -70,38 +44,34 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { hardwareProfile: { vmSize: 'Standard_B1ls' } + networkProfile: { + networkInterfaces: [ + { + id: networkInterface.id + properties: { + primary: true + } + } + ] + } osProfile: { adminPassword: adminPassword adminUsername: 'adminuser' allowExtensionOperations: true computerName: 'machine-230630033559397415' linuxConfiguration: { - provisionVMAgent: true - ssh: { - publicKeys: [] - } disablePasswordAuthentication: false patchSettings: { assessmentMode: 'ImageDefault' patchMode: 'ImageDefault' } + provisionVMAgent: true + ssh: { + publicKeys: [] + } } secrets: [] } - additionalCapabilities: {} - applicationProfile: { - galleryApplications: [] - } - networkProfile: { - networkInterfaces: [ - { - id: networkInterface.id - properties: { - primary: true - } - } - ] - } priority: 'Regular' storageProfile: { dataDisks: [] @@ -112,43 +82,75 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { version: 'latest' } osDisk: { - osType: 'Linux' - writeAcceleratorEnabled: false caching: 'ReadWrite' createOption: 'FromImage' managedDisk: { storageAccountType: 'Standard_LRS' } + osType: 'Linux' + writeAcceleratorEnabled: false } } } } -resource dataCollectionRuleAssociation 'Microsoft.Insights/dataCollectionRuleAssociations@2022-06-01' = { - name: resourceName - scope: virtualMachine +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: 'network-230630033559397415' + location: location properties: { - description: '' - dataCollectionRuleId: dataCollectionRule.id + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] } } -resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { - name: 'nic-230630033559397415' +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { + name: 'subnet-230630033559397415' + parent: virtualNetwork + properties: { + addressPrefix: '10.0.2.0/24' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] + } +} + +resource dataCollectionRule 'Microsoft.Insights/dataCollectionRules@2022-06-01' = { + name: resourceName location: location properties: { - enableAcceleratedNetworking: false - enableIPForwarding: false - ipConfigurations: [ + dataFlows: [ { - properties: { - primary: true - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - subnet: {} - } - name: 'internal' + destinations: [ + 'test-destination-metrics' + ] + streams: [ + 'Microsoft-InsightsMetrics' + ] } ] + description: '' + destinations: { + azureMonitorMetrics: { + name: 'test-destination-metrics' + } + } + } +} + +resource dataCollectionRuleAssociation 'Microsoft.Insights/dataCollectionRuleAssociations@2022-06-01' = { + name: resourceName + scope: virtualMachine + properties: { + dataCollectionRuleId: dataCollectionRule.id + description: '' } } diff --git a/settings/remarks/microsoft.insights/samples/datacollectionrules/main.bicep b/settings/remarks/microsoft.insights/samples/datacollectionrules/main.bicep index 27788640..857134ab 100644 --- a/settings/remarks/microsoft.insights/samples/datacollectionrules/main.bicep +++ b/settings/remarks/microsoft.insights/samples/datacollectionrules/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource dataCollectionRule 'Microsoft.Insights/dataCollectionRules@2022-06-01' = { name: resourceName @@ -7,12 +7,12 @@ resource dataCollectionRule 'Microsoft.Insights/dataCollectionRules@2022-06-01' properties: { dataFlows: [ { - streams: [ - 'Microsoft-InsightsMetrics' - ] destinations: [ 'test-destination-metrics' ] + streams: [ + 'Microsoft-InsightsMetrics' + ] } ] description: '' diff --git a/settings/remarks/microsoft.insights/samples/diagnosticsettings/main.bicep b/settings/remarks/microsoft.insights/samples/diagnosticsettings/main.bicep index c55f9338..23829016 100644 --- a/settings/remarks/microsoft.insights/samples/diagnosticsettings/main.bicep +++ b/settings/remarks/microsoft.insights/samples/diagnosticsettings/main.bicep @@ -23,17 +23,17 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { properties: { accessPolicies: [] createMode: 'default' + enableRbacAuthorization: false enableSoftDelete: true enabledForDeployment: false enabledForDiskEncryption: false + enabledForTemplateDeployment: false publicNetworkAccess: 'Enabled' sku: { - name: 'standard' family: 'A' + name: 'standard' } tenantId: tenant().tenantId - enableRbacAuthorization: false - enabledForTemplateDeployment: false } } @@ -53,6 +53,8 @@ resource diagnosticSetting 'Microsoft.Insights/diagnosticSettings@2021-05-01-pre name: resourceName scope: vault properties: { + eventHubAuthorizationRuleId: authorizationRule.id + eventHubName: namespace.name logs: [ { categoryGroup: 'Audit' diff --git a/settings/remarks/microsoft.insights/samples/logprofiles/main-rg-module.bicep b/settings/remarks/microsoft.insights/samples/logprofiles/main-rg-module.bicep index b80e5c9d..ef0a8fab 100644 --- a/settings/remarks/microsoft.insights/samples/logprofiles/main-rg-module.bicep +++ b/settings/remarks/microsoft.insights/samples/logprofiles/main-rg-module.bicep @@ -9,17 +9,13 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { + accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: true allowSharedKeyAccess: true defaultToOAuthAuthentication: false - isNfsV3Enabled: false - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' - accessTier: 'Hot' encryption: { + keySource: 'Microsoft.Storage' services: { queue: { keyType: 'Service' @@ -28,11 +24,18 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { keyType: 'Service' } } - keySource: 'Microsoft.Storage' } isHnsEnabled: false + isNfsV3Enabled: false isSftpEnabled: false minimumTlsVersion: 'TLS1_2' + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true } } + +// Module outputs for cross-scope references +output storageAccountId string = storageAccount.id diff --git a/settings/remarks/microsoft.insights/samples/logprofiles/main.bicep b/settings/remarks/microsoft.insights/samples/logprofiles/main.bicep index d7f97dff..cdc0a7ca 100644 --- a/settings/remarks/microsoft.insights/samples/logprofiles/main.bicep +++ b/settings/remarks/microsoft.insights/samples/logprofiles/main.bicep @@ -19,9 +19,10 @@ resource logProfile 'Microsoft.Insights/logProfiles@2016-03-01' = { 'westeurope' ] retentionPolicy: { - enabled: true days: 7 + enabled: true } + storageAccountId: module1.outputs.storageAccountId } } diff --git a/settings/remarks/microsoft.insights/samples/metricalerts/main.bicep b/settings/remarks/microsoft.insights/samples/metricalerts/main.bicep index 42dd4ade..6f620b0b 100644 --- a/settings/remarks/microsoft.insights/samples/metricalerts/main.bicep +++ b/settings/remarks/microsoft.insights/samples/metricalerts/main.bicep @@ -5,38 +5,40 @@ resource metricAlert 'Microsoft.Insights/metricAlerts@2018-03-01' = { name: resourceName location: 'global' properties: { - scopes: [] + actions: [] + autoMitigate: true criteria: { allOf: [ { + criterionType: 'StaticThresholdCriterion' dimensions: [] metricName: 'UsedCapacity' metricNamespace: 'Microsoft.Storage/storageAccounts' name: 'Metric1' operator: 'GreaterThan' skipMetricValidation: false - timeAggregation: 'Average' - criterionType: 'StaticThresholdCriterion' threshold: any('55.5') + timeAggregation: 'Average' } ] 'odata.type': 'Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria' } + description: '' + enabled: true evaluationFrequency: 'PT1M' + scopes: [ + storageAccount.id + ] severity: 3 targetResourceRegion: '' targetResourceType: '' windowSize: 'PT1H' - actions: [] - autoMitigate: true - description: '' - enabled: true } tags: { + CUSTOMER: 'CUSTOMERx' Example: 'Example123' terraform: 'Coolllll' test: '123' - CUSTOMER: 'CUSTOMERx' } } @@ -48,18 +50,10 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - allowSharedKeyAccess: true - isHnsEnabled: false - isNfsV3Enabled: false - minimumTlsVersion: 'TLS1_2' - networkAcls: { - defaultAction: 'Allow' - } accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: true + allowSharedKeyAccess: true defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' @@ -72,6 +66,14 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } + isHnsEnabled: false + isNfsV3Enabled: false isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true } } diff --git a/settings/remarks/microsoft.insights/samples/privatelinkscopes/scopedresources/main.bicep b/settings/remarks/microsoft.insights/samples/privatelinkscopes/scopedresources/main.bicep index bb5221a5..970e5a09 100644 --- a/settings/remarks/microsoft.insights/samples/privatelinkscopes/scopedresources/main.bicep +++ b/settings/remarks/microsoft.insights/samples/privatelinkscopes/scopedresources/main.bicep @@ -7,13 +7,13 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { kind: 'web' properties: { Application_Type: 'web' - ForceCustomerStorageForProfiler: false - SamplingPercentage: 100 - publicNetworkAccessForQuery: 'Enabled' DisableIpMasking: false DisableLocalAuth: false + ForceCustomerStorageForProfiler: false RetentionInDays: 90 + SamplingPercentage: 100 publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' } } diff --git a/settings/remarks/microsoft.insights/samples/scheduledqueryrules/main.bicep b/settings/remarks/microsoft.insights/samples/scheduledqueryrules/main.bicep index 01d86e7c..f66d15d9 100644 --- a/settings/remarks/microsoft.insights/samples/scheduledqueryrules/main.bicep +++ b/settings/remarks/microsoft.insights/samples/scheduledqueryrules/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource component 'Microsoft.Insights/components@2020-02-02' = { name: resourceName @@ -8,11 +8,11 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { properties: { Application_Type: 'web' DisableIpMasking: false + DisableLocalAuth: false + ForceCustomerStorageForProfiler: false RetentionInDays: 90 SamplingPercentage: 100 publicNetworkAccessForIngestion: 'Enabled' - DisableLocalAuth: false - ForceCustomerStorageForProfiler: false publicNetworkAccessForQuery: 'Enabled' } } @@ -22,11 +22,11 @@ resource scheduledQueryRule 'Microsoft.Insights/scheduledQueryRules@2021-08-01' location: location kind: 'LogAlert' properties: { + autoMitigate: false checkWorkspaceAlertsStorageConfigured: false criteria: { allOf: [ { - dimensions: null operator: 'Equal' query: ''' requests | summarize CountByCountry=count() by client_CountryOrRegion @@ -36,15 +36,13 @@ resource scheduledQueryRule 'Microsoft.Insights/scheduledQueryRules@2021-08-01' } ] } + enabled: true evaluationFrequency: 'PT5M' scopes: [ component.id ] severity: 3 - targetResourceTypes: null - windowSize: 'PT5M' - autoMitigate: false - enabled: true skipQueryValidation: false + windowSize: 'PT5M' } } diff --git a/settings/remarks/microsoft.insights/samples/webtests/main.bicep b/settings/remarks/microsoft.insights/samples/webtests/main.bicep index 979871b7..e607c325 100644 --- a/settings/remarks/microsoft.insights/samples/webtests/main.bicep +++ b/settings/remarks/microsoft.insights/samples/webtests/main.bicep @@ -6,13 +6,13 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { location: location kind: 'web' properties: { + Application_Type: 'web' DisableIpMasking: false DisableLocalAuth: false ForceCustomerStorageForProfiler: false RetentionInDays: 90 SamplingPercentage: 100 publicNetworkAccessForIngestion: 'Enabled' - Application_Type: 'web' publicNetworkAccessForQuery: 'Enabled' } } @@ -22,18 +22,22 @@ resource webTest 'Microsoft.Insights/webTests@2022-06-15' = { location: location kind: 'standard' properties: { - RetryEnabled: false - SyntheticMonitorId: resourceName + Description: '' Enabled: false Frequency: 300 Kind: 'standard' + Locations: [ + { + Id: 'us-tx-sn1-azr' + } + ] Name: resourceName Request: { FollowRedirects: false Headers: [ { - value: 'testheader' key: 'x-header' + value: 'testheader' } { key: 'x-header-2' @@ -44,17 +48,13 @@ resource webTest 'Microsoft.Insights/webTests@2022-06-15' = { ParseDependentRequests: false RequestUrl: 'http://microsoft.com' } + RetryEnabled: false + SyntheticMonitorId: resourceName Timeout: 30 ValidationRules: { ExpectedHttpStatusCode: 200 SSLCheck: false } - Description: '' - Locations: [ - { - Id: 'us-tx-sn1-azr' - } - ] } tags: { 'hidden-link:${component.id}': 'Resource' diff --git a/settings/remarks/microsoft.insights/samples/workbooktemplates/main.bicep b/settings/remarks/microsoft.insights/samples/workbooktemplates/main.bicep index c3de877f..5538419d 100644 --- a/settings/remarks/microsoft.insights/samples/workbooktemplates/main.bicep +++ b/settings/remarks/microsoft.insights/samples/workbooktemplates/main.bicep @@ -7,11 +7,11 @@ resource workbookTemplate 'Microsoft.Insights/workbookTemplates@2020-11-20' = { properties: { galleries: [ { - type: 'workbook' category: 'workbook' name: 'test' order: 0 resourceType: 'Azure Monitor' + type: 'workbook' } ] priority: 0 diff --git a/settings/remarks/microsoft.iotcentral/samples/iotapps/main.bicep b/settings/remarks/microsoft.iotcentral/samples/iotapps/main.bicep index 7fe41657..7bd1726b 100644 --- a/settings/remarks/microsoft.iotcentral/samples/iotapps/main.bicep +++ b/settings/remarks/microsoft.iotcentral/samples/iotapps/main.bicep @@ -8,7 +8,7 @@ resource iotApp 'Microsoft.IoTCentral/iotApps@2021-11-01-preview' = { name: 'ST1' } properties: { - displayName: '${resourceName}' + displayName: resourceName publicNetworkAccess: 'Enabled' subdomain: 'subdomain-2306300333537' template: 'iotc-pnp-preview@1.0.0' diff --git a/settings/remarks/microsoft.keyvault/samples/managedhsms/main.bicep b/settings/remarks/microsoft.keyvault/samples/managedhsms/main.bicep index 805fe61c..aedab861 100644 --- a/settings/remarks/microsoft.keyvault/samples/managedhsms/main.bicep +++ b/settings/remarks/microsoft.keyvault/samples/managedhsms/main.bicep @@ -9,14 +9,14 @@ resource managedHSM 'Microsoft.KeyVault/managedHSMs@2021-10-01' = { name: 'Standard_B1' } properties: { - publicNetworkAccess: 'Enabled' - softDeleteRetentionInDays: 90 - tenantId: tenant().tenantId createMode: 'default' enablePurgeProtection: false enableSoftDelete: true initialAdminObjectIds: [ deployer().objectId ] + publicNetworkAccess: 'Enabled' + softDeleteRetentionInDays: 90 + tenantId: tenant().tenantId } } diff --git a/settings/remarks/microsoft.keyvault/samples/vaults/accesspolicies/main.bicep b/settings/remarks/microsoft.keyvault/samples/vaults/accesspolicies/main.bicep index 59203d63..6fe3bd75 100644 --- a/settings/remarks/microsoft.keyvault/samples/vaults/accesspolicies/main.bicep +++ b/settings/remarks/microsoft.keyvault/samples/vaults/accesspolicies/main.bicep @@ -5,13 +5,13 @@ resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { name: resourceName location: location properties: { - enableSoftDelete: true - tenantId: tenant().tenantId sku: { family: 'A' name: 'standard' } accessPolicies: [] + enableSoftDelete: true + tenantId: tenant().tenantId } } diff --git a/settings/remarks/microsoft.keyvault/samples/vaults/keys/main.bicep b/settings/remarks/microsoft.keyvault/samples/vaults/keys/main.bicep index e85badfd..4bb8ca5b 100644 --- a/settings/remarks/microsoft.keyvault/samples/vaults/keys/main.bicep +++ b/settings/remarks/microsoft.keyvault/samples/vaults/keys/main.bicep @@ -6,8 +6,8 @@ resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { location: location properties: { sku: { - name: 'standard' family: 'A' + name: 'standard' } accessPolicies: [] enableSoftDelete: true @@ -22,9 +22,11 @@ resource putAccesspolicy 'Microsoft.KeyVault/vaults/accessPolicies@2023-02-01' = properties: { accessPolicies: [ { - tenantId: tenant().tenantId objectId: deployer().objectId permissions: { + certificates: [ + 'ManageContacts' + ] keys: [ 'Get' 'Create' @@ -44,10 +46,8 @@ resource putAccesspolicy 'Microsoft.KeyVault/vaults/accessPolicies@2023-02-01' = 'Get' ] storage: [] - certificates: [ - 'ManageContacts' - ] } + tenantId: tenant().tenantId } ] } diff --git a/settings/remarks/microsoft.keyvault/samples/vaults/main.bicep b/settings/remarks/microsoft.keyvault/samples/vaults/main.bicep index a5234c93..ca8ce628 100644 --- a/settings/remarks/microsoft.keyvault/samples/vaults/main.bicep +++ b/settings/remarks/microsoft.keyvault/samples/vaults/main.bicep @@ -5,36 +5,36 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { name: resourceName location: location properties: { - publicNetworkAccess: 'Enabled' - sku: { - family: 'A' - name: 'standard' - } - softDeleteRetentionInDays: 7 - tenantId: tenant().tenantId accessPolicies: [ { objectId: deployer().objectId permissions: { - secrets: [ - 'Set' - ] - storage: [] certificates: [ 'ManageContacts' ] keys: [ 'Create' ] + secrets: [ + 'Set' + ] + storage: [] } tenantId: tenant().tenantId } ] + createMode: 'default' enableRbacAuthorization: false + enableSoftDelete: true enabledForDeployment: false enabledForDiskEncryption: false enabledForTemplateDeployment: false - createMode: 'default' - enableSoftDelete: true + publicNetworkAccess: 'Enabled' + sku: { + family: 'A' + name: 'standard' + } + softDeleteRetentionInDays: 7 + tenantId: tenant().tenantId } } diff --git a/settings/remarks/microsoft.kubernetesconfiguration/samples/extensions/main.bicep b/settings/remarks/microsoft.kubernetesconfiguration/samples/extensions/main.bicep index db4aa7a1..fd96b3e1 100644 --- a/settings/remarks/microsoft.kubernetesconfiguration/samples/extensions/main.bicep +++ b/settings/remarks/microsoft.kubernetesconfiguration/samples/extensions/main.bicep @@ -13,7 +13,7 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2023-04-02-p vmSize: 'Standard_DS2_v2' } ] - dnsPrefix: '${resourceName}' + dnsPrefix: resourceName } } diff --git a/settings/remarks/microsoft.kubernetesconfiguration/samples/fluxconfigurations/main.bicep b/settings/remarks/microsoft.kubernetesconfiguration/samples/fluxconfigurations/main.bicep index d5dcda9b..21eb94e2 100644 --- a/settings/remarks/microsoft.kubernetesconfiguration/samples/fluxconfigurations/main.bicep +++ b/settings/remarks/microsoft.kubernetesconfiguration/samples/fluxconfigurations/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource managedCluster 'Microsoft.ContainerService/managedClusters@2023-04-02-preview' = { name: resourceName @@ -13,7 +13,7 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2023-04-02-p vmSize: 'Standard_DS2_v2' } ] - dnsPrefix: '${resourceName}' + dnsPrefix: resourceName } } @@ -33,14 +33,13 @@ resource fluxConfiguration 'Microsoft.KubernetesConfiguration/fluxConfigurations extension ] properties: { - suspend: false gitRepository: { - syncIntervalInSeconds: 120 - timeoutInSeconds: 120 - url: 'https://github.com/Azure/arc-k8s-demo' repositoryRef: { branch: 'branch' } + syncIntervalInSeconds: 120 + timeoutInSeconds: 120 + url: 'https://github.com/Azure/arc-k8s-demo' } kustomizations: { applications: { @@ -55,16 +54,17 @@ resource fluxConfiguration 'Microsoft.KubernetesConfiguration/fluxConfigurations timeoutInSeconds: 600 } shared: { + force: false path: 'cluster-config/shared' prune: false retryIntervalInSeconds: 60 syncIntervalInSeconds: 60 timeoutInSeconds: 600 - force: false } } namespace: 'flux-system' scope: 'cluster' sourceKind: 'GitRepository' + suspend: false } } diff --git a/settings/remarks/microsoft.kusto/samples/clusters/databases/main.bicep b/settings/remarks/microsoft.kusto/samples/clusters/databases/main.bicep index c9967356..01ef9b51 100644 --- a/settings/remarks/microsoft.kusto/samples/clusters/databases/main.bicep +++ b/settings/remarks/microsoft.kusto/samples/clusters/databases/main.bicep @@ -13,13 +13,13 @@ resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { enableAutoStop: true enableDiskEncryption: false enableDoubleEncryption: false - engineType: 'V2' - publicNetworkAccess: 'Enabled' - trustedExternalTenants: [] enablePurge: false enableStreamingIngest: false + engineType: 'V2' publicIPType: 'IPv4' + publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' + trustedExternalTenants: [] } } diff --git a/settings/remarks/microsoft.kusto/samples/clusters/databases/principalassignments/main.bicep b/settings/remarks/microsoft.kusto/samples/clusters/databases/principalassignments/main.bicep index b2add1b7..84543bb2 100644 --- a/settings/remarks/microsoft.kusto/samples/clusters/databases/principalassignments/main.bicep +++ b/settings/remarks/microsoft.kusto/samples/clusters/databases/principalassignments/main.bicep @@ -12,16 +12,16 @@ resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { tier: 'Basic' } properties: { - restrictOutboundNetworkAccess: 'Disabled' - trustedExternalTenants: [] enableAutoStop: true enableDiskEncryption: false - engineType: 'V2' enableDoubleEncryption: false enablePurge: false enableStreamingIngest: false + engineType: 'V2' publicIPType: 'IPv4' publicNetworkAccess: 'Enabled' + restrictOutboundNetworkAccess: 'Disabled' + trustedExternalTenants: [] } } diff --git a/settings/remarks/microsoft.kusto/samples/clusters/databases/scripts/main.bicep b/settings/remarks/microsoft.kusto/samples/clusters/databases/scripts/main.bicep index 65d3d151..69ff878b 100644 --- a/settings/remarks/microsoft.kusto/samples/clusters/databases/scripts/main.bicep +++ b/settings/remarks/microsoft.kusto/samples/clusters/databases/scripts/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { name: resourceName @@ -10,16 +10,16 @@ resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { tier: 'Basic' } properties: { + enableAutoStop: true enableDiskEncryption: false enableDoubleEncryption: false enablePurge: false enableStreamingIngest: false engineType: 'V2' - publicNetworkAccess: 'Enabled' - trustedExternalTenants: [] - enableAutoStop: true publicIPType: 'IPv4' + publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' + trustedExternalTenants: [] } } @@ -35,6 +35,7 @@ resource script 'Microsoft.Kusto/clusters/databases/scripts@2023-05-02' = { name: 'create-table-script' parent: database properties: { + continueOnErrors: false forceUpdateTag: '9e2e7874-aa37-7041-81b7-06397f03a37d' scriptContent: '''.create table TestTable(Id:string, Name:string, _ts:long, _timestamp:datetime) .create table TestTable ingestion json mapping "TestMapping" @@ -46,6 +47,5 @@ resource script 'Microsoft.Kusto/clusters/databases/scripts@2023-05-02' = { '']'' .alter table TestTable policy ingestionbatching "{''MaximumBatchingTimeSpan'': ''0:0:10'', ''MaximumNumberOfItems'': 10000}" ''' - continueOnErrors: false } } diff --git a/settings/remarks/microsoft.kusto/samples/clusters/main.bicep b/settings/remarks/microsoft.kusto/samples/clusters/main.bicep index a2f57e43..8b0eadf7 100644 --- a/settings/remarks/microsoft.kusto/samples/clusters/main.bicep +++ b/settings/remarks/microsoft.kusto/samples/clusters/main.bicep @@ -12,13 +12,13 @@ resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { properties: { enableAutoStop: true enableDiskEncryption: false + enableDoubleEncryption: false enablePurge: false enableStreamingIngest: false + engineType: 'V2' publicIPType: 'IPv4' publicNetworkAccess: 'Enabled' - trustedExternalTenants: [] - enableDoubleEncryption: false - engineType: 'V2' restrictOutboundNetworkAccess: 'Disabled' + trustedExternalTenants: [] } } diff --git a/settings/remarks/microsoft.kusto/samples/clusters/managedprivateendpoints/main.bicep b/settings/remarks/microsoft.kusto/samples/clusters/managedprivateendpoints/main.bicep index 2eb79c40..02489506 100644 --- a/settings/remarks/microsoft.kusto/samples/clusters/managedprivateendpoints/main.bicep +++ b/settings/remarks/microsoft.kusto/samples/clusters/managedprivateendpoints/main.bicep @@ -10,25 +10,16 @@ resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { tier: 'Basic' } properties: { - enablePurge: false - engineType: 'V2' - publicIPType: 'IPv4' - restrictOutboundNetworkAccess: 'Disabled' - trustedExternalTenants: [] enableAutoStop: true enableDiskEncryption: false enableDoubleEncryption: false + enablePurge: false enableStreamingIngest: false + engineType: 'V2' + publicIPType: 'IPv4' publicNetworkAccess: 'Enabled' - } -} - -resource managedPrivateEndpoint 'Microsoft.Kusto/clusters/managedPrivateEndpoints@2023-05-02' = { - name: resourceName - parent: cluster - properties: { - groupId: 'blob' - privateLinkResourceId: storageAccount.id + restrictOutboundNetworkAccess: 'Disabled' + trustedExternalTenants: [] } } @@ -40,11 +31,13 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { - isNfsV3Enabled: false - supportsHttpsTrafficOnly: true accessTier: 'Hot' + allowBlobPublicAccess: true + allowCrossTenantReplication: true + allowSharedKeyAccess: true defaultToOAuthAuthentication: false encryption: { + keySource: 'Microsoft.Storage' services: { queue: { keyType: 'Service' @@ -53,17 +46,24 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { keyType: 'Service' } } - keySource: 'Microsoft.Storage' } + isHnsEnabled: false + isNfsV3Enabled: false isSftpEnabled: false minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' - allowBlobPublicAccess: true - allowCrossTenantReplication: true - allowSharedKeyAccess: true - isHnsEnabled: false + supportsHttpsTrafficOnly: true + } +} + +resource managedPrivateEndpoint 'Microsoft.Kusto/clusters/managedPrivateEndpoints@2023-05-02' = { + name: resourceName + parent: cluster + properties: { + groupId: 'blob' + privateLinkResourceId: storageAccount.id } } diff --git a/settings/remarks/microsoft.kusto/samples/clusters/principalassignments/main.bicep b/settings/remarks/microsoft.kusto/samples/clusters/principalassignments/main.bicep index 5a84a59e..aab19a04 100644 --- a/settings/remarks/microsoft.kusto/samples/clusters/principalassignments/main.bicep +++ b/settings/remarks/microsoft.kusto/samples/clusters/principalassignments/main.bicep @@ -12,16 +12,16 @@ resource cluster 'Microsoft.Kusto/clusters@2023-05-02' = { tier: 'Basic' } properties: { - publicNetworkAccess: 'Enabled' - trustedExternalTenants: [] - enableDoubleEncryption: false - restrictOutboundNetworkAccess: 'Disabled' enableAutoStop: true enableDiskEncryption: false + enableDoubleEncryption: false enablePurge: false enableStreamingIngest: false engineType: 'V2' publicIPType: 'IPv4' + publicNetworkAccess: 'Enabled' + restrictOutboundNetworkAccess: 'Disabled' + trustedExternalTenants: [] } } diff --git a/settings/remarks/microsoft.labservices/samples/labplans/main.bicep b/settings/remarks/microsoft.labservices/samples/labplans/main.bicep index 8d5d8966..5528f0df 100644 --- a/settings/remarks/microsoft.labservices/samples/labplans/main.bicep +++ b/settings/remarks/microsoft.labservices/samples/labplans/main.bicep @@ -1,12 +1,12 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource labPlan 'Microsoft.LabServices/labPlans@2022-08-01' = { name: resourceName location: location properties: { allowedRegions: [ - '${location}' + location ] } } diff --git a/settings/remarks/microsoft.labservices/samples/labs/main.bicep b/settings/remarks/microsoft.labservices/samples/labs/main.bicep index a5635d60..8dbf0f7a 100644 --- a/settings/remarks/microsoft.labservices/samples/labs/main.bicep +++ b/settings/remarks/microsoft.labservices/samples/labs/main.bicep @@ -8,42 +8,42 @@ resource lab 'Microsoft.LabServices/labs@2022-08-01' = { name: resourceName location: location properties: { + autoShutdownProfile: { + shutdownOnDisconnect: 'Disabled' + shutdownOnIdle: 'None' + shutdownWhenNotConnected: 'Disabled' + } + connectionProfile: { + clientRdpAccess: 'None' + clientSshAccess: 'None' + webRdpAccess: 'None' + webSshAccess: 'None' + } + securityProfile: { + openAccess: 'Disabled' + } title: 'Test Title' virtualMachineProfile: { - usageQuota: 'PT0S' - useSharedPassword: 'Disabled' additionalCapabilities: { installGpuDrivers: 'Disabled' } adminUser: { - password: '${adminPassword}' + password: adminPassword username: 'testadmin' } createOption: 'Image' imageReference: { - sku: '20_04-lts' - version: 'latest' offer: '0001-com-ubuntu-server-focal' publisher: 'canonical' + sku: '20_04-lts' + version: 'latest' } sku: { capacity: 1 name: 'Classic_Fsv2_2_4GB_128_S_SSD' } - } - autoShutdownProfile: { - shutdownOnDisconnect: 'Disabled' - shutdownOnIdle: 'None' - shutdownWhenNotConnected: 'Disabled' - } - connectionProfile: { - clientRdpAccess: 'None' - clientSshAccess: 'None' - webRdpAccess: 'None' - webSshAccess: 'None' - } - securityProfile: { - openAccess: 'Disabled' + usageQuota: 'PT0S' + useSharedPassword: 'Disabled' } } } diff --git a/settings/remarks/microsoft.labservices/samples/labs/schedules/main.bicep b/settings/remarks/microsoft.labservices/samples/labs/schedules/main.bicep index 9666c05b..aa292b95 100644 --- a/settings/remarks/microsoft.labservices/samples/labs/schedules/main.bicep +++ b/settings/remarks/microsoft.labservices/samples/labs/schedules/main.bicep @@ -8,6 +8,17 @@ resource lab 'Microsoft.LabServices/labs@2022-08-01' = { name: resourceName location: location properties: { + autoShutdownProfile: { + shutdownOnDisconnect: 'Disabled' + shutdownOnIdle: 'None' + shutdownWhenNotConnected: 'Disabled' + } + connectionProfile: { + clientRdpAccess: 'None' + clientSshAccess: 'None' + webRdpAccess: 'None' + webSshAccess: 'None' + } securityProfile: { openAccess: 'Disabled' } @@ -17,7 +28,7 @@ resource lab 'Microsoft.LabServices/labs@2022-08-01' = { installGpuDrivers: 'Disabled' } adminUser: { - password: '${adminPassword}' + password: adminPassword username: 'testadmin' } createOption: 'Image' @@ -34,17 +45,6 @@ resource lab 'Microsoft.LabServices/labs@2022-08-01' = { usageQuota: 'PT0S' useSharedPassword: 'Disabled' } - autoShutdownProfile: { - shutdownOnDisconnect: 'Disabled' - shutdownOnIdle: 'None' - shutdownWhenNotConnected: 'Disabled' - } - connectionProfile: { - webSshAccess: 'None' - clientRdpAccess: 'None' - clientSshAccess: 'None' - webRdpAccess: 'None' - } } } diff --git a/settings/remarks/microsoft.labservices/samples/labs/users/main.bicep b/settings/remarks/microsoft.labservices/samples/labs/users/main.bicep index bc41bbbb..6d905739 100644 --- a/settings/remarks/microsoft.labservices/samples/labs/users/main.bicep +++ b/settings/remarks/microsoft.labservices/samples/labs/users/main.bicep @@ -1,24 +1,37 @@ -param resourceName string = 'acctest0001' -param location string = 'westeurope' @secure() @description('The administrator password for the lab virtual machine') param adminPassword string +param resourceName string = 'acctest0001' +param location string = 'westeurope' resource lab 'Microsoft.LabServices/labs@2022-08-01' = { name: resourceName location: location properties: { + autoShutdownProfile: { + shutdownOnDisconnect: 'Disabled' + shutdownOnIdle: 'None' + shutdownWhenNotConnected: 'Disabled' + } connectionProfile: { - webSshAccess: 'None' clientRdpAccess: 'None' clientSshAccess: 'None' webRdpAccess: 'None' + webSshAccess: 'None' } securityProfile: { openAccess: 'Disabled' } title: 'Test Title' virtualMachineProfile: { + additionalCapabilities: { + installGpuDrivers: 'Disabled' + } + adminUser: { + password: adminPassword + username: 'testadmin' + } + createOption: 'Image' imageReference: { offer: '0001-com-ubuntu-server-focal' publisher: 'canonical' @@ -31,19 +44,6 @@ resource lab 'Microsoft.LabServices/labs@2022-08-01' = { } usageQuota: 'PT0S' useSharedPassword: 'Disabled' - additionalCapabilities: { - installGpuDrivers: 'Disabled' - } - adminUser: { - username: 'testadmin' - password: '${adminPassword}' - } - createOption: 'Image' - } - autoShutdownProfile: { - shutdownOnDisconnect: 'Disabled' - shutdownOnIdle: 'None' - shutdownWhenNotConnected: 'Disabled' } } } @@ -52,7 +52,7 @@ resource user 'Microsoft.LabServices/labs/users@2022-08-01' = { name: resourceName parent: lab properties: { - email: 'terraform-acctest@hashicorp.com' additionalUsageQuota: 'PT0S' + email: 'terraform-acctest@hashicorp.com' } } diff --git a/settings/remarks/microsoft.logic/samples/integrationaccounts/agreements/main.bicep b/settings/remarks/microsoft.logic/samples/integrationaccounts/agreements/main.bicep index a1d52ff2..6e7baa1e 100644 --- a/settings/remarks/microsoft.logic/samples/integrationaccounts/agreements/main.bicep +++ b/settings/remarks/microsoft.logic/samples/integrationaccounts/agreements/main.bicep @@ -19,25 +19,31 @@ resource agreement 'Microsoft.Logic/integrationAccounts/agreements@2019-05-01' = aS2: { receiveAgreement: { protocolSettings: { + acknowledgementConnectionSettings: { + ignoreCertificateNameMismatch: false + keepHttpConnectionAlive: false + supportHttpStatusCodeContinue: false + unfoldHttpHeaders: false + } envelopeSettings: { - suspendMessageOnFileNameGenerationError: true - transmitFileNameInMimeHeader: false autogenerateFileName: false fileNameTemplate: '%FILE().ReceivedFileName%' messageContentType: 'text/plain' + suspendMessageOnFileNameGenerationError: true + transmitFileNameInMimeHeader: false } errorSettings: { resendIfMDNNotReceived: false suspendDuplicateMessage: false } mdnSettings: { + dispositionNotificationTo: 'http://localhost' + micHashingAlgorithm: 'SHA1' needMDN: false sendInboundMDNToMessageBox: true sendMDNAsynchronously: false signMDN: false signOutboundMDNIfOptional: false - dispositionNotificationTo: 'http://localhost' - micHashingAlgorithm: 'SHA1' } messageConnectionSettings: { ignoreCertificateNameMismatch: false @@ -55,27 +61,21 @@ resource agreement 'Microsoft.Logic/integrationAccounts/agreements@2019-05-01' = overrideGroupSigningCertificate: false } validationSettings: { + checkCertificateRevocationListOnReceive: false + checkCertificateRevocationListOnSend: false checkDuplicateMessage: false compressMessage: false encryptMessage: false encryptionAlgorithm: 'DES3' - overrideMessageProperties: false - checkCertificateRevocationListOnReceive: false interchangeDuplicatesValidityDays: 5 + overrideMessageProperties: false signMessage: false signingAlgorithm: 'Default' - checkCertificateRevocationListOnSend: false - } - acknowledgementConnectionSettings: { - supportHttpStatusCodeContinue: false - unfoldHttpHeaders: false - ignoreCertificateNameMismatch: false - keepHttpConnectionAlive: false } } receiverBusinessIdentity: { - value: 'FabrikamNY' qualifier: 'AS2Identity' + value: 'FabrikamNY' } senderBusinessIdentity: { qualifier: 'AS2Identity' @@ -84,18 +84,6 @@ resource agreement 'Microsoft.Logic/integrationAccounts/agreements@2019-05-01' = } sendAgreement: { protocolSettings: { - validationSettings: { - overrideMessageProperties: false - signingAlgorithm: 'Default' - checkDuplicateMessage: false - compressMessage: false - encryptionAlgorithm: 'DES3' - interchangeDuplicatesValidityDays: 5 - signMessage: false - checkCertificateRevocationListOnReceive: false - checkCertificateRevocationListOnSend: false - encryptMessage: false - } acknowledgementConnectionSettings: { ignoreCertificateNameMismatch: false keepHttpConnectionAlive: false @@ -103,24 +91,24 @@ resource agreement 'Microsoft.Logic/integrationAccounts/agreements@2019-05-01' = unfoldHttpHeaders: false } envelopeSettings: { - transmitFileNameInMimeHeader: false autogenerateFileName: false fileNameTemplate: '%FILE().ReceivedFileName%' messageContentType: 'text/plain' suspendMessageOnFileNameGenerationError: true + transmitFileNameInMimeHeader: false } errorSettings: { resendIfMDNNotReceived: false suspendDuplicateMessage: false } mdnSettings: { + dispositionNotificationTo: 'http://localhost' + micHashingAlgorithm: 'SHA1' + needMDN: false sendInboundMDNToMessageBox: true sendMDNAsynchronously: false signMDN: false signOutboundMDNIfOptional: false - dispositionNotificationTo: 'http://localhost' - micHashingAlgorithm: 'SHA1' - needMDN: false } messageConnectionSettings: { ignoreCertificateNameMismatch: false @@ -129,13 +117,25 @@ resource agreement 'Microsoft.Logic/integrationAccounts/agreements@2019-05-01' = unfoldHttpHeaders: true } securitySettings: { + enableNRRForInboundDecodedMessages: false + enableNRRForInboundEncodedMessages: false + enableNRRForInboundMDN: false enableNRRForOutboundDecodedMessages: false enableNRRForOutboundEncodedMessages: false enableNRRForOutboundMDN: false overrideGroupSigningCertificate: false - enableNRRForInboundDecodedMessages: false - enableNRRForInboundEncodedMessages: false - enableNRRForInboundMDN: false + } + validationSettings: { + checkCertificateRevocationListOnReceive: false + checkCertificateRevocationListOnSend: false + checkDuplicateMessage: false + compressMessage: false + encryptMessage: false + encryptionAlgorithm: 'DES3' + interchangeDuplicatesValidityDays: 5 + overrideMessageProperties: false + signMessage: false + signingAlgorithm: 'Default' } } receiverBusinessIdentity: { @@ -153,10 +153,12 @@ resource agreement 'Microsoft.Logic/integrationAccounts/agreements@2019-05-01' = qualifier: 'AS2Identity' value: 'FabrikamDC' } + guestPartner: partner2.name hostIdentity: { qualifier: 'AS2Identity' value: 'FabrikamNY' } + hostPartner: partner.name } } diff --git a/settings/remarks/microsoft.logic/samples/integrationaccounts/assemblies/main.bicep b/settings/remarks/microsoft.logic/samples/integrationaccounts/assemblies/main.bicep index e468a575..16d77b1a 100644 --- a/settings/remarks/microsoft.logic/samples/integrationaccounts/assemblies/main.bicep +++ b/settings/remarks/microsoft.logic/samples/integrationaccounts/assemblies/main.bicep @@ -19,11 +19,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { kind: 'StorageV2' properties: { accessTier: 'Hot' - dnsEndpointType: 'Standard' - publicNetworkAccess: 'Enabled' allowBlobPublicAccess: true + allowCrossTenantReplication: false allowSharedKeyAccess: true defaultToOAuthAuthentication: false + dnsEndpointType: 'Standard' encryption: { keySource: 'Microsoft.Storage' services: { @@ -37,8 +37,9 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } isHnsEnabled: false isLocalUserEnabled: true - supportsHttpsTrafficOnly: true - allowCrossTenantReplication: false + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' networkAcls: { bypass: 'AzureServices' defaultAction: 'Allow' @@ -46,9 +47,8 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { resourceAccessRules: [] virtualNetworkRules: [] } - isNfsV3Enabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true } } @@ -56,12 +56,12 @@ resource assembly 'Microsoft.Logic/integrationAccounts/assemblies@2019-05-01' = name: '${resourceName}-assembly' parent: integrationAccount properties: { + assemblyName: 'TestAssembly2' + assemblyVersion: '2.2.2.2' + content: 'dGVzdA==' contentType: 'application/octet-stream' metadata: { foo: 'bar2' } - assemblyName: 'TestAssembly2' - assemblyVersion: '2.2.2.2' - content: 'dGVzdA==' } } diff --git a/settings/remarks/microsoft.logic/samples/integrationaccounts/partners/main.bicep b/settings/remarks/microsoft.logic/samples/integrationaccounts/partners/main.bicep index f3bcd5e0..70c8e269 100644 --- a/settings/remarks/microsoft.logic/samples/integrationaccounts/partners/main.bicep +++ b/settings/remarks/microsoft.logic/samples/integrationaccounts/partners/main.bicep @@ -18,8 +18,8 @@ resource partner 'Microsoft.Logic/integrationAccounts/partners@2019-05-01' = { b2b: { businessIdentities: [ { - value: 'FabrikamNY' qualifier: 'AS2Identity' + value: 'FabrikamNY' } ] } diff --git a/settings/remarks/microsoft.logic/samples/integrationaccounts/schemas/main.bicep b/settings/remarks/microsoft.logic/samples/integrationaccounts/schemas/main.bicep index 1790d398..27dcecde 100644 --- a/settings/remarks/microsoft.logic/samples/integrationaccounts/schemas/main.bicep +++ b/settings/remarks/microsoft.logic/samples/integrationaccounts/schemas/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource integrationAccount 'Microsoft.Logic/integrationAccounts@2019-05-01' = { name: resourceName diff --git a/settings/remarks/microsoft.logic/samples/workflows/main.bicep b/settings/remarks/microsoft.logic/samples/workflows/main.bicep index 31e851ff..5c17d513 100644 --- a/settings/remarks/microsoft.logic/samples/workflows/main.bicep +++ b/settings/remarks/microsoft.logic/samples/workflows/main.bicep @@ -6,11 +6,10 @@ resource workflow 'Microsoft.Logic/workflows@2019-05-01' = { location: location properties: { definition: { - parameters: null - triggers: {} '$schema': 'https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#' actions: {} contentVersion: '1.0.0.0' + triggers: {} } parameters: {} state: 'Enabled' diff --git a/settings/remarks/microsoft.machinelearningservices/samples/workspaces/computes/main.bicep b/settings/remarks/microsoft.machinelearningservices/samples/workspaces/computes/main.bicep index 9360c3ea..672172c8 100644 --- a/settings/remarks/microsoft.machinelearningservices/samples/workspaces/computes/main.bicep +++ b/settings/remarks/microsoft.machinelearningservices/samples/workspaces/computes/main.bicep @@ -1,6 +1,22 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource component 'Microsoft.Insights/components@2020-02-02' = { + name: resourceName + location: location + kind: 'web' + properties: { + Application_Type: 'web' + DisableIpMasking: false + DisableLocalAuth: false + ForceCustomerStorageForProfiler: false + RetentionInDays: 90 + SamplingPercentage: 100 + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' + } +} + resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location @@ -16,18 +32,18 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { properties: { accessPolicies: [] createMode: 'default' + enablePurgeProtection: true + enableRbacAuthorization: false enableSoftDelete: true enabledForDeployment: false + enabledForDiskEncryption: false + enabledForTemplateDeployment: false + publicNetworkAccess: 'Enabled' sku: { family: 'A' name: 'standard' } tenantId: tenant().tenantId - enablePurgeProtection: true - enableRbacAuthorization: false - enabledForDiskEncryption: false - enabledForTemplateDeployment: false - publicNetworkAccess: 'Enabled' } } @@ -39,11 +55,11 @@ resource workspace 'Microsoft.MachineLearningServices/workspaces@2022-05-01' = { tier: 'Basic' } properties: { - v1LegacyMode: false applicationInsights: component.id keyVault: vault.id publicNetworkAccess: 'Enabled' storageAccount: storageAccount.id + v1LegacyMode: false } } @@ -61,19 +77,3 @@ resource compute 'Microsoft.MachineLearningServices/workspaces/computes@2022-05- } } } - -resource component 'Microsoft.Insights/components@2020-02-02' = { - name: resourceName - location: location - kind: 'web' - properties: { - publicNetworkAccessForQuery: 'Enabled' - Application_Type: 'web' - DisableIpMasking: false - DisableLocalAuth: false - ForceCustomerStorageForProfiler: false - publicNetworkAccessForIngestion: 'Enabled' - RetentionInDays: 90 - SamplingPercentage: 100 - } -} diff --git a/settings/remarks/microsoft.machinelearningservices/samples/workspaces/datastores/main.bicep b/settings/remarks/microsoft.machinelearningservices/samples/workspaces/datastores/main.bicep index 8492b93a..11840e08 100644 --- a/settings/remarks/microsoft.machinelearningservices/samples/workspaces/datastores/main.bicep +++ b/settings/remarks/microsoft.machinelearningservices/samples/workspaces/datastores/main.bicep @@ -9,18 +9,12 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } kind: 'StorageV2' properties: { + accessTier: 'Hot' + allowBlobPublicAccess: true allowCrossTenantReplication: false + allowSharedKeyAccess: true defaultToOAuthAuthentication: false dnsEndpointType: 'Standard' - isNfsV3Enabled: false - networkAcls: { - bypass: 'AzureServices' - defaultAction: 'Allow' - ipRules: [] - resourceAccessRules: [] - virtualNetworkRules: [] - } - publicNetworkAccess: 'Enabled' encryption: { keySource: 'Microsoft.Storage' services: { @@ -33,42 +27,19 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } } isHnsEnabled: false - minimumTlsVersion: 'TLS1_2' - allowBlobPublicAccess: true - allowSharedKeyAccess: true isLocalUserEnabled: true - supportsHttpsTrafficOnly: true - accessTier: 'Hot' + isNfsV3Enabled: false isSftpEnabled: false - } -} - -resource storageaccountBlobservices 'Microsoft.Storage/storageAccounts/blobServices@2023-05-01' = { - name: 'default' - parent: storageAccount -} - -resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2023-05-01' = { - name: 'datacontainer' - parent: storageaccountBlobservices - properties: { - publicAccess: 'None' - } -} - -resource component 'Microsoft.Insights/components@2020-02-02' = { - name: '${resourceName}-ai' - location: location - kind: 'web' - properties: { - DisableIpMasking: false - DisableLocalAuth: false - ForceCustomerStorageForProfiler: false - RetentionInDays: 90 - SamplingPercentage: 100 - publicNetworkAccessForIngestion: 'Enabled' - Application_Type: 'web' - publicNetworkAccessForQuery: 'Enabled' + minimumTlsVersion: 'TLS1_2' + networkAcls: { + bypass: 'AzureServices' + defaultAction: 'Allow' + ipRules: [] + resourceAccessRules: [] + virtualNetworkRules: [] + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true } } @@ -76,20 +47,20 @@ resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { name: '${resourceName}vault' location: location properties: { + accessPolicies: [] createMode: 'default' + enablePurgeProtection: true + enableRbacAuthorization: false enableSoftDelete: true + enabledForDeployment: false enabledForDiskEncryption: false enabledForTemplateDeployment: false + publicNetworkAccess: 'Enabled' sku: { family: 'A' name: 'standard' } tenantId: tenant().tenantId - accessPolicies: [] - enablePurgeProtection: true - enableRbacAuthorization: false - enabledForDeployment: false - publicNetworkAccess: 'Enabled' } } @@ -110,6 +81,19 @@ resource workspace 'Microsoft.MachineLearningServices/workspaces@2024-04-01' = { } } +resource storageaccountBlobservices 'Microsoft.Storage/storageAccounts/blobServices@2023-05-01' = { + name: 'default' + parent: storageAccount +} + +resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2023-05-01' = { + name: 'datacontainer' + parent: storageaccountBlobservices + properties: { + publicAccess: 'None' + } +} + resource dataStore 'Microsoft.MachineLearningServices/workspaces/dataStores@2024-04-01' = { name: replace('${resourceName}_ds', '-', '_') parent: workspace @@ -118,17 +102,33 @@ resource dataStore 'Microsoft.MachineLearningServices/workspaces/dataStores@2024 ] properties: { accountName: storageAccount.name + containerName: container.name credentials: { credentialsType: 'AccountKey' secrets: { - secretsType: 'AccountKey' key: base64(storageAccount.listKeys().keys[0].value) + secretsType: 'AccountKey' } } datastoreType: 'AzureBlob' description: '' endpoint: 'core.windows.net' serviceDataAccessAuthIdentity: 'None' - tags: null + } +} + +resource component 'Microsoft.Insights/components@2020-02-02' = { + name: '${resourceName}-ai' + location: location + kind: 'web' + properties: { + Application_Type: 'web' + DisableIpMasking: false + DisableLocalAuth: false + ForceCustomerStorageForProfiler: false + RetentionInDays: 90 + SamplingPercentage: 100 + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' } } diff --git a/settings/remarks/microsoft.machinelearningservices/samples/workspaces/main.bicep b/settings/remarks/microsoft.machinelearningservices/samples/workspaces/main.bicep index b2447814..feefee91 100644 --- a/settings/remarks/microsoft.machinelearningservices/samples/workspaces/main.bicep +++ b/settings/remarks/microsoft.machinelearningservices/samples/workspaces/main.bicep @@ -11,9 +11,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { properties: { accessTier: 'Hot' allowBlobPublicAccess: true + allowCrossTenantReplication: true allowSharedKeyAccess: true defaultToOAuthAuthentication: false encryption: { + keySource: 'Microsoft.Storage' services: { queue: { keyType: 'Service' @@ -22,17 +24,15 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { keyType: 'Service' } } - keySource: 'Microsoft.Storage' } + isHnsEnabled: false isNfsV3Enabled: false isSftpEnabled: false - publicNetworkAccess: 'Enabled' - allowCrossTenantReplication: true - isHnsEnabled: false minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } + publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true } } @@ -41,15 +41,6 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { name: resourceName location: location properties: { - sku: { - family: 'A' - name: 'standard' - } - createMode: 'default' - enablePurgeProtection: true - enableRbacAuthorization: false - enableSoftDelete: true - tenantId: tenant().tenantId accessPolicies: [ { objectId: '45a2d1ea-488a-44b0-bb2e-3cd8e485ebef' @@ -68,10 +59,19 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { tenantId: tenant().tenantId } ] + createMode: 'default' + enablePurgeProtection: true + enableRbacAuthorization: false + enableSoftDelete: true enabledForDeployment: false enabledForDiskEncryption: false enabledForTemplateDeployment: false publicNetworkAccess: 'Enabled' + sku: { + family: 'A' + name: 'standard' + } + tenantId: tenant().tenantId } } @@ -96,13 +96,13 @@ resource component 'Microsoft.Insights/components@2020-02-02' = { location: location kind: 'web' properties: { - DisableLocalAuth: false - RetentionInDays: 90 - publicNetworkAccessForIngestion: 'Enabled' - publicNetworkAccessForQuery: 'Enabled' Application_Type: 'web' DisableIpMasking: false + DisableLocalAuth: false ForceCustomerStorageForProfiler: false + RetentionInDays: 90 SamplingPercentage: 100 + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' } } diff --git a/settings/remarks/microsoft.machinelearningservices/samples/workspaces/outboundrules/main.bicep b/settings/remarks/microsoft.machinelearningservices/samples/workspaces/outboundrules/main.bicep index 22f28782..773a65f7 100644 --- a/settings/remarks/microsoft.machinelearningservices/samples/workspaces/outboundrules/main.bicep +++ b/settings/remarks/microsoft.machinelearningservices/samples/workspaces/outboundrules/main.bicep @@ -1,28 +1,57 @@ param resourceName string = 'acctest0001' param location string = 'westus' -var baseName = 'resourcename' -var aiName = 'resourceName-ai' -var saBase = 'baseName' -var kvBase = 'baseName' -var storageName = 'sasaBase' -var keyVaultName = 'kvkvBase' -var outboundName = 'resourceName-outbound' -var workspaceName = 'resourceName-mlw' +var kvBase = replace(baseName, '-', '') +var storageName = substring('sa${saBase}', 0, 24) +var keyVaultName = substring('kv${kvBase}', 0, 24) +var outboundName = '${resourceName}-outbound' +var workspaceName = '${resourceName}-mlw' +var baseName = toLower(resourceName) +var aiName = '${resourceName}-ai' +var saBase = replace(baseName, '-', '') + +resource workspace 'Microsoft.MachineLearningServices/workspaces@2024-04-01' = { + name: workspaceName + location: location + sku: { + name: 'Basic' + } + kind: 'Default' + properties: { + applicationInsights: component.id + keyVault: vault.id + managedNetwork: { + isolationMode: 'AllowOnlyApprovedOutbound' + } + publicNetworkAccess: 'Enabled' + storageAccount: storageAccount.id + v1LegacyMode: false + } +} + +resource outboundRule 'Microsoft.MachineLearningServices/workspaces/outboundRules@2024-04-01' = { + name: outboundName + parent: workspace + properties: { + category: 'UserDefined' + destination: 'www.microsoft.com' + type: 'FQDN' + } +} resource component 'Microsoft.Insights/components@2020-02-02' = { name: aiName location: location kind: 'web' properties: { - SamplingPercentage: 100 Application_Type: 'web' + DisableIpMasking: false DisableLocalAuth: false ForceCustomerStorageForProfiler: false RetentionInDays: 90 + SamplingPercentage: 100 publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' - DisableIpMasking: false } } @@ -34,14 +63,14 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } kind: 'StorageV2' properties: { - defaultToOAuthAuthentication: false - isNfsV3Enabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' - supportsHttpsTrafficOnly: true accessTier: 'Hot' + allowBlobPublicAccess: true allowCrossTenantReplication: false + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false + dnsEndpointType: 'Standard' encryption: { + keySource: 'Microsoft.Storage' services: { queue: { keyType: 'Service' @@ -50,21 +79,21 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { keyType: 'Service' } } - keySource: 'Microsoft.Storage' } + isHnsEnabled: false isLocalUserEnabled: true + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' networkAcls: { - virtualNetworkRules: [] bypass: 'AzureServices' defaultAction: 'Allow' ipRules: [] resourceAccessRules: [] + virtualNetworkRules: [] } publicNetworkAccess: 'Enabled' - allowBlobPublicAccess: true - allowSharedKeyAccess: true - dnsEndpointType: 'Standard' - isHnsEnabled: false + supportsHttpsTrafficOnly: true } } @@ -72,48 +101,19 @@ resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { name: keyVaultName location: location properties: { - publicNetworkAccess: 'Enabled' - sku: { - family: 'A' - name: 'standard' - } accessPolicies: [] - enablePurgeProtection: true - enabledForDiskEncryption: false - tenantId: tenant().tenantId createMode: 'default' + enablePurgeProtection: true enableRbacAuthorization: false enableSoftDelete: true enabledForDeployment: false + enabledForDiskEncryption: false enabledForTemplateDeployment: false - } -} - -resource workspace 'Microsoft.MachineLearningServices/workspaces@2024-04-01' = { - name: workspaceName - location: location - sku: { - name: 'Basic' - } - kind: 'Default' - properties: { - applicationInsights: component.id - keyVault: vault.id - managedNetwork: { - isolationMode: 'AllowOnlyApprovedOutbound' - } publicNetworkAccess: 'Enabled' - storageAccount: storageAccount.id - v1LegacyMode: false - } -} - -resource outboundRule 'Microsoft.MachineLearningServices/workspaces/outboundRules@2024-04-01' = { - name: outboundName - parent: workspace - properties: { - category: 'UserDefined' - destination: 'www.microsoft.com' - type: 'FQDN' + sku: { + family: 'A' + name: 'standard' + } + tenantId: tenant().tenantId } } diff --git a/settings/remarks/microsoft.maintenance/samples/configurationassignments/main.bicep b/settings/remarks/microsoft.maintenance/samples/configurationassignments/main.bicep index 8e3899c2..7045397e 100644 --- a/settings/remarks/microsoft.maintenance/samples/configurationassignments/main.bicep +++ b/settings/remarks/microsoft.maintenance/samples/configurationassignments/main.bicep @@ -8,6 +8,20 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { name: resourceName location: location properties: { + additionalCapabilities: {} + applicationProfile: { + galleryApplications: [] + } + diagnosticsProfile: { + bootDiagnostics: { + enabled: false + storageUri: '' + } + } + extensionsTimeBudget: 'PT1H30M' + hardwareProfile: { + vmSize: 'Standard_F2' + } networkProfile: { networkInterfaces: [ { @@ -19,56 +33,42 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { ] } osProfile: { + adminPassword: adminPassword + adminUsername: 'adminuser' + allowExtensionOperations: true computerName: resourceName linuxConfiguration: { - ssh: { - publicKeys: [] - } disablePasswordAuthentication: false patchSettings: { assessmentMode: 'ImageDefault' patchMode: 'ImageDefault' } provisionVMAgent: true + ssh: { + publicKeys: [] + } } secrets: [] - adminPassword: adminPassword - adminUsername: 'adminuser' - allowExtensionOperations: true } + priority: 'Regular' storageProfile: { dataDisks: [] imageReference: { - sku: '16.04-LTS' - version: 'latest' offer: 'UbuntuServer' publisher: 'Canonical' + sku: '16.04-LTS' + version: 'latest' } osDisk: { + caching: 'ReadWrite' + createOption: 'FromImage' managedDisk: { storageAccountType: 'Standard_LRS' } osType: 'Linux' writeAcceleratorEnabled: false - caching: 'ReadWrite' - createOption: 'FromImage' - } - } - hardwareProfile: { - vmSize: 'Standard_F2' - } - priority: 'Regular' - additionalCapabilities: {} - applicationProfile: { - galleryApplications: [] - } - diagnosticsProfile: { - bootDiagnostics: { - enabled: false - storageUri: '' } } - extensionsTimeBudget: 'PT1H30M' } } @@ -104,7 +104,10 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { resource configurationAssignment 'Microsoft.Maintenance/configurationAssignments@2022-07-01-preview' = { name: resourceName scope: virtualMachine - properties: {} + properties: { + maintenanceConfigurationId: maintenanceConfiguration.id + resourceId: virtualMachine.id + } } resource maintenanceConfiguration 'Microsoft.Maintenance/maintenanceConfigurations@2022-07-01-preview' = { @@ -131,7 +134,9 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { primary: true privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - subnet: {} + subnet: { + id: subnet.id + } } } ] diff --git a/settings/remarks/microsoft.maintenance/samples/maintenanceconfigurations/main.bicep b/settings/remarks/microsoft.maintenance/samples/maintenanceconfigurations/main.bicep index 78ee5514..6d6ddbc2 100644 --- a/settings/remarks/microsoft.maintenance/samples/maintenanceconfigurations/main.bicep +++ b/settings/remarks/microsoft.maintenance/samples/maintenanceconfigurations/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource maintenanceConfiguration 'Microsoft.Maintenance/maintenanceConfigurations@2022-07-01-preview' = { name: resourceName diff --git a/settings/remarks/microsoft.managedidentity/samples/userassignedidentities/federatedidentitycredentials/main.bicep b/settings/remarks/microsoft.managedidentity/samples/userassignedidentities/federatedidentitycredentials/main.bicep index 2fe2430e..8681e09f 100644 --- a/settings/remarks/microsoft.managedidentity/samples/userassignedidentities/federatedidentitycredentials/main.bicep +++ b/settings/remarks/microsoft.managedidentity/samples/userassignedidentities/federatedidentitycredentials/main.bicep @@ -11,10 +11,10 @@ resource federatedIdentityCredential 'Microsoft.ManagedIdentity/userAssignedIden location: location parent: userAssignedIdentity properties: { - issuer: 'https://foo' - subject: 'foo' audiences: [ 'foo' ] + issuer: 'https://foo' + subject: 'foo' } } diff --git a/settings/remarks/microsoft.managedidentity/samples/userassignedidentities/main.bicep b/settings/remarks/microsoft.managedidentity/samples/userassignedidentities/main.bicep index 68c0ec1c..160c18b6 100644 --- a/settings/remarks/microsoft.managedidentity/samples/userassignedidentities/main.bicep +++ b/settings/remarks/microsoft.managedidentity/samples/userassignedidentities/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource userAssignedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = { name: resourceName diff --git a/settings/remarks/microsoft.media/samples/mediaservices/accountfilters/main.bicep b/settings/remarks/microsoft.media/samples/mediaservices/accountfilters/main.bicep index 6011e125..79059e27 100644 --- a/settings/remarks/microsoft.media/samples/mediaservices/accountfilters/main.bicep +++ b/settings/remarks/microsoft.media/samples/mediaservices/accountfilters/main.bicep @@ -1,6 +1,20 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource mediaService 'Microsoft.Media/mediaServices@2021-11-01' = { + name: resourceName + location: location + properties: { + publicNetworkAccess: 'Enabled' + storageAccounts: [ + { + id: storageAccount.id + type: 'Primary' + } + ] + } +} + resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location @@ -9,11 +23,13 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true accessTier: 'Hot' + allowBlobPublicAccess: true + allowCrossTenantReplication: true allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { + keySource: 'Microsoft.Storage' services: { queue: { keyType: 'Service' @@ -22,31 +38,16 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { keyType: 'Service' } } - keySource: 'Microsoft.Storage' } + isHnsEnabled: false isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } - allowBlobPublicAccess: true - allowCrossTenantReplication: true - defaultToOAuthAuthentication: false - isHnsEnabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' - } -} - -resource mediaService 'Microsoft.Media/mediaServices@2021-11-01' = { - name: resourceName - location: location - properties: { publicNetworkAccess: 'Enabled' - storageAccounts: [ - { - type: 'Primary' - } - ] + supportsHttpsTrafficOnly: true } } diff --git a/settings/remarks/microsoft.media/samples/mediaservices/assets/assetfilters/main.bicep b/settings/remarks/microsoft.media/samples/mediaservices/assets/assetfilters/main.bicep index 40b595b2..3b549244 100644 --- a/settings/remarks/microsoft.media/samples/mediaservices/assets/assetfilters/main.bicep +++ b/settings/remarks/microsoft.media/samples/mediaservices/assets/assetfilters/main.bicep @@ -5,12 +5,13 @@ resource mediaService 'Microsoft.Media/mediaServices@2021-11-01' = { name: resourceName location: location properties: { + publicNetworkAccess: 'Enabled' storageAccounts: [ { + id: storageAccount.id type: 'Primary' } ] - publicNetworkAccess: 'Enabled' } } @@ -22,14 +23,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { - defaultToOAuthAuthentication: false - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true + accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: true + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -45,8 +43,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { isNfsV3Enabled: false isSftpEnabled: false minimumTlsVersion: 'TLS1_2' - accessTier: 'Hot' - allowSharedKeyAccess: true + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true } } diff --git a/settings/remarks/microsoft.media/samples/mediaservices/assets/main.bicep b/settings/remarks/microsoft.media/samples/mediaservices/assets/main.bicep index ba62f9de..508da50b 100644 --- a/settings/remarks/microsoft.media/samples/mediaservices/assets/main.bicep +++ b/settings/remarks/microsoft.media/samples/mediaservices/assets/main.bicep @@ -8,6 +8,7 @@ resource mediaService 'Microsoft.Media/mediaServices@2021-11-01' = { publicNetworkAccess: 'Enabled' storageAccounts: [ { + id: storageAccount.id type: 'Primary' } ] @@ -25,10 +26,6 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: true - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' allowSharedKeyAccess: true defaultToOAuthAuthentication: false encryption: { @@ -46,6 +43,10 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { isNfsV3Enabled: false isSftpEnabled: false minimumTlsVersion: 'TLS1_2' + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true } } diff --git a/settings/remarks/microsoft.media/samples/mediaservices/contentkeypolicies/main.bicep b/settings/remarks/microsoft.media/samples/mediaservices/contentkeypolicies/main.bicep index adcb4c83..2fa7102a 100644 --- a/settings/remarks/microsoft.media/samples/mediaservices/contentkeypolicies/main.bicep +++ b/settings/remarks/microsoft.media/samples/mediaservices/contentkeypolicies/main.bicep @@ -1,16 +1,53 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_GRS' + } + kind: 'StorageV2' + properties: { + accessTier: 'Hot' + allowBlobPublicAccess: true + allowCrossTenantReplication: true + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false + encryption: { + keySource: 'Microsoft.Storage' + services: { + queue: { + keyType: 'Service' + } + table: { + keyType: 'Service' + } + } + } + isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true + } +} + resource mediaService 'Microsoft.Media/mediaServices@2021-11-01' = { name: resourceName location: location properties: { + publicNetworkAccess: 'Enabled' storageAccounts: [ { + id: storageAccount.id type: 'Primary' } ] - publicNetworkAccess: 'Enabled' } } @@ -40,39 +77,3 @@ resource contentKeyPolicy 'Microsoft.Media/mediaServices/contentKeyPolicies@2022 ] } } - -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - sku: { - name: 'Standard_GRS' - } - kind: 'StorageV2' - properties: { - defaultToOAuthAuthentication: false - encryption: { - keySource: 'Microsoft.Storage' - services: { - queue: { - keyType: 'Service' - } - table: { - keyType: 'Service' - } - } - } - isNfsV3Enabled: false - isSftpEnabled: false - networkAcls: { - defaultAction: 'Allow' - } - allowBlobPublicAccess: true - isHnsEnabled: false - minimumTlsVersion: 'TLS1_2' - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - accessTier: 'Hot' - allowCrossTenantReplication: true - allowSharedKeyAccess: true - } -} diff --git a/settings/remarks/microsoft.media/samples/mediaservices/liveevents/main.bicep b/settings/remarks/microsoft.media/samples/mediaservices/liveevents/main.bicep index 4c02cc7e..ad2529cb 100644 --- a/settings/remarks/microsoft.media/samples/mediaservices/liveevents/main.bicep +++ b/settings/remarks/microsoft.media/samples/mediaservices/liveevents/main.bicep @@ -17,6 +17,7 @@ resource mediaService 'Microsoft.Media/mediaServices@2021-11-01' = { publicNetworkAccess: 'Enabled' storageAccounts: [ { + id: storageAccount.id type: 'Primary' } ] @@ -29,19 +30,19 @@ resource liveEvent 'Microsoft.Media/mediaServices/liveEvents@2022-08-01' = { parent: mediaService properties: { input: { - keyFrameIntervalDuration: 'PT6S' - streamingProtocol: 'RTMP' accessControl: { ip: { allow: [ { - subnetPrefixLength: 0 address: '0.0.0.0' name: 'AllowAll' + subnetPrefixLength: 0 } ] } } + keyFrameIntervalDuration: 'PT6S' + streamingProtocol: 'RTMP' } } } diff --git a/settings/remarks/microsoft.media/samples/mediaservices/main.bicep b/settings/remarks/microsoft.media/samples/mediaservices/main.bicep index 61b9bee0..002d9f14 100644 --- a/settings/remarks/microsoft.media/samples/mediaservices/main.bicep +++ b/settings/remarks/microsoft.media/samples/mediaservices/main.bicep @@ -9,18 +9,10 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { - isNfsV3Enabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: true allowSharedKeyAccess: true - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' @@ -34,6 +26,14 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true } } @@ -44,6 +44,7 @@ resource mediaService 'Microsoft.Media/mediaServices@2021-11-01' = { publicNetworkAccess: 'Enabled' storageAccounts: [ { + id: storageAccount.id type: 'Primary' } ] diff --git a/settings/remarks/microsoft.media/samples/mediaservices/streamingendpoints/main.bicep b/settings/remarks/microsoft.media/samples/mediaservices/streamingendpoints/main.bicep index 6a4d5ddb..36f3ebc5 100644 --- a/settings/remarks/microsoft.media/samples/mediaservices/streamingendpoints/main.bicep +++ b/settings/remarks/microsoft.media/samples/mediaservices/streamingendpoints/main.bicep @@ -1,18 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' - -resource mediaService 'Microsoft.Media/mediaServices@2021-11-01' = { - name: resourceName - location: location - properties: { - publicNetworkAccess: 'Enabled' - storageAccounts: [ - { - type: 'Primary' - } - ] - } -} +param location string = 'westeurope' resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName @@ -22,8 +9,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { + accessTier: 'Hot' + allowBlobPublicAccess: true allowCrossTenantReplication: true allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -36,20 +26,31 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } isHnsEnabled: false + isNfsV3Enabled: false isSftpEnabled: false minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' - accessTier: 'Hot' - allowBlobPublicAccess: true - defaultToOAuthAuthentication: false - isNfsV3Enabled: false supportsHttpsTrafficOnly: true } } +resource mediaService 'Microsoft.Media/mediaServices@2021-11-01' = { + name: resourceName + location: location + properties: { + publicNetworkAccess: 'Enabled' + storageAccounts: [ + { + id: storageAccount.id + type: 'Primary' + } + ] + } +} + resource streamingEndpoint 'Microsoft.Media/mediaServices/streamingEndpoints@2022-08-01' = { name: resourceName location: location diff --git a/settings/remarks/microsoft.media/samples/mediaservices/streaminglocators/main.bicep b/settings/remarks/microsoft.media/samples/mediaservices/streaminglocators/main.bicep index ca5d7363..bbff380d 100644 --- a/settings/remarks/microsoft.media/samples/mediaservices/streaminglocators/main.bicep +++ b/settings/remarks/microsoft.media/samples/mediaservices/streaminglocators/main.bicep @@ -8,6 +8,7 @@ resource mediaService 'Microsoft.Media/mediaServices@2021-11-01' = { publicNetworkAccess: 'Enabled' storageAccounts: [ { + id: storageAccount.id type: 'Primary' } ] @@ -22,16 +23,8 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { - isNfsV3Enabled: false - isSftpEnabled: false - allowBlobPublicAccess: true - minimumTlsVersion: 'TLS1_2' - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true accessTier: 'Hot' + allowBlobPublicAccess: true allowCrossTenantReplication: true allowSharedKeyAccess: true defaultToOAuthAuthentication: false @@ -47,6 +40,14 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true } } diff --git a/settings/remarks/microsoft.media/samples/mediaservices/streamingpolicies/main.bicep b/settings/remarks/microsoft.media/samples/mediaservices/streamingpolicies/main.bicep index 096639f8..6e37cf74 100644 --- a/settings/remarks/microsoft.media/samples/mediaservices/streamingpolicies/main.bicep +++ b/settings/remarks/microsoft.media/samples/mediaservices/streamingpolicies/main.bicep @@ -1,6 +1,20 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource mediaService 'Microsoft.Media/mediaServices@2021-11-01' = { + name: resourceName + location: location + properties: { + publicNetworkAccess: 'Enabled' + storageAccounts: [ + { + id: storageAccount.id + type: 'Primary' + } + ] + } +} + resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location @@ -9,8 +23,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { - supportsHttpsTrafficOnly: true + accessTier: 'Hot' + allowBlobPublicAccess: true + allowCrossTenantReplication: true allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -22,31 +39,15 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' - publicNetworkAccess: 'Enabled' - accessTier: 'Hot' - allowBlobPublicAccess: true - allowCrossTenantReplication: true - defaultToOAuthAuthentication: false isHnsEnabled: false isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } - } -} - -resource mediaService 'Microsoft.Media/mediaServices@2021-11-01' = { - name: resourceName - location: location - properties: { publicNetworkAccess: 'Enabled' - storageAccounts: [ - { - type: 'Primary' - } - ] + supportsHttpsTrafficOnly: true } } diff --git a/settings/remarks/microsoft.media/samples/mediaservices/transforms/main.bicep b/settings/remarks/microsoft.media/samples/mediaservices/transforms/main.bicep index 845a52e6..acc9cf41 100644 --- a/settings/remarks/microsoft.media/samples/mediaservices/transforms/main.bicep +++ b/settings/remarks/microsoft.media/samples/mediaservices/transforms/main.bicep @@ -1,6 +1,20 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource mediaService 'Microsoft.Media/mediaServices@2021-11-01' = { + name: resourceName + location: location + properties: { + publicNetworkAccess: 'Enabled' + storageAccounts: [ + { + id: storageAccount.id + type: 'Primary' + } + ] + } +} + resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location @@ -25,31 +39,18 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } + isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } - isHnsEnabled: false - isNfsV3Enabled: false - isSftpEnabled: false publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true } } -resource mediaService 'Microsoft.Media/mediaServices@2021-11-01' = { - name: resourceName - location: location - properties: { - publicNetworkAccess: 'Enabled' - storageAccounts: [ - { - type: 'Primary' - } - ] - } -} - resource transform 'Microsoft.Media/mediaServices/transforms@2022-07-01' = { name: resourceName parent: mediaService diff --git a/settings/remarks/microsoft.migrate/samples/migrateprojects/main.bicep b/settings/remarks/microsoft.migrate/samples/migrateprojects/main.bicep index b64be689..d783027e 100644 --- a/settings/remarks/microsoft.migrate/samples/migrateprojects/main.bicep +++ b/settings/remarks/microsoft.migrate/samples/migrateprojects/main.bicep @@ -1,11 +1,12 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource project 'Microsoft.Migrate/migrateProjects@2020-05-01' = { name: resourceName location: location properties: { publicNetworkAccess: 'Enabled' + utilityStorageAccountId: storageAccount.id } } @@ -17,6 +18,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { + accessTier: 'Hot' + allowBlobPublicAccess: true + allowCrossTenantReplication: true + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -28,9 +34,6 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } - publicNetworkAccess: 'Enabled' - allowBlobPublicAccess: true - defaultToOAuthAuthentication: false isHnsEnabled: false isNfsV3Enabled: false isSftpEnabled: false @@ -38,9 +41,7 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { networkAcls: { defaultAction: 'Allow' } + publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true - accessTier: 'Hot' - allowCrossTenantReplication: true - allowSharedKeyAccess: true } } diff --git a/settings/remarks/microsoft.migrate/samples/migrateprojects/solutions/main.bicep b/settings/remarks/microsoft.migrate/samples/migrateprojects/solutions/main.bicep index c0d7a02d..1360e8ff 100644 --- a/settings/remarks/microsoft.migrate/samples/migrateprojects/solutions/main.bicep +++ b/settings/remarks/microsoft.migrate/samples/migrateprojects/solutions/main.bicep @@ -1,6 +1,15 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource project 'Microsoft.Migrate/migrateProjects@2020-05-01' = { + name: resourceName + location: location + properties: { + publicNetworkAccess: 'Enabled' + utilityStorageAccountId: storageAccount.id + } +} + resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location @@ -9,39 +18,31 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { + accessTier: 'Hot' allowBlobPublicAccess: true - defaultToOAuthAuthentication: false - isNfsV3Enabled: false - isSftpEnabled: false allowCrossTenantReplication: true allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { - table: { + queue: { keyType: 'Service' } - queue: { + table: { keyType: 'Service' } } } isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true - accessTier: 'Hot' - } -} - -resource project 'Microsoft.Migrate/migrateProjects@2020-05-01' = { - name: resourceName - location: location - properties: { - publicNetworkAccess: 'Enabled' } } diff --git a/settings/remarks/microsoft.mixedreality/samples/spatialanchorsaccounts/main.bicep b/settings/remarks/microsoft.mixedreality/samples/spatialanchorsaccounts/main.bicep index b7eadca1..195aee0e 100644 --- a/settings/remarks/microsoft.mixedreality/samples/spatialanchorsaccounts/main.bicep +++ b/settings/remarks/microsoft.mixedreality/samples/spatialanchorsaccounts/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource spatialAnchorsAccount 'Microsoft.MixedReality/spatialAnchorsAccounts@2021-01-01' = { name: resourceName diff --git a/settings/remarks/microsoft.mobilenetwork/samples/mobilenetworks/datanetworks/main.bicep b/settings/remarks/microsoft.mobilenetwork/samples/mobilenetworks/datanetworks/main.bicep index bfd12511..44986235 100644 --- a/settings/remarks/microsoft.mobilenetwork/samples/mobilenetworks/datanetworks/main.bicep +++ b/settings/remarks/microsoft.mobilenetwork/samples/mobilenetworks/datanetworks/main.bicep @@ -6,8 +6,8 @@ resource mobileNetwork 'Microsoft.MobileNetwork/mobileNetworks@2022-11-01' = { location: location properties: { publicLandMobileNetworkIdentifier: { - mnc: '01' mcc: '001' + mnc: '01' } } } diff --git a/settings/remarks/microsoft.mobilenetwork/samples/mobilenetworks/simpolicies/main.bicep b/settings/remarks/microsoft.mobilenetwork/samples/mobilenetworks/simpolicies/main.bicep index b7c63539..ea46578f 100644 --- a/settings/remarks/microsoft.mobilenetwork/samples/mobilenetworks/simpolicies/main.bicep +++ b/settings/remarks/microsoft.mobilenetwork/samples/mobilenetworks/simpolicies/main.bicep @@ -30,6 +30,8 @@ resource service 'Microsoft.MobileNetwork/mobileNetworks/services@2022-11-01' = rulePrecedence: 1 serviceDataFlowTemplates: [ { + direction: 'Uplink' + ports: [] protocol: [ 'ip' ] @@ -37,8 +39,6 @@ resource service 'Microsoft.MobileNetwork/mobileNetworks/services@2022-11-01' = '10.3.4.0/24' ] templateName: 'IP-to-server' - direction: 'Uplink' - ports: [] } ] trafficControl: 'Enabled' @@ -53,42 +53,45 @@ resource simPolicy 'Microsoft.MobileNetwork/mobileNetworks/simPolicies@2022-11-0 location: location parent: mobileNetwork properties: { - defaultSlice: {} + defaultSlice: { + id: slice.id + } registrationTimer: 3240 sliceConfigurations: [ { - defaultDataNetwork: { - id: dataNetwork.id - } - slice: {} dataNetworkConfigurations: [ { + '5qi': 9 allocationAndRetentionPriorityLevel: 9 - dataNetwork: { - id: dataNetwork.id - } - defaultSessionType: 'IPv4' - preemptionVulnerability: 'Preemptable' allowedServices: [ { id: service.id } ] + dataNetwork: { + id: dataNetwork.id + } + defaultSessionType: 'IPv4' maximumNumberOfBufferedPackets: 10 preemptionCapability: 'NotPreempt' + preemptionVulnerability: 'Preemptable' sessionAmbr: { - uplink: '500 Mbps' downlink: '1 Gbps' + uplink: '500 Mbps' } - '5qi': 9 - additionalAllowedSessionTypes: null } ] + defaultDataNetwork: { + id: dataNetwork.id + } + slice: { + id: slice.id + } } ] ueAmbr: { - uplink: '500 Mbps' downlink: '1 Gbps' + uplink: '500 Mbps' } } tags: { diff --git a/settings/remarks/microsoft.mobilenetwork/samples/packetcorecontrolplanes/main.bicep b/settings/remarks/microsoft.mobilenetwork/samples/packetcorecontrolplanes/main.bicep index d933c9a0..e34acbe6 100644 --- a/settings/remarks/microsoft.mobilenetwork/samples/packetcorecontrolplanes/main.bicep +++ b/settings/remarks/microsoft.mobilenetwork/samples/packetcorecontrolplanes/main.bicep @@ -1,6 +1,17 @@ param resourceName string = 'acctest0001' param location string = 'eastus' +resource mobileNetwork 'Microsoft.MobileNetwork/mobileNetworks@2022-11-01' = { + name: resourceName + location: location + properties: { + publicLandMobileNetworkIdentifier: { + mcc: '001' + mnc: '01' + } + } +} + resource packetCoreControlPlane 'Microsoft.MobileNetwork/packetCoreControlPlanes@2022-11-01' = { name: resourceName location: location @@ -16,24 +27,15 @@ resource packetCoreControlPlane 'Microsoft.MobileNetwork/packetCoreControlPlanes type: 'AKS-HCI' } sites: [ - {} + { + id: site.id + } ] sku: 'G0' ueMtu: 1440 } } -resource mobileNetwork 'Microsoft.MobileNetwork/mobileNetworks@2022-11-01' = { - name: resourceName - location: location - properties: { - publicLandMobileNetworkIdentifier: { - mnc: '01' - mcc: '001' - } - } -} - resource site 'Microsoft.MobileNetwork/mobileNetworks/sites@2022-11-01' = { name: resourceName location: location diff --git a/settings/remarks/microsoft.mobilenetwork/samples/packetcorecontrolplanes/packetcoredataplanes/main.bicep b/settings/remarks/microsoft.mobilenetwork/samples/packetcorecontrolplanes/packetcoredataplanes/main.bicep index 4cc5f339..c3319d66 100644 --- a/settings/remarks/microsoft.mobilenetwork/samples/packetcorecontrolplanes/packetcoredataplanes/main.bicep +++ b/settings/remarks/microsoft.mobilenetwork/samples/packetcorecontrolplanes/packetcoredataplanes/main.bicep @@ -1,6 +1,26 @@ param resourceName string = 'acctest0001' param location string = 'eastus' +resource dataBoxEdgeDevice 'Microsoft.DataBoxEdge/dataBoxEdgeDevices@2022-03-01' = { + name: resourceName + location: location + sku: { + name: 'EdgeP_Base' + tier: 'Standard' + } +} + +resource mobileNetwork 'Microsoft.MobileNetwork/mobileNetworks@2022-11-01' = { + name: resourceName + location: location + properties: { + publicLandMobileNetworkIdentifier: { + mcc: '001' + mnc: '01' + } + } +} + resource packetCoreControlPlane 'Microsoft.MobileNetwork/packetCoreControlPlanes@2022-11-01' = { name: resourceName location: location @@ -16,7 +36,9 @@ resource packetCoreControlPlane 'Microsoft.MobileNetwork/packetCoreControlPlanes type: 'AKS-HCI' } sites: [ - {} + { + id: site.id + } ] sku: 'G0' ueMtu: 1440 @@ -32,29 +54,9 @@ resource packetCoreDataPlane 'Microsoft.MobileNetwork/packetCoreControlPlanes/pa } } -resource mobileNetwork 'Microsoft.MobileNetwork/mobileNetworks@2022-11-01' = { - name: resourceName - location: location - properties: { - publicLandMobileNetworkIdentifier: { - mnc: '01' - mcc: '001' - } - } -} - resource site 'Microsoft.MobileNetwork/mobileNetworks/sites@2022-11-01' = { name: resourceName location: location parent: mobileNetwork properties: {} } - -resource dataBoxEdgeDevice 'Microsoft.DataBoxEdge/dataBoxEdgeDevices@2022-03-01' = { - name: resourceName - location: location - sku: { - name: 'EdgeP_Base' - tier: 'Standard' - } -} diff --git a/settings/remarks/microsoft.mobilenetwork/samples/simgroups/main.bicep b/settings/remarks/microsoft.mobilenetwork/samples/simgroups/main.bicep index 2e9533b7..cc8767f4 100644 --- a/settings/remarks/microsoft.mobilenetwork/samples/simgroups/main.bicep +++ b/settings/remarks/microsoft.mobilenetwork/samples/simgroups/main.bicep @@ -1,23 +1,23 @@ param resourceName string = 'acctest0001' param location string = 'eastus' -resource mobileNetwork 'Microsoft.MobileNetwork/mobileNetworks@2022-11-01' = { +resource simGroup 'Microsoft.MobileNetwork/simGroups@2022-11-01' = { name: resourceName location: location properties: { - publicLandMobileNetworkIdentifier: { - mcc: '001' - mnc: '01' + mobileNetwork: { + id: mobileNetwork.id } } } -resource simGroup 'Microsoft.MobileNetwork/simGroups@2022-11-01' = { +resource mobileNetwork 'Microsoft.MobileNetwork/mobileNetworks@2022-11-01' = { name: resourceName location: location properties: { - mobileNetwork: { - id: mobileNetwork.id + publicLandMobileNetworkIdentifier: { + mcc: '001' + mnc: '01' } } } diff --git a/settings/remarks/microsoft.monitor/samples/accounts/privateendpointconnections/main.bicep b/settings/remarks/microsoft.monitor/samples/accounts/privateendpointconnections/main.bicep index bd3129cb..31b213d1 100644 --- a/settings/remarks/microsoft.monitor/samples/accounts/privateendpointconnections/main.bicep +++ b/settings/remarks/microsoft.monitor/samples/accounts/privateendpointconnections/main.bicep @@ -1,14 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'eastus' -resource account 'Microsoft.Monitor/accounts@2023-04-03' = { - name: resourceName - location: location - properties: { - publicNetworkAccess: 'Disabled' - } -} - resource grafana 'Microsoft.Dashboard/grafana@2023-09-01' = { name: resourceName location: location @@ -16,6 +8,11 @@ resource grafana 'Microsoft.Dashboard/grafana@2023-09-01' = { name: 'Standard' } properties: { + apiKey: 'Disabled' + autoGeneratedDomainNameLabelScope: 'TenantReuse' + deterministicOutboundIP: 'Disabled' + publicNetworkAccess: 'Disabled' + zoneRedundancy: 'Disabled' grafanaIntegrations: { azureMonitorWorkspaceIntegrations: [ { @@ -23,15 +20,9 @@ resource grafana 'Microsoft.Dashboard/grafana@2023-09-01' = { } ] } - apiKey: 'Disabled' - autoGeneratedDomainNameLabelScope: 'TenantReuse' - deterministicOutboundIP: 'Disabled' - publicNetworkAccess: 'Disabled' - zoneRedundancy: 'Disabled' } identity: { type: 'None' - userAssignedIdentities: null } } @@ -48,6 +39,14 @@ resource managedPrivateEndpoint 'Microsoft.Dashboard/grafana/managedPrivateEndpo } } +resource account 'Microsoft.Monitor/accounts@2023-04-03' = { + name: resourceName + location: location + properties: { + publicNetworkAccess: 'Disabled' + } +} + resource grafanaManagedPrivateEndpointConnectionApproval 'Microsoft.Monitor/accounts/privateEndpointConnections@2023-04-03' = { name: 'azapi_resource.account.output.properties.privateEndpointConnections[0].name' parent: account diff --git a/settings/remarks/microsoft.netapp/samples/netappaccounts/backupvaults/main.bicep b/settings/remarks/microsoft.netapp/samples/netappaccounts/backupvaults/main.bicep index bd4bc416..e9ec13c5 100644 --- a/settings/remarks/microsoft.netapp/samples/netappaccounts/backupvaults/main.bicep +++ b/settings/remarks/microsoft.netapp/samples/netappaccounts/backupvaults/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westus' +param resourceName string = 'acctest0001' resource netAppAccount 'Microsoft.NetApp/netAppAccounts@2025-01-01' = { name: resourceName diff --git a/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/main.bicep b/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/main.bicep index ea7ab145..cd37201c 100644 --- a/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/main.bicep +++ b/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'centralus' +param resourceName string = 'acctest0001' resource netAppAccount 'Microsoft.NetApp/netAppAccounts@2022-05-01' = { name: resourceName diff --git a/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/volumes/main.bicep b/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/volumes/main.bicep index bf8ed35c..46a39546 100644 --- a/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/volumes/main.bicep +++ b/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/volumes/main.bicep @@ -25,19 +25,56 @@ resource capacityPool 'Microsoft.NetApp/netAppAccounts/capacityPools@2022-05-01' } } -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { +resource volume 'Microsoft.NetApp/netAppAccounts/capacityPools/volumes@2022-05-01' = { name: resourceName location: location + parent: capacityPool properties: { - dhcpOptions: { - dnsServers: [] + avsDataStore: 'Enabled' + creationToken: 'my-unique-file-path-230630034120103726' + dataProtection: {} + exportPolicy: { + rules: [ + { + allowedClients: '0.0.0.0/0' + cifs: false + hasRootAccess: true + nfsv3: true + nfsv41: false + ruleIndex: 1 + unixReadOnly: false + unixReadWrite: true + } + ] } - subnets: [] + networkFeatures: 'Basic' + protocolTypes: [ + 'NFSv3' + ] + serviceLevel: 'Standard' + snapshotDirectoryVisible: true + subnetId: subnet2.id + usageThreshold: any('1.073741824e+11') + volumeType: '' + } + tags: { + SkipASMAzSecPack: 'true' + } +} + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName + location: location + properties: { addressSpace: { addressPrefixes: [ '10.6.0.0/16' ] } + dhcpOptions: { + dnsServers: [] + } + subnets: [] } tags: { SkipASMAzSecPack: 'true' @@ -61,6 +98,7 @@ resource subnet2 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: resourceName parent: virtualNetwork properties: { + addressPrefix: '10.6.2.0/24' delegations: [ { name: 'testdelegation' @@ -73,43 +111,5 @@ resource subnet2 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] serviceEndpoints: [] - addressPrefix: '10.6.2.0/24' - } -} - -resource volume 'Microsoft.NetApp/netAppAccounts/capacityPools/volumes@2022-05-01' = { - name: resourceName - location: location - parent: capacityPool - properties: { - exportPolicy: { - rules: [ - { - nfsv3: true - nfsv41: false - ruleIndex: 1 - allowedClients: '0.0.0.0/0' - cifs: false - hasRootAccess: true - unixReadOnly: false - unixReadWrite: true - } - ] - } - networkFeatures: 'Basic' - serviceLevel: 'Standard' - snapshotDirectoryVisible: true - usageThreshold: any('1.073741824e+11') - volumeType: '' - avsDataStore: 'Enabled' - creationToken: 'my-unique-file-path-230630034120103726' - dataProtection: {} - protocolTypes: [ - 'NFSv3' - ] - subnetId: subnet2.id - } - tags: { - SkipASMAzSecPack: 'true' } } diff --git a/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/volumes/snapshots/main.bicep b/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/volumes/snapshots/main.bicep index 875bc9c4..480fc862 100644 --- a/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/volumes/snapshots/main.bicep +++ b/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/volumes/snapshots/main.bicep @@ -1,22 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: resourceName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - subnets: [] - } -} - resource netAppAccount 'Microsoft.NetApp/netAppAccounts@2022-05-01' = { name: resourceName location: location @@ -35,10 +19,27 @@ resource capacityPool 'Microsoft.NetApp/netAppAccounts/capacityPools@2022-05-01' } } +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] + } +} + resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: resourceName parent: virtualNetwork properties: { + addressPrefix: '10.0.2.0/24' delegations: [ { name: 'netapp' @@ -51,7 +52,6 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] serviceEndpoints: [] - addressPrefix: '10.0.2.0/24' } } @@ -60,23 +60,23 @@ resource volume 'Microsoft.NetApp/netAppAccounts/capacityPools/volumes@2022-05-0 location: location parent: capacityPool properties: { - serviceLevel: 'Premium' - snapshotDirectoryVisible: false - usageThreshold: any('1.073741824e+11') avsDataStore: 'Disabled' creationToken: 'my-unique-file-path-230630033642692134' dataProtection: {} exportPolicy: { rules: [] } - securityStyle: 'Unix' - snapshotId: '' - subnetId: subnet.id - volumeType: '' networkFeatures: 'Basic' protocolTypes: [ 'NFSv3' ] + securityStyle: 'Unix' + serviceLevel: 'Premium' + snapshotDirectoryVisible: false + snapshotId: '' + subnetId: subnet.id + usageThreshold: any('1.073741824e+11') + volumeType: '' } } diff --git a/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/volumes/volumequotarules/main.bicep b/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/volumes/volumequotarules/main.bicep index 84ae3da3..d8acc5d8 100644 --- a/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/volumes/volumequotarules/main.bicep +++ b/settings/remarks/microsoft.netapp/samples/netappaccounts/capacitypools/volumes/volumequotarules/main.bicep @@ -1,30 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westus' -resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2024-05-01' = { - name: '${resourceName}-nsg' - location: location - properties: { - securityRules: [] - } -} - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { - name: '${resourceName}-vnet' - location: location - properties: { - subnets: [] - addressSpace: { - addressPrefixes: [ - '10.88.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - } -} - resource netAppAccount 'Microsoft.NetApp/netAppAccounts@2025-01-01' = { name: '${resourceName}-acct' location: location @@ -44,37 +20,11 @@ resource capacityPool 'Microsoft.NetApp/netAppAccounts/capacityPools@2025-01-01' } } -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { - name: '${resourceName}-subnet' - parent: virtualNetwork - properties: { - privateEndpointNetworkPolicies: 'Disabled' - addressPrefix: '10.88.2.0/24' - defaultOutboundAccess: true - networkSecurityGroup: { - id: networkSecurityGroup.id - } - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] - delegations: [ - { - name: 'netapp-delegation' - properties: { - serviceName: 'Microsoft.NetApp/volumes' - } - } - ] - } -} - resource volume 'Microsoft.NetApp/netAppAccounts/capacityPools/volumes@2025-01-01' = { name: '${resourceName}-vol' location: location parent: capacityPool properties: { - subnetId: subnet.id - usageThreshold: any('1.073741824e+11') creationToken: '${resourceName}-path' dataProtection: {} exportPolicy: { @@ -84,6 +34,8 @@ resource volume 'Microsoft.NetApp/netAppAccounts/capacityPools/volumes@2025-01-0 'NFSv3' ] serviceLevel: 'Standard' + subnetId: subnet.id + usageThreshold: any('1.073741824e+11') } } @@ -96,3 +48,51 @@ resource volumeQuotaRule 'Microsoft.NetApp/netAppAccounts/capacityPools/volumes/ quotaType: 'DefaultGroupQuota' } } + +resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2024-05-01' = { + name: '${resourceName}-nsg' + location: location + properties: { + securityRules: [] + } +} + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { + name: '${resourceName}-vnet' + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.88.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { + name: '${resourceName}-subnet' + parent: virtualNetwork + properties: { + addressPrefix: '10.88.2.0/24' + defaultOutboundAccess: true + delegations: [ + { + name: 'netapp-delegation' + properties: { + serviceName: 'Microsoft.NetApp/volumes' + } + } + ] + networkSecurityGroup: { + id: networkSecurityGroup.id + } + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] + } +} diff --git a/settings/remarks/microsoft.netapp/samples/netappaccounts/snapshotpolicies/main.bicep b/settings/remarks/microsoft.netapp/samples/netappaccounts/snapshotpolicies/main.bicep index 8140865b..e6c13133 100644 --- a/settings/remarks/microsoft.netapp/samples/netappaccounts/snapshotpolicies/main.bicep +++ b/settings/remarks/microsoft.netapp/samples/netappaccounts/snapshotpolicies/main.bicep @@ -14,6 +14,12 @@ resource snapshotPolicy 'Microsoft.NetApp/netAppAccounts/snapshotPolicies@2022-0 location: location parent: netAppAccount properties: { + dailySchedule: { + hour: 22 + minute: 15 + snapshotsToKeep: 1 + } + enabled: true hourlySchedule: { minute: 15 snapshotsToKeep: 1 @@ -25,16 +31,10 @@ resource snapshotPolicy 'Microsoft.NetApp/netAppAccounts/snapshotPolicies@2022-0 snapshotsToKeep: 1 } weeklySchedule: { + day: 'Monday,Friday' hour: 23 minute: 0 snapshotsToKeep: 1 - day: 'Monday,Friday' } - dailySchedule: { - hour: 22 - minute: 15 - snapshotsToKeep: 1 - } - enabled: true } } diff --git a/settings/remarks/microsoft.network/samples/applicationgateways/main.bicep b/settings/remarks/microsoft.network/samples/applicationgateways/main.bicep index bd5a9502..a9746920 100644 --- a/settings/remarks/microsoft.network/samples/applicationgateways/main.bicep +++ b/settings/remarks/microsoft.network/samples/applicationgateways/main.bicep @@ -1,40 +1,11 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: resourceName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - subnets: [] - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - name: 'subnet-230630033653837171' - parent: virtualNetwork - properties: { - addressPrefix: '10.0.0.0/24' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' - privateLinkServiceNetworkPolicies: 'Disabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] - } -} - resource applicationGateway 'Microsoft.Network/applicationGateways@2022-07-01' = { name: resourceName location: location properties: { - trustedClientCertificates: [] + authenticationCertificates: [] backendAddressPools: [ { name: '${virtualNetwork.name}-beap' @@ -43,48 +14,84 @@ resource applicationGateway 'Microsoft.Network/applicationGateways@2022-07-01' = } } ] - privateLinkConfigurations: [] - sslCertificates: [] - sslPolicy: {} - sslProfiles: [] - trustedRootCertificates: [] - authenticationCertificates: [] + backendHttpSettingsCollection: [ + { + name: '${virtualNetwork.name}-be-htst' + properties: { + authenticationCertificates: [] + cookieBasedAffinity: 'Disabled' + path: '' + pickHostNameFromBackendAddress: false + port: 80 + protocol: 'Http' + requestTimeout: 1 + trustedRootCertificates: [] + } + } + ] customErrorConfigurations: [] + enableHttp2: false frontendIPConfigurations: [ { + name: '${virtualNetwork.name}-feip' properties: { privateIPAllocationMethod: 'Dynamic' - publicIPAddress: {} + publicIPAddress: { + id: publicIPAddress.id + } } - name: '${virtualNetwork.name}-feip' } ] - gatewayIPConfigurations: [ + frontendPorts: [ { + name: '${virtualNetwork.name}-feport' properties: { - subnet: {} + port: 80 } + } + ] + gatewayIPConfigurations: [ + { name: 'my-gateway-ip-configuration' + properties: { + subnet: { + id: subnet.id + } + } } ] - sku: { - capacity: 2 - name: 'Standard_v2' - tier: 'Standard_v2' - } - frontendPorts: [ + httpListeners: [ { - name: '${virtualNetwork.name}-feport' + name: '${virtualNetwork.name}-httplstn' properties: { - port: 80 + customErrorConfigurations: [] + frontendIPConfiguration: { + id: resourceId( + 'Microsoft.Network/applicationGateways/frontendIPConfigurations', + resourceGroup().name, + resourceName, + '${virtualNetwork.name}-feip' + ) + } + frontendPort: { + id: resourceId( + 'Microsoft.Network/applicationGateways/frontendPorts', + resourceGroup().name, + resourceName, + '${virtualNetwork.name}-feport' + ) + } + protocol: 'Http' + requireServerNameIndication: false } } ] + privateLinkConfigurations: [] + probes: [] redirectConfigurations: [] - rewriteRuleSets: [] - urlPathMaps: [] requestRoutingRules: [ { + name: '${virtualNetwork.name}-rqrt' properties: { backendAddressPool: { id: resourceId( @@ -113,52 +120,20 @@ resource applicationGateway 'Microsoft.Network/applicationGateways@2022-07-01' = ruleType: 'Basic' priority: 10 } - name: '-rqrt' - } - ] - backendHttpSettingsCollection: [ - { - properties: { - protocol: 'Http' - requestTimeout: 1 - trustedRootCertificates: [] - path: '' - port: 80 - authenticationCertificates: [] - cookieBasedAffinity: 'Disabled' - pickHostNameFromBackendAddress: false - } - name: '${virtualNetwork.name}-be-htst' - } - ] - enableHttp2: false - httpListeners: [ - { - name: '${virtualNetwork.name}-httplstn' - properties: { - frontendPort: { - id: resourceId( - 'Microsoft.Network/applicationGateways/frontendPorts', - resourceGroup().name, - resourceName, - '${virtualNetwork.name}-feport' - ) - } - protocol: 'Http' - requireServerNameIndication: false - customErrorConfigurations: [] - frontendIPConfiguration: { - id: resourceId( - 'Microsoft.Network/applicationGateways/frontendIPConfigurations', - resourceGroup().name, - resourceName, - '${virtualNetwork.name}-feip' - ) - } - } } ] - probes: [] + rewriteRuleSets: [] + sku: { + capacity: 2 + name: 'Standard_v2' + tier: 'Standard_v2' + } + sslCertificates: [] + sslPolicy: {} + sslProfiles: [] + trustedClientCertificates: [] + trustedRootCertificates: [] + urlPathMaps: [] } } @@ -178,3 +153,32 @@ resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { publicIPAllocationMethod: 'Static' } } + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { + name: 'subnet-230630033653837171' + parent: virtualNetwork + properties: { + addressPrefix: '10.0.0.0/24' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Disabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] + } +} diff --git a/settings/remarks/microsoft.network/samples/azurefirewalls/main.bicep b/settings/remarks/microsoft.network/samples/azurefirewalls/main.bicep index 0dab847f..ea72a4df 100644 --- a/settings/remarks/microsoft.network/samples/azurefirewalls/main.bicep +++ b/settings/remarks/microsoft.network/samples/azurefirewalls/main.bicep @@ -1,23 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { - name: resourceName - location: location - sku: { - tier: 'Regional' - name: 'Standard' - } - properties: { - ddosSettings: { - protectionMode: 'VirtualNetworkInherited' - } - idleTimeoutInMinutes: 4 - publicIPAddressVersion: 'IPv4' - publicIPAllocationMethod: 'Static' - } -} - resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location @@ -38,12 +21,12 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: 'AzureFirewallSubnet' parent: virtualNetwork properties: { + addressPrefix: '10.0.1.0/24' + delegations: [] privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] serviceEndpoints: [] - addressPrefix: '10.0.1.0/24' - delegations: [] } } @@ -51,14 +34,17 @@ resource azureFirewall 'Microsoft.Network/azureFirewalls@2022-07-01' = { name: resourceName location: location properties: { - threatIntelMode: 'Deny' additionalProperties: {} ipConfigurations: [ { name: 'configuration' properties: { - publicIPAddress: {} - subnet: {} + publicIPAddress: { + id: publicIPAddress.id + } + subnet: { + id: subnet.id + } } } ] @@ -66,5 +52,23 @@ resource azureFirewall 'Microsoft.Network/azureFirewalls@2022-07-01' = { name: 'AZFW_VNet' tier: 'Standard' } + threatIntelMode: 'Deny' + } +} + +resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { + name: resourceName + location: location + sku: { + name: 'Standard' + tier: 'Regional' + } + properties: { + ddosSettings: { + protectionMode: 'VirtualNetworkInherited' + } + idleTimeoutInMinutes: 4 + publicIPAddressVersion: 'IPv4' + publicIPAllocationMethod: 'Static' } } diff --git a/settings/remarks/microsoft.network/samples/bastionhosts/main.bicep b/settings/remarks/microsoft.network/samples/bastionhosts/main.bicep index bcddbdb0..728287a0 100644 --- a/settings/remarks/microsoft.network/samples/bastionhosts/main.bicep +++ b/settings/remarks/microsoft.network/samples/bastionhosts/main.bicep @@ -1,35 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: resourceName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '192.168.1.0/24' - ] - } - dhcpOptions: { - dnsServers: [] - } - subnets: [] - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - name: 'AzureBastionSubnet' - parent: virtualNetwork - properties: { - serviceEndpointPolicies: [] - serviceEndpoints: [] - addressPrefix: '192.168.1.224/27' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' - privateLinkServiceNetworkPolicies: 'Enabled' - } -} - resource bastionHost 'Microsoft.Network/bastionHosts@2022-07-01' = { name: resourceName location: location @@ -46,8 +17,12 @@ resource bastionHost 'Microsoft.Network/bastionHosts@2022-07-01' = { { name: 'ip-configuration' properties: { - publicIPAddress: {} - subnet: {} + publicIPAddress: { + id: publicIPAddress.id + } + subnet: { + id: subnet.id + } } } ] @@ -71,3 +46,32 @@ resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { publicIPAllocationMethod: 'Static' } } + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '192.168.1.0/24' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { + name: 'AzureBastionSubnet' + parent: virtualNetwork + properties: { + addressPrefix: '192.168.1.224/27' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] + } +} diff --git a/settings/remarks/microsoft.network/samples/dnsforwardingrulesets/forwardingrules/main.bicep b/settings/remarks/microsoft.network/samples/dnsforwardingrulesets/forwardingrules/main.bicep index 69f3283a..b13258f4 100644 --- a/settings/remarks/microsoft.network/samples/dnsforwardingrulesets/forwardingrules/main.bicep +++ b/settings/remarks/microsoft.network/samples/dnsforwardingrulesets/forwardingrules/main.bicep @@ -5,7 +5,9 @@ resource dnsResolver 'Microsoft.Network/dnsResolvers@2022-07-01' = { name: resourceName location: location properties: { - virtualNetwork: {} + virtualNetwork: { + id: virtualNetwork.id + } } } @@ -13,7 +15,6 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location properties: { - subnets: [] addressSpace: { addressPrefixes: [ '10.0.0.0/16' @@ -22,6 +23,7 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { dhcpOptions: { dnsServers: [] } + subnets: [] } } @@ -30,7 +32,9 @@ resource dnsForwardingRuleset 'Microsoft.Network/dnsForwardingRulesets@2022-07-0 location: location properties: { dnsResolverOutboundEndpoints: [ - {} + { + id: outboundEndpoint.id + } ] } } @@ -41,7 +45,6 @@ resource forwardingRule 'Microsoft.Network/dnsForwardingRulesets/forwardingRules properties: { domainName: 'onprem.local.' forwardingRuleState: 'Enabled' - metadata: null targetDnsServers: [ { ipAddress: '10.10.0.1' @@ -56,7 +59,9 @@ resource outboundEndpoint 'Microsoft.Network/dnsResolvers/outboundEndpoints@2022 location: location parent: dnsResolver properties: { - subnet: {} + subnet: { + id: subnet.id + } } } @@ -64,9 +69,6 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: 'outbounddns' parent: virtualNetwork properties: { - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] addressPrefix: '10.0.0.64/28' delegations: [ { @@ -77,5 +79,8 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { } ] privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.network/samples/dnsforwardingrulesets/main.bicep b/settings/remarks/microsoft.network/samples/dnsforwardingrulesets/main.bicep index 60895738..b6e69ea6 100644 --- a/settings/remarks/microsoft.network/samples/dnsforwardingrulesets/main.bicep +++ b/settings/remarks/microsoft.network/samples/dnsforwardingrulesets/main.bicep @@ -1,24 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource dnsForwardingRuleset 'Microsoft.Network/dnsForwardingRulesets@2022-07-01' = { - name: resourceName - location: location - properties: { - dnsResolverOutboundEndpoints: [ - {} - ] - } -} - -resource dnsResolver 'Microsoft.Network/dnsResolvers@2022-07-01' = { - name: resourceName - location: location - properties: { - virtualNetwork: {} - } -} - resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location @@ -35,12 +17,24 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } } +resource dnsResolver 'Microsoft.Network/dnsResolvers@2022-07-01' = { + name: resourceName + location: location + properties: { + virtualNetwork: { + id: virtualNetwork.id + } + } +} + resource outboundEndpoint 'Microsoft.Network/dnsResolvers/outboundEndpoints@2022-07-01' = { name: resourceName location: location parent: dnsResolver properties: { - subnet: {} + subnet: { + id: subnet.id + } } } @@ -48,7 +42,6 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: 'outbounddns' parent: virtualNetwork properties: { - serviceEndpoints: [] addressPrefix: '10.0.0.64/28' delegations: [ { @@ -61,5 +54,18 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] + serviceEndpoints: [] + } +} + +resource dnsForwardingRuleset 'Microsoft.Network/dnsForwardingRulesets@2022-07-01' = { + name: resourceName + location: location + properties: { + dnsResolverOutboundEndpoints: [ + { + id: outboundEndpoint.id + } + ] } } diff --git a/settings/remarks/microsoft.network/samples/dnsforwardingrulesets/virtualnetworklinks/main.bicep b/settings/remarks/microsoft.network/samples/dnsforwardingrulesets/virtualnetworklinks/main.bicep index e13aaf32..6e14a64f 100644 --- a/settings/remarks/microsoft.network/samples/dnsforwardingrulesets/virtualnetworklinks/main.bicep +++ b/settings/remarks/microsoft.network/samples/dnsforwardingrulesets/virtualnetworklinks/main.bicep @@ -1,6 +1,16 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource dnsResolver 'Microsoft.Network/dnsResolvers@2022-07-01' = { + name: resourceName + location: location + properties: { + virtualNetwork: { + id: virtualNetwork.id + } + } +} + resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location @@ -17,23 +27,34 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } } +resource outboundEndpoint 'Microsoft.Network/dnsResolvers/outboundEndpoints@2022-07-01' = { + name: resourceName + location: location + parent: dnsResolver + properties: { + subnet: { + id: subnet.id + } + } +} + resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: 'outbounddns' parent: virtualNetwork properties: { - serviceEndpoints: [] addressPrefix: '10.0.0.64/28' delegations: [ { + name: 'Microsoft.Network.dnsResolvers' properties: { serviceName: 'Microsoft.Network/dnsResolvers' } - name: 'Microsoft.Network.dnsResolvers' } ] privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] + serviceEndpoints: [] } } @@ -42,7 +63,9 @@ resource dnsForwardingRuleset 'Microsoft.Network/dnsForwardingRulesets@2022-07-0 location: location properties: { dnsResolverOutboundEndpoints: [ - {} + { + id: outboundEndpoint.id + } ] } } @@ -51,26 +74,8 @@ resource virtualNetworkLink 'Microsoft.Network/dnsForwardingRulesets/virtualNetw name: resourceName parent: dnsForwardingRuleset properties: { - metadata: null virtualNetwork: { id: virtualNetwork.id } } } - -resource dnsResolver 'Microsoft.Network/dnsResolvers@2022-07-01' = { - name: resourceName - location: location - properties: { - virtualNetwork: {} - } -} - -resource outboundEndpoint 'Microsoft.Network/dnsResolvers/outboundEndpoints@2022-07-01' = { - name: resourceName - location: location - parent: dnsResolver - properties: { - subnet: {} - } -} diff --git a/settings/remarks/microsoft.network/samples/dnsresolvers/inboundendpoints/main.bicep b/settings/remarks/microsoft.network/samples/dnsresolvers/inboundendpoints/main.bicep index 2dd818f2..13443f77 100644 --- a/settings/remarks/microsoft.network/samples/dnsresolvers/inboundendpoints/main.bicep +++ b/settings/remarks/microsoft.network/samples/dnsresolvers/inboundendpoints/main.bicep @@ -1,6 +1,16 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource dnsResolver 'Microsoft.Network/dnsResolvers@2022-07-01' = { + name: resourceName + location: location + properties: { + virtualNetwork: { + id: virtualNetwork.id + } + } +} + resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location @@ -17,6 +27,22 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } } +resource inboundEndpoint 'Microsoft.Network/dnsResolvers/inboundEndpoints@2022-07-01' = { + name: resourceName + location: location + parent: dnsResolver + properties: { + ipConfigurations: [ + { + privateIpAllocationMethod: 'Dynamic' + subnet: { + id: subnet.id + } + } + ] + } +} + resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: 'inbounddns' parent: virtualNetwork @@ -36,25 +62,3 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { serviceEndpoints: [] } } - -resource dnsResolver 'Microsoft.Network/dnsResolvers@2022-07-01' = { - name: resourceName - location: location - properties: { - virtualNetwork: {} - } -} - -resource inboundEndpoint 'Microsoft.Network/dnsResolvers/inboundEndpoints@2022-07-01' = { - name: resourceName - location: location - parent: dnsResolver - properties: { - ipConfigurations: [ - { - subnet: {} - privateIpAllocationMethod: 'Dynamic' - } - ] - } -} diff --git a/settings/remarks/microsoft.network/samples/dnsresolvers/main.bicep b/settings/remarks/microsoft.network/samples/dnsresolvers/main.bicep index a29d4d63..3b5fa7ee 100644 --- a/settings/remarks/microsoft.network/samples/dnsresolvers/main.bicep +++ b/settings/remarks/microsoft.network/samples/dnsresolvers/main.bicep @@ -1,6 +1,16 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource dnsResolver 'Microsoft.Network/dnsResolvers@2022-07-01' = { + name: resourceName + location: location + properties: { + virtualNetwork: { + id: virtualNetwork.id + } + } +} + resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location @@ -16,11 +26,3 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { subnets: [] } } - -resource dnsResolver 'Microsoft.Network/dnsResolvers@2022-07-01' = { - name: resourceName - location: location - properties: { - virtualNetwork: {} - } -} diff --git a/settings/remarks/microsoft.network/samples/dnsresolvers/outboundendpoints/main.bicep b/settings/remarks/microsoft.network/samples/dnsresolvers/outboundendpoints/main.bicep index 08bcc3d1..c9e9f67b 100644 --- a/settings/remarks/microsoft.network/samples/dnsresolvers/outboundendpoints/main.bicep +++ b/settings/remarks/microsoft.network/samples/dnsresolvers/outboundendpoints/main.bicep @@ -1,13 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' - -resource dnsResolver 'Microsoft.Network/dnsResolvers@2022-07-01' = { - name: resourceName - location: location - properties: { - virtualNetwork: {} - } -} +param location string = 'westeurope' resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName @@ -25,12 +17,24 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { } } +resource dnsResolver 'Microsoft.Network/dnsResolvers@2022-07-01' = { + name: resourceName + location: location + properties: { + virtualNetwork: { + id: virtualNetwork.id + } + } +} + resource outboundEndpoint 'Microsoft.Network/dnsResolvers/outboundEndpoints@2022-07-01' = { name: resourceName location: location parent: dnsResolver properties: { - subnet: {} + subnet: { + id: subnet.id + } } } diff --git a/settings/remarks/microsoft.network/samples/dnszones/a/main.bicep b/settings/remarks/microsoft.network/samples/dnszones/a/main.bicep index 206a9d2c..6574f72d 100644 --- a/settings/remarks/microsoft.network/samples/dnszones/a/main.bicep +++ b/settings/remarks/microsoft.network/samples/dnszones/a/main.bicep @@ -10,8 +10,6 @@ resource a 'Microsoft.Network/dnsZones/A@2018-05-01' = { name: resourceName parent: dnsZone properties: { - metadata: {} - targetResource: {} ARecords: [ { ipv4Address: '1.2.4.5' @@ -21,5 +19,7 @@ resource a 'Microsoft.Network/dnsZones/A@2018-05-01' = { } ] TTL: 300 + metadata: {} + targetResource: {} } } diff --git a/settings/remarks/microsoft.network/samples/dnszones/aaaa/main.bicep b/settings/remarks/microsoft.network/samples/dnszones/aaaa/main.bicep index 1251cb54..f3768211 100644 --- a/settings/remarks/microsoft.network/samples/dnszones/aaaa/main.bicep +++ b/settings/remarks/microsoft.network/samples/dnszones/aaaa/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource dnsZone 'Microsoft.Network/dnsZones@2018-05-01' = { name: '${resourceName}.com' diff --git a/settings/remarks/microsoft.network/samples/dnszones/caa/main.bicep b/settings/remarks/microsoft.network/samples/dnszones/caa/main.bicep index 10020a8c..d7cce73d 100644 --- a/settings/remarks/microsoft.network/samples/dnszones/caa/main.bicep +++ b/settings/remarks/microsoft.network/samples/dnszones/caa/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource dnsZone 'Microsoft.Network/dnsZones@2018-05-01' = { name: '${resourceName}.com' @@ -18,14 +18,14 @@ resource cAA 'Microsoft.Network/dnsZones/CAA@2018-05-01' = { value: ';' } { + flags: 0 tag: 'iodef' value: 'mailto:terraform@nonexist.tld' - flags: 0 } { - value: 'example.com' flags: 0 tag: 'issue' + value: 'example.com' } { flags: 0 diff --git a/settings/remarks/microsoft.network/samples/dnszones/ptr/main.bicep b/settings/remarks/microsoft.network/samples/dnszones/ptr/main.bicep index 5d226d73..1cc3dda0 100644 --- a/settings/remarks/microsoft.network/samples/dnszones/ptr/main.bicep +++ b/settings/remarks/microsoft.network/samples/dnszones/ptr/main.bicep @@ -10,8 +10,6 @@ resource pTR 'Microsoft.Network/dnsZones/PTR@2018-05-01' = { name: resourceName parent: dnsZone properties: { - TTL: 300 - metadata: {} PTRRecords: [ { ptrdname: 'hashicorp.com' @@ -20,5 +18,7 @@ resource pTR 'Microsoft.Network/dnsZones/PTR@2018-05-01' = { ptrdname: 'microsoft.com' } ] + TTL: 300 + metadata: {} } } diff --git a/settings/remarks/microsoft.network/samples/dnszones/txt/main.bicep b/settings/remarks/microsoft.network/samples/dnszones/txt/main.bicep index b47eb284..b4383181 100644 --- a/settings/remarks/microsoft.network/samples/dnszones/txt/main.bicep +++ b/settings/remarks/microsoft.network/samples/dnszones/txt/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource dnsZone 'Microsoft.Network/dnsZones@2018-05-01' = { name: '${resourceName}.com' diff --git a/settings/remarks/microsoft.network/samples/expressroutecircuits/authorizations/main.bicep b/settings/remarks/microsoft.network/samples/expressroutecircuits/authorizations/main.bicep index 453eac60..5acc8aee 100644 --- a/settings/remarks/microsoft.network/samples/expressroutecircuits/authorizations/main.bicep +++ b/settings/remarks/microsoft.network/samples/expressroutecircuits/authorizations/main.bicep @@ -12,9 +12,9 @@ resource expressRouteCircuit 'Microsoft.Network/expressRouteCircuits@2022-07-01' properties: { authorizationKey: '' serviceProviderProperties: { - serviceProviderName: 'Equinix' bandwidthInMbps: 50 peeringLocation: 'Silicon Valley' + serviceProviderName: 'Equinix' } } tags: { diff --git a/settings/remarks/microsoft.network/samples/expressroutecircuits/peerings/connections/main.bicep b/settings/remarks/microsoft.network/samples/expressroutecircuits/peerings/connections/main.bicep index a5c6bd63..9eb3a86b 100644 --- a/settings/remarks/microsoft.network/samples/expressroutecircuits/peerings/connections/main.bicep +++ b/settings/remarks/microsoft.network/samples/expressroutecircuits/peerings/connections/main.bicep @@ -4,7 +4,27 @@ param location string = 'westeurope' @description('The shared key for the Express Route circuit peering connections') param expressRouteConnectionSharedKey string -resource expressRouteCircuit2 'Microsoft.Network/expressRouteCircuits@2022-07-01' = { +resource expressRoutePort 'Microsoft.Network/ExpressRoutePorts@2022-07-01' = { + name: resourceName + location: location + properties: { + bandwidthInGbps: 10 + encapsulation: 'Dot1Q' + peeringLocation: 'Airtel-Chennai2-CLS' + } +} + +resource expressRoutePort2 'Microsoft.Network/ExpressRoutePorts@2022-07-01' = { + name: resourceName + location: location + properties: { + bandwidthInGbps: 10 + encapsulation: 'Dot1Q' + peeringLocation: 'CDC-Canberra' + } +} + +resource expressRouteCircuit 'Microsoft.Network/expressRouteCircuits@2022-07-01' = { name: resourceName location: location sku: { @@ -16,12 +36,12 @@ resource expressRouteCircuit2 'Microsoft.Network/expressRouteCircuits@2022-07-01 authorizationKey: '' bandwidthInGbps: 5 expressRoutePort: { - id: expressRoutePort2.id + id: expressRoutePort.id } } } -resource expressRouteCircuit 'Microsoft.Network/expressRouteCircuits@2022-07-01' = { +resource expressRouteCircuit2 'Microsoft.Network/expressRouteCircuits@2022-07-01' = { name: resourceName location: location sku: { @@ -33,7 +53,7 @@ resource expressRouteCircuit 'Microsoft.Network/expressRouteCircuits@2022-07-01' authorizationKey: '' bandwidthInGbps: 5 expressRoutePort: { - id: expressRoutePort.id + id: expressRoutePort2.id } } } @@ -42,15 +62,15 @@ resource peering 'Microsoft.Network/expressRouteCircuits/peerings@2022-07-01' = name: 'AzurePrivatePeering' parent: expressRouteCircuit properties: { - gatewayManagerEtag: '' - peeringType: 'AzurePrivatePeering' - secondaryPeerAddressPrefix: '192.168.1.0/30' - sharedKey: '${expressRouteConnectionSharedKey}' - vlanId: 100 azureASN: 12076 + gatewayManagerEtag: '' peerASN: 100 + peeringType: 'AzurePrivatePeering' primaryPeerAddressPrefix: '192.168.1.0/30' + secondaryPeerAddressPrefix: '192.168.1.0/30' + sharedKey: expressRouteConnectionSharedKey state: 'Enabled' + vlanId: 100 } } @@ -58,15 +78,15 @@ resource peering2 'Microsoft.Network/expressRouteCircuits/peerings@2022-07-01' = name: 'AzurePrivatePeering' parent: expressRouteCircuit2 properties: { - primaryPeerAddressPrefix: '192.168.1.0/30' - secondaryPeerAddressPrefix: '192.168.1.0/30' - sharedKey: '${expressRouteConnectionSharedKey}' - vlanId: 100 + azureASN: 12076 gatewayManagerEtag: '' peerASN: 100 - state: 'Enabled' - azureASN: 12076 peeringType: 'AzurePrivatePeering' + primaryPeerAddressPrefix: '192.168.1.0/30' + secondaryPeerAddressPrefix: '192.168.1.0/30' + sharedKey: expressRouteConnectionSharedKey + state: 'Enabled' + vlanId: 100 } } @@ -83,23 +103,3 @@ resource connection 'Microsoft.Network/expressRouteCircuits/peerings/connections } } } - -resource expressRoutePort 'Microsoft.Network/ExpressRoutePorts@2022-07-01' = { - name: resourceName - location: location - properties: { - peeringLocation: 'Airtel-Chennai2-CLS' - bandwidthInGbps: 10 - encapsulation: 'Dot1Q' - } -} - -resource expressRoutePort2 'Microsoft.Network/ExpressRoutePorts@2022-07-01' = { - name: resourceName - location: location - properties: { - bandwidthInGbps: 10 - encapsulation: 'Dot1Q' - peeringLocation: 'CDC-Canberra' - } -} diff --git a/settings/remarks/microsoft.network/samples/expressroutecircuits/peerings/main.bicep b/settings/remarks/microsoft.network/samples/expressroutecircuits/peerings/main.bicep index 1f2021aa..c9bd1d23 100644 --- a/settings/remarks/microsoft.network/samples/expressroutecircuits/peerings/main.bicep +++ b/settings/remarks/microsoft.network/samples/expressroutecircuits/peerings/main.bicep @@ -8,9 +8,9 @@ resource expressRoutePort 'Microsoft.Network/ExpressRoutePorts@2022-07-01' = { name: resourceName location: location properties: { + bandwidthInGbps: 10 encapsulation: 'Dot1Q' peeringLocation: 'CDC-Canberra' - bandwidthInGbps: 10 } } @@ -35,14 +35,14 @@ resource peering 'Microsoft.Network/expressRouteCircuits/peerings@2022-07-01' = name: 'AzurePrivatePeering' parent: expressRouteCircuit properties: { - secondaryPeerAddressPrefix: '192.168.2.0/30' - sharedKey: '${expressRouteSharedKey}' - state: 'Enabled' azureASN: 12076 gatewayManagerEtag: '' peerASN: 100 + peeringType: 'AzurePrivatePeering' primaryPeerAddressPrefix: '192.168.1.0/30' + secondaryPeerAddressPrefix: '192.168.2.0/30' + sharedKey: expressRouteSharedKey + state: 'Enabled' vlanId: 100 - peeringType: 'AzurePrivatePeering' } } diff --git a/settings/remarks/microsoft.network/samples/expressroutegateways/expressrouteconnections/main.bicep b/settings/remarks/microsoft.network/samples/expressroutegateways/expressrouteconnections/main.bicep index c7ba87c1..3e88f53a 100644 --- a/settings/remarks/microsoft.network/samples/expressroutegateways/expressrouteconnections/main.bicep +++ b/settings/remarks/microsoft.network/samples/expressroutegateways/expressrouteconnections/main.bicep @@ -1,33 +1,17 @@ -param resourceName string = 'acctest0001' -param location string = 'westeurope' @secure() @description('The shared key for the ExpressRoute connection') param sharedKey string +param resourceName string = 'acctest0001' +param location string = 'westeurope' -resource expressRoutePort 'Microsoft.Network/ExpressRoutePorts@2022-07-01' = { - name: resourceName - location: location - properties: { - bandwidthInGbps: 10 - encapsulation: 'Dot1Q' - peeringLocation: 'CDC-Canberra' - } -} - -resource expressRouteCircuit 'Microsoft.Network/expressRouteCircuits@2022-07-01' = { +resource virtualWan 'Microsoft.Network/virtualWans@2022-07-01' = { name: resourceName location: location - sku: { - tier: 'Premium' - family: 'MeteredData' - name: 'Premium_MeteredData' - } properties: { - authorizationKey: '' - bandwidthInGbps: 5 - expressRoutePort: { - id: expressRoutePort.id - } + allowBranchToBranchTraffic: true + disableVpnEncryption: false + office365LocalBreakoutCategory: 'None' + type: 'Standard' } } @@ -41,43 +25,40 @@ resource expressRouteGateway 'Microsoft.Network/expressRouteGateways@2022-07-01' min: 1 } } - virtualHub: {} + virtualHub: { + id: virtualHub.id + } } } -resource virtualHub 'Microsoft.Network/virtualHubs@2022-07-01' = { +resource expressRouteConnection 'Microsoft.Network/expressRouteGateways/expressRouteConnections@2022-07-01' = { name: resourceName - location: location + parent: expressRouteGateway properties: { - hubRoutingPreference: 'ExpressRoute' - virtualRouterAutoScaleConfiguration: { - minCapacity: 2 + enableInternetSecurity: false + expressRouteCircuitPeering: { + id: peering.id } - virtualWan: {} - addressPrefix: '10.0.1.0/24' + expressRouteGatewayBypass: false + routingConfiguration: {} + routingWeight: 0 } } -resource virtualWan 'Microsoft.Network/virtualWans@2022-07-01' = { +resource expressRouteCircuit 'Microsoft.Network/expressRouteCircuits@2022-07-01' = { name: resourceName location: location - properties: { - type: 'Standard' - allowBranchToBranchTraffic: true - disableVpnEncryption: false - office365LocalBreakoutCategory: 'None' + sku: { + family: 'MeteredData' + name: 'Premium_MeteredData' + tier: 'Premium' } -} - -resource expressRouteConnection 'Microsoft.Network/expressRouteGateways/expressRouteConnections@2022-07-01' = { - name: resourceName - parent: expressRouteGateway properties: { - enableInternetSecurity: false - expressRouteCircuitPeering: {} - expressRouteGatewayBypass: false - routingConfiguration: {} - routingWeight: 0 + authorizationKey: '' + bandwidthInGbps: 5 + expressRoutePort: { + id: expressRoutePort.id + } } } @@ -86,13 +67,38 @@ resource peering 'Microsoft.Network/expressRouteCircuits/peerings@2022-07-01' = parent: expressRouteCircuit properties: { azureASN: 12076 + gatewayManagerEtag: '' peerASN: 100 peeringType: 'AzurePrivatePeering' primaryPeerAddressPrefix: '192.168.1.0/30' - state: 'Enabled' - gatewayManagerEtag: '' secondaryPeerAddressPrefix: '192.168.2.0/30' - sharedKey: '${sharedKey}' + sharedKey: sharedKey + state: 'Enabled' vlanId: 100 } } + +resource expressRoutePort 'Microsoft.Network/ExpressRoutePorts@2022-07-01' = { + name: resourceName + location: location + properties: { + bandwidthInGbps: 10 + encapsulation: 'Dot1Q' + peeringLocation: 'CDC-Canberra' + } +} + +resource virtualHub 'Microsoft.Network/virtualHubs@2022-07-01' = { + name: resourceName + location: location + properties: { + addressPrefix: '10.0.1.0/24' + hubRoutingPreference: 'ExpressRoute' + virtualRouterAutoScaleConfiguration: { + minCapacity: 2 + } + virtualWan: { + id: virtualWan.id + } + } +} diff --git a/settings/remarks/microsoft.network/samples/expressroutegateways/main.bicep b/settings/remarks/microsoft.network/samples/expressroutegateways/main.bicep index 3e3a2c68..e3de0562 100644 --- a/settings/remarks/microsoft.network/samples/expressroutegateways/main.bicep +++ b/settings/remarks/microsoft.network/samples/expressroutegateways/main.bicep @@ -1,17 +1,30 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource virtualWan 'Microsoft.Network/virtualWans@2022-07-01' = { + name: resourceName + location: location + properties: { + allowBranchToBranchTraffic: true + disableVpnEncryption: false + office365LocalBreakoutCategory: 'None' + type: 'Standard' + } +} + resource expressRouteGateway 'Microsoft.Network/expressRouteGateways@2022-07-01' = { name: resourceName location: location properties: { - virtualHub: {} allowNonVirtualWanTraffic: false autoScaleConfiguration: { bounds: { min: 1 } } + virtualHub: { + id: virtualHub.id + } } } @@ -19,22 +32,13 @@ resource virtualHub 'Microsoft.Network/virtualHubs@2022-07-01' = { name: resourceName location: location properties: { + addressPrefix: '10.0.1.0/24' + hubRoutingPreference: 'ExpressRoute' virtualRouterAutoScaleConfiguration: { minCapacity: 2 } - virtualWan: {} - addressPrefix: '10.0.1.0/24' - hubRoutingPreference: 'ExpressRoute' - } -} - -resource virtualWan 'Microsoft.Network/virtualWans@2022-07-01' = { - name: resourceName - location: location - properties: { - office365LocalBreakoutCategory: 'None' - type: 'Standard' - allowBranchToBranchTraffic: true - disableVpnEncryption: false + virtualWan: { + id: virtualWan.id + } } } diff --git a/settings/remarks/microsoft.network/samples/expressrouteports/main.bicep b/settings/remarks/microsoft.network/samples/expressrouteports/main.bicep index 7800a25d..31bda506 100644 --- a/settings/remarks/microsoft.network/samples/expressrouteports/main.bicep +++ b/settings/remarks/microsoft.network/samples/expressrouteports/main.bicep @@ -5,10 +5,10 @@ resource expressRoutePort 'Microsoft.Network/ExpressRoutePorts@2022-07-01' = { name: resourceName location: location properties: { - encapsulation: 'Dot1Q' - peeringLocation: 'Airtel-Chennai2-CLS' bandwidthInGbps: 10 billingType: 'MeteredData' + encapsulation: 'Dot1Q' + peeringLocation: 'Airtel-Chennai2-CLS' } tags: { ENV: 'Test' diff --git a/settings/remarks/microsoft.network/samples/frontdoorwebapplicationfirewallpolicies/main.bicep b/settings/remarks/microsoft.network/samples/frontdoorwebapplicationfirewallpolicies/main.bicep index f3d9f809..ead82c31 100644 --- a/settings/remarks/microsoft.network/samples/frontdoorwebapplicationfirewallpolicies/main.bicep +++ b/settings/remarks/microsoft.network/samples/frontdoorwebapplicationfirewallpolicies/main.bicep @@ -8,17 +8,11 @@ resource frontDoorWebApplicationFirewallPolicy 'Microsoft.Network/FrontDoorWebAp name: 'Premium_AzureFrontDoor' } properties: { - policySettings: { - customBlockResponseBody: 'PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==' - customBlockResponseStatusCode: 403 - enabledState: 'Enabled' - mode: 'Prevention' - redirectUrl: 'https://www.fabrikam.com' - } customRules: { rules: [ { action: 'Block' + enabledState: 'Enabled' matchConditions: [ { matchValue: [ @@ -33,7 +27,6 @@ resource frontDoorWebApplicationFirewallPolicy 'Microsoft.Network/FrontDoorWebAp name: 'Rule1' priority: 1 rateLimitDurationInMinutes: 1 - enabledState: 'Enabled' rateLimitThreshold: 10 ruleType: 'MatchRule' } @@ -59,11 +52,18 @@ resource frontDoorWebApplicationFirewallPolicy 'Microsoft.Network/FrontDoorWebAp ruleSetVersion: 'preview-0.1' } { - ruleSetVersion: 'preview-0.1' ruleSetAction: 'Block' ruleSetType: 'BotProtection' + ruleSetVersion: 'preview-0.1' } ] } + policySettings: { + customBlockResponseBody: 'PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==' + customBlockResponseStatusCode: 403 + enabledState: 'Enabled' + mode: 'Prevention' + redirectUrl: 'https://www.fabrikam.com' + } } } diff --git a/settings/remarks/microsoft.network/samples/loadbalancers/backendaddresspools/main.bicep b/settings/remarks/microsoft.network/samples/loadbalancers/backendaddresspools/main.bicep index 8bebac38..5135a4e5 100644 --- a/settings/remarks/microsoft.network/samples/loadbalancers/backendaddresspools/main.bicep +++ b/settings/remarks/microsoft.network/samples/loadbalancers/backendaddresspools/main.bicep @@ -13,7 +13,9 @@ resource loadBalancer 'Microsoft.Network/loadBalancers@2022-07-01' = { { name: 'internal' properties: { - publicIPAddress: {} + publicIPAddress: { + id: publicIPAddress.id + } } } ] @@ -30,8 +32,8 @@ resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { name: resourceName location: location sku: { - tier: 'Regional' name: 'Standard' + tier: 'Regional' } properties: { ddosSettings: { diff --git a/settings/remarks/microsoft.network/samples/loadbalancers/main.bicep b/settings/remarks/microsoft.network/samples/loadbalancers/main.bicep index a99f1dc4..ac915309 100644 --- a/settings/remarks/microsoft.network/samples/loadbalancers/main.bicep +++ b/settings/remarks/microsoft.network/samples/loadbalancers/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource loadBalancer 'Microsoft.Network/loadBalancers@2022-07-01' = { name: resourceName @@ -13,7 +13,9 @@ resource loadBalancer 'Microsoft.Network/loadBalancers@2022-07-01' = { { name: resourceName properties: { - publicIPAddress: {} + publicIPAddress: { + id: publicIPAddress.id + } } } ] diff --git a/settings/remarks/microsoft.network/samples/localnetworkgateways/main.bicep b/settings/remarks/microsoft.network/samples/localnetworkgateways/main.bicep index b2ecd304..2fa2ca78 100644 --- a/settings/remarks/microsoft.network/samples/localnetworkgateways/main.bicep +++ b/settings/remarks/microsoft.network/samples/localnetworkgateways/main.bicep @@ -5,11 +5,11 @@ resource localNetworkGateway 'Microsoft.Network/localNetworkGateways@2022-07-01' name: resourceName location: location properties: { + gatewayIpAddress: '168.62.225.23' localNetworkAddressSpace: { addressPrefixes: [ '10.1.1.0/24' ] } - gatewayIpAddress: '168.62.225.23' } } diff --git a/settings/remarks/microsoft.network/samples/networkinterfaces/main.bicep b/settings/remarks/microsoft.network/samples/networkinterfaces/main.bicep index ea9b5a49..f594ecb6 100644 --- a/settings/remarks/microsoft.network/samples/networkinterfaces/main.bicep +++ b/settings/remarks/microsoft.network/samples/networkinterfaces/main.bicep @@ -1,6 +1,28 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { + name: resourceName + location: location + properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + name: 'testconfiguration1' + properties: { + primary: true + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + subnet: { + id: subnet.id + } + } + } + ] + } +} + resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location @@ -21,31 +43,11 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: resourceName parent: virtualNetwork properties: { - serviceEndpoints: [] addressPrefix: '10.0.2.0/24' delegations: [] privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] - } -} - -resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { - name: resourceName - location: location - properties: { - enableAcceleratedNetworking: false - enableIPForwarding: false - ipConfigurations: [ - { - name: 'testconfiguration1' - properties: { - primary: true - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - subnet: {} - } - } - ] + serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.network/samples/networkmanagerconnections/main-rg-module.bicep b/settings/remarks/microsoft.network/samples/networkmanagerconnections/main-rg-module.bicep index bf02c7c9..07870033 100644 --- a/settings/remarks/microsoft.network/samples/networkmanagerconnections/main-rg-module.bicep +++ b/settings/remarks/microsoft.network/samples/networkmanagerconnections/main-rg-module.bicep @@ -5,16 +5,16 @@ resource networkManager 'Microsoft.Network/networkManagers@2022-09-01' = { name: resourceName location: location properties: { + description: '' + networkManagerScopeAccesses: [ + 'SecurityAdmin' + ] networkManagerScopes: { managementGroups: [] subscriptions: [ subscription().id ] } - description: '' - networkManagerScopeAccesses: [ - 'SecurityAdmin' - ] } } diff --git a/settings/remarks/microsoft.network/samples/networkmanagers/connectivityconfigurations/main.bicep b/settings/remarks/microsoft.network/samples/networkmanagers/connectivityconfigurations/main.bicep index 5a2c6ebb..40e59ab8 100644 --- a/settings/remarks/microsoft.network/samples/networkmanagers/connectivityconfigurations/main.bicep +++ b/settings/remarks/microsoft.network/samples/networkmanagers/connectivityconfigurations/main.bicep @@ -19,6 +19,23 @@ resource networkManager 'Microsoft.Network/networkManagers@2022-09-01' = { } } +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + flowTimeoutInMinutes: 10 + subnets: [] + } +} + resource connectivityConfiguration 'Microsoft.Network/networkManagers/connectivityConfigurations@2022-09-01' = { name: resourceName parent: networkManager @@ -27,6 +44,7 @@ resource connectivityConfiguration 'Microsoft.Network/networkManagers/connectivi { groupConnectivity: 'None' isGlobal: 'False' + networkGroupId: networkGroup.id useHubGateway: 'False' } ] @@ -47,20 +65,3 @@ resource networkGroup 'Microsoft.Network/networkManagers/networkGroups@2022-09-0 parent: networkManager properties: {} } - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: resourceName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - flowTimeoutInMinutes: 10 - subnets: [] - } -} diff --git a/settings/remarks/microsoft.network/samples/networkmanagers/ipampools/main.bicep b/settings/remarks/microsoft.network/samples/networkmanagers/ipampools/main.bicep index d578316b..298a97ea 100644 --- a/settings/remarks/microsoft.network/samples/networkmanagers/ipampools/main.bicep +++ b/settings/remarks/microsoft.network/samples/networkmanagers/ipampools/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource networkManager 'Microsoft.Network/networkManagers@2022-09-01' = { name: resourceName diff --git a/settings/remarks/microsoft.network/samples/networkmanagers/ipampools/staticcidr/main.bicep b/settings/remarks/microsoft.network/samples/networkmanagers/ipampools/staticcidr/main.bicep index 1017fa15..4412539d 100644 --- a/settings/remarks/microsoft.network/samples/networkmanagers/ipampools/staticcidr/main.bicep +++ b/settings/remarks/microsoft.network/samples/networkmanagers/ipampools/staticcidr/main.bicep @@ -5,16 +5,16 @@ resource networkManager 'Microsoft.Network/networkManagers@2022-09-01' = { name: resourceName location: location properties: { + description: '' + networkManagerScopeAccesses: [ + 'SecurityAdmin' + ] networkManagerScopes: { managementGroups: [] subscriptions: [ '/subscriptions/${subscription().subscriptionId}' ] } - description: '' - networkManagerScopeAccesses: [ - 'SecurityAdmin' - ] } } diff --git a/settings/remarks/microsoft.network/samples/networkmanagers/networkgroups/main.bicep b/settings/remarks/microsoft.network/samples/networkmanagers/networkgroups/main.bicep index 89f458ca..73858a43 100644 --- a/settings/remarks/microsoft.network/samples/networkmanagers/networkgroups/main.bicep +++ b/settings/remarks/microsoft.network/samples/networkmanagers/networkgroups/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource networkManager 'Microsoft.Network/networkManagers@2024-10-01' = { name: resourceName @@ -10,10 +10,10 @@ resource networkManager 'Microsoft.Network/networkManagers@2024-10-01' = { 'Routing' ] networkManagerScopes: { + managementGroups: [] subscriptions: [ subscription().id ] - managementGroups: [] } } } @@ -22,7 +22,7 @@ resource networkGroup 'Microsoft.Network/networkManagers/networkGroups@2024-10-0 name: resourceName parent: networkManager properties: { - memberType: 'VirtualNetwork' description: 'example network group' + memberType: 'VirtualNetwork' } } diff --git a/settings/remarks/microsoft.network/samples/networkmanagers/networkgroups/staticmembers/main.bicep b/settings/remarks/microsoft.network/samples/networkmanagers/networkgroups/staticmembers/main.bicep index af1686af..b0b11ce0 100644 --- a/settings/remarks/microsoft.network/samples/networkmanagers/networkgroups/staticmembers/main.bicep +++ b/settings/remarks/microsoft.network/samples/networkmanagers/networkgroups/staticmembers/main.bicep @@ -18,18 +18,26 @@ resource networkManager 'Microsoft.Network/networkManagers@2024-10-01' = { } } -resource networkGroup 'Microsoft.Network/networkManagers/networkGroups@2024-10-01' = { +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-10-01' = { name: resourceName - parent: networkManager - properties: {} + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/22' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] + } } -resource staticMember 'Microsoft.Network/networkManagers/networkGroups/staticMembers@2024-10-01' = { +resource networkGroup 'Microsoft.Network/networkManagers/networkGroups@2024-10-01' = { name: resourceName - parent: networkGroup - properties: { - resourceId: virtualNetwork.id - } + parent: networkManager + properties: {} } resource networkGroupForSubnet 'Microsoft.Network/networkManagers/networkGroups@2024-10-01' = { @@ -41,36 +49,28 @@ resource networkGroupForSubnet 'Microsoft.Network/networkManagers/networkGroups@ } } -resource staticMemberForSubnet 'Microsoft.Network/networkManagers/networkGroups/staticMembers@2024-10-01' = { - name: '${resourceName}-subnet' - parent: networkGroupForSubnet +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-10-01' = { + name: resourceName + parent: virtualNetwork properties: { - resourceId: subnet.id + addressPrefixes: [ + '10.0.0.0/24' + ] } } -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-10-01' = { +resource staticMember 'Microsoft.Network/networkManagers/networkGroups/staticMembers@2024-10-01' = { name: resourceName - location: location + parent: networkGroup properties: { - subnets: [] - addressSpace: { - addressPrefixes: [ - '10.0.0.0/22' - ] - } - dhcpOptions: { - dnsServers: [] - } + resourceId: virtualNetwork.id } } -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-10-01' = { - name: resourceName - parent: virtualNetwork +resource staticMemberForSubnet 'Microsoft.Network/networkManagers/networkGroups/staticMembers@2024-10-01' = { + name: '${resourceName}-subnet' + parent: networkGroupForSubnet properties: { - addressPrefixes: [ - '10.0.0.0/24' - ] + resourceId: subnet.id } } diff --git a/settings/remarks/microsoft.network/samples/networkmanagers/securityadminconfigurations/main.bicep b/settings/remarks/microsoft.network/samples/networkmanagers/securityadminconfigurations/main.bicep index 2632730a..a86e15c9 100644 --- a/settings/remarks/microsoft.network/samples/networkmanagers/securityadminconfigurations/main.bicep +++ b/settings/remarks/microsoft.network/samples/networkmanagers/securityadminconfigurations/main.bicep @@ -5,16 +5,16 @@ resource networkManager 'Microsoft.Network/networkManagers@2022-09-01' = { name: resourceName location: location properties: { + description: '' + networkManagerScopeAccesses: [ + 'SecurityAdmin' + ] networkManagerScopes: { managementGroups: [] subscriptions: [ subscription().id ] } - description: '' - networkManagerScopeAccesses: [ - 'SecurityAdmin' - ] } } diff --git a/settings/remarks/microsoft.network/samples/networkmanagers/securityadminconfigurations/rulecollections/rules/main.bicep b/settings/remarks/microsoft.network/samples/networkmanagers/securityadminconfigurations/rulecollections/rules/main.bicep index 86dc2596..8a6bd530 100644 --- a/settings/remarks/microsoft.network/samples/networkmanagers/securityadminconfigurations/rulecollections/rules/main.bicep +++ b/settings/remarks/microsoft.network/samples/networkmanagers/securityadminconfigurations/rulecollections/rules/main.bicep @@ -18,12 +18,6 @@ resource networkManager 'Microsoft.Network/networkManagers@2022-09-01' = { } } -resource networkGroup 'Microsoft.Network/networkManagers/networkGroups@2022-09-01' = { - name: resourceName - parent: networkManager - properties: {} -} - resource securityAdminConfiguration 'Microsoft.Network/networkManagers/securityAdminConfigurations@2022-09-01' = { name: resourceName parent: networkManager @@ -49,13 +43,19 @@ resource rule 'Microsoft.Network/networkManagers/securityAdminConfigurations/rul parent: ruleCollection kind: 'Custom' properties: { + access: 'Deny' destinationPortRanges: [] destinations: [] direction: 'Outbound' priority: 1 - sourcePortRanges: [] protocol: 'Tcp' + sourcePortRanges: [] sources: [] - access: 'Deny' } } + +resource networkGroup 'Microsoft.Network/networkManagers/networkGroups@2022-09-01' = { + name: resourceName + parent: networkManager + properties: {} +} diff --git a/settings/remarks/microsoft.network/samples/networkmanagers/verifierworkspace/main.bicep b/settings/remarks/microsoft.network/samples/networkmanagers/verifierworkspace/main.bicep index c37adb67..8dfd25a7 100644 --- a/settings/remarks/microsoft.network/samples/networkmanagers/verifierworkspace/main.bicep +++ b/settings/remarks/microsoft.network/samples/networkmanagers/verifierworkspace/main.bicep @@ -5,16 +5,16 @@ resource networkManager 'Microsoft.Network/networkManagers@2022-09-01' = { name: resourceName location: location properties: { + description: '' + networkManagerScopeAccesses: [ + 'SecurityAdmin' + ] networkManagerScopes: { managementGroups: [] subscriptions: [ '/subscriptions/${subscription().subscriptionId}' ] } - description: '' - networkManagerScopeAccesses: [ - 'SecurityAdmin' - ] } } diff --git a/settings/remarks/microsoft.network/samples/networkmanagers/verifierworkspace/reachabilityanalysisintent/main.bicep b/settings/remarks/microsoft.network/samples/networkmanagers/verifierworkspace/reachabilityanalysisintent/main.bicep index baf3ecf8..f69152a8 100644 --- a/settings/remarks/microsoft.network/samples/networkmanagers/verifierworkspace/reachabilityanalysisintent/main.bicep +++ b/settings/remarks/microsoft.network/samples/networkmanagers/verifierworkspace/reachabilityanalysisintent/main.bicep @@ -1,10 +1,10 @@ -@secure() -@description('The admin password for the virtual machine') -param adminPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The admin username for the virtual machine') param adminUsername string +@secure() +@description('The admin password for the virtual machine') +param adminPassword string resource networkManager 'Microsoft.Network/networkManagers@2022-09-01' = { name: resourceName @@ -39,9 +39,6 @@ resource reachabilityAnalysisIntent 'Microsoft.Network/networkManagers/verifierW description: 'A sample reachability analysis intent' destinationResourceId: virtualMachine.id ipTraffic: { - sourcePorts: [ - '0' - ] destinationIps: [ '10.4.0.1' ] @@ -54,37 +51,11 @@ resource reachabilityAnalysisIntent 'Microsoft.Network/networkManagers/verifierW sourceIps: [ '10.4.0.0' ] - } - sourceResourceId: virtualMachine.id - } -} - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: resourceName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' + sourcePorts: [ + '0' ] } - dhcpOptions: { - dnsServers: [] - } - subnets: [] - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - name: resourceName - parent: virtualNetwork - properties: { - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] - addressPrefix: '10.0.2.0/24' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' + sourceResourceId: virtualMachine.id } } @@ -101,19 +72,21 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { name: resourceName location: location properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false ipConfigurations: [ { + name: 'testconfiguration1' properties: { primary: true privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - subnet: {} + subnet: { + id: subnet.id + } } - name: 'testconfiguration1' } ] - enableAcceleratedNetworking: false - enableIPForwarding: false } } @@ -135,12 +108,12 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { ] } osProfile: { - linuxConfiguration: { - disablePasswordAuthentication: false - } adminPassword: adminPassword adminUsername: adminUsername computerName: 'hostname230630032848831819' + linuxConfiguration: { + disablePasswordAuthentication: false + } } storageProfile: { imageReference: { @@ -158,3 +131,32 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { } } } + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { + name: resourceName + parent: virtualNetwork + properties: { + addressPrefix: '10.0.2.0/24' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] + } +} diff --git a/settings/remarks/microsoft.network/samples/networkmanagers/verifierworkspace/reachabilityanalysisintent/reachabilityanalysisrun/main.bicep b/settings/remarks/microsoft.network/samples/networkmanagers/verifierworkspace/reachabilityanalysisintent/reachabilityanalysisrun/main.bicep index a6d61f26..538fd1b1 100644 --- a/settings/remarks/microsoft.network/samples/networkmanagers/verifierworkspace/reachabilityanalysisintent/reachabilityanalysisrun/main.bicep +++ b/settings/remarks/microsoft.network/samples/networkmanagers/verifierworkspace/reachabilityanalysisintent/reachabilityanalysisrun/main.bicep @@ -4,26 +4,6 @@ param location string = 'westeurope' @description('The administrator password for the virtual machine') param vmAdminPassword string -resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { - name: resourceName - location: location - properties: { - enableAcceleratedNetworking: false - enableIPForwarding: false - ipConfigurations: [ - { - name: 'testconfiguration1' - properties: { - privateIPAllocationMethod: 'Dynamic' - subnet: {} - primary: true - privateIPAddressVersion: 'IPv4' - } - } - ] - } -} - resource networkManager 'Microsoft.Network/networkManagers@2022-09-01' = { name: resourceName location: location @@ -45,28 +25,6 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { name: resourceName location: location properties: { - osProfile: { - linuxConfiguration: { - disablePasswordAuthentication: false - } - adminPassword: vmAdminPassword - adminUsername: 'testadmin' - computerName: 'hostname230630032848831819' - } - storageProfile: { - osDisk: { - name: 'myosdisk1' - writeAcceleratorEnabled: false - caching: 'ReadWrite' - createOption: 'FromImage' - } - imageReference: { - publisher: 'Canonical' - sku: '16.04-LTS' - version: 'latest' - offer: 'UbuntuServer' - } - } hardwareProfile: { vmSize: 'Standard_F2' } @@ -80,6 +38,28 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' = { } ] } + osProfile: { + adminPassword: vmAdminPassword + adminUsername: 'testadmin' + computerName: 'hostname230630032848831819' + linuxConfiguration: { + disablePasswordAuthentication: false + } + } + storageProfile: { + imageReference: { + offer: 'UbuntuServer' + publisher: 'Canonical' + sku: '16.04-LTS' + version: 'latest' + } + osDisk: { + caching: 'ReadWrite' + createOption: 'FromImage' + name: 'myosdisk1' + writeAcceleratorEnabled: false + } + } } } @@ -87,15 +67,15 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location properties: { - dhcpOptions: { - dnsServers: [] - } - subnets: [] addressSpace: { addressPrefixes: [ '10.0.0.0/16' ] } + dhcpOptions: { + dnsServers: [] + } + subnets: [] } } @@ -103,12 +83,12 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: resourceName parent: virtualNetwork properties: { + addressPrefix: '10.0.2.0/24' + delegations: [] privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] serviceEndpoints: [] - addressPrefix: '10.0.2.0/24' - delegations: [] } } @@ -125,7 +105,6 @@ resource reachabilityAnalysisIntent 'Microsoft.Network/networkManagers/verifierW name: resourceName parent: verifierWorkspace properties: { - sourceResourceId: virtualMachine.id description: 'A sample reachability analysis intent' destinationResourceId: virtualMachine.id ipTraffic: { @@ -145,5 +124,28 @@ resource reachabilityAnalysisIntent 'Microsoft.Network/networkManagers/verifierW '0' ] } + sourceResourceId: virtualMachine.id + } +} + +resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { + name: resourceName + location: location + properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + name: 'testconfiguration1' + properties: { + primary: true + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + subnet: { + id: subnet.id + } + } + } + ] } } diff --git a/settings/remarks/microsoft.network/samples/networkprofiles/main.bicep b/settings/remarks/microsoft.network/samples/networkprofiles/main.bicep index 6f6edf1e..533bbe92 100644 --- a/settings/remarks/microsoft.network/samples/networkprofiles/main.bicep +++ b/settings/remarks/microsoft.network/samples/networkprofiles/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource networkProfile 'Microsoft.Network/networkProfiles@2022-07-01' = { name: resourceName @@ -11,10 +11,12 @@ resource networkProfile 'Microsoft.Network/networkProfiles@2022-07-01' = { properties: { ipConfigurations: [ { + name: 'acctestipconfig-230630033653886950' properties: { - subnet: {} + subnet: { + id: subnet.id + } } - name: 'acctestipconfig-230630033653886950' } ] } @@ -43,10 +45,6 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: resourceName parent: virtualNetwork properties: { - privateEndpointNetworkPolicies: 'Enabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] addressPrefix: '10.1.0.0/24' delegations: [ { @@ -56,5 +54,9 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { } } ] + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.network/samples/networksecuritygroups/securityrules/main.bicep b/settings/remarks/microsoft.network/samples/networksecuritygroups/securityrules/main.bicep index e35a8e50..c4f628b6 100644 --- a/settings/remarks/microsoft.network/samples/networksecuritygroups/securityrules/main.bicep +++ b/settings/remarks/microsoft.network/samples/networksecuritygroups/securityrules/main.bicep @@ -13,12 +13,9 @@ resource securityRule 'Microsoft.Network/networkSecurityGroups/securityRules@202 name: 'allow_management_inbound' parent: networkSecurityGroup properties: { - sourcePortRange: '*' access: 'Allow' destinationAddressPrefix: '*' destinationPortRange: '' - direction: 'Inbound' - protocol: 'Tcp' destinationPortRanges: [ '9000' '1438' @@ -26,7 +23,10 @@ resource securityRule 'Microsoft.Network/networkSecurityGroups/securityRules@202 '9003' '1452' ] + direction: 'Inbound' priority: 106 + protocol: 'Tcp' sourceAddressPrefix: '*' + sourcePortRange: '*' } } diff --git a/settings/remarks/microsoft.network/samples/networkwatchers/flowlogs/main.bicep b/settings/remarks/microsoft.network/samples/networkwatchers/flowlogs/main.bicep index 552ae3d4..9ebeb829 100644 --- a/settings/remarks/microsoft.network/samples/networkwatchers/flowlogs/main.bicep +++ b/settings/remarks/microsoft.network/samples/networkwatchers/flowlogs/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'eastus2' +param resourceName string = 'acctest0001' resource networkWatchers 'Microsoft.Network/networkWatchers@2023-11-01' = { name: resourceName @@ -7,6 +7,30 @@ resource networkWatchers 'Microsoft.Network/networkWatchers@2023-11-01' = { properties: {} } +resource flowLog 'Microsoft.Network/networkWatchers/flowLogs@2023-11-01' = { + name: resourceName + location: location + parent: networkWatchers + properties: { + enabled: true + flowAnalyticsConfiguration: { + networkWatcherFlowAnalyticsConfiguration: { + enabled: false + } + } + format: { + type: 'JSON' + version: 2 + } + retentionPolicy: { + days: 7 + enabled: true + } + storageId: storageAccount.id + targetResourceId: virtualNetwork.id + } +} + resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location @@ -17,28 +41,28 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { properties: { accessTier: 'Hot' allowBlobPublicAccess: true + allowCrossTenantReplication: true allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { - table: { + queue: { keyType: 'Service' } - queue: { + table: { keyType: 'Service' } } } + isHnsEnabled: false + isNfsV3Enabled: false isSftpEnabled: false minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' - allowCrossTenantReplication: true - defaultToOAuthAuthentication: false - isHnsEnabled: false - isNfsV3Enabled: false supportsHttpsTrafficOnly: true } } @@ -58,27 +82,3 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { subnets: [] } } - -resource flowLog 'Microsoft.Network/networkWatchers/flowLogs@2023-11-01' = { - name: resourceName - location: location - parent: networkWatchers - properties: { - format: { - type: 'JSON' - version: 2 - } - retentionPolicy: { - days: 7 - enabled: true - } - storageId: storageAccount.id - targetResourceId: virtualNetwork.id - enabled: true - flowAnalyticsConfiguration: { - networkWatcherFlowAnalyticsConfiguration: { - enabled: false - } - } - } -} diff --git a/settings/remarks/microsoft.network/samples/networkwatchers/packetcaptures/main.bicep b/settings/remarks/microsoft.network/samples/networkwatchers/packetcaptures/main.bicep index 11167def..58e1f2a5 100644 --- a/settings/remarks/microsoft.network/samples/networkwatchers/packetcaptures/main.bicep +++ b/settings/remarks/microsoft.network/samples/networkwatchers/packetcaptures/main.bicep @@ -44,13 +44,13 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { name: 'internal' parent: virtualNetwork properties: { - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] addressPrefix: '10.0.2.0/24' defaultOutboundAccess: true delegations: [] privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } @@ -58,6 +58,7 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { name: '${resourceName}-nic' location: location properties: { + enableAcceleratedNetworking: false enableIPForwarding: false ipConfigurations: [ { @@ -66,11 +67,12 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { primary: true privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - subnet: {} + subnet: { + id: subnet.id + } } } ] - enableAcceleratedNetworking: false } } @@ -101,10 +103,10 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { } storageProfile: { imageReference: { - sku: '22_04-lts' - version: 'latest' offer: '0001-com-ubuntu-server-jammy' publisher: 'Canonical' + sku: '22_04-lts' + version: 'latest' } osDisk: { caching: 'ReadWrite' diff --git a/settings/remarks/microsoft.network/samples/p2svpngateways/main.bicep b/settings/remarks/microsoft.network/samples/p2svpngateways/main.bicep index 67d387ff..40e3cf13 100644 --- a/settings/remarks/microsoft.network/samples/p2svpngateways/main.bicep +++ b/settings/remarks/microsoft.network/samples/p2svpngateways/main.bicep @@ -1,5 +1,33 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' + +resource p2svpnGateway 'Microsoft.Network/p2svpnGateways@2022-07-01' = { + name: resourceName + location: location + properties: { + isRoutingPreferenceInternet: false + p2SConnectionConfigurations: [ + { + name: 'first' + properties: { + enableInternetSecurity: false + vpnClientAddressPool: { + addressPrefixes: [ + '172.100.0.0/14' + ] + } + } + } + ] + virtualHub: { + id: virtualHub.id + } + vpnGatewayScaleUnit: 1 + vpnServerConfiguration: { + id: vpnServerConfiguration.id + } + } +} resource virtualHub 'Microsoft.Network/virtualHubs@2022-07-01' = { name: resourceName @@ -10,7 +38,9 @@ resource virtualHub 'Microsoft.Network/virtualHubs@2022-07-01' = { virtualRouterAutoScaleConfiguration: { minCapacity: 2 } - virtualWan: {} + virtualWan: { + id: virtualWan.id + } } } @@ -66,27 +96,3 @@ M/s/1JRtO3bDSzD9TazRVzn2oBqzSa8VgIo5C1nOnoAKJTlsClJKvIhnRlaLQqk= ] } } - -resource p2svpnGateway 'Microsoft.Network/p2svpnGateways@2022-07-01' = { - name: resourceName - location: location - properties: { - isRoutingPreferenceInternet: false - p2SConnectionConfigurations: [ - { - name: 'first' - properties: { - enableInternetSecurity: false - vpnClientAddressPool: { - addressPrefixes: [ - '172.100.0.0/14' - ] - } - } - } - ] - virtualHub: {} - vpnGatewayScaleUnit: 1 - vpnServerConfiguration: {} - } -} diff --git a/settings/remarks/microsoft.network/samples/privatednszones/cname/main.bicep b/settings/remarks/microsoft.network/samples/privatednszones/cname/main.bicep index e9be577e..3f41817f 100644 --- a/settings/remarks/microsoft.network/samples/privatednszones/cname/main.bicep +++ b/settings/remarks/microsoft.network/samples/privatednszones/cname/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource privateDnsZone 'Microsoft.Network/privateDnsZones@2018-09-01' = { name: '${resourceName}.com' @@ -10,10 +10,10 @@ resource cNAME 'Microsoft.Network/privateDnsZones/CNAME@2018-09-01' = { name: resourceName parent: privateDnsZone properties: { - ttl: 300 cnameRecord: { cname: 'contoso.com' } metadata: {} + ttl: 300 } } diff --git a/settings/remarks/microsoft.network/samples/privatednszones/srv/main.bicep b/settings/remarks/microsoft.network/samples/privatednszones/srv/main.bicep index 7964be08..4bc5dc55 100644 --- a/settings/remarks/microsoft.network/samples/privatednszones/srv/main.bicep +++ b/settings/remarks/microsoft.network/samples/privatednszones/srv/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource privateDnsZone 'Microsoft.Network/privateDnsZones@2018-09-01' = { name: '${resourceName}.com' diff --git a/settings/remarks/microsoft.network/samples/privatednszones/txt/main.bicep b/settings/remarks/microsoft.network/samples/privatednszones/txt/main.bicep index be22f3a1..1342af23 100644 --- a/settings/remarks/microsoft.network/samples/privatednszones/txt/main.bicep +++ b/settings/remarks/microsoft.network/samples/privatednszones/txt/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource privateDnsZone 'Microsoft.Network/privateDnsZones@2018-09-01' = { name: '${resourceName}.com' @@ -10,6 +10,7 @@ resource tXT 'Microsoft.Network/privateDnsZones/TXT@2018-09-01' = { name: resourceName parent: privateDnsZone properties: { + metadata: {} ttl: 300 txtRecords: [ { @@ -25,6 +26,5 @@ resource tXT 'Microsoft.Network/privateDnsZones/TXT@2018-09-01' = { ] } ] - metadata: {} } } diff --git a/settings/remarks/microsoft.network/samples/privatednszones/virtualnetworklinks/main.bicep b/settings/remarks/microsoft.network/samples/privatednszones/virtualnetworklinks/main.bicep index a395b2bb..36472a77 100644 --- a/settings/remarks/microsoft.network/samples/privatednszones/virtualnetworklinks/main.bicep +++ b/settings/remarks/microsoft.network/samples/privatednszones/virtualnetworklinks/main.bicep @@ -6,18 +6,6 @@ resource privateDnsZone 'Microsoft.Network/privateDnsZones@2018-09-01' = { location: 'global' } -resource virtualNetworkLink 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2018-09-01' = { - name: resourceName - location: 'global' - parent: privateDnsZone - properties: { - registrationEnabled: false - virtualNetwork: { - id: virtualNetwork.id - } - } -} - resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location @@ -40,3 +28,15 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { ] } } + +resource virtualNetworkLink 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2018-09-01' = { + name: resourceName + location: 'global' + parent: privateDnsZone + properties: { + registrationEnabled: false + virtualNetwork: { + id: virtualNetwork.id + } + } +} diff --git a/settings/remarks/microsoft.network/samples/privateendpoints/main.bicep b/settings/remarks/microsoft.network/samples/privateendpoints/main.bicep index 0913d72e..2cbde0e6 100644 --- a/settings/remarks/microsoft.network/samples/privateendpoints/main.bicep +++ b/settings/remarks/microsoft.network/samples/privateendpoints/main.bicep @@ -1,64 +1,21 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: resourceName - location: location - properties: { - subnets: [] - addressSpace: { - addressPrefixes: [ - '10.5.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - name: resourceName - parent: virtualNetwork - properties: { - serviceEndpoints: [] - addressPrefix: '10.5.4.0/24' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' - privateLinkServiceNetworkPolicies: 'Disabled' - serviceEndpointPolicies: [] - } -} - -resource loadBalancer 'Microsoft.Network/loadBalancers@2022-07-01' = { - name: resourceName - location: location - sku: { - name: 'Standard' - tier: 'Regional' - } - properties: { - frontendIPConfigurations: [ - { - name: resourceName - properties: { - publicIPAddress: {} - } - } - ] - } -} - resource privateEndpoint 'Microsoft.Network/privateEndpoints@2022-07-01' = { name: resourceName location: location properties: { privateLinkServiceConnections: [ { - properties: {} + name: privateLinkService.name + properties: { + privateLinkServiceId: privateLinkService.id + } } ] - subnet: {} + subnet: { + id: subnet.id + } } } @@ -66,6 +23,10 @@ resource privateLinkService 'Microsoft.Network/privateLinkServices@2022-07-01' = name: resourceName location: location properties: { + autoApproval: { + subscriptions: [] + } + enableProxyProtocol: false fqdns: [] ipConfigurations: [ { @@ -75,7 +36,9 @@ resource privateLinkService 'Microsoft.Network/privateLinkServices@2022-07-01' = privateIPAddress: '' privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - subnet: {} + subnet: { + id: subnet.id + } } } ] @@ -87,10 +50,6 @@ resource privateLinkService 'Microsoft.Network/privateLinkServices@2022-07-01' = visibility: { subscriptions: [] } - autoApproval: { - subscriptions: [] - } - enableProxyProtocol: false } } @@ -110,3 +69,53 @@ resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { publicIPAllocationMethod: 'Static' } } + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.5.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { + name: resourceName + parent: virtualNetwork + properties: { + addressPrefix: '10.5.4.0/24' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Disabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] + } +} + +resource loadBalancer 'Microsoft.Network/loadBalancers@2022-07-01' = { + name: resourceName + location: location + sku: { + name: 'Standard' + tier: 'Regional' + } + properties: { + frontendIPConfigurations: [ + { + name: resourceName + properties: { + publicIPAddress: { + id: publicIPAddress.id + } + } + } + ] + } +} diff --git a/settings/remarks/microsoft.network/samples/privatelinkservices/main.bicep b/settings/remarks/microsoft.network/samples/privatelinkservices/main.bicep index d709bdb4..231c75c4 100644 --- a/settings/remarks/microsoft.network/samples/privatelinkservices/main.bicep +++ b/settings/remarks/microsoft.network/samples/privatelinkservices/main.bicep @@ -1,6 +1,35 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.5.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { + name: resourceName + parent: virtualNetwork + properties: { + addressPrefix: '10.5.4.0/24' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Disabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] + } +} + resource loadBalancer 'Microsoft.Network/loadBalancers@2022-07-01' = { name: resourceName location: location @@ -13,7 +42,9 @@ resource loadBalancer 'Microsoft.Network/loadBalancers@2022-07-01' = { { name: resourceName properties: { - publicIPAddress: {} + publicIPAddress: { + id: publicIPAddress.id + } } } ] @@ -24,6 +55,10 @@ resource privateLinkService 'Microsoft.Network/privateLinkServices@2022-07-01' = name: resourceName location: location properties: { + autoApproval: { + subscriptions: [] + } + enableProxyProtocol: false fqdns: [] ipConfigurations: [ { @@ -33,7 +68,9 @@ resource privateLinkService 'Microsoft.Network/privateLinkServices@2022-07-01' = privateIPAddress: '' privateIPAddressVersion: 'IPv4' privateIPAllocationMethod: 'Dynamic' - subnet: {} + subnet: { + id: subnet.id + } } } ] @@ -45,10 +82,6 @@ resource privateLinkService 'Microsoft.Network/privateLinkServices@2022-07-01' = visibility: { subscriptions: [] } - autoApproval: { - subscriptions: [] - } - enableProxyProtocol: false } } @@ -56,8 +89,8 @@ resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { name: resourceName location: location sku: { - tier: 'Regional' name: 'Standard' + tier: 'Regional' } properties: { ddosSettings: { @@ -68,32 +101,3 @@ resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { publicIPAllocationMethod: 'Static' } } - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: resourceName - location: location - properties: { - subnets: [] - addressSpace: { - addressPrefixes: [ - '10.5.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - name: resourceName - parent: virtualNetwork - properties: { - addressPrefix: '10.5.4.0/24' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' - privateLinkServiceNetworkPolicies: 'Disabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] - } -} diff --git a/settings/remarks/microsoft.network/samples/publicipaddresses/main.bicep b/settings/remarks/microsoft.network/samples/publicipaddresses/main.bicep index cc35e34b..656c244b 100644 --- a/settings/remarks/microsoft.network/samples/publicipaddresses/main.bicep +++ b/settings/remarks/microsoft.network/samples/publicipaddresses/main.bicep @@ -9,11 +9,11 @@ resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { tier: 'Regional' } properties: { - publicIPAddressVersion: 'IPv4' - publicIPAllocationMethod: 'Static' ddosSettings: { protectionMode: 'VirtualNetworkInherited' } idleTimeoutInMinutes: 4 + publicIPAddressVersion: 'IPv4' + publicIPAllocationMethod: 'Static' } } diff --git a/settings/remarks/microsoft.network/samples/routetables/main.bicep b/settings/remarks/microsoft.network/samples/routetables/main.bicep index c17b7426..a9756c34 100644 --- a/settings/remarks/microsoft.network/samples/routetables/main.bicep +++ b/settings/remarks/microsoft.network/samples/routetables/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource routeTable 'Microsoft.Network/routeTables@2022-09-01' = { name: resourceName diff --git a/settings/remarks/microsoft.network/samples/routetables/routes/main.bicep b/settings/remarks/microsoft.network/samples/routetables/routes/main.bicep index 923eb757..cf7a2fbd 100644 --- a/settings/remarks/microsoft.network/samples/routetables/routes/main.bicep +++ b/settings/remarks/microsoft.network/samples/routetables/routes/main.bicep @@ -13,7 +13,7 @@ resource route 'Microsoft.Network/routeTables/routes@2022-09-01' = { name: resourceName parent: routeTable properties: { - nextHopType: 'VnetLocal' addressPrefix: '10.1.0.0/16' + nextHopType: 'VnetLocal' } } diff --git a/settings/remarks/microsoft.network/samples/serviceendpointpolicies/main.bicep b/settings/remarks/microsoft.network/samples/serviceendpointpolicies/main.bicep index 82823612..b54e5b5c 100644 --- a/settings/remarks/microsoft.network/samples/serviceendpointpolicies/main.bicep +++ b/settings/remarks/microsoft.network/samples/serviceendpointpolicies/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource serviceEndpointPolicy 'Microsoft.Network/serviceEndpointPolicies@2022-07-01' = { name: resourceName diff --git a/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/azureendpoints/main.bicep b/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/azureendpoints/main.bicep index d308655a..b26d55ae 100644 --- a/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/azureendpoints/main.bicep +++ b/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/azureendpoints/main.bicep @@ -1,24 +1,44 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { + name: resourceName + location: location + sku: { + name: 'Basic' + tier: 'Regional' + } + properties: { + ddosSettings: { + protectionMode: 'VirtualNetworkInherited' + } + dnsSettings: { + domainNameLabel: 'acctestpublicip-230630034107607730' + } + idleTimeoutInMinutes: 4 + publicIPAddressVersion: 'IPv4' + publicIPAllocationMethod: 'Static' + } +} + resource trafficManagerProfile 'Microsoft.Network/trafficManagerProfiles@2018-08-01' = { name: resourceName location: 'global' properties: { + dnsConfig: { + relativeName: 'acctest-tmp-230630034107607730' + ttl: 30 + } monitorConfig: { + expectedStatusCodeRanges: [] + intervalInSeconds: 30 + path: '/' port: 443 protocol: 'HTTPS' timeoutInSeconds: 10 toleratedNumberOfFailures: 3 - expectedStatusCodeRanges: [] - intervalInSeconds: 30 - path: '/' } trafficRoutingMethod: 'Weighted' - dnsConfig: { - relativeName: 'acctest-tmp-230630034107607730' - ttl: 30 - } } } @@ -33,23 +53,3 @@ resource azureEndpoint 'Microsoft.Network/trafficManagerProfiles/AzureEndpoints@ weight: 3 } } - -resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { - name: resourceName - location: location - sku: { - tier: 'Regional' - name: 'Basic' - } - properties: { - ddosSettings: { - protectionMode: 'VirtualNetworkInherited' - } - dnsSettings: { - domainNameLabel: 'acctestpublicip-230630034107607730' - } - idleTimeoutInMinutes: 4 - publicIPAddressVersion: 'IPv4' - publicIPAllocationMethod: 'Static' - } -} diff --git a/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/externalendpoints/main.bicep b/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/externalendpoints/main.bicep index 26ee06d8..efb6b1c7 100644 --- a/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/externalendpoints/main.bicep +++ b/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/externalendpoints/main.bicep @@ -10,13 +10,13 @@ resource trafficManagerProfile 'Microsoft.Network/trafficManagerProfiles@2018-08 ttl: 30 } monitorConfig: { - toleratedNumberOfFailures: 3 expectedStatusCodeRanges: [] intervalInSeconds: 30 path: '/' port: 443 protocol: 'HTTPS' timeoutInSeconds: 10 + toleratedNumberOfFailures: 3 } trafficRoutingMethod: 'Weighted' } diff --git a/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/main.bicep b/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/main.bicep index a556f0a7..192572ff 100644 --- a/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/main.bicep +++ b/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/main.bicep @@ -10,13 +10,13 @@ resource trafficManagerProfile 'Microsoft.Network/trafficManagerProfiles@2018-08 ttl: 30 } monitorConfig: { - protocol: 'HTTPS' - timeoutInSeconds: 10 - toleratedNumberOfFailures: 3 expectedStatusCodeRanges: [] intervalInSeconds: 30 path: '/' port: 443 + protocol: 'HTTPS' + timeoutInSeconds: 10 + toleratedNumberOfFailures: 3 } trafficRoutingMethod: 'Weighted' } diff --git a/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/nestedendpoints/main.bicep b/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/nestedendpoints/main.bicep index 70aa63f9..d7b4087f 100644 --- a/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/nestedendpoints/main.bicep +++ b/settings/remarks/microsoft.network/samples/trafficmanagerprofiles/nestedendpoints/main.bicep @@ -10,13 +10,13 @@ resource trafficManagerProfile 'Microsoft.Network/trafficManagerProfiles@2018-08 ttl: 30 } monitorConfig: { - protocol: 'HTTPS' - timeoutInSeconds: 10 - toleratedNumberOfFailures: 3 expectedStatusCodeRanges: [] intervalInSeconds: 30 path: '/' port: 443 + protocol: 'HTTPS' + timeoutInSeconds: 10 + toleratedNumberOfFailures: 3 } trafficRoutingMethod: 'Weighted' } @@ -31,13 +31,13 @@ resource trafficManagerProfile2 'Microsoft.Network/trafficManagerProfiles@2018-0 ttl: 30 } monitorConfig: { - protocol: 'HTTPS' - timeoutInSeconds: 10 - toleratedNumberOfFailures: 3 expectedStatusCodeRanges: [] intervalInSeconds: 30 path: '/' port: 443 + protocol: 'HTTPS' + timeoutInSeconds: 10 + toleratedNumberOfFailures: 3 } trafficRoutingMethod: 'Priority' } @@ -47,11 +47,11 @@ resource nestedEndpoint 'Microsoft.Network/trafficManagerProfiles/NestedEndpoint name: resourceName parent: trafficManagerProfile properties: { + customHeaders: [] endpointStatus: 'Enabled' minChildEndpoints: 5 subnets: [] targetResourceId: trafficManagerProfile2.id weight: 3 - customHeaders: [] } } diff --git a/settings/remarks/microsoft.network/samples/virtualhubs/hubvirtualnetworkconnections/main.bicep b/settings/remarks/microsoft.network/samples/virtualhubs/hubvirtualnetworkconnections/main.bicep index 457a668f..96212226 100644 --- a/settings/remarks/microsoft.network/samples/virtualhubs/hubvirtualnetworkconnections/main.bicep +++ b/settings/remarks/microsoft.network/samples/virtualhubs/hubvirtualnetworkconnections/main.bicep @@ -1,29 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' - -resource virtualHub 'Microsoft.Network/virtualHubs@2022-07-01' = { - name: resourceName - location: location - properties: { - hubRoutingPreference: 'ExpressRoute' - virtualRouterAutoScaleConfiguration: { - minCapacity: 2 - } - virtualWan: {} - addressPrefix: '10.0.2.0/24' - } -} - -resource hubVirtualNetworkConnection 'Microsoft.Network/virtualHubs/hubVirtualNetworkConnections@2022-07-01' = { - name: resourceName - parent: virtualHub - properties: { - enableInternetSecurity: false - remoteVirtualNetwork: { - id: virtualNetwork.id - } - } -} +param location string = 'westeurope' resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName @@ -51,3 +27,29 @@ resource virtualWan 'Microsoft.Network/virtualWans@2022-07-01' = { type: 'Standard' } } + +resource virtualHub 'Microsoft.Network/virtualHubs@2022-07-01' = { + name: resourceName + location: location + properties: { + addressPrefix: '10.0.2.0/24' + hubRoutingPreference: 'ExpressRoute' + virtualRouterAutoScaleConfiguration: { + minCapacity: 2 + } + virtualWan: { + id: virtualWan.id + } + } +} + +resource hubVirtualNetworkConnection 'Microsoft.Network/virtualHubs/hubVirtualNetworkConnections@2022-07-01' = { + name: resourceName + parent: virtualHub + properties: { + enableInternetSecurity: false + remoteVirtualNetwork: { + id: virtualNetwork.id + } + } +} diff --git a/settings/remarks/microsoft.network/samples/virtualhubs/ipconfigurations/main.bicep b/settings/remarks/microsoft.network/samples/virtualhubs/ipconfigurations/main.bicep index 24eac321..6cae3b3a 100644 --- a/settings/remarks/microsoft.network/samples/virtualhubs/ipconfigurations/main.bicep +++ b/settings/remarks/microsoft.network/samples/virtualhubs/ipconfigurations/main.bicep @@ -55,7 +55,9 @@ resource ipConfiguration 'Microsoft.Network/virtualHubs/ipConfigurations@2022-07 publicIPAddress: { id: publicIPAddress.id } - subnet: {} + subnet: { + id: subnet.id + } } } @@ -63,11 +65,11 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: 'RouteServerSubnet' parent: virtualNetwork properties: { - serviceEndpointPolicies: [] - serviceEndpoints: [] addressPrefix: '10.5.1.0/24' delegations: [] privateEndpointNetworkPolicies: 'Enabled' privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.network/samples/virtualhubs/main.bicep b/settings/remarks/microsoft.network/samples/virtualhubs/main.bicep index 97008267..a244fae4 100644 --- a/settings/remarks/microsoft.network/samples/virtualhubs/main.bicep +++ b/settings/remarks/microsoft.network/samples/virtualhubs/main.bicep @@ -1,16 +1,18 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource virtualHub 'Microsoft.Network/virtualHubs@2022-07-01' = { name: resourceName location: location properties: { + addressPrefix: '10.0.0.0/24' hubRoutingPreference: 'ExpressRoute' virtualRouterAutoScaleConfiguration: { minCapacity: 2 } - virtualWan: {} - addressPrefix: '10.0.0.0/24' + virtualWan: { + id: virtualWan.id + } } } diff --git a/settings/remarks/microsoft.network/samples/virtualnetworkgateways/main.bicep b/settings/remarks/microsoft.network/samples/virtualnetworkgateways/main.bicep index 651f8d5f..14ba8e45 100644 --- a/settings/remarks/microsoft.network/samples/virtualnetworkgateways/main.bicep +++ b/settings/remarks/microsoft.network/samples/virtualnetworkgateways/main.bicep @@ -1,42 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'centralus' -resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { - name: resourceName - location: location - sku: { - name: 'Standard' - tier: 'Regional' - } - properties: { - ddosSettings: { - protectionMode: 'VirtualNetworkInherited' - } - idleTimeoutInMinutes: 4 - publicIPAddressVersion: 'IPv4' - publicIPAllocationMethod: 'Static' - } -} - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: resourceName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.6.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - subnets: [] - } - tags: { - SkipASMAzSecPack: 'true' - } -} - resource virtualNetworkGateway 'Microsoft.Network/virtualNetworkGateways@2022-07-01' = { name: resourceName location: location @@ -49,11 +13,13 @@ resource virtualNetworkGateway 'Microsoft.Network/virtualNetworkGateways@2022-07 { name: 'vnetGatewayConfig' properties: { + privateIPAllocationMethod: 'Dynamic' publicIPAddress: { id: publicIPAddress.id } - subnet: {} - privateIPAllocationMethod: 'Dynamic' + subnet: { + id: subnet.id + } } } ] @@ -65,6 +31,25 @@ resource virtualNetworkGateway 'Microsoft.Network/virtualNetworkGateways@2022-07 } } +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.6.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] + } + tags: { + SkipASMAzSecPack: 'true' + } +} + resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: 'GatewaySubnet' parent: virtualNetwork @@ -77,3 +62,20 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { serviceEndpoints: [] } } + +resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { + name: resourceName + location: location + sku: { + name: 'Standard' + tier: 'Regional' + } + properties: { + ddosSettings: { + protectionMode: 'VirtualNetworkInherited' + } + idleTimeoutInMinutes: 4 + publicIPAddressVersion: 'IPv4' + publicIPAllocationMethod: 'Static' + } +} diff --git a/settings/remarks/microsoft.network/samples/virtualnetworkgateways/natrules/main.bicep b/settings/remarks/microsoft.network/samples/virtualnetworkgateways/natrules/main.bicep index 21eb42ed..de1aa544 100644 --- a/settings/remarks/microsoft.network/samples/virtualnetworkgateways/natrules/main.bicep +++ b/settings/remarks/microsoft.network/samples/virtualnetworkgateways/natrules/main.bicep @@ -1,64 +1,33 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { - name: resourceName - location: location - sku: { - name: 'Basic' - tier: 'Regional' - } - properties: { - idleTimeoutInMinutes: 4 - publicIPAddressVersion: 'IPv4' - publicIPAllocationMethod: 'Dynamic' - ddosSettings: { - protectionMode: 'VirtualNetworkInherited' - } - } -} - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: resourceName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - subnets: [] - } -} - resource virtualNetworkGateway 'Microsoft.Network/virtualNetworkGateways@2022-07-01' = { name: resourceName location: location properties: { - sku: { - name: 'Basic' - tier: 'Basic' - } - vpnType: 'RouteBased' activeActive: false enableBgp: false enablePrivateIpAddress: false gatewayType: 'Vpn' ipConfigurations: [ { + name: 'vnetGatewayConfig' properties: { + privateIPAllocationMethod: 'Dynamic' publicIPAddress: { id: publicIPAddress.id } - subnet: {} - privateIPAllocationMethod: 'Dynamic' + subnet: { + id: subnet.id + } } - name: 'vnetGatewayConfig' } ] + sku: { + name: 'Basic' + tier: 'Basic' + } + vpnType: 'RouteBased' } } @@ -66,7 +35,6 @@ resource natRule 'Microsoft.Network/virtualNetworkGateways/natRules@2022-07-01' name: resourceName parent: virtualNetworkGateway properties: { - type: 'Static' externalMappings: [ { addressSpace: '10.1.0.0/26' @@ -78,6 +46,23 @@ resource natRule 'Microsoft.Network/virtualNetworkGateways/natRules@2022-07-01' } ] mode: 'EgressSnat' + type: 'Static' + } +} + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] } } @@ -93,3 +78,20 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { serviceEndpoints: [] } } + +resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2022-07-01' = { + name: resourceName + location: location + sku: { + name: 'Basic' + tier: 'Regional' + } + properties: { + ddosSettings: { + protectionMode: 'VirtualNetworkInherited' + } + idleTimeoutInMinutes: 4 + publicIPAddressVersion: 'IPv4' + publicIPAllocationMethod: 'Dynamic' + } +} diff --git a/settings/remarks/microsoft.network/samples/virtualnetworks/subnets/withipampool/main.bicep b/settings/remarks/microsoft.network/samples/virtualnetworks/subnets/withipampool/main.bicep index 8979657e..b4bb1e25 100644 --- a/settings/remarks/microsoft.network/samples/virtualnetworks/subnets/withipampool/main.bicep +++ b/settings/remarks/microsoft.network/samples/virtualnetworks/subnets/withipampool/main.bicep @@ -1,31 +1,33 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource networkManager 'Microsoft.Network/networkManagers@2024-05-01' = { +resource vnetWithipam 'Microsoft.Network/virtualNetworks@2024-05-01' = { name: resourceName location: location properties: { - networkManagerScopes: { - managementGroups: [] - subscriptions: [ - '/subscriptions/${subscription().subscriptionId}' + addressSpace: { + ipamPoolPrefixAllocations: [ + { + numberOfIpAddresses: '100' + pool: { + id: ipamPool.id + } + } ] } - description: '' - networkManagerScopeAccesses: [] } } -resource vnetWithipam 'Microsoft.Network/virtualNetworks@2024-05-01' = { +resource networkManager 'Microsoft.Network/networkManagers@2024-05-01' = { name: resourceName location: location properties: { - addressSpace: { - ipamPoolPrefixAllocations: [ - { - numberOfIpAddresses: '100' - pool: {} - } + description: '' + networkManagerScopeAccesses: [] + networkManagerScopes: { + managementGroups: [] + subscriptions: [ + '/subscriptions/${subscription().subscriptionId}' ] } } @@ -36,12 +38,12 @@ resource ipamPool 'Microsoft.Network/networkManagers/ipamPools@2024-05-01' = { location: location parent: networkManager properties: { - parentPoolName: '' addressPrefixes: [ '10.0.0.0/24' ] description: 'Test description.' displayName: 'testDisplayName' + parentPoolName: '' } } diff --git a/settings/remarks/microsoft.network/samples/virtualnetworks/virtualnetworkpeerings/main.bicep b/settings/remarks/microsoft.network/samples/virtualnetworks/virtualnetworkpeerings/main.bicep index eee6e8d7..fe5a1be4 100644 --- a/settings/remarks/microsoft.network/samples/virtualnetworks/virtualnetworkpeerings/main.bicep +++ b/settings/remarks/microsoft.network/samples/virtualnetworks/virtualnetworkpeerings/main.bicep @@ -1,22 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: resourceName - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.1.0/24' - ] - } - dhcpOptions: { - dnsServers: [] - } - subnets: [] - } -} - resource workspace 'Microsoft.Databricks/workspaces@2023-02-01' = { name: resourceName location: location @@ -24,6 +8,7 @@ resource workspace 'Microsoft.Databricks/workspaces@2023-02-01' = { name: 'standard' } properties: { + managedResourceGroupId: resourceGroup().id parameters: { prepareEncryption: { value: false @@ -33,7 +18,6 @@ resource workspace 'Microsoft.Databricks/workspaces@2023-02-01' = { } } publicNetworkAccess: 'Enabled' - managedResourceGroupId: resourceGroup().id } } @@ -41,10 +25,6 @@ resource virtualNetworkPeering 'Microsoft.Databricks/workspaces/virtualNetworkPe name: resourceName parent: workspace properties: { - remoteVirtualNetwork: { - id: virtualNetwork.id - } - useRemoteGateways: false allowForwardedTraffic: false allowGatewayTransit: false allowVirtualNetworkAccess: true @@ -58,5 +38,25 @@ resource virtualNetworkPeering 'Microsoft.Databricks/workspaces/virtualNetworkPe '10.0.1.0/24' ] } + remoteVirtualNetwork: { + id: virtualNetwork.id + } + useRemoteGateways: false + } +} + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: resourceName + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.1.0/24' + ] + } + dhcpOptions: { + dnsServers: [] + } + subnets: [] } } diff --git a/settings/remarks/microsoft.network/samples/virtualnetworks/withipampool/main.bicep b/settings/remarks/microsoft.network/samples/virtualnetworks/withipampool/main.bicep index 67a24233..1e2f89b9 100644 --- a/settings/remarks/microsoft.network/samples/virtualnetworks/withipampool/main.bicep +++ b/settings/remarks/microsoft.network/samples/virtualnetworks/withipampool/main.bicep @@ -24,7 +24,9 @@ resource vnetWithipam 'Microsoft.Network/virtualNetworks@2024-05-01' = { ipamPoolPrefixAllocations: [ { numberOfIpAddresses: '100' - pool: {} + pool: { + id: ipamPool.id + } } ] } @@ -36,11 +38,11 @@ resource ipamPool 'Microsoft.Network/networkManagers/ipamPools@2024-05-01' = { location: location parent: networkManager properties: { - parentPoolName: '' addressPrefixes: [ '10.0.0.0/24' ] description: 'Test description.' displayName: 'testDisplayName' + parentPoolName: '' } } diff --git a/settings/remarks/microsoft.network/samples/vpngateways/main.bicep b/settings/remarks/microsoft.network/samples/vpngateways/main.bicep index 28104c6c..dc050d57 100644 --- a/settings/remarks/microsoft.network/samples/vpngateways/main.bicep +++ b/settings/remarks/microsoft.network/samples/vpngateways/main.bicep @@ -10,7 +10,9 @@ resource virtualHub 'Microsoft.Network/virtualHubs@2022-07-01' = { virtualRouterAutoScaleConfiguration: { minCapacity: 2 } - virtualWan: {} + virtualWan: { + id: virtualWan.id + } } } @@ -29,11 +31,11 @@ resource vpnGateway 'Microsoft.Network/vpnGateways@2022-07-01' = { name: resourceName location: location properties: { + enableBgpRouteTranslationForNat: false + isRoutingPreferenceInternet: false virtualHub: { id: virtualHub.id } vpnGatewayScaleUnit: 1 - enableBgpRouteTranslationForNat: false - isRoutingPreferenceInternet: false } } diff --git a/settings/remarks/microsoft.network/samples/vpngateways/natrules/main.bicep b/settings/remarks/microsoft.network/samples/vpngateways/natrules/main.bicep index 04e1865f..d424e998 100644 --- a/settings/remarks/microsoft.network/samples/vpngateways/natrules/main.bicep +++ b/settings/remarks/microsoft.network/samples/vpngateways/natrules/main.bicep @@ -1,6 +1,32 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource virtualHub 'Microsoft.Network/virtualHubs@2022-07-01' = { + name: resourceName + location: location + properties: { + addressPrefix: '10.0.0.0/24' + hubRoutingPreference: 'ExpressRoute' + virtualRouterAutoScaleConfiguration: { + minCapacity: 2 + } + virtualWan: { + id: virtualWan.id + } + } +} + +resource virtualWan 'Microsoft.Network/virtualWans@2022-07-01' = { + name: resourceName + location: location + properties: { + allowBranchToBranchTraffic: true + disableVpnEncryption: false + office365LocalBreakoutCategory: 'None' + type: 'Standard' + } +} + resource vpnGateway 'Microsoft.Network/vpnGateways@2022-07-01' = { name: resourceName location: location @@ -32,27 +58,3 @@ resource natRule 'Microsoft.Network/vpnGateways/natRules@2022-07-01' = { type: 'Static' } } - -resource virtualHub 'Microsoft.Network/virtualHubs@2022-07-01' = { - name: resourceName - location: location - properties: { - addressPrefix: '10.0.0.0/24' - hubRoutingPreference: 'ExpressRoute' - virtualRouterAutoScaleConfiguration: { - minCapacity: 2 - } - virtualWan: {} - } -} - -resource virtualWan 'Microsoft.Network/virtualWans@2022-07-01' = { - name: resourceName - location: location - properties: { - office365LocalBreakoutCategory: 'None' - type: 'Standard' - allowBranchToBranchTraffic: true - disableVpnEncryption: false - } -} diff --git a/settings/remarks/microsoft.network/samples/vpngateways/vpnconnections/main.bicep b/settings/remarks/microsoft.network/samples/vpngateways/vpnconnections/main.bicep index cfd999b5..439a3abd 100644 --- a/settings/remarks/microsoft.network/samples/vpngateways/vpnconnections/main.bicep +++ b/settings/remarks/microsoft.network/samples/vpngateways/vpnconnections/main.bicep @@ -1,6 +1,45 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource virtualHub 'Microsoft.Network/virtualHubs@2022-07-01' = { + name: resourceName + location: location + properties: { + addressPrefix: '10.0.0.0/24' + hubRoutingPreference: 'ExpressRoute' + virtualRouterAutoScaleConfiguration: { + minCapacity: 2 + } + virtualWan: { + id: virtualWan.id + } + } +} + +resource virtualWan 'Microsoft.Network/virtualWans@2022-07-01' = { + name: resourceName + location: location + properties: { + allowBranchToBranchTraffic: true + disableVpnEncryption: false + office365LocalBreakoutCategory: 'None' + type: 'Standard' + } +} + +resource vpnGateway 'Microsoft.Network/vpnGateways@2022-07-01' = { + name: resourceName + location: location + properties: { + enableBgpRouteTranslationForNat: false + isRoutingPreferenceInternet: false + virtualHub: { + id: virtualHub.id + } + vpnGatewayScaleUnit: 1 + } +} + resource vpnSite 'Microsoft.Network/vpnSites@2022-07-01' = { name: resourceName location: location @@ -17,12 +56,12 @@ resource vpnSite 'Microsoft.Network/vpnSites@2022-07-01' = { { name: 'link1' properties: { + fqdn: '' ipAddress: '10.0.1.1' linkProperties: { - linkSpeedInMbps: 0 linkProviderName: '' + linkSpeedInMbps: 0 } - fqdn: '' } } { @@ -40,19 +79,6 @@ resource vpnSite 'Microsoft.Network/vpnSites@2022-07-01' = { } } -resource vpnGateway 'Microsoft.Network/vpnGateways@2022-07-01' = { - name: resourceName - location: location - properties: { - enableBgpRouteTranslationForNat: false - isRoutingPreferenceInternet: false - virtualHub: { - id: virtualHub.id - } - vpnGatewayScaleUnit: 1 - } -} - resource vpnConnection 'Microsoft.Network/vpnGateways/vpnConnections@2022-07-01' = { name: resourceName parent: vpnGateway @@ -65,61 +91,37 @@ resource vpnConnection 'Microsoft.Network/vpnGateways/vpnConnections@2022-07-01' { name: 'link1' properties: { - vpnConnectionProtocolType: 'IKEv2' - vpnGatewayCustomBgpAddresses: [] - vpnLinkConnectionMode: 'Default' + connectionBandwidth: 10 + enableBgp: false enableRateLimiting: false + routingWeight: 0 useLocalAzureIpAddress: false usePolicyBasedTrafficSelectors: false + vpnConnectionProtocolType: 'IKEv2' + vpnGatewayCustomBgpAddresses: [] + vpnLinkConnectionMode: 'Default' vpnSiteLink: { id: resourceId('Microsoft.Network/vpnSites/vpnSiteLinks', vpnSite.name, 'link1') } - connectionBandwidth: 10 - enableBgp: false - routingWeight: 0 } } { name: 'link2' properties: { - routingWeight: 0 - vpnLinkConnectionMode: 'Default' - vpnSiteLink: { - id: resourceId('Microsoft.Network/vpnSites/vpnSiteLinks', vpnSite.name, 'link2') - } connectionBandwidth: 10 enableBgp: false enableRateLimiting: false + routingWeight: 0 useLocalAzureIpAddress: false usePolicyBasedTrafficSelectors: false vpnConnectionProtocolType: 'IKEv2' vpnGatewayCustomBgpAddresses: [] + vpnLinkConnectionMode: 'Default' + vpnSiteLink: { + id: resourceId('Microsoft.Network/vpnSites/vpnSiteLinks', vpnSite.name, 'link2') + } } } ] } } - -resource virtualHub 'Microsoft.Network/virtualHubs@2022-07-01' = { - name: resourceName - location: location - properties: { - addressPrefix: '10.0.0.0/24' - hubRoutingPreference: 'ExpressRoute' - virtualRouterAutoScaleConfiguration: { - minCapacity: 2 - } - virtualWan: {} - } -} - -resource virtualWan 'Microsoft.Network/virtualWans@2022-07-01' = { - name: resourceName - location: location - properties: { - allowBranchToBranchTraffic: true - disableVpnEncryption: false - office365LocalBreakoutCategory: 'None' - type: 'Standard' - } -} diff --git a/settings/remarks/microsoft.network/samples/vpnserverconfigurations/configurationpolicygroups/main.bicep b/settings/remarks/microsoft.network/samples/vpnserverconfigurations/configurationpolicygroups/main.bicep index 7407d189..1f7cb88e 100644 --- a/settings/remarks/microsoft.network/samples/vpnserverconfigurations/configurationpolicygroups/main.bicep +++ b/settings/remarks/microsoft.network/samples/vpnserverconfigurations/configurationpolicygroups/main.bicep @@ -1,30 +1,30 @@ +param resourceName string = 'acctest0001' param location string = 'westeurope' @secure() @description('The RADIUS server secret for VPN authentication') param radiusServerSecret string -param resourceName string = 'acctest0001' resource vpnServerConfiguration 'Microsoft.Network/vpnServerConfigurations@2022-07-01' = { name: resourceName location: location properties: { + radiusClientRootCertificates: [] + radiusServerAddress: '' radiusServerRootCertificates: [] + radiusServerSecret: '' radiusServers: [ { - radiusServerScore: 15 - radiusServerSecret: '${radiusServerSecret}' radiusServerAddress: '10.105.1.1' + radiusServerScore: 15 + radiusServerSecret: radiusServerSecret } ] - vpnClientRevokedCertificates: [] - vpnClientRootCertificates: [] - radiusClientRootCertificates: [] - radiusServerAddress: '' - radiusServerSecret: '' vpnAuthenticationTypes: [ 'Radius' ] vpnClientIpsecPolicies: [] + vpnClientRevokedCertificates: [] + vpnClientRootCertificates: [] vpnProtocols: [ 'OpenVPN' 'IkeV2' @@ -39,9 +39,9 @@ resource configurationPolicyGroup 'Microsoft.Network/vpnServerConfigurations/con isDefault: false policyMembers: [ { + attributeType: 'RadiusAzureGroupId' attributeValue: '6ad1bd08' name: 'policy1' - attributeType: 'RadiusAzureGroupId' } ] priority: 0 diff --git a/settings/remarks/microsoft.network/samples/vpnserverconfigurations/main.bicep b/settings/remarks/microsoft.network/samples/vpnserverconfigurations/main.bicep index af7654b0..554e2fea 100644 --- a/settings/remarks/microsoft.network/samples/vpnserverconfigurations/main.bicep +++ b/settings/remarks/microsoft.network/samples/vpnserverconfigurations/main.bicep @@ -8,26 +8,26 @@ resource vpnServerConfiguration 'Microsoft.Network/vpnServerConfigurations@2022- name: resourceName location: location properties: { + radiusClientRootCertificates: [] + radiusServerAddress: '' + radiusServerRootCertificates: [] + radiusServerSecret: radiusServerSecret + radiusServers: [ + { + radiusServerAddress: '10.105.1.1' + radiusServerScore: 15 + radiusServerSecret: radiusServerSecret + } + ] vpnAuthenticationTypes: [ 'Radius' ] vpnClientIpsecPolicies: [] vpnClientRevokedCertificates: [] - radiusClientRootCertificates: [] - radiusServerRootCertificates: [] - radiusServerSecret: '${radiusServerSecret}' vpnClientRootCertificates: [] vpnProtocols: [ 'OpenVPN' 'IkeV2' ] - radiusServerAddress: '' - radiusServers: [ - { - radiusServerAddress: '10.105.1.1' - radiusServerScore: 15 - radiusServerSecret: '${radiusServerSecret}' - } - ] } } diff --git a/settings/remarks/microsoft.network/samples/vpnsites/main.bicep b/settings/remarks/microsoft.network/samples/vpnsites/main.bicep index b731ffbd..088159a6 100644 --- a/settings/remarks/microsoft.network/samples/vpnsites/main.bicep +++ b/settings/remarks/microsoft.network/samples/vpnsites/main.bicep @@ -28,23 +28,23 @@ resource vpnSite 'Microsoft.Network/vpnSites@2022-07-01' = { { name: 'link1' properties: { + fqdn: '' ipAddress: '10.0.1.1' linkProperties: { - linkSpeedInMbps: 0 linkProviderName: '' + linkSpeedInMbps: 0 } - fqdn: '' } } { name: 'link2' properties: { + fqdn: '' + ipAddress: '10.0.1.2' linkProperties: { linkProviderName: '' linkSpeedInMbps: 0 } - fqdn: '' - ipAddress: '10.0.1.2' } } ] diff --git a/settings/remarks/microsoft.notificationhubs/samples/namespaces/notificationhubs/authorizationrules/main.bicep b/settings/remarks/microsoft.notificationhubs/samples/namespaces/notificationhubs/authorizationrules/main.bicep index 7fd683be..f0cf4acd 100644 --- a/settings/remarks/microsoft.notificationhubs/samples/namespaces/notificationhubs/authorizationrules/main.bicep +++ b/settings/remarks/microsoft.notificationhubs/samples/namespaces/notificationhubs/authorizationrules/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource namespace 'Microsoft.NotificationHubs/namespaces@2017-04-01' = { name: resourceName diff --git a/settings/remarks/microsoft.operationalinsights/samples/workspaces/dataexports/main.bicep b/settings/remarks/microsoft.operationalinsights/samples/workspaces/dataexports/main.bicep index 141a7eef..25300c46 100644 --- a/settings/remarks/microsoft.operationalinsights/samples/workspaces/dataexports/main.bicep +++ b/settings/remarks/microsoft.operationalinsights/samples/workspaces/dataexports/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName @@ -9,13 +9,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { - defaultToOAuthAuthentication: false - minimumTlsVersion: 'TLS1_2' - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: true + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -30,10 +28,12 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { isHnsEnabled: false isNfsV3Enabled: false isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } - allowSharedKeyAccess: true + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true } } @@ -41,12 +41,6 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { - sku: { - name: 'PerGB2018' - } - workspaceCapping: { - dailyQuotaGb: -1 - } features: { disableLocalAuth: false enableLogAccessUsingOnlyResourcePermissions: true @@ -54,6 +48,12 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' retentionInDays: 30 + sku: { + name: 'PerGB2018' + } + workspaceCapping: { + dailyQuotaGb: -1 + } } } diff --git a/settings/remarks/microsoft.operationalinsights/samples/workspaces/datasources/main.bicep b/settings/remarks/microsoft.operationalinsights/samples/workspaces/datasources/main.bicep index 0ef6216e..2545e14f 100644 --- a/settings/remarks/microsoft.operationalinsights/samples/workspaces/datasources/main.bicep +++ b/settings/remarks/microsoft.operationalinsights/samples/workspaces/datasources/main.bicep @@ -5,6 +5,10 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { + features: { + disableLocalAuth: false + enableLogAccessUsingOnlyResourcePermissions: true + } publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' retentionInDays: 30 @@ -14,10 +18,6 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { workspaceCapping: { dailyQuotaGb: -1 } - features: { - disableLocalAuth: false - enableLogAccessUsingOnlyResourcePermissions: true - } } } diff --git a/settings/remarks/microsoft.operationalinsights/samples/workspaces/linkedservices/main.bicep b/settings/remarks/microsoft.operationalinsights/samples/workspaces/linkedservices/main.bicep index 384f3422..4a26eab1 100644 --- a/settings/remarks/microsoft.operationalinsights/samples/workspaces/linkedservices/main.bicep +++ b/settings/remarks/microsoft.operationalinsights/samples/workspaces/linkedservices/main.bicep @@ -1,20 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' = { - name: resourceName - location: location - properties: { - encryption: { - keySource: 'Microsoft.Automation' - } - publicNetworkAccess: true - sku: { - name: 'Basic' - } - } -} - resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location @@ -42,3 +28,17 @@ resource linkedService 'Microsoft.OperationalInsights/workspaces/linkedServices@ resourceId: automationAccount.id } } + +resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22' = { + name: resourceName + location: location + properties: { + encryption: { + keySource: 'Microsoft.Automation' + } + publicNetworkAccess: true + sku: { + name: 'Basic' + } + } +} diff --git a/settings/remarks/microsoft.operationalinsights/samples/workspaces/linkedstorageaccounts/main.bicep b/settings/remarks/microsoft.operationalinsights/samples/workspaces/linkedstorageaccounts/main.bicep index cf280178..81b14a65 100644 --- a/settings/remarks/microsoft.operationalinsights/samples/workspaces/linkedstorageaccounts/main.bicep +++ b/settings/remarks/microsoft.operationalinsights/samples/workspaces/linkedstorageaccounts/main.bicep @@ -5,19 +5,19 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { - sku: { - name: 'PerGB2018' - } - workspaceCapping: { - dailyQuotaGb: -1 - } features: { - enableLogAccessUsingOnlyResourcePermissions: true disableLocalAuth: false + enableLogAccessUsingOnlyResourcePermissions: true } publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' retentionInDays: 30 + sku: { + name: 'PerGB2018' + } + workspaceCapping: { + dailyQuotaGb: -1 + } } } @@ -39,17 +39,9 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' - publicNetworkAccess: 'Enabled' accessTier: 'Hot' - allowCrossTenantReplication: true - isHnsEnabled: false - networkAcls: { - defaultAction: 'Allow' - } - supportsHttpsTrafficOnly: true allowBlobPublicAccess: true + allowCrossTenantReplication: true allowSharedKeyAccess: true defaultToOAuthAuthentication: false encryption: { @@ -63,6 +55,14 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } + isHnsEnabled: false isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true } } diff --git a/settings/remarks/microsoft.operationalinsights/samples/workspaces/savedsearches/main.bicep b/settings/remarks/microsoft.operationalinsights/samples/workspaces/savedsearches/main.bicep index 30705ea4..92df7fea 100644 --- a/settings/remarks/microsoft.operationalinsights/samples/workspaces/savedsearches/main.bicep +++ b/settings/remarks/microsoft.operationalinsights/samples/workspaces/savedsearches/main.bicep @@ -5,6 +5,11 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { + features: { + disableLocalAuth: false + enableLogAccessUsingOnlyResourcePermissions: true + } + publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' retentionInDays: 30 sku: { @@ -13,11 +18,6 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { workspaceCapping: { dailyQuotaGb: -1 } - features: { - enableLogAccessUsingOnlyResourcePermissions: true - disableLocalAuth: false - } - publicNetworkAccessForIngestion: 'Enabled' } } diff --git a/settings/remarks/microsoft.operationalinsights/samples/workspaces/storageinsightconfigs/main.bicep b/settings/remarks/microsoft.operationalinsights/samples/workspaces/storageinsightconfigs/main.bicep index 7c08a869..f894a03a 100644 --- a/settings/remarks/microsoft.operationalinsights/samples/workspaces/storageinsightconfigs/main.bicep +++ b/settings/remarks/microsoft.operationalinsights/samples/workspaces/storageinsightconfigs/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName @@ -9,7 +9,10 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { + accessTier: 'Hot' allowBlobPublicAccess: true + allowCrossTenantReplication: true + allowSharedKeyAccess: true defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' @@ -22,18 +25,15 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } + isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } - allowCrossTenantReplication: true - allowSharedKeyAccess: true - isHnsEnabled: false - isNfsV3Enabled: false - isSftpEnabled: false publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true - accessTier: 'Hot' } } @@ -41,6 +41,11 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { + features: { + disableLocalAuth: false + enableLogAccessUsingOnlyResourcePermissions: true + } + publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' retentionInDays: 30 sku: { @@ -49,11 +54,6 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { workspaceCapping: { dailyQuotaGb: -1 } - features: { - disableLocalAuth: false - enableLogAccessUsingOnlyResourcePermissions: true - } - publicNetworkAccessForIngestion: 'Enabled' } } diff --git a/settings/remarks/microsoft.operationalinsights/samples/workspaces/tables/auditlog/main.bicep b/settings/remarks/microsoft.operationalinsights/samples/workspaces/tables/auditlog/main.bicep index 2042788a..42715801 100644 --- a/settings/remarks/microsoft.operationalinsights/samples/workspaces/tables/auditlog/main.bicep +++ b/settings/remarks/microsoft.operationalinsights/samples/workspaces/tables/auditlog/main.bicep @@ -1,6 +1,7 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +var auditLogTableName = 'AuditLog_CL' var auditLogColumns = [ { name: 'appId' @@ -15,7 +16,6 @@ var auditLogColumns = [ type: 'datetime' } ] -var auditLogTableName = 'AuditLog_CL' resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName @@ -42,8 +42,8 @@ resource table 'Microsoft.OperationalInsights/workspaces/tables@2022-10-01' = { parent: workspace properties: { schema: { - name: '${auditLogTableName}' - columns: '${auditLogColumns}' + columns: auditLogColumns + name: auditLogTableName } } } diff --git a/settings/remarks/microsoft.operationalinsights/samples/workspaces/tables/basic/main.bicep b/settings/remarks/microsoft.operationalinsights/samples/workspaces/tables/basic/main.bicep index 0181bcd4..f479132d 100644 --- a/settings/remarks/microsoft.operationalinsights/samples/workspaces/tables/basic/main.bicep +++ b/settings/remarks/microsoft.operationalinsights/samples/workspaces/tables/basic/main.bicep @@ -4,12 +4,12 @@ param location string = 'westeurope' var sentinelTiAlertsTableName = 'SentinelTIAlerts_CL' var sentinelTiAlertsColumns = [ { - type: 'int' name: 'ConfidenceScore' + type: 'int' } { - name: 'ExternalIndicatorId' type: 'string' + name: 'ExternalIndicatorId' } { name: 'IndicatorType' @@ -20,8 +20,8 @@ var sentinelTiAlertsColumns = [ type: 'string' } { - type: 'datetime' name: 'TimeGenerated' + type: 'datetime' } { name: 'MatchType' @@ -41,6 +41,11 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { + features: { + disableLocalAuth: false + enableLogAccessUsingOnlyResourcePermissions: true + } + publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' retentionInDays: 30 sku: { @@ -49,11 +54,6 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { workspaceCapping: { dailyQuotaGb: -1 } - features: { - disableLocalAuth: false - enableLogAccessUsingOnlyResourcePermissions: true - } - publicNetworkAccessForIngestion: 'Enabled' } } @@ -63,8 +63,8 @@ resource table 'Microsoft.OperationalInsights/workspaces/tables@2022-10-01' = { properties: { retentionInDays: 30 schema: { - columns: '${sentinelTiAlertsColumns}' - name: '${sentinelTiAlertsTableName}' + columns: sentinelTiAlertsColumns + name: sentinelTiAlertsTableName } totalRetentionInDays: 30 } diff --git a/settings/remarks/microsoft.operationalinsights/samples/workspaces/tables/datacollectionlogs/main.bicep b/settings/remarks/microsoft.operationalinsights/samples/workspaces/tables/datacollectionlogs/main.bicep index 9cf99305..1c1b7f45 100644 --- a/settings/remarks/microsoft.operationalinsights/samples/workspaces/tables/datacollectionlogs/main.bicep +++ b/settings/remarks/microsoft.operationalinsights/samples/workspaces/tables/datacollectionlogs/main.bicep @@ -1,18 +1,18 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' var dataCollectionLogColumns = [ { - type: 'string' name: 'RawData' + type: 'string' } { - name: 'FilePath' type: 'string' + name: 'FilePath' } { - name: 'TimeGenerated' type: 'datetime' + name: 'TimeGenerated' } ] var dataCollectionLogTableName = 'DataCollectionLog_CL' @@ -42,8 +42,8 @@ resource table 'Microsoft.OperationalInsights/workspaces/tables@2022-10-01' = { parent: workspace properties: { schema: { - columns: '${dataCollectionLogColumns}' - name: '${dataCollectionLogTableName}' + columns: dataCollectionLogColumns + name: dataCollectionLogTableName } } } diff --git a/settings/remarks/microsoft.operationsmanagement/samples/solutions/main.bicep b/settings/remarks/microsoft.operationsmanagement/samples/solutions/main.bicep index 7d635d8e..846789b2 100644 --- a/settings/remarks/microsoft.operationsmanagement/samples/solutions/main.bicep +++ b/settings/remarks/microsoft.operationsmanagement/samples/solutions/main.bicep @@ -1,12 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westus' -resource solution 'Microsoft.OperationsManagement/solutions@2015-11-01-preview' = { - name: 'ContainerInsights(${resourceName})' - location: location - properties: {} -} - resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location @@ -16,3 +10,11 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { } } } + +resource solution 'Microsoft.OperationsManagement/solutions@2015-11-01-preview' = { + name: 'ContainerInsights(${resourceName})' + location: location + properties: { + workspaceResourceId: workspace.id + } +} diff --git a/settings/remarks/microsoft.orbital/samples/spacecrafts/main.bicep b/settings/remarks/microsoft.orbital/samples/spacecrafts/main.bicep index ddea0e5d..283f8da2 100644 --- a/settings/remarks/microsoft.orbital/samples/spacecrafts/main.bicep +++ b/settings/remarks/microsoft.orbital/samples/spacecrafts/main.bicep @@ -1,11 +1,10 @@ -param resourceName string = 'acctest0001' param location string = 'westus' +param resourceName string = 'acctest0001' resource spacecraft 'Microsoft.Orbital/spacecrafts@2022-11-01' = { name: resourceName location: location properties: { - tleLine2: '2 23455 99.0090 272.6745 0008546 223.1686 136.8816 14.11711747148495' links: [ { bandwidthMHz: 100 @@ -18,5 +17,6 @@ resource spacecraft 'Microsoft.Orbital/spacecrafts@2022-11-01' = { noradId: '12345' titleLine: 'AQUA' tleLine1: '1 23455U 94089A 97320.90946019 .00000140 00000-0 10191-3 0 2621' + tleLine2: '2 23455 99.0090 272.6745 0008546 223.1686 136.8816 14.11711747148495' } } diff --git a/settings/remarks/microsoft.policyinsights/samples/remediations/main.bicep b/settings/remarks/microsoft.policyinsights/samples/remediations/main.bicep index 027e69ba..ec2f4f8c 100644 --- a/settings/remarks/microsoft.policyinsights/samples/remediations/main.bicep +++ b/settings/remarks/microsoft.policyinsights/samples/remediations/main.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -param location string = 'eastus' param resourceName string = 'acctest0001' +param location string = 'eastus' resource policyAssignment 'Microsoft.Authorization/policyAssignments@2022-06-01' = { name: resourceName @@ -27,11 +27,11 @@ resource remediation 'Microsoft.PolicyInsights/remediations@2021-10-01' = { name: resourceName scope: subscription() properties: { - resourceDiscoveryMode: 'ExistingNonCompliant' filters: { locations: [] } policyAssignmentId: policyAssignment.id policyDefinitionReferenceId: '' + resourceDiscoveryMode: 'ExistingNonCompliant' } } diff --git a/settings/remarks/microsoft.purview/samples/accounts/main.bicep b/settings/remarks/microsoft.purview/samples/accounts/main.bicep index 0f6843fe..3b492717 100644 --- a/settings/remarks/microsoft.purview/samples/accounts/main.bicep +++ b/settings/remarks/microsoft.purview/samples/accounts/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource account 'Microsoft.Purview/accounts@2021-07-01' = { name: resourceName diff --git a/settings/remarks/microsoft.recoveryservices/samples/vaults/backupfabrics/protectioncontainers/protecteditems/main.bicep b/settings/remarks/microsoft.recoveryservices/samples/vaults/backupfabrics/protectioncontainers/protecteditems/main.bicep index 0c7e46c4..c74cc9be 100644 --- a/settings/remarks/microsoft.recoveryservices/samples/vaults/backupfabrics/protectioncontainers/protecteditems/main.bicep +++ b/settings/remarks/microsoft.recoveryservices/samples/vaults/backupfabrics/protectioncontainers/protecteditems/main.bicep @@ -1,13 +1,13 @@ +param resourceName string = 'acctest0001' param location string = 'westus' @secure() @description('The administrator password for the virtual machine') param adminPassword string -param resourceName string = 'acctest0001' -var compName = 'resourceName' -var saName = 'saBase' -var saBase = 'resourcename' -var dnsLabel = 'resourcename' +var saBase = substring(toLower(join(split(resourceName, '-'), '')), 0, 24) +var dnsLabel = substring(toLower(resourceName), 0, 63) +var compName = substring(resourceName, 0, 15) +var saName = saBase resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { name: saName @@ -17,7 +17,12 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } kind: 'StorageV2' properties: { + accessTier: 'Hot' + allowBlobPublicAccess: true + allowCrossTenantReplication: false + allowSharedKeyAccess: true defaultToOAuthAuthentication: false + dnsEndpointType: 'Standard' encryption: { keySource: 'Microsoft.Storage' services: { @@ -29,14 +34,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } } } - minimumTlsVersion: 'TLS1_2' - allowBlobPublicAccess: true - allowCrossTenantReplication: false - publicNetworkAccess: 'Enabled' - dnsEndpointType: 'Standard' isHnsEnabled: false isLocalUserEnabled: true + isNfsV3Enabled: false isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' networkAcls: { bypass: 'AzureServices' defaultAction: 'Allow' @@ -44,10 +46,8 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { resourceAccessRules: [] virtualNetworkRules: [] } + publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true - accessTier: 'Hot' - allowSharedKeyAccess: true - isNfsV3Enabled: false } } @@ -66,94 +66,34 @@ resource vault 'Microsoft.RecoveryServices/vaults@2024-01-01' = { } } -resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { - name: '${resourceName}-vm' - location: location - properties: { - networkProfile: { - networkInterfaces: [ - { - id: networkInterface.id - properties: { - primary: true - } - } - ] - } - osProfile: { - adminPassword: adminPassword - adminUsername: 'vmadmin' - computerName: compName - linuxConfiguration: { - disablePasswordAuthentication: false - } - } - storageProfile: { - dataDisks: [ - { - createOption: 'Attach' - diskSizeGB: 1023 - lun: 0 - managedDisk: { - id: disk.id - storageAccountType: 'Standard_LRS' - } - name: '${resourceName}-datadisk' - writeAcceleratorEnabled: false - } - { - createOption: 'Empty' - diskSizeGB: 4 - lun: 1 - managedDisk: { - storageAccountType: 'Standard_LRS' - } - name: '${resourceName}-datadisk2' - writeAcceleratorEnabled: false - } - ] - imageReference: { - offer: '0001-com-ubuntu-server-jammy' - publisher: 'Canonical' - sku: '22_04-lts' - version: 'latest' - } - osDisk: { - managedDisk: { - storageAccountType: 'Standard_LRS' - } - name: '${resourceName}-osdisk' - writeAcceleratorEnabled: false - caching: 'ReadWrite' - createOption: 'FromImage' - } - } - diagnosticsProfile: { - bootDiagnostics: { - enabled: true - storageUri: 'https://${saName}.blob.core.windows.net/' - } - } - hardwareProfile: { - vmSize: 'Standard_B1s' - } - } -} - resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { name: '${resourceName}-vnet' location: location properties: { - dhcpOptions: { - dnsServers: [] - } - privateEndpointVNetPolicies: 'Disabled' - subnets: [] addressSpace: { addressPrefixes: [ '10.0.0.0/16' ] } + dhcpOptions: { + dnsServers: [] + } + privateEndpointVNetPolicies: 'Disabled' + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { + name: '${resourceName}-subnet' + parent: virtualNetwork + properties: { + addressPrefix: '10.0.10.0/24' + defaultOutboundAccess: true + delegations: [] + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } @@ -190,11 +130,35 @@ resource disk 'Microsoft.Compute/disks@2023-04-02' = { } networkAccessPolicy: 'AllowAll' optimizedForFrequentAttach: false - osType: null publicNetworkAccess: 'Enabled' } } +resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { + name: '${resourceName}-nic' + location: location + properties: { + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + name: 'acctestipconfig' + properties: { + primary: true + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + publicIPAddress: { + id: publicIPAddress.id + } + subnet: { + id: subnet.id + } + } + } + ] + } +} + resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = { name: '${resourceName}-pip' location: location @@ -207,7 +171,7 @@ resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = { protectionMode: 'VirtualNetworkInherited' } dnsSettings: { - domainNameLabel: '${dnsLabel}' + domainNameLabel: dnsLabel } idleTimeoutInMinutes: 4 publicIPAddressVersion: 'IPv4' @@ -215,26 +179,84 @@ resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = { } } -resource backupPolicy 'Microsoft.RecoveryServices/vaults/backupPolicies@2024-10-01' = { - name: '${resourceName}-policy' - parent: vault +resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = { + name: '${resourceName}-vm' + location: location properties: { - schedulePolicy: { - schedulePolicyType: 'SimpleSchedulePolicy' - scheduleRunDays: [] - scheduleRunFrequency: 'Daily' - scheduleRunTimes: [ - '2025-07-03T23:00:00Z' + diagnosticsProfile: { + bootDiagnostics: { + enabled: true + storageUri: 'https://${saName}.blob.core.windows.net/' + } + } + hardwareProfile: { + vmSize: 'Standard_B1s' + } + networkProfile: { + networkInterfaces: [ + { + id: networkInterface.id + properties: { + primary: true + } + } ] } - tieringPolicy: { - ArchivedRP: { - duration: 0 - durationType: 'Invalid' - tieringMode: 'DoNotTier' + osProfile: { + adminPassword: adminPassword + adminUsername: 'vmadmin' + computerName: compName + linuxConfiguration: { + disablePasswordAuthentication: false } } - timeZone: 'UTC' + storageProfile: { + dataDisks: [ + { + createOption: 'Attach' + diskSizeGB: 1023 + lun: 0 + managedDisk: { + id: disk.id + storageAccountType: 'Standard_LRS' + } + name: '${resourceName}-datadisk' + writeAcceleratorEnabled: false + } + { + createOption: 'Empty' + diskSizeGB: 4 + lun: 1 + managedDisk: { + storageAccountType: 'Standard_LRS' + } + name: '${resourceName}-datadisk2' + writeAcceleratorEnabled: false + } + ] + imageReference: { + offer: '0001-com-ubuntu-server-jammy' + publisher: 'Canonical' + sku: '22_04-lts' + version: 'latest' + } + osDisk: { + caching: 'ReadWrite' + createOption: 'FromImage' + managedDisk: { + storageAccountType: 'Standard_LRS' + } + name: '${resourceName}-osdisk' + writeAcceleratorEnabled: false + } + } + } +} + +resource backupPolicy 'Microsoft.RecoveryServices/vaults/backupPolicies@2024-10-01' = { + name: '${resourceName}-policy' + parent: vault + properties: { backupManagementType: 'AzureIaasVM' policyType: 'V1' retentionPolicy: { @@ -249,40 +271,21 @@ resource backupPolicy 'Microsoft.RecoveryServices/vaults/backupPolicies@2024-10- } retentionPolicyType: 'LongTermRetentionPolicy' } - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { - name: '${resourceName}-subnet' - parent: virtualNetwork - properties: { - delegations: [] - privateEndpointNetworkPolicies: 'Disabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] - addressPrefix: '10.0.10.0/24' - defaultOutboundAccess: true - } -} - -resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { - name: '${resourceName}-nic' - location: location - properties: { - enableAcceleratedNetworking: false - enableIPForwarding: false - ipConfigurations: [ - { - name: 'acctestipconfig' - properties: { - publicIPAddress: {} - subnet: {} - primary: true - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - } + schedulePolicy: { + schedulePolicyType: 'SimpleSchedulePolicy' + scheduleRunDays: [] + scheduleRunFrequency: 'Daily' + scheduleRunTimes: [ + '2025-07-03T23:00:00Z' + ] + } + tieringPolicy: { + ArchivedRP: { + duration: 0 + durationType: 'Invalid' + tieringMode: 'DoNotTier' } - ] + } + timeZone: 'UTC' } } diff --git a/settings/remarks/microsoft.recoveryservices/samples/vaults/backupresourceguardproxies/main.bicep b/settings/remarks/microsoft.recoveryservices/samples/vaults/backupresourceguardproxies/main.bicep index 16fee974..c90b9764 100644 --- a/settings/remarks/microsoft.recoveryservices/samples/vaults/backupresourceguardproxies/main.bicep +++ b/settings/remarks/microsoft.recoveryservices/samples/vaults/backupresourceguardproxies/main.bicep @@ -1,14 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource resourceGuard 'Microsoft.DataProtection/resourceGuards@2022-04-01' = { - name: resourceName - location: location - properties: { - vaultCriticalOperationExclusionList: [] - } -} - resource vault 'Microsoft.RecoveryServices/vaults@2022-10-01' = { name: resourceName location: location @@ -27,3 +19,11 @@ resource backupResourceGuardProxy 'Microsoft.RecoveryServices/vaults/backupResou resourceGuardResourceId: resourceGuard.id } } + +resource resourceGuard 'Microsoft.DataProtection/resourceGuards@2022-04-01' = { + name: resourceName + location: location + properties: { + vaultCriticalOperationExclusionList: [] + } +} diff --git a/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationfabrics/main.bicep b/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationfabrics/main.bicep index f15644f6..fb32f83e 100644 --- a/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationfabrics/main.bicep +++ b/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationfabrics/main.bicep @@ -18,7 +18,7 @@ resource replicationFabric2 'Microsoft.RecoveryServices/vaults/replicationFabric properties: { customDetails: { instanceType: 'Azure' - location: '${location}' + location: location } } } diff --git a/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationfabrics/replicationnetworks/replicationnetworkmappings/main.bicep b/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationfabrics/replicationnetworks/replicationnetworkmappings/main.bicep index 31954d10..d76e7f91 100644 --- a/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationfabrics/replicationnetworks/replicationnetworkmappings/main.bicep +++ b/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationfabrics/replicationnetworks/replicationnetworkmappings/main.bicep @@ -1,40 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westus' -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { - name: '${resourceName}-vnet1' - location: location - properties: { - dhcpOptions: { - dnsServers: [] - } - privateEndpointVNetPolicies: 'Disabled' - subnets: [] - addressSpace: { - addressPrefixes: [ - '192.168.1.0/24' - ] - } - } -} - -resource virtualnetwork1 'Microsoft.Network/virtualNetworks@2024-05-01' = { - name: '${resourceName}-vnet2' - location: 'centralus' - properties: { - privateEndpointVNetPolicies: 'Disabled' - subnets: [] - addressSpace: { - addressPrefixes: [ - '192.168.2.0/24' - ] - } - dhcpOptions: { - dnsServers: [] - } - } -} - resource vault 'Microsoft.RecoveryServices/vaults@2024-01-01' = { name: '${resourceName}-rsv' location: location @@ -42,11 +8,11 @@ resource vault 'Microsoft.RecoveryServices/vaults@2024-01-01' = { name: 'Standard' } properties: { + publicNetworkAccess: 'Enabled' redundancySettings: { - standardTierStorageRedundancy: 'GeoRedundant' crossRegionRestore: 'Disabled' + standardTierStorageRedundancy: 'GeoRedundant' } - publicNetworkAccess: 'Enabled' } } @@ -56,7 +22,7 @@ resource replicationFabric 'Microsoft.RecoveryServices/vaults/replicationFabrics properties: { customDetails: { instanceType: 'Azure' - location: '${location}' + location: location } } } @@ -83,3 +49,37 @@ resource replicationNetworkMapping 'Microsoft.RecoveryServices/vaults/replicatio recoveryNetworkId: virtualnetwork1.id } } + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { + name: '${resourceName}-vnet1' + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '192.168.1.0/24' + ] + } + dhcpOptions: { + dnsServers: [] + } + privateEndpointVNetPolicies: 'Disabled' + subnets: [] + } +} + +resource virtualnetwork1 'Microsoft.Network/virtualNetworks@2024-05-01' = { + name: '${resourceName}-vnet2' + location: 'centralus' + properties: { + addressSpace: { + addressPrefixes: [ + '192.168.2.0/24' + ] + } + dhcpOptions: { + dnsServers: [] + } + privateEndpointVNetPolicies: 'Disabled' + subnets: [] + } +} diff --git a/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationfabrics/replicationprotectioncontainers/main.bicep b/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationfabrics/replicationprotectioncontainers/main.bicep index 6e0a1fde..41799b83 100644 --- a/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationfabrics/replicationprotectioncontainers/main.bicep +++ b/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationfabrics/replicationprotectioncontainers/main.bicep @@ -18,7 +18,7 @@ resource replicationFabric 'Microsoft.RecoveryServices/vaults/replicationFabrics properties: { customDetails: { instanceType: 'Azure' - location: '${location}' + location: location } } } diff --git a/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationpolicies/main.bicep b/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationpolicies/main.bicep index a2499a9c..585424c4 100644 --- a/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationpolicies/main.bicep +++ b/settings/remarks/microsoft.recoveryservices/samples/vaults/replicationpolicies/main.bicep @@ -17,11 +17,11 @@ resource replicationPolicy 'Microsoft.RecoveryServices/vaults/replicationPolicie parent: vault properties: { providerSpecificInput: { + appConsistentFrequencyInMinutes: 240 + crashConsistentFrequencyInMinutes: 10 enableMultiVmSync: 'True' instanceType: 'InMageRcm' recoveryPointHistoryInMinutes: 1440 - appConsistentFrequencyInMinutes: 240 - crashConsistentFrequencyInMinutes: 10 } } } diff --git a/settings/remarks/microsoft.resourceconnector/samples/appliances/main.bicep b/settings/remarks/microsoft.resourceconnector/samples/appliances/main.bicep index cbe8ac53..c64dd02e 100644 --- a/settings/remarks/microsoft.resourceconnector/samples/appliances/main.bicep +++ b/settings/remarks/microsoft.resourceconnector/samples/appliances/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westus' +param resourceName string = 'acctest0001' resource appliance 'Microsoft.ResourceConnector/appliances@2022-10-27' = { name: '${resourceName}-appliance' diff --git a/settings/remarks/microsoft.resources/samples/deployments/main.bicep b/settings/remarks/microsoft.resources/samples/deployments/main.bicep index 918c5b87..f97c88fa 100644 --- a/settings/remarks/microsoft.resources/samples/deployments/main.bicep +++ b/settings/remarks/microsoft.resources/samples/deployments/main.bicep @@ -6,6 +6,22 @@ resource deployment 'Microsoft.Resources/deployments@2020-06-01' = { properties: { mode: 'Complete' template: { + '$schema': 'https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#' + contentVersion: '1.0.0.0' + parameters: { + storageAccountType: { + allowedValues: [ + 'Standard_LRS' + 'Standard_GRS' + 'Standard_ZRS' + ] + defaultValue: 'Standard_LRS' + metadata: { + description: 'Storage Account type' + } + type: 'string' + } + } resources: [ { apiVersion: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} @@ -17,16 +33,16 @@ resource deployment 'Microsoft.Resources/deployments@2020-06-01' = { type: 'Microsoft.Storage/storageAccounts' } { - type: 'Microsoft.Network/publicIPAddresses' apiVersion: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} location: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} name: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} properties: { - publicIPAllocationMethod: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} dnsSettings: { domainNameLabel: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} } + publicIPAllocationMethod: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} } + type: 'Microsoft.Network/publicIPAddresses' } ] variables: { @@ -37,22 +53,6 @@ resource deployment 'Microsoft.Resources/deployments@2020-06-01' = { publicIPAddressType: 'Dynamic' storageAccountName: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} } - '$schema': 'https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#' - contentVersion: '1.0.0.0' - parameters: { - storageAccountType: { - defaultValue: 'Standard_LRS' - metadata: { - description: 'Storage Account type' - } - type: 'string' - allowedValues: [ - 'Standard_LRS' - 'Standard_GRS' - 'Standard_ZRS' - ] - } - } } } } diff --git a/settings/remarks/microsoft.resources/samples/deploymentscripts/main.bicep b/settings/remarks/microsoft.resources/samples/deploymentscripts/main.bicep index 9bb65e58..126661cf 100644 --- a/settings/remarks/microsoft.resources/samples/deploymentscripts/main.bicep +++ b/settings/remarks/microsoft.resources/samples/deploymentscripts/main.bicep @@ -6,16 +6,14 @@ resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { location: location kind: 'AzurePowerShell' properties: { - supportingScriptUris: null - timeout: 'P1D' azPowerShellVersion: '8.3' cleanupPreference: 'Always' - environmentVariables: null retentionInterval: 'P1D' scriptContent: ''' $output = ''Hello'' Write-Output $output $DeploymentScriptOutputs = @{} $DeploymentScriptOutputs[''text''] = $output ''' + timeout: 'P1D' } } diff --git a/settings/remarks/microsoft.search/samples/searchservices/main.bicep b/settings/remarks/microsoft.search/samples/searchservices/main.bicep index a72638ae..d7cac566 100644 --- a/settings/remarks/microsoft.search/samples/searchservices/main.bicep +++ b/settings/remarks/microsoft.search/samples/searchservices/main.bicep @@ -8,14 +8,14 @@ resource searchService 'Microsoft.Search/searchServices@2022-09-01' = { name: 'standard' } properties: { - disableLocalAuth: false - hostingMode: 'default' authOptions: { apiKeyOnly: {} } + disableLocalAuth: false encryptionWithCmk: { enforcement: 'Disabled' } + hostingMode: 'default' networkRuleSet: { ipRules: [] } diff --git a/settings/remarks/microsoft.search/samples/searchservices/sharedprivatelinkresources/main.bicep b/settings/remarks/microsoft.search/samples/searchservices/sharedprivatelinkresources/main.bicep index ae7125ac..a32e2f08 100644 --- a/settings/remarks/microsoft.search/samples/searchservices/sharedprivatelinkresources/main.bicep +++ b/settings/remarks/microsoft.search/samples/searchservices/sharedprivatelinkresources/main.bicep @@ -8,12 +8,6 @@ resource searchService 'Microsoft.Search/searchServices@2022-09-01' = { name: 'standard' } properties: { - hostingMode: 'default' - networkRuleSet: { - ipRules: [] - } - partitionCount: 1 - replicaCount: 1 authOptions: { apiKeyOnly: {} } @@ -21,7 +15,13 @@ resource searchService 'Microsoft.Search/searchServices@2022-09-01' = { encryptionWithCmk: { enforcement: 'Disabled' } + hostingMode: 'default' + networkRuleSet: { + ipRules: [] + } + partitionCount: 1 publicNetworkAccess: 'Enabled' + replicaCount: 1 } tags: { environment: 'staging' @@ -37,6 +37,9 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { kind: 'StorageV2' properties: { accessTier: 'Hot' + allowBlobPublicAccess: true + allowCrossTenantReplication: true + allowSharedKeyAccess: true defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' @@ -52,15 +55,12 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { isHnsEnabled: false isNfsV3Enabled: false isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } - supportsHttpsTrafficOnly: true - allowBlobPublicAccess: true - allowCrossTenantReplication: true - allowSharedKeyAccess: true - minimumTlsVersion: 'TLS1_2' publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true } } diff --git a/settings/remarks/microsoft.security/samples/advancedthreatprotectionsettings/main.bicep b/settings/remarks/microsoft.security/samples/advancedthreatprotectionsettings/main.bicep index 15411c91..9eb52fea 100644 --- a/settings/remarks/microsoft.security/samples/advancedthreatprotectionsettings/main.bicep +++ b/settings/remarks/microsoft.security/samples/advancedthreatprotectionsettings/main.bicep @@ -9,31 +9,31 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { + accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: true allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { - table: { + queue: { keyType: 'Service' } - queue: { + table: { keyType: 'Service' } } } + isHnsEnabled: false isNfsV3Enabled: false isSftpEnabled: false minimumTlsVersion: 'TLS1_2' - defaultToOAuthAuthentication: false - isHnsEnabled: false networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' supportsHttpsTrafficOnly: true - accessTier: 'Hot' } tags: { environment: 'production' diff --git a/settings/remarks/microsoft.security/samples/assessments/main-rg-module.bicep b/settings/remarks/microsoft.security/samples/assessments/main-rg-module.bicep index 1b0974e1..bccd75b0 100644 --- a/settings/remarks/microsoft.security/samples/assessments/main-rg-module.bicep +++ b/settings/remarks/microsoft.security/samples/assessments/main-rg-module.bicep @@ -4,36 +4,6 @@ param location string = 'westus' @description('The administrator password for the virtual machine scale set') param adminPassword string -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { - name: '${resourceName}-vnet' - location: location - properties: { - dhcpOptions: { - dnsServers: [] - } - privateEndpointVNetPolicies: 'Disabled' - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { - name: 'internal' - parent: virtualNetwork - properties: { - addressPrefix: '10.0.2.0/24' - defaultOutboundAccess: true - delegations: [] - privateEndpointNetworkPolicies: 'Disabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] - } -} - resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2024-11-01' = { name: '${resourceName}-vmss' location: location @@ -42,45 +12,15 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2024- name: 'Standard_B1s' } properties: { + additionalCapabilities: {} + doNotRunExtensionsOnOverprovisionedVMs: false + orchestrationMode: 'Uniform' overprovision: true singlePlacementGroup: true upgradePolicy: { mode: 'Manual' } virtualMachineProfile: { - osProfile: { - computerNamePrefix: '${resourceName}-vmss' - linuxConfiguration: { - disablePasswordAuthentication: false - provisionVMAgent: true - ssh: { - publicKeys: [] - } - } - secrets: [] - adminPassword: adminPassword - adminUsername: 'adminuser' - allowExtensionOperations: true - } - priority: 'Regular' - storageProfile: { - dataDisks: [] - imageReference: { - offer: '0001-com-ubuntu-server-jammy' - publisher: 'Canonical' - sku: '22_04-lts' - version: 'latest' - } - osDisk: { - writeAcceleratorEnabled: false - caching: 'ReadWrite' - createOption: 'FromImage' - managedDisk: { - storageAccountType: 'Standard_LRS' - } - osType: 'Linux' - } - } diagnosticsProfile: { bootDiagnostics: { enabled: false @@ -104,13 +44,15 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2024- { name: 'internal' properties: { - privateIPAddressVersion: 'IPv4' - subnet: {} applicationGatewayBackendAddressPools: [] applicationSecurityGroups: [] loadBalancerBackendAddressPools: [] loadBalancerInboundNatPools: [] primary: true + privateIPAddressVersion: 'IPv4' + subnet: { + id: subnet.id + } } } ] @@ -119,10 +61,40 @@ resource virtualMachineScaleSet 'Microsoft.Compute/virtualMachineScaleSets@2024- } ] } + osProfile: { + adminPassword: adminPassword + adminUsername: 'adminuser' + allowExtensionOperations: true + computerNamePrefix: '${resourceName}-vmss' + linuxConfiguration: { + disablePasswordAuthentication: false + provisionVMAgent: true + ssh: { + publicKeys: [] + } + } + secrets: [] + } + priority: 'Regular' + storageProfile: { + dataDisks: [] + imageReference: { + offer: '0001-com-ubuntu-server-jammy' + publisher: 'Canonical' + sku: '22_04-lts' + version: 'latest' + } + osDisk: { + caching: 'ReadWrite' + createOption: 'FromImage' + managedDisk: { + storageAccountType: 'Standard_LRS' + } + osType: 'Linux' + writeAcceleratorEnabled: false + } + } } - additionalCapabilities: {} - doNotRunExtensionsOnOverprovisionedVMs: false - orchestrationMode: 'Uniform' } } @@ -130,14 +102,44 @@ resource assessment 'Microsoft.Security/assessments@2020-01-01' = { name: 'fdaaa62c-1d42-45ab-be2f-2af194dd1700' scope: virtualMachineScaleSet properties: { + additionalData: {} + resourceDetails: { + source: 'Azure' + } status: { cause: '' code: 'Healthy' description: '' } - additionalData: {} - resourceDetails: { - source: 'Azure' + } +} + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { + name: '${resourceName}-vnet' + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] } + dhcpOptions: { + dnsServers: [] + } + privateEndpointVNetPolicies: 'Disabled' + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { + name: 'internal' + parent: virtualNetwork + properties: { + addressPrefix: '10.0.2.0/24' + defaultOutboundAccess: true + delegations: [] + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.security/samples/assessments/main.bicep b/settings/remarks/microsoft.security/samples/assessments/main.bicep index 809a6bfc..4a2d7fb5 100644 --- a/settings/remarks/microsoft.security/samples/assessments/main.bicep +++ b/settings/remarks/microsoft.security/samples/assessments/main.bicep @@ -34,8 +34,8 @@ module module1 'main-rg-module.bicep' = { name: 'deploy-rg-resources' scope: resourceGroup params: { - adminPassword: adminPassword resourceName: resourceName + adminPassword: adminPassword location: location } } diff --git a/settings/remarks/microsoft.security/samples/automations/main.bicep b/settings/remarks/microsoft.security/samples/automations/main.bicep index 12a682c6..e27a1bfd 100644 --- a/settings/remarks/microsoft.security/samples/automations/main.bicep +++ b/settings/remarks/microsoft.security/samples/automations/main.bicep @@ -9,6 +9,7 @@ resource automation 'Microsoft.Security/automations@2019-01-01-preview' = { scopes: [ { description: 'Security Export for the subscription' + scopePath: resourceGroup().id } ] sources: [ @@ -49,49 +50,49 @@ resource automation 'Microsoft.Security/automations@2019-01-01-preview' = { eventSource: 'SubAssessmentsSnapshot' } { + eventSource: 'Alerts' ruleSets: [ { rules: [ { - operator: 'Equals' propertyJPath: 'Severity' propertyType: 'String' expectedValue: 'low' + operator: 'Equals' } ] } { rules: [ { + propertyJPath: 'Severity' propertyType: 'String' expectedValue: 'medium' operator: 'Equals' - propertyJPath: 'Severity' } ] } { rules: [ { - operator: 'Equals' propertyJPath: 'Severity' propertyType: 'String' expectedValue: 'high' + operator: 'Equals' } ] } { rules: [ { + propertyJPath: 'Severity' propertyType: 'String' expectedValue: 'informational' operator: 'Equals' - propertyJPath: 'Severity' } ] } ] - eventSource: 'Alerts' } { eventSource: 'SecureScores' @@ -114,6 +115,7 @@ resource automation 'Microsoft.Security/automations@2019-01-01-preview' = { ] actions: [ { + workspaceResourceId: workspace.id actionType: 'Workspace' } ] @@ -124,12 +126,6 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { - sku: { - name: 'PerGB2018' - } - workspaceCapping: { - dailyQuotaGb: -1 - } features: { disableLocalAuth: false enableLogAccessUsingOnlyResourcePermissions: true @@ -137,5 +133,11 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' retentionInDays: 30 + sku: { + name: 'PerGB2018' + } + workspaceCapping: { + dailyQuotaGb: -1 + } } } diff --git a/settings/remarks/microsoft.security/samples/iotsecuritysolutions/main.bicep b/settings/remarks/microsoft.security/samples/iotsecuritysolutions/main.bicep index 216f888b..f123460e 100644 --- a/settings/remarks/microsoft.security/samples/iotsecuritysolutions/main.bicep +++ b/settings/remarks/microsoft.security/samples/iotsecuritysolutions/main.bicep @@ -1,19 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource iotSecuritySolution 'Microsoft.Security/iotSecuritySolutions@2019-08-01' = { - name: resourceName - location: location - properties: { - displayName: 'Iot Security Solution' - iotHubs: [ - iotHub.id - ] - status: 'Enabled' - unmaskedIpLoggingStatus: 'Disabled' - } -} - resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { name: resourceName location: location @@ -38,3 +25,16 @@ resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { storageEndpoints: {} } } + +resource iotSecuritySolution 'Microsoft.Security/iotSecuritySolutions@2019-08-01' = { + name: resourceName + location: location + properties: { + displayName: 'Iot Security Solution' + iotHubs: [ + iotHub.id + ] + status: 'Enabled' + unmaskedIpLoggingStatus: 'Disabled' + } +} diff --git a/settings/remarks/microsoft.security/samples/securitycontacts/main.bicep b/settings/remarks/microsoft.security/samples/securitycontacts/main.bicep index 868dd3d0..d7f2cee4 100644 --- a/settings/remarks/microsoft.security/samples/securitycontacts/main.bicep +++ b/settings/remarks/microsoft.security/samples/securitycontacts/main.bicep @@ -6,9 +6,9 @@ param location string = 'eastus' resource securityContact 'Microsoft.Security/securityContacts@2017-08-01-preview' = { name: resourceName properties: { - email: 'basic@example.com' - phone: '+1-555-555-5555' alertNotifications: 'On' alertsToAdmins: 'On' + email: 'basic@example.com' + phone: '+1-555-555-5555' } } diff --git a/settings/remarks/microsoft.security/samples/workspacesettings/main.bicep b/settings/remarks/microsoft.security/samples/workspacesettings/main.bicep index a1514568..31bb94ba 100644 --- a/settings/remarks/microsoft.security/samples/workspacesettings/main.bicep +++ b/settings/remarks/microsoft.security/samples/workspacesettings/main.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource resourceGroup 'Microsoft.Resources/resourceGroups@2020-06-01' = { name: resourceName diff --git a/settings/remarks/microsoft.securityinsights/samples/alertrules/main.bicep b/settings/remarks/microsoft.securityinsights/samples/alertrules/main.bicep index 34d5309b..0abee6b6 100644 --- a/settings/remarks/microsoft.securityinsights/samples/alertrules/main.bicep +++ b/settings/remarks/microsoft.securityinsights/samples/alertrules/main.bicep @@ -5,12 +5,6 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { - sku: { - name: 'PerGB2018' - } - workspaceCapping: { - dailyQuotaGb: -1 - } features: { disableLocalAuth: false enableLogAccessUsingOnlyResourcePermissions: true @@ -18,6 +12,12 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' retentionInDays: 30 + sku: { + name: 'PerGB2018' + } + workspaceCapping: { + dailyQuotaGb: -1 + } } } @@ -37,18 +37,18 @@ resource alertRule 'Microsoft.SecurityInsights/alertRules@2022-10-01-preview' = ] kind: 'NRT' properties: { + description: '' + displayName: 'Some Rule' + enabled: true query: '''AzureActivity | where OperationName == "Create or Update Virtual Machine" or OperationName =="Create Deployment" | where ActivityStatus == "Succeeded" | make-series dcount(ResourceId) default=0 on EventSubmissionTimestamp in range(ago(7d), now(), 1d) by Caller ''' severity: 'High' + suppressionDuration: 'PT5H' suppressionEnabled: false tactics: [] techniques: [] - enabled: true - suppressionDuration: 'PT5H' - description: '' - displayName: 'Some Rule' } } diff --git a/settings/remarks/microsoft.securityinsights/samples/automationrules/main.bicep b/settings/remarks/microsoft.securityinsights/samples/automationrules/main.bicep index f0fd5308..2416bf1e 100644 --- a/settings/remarks/microsoft.securityinsights/samples/automationrules/main.bicep +++ b/settings/remarks/microsoft.securityinsights/samples/automationrules/main.bicep @@ -5,6 +5,10 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { + features: { + disableLocalAuth: false + enableLogAccessUsingOnlyResourcePermissions: true + } publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' retentionInDays: 30 @@ -14,10 +18,6 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { workspaceCapping: { dailyQuotaGb: -1 } - features: { - disableLocalAuth: false - enableLogAccessUsingOnlyResourcePermissions: true - } } } diff --git a/settings/remarks/microsoft.securityinsights/samples/dataconnectors/main.bicep b/settings/remarks/microsoft.securityinsights/samples/dataconnectors/main.bicep index 09f9bd27..98c7d6cd 100644 --- a/settings/remarks/microsoft.securityinsights/samples/dataconnectors/main.bicep +++ b/settings/remarks/microsoft.securityinsights/samples/dataconnectors/main.bicep @@ -1,10 +1,15 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { + features: { + disableLocalAuth: false + enableLogAccessUsingOnlyResourcePermissions: true + } + publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' retentionInDays: 30 sku: { @@ -13,11 +18,6 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { workspaceCapping: { dailyQuotaGb: -1 } - features: { - disableLocalAuth: false - enableLogAccessUsingOnlyResourcePermissions: true - } - publicNetworkAccessForIngestion: 'Enabled' } } diff --git a/settings/remarks/microsoft.securityinsights/samples/metadata/main.bicep b/settings/remarks/microsoft.securityinsights/samples/metadata/main.bicep index 3645bb6c..ad54630b 100644 --- a/settings/remarks/microsoft.securityinsights/samples/metadata/main.bicep +++ b/settings/remarks/microsoft.securityinsights/samples/metadata/main.bicep @@ -37,18 +37,18 @@ resource alertRule 'Microsoft.SecurityInsights/alertRules@2022-10-01-preview' = ] kind: 'NRT' properties: { + description: '' displayName: 'Some Rule' enabled: true - suppressionDuration: 'PT5H' - tactics: [] - description: '' query: '''AzureActivity | where OperationName == "Create or Update Virtual Machine" or OperationName =="Create Deployment" | where ActivityStatus == "Succeeded" | make-series dcount(ResourceId) default=0 on EventSubmissionTimestamp in range(ago(7d), now(), 1d) by Caller ''' severity: 'High' + suppressionDuration: 'PT5H' suppressionEnabled: false + tactics: [] techniques: [] } } @@ -57,9 +57,9 @@ resource metadata 'Microsoft.SecurityInsights/metadata@2022-10-01-preview' = { name: resourceName scope: workspace properties: { - parentId: alertRule.id contentId: resourceName contentSchemaVersion: '2.0' kind: 'AnalyticsRule' + parentId: alertRule.id } } diff --git a/settings/remarks/microsoft.securityinsights/samples/onboardingstates/main.bicep b/settings/remarks/microsoft.securityinsights/samples/onboardingstates/main.bicep index 0753bc6e..d2325ddf 100644 --- a/settings/remarks/microsoft.securityinsights/samples/onboardingstates/main.bicep +++ b/settings/remarks/microsoft.securityinsights/samples/onboardingstates/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName diff --git a/settings/remarks/microsoft.securityinsights/samples/watchlists/watchlistitems/main.bicep b/settings/remarks/microsoft.securityinsights/samples/watchlists/watchlistitems/main.bicep index d4682c29..10139a2a 100644 --- a/settings/remarks/microsoft.securityinsights/samples/watchlists/watchlistitems/main.bicep +++ b/settings/remarks/microsoft.securityinsights/samples/watchlists/watchlistitems/main.bicep @@ -5,12 +5,9 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: resourceName location: location properties: { - workspaceCapping: { - dailyQuotaGb: -1 - } features: { - enableLogAccessUsingOnlyResourcePermissions: true disableLocalAuth: false + enableLogAccessUsingOnlyResourcePermissions: true } publicNetworkAccessForIngestion: 'Enabled' publicNetworkAccessForQuery: 'Enabled' @@ -18,6 +15,9 @@ resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { sku: { name: 'PerGB2018' } + workspaceCapping: { + dailyQuotaGb: -1 + } } } @@ -36,10 +36,10 @@ resource watchlist 'Microsoft.SecurityInsights/watchlists@2022-11-01' = { onboardingState ] properties: { - source: '' displayName: 'test' itemsSearchKey: 'k1' provider: 'Microsoft' + source: '' } } diff --git a/settings/remarks/microsoft.servicebus/samples/namespaces/disasterrecoveryconfigs/main-rg-module.bicep b/settings/remarks/microsoft.servicebus/samples/namespaces/disasterrecoveryconfigs/main-rg-module.bicep index e9eda20e..3db950c4 100644 --- a/settings/remarks/microsoft.servicebus/samples/namespaces/disasterrecoveryconfigs/main-rg-module.bicep +++ b/settings/remarks/microsoft.servicebus/samples/namespaces/disasterrecoveryconfigs/main-rg-module.bicep @@ -11,10 +11,18 @@ resource namespace 'Microsoft.ServiceBus/namespaces@2022-10-01-preview' = { tier: 'Premium' } properties: { - premiumMessagingPartitions: 1 - publicNetworkAccess: 'Enabled' disableLocalAuth: false minimumTlsVersion: '1.2' + premiumMessagingPartitions: 1 + publicNetworkAccess: 'Enabled' + } +} + +resource disasterRecoveryConfig 'Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs@2021-06-01-preview' = { + name: '${resourceName}alias' + parent: namespace + properties: { + partnerNamespace: namespace1.id } } @@ -22,22 +30,14 @@ resource namespace1 'Microsoft.ServiceBus/namespaces@2022-10-01-preview' = { name: '${resourceName}ns2' location: secondaryLocation sku: { - tier: 'Premium' capacity: 1 name: 'Premium' + tier: 'Premium' } properties: { - publicNetworkAccess: 'Enabled' disableLocalAuth: false minimumTlsVersion: '1.2' premiumMessagingPartitions: 1 - } -} - -resource disasterRecoveryConfig 'Microsoft.ServiceBus/namespaces/disasterRecoveryConfigs@2021-06-01-preview' = { - name: '${resourceName}alias' - parent: namespace - properties: { - partnerNamespace: namespace1.id + publicNetworkAccess: 'Enabled' } } diff --git a/settings/remarks/microsoft.servicebus/samples/namespaces/disasterrecoveryconfigs/main.bicep b/settings/remarks/microsoft.servicebus/samples/namespaces/disasterrecoveryconfigs/main.bicep index b492f00b..9a81d58c 100644 --- a/settings/remarks/microsoft.servicebus/samples/namespaces/disasterrecoveryconfigs/main.bicep +++ b/settings/remarks/microsoft.servicebus/samples/namespaces/disasterrecoveryconfigs/main.bicep @@ -1,25 +1,25 @@ targetScope = 'subscription' -param resourceName string = 'acctest0001' param location string = 'westus' param secondaryLocation string = 'centralus' - -resource resourceGroup 'Microsoft.Resources/resourceGroups@2020-06-01' = { - name: resourceName - location: location -} +param resourceName string = 'acctest0001' resource resourcegroup1 'Microsoft.Resources/resourceGroups@2020-06-01' = { name: '${resourceName}rg2' location: secondaryLocation } +resource resourceGroup 'Microsoft.Resources/resourceGroups@2020-06-01' = { + name: resourceName + location: location +} + module module1 'main-rg-module.bicep' = { name: 'deploy-rg-resources' - scope: resourceGroup + scope: resourcegroup1 params: { - secondaryLocation: secondaryLocation resourceName: resourceName location: location + secondaryLocation: secondaryLocation } } diff --git a/settings/remarks/microsoft.servicebus/samples/namespaces/queues/authorizationrules/main.bicep b/settings/remarks/microsoft.servicebus/samples/namespaces/queues/authorizationrules/main.bicep index e76fe83d..79911bdd 100644 --- a/settings/remarks/microsoft.servicebus/samples/namespaces/queues/authorizationrules/main.bicep +++ b/settings/remarks/microsoft.servicebus/samples/namespaces/queues/authorizationrules/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource namespace 'Microsoft.ServiceBus/namespaces@2022-01-01-preview' = { name: resourceName @@ -21,14 +21,14 @@ resource queue 'Microsoft.ServiceBus/namespaces/queues@2021-06-01-preview' = { parent: namespace properties: { deadLetteringOnMessageExpiration: false + enableBatchedOperations: true enableExpress: false enablePartitioning: true maxDeliveryCount: 10 - requiresDuplicateDetection: false - status: 'Active' - enableBatchedOperations: true maxSizeInMegabytes: 81920 + requiresDuplicateDetection: false requiresSession: false + status: 'Active' } } diff --git a/settings/remarks/microsoft.servicebus/samples/namespaces/queues/main.bicep b/settings/remarks/microsoft.servicebus/samples/namespaces/queues/main.bicep index 52260390..80349bb1 100644 --- a/settings/remarks/microsoft.servicebus/samples/namespaces/queues/main.bicep +++ b/settings/remarks/microsoft.servicebus/samples/namespaces/queues/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource namespace 'Microsoft.ServiceBus/namespaces@2022-01-01-preview' = { name: resourceName @@ -20,14 +20,14 @@ resource queue 'Microsoft.ServiceBus/namespaces/queues@2021-06-01-preview' = { name: resourceName parent: namespace properties: { - requiresDuplicateDetection: false - requiresSession: false - status: 'Active' deadLetteringOnMessageExpiration: false - enablePartitioning: true - maxDeliveryCount: 10 enableBatchedOperations: true enableExpress: false + enablePartitioning: true + maxDeliveryCount: 10 maxSizeInMegabytes: 81920 + requiresDuplicateDetection: false + requiresSession: false + status: 'Active' } } diff --git a/settings/remarks/microsoft.servicebus/samples/namespaces/topics/authorizationrules/main.bicep b/settings/remarks/microsoft.servicebus/samples/namespaces/topics/authorizationrules/main.bicep index 5b32922d..9570bc68 100644 --- a/settings/remarks/microsoft.servicebus/samples/namespaces/topics/authorizationrules/main.bicep +++ b/settings/remarks/microsoft.servicebus/samples/namespaces/topics/authorizationrules/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource namespace 'Microsoft.ServiceBus/namespaces@2022-01-01-preview' = { name: resourceName @@ -20,13 +20,13 @@ resource topic 'Microsoft.ServiceBus/namespaces/topics@2021-06-01-preview' = { name: resourceName parent: namespace properties: { + enableBatchedOperations: false + enableExpress: false + enablePartitioning: false maxSizeInMegabytes: 5120 requiresDuplicateDetection: false status: 'Active' supportOrdering: false - enableBatchedOperations: false - enableExpress: false - enablePartitioning: false } } diff --git a/settings/remarks/microsoft.servicebus/samples/namespaces/topics/subscriptions/main.bicep b/settings/remarks/microsoft.servicebus/samples/namespaces/topics/subscriptions/main.bicep index 2896e5ad..6c916eab 100644 --- a/settings/remarks/microsoft.servicebus/samples/namespaces/topics/subscriptions/main.bicep +++ b/settings/remarks/microsoft.servicebus/samples/namespaces/topics/subscriptions/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource namespace 'Microsoft.ServiceBus/namespaces@2022-01-01-preview' = { name: resourceName @@ -34,13 +34,13 @@ resource subscription 'Microsoft.ServiceBus/namespaces/topics/subscriptions@2021 name: resourceName parent: topic properties: { - deadLetteringOnMessageExpiration: false - isClientAffine: false - maxDeliveryCount: 10 - status: 'Active' clientAffineProperties: {} deadLetteringOnFilterEvaluationExceptions: true + deadLetteringOnMessageExpiration: false enableBatchedOperations: false + isClientAffine: false + maxDeliveryCount: 10 requiresSession: false + status: 'Active' } } diff --git a/settings/remarks/microsoft.servicebus/samples/namespaces/topics/subscriptions/rules/main.bicep b/settings/remarks/microsoft.servicebus/samples/namespaces/topics/subscriptions/rules/main.bicep index 3ba66764..ce29b04d 100644 --- a/settings/remarks/microsoft.servicebus/samples/namespaces/topics/subscriptions/rules/main.bicep +++ b/settings/remarks/microsoft.servicebus/samples/namespaces/topics/subscriptions/rules/main.bicep @@ -1,18 +1,18 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource namespace 'Microsoft.ServiceBus/namespaces@2022-01-01-preview' = { name: resourceName location: location sku: { - tier: 'Standard' capacity: 0 name: 'Standard' + tier: 'Standard' } properties: { - zoneRedundant: false disableLocalAuth: false publicNetworkAccess: 'Enabled' + zoneRedundant: false } } @@ -34,13 +34,13 @@ resource subscription 'Microsoft.ServiceBus/namespaces/topics/subscriptions@2021 name: resourceName parent: topic properties: { - enableBatchedOperations: false - isClientAffine: false - requiresSession: false clientAffineProperties: {} deadLetteringOnFilterEvaluationExceptions: true deadLetteringOnMessageExpiration: false + enableBatchedOperations: false + isClientAffine: false maxDeliveryCount: 10 + requiresSession: false status: 'Active' } } @@ -50,13 +50,13 @@ resource rule 'Microsoft.ServiceBus/namespaces/topics/subscriptions/rules@2021-0 parent: subscription properties: { correlationFilter: { + contentType: 'test_content_type' correlationId: 'test_correlation_id' label: 'test_label' messageId: 'test_message_id' + replyTo: 'test_reply_to' replyToSessionId: 'test_reply_to_session_id' sessionId: 'test_session_id' - contentType: 'test_content_type' - replyTo: 'test_reply_to' to: 'test_to' } filterType: 'CorrelationFilter' diff --git a/settings/remarks/microsoft.servicefabric/samples/clusters/main.bicep b/settings/remarks/microsoft.servicefabric/samples/clusters/main.bicep index dea70c95..de2f7d17 100644 --- a/settings/remarks/microsoft.servicefabric/samples/clusters/main.bicep +++ b/settings/remarks/microsoft.servicefabric/samples/clusters/main.bicep @@ -5,25 +5,25 @@ resource cluster 'Microsoft.ServiceFabric/clusters@2021-06-01' = { name: resourceName location: location properties: { - upgradeMode: 'Automatic' - vmImage: 'Windows' addOnFeatures: [] fabricSettings: [] managementEndpoint: 'http://example:80' nodeTypes: [ { capacities: {} + clientConnectionEndpointPort: 2020 durabilityLevel: 'Bronze' httpGatewayEndpointPort: 80 isPrimary: true isStateless: false - name: 'first' - vmInstanceCount: 3 - clientConnectionEndpointPort: 2020 multipleAvailabilityZones: false + name: 'first' placementProperties: {} + vmInstanceCount: 3 } ] reliabilityLevel: 'Bronze' + upgradeMode: 'Automatic' + vmImage: 'Windows' } } diff --git a/settings/remarks/microsoft.servicefabric/samples/managedclusters/main.bicep b/settings/remarks/microsoft.servicefabric/samples/managedclusters/main.bicep index 2b8a78e6..a86e4c07 100644 --- a/settings/remarks/microsoft.servicefabric/samples/managedclusters/main.bicep +++ b/settings/remarks/microsoft.servicefabric/samples/managedclusters/main.bicep @@ -1,10 +1,10 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The administrator username for the Service Fabric managed cluster') param adminUsername string @secure() @description('The administrator password for the Service Fabric managed cluster') param adminPassword string +param resourceName string = 'acctest0001' resource managedCluster 'Microsoft.ServiceFabric/managedClusters@2021-05-01' = { name: resourceName @@ -13,6 +13,24 @@ resource managedCluster 'Microsoft.ServiceFabric/managedClusters@2021-05-01' = { name: 'Standard' } properties: { + addonFeatures: [ + 'DnsService' + ] + adminPassword: adminPassword + adminUserName: adminUsername + clientConnectionPort: 12345 + clusterUpgradeCadence: 'Wave0' + dnsName: resourceName + httpGatewayConnectionPort: 23456 + loadBalancingRules: [ + { + backendPort: 8000 + frontendPort: 443 + probeProtocol: 'http' + probeRequestPath: '/' + protocol: 'tcp' + } + ] networkSecurityRules: [ { access: 'allow' @@ -22,10 +40,10 @@ resource managedCluster 'Microsoft.ServiceFabric/managedClusters@2021-05-01' = { destinationPortRanges: [ '443' ] + direction: 'inbound' name: 'rule443-allow-fe' priority: 1000 protocol: 'tcp' - direction: 'inbound' sourceAddressPrefixes: [ '0.0.0.0/0' ] @@ -34,24 +52,6 @@ resource managedCluster 'Microsoft.ServiceFabric/managedClusters@2021-05-01' = { ] } ] - addonFeatures: [ - 'DnsService' - ] - adminUserName: '${adminUsername}' - clientConnectionPort: 12345 - clusterUpgradeCadence: 'Wave0' - dnsName: '${resourceName}' - httpGatewayConnectionPort: 23456 - loadBalancingRules: [ - { - backendPort: 8000 - frontendPort: 443 - probeProtocol: 'http' - probeRequestPath: '/' - protocol: 'tcp' - } - ] - adminPassword: '${adminPassword}' } tags: { Test: 'value' diff --git a/settings/remarks/microsoft.servicefabric/samples/managedclusters/nodetypes/main.bicep b/settings/remarks/microsoft.servicefabric/samples/managedclusters/nodetypes/main.bicep index c476720f..3e548b23 100644 --- a/settings/remarks/microsoft.servicefabric/samples/managedclusters/nodetypes/main.bicep +++ b/settings/remarks/microsoft.servicefabric/samples/managedclusters/nodetypes/main.bicep @@ -13,14 +13,26 @@ resource managedCluster 'Microsoft.ServiceFabric/managedClusters@2021-05-01' = { name: 'Standard' } properties: { - dnsName: '${resourceName}' + addonFeatures: [ + 'DnsService' + ] + adminPassword: adminPassword + adminUserName: adminUsername + clientConnectionPort: 12345 + clusterUpgradeCadence: 'Wave0' + dnsName: resourceName httpGatewayConnectionPort: 23456 - networkSecurityRules: [ + loadBalancingRules: [ { + backendPort: 8000 + frontendPort: 443 + probeProtocol: 'http' + probeRequestPath: '/' protocol: 'tcp' - sourcePortRanges: [ - '1-65535' - ] + } + ] + networkSecurityRules: [ + { access: 'allow' destinationAddressPrefixes: [ '0.0.0.0/0' @@ -29,29 +41,17 @@ resource managedCluster 'Microsoft.ServiceFabric/managedClusters@2021-05-01' = { '443' ] direction: 'inbound' - sourceAddressPrefixes: [ - '0.0.0.0/0' - ] name: 'rule443-allow-fe' priority: 1000 - } - ] - addonFeatures: [ - 'DnsService' - ] - adminPassword: '${adminPassword}' - clientConnectionPort: 12345 - clusterUpgradeCadence: 'Wave0' - loadBalancingRules: [ - { - probeProtocol: 'http' - probeRequestPath: '/' protocol: 'tcp' - backendPort: 8000 - frontendPort: 443 + sourceAddressPrefixes: [ + '0.0.0.0/0' + ] + sourcePortRanges: [ + '1-65535' + ] } ] - adminUserName: '${adminUsername}' } tags: { Test: 'value' @@ -62,27 +62,27 @@ resource nodeType 'Microsoft.ServiceFabric/managedClusters/nodeTypes@2021-05-01' name: resourceName parent: managedCluster properties: { - isPrimary: true - vmImageVersion: 'latest' - capacities: {} - isStateless: false - vmImageOffer: 'WindowsServer' - vmImagePublisher: 'MicrosoftWindowsServer' - vmSecrets: [] applicationPorts: { endPort: 9000 startPort: 7000 } + capacities: {} dataDiskSizeGB: 130 - multiplePlacementGroups: false - vmSize: 'Standard_DS2_v2' - vmInstanceCount: 5 dataDiskType: 'Standard_LRS' ephemeralPorts: { endPort: 20000 startPort: 10000 } + isPrimary: true + isStateless: false + multiplePlacementGroups: false placementProperties: {} + vmImageOffer: 'WindowsServer' + vmImagePublisher: 'MicrosoftWindowsServer' vmImageSku: '2016-Datacenter' + vmImageVersion: 'latest' + vmInstanceCount: 5 + vmSecrets: [] + vmSize: 'Standard_DS2_v2' } } diff --git a/settings/remarks/microsoft.servicelinker/samples/linkers/main.bicep b/settings/remarks/microsoft.servicelinker/samples/linkers/main.bicep index 2f4dd14f..e3189a3c 100644 --- a/settings/remarks/microsoft.servicelinker/samples/linkers/main.bicep +++ b/settings/remarks/microsoft.servicelinker/samples/linkers/main.bicep @@ -1,6 +1,41 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { + name: resourceName + location: location + kind: 'GlobalDocumentDB' + properties: { + capabilities: [] + consistencyPolicy: { + defaultConsistencyLevel: 'BoundedStaleness' + maxIntervalInSeconds: 10 + maxStalenessPrefix: 200 + } + databaseAccountOfferType: 'Standard' + defaultIdentity: 'FirstPartyIdentity' + disableKeyBasedMetadataWriteAccess: false + disableLocalAuth: false + enableAnalyticalStorage: false + enableAutomaticFailover: false + enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] + isVirtualNetworkFilterEnabled: false + locations: [ + { + failoverPriority: 0 + isZoneRedundant: false + locationName: 'West Europe' + } + ] + networkAclBypass: 'None' + networkAclBypassResourceIds: [] + publicNetworkAccess: 'Enabled' + virtualNetworkRules: [] + } +} + resource spring 'Microsoft.AppPlatform/Spring@2023-05-01-preview' = { name: resourceName location: location @@ -52,49 +87,14 @@ resource linker 'Microsoft.ServiceLinker/linkers@2022-05-01' = { name: resourceName scope: deployment properties: { - clientType: 'none' - targetService: { - resourceProperties: null - type: 'AzureResource' - } authInfo: { authType: 'systemAssignedIdentity' } - } -} - -resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { - name: resourceName - location: location - kind: 'GlobalDocumentDB' - properties: { - consistencyPolicy: { - defaultConsistencyLevel: 'BoundedStaleness' - maxIntervalInSeconds: 10 - maxStalenessPrefix: 200 + clientType: 'none' + targetService: { + id: sqlDatabase.id + type: 'AzureResource' } - defaultIdentity: 'FirstPartyIdentity' - disableLocalAuth: false - ipRules: [] - locations: [ - { - failoverPriority: 0 - isZoneRedundant: false - locationName: 'West Europe' - } - ] - networkAclBypassResourceIds: [] - disableKeyBasedMetadataWriteAccess: false - capabilities: [] - enableMultipleWriteLocations: false - isVirtualNetworkFilterEnabled: false - virtualNetworkRules: [] - databaseAccountOfferType: 'Standard' - enableAnalyticalStorage: false - enableAutomaticFailover: false - enableFreeTier: false - networkAclBypass: 'None' - publicNetworkAccess: 'Enabled' } } @@ -106,7 +106,7 @@ resource sqlDatabase 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2021-10 throughput: 400 } resource: { - id: '${resourceName}' + id: resourceName } } } diff --git a/settings/remarks/microsoft.servicenetworking/samples/trafficcontrollers/associations/main.bicep b/settings/remarks/microsoft.servicenetworking/samples/trafficcontrollers/associations/main.bicep index a0929393..44b0b114 100644 --- a/settings/remarks/microsoft.servicenetworking/samples/trafficcontrollers/associations/main.bicep +++ b/settings/remarks/microsoft.servicenetworking/samples/trafficcontrollers/associations/main.bicep @@ -1,12 +1,15 @@ param location string = 'westus' param resourceName string = 'acctest0001' +resource trafficController 'Microsoft.ServiceNetworking/trafficControllers@2023-11-01' = { + name: '${resourceName}-tc' + location: location +} + resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { name: '${resourceName}-vnet' location: location properties: { - privateEndpointVNetPolicies: 'Disabled' - subnets: [] addressSpace: { addressPrefixes: [ '10.0.0.0/16' @@ -15,21 +18,20 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { dhcpOptions: { dnsServers: [] } + privateEndpointVNetPolicies: 'Disabled' + subnets: [] } } -resource trafficController 'Microsoft.ServiceNetworking/trafficControllers@2023-11-01' = { - name: '${resourceName}-tc' - location: location -} - resource association 'Microsoft.ServiceNetworking/trafficControllers/associations@2023-11-01' = { name: '${resourceName}-assoc' location: location parent: trafficController properties: { associationType: 'subnets' - subnet: {} + subnet: { + id: subnet.id + } } } @@ -37,8 +39,6 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { name: '${resourceName}-subnet' parent: virtualNetwork properties: { - serviceEndpointPolicies: [] - serviceEndpoints: [] addressPrefix: '10.0.1.0/24' defaultOutboundAccess: true delegations: [ @@ -51,5 +51,7 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { ] privateEndpointNetworkPolicies: 'Disabled' privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.signalrservice/samples/signalr/main.bicep b/settings/remarks/microsoft.signalrservice/samples/signalr/main.bicep index bdde427f..cd9f05c6 100644 --- a/settings/remarks/microsoft.signalrservice/samples/signalr/main.bicep +++ b/settings/remarks/microsoft.signalrservice/samples/signalr/main.bicep @@ -9,8 +9,28 @@ resource signalR 'Microsoft.SignalRService/signalR@2023-02-01' = { name: 'Standard_S1' } properties: { + cors: {} disableAadAuth: false disableLocalAuth: false + features: [ + { + flag: 'ServiceMode' + value: 'Default' + } + { + flag: 'EnableConnectivityLogs' + value: 'False' + } + { + flag: 'EnableMessagingLogs' + value: 'False' + } + { + flag: 'EnableLiveTrace' + value: 'False' + } + ] + publicNetworkAccess: 'Enabled' resourceLogConfiguration: { categories: [ { @@ -33,26 +53,6 @@ resource signalR 'Microsoft.SignalRService/signalR@2023-02-01' = { tls: { clientCertEnabled: false } - cors: {} - features: [ - { - flag: 'ServiceMode' - value: 'Default' - } - { - flag: 'EnableConnectivityLogs' - value: 'False' - } - { - flag: 'EnableMessagingLogs' - value: 'False' - } - { - flag: 'EnableLiveTrace' - value: 'False' - } - ] - publicNetworkAccess: 'Enabled' upstream: { templates: [] } diff --git a/settings/remarks/microsoft.signalrservice/samples/signalr/sharedprivatelinkresources/main.bicep b/settings/remarks/microsoft.signalrservice/samples/signalr/sharedprivatelinkresources/main.bicep index 7f85da90..dc656b55 100644 --- a/settings/remarks/microsoft.signalrservice/samples/signalr/sharedprivatelinkresources/main.bicep +++ b/settings/remarks/microsoft.signalrservice/samples/signalr/sharedprivatelinkresources/main.bicep @@ -9,13 +9,9 @@ resource signalR 'Microsoft.SignalRService/signalR@2023-02-01' = { name: 'Standard_S1' } properties: { - upstream: { - templates: [] - } cors: {} - disableLocalAuth: false - publicNetworkAccess: 'Enabled' disableAadAuth: false + disableLocalAuth: false features: [ { flag: 'ServiceMode' @@ -34,6 +30,7 @@ resource signalR 'Microsoft.SignalRService/signalR@2023-02-01' = { value: 'False' } ] + publicNetworkAccess: 'Enabled' resourceLogConfiguration: { categories: [ { @@ -56,16 +53,9 @@ resource signalR 'Microsoft.SignalRService/signalR@2023-02-01' = { tls: { clientCertEnabled: false } - } -} - -resource sharedPrivateLinkResource 'Microsoft.SignalRService/signalR/sharedPrivateLinkResources@2023-02-01' = { - name: resourceName - parent: signalR - properties: { - groupId: 'vault' - privateLinkResourceId: vault.id - requestMessage: 'please approve' + upstream: { + templates: [] + } } } @@ -92,12 +82,12 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { } ] createMode: 'default' + enableRbacAuthorization: false enableSoftDelete: true enabledForDeployment: false + enabledForDiskEncryption: false enabledForTemplateDeployment: false publicNetworkAccess: 'Enabled' - enableRbacAuthorization: false - enabledForDiskEncryption: false sku: { family: 'A' name: 'standard' @@ -106,3 +96,13 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { tenantId: tenant().tenantId } } + +resource sharedPrivateLinkResource 'Microsoft.SignalRService/signalR/sharedPrivateLinkResources@2023-02-01' = { + name: resourceName + parent: signalR + properties: { + groupId: 'vault' + privateLinkResourceId: vault.id + requestMessage: 'please approve' + } +} diff --git a/settings/remarks/microsoft.signalrservice/samples/webpubsub/main.bicep b/settings/remarks/microsoft.signalrservice/samples/webpubsub/main.bicep index 1ba41a43..a06904f4 100644 --- a/settings/remarks/microsoft.signalrservice/samples/webpubsub/main.bicep +++ b/settings/remarks/microsoft.signalrservice/samples/webpubsub/main.bicep @@ -5,15 +5,15 @@ resource webPubSub 'Microsoft.SignalRService/webPubSub@2023-02-01' = { name: resourceName location: location sku: { - name: 'Standard_S1' capacity: 1 + name: 'Standard_S1' } properties: { + disableAadAuth: false disableLocalAuth: false publicNetworkAccess: 'Enabled' tls: { clientCertEnabled: false } - disableAadAuth: false } } diff --git a/settings/remarks/microsoft.signalrservice/samples/webpubsub/sharedprivatelinkresources/main.bicep b/settings/remarks/microsoft.signalrservice/samples/webpubsub/sharedprivatelinkresources/main.bicep index 2ddbcb72..64f1ed23 100644 --- a/settings/remarks/microsoft.signalrservice/samples/webpubsub/sharedprivatelinkresources/main.bicep +++ b/settings/remarks/microsoft.signalrservice/samples/webpubsub/sharedprivatelinkresources/main.bicep @@ -5,16 +5,6 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { name: resourceName location: location properties: { - enableRbacAuthorization: false - enabledForDeployment: false - enabledForTemplateDeployment: false - publicNetworkAccess: 'Enabled' - sku: { - family: 'A' - name: 'standard' - } - softDeleteRetentionInDays: 7 - tenantId: tenant().tenantId accessPolicies: [ { objectId: deployer().objectId @@ -34,8 +24,18 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { } ] createMode: 'default' + enableRbacAuthorization: false enableSoftDelete: true + enabledForDeployment: false enabledForDiskEncryption: false + enabledForTemplateDeployment: false + publicNetworkAccess: 'Enabled' + sku: { + family: 'A' + name: 'standard' + } + softDeleteRetentionInDays: 7 + tenantId: tenant().tenantId } } diff --git a/settings/remarks/microsoft.solutions/samples/applications/main.bicep b/settings/remarks/microsoft.solutions/samples/applications/main.bicep index ff7d60dd..c160393c 100644 --- a/settings/remarks/microsoft.solutions/samples/applications/main.bicep +++ b/settings/remarks/microsoft.solutions/samples/applications/main.bicep @@ -6,21 +6,31 @@ resource application 'Microsoft.Solutions/applications@2021-07-01' = { location: location kind: 'ServiceCatalog' properties: { + applicationDefinitionId: applicationDefinition.id managedResourceGroupId: '/subscriptions/${subscription().subscriptionId}/resourceGroups/${resourceName}-infragroup' parameters: { + arrayParameter: { + value: [ + 'value_1' + 'value_2' + ] + } + boolParameter: { + value: true + } intParameter: { value: 100 } objectParameter: { value: { - nested_bool: true - nested_object: { - key_0: 0 - } nested_array: [ 'value_1' 'value_2' ] + nested_bool: true + nested_object: { + key_0: 0 + } } } secureStringParameter: { @@ -29,15 +39,6 @@ resource application 'Microsoft.Solutions/applications@2021-07-01' = { stringParameter: { value: 'value_1' } - arrayParameter: { - value: [ - 'value_1' - 'value_2' - ] - } - boolParameter: { - value: true - } } } } @@ -46,10 +47,6 @@ resource applicationDefinition 'Microsoft.Solutions/applicationDefinitions@2021- name: '${resourceName}-appdef' location: location properties: { - displayName: 'TestManagedAppDefinition' - isEnabled: true - lockLevel: 'ReadOnly' - mainTemplate: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} authorizations: [ { principalId: deployer().objectId @@ -58,5 +55,9 @@ resource applicationDefinition 'Microsoft.Solutions/applicationDefinitions@2021- ] createUiDefinition: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} description: 'Test Managed App Definition' + displayName: 'TestManagedAppDefinition' + isEnabled: true + lockLevel: 'ReadOnly' + mainTemplate: /* ERROR: Unparsed HCL syntax in LiteralNode */ {} } } diff --git a/settings/remarks/microsoft.sql/samples/instancepools/main.bicep b/settings/remarks/microsoft.sql/samples/instancepools/main.bicep index cf725c55..a3fdd919 100644 --- a/settings/remarks/microsoft.sql/samples/instancepools/main.bicep +++ b/settings/remarks/microsoft.sql/samples/instancepools/main.bicep @@ -6,69 +6,6 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2023-04-01' existing parent: virtualNetwork } -resource routeTable 'Microsoft.Network/routeTables@2023-04-01' = { - name: resourceName - location: 'azapi_resource.resourceGroup.location' - properties: { - disableBgpRoutePropagation: false - } -} - -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { - name: resourceName - location: 'azapi_resource.resourceGroup.location' - properties: { - subnets: [ - { - name: 'Default' - properties: { - addressPrefix: '10.0.0.0/24' - } - } - { - name: resourceName - properties: { - addressPrefix: '10.0.1.0/24' - networkSecurityGroup: { - id: networkSecurityGroup.id - } - routeTable: { - id: routeTable.id - } - delegations: [ - { - name: 'miDelegation' - properties: { - serviceName: 'Microsoft.Sql/managedInstances' - } - } - ] - } - } - ] - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - } -} - -resource instancePool 'Microsoft.Sql/instancePools@2022-05-01-preview' = { - name: resourceName - location: 'azapi_resource.resourceGroup.location' - sku: { - family: 'Gen5' - name: 'GP_Gen5' - tier: 'GeneralPurpose' - } - properties: { - licenseType: 'LicenseIncluded' - subnetId: subnet.id - vCores: 8 - } -} - resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2023-04-01' = { name: resourceName location: 'azapi_resource.resourceGroup.location' @@ -77,6 +14,7 @@ resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2023-04-0 { name: 'allow_tds_inbound' properties: { + access: 'Allow' description: 'Allow access to data' destinationAddressPrefix: '*' destinationPortRange: '1433' @@ -85,63 +23,62 @@ resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2023-04-0 protocol: 'TCP' sourceAddressPrefix: 'VirtualNetwork' sourcePortRange: '*' - access: 'Allow' } } { name: 'allow_redirect_inbound' properties: { + access: 'Allow' + description: 'Allow inbound redirect traffic to Managed Instance inside the virtual network' destinationAddressPrefix: '*' - priority: 1100 - protocol: 'Tcp' - sourcePortRange: '*' destinationPortRange: '11000-11999' direction: 'Inbound' + priority: 1100 + protocol: 'Tcp' sourceAddressPrefix: 'VirtualNetwork' - access: 'Allow' - description: 'Allow inbound redirect traffic to Managed Instance inside the virtual network' + sourcePortRange: '*' } } { name: 'allow_geodr_inbound' properties: { + access: 'Allow' description: 'Allow inbound geodr traffic inside the virtual network' destinationAddressPrefix: '*' destinationPortRange: '5022' + direction: 'Inbound' + priority: 1200 protocol: 'Tcp' sourceAddressPrefix: 'VirtualNetwork' sourcePortRange: '*' - access: 'Allow' - direction: 'Inbound' - priority: 1200 } } { name: 'deny_all_inbound' properties: { - protocol: '*' access: 'Deny' description: 'Deny all other inbound traffic' - sourceAddressPrefix: '*' - sourcePortRange: '*' destinationAddressPrefix: '*' destinationPortRange: '*' direction: 'Inbound' priority: 4096 + protocol: '*' + sourceAddressPrefix: '*' + sourcePortRange: '*' } } { name: 'allow_linkedserver_outbound' properties: { + access: 'Allow' description: 'Allow outbound linkedserver traffic inside the virtual network' - destinationPortRange: '1433' - sourceAddressPrefix: '*' destinationAddressPrefix: 'VirtualNetwork' + destinationPortRange: '1433' direction: 'Outbound' priority: 1000 protocol: 'Tcp' + sourceAddressPrefix: '*' sourcePortRange: '*' - access: 'Allow' } } { @@ -149,43 +86,106 @@ resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2023-04-0 properties: { access: 'Allow' description: 'Allow outbound redirect traffic to Managed Instance inside the virtual network' + destinationAddressPrefix: 'VirtualNetwork' + destinationPortRange: '11000-11999' direction: 'Outbound' priority: 1100 + protocol: 'Tcp' sourceAddressPrefix: '*' sourcePortRange: '*' - destinationAddressPrefix: 'VirtualNetwork' - destinationPortRange: '11000-11999' - protocol: 'Tcp' } } { name: 'allow_geodr_outbound' properties: { - description: 'Allow outbound geodr traffic inside the virtual network' - destinationPortRange: '5022' - priority: 1200 - sourceAddressPrefix: '*' access: 'Allow' + description: 'Allow outbound geodr traffic inside the virtual network' destinationAddressPrefix: 'VirtualNetwork' + destinationPortRange: '5022' direction: 'Outbound' + priority: 1200 protocol: 'Tcp' + sourceAddressPrefix: '*' sourcePortRange: '*' } } { + name: 'deny_all_outbound' properties: { + access: 'Deny' + description: 'Deny all other outbound traffic' + destinationAddressPrefix: '*' destinationPortRange: '*' direction: 'Outbound' + priority: 4096 protocol: '*' sourceAddressPrefix: '*' sourcePortRange: '*' - access: 'Deny' - description: 'Deny all other outbound traffic' - destinationAddressPrefix: '*' - priority: 4096 } - name: 'deny_all_outbound' } ] } } + +resource routeTable 'Microsoft.Network/routeTables@2023-04-01' = { + name: resourceName + location: 'azapi_resource.resourceGroup.location' + properties: { + disableBgpRoutePropagation: false + } +} + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { + name: resourceName + location: 'azapi_resource.resourceGroup.location' + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + subnets: [ + { + name: 'Default' + properties: { + addressPrefix: '10.0.0.0/24' + } + } + { + name: resourceName + properties: { + addressPrefix: '10.0.1.0/24' + networkSecurityGroup: { + id: networkSecurityGroup.id + } + routeTable: { + id: routeTable.id + } + delegations: [ + { + name: 'miDelegation' + properties: { + serviceName: 'Microsoft.Sql/managedInstances' + } + } + ] + } + } + ] + } +} + +resource instancePool 'Microsoft.Sql/instancePools@2022-05-01-preview' = { + name: resourceName + location: 'azapi_resource.resourceGroup.location' + sku: { + family: 'Gen5' + name: 'GP_Gen5' + tier: 'GeneralPurpose' + } + properties: { + licenseType: 'LicenseIncluded' + subnetId: subnet.id + vCores: 8 + } +} diff --git a/settings/remarks/microsoft.sql/samples/servers/administrators/main.bicep b/settings/remarks/microsoft.sql/samples/servers/administrators/main.bicep index 6aac6260..cab99827 100644 --- a/settings/remarks/microsoft.sql/samples/servers/administrators/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/administrators/main.bicep @@ -11,7 +11,7 @@ resource server 'Microsoft.Sql/servers@2015-05-01-preview' = { location: location properties: { administratorLogin: 'mradministrator' - administratorLoginPassword: '${administratorLoginPassword}' + administratorLoginPassword: administratorLoginPassword version: '12.0' } } diff --git a/settings/remarks/microsoft.sql/samples/servers/auditingsettings/main.bicep b/settings/remarks/microsoft.sql/samples/servers/auditingsettings/main.bicep index 61277fad..6b204bd2 100644 --- a/settings/remarks/microsoft.sql/samples/servers/auditingsettings/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/auditingsettings/main.bicep @@ -8,12 +8,12 @@ resource server 'Microsoft.Sql/servers@2022-05-01-preview' = { name: resourceName location: location properties: { + administratorLogin: 'mradministrator' + administratorLoginPassword: administratorLoginPassword + minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' - administratorLogin: 'mradministrator' - administratorLoginPassword: '${administratorLoginPassword}' - minimalTlsVersion: '1.2' } } diff --git a/settings/remarks/microsoft.sql/samples/servers/connectionpolicies/main.bicep b/settings/remarks/microsoft.sql/samples/servers/connectionpolicies/main.bicep index 089989b8..e8e68411 100644 --- a/settings/remarks/microsoft.sql/samples/servers/connectionpolicies/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/connectionpolicies/main.bicep @@ -10,12 +10,12 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' - administratorLogin: '${administratorLogin}' - administratorLoginPassword: '${administratorLoginPassword}' } } diff --git a/settings/remarks/microsoft.sql/samples/servers/databases/main.bicep b/settings/remarks/microsoft.sql/samples/servers/databases/main.bicep index cc660811..1d37503c 100644 --- a/settings/remarks/microsoft.sql/samples/servers/databases/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/databases/main.bicep @@ -1,19 +1,19 @@ -param resourceName string = 'acctest0001' -param location string = 'westeurope' @secure() @description('The administrator login password for the SQL server') param administratorLoginPassword string +param resourceName string = 'acctest0001' +param location string = 'westeurope' resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { + administratorLogin: 'mradministrator' + administratorLoginPassword: administratorLoginPassword minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' - administratorLogin: 'mradministrator' - administratorLoginPassword: '${administratorLoginPassword}' } } @@ -22,16 +22,16 @@ resource database 'Microsoft.Sql/servers/databases@2021-02-01-preview' = { location: location parent: server properties: { - minCapacity: 0 - readScale: 'Disabled' autoPauseDelay: 0 - requestedBackupStorageRedundancy: 'Geo' - zoneRedundant: false createMode: 'Default' elasticPoolId: '' highAvailabilityReplicaCount: 0 isLedgerOn: false licenseType: 'LicenseIncluded' maintenanceConfigurationId: resourceId('Microsoft.Maintenance/publicMaintenanceConfigurations', 'SQL_Default') + minCapacity: 0 + readScale: 'Disabled' + requestedBackupStorageRedundancy: 'Geo' + zoneRedundant: false } } diff --git a/settings/remarks/microsoft.sql/samples/servers/databases/securityalertpolicies/main.bicep b/settings/remarks/microsoft.sql/samples/servers/databases/securityalertpolicies/main.bicep index 46dfb85d..ce9d1240 100644 --- a/settings/remarks/microsoft.sql/samples/servers/databases/securityalertpolicies/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/databases/securityalertpolicies/main.bicep @@ -1,19 +1,19 @@ +param location string = 'westeurope' @secure() @description('The administrator login password for the SQL server') param administratorLoginPassword string param resourceName string = 'acctest0001' -param location string = 'westeurope' resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { + administratorLogin: 'mradministrator' + administratorLoginPassword: administratorLoginPassword + minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' - administratorLogin: 'mradministrator' - administratorLoginPassword: '${administratorLoginPassword}' - minimalTlsVersion: '1.2' } } @@ -23,13 +23,13 @@ resource database 'Microsoft.Sql/servers/databases@2021-02-01-preview' = { parent: server properties: { autoPauseDelay: 0 + createMode: 'Default' elasticPoolId: '' + highAvailabilityReplicaCount: 0 + isLedgerOn: false licenseType: 'LicenseIncluded' maintenanceConfigurationId: resourceId('Microsoft.Maintenance/publicMaintenanceConfigurations', 'SQL_Default') minCapacity: 0 - createMode: 'Default' - highAvailabilityReplicaCount: 0 - isLedgerOn: false readScale: 'Disabled' requestedBackupStorageRedundancy: 'Geo' zoneRedundant: false diff --git a/settings/remarks/microsoft.sql/samples/servers/databases/transparentdataencryption/main.bicep b/settings/remarks/microsoft.sql/samples/servers/databases/transparentdataencryption/main.bicep index 714fd6bd..48f4cf58 100644 --- a/settings/remarks/microsoft.sql/samples/servers/databases/transparentdataencryption/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/databases/transparentdataencryption/main.bicep @@ -8,12 +8,12 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { + administratorLogin: 'mradministrator' + administratorLoginPassword: administratorLoginPassword + minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' - administratorLogin: 'mradministrator' - administratorLoginPassword: '${administratorLoginPassword}' - minimalTlsVersion: '1.2' } } @@ -22,17 +22,17 @@ resource database 'Microsoft.Sql/servers/databases@2021-02-01-preview' = { location: location parent: server properties: { + autoPauseDelay: 0 + createMode: 'Default' elasticPoolId: '' + highAvailabilityReplicaCount: 0 isLedgerOn: false + licenseType: 'LicenseIncluded' maintenanceConfigurationId: resourceId('Microsoft.Maintenance/publicMaintenanceConfigurations', 'SQL_Default') minCapacity: 0 readScale: 'Disabled' - zoneRedundant: false - autoPauseDelay: 0 - highAvailabilityReplicaCount: 0 - licenseType: 'LicenseIncluded' requestedBackupStorageRedundancy: 'Geo' - createMode: 'Default' + zoneRedundant: false } } diff --git a/settings/remarks/microsoft.sql/samples/servers/dnsaliases/main.bicep b/settings/remarks/microsoft.sql/samples/servers/dnsaliases/main.bicep index 6848a4d9..e128c833 100644 --- a/settings/remarks/microsoft.sql/samples/servers/dnsaliases/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/dnsaliases/main.bicep @@ -10,12 +10,12 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - restrictOutboundNetworkAccess: 'Disabled' - version: '12.0' - administratorLogin: '${administratorLogin}' - administratorLoginPassword: '${administratorLoginPassword}' + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' + restrictOutboundNetworkAccess: 'Disabled' + version: '12.0' } } diff --git a/settings/remarks/microsoft.sql/samples/servers/elasticpools/main.bicep b/settings/remarks/microsoft.sql/samples/servers/elasticpools/main.bicep index d529aab8..4bb91217 100644 --- a/settings/remarks/microsoft.sql/samples/servers/elasticpools/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/elasticpools/main.bicep @@ -8,12 +8,12 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - administratorLoginPassword: '${administratorLoginPassword}' + administratorLogin: '4dm1n157r470r' + administratorLoginPassword: administratorLoginPassword minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' - administratorLogin: '4dm1n157r470r' } } @@ -22,10 +22,10 @@ resource elasticPool 'Microsoft.Sql/servers/elasticPools@2020-11-01-preview' = { location: location parent: server sku: { - name: 'BasicPool' - tier: 'Basic' capacity: 50 family: '' + name: 'BasicPool' + tier: 'Basic' } properties: { maintenanceConfigurationId: resourceId('Microsoft.Maintenance/publicMaintenanceConfigurations', 'SQL_Default') diff --git a/settings/remarks/microsoft.sql/samples/servers/encryptionprotector/main.bicep b/settings/remarks/microsoft.sql/samples/servers/encryptionprotector/main.bicep index f50c8197..dbf2b6d2 100644 --- a/settings/remarks/microsoft.sql/samples/servers/encryptionprotector/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/encryptionprotector/main.bicep @@ -1,19 +1,19 @@ -param resourceName string = 'acctest0001' -param location string = 'westus' @secure() @description('The administrator login password for the SQL server') param administratorLoginPassword string +param resourceName string = 'acctest0001' +param location string = 'westus' resource server 'Microsoft.Sql/servers@2023-08-01-preview' = { name: resourceName location: location properties: { - administratorLoginPassword: '${administratorLoginPassword}' + administratorLogin: 'mradministrator' + administratorLoginPassword: administratorLoginPassword minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' - administratorLogin: 'mradministrator' } } diff --git a/settings/remarks/microsoft.sql/samples/servers/failovergroups/main.bicep b/settings/remarks/microsoft.sql/samples/servers/failovergroups/main.bicep index 980ee33a..90745bb8 100644 --- a/settings/remarks/microsoft.sql/samples/servers/failovergroups/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/failovergroups/main.bicep @@ -9,12 +9,34 @@ resource server 'Microsoft.Sql/servers@2023-08-01-preview' = { name: '${resourceName}-primary' location: location properties: { + administratorLogin: 'mradministrator' + administratorLoginPassword: administratorLoginPassword + minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' - administratorLogin: 'mradministrator' - administratorLoginPassword: '${administratorLoginPassword}' - minimalTlsVersion: '1.2' + } +} + +resource failoverGroup 'Microsoft.Sql/servers/failoverGroups@2023-08-01-preview' = { + name: '${resourceName}-fg' + parent: server + properties: { + databases: [ + database.id + ] + partnerServers: [ + { + id: server1.id + } + ] + readOnlyEndpoint: { + failoverPolicy: 'Disabled' + } + readWriteEndpoint: { + failoverPolicy: 'Automatic' + failoverWithDataLossGracePeriodMinutes: 60 + } } } @@ -22,12 +44,12 @@ resource server1 'Microsoft.Sql/servers@2023-08-01-preview' = { name: '${resourceName}-secondary' location: secondaryLocation properties: { - restrictOutboundNetworkAccess: 'Disabled' - version: '12.0' administratorLogin: 'mradministrator' - administratorLoginPassword: '${administratorLoginPassword}' + administratorLoginPassword: administratorLoginPassword minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' + restrictOutboundNetworkAccess: 'Disabled' + version: '12.0' } } @@ -39,42 +61,20 @@ resource database 'Microsoft.Sql/servers/databases@2023-08-01-preview' = { name: 'S1' } properties: { + autoPauseDelay: 0 + collation: 'SQL_Latin1_General_CP1_CI_AS' + createMode: 'Default' elasticPoolId: '' + encryptionProtectorAutoRotation: false highAvailabilityReplicaCount: 0 - requestedBackupStorageRedundancy: 'Geo' + isLedgerOn: false licenseType: '' - readScale: 'Disabled' - secondaryType: '' - autoPauseDelay: 0 - encryptionProtectorAutoRotation: false maxSizeBytes: 214748364800 minCapacity: 0 + readScale: 'Disabled' + requestedBackupStorageRedundancy: 'Geo' sampleName: '' + secondaryType: '' zoneRedundant: false - collation: 'SQL_Latin1_General_CP1_CI_AS' - createMode: 'Default' - isLedgerOn: false - } -} - -resource failoverGroup 'Microsoft.Sql/servers/failoverGroups@2023-08-01-preview' = { - name: '${resourceName}-fg' - parent: server - properties: { - databases: [ - database.id - ] - partnerServers: [ - { - id: server1.id - } - ] - readOnlyEndpoint: { - failoverPolicy: 'Disabled' - } - readWriteEndpoint: { - failoverPolicy: 'Automatic' - failoverWithDataLossGracePeriodMinutes: 60 - } } } diff --git a/settings/remarks/microsoft.sql/samples/servers/firewallrules/main.bicep b/settings/remarks/microsoft.sql/samples/servers/firewallrules/main.bicep index 26015afe..2140b08f 100644 --- a/settings/remarks/microsoft.sql/samples/servers/firewallrules/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/firewallrules/main.bicep @@ -8,12 +8,12 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - administratorLoginPassword: '${administratorLoginPassword}' + administratorLogin: 'msincredible' + administratorLoginPassword: administratorLoginPassword minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' - administratorLogin: 'msincredible' } } diff --git a/settings/remarks/microsoft.sql/samples/servers/jobagents/credentials/main.bicep b/settings/remarks/microsoft.sql/samples/servers/jobagents/credentials/main.bicep index d1d6b4af..224d80ed 100644 --- a/settings/remarks/microsoft.sql/samples/servers/jobagents/credentials/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/jobagents/credentials/main.bicep @@ -13,47 +13,47 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - version: '12.0' administratorLogin: '4dministr4t0r' - administratorLoginPassword: '${administratorLoginPassword}' + administratorLoginPassword: administratorLoginPassword minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' + version: '12.0' } } -resource database 'Microsoft.Sql/servers/databases@2021-02-01-preview' = { +resource jobAgent 'Microsoft.Sql/servers/jobAgents@2020-11-01-preview' = { name: resourceName location: location parent: server properties: { - minCapacity: 0 - requestedBackupStorageRedundancy: 'Geo' - zoneRedundant: false - autoPauseDelay: 0 - highAvailabilityReplicaCount: 0 - isLedgerOn: false - readScale: 'Disabled' - collation: 'SQL_Latin1_General_CP1_CI_AS' - createMode: 'Default' - elasticPoolId: '' + databaseId: database.id } } -resource jobAgent 'Microsoft.Sql/servers/jobAgents@2020-11-01-preview' = { +resource credential 'Microsoft.Sql/servers/jobAgents/credentials@2020-11-01-preview' = { name: resourceName - location: location - parent: server + parent: jobAgent properties: { - databaseId: database.id + password: sqlAdminPassword + username: sqlAdminUsername } } -resource credential 'Microsoft.Sql/servers/jobAgents/credentials@2020-11-01-preview' = { +resource database 'Microsoft.Sql/servers/databases@2021-02-01-preview' = { name: resourceName - parent: jobAgent + location: location + parent: server properties: { - password: '${sqlAdminPassword}' - username: '${sqlAdminUsername}' + autoPauseDelay: 0 + collation: 'SQL_Latin1_General_CP1_CI_AS' + createMode: 'Default' + elasticPoolId: '' + highAvailabilityReplicaCount: 0 + isLedgerOn: false + minCapacity: 0 + readScale: 'Disabled' + requestedBackupStorageRedundancy: 'Geo' + zoneRedundant: false } } diff --git a/settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/main.bicep b/settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/main.bicep index 19eb34d5..bd682d57 100644 --- a/settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/main.bicep @@ -1,45 +1,19 @@ -param resourceName string = 'acctest0001' param location string = 'westus' @secure() @description('The administrator login password for the SQL server') param administratorLoginPassword string +param resourceName string = 'acctest0001' resource server 'Microsoft.Sql/servers@2023-08-01-preview' = { name: '${resourceName}-server' location: location properties: { + administratorLogin: '4dm1n157r470r' + administratorLoginPassword: administratorLoginPassword minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' - administratorLogin: '4dm1n157r470r' - administratorLoginPassword: '${administratorLoginPassword}' - } -} - -resource database 'Microsoft.Sql/servers/databases@2023-08-01-preview' = { - name: '${resourceName}-db' - location: location - parent: server - sku: { - name: 'S1' - } - properties: { - autoPauseDelay: 0 - maintenanceConfigurationId: '/subscriptions/${subscription().subscriptionId}/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default' - sampleName: '' - collation: 'SQL_Latin1_General_CP1_CI_AS' - elasticPoolId: '' - readScale: 'Disabled' - zoneRedundant: false - createMode: 'Default' - encryptionProtectorAutoRotation: false - licenseType: '' - highAvailabilityReplicaCount: 0 - isLedgerOn: false - minCapacity: 0 - requestedBackupStorageRedundancy: 'Geo' - secondaryType: '' } } @@ -62,3 +36,29 @@ resource job 'Microsoft.Sql/servers/jobAgents/jobs@2023-08-01-preview' = { description: '' } } + +resource database 'Microsoft.Sql/servers/databases@2023-08-01-preview' = { + name: '${resourceName}-db' + location: location + parent: server + sku: { + name: 'S1' + } + properties: { + autoPauseDelay: 0 + collation: 'SQL_Latin1_General_CP1_CI_AS' + createMode: 'Default' + elasticPoolId: '' + encryptionProtectorAutoRotation: false + highAvailabilityReplicaCount: 0 + isLedgerOn: false + licenseType: '' + maintenanceConfigurationId: '/subscriptions/${subscription().subscriptionId}/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default' + minCapacity: 0 + readScale: 'Disabled' + requestedBackupStorageRedundancy: 'Geo' + sampleName: '' + secondaryType: '' + zoneRedundant: false + } +} diff --git a/settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/steps/main.bicep b/settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/steps/main.bicep index e4c12a5f..b93878c8 100644 --- a/settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/steps/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/jobagents/jobs/steps/main.bicep @@ -1,4 +1,3 @@ -param resourceName string = 'acctest0001' param location string = 'westus' @secure() @description('The administrator login password for the SQL server') @@ -6,6 +5,7 @@ param administratorLoginPassword string @secure() @description('The password for the SQL job credential') param jobCredentialPassword string +param resourceName string = 'acctest0001' var maintenanceConfigId = '/subscriptions/${subscription().subscriptionId}/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default' @@ -13,12 +13,12 @@ resource server 'Microsoft.Sql/servers@2023-08-01-preview' = { name: '${resourceName}-server' location: location properties: { - administratorLoginPassword: '${administratorLoginPassword}' + administratorLogin: '4dm1n157r470r' + administratorLoginPassword: administratorLoginPassword minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' - administratorLogin: '4dm1n157r470r' } } @@ -34,6 +34,15 @@ resource jobAgent 'Microsoft.Sql/servers/jobAgents@2023-08-01-preview' = { } } +resource credential 'Microsoft.Sql/servers/jobAgents/credentials@2023-08-01-preview' = { + name: '${resourceName}-job-credential' + parent: jobAgent + properties: { + password: jobCredentialPassword + username: 'testusername' + } +} + resource job 'Microsoft.Sql/servers/jobAgents/jobs@2023-08-01-preview' = { name: '${resourceName}-job' parent: jobAgent @@ -54,6 +63,14 @@ resource step 'Microsoft.Sql/servers/jobAgents/jobs/steps@2023-08-01-preview' = name: '${resourceName}-job-step' parent: job properties: { + action: { + value: '''IF NOT EXISTS (SELECT * FROM sys.objects WHERE [name] = N''Person'') + CREATE TABLE Person ( + FirstName NVARCHAR(50), + LastName NVARCHAR(50), + ); +''' + } credential: credential.id executionOptions: { initialRetryIntervalSeconds: 1 @@ -64,14 +81,6 @@ resource step 'Microsoft.Sql/servers/jobAgents/jobs/steps@2023-08-01-preview' = } stepId: 1 targetGroup: targetGroup.id - action: { - value: '''IF NOT EXISTS (SELECT * FROM sys.objects WHERE [name] = N''Person'') - CREATE TABLE Person ( - FirstName NVARCHAR(50), - LastName NVARCHAR(50), - ); -''' - } } } @@ -85,15 +94,6 @@ resource database 'Microsoft.Sql/servers/databases@2023-08-01-preview' = { properties: { collation: 'SQL_Latin1_General_CP1_CI_AS' createMode: 'Default' - maintenanceConfigurationId: '${maintenanceConfigId}' - } -} - -resource credential 'Microsoft.Sql/servers/jobAgents/credentials@2023-08-01-preview' = { - name: '${resourceName}-job-credential' - parent: jobAgent - properties: { - password: '${jobCredentialPassword}' - username: 'testusername' + maintenanceConfigurationId: maintenanceConfigId } } diff --git a/settings/remarks/microsoft.sql/samples/servers/jobagents/main.bicep b/settings/remarks/microsoft.sql/samples/servers/jobagents/main.bicep index bfc38e00..82fedd1f 100644 --- a/settings/remarks/microsoft.sql/samples/servers/jobagents/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/jobagents/main.bicep @@ -8,12 +8,12 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - administratorLoginPassword: '${sqlAdministratorPassword}' + administratorLogin: '4dministr4t0r' + administratorLoginPassword: sqlAdministratorPassword minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' - administratorLogin: '4dministr4t0r' } } @@ -22,17 +22,17 @@ resource database 'Microsoft.Sql/servers/databases@2021-02-01-preview' = { location: location parent: server properties: { - isLedgerOn: false - maintenanceConfigurationId: resourceId('Microsoft.Maintenance/publicMaintenanceConfigurations', 'SQL_Default') - zoneRedundant: false autoPauseDelay: 0 + collation: 'SQL_Latin1_General_CP1_CI_AS' + createMode: 'Default' elasticPoolId: '' + highAvailabilityReplicaCount: 0 + isLedgerOn: false + maintenanceConfigurationId: resourceId('Microsoft.Maintenance/publicMaintenanceConfigurations', 'SQL_Default') minCapacity: 0 readScale: 'Disabled' requestedBackupStorageRedundancy: 'Geo' - collation: 'SQL_Latin1_General_CP1_CI_AS' - createMode: 'Default' - highAvailabilityReplicaCount: 0 + zoneRedundant: false } } diff --git a/settings/remarks/microsoft.sql/samples/servers/jobagents/targetgroups/main.bicep b/settings/remarks/microsoft.sql/samples/servers/jobagents/targetgroups/main.bicep index b5d99dde..22f9432c 100644 --- a/settings/remarks/microsoft.sql/samples/servers/jobagents/targetgroups/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/jobagents/targetgroups/main.bicep @@ -11,32 +11,12 @@ resource server 'Microsoft.Sql/servers@2023-08-01-preview' = { name: '${resourceName}-server' location: location properties: { - version: '12.0' administratorLogin: '4dm1n157r470r' - administratorLoginPassword: '${administratorLoginPassword}' + administratorLoginPassword: administratorLoginPassword minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' - } -} - -resource jobAgent 'Microsoft.Sql/servers/jobAgents@2023-08-01-preview' = { - name: '${resourceName}-job-agent' - location: location - parent: server - sku: { - name: 'JA100' - } - properties: { - databaseId: database.id - } -} - -resource targetGroup 'Microsoft.Sql/servers/jobAgents/targetGroups@2023-08-01-preview' = { - name: '${resourceName}-target-group' - parent: jobAgent - properties: { - members: [] + version: '12.0' } } @@ -49,20 +29,32 @@ resource database 'Microsoft.Sql/servers/databases@2023-08-01-preview' = { } properties: { autoPauseDelay: 0 + collation: 'SQL_Latin1_General_CP1_CI_AS' + createMode: 'Default' + elasticPoolId: '' + encryptionProtectorAutoRotation: false highAvailabilityReplicaCount: 0 isLedgerOn: false - zoneRedundant: false - elasticPoolId: '' - requestedBackupStorageRedundancy: 'Geo' - secondaryType: '' - collation: 'SQL_Latin1_General_CP1_CI_AS' licenseType: '' maintenanceConfigurationId: '/subscriptions/${subscription().subscriptionId}/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default' - readScale: 'Disabled' - createMode: 'Default' - encryptionProtectorAutoRotation: false minCapacity: 0 + readScale: 'Disabled' + requestedBackupStorageRedundancy: 'Geo' sampleName: '' + secondaryType: '' + zoneRedundant: false + } +} + +resource jobAgent 'Microsoft.Sql/servers/jobAgents@2023-08-01-preview' = { + name: '${resourceName}-job-agent' + location: location + parent: server + sku: { + name: 'JA100' + } + properties: { + databaseId: database.id } } @@ -70,7 +62,15 @@ resource credential 'Microsoft.Sql/servers/jobAgents/credentials@2023-08-01-prev name: '${resourceName}-job-credential' parent: jobAgent properties: { - password: '${jobCredentialPassword}' + password: jobCredentialPassword username: 'testusername' } } + +resource targetGroup 'Microsoft.Sql/servers/jobAgents/targetGroups@2023-08-01-preview' = { + name: '${resourceName}-target-group' + parent: jobAgent + properties: { + members: [] + } +} diff --git a/settings/remarks/microsoft.sql/samples/servers/main.bicep b/settings/remarks/microsoft.sql/samples/servers/main.bicep index a3d53b80..1555f4a8 100644 --- a/settings/remarks/microsoft.sql/samples/servers/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/main.bicep @@ -8,11 +8,11 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { name: resourceName location: location properties: { - administratorLoginPassword: '${sqlAdministratorPassword}' + administratorLogin: 'mradministrator' + administratorLoginPassword: sqlAdministratorPassword minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' version: '12.0' - administratorLogin: 'mradministrator' } } diff --git a/settings/remarks/microsoft.sql/samples/servers/outboundfirewallrules/main.bicep b/settings/remarks/microsoft.sql/samples/servers/outboundfirewallrules/main.bicep index ee37e2d7..d63d1e85 100644 --- a/settings/remarks/microsoft.sql/samples/servers/outboundfirewallrules/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/outboundfirewallrules/main.bicep @@ -9,7 +9,7 @@ resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { location: location properties: { administratorLogin: 'msincredible' - administratorLoginPassword: '${adminPassword}' + administratorLoginPassword: adminPassword minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Enabled' diff --git a/settings/remarks/microsoft.sql/samples/servers/securityalertpolicies/main.bicep b/settings/remarks/microsoft.sql/samples/servers/securityalertpolicies/main.bicep index 9923fcb9..8894ca4c 100644 --- a/settings/remarks/microsoft.sql/samples/servers/securityalertpolicies/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/securityalertpolicies/main.bicep @@ -10,8 +10,8 @@ resource server 'Microsoft.Sql/servers@2015-05-01-preview' = { name: resourceName location: location properties: { - administratorLogin: '${administratorLogin}' - administratorLoginPassword: '${administratorLoginPassword}' + administratorLogin: administratorLogin + administratorLoginPassword: administratorLoginPassword version: '12.0' } } diff --git a/settings/remarks/microsoft.sql/samples/servers/sqlvulnerabilityassessments/main.bicep b/settings/remarks/microsoft.sql/samples/servers/sqlvulnerabilityassessments/main.bicep index 120d09ba..f6c60f3d 100644 --- a/settings/remarks/microsoft.sql/samples/servers/sqlvulnerabilityassessments/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/sqlvulnerabilityassessments/main.bicep @@ -9,7 +9,7 @@ resource server 'Microsoft.Sql/servers@2022-05-01-preview' = { location: location properties: { administratorLogin: 'mradministrator' - administratorLoginPassword: '${administratorLoginPassword}' + administratorLoginPassword: administratorLoginPassword minimalTlsVersion: '1.2' publicNetworkAccess: 'Enabled' restrictOutboundNetworkAccess: 'Disabled' diff --git a/settings/remarks/microsoft.sql/samples/servers/virtualnetworkrules/main.bicep b/settings/remarks/microsoft.sql/samples/servers/virtualnetworkrules/main.bicep index c0f0b60c..87ae21f8 100644 --- a/settings/remarks/microsoft.sql/samples/servers/virtualnetworkrules/main.bicep +++ b/settings/remarks/microsoft.sql/samples/servers/virtualnetworkrules/main.bicep @@ -1,21 +1,8 @@ -param location string = 'westeurope' @secure() @description('The administrator password for the SQL server') param sqlAdministratorPassword string param resourceName string = 'acctest0001' - -resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { - name: resourceName - location: location - properties: { - administratorLoginPassword: '${sqlAdministratorPassword}' - minimalTlsVersion: '1.2' - publicNetworkAccess: 'Enabled' - restrictOutboundNetworkAccess: 'Disabled' - version: '12.0' - administratorLogin: 'missadmin' - } -} +param location string = 'westeurope' resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName @@ -37,16 +24,29 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: resourceName parent: virtualNetwork properties: { + addressPrefix: '10.7.28.0/25' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] serviceEndpoints: [ { service: 'Microsoft.Sql' } ] - addressPrefix: '10.7.28.0/25' - delegations: [] - privateEndpointNetworkPolicies: 'Enabled' - privateLinkServiceNetworkPolicies: 'Enabled' + } +} + +resource server 'Microsoft.Sql/servers@2021-02-01-preview' = { + name: resourceName + location: location + properties: { + administratorLogin: 'missadmin' + administratorLoginPassword: sqlAdministratorPassword + minimalTlsVersion: '1.2' + publicNetworkAccess: 'Enabled' + restrictOutboundNetworkAccess: 'Disabled' + version: '12.0' } } diff --git a/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachinegroups/main.bicep b/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachinegroups/main.bicep index 093e3697..386b1a28 100644 --- a/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachinegroups/main.bicep +++ b/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachinegroups/main.bicep @@ -8,14 +8,14 @@ resource sqlVirtualMachineGroup 'Microsoft.SqlVirtualMachine/sqlVirtualMachineGr sqlImageOffer: 'SQL2017-WS2016' sqlImageSku: 'Developer' wsfcDomainProfile: { - clusterOperatorAccount: '' - ouPath: '' - sqlServiceAccount: '' - storageAccountUrl: '' clusterBootstrapAccount: '' + clusterOperatorAccount: '' clusterSubnetType: 'SingleSubnet' domainFqdn: 'testdomain.com' + ouPath: '' + sqlServiceAccount: '' storageAccountPrimaryKey: '' + storageAccountUrl: '' } } } diff --git a/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/basic/main.bicep b/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/basic/main.bicep index fdf94dcd..55b692e7 100644 --- a/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/basic/main.bicep +++ b/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/basic/main.bicep @@ -4,62 +4,6 @@ param location string = 'westeurope' param vmAdminPassword string param resourceName string = 'acctest0001' -resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { - name: resourceName - location: 'azapi_resource.resourceGroup.location' - properties: { - disableTcpStateTracking: false - dnsSettings: { - dnsServers: [] - } - ipConfigurations: [ - { - properties: { - primary: true - privateIPAddress: '10.0.0.4' - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - publicIPAddress: {} - subnet: {} - } - type: 'Microsoft.Network/networkInterfaces/ipConfigurations' - name: 'testconfiguration1' - } - ] - nicType: 'Standard' - auxiliaryMode: 'None' - enableAcceleratedNetworking: false - enableIPForwarding: false - auxiliarySku: 'None' - } -} - -resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2024-05-01' = { - name: resourceName - location: 'azapi_resource.resourceGroup.location' - properties: { - securityRules: [ - { - name: 'MSSQLRule' - properties: { - access: 'Allow' - destinationPortRange: '1433' - priority: 1001 - protocol: 'Tcp' - sourceAddressPrefixes: [] - sourcePortRange: '*' - sourcePortRanges: [] - destinationAddressPrefix: '*' - destinationAddressPrefixes: [] - destinationPortRanges: [] - direction: 'Inbound' - sourceAddressPrefix: '167.220.255.0/25' - } - } - ] - } -} - resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = { name: resourceName location: 'azapi_resource.resourceGroup.location' @@ -82,12 +26,13 @@ resource sqlvirtualMachine 'Microsoft.SqlVirtualMachine/sqlVirtualMachines@2023- name: 'azapi_resource.virtualMachine.name' location: 'azapi_resource.virtualMachine.location' properties: { - sqlManagement: 'Full' sqlServerLicenseType: 'PAYG' + virtualMachineResourceId: virtualMachine.id enableAutomaticUpgrade: true leastPrivilegeMode: 'Enabled' sqlImageOffer: 'SQL2017-WS2016' sqlImageSku: 'Developer' + sqlManagement: 'Full' } } @@ -96,40 +41,40 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-07-01' = { location: 'azapi_resource.resourceGroup.location' properties: { osProfile: { + adminUsername: 'testadmin' + adminPassword: vmAdminPassword + allowExtensionOperations: true computerName: 'winhost01' secrets: [] windowsConfiguration: { + timeZone: 'Pacific Standard Time' enableAutomaticUpdates: true patchSettings: { patchMode: 'AutomaticByOS' assessmentMode: 'ImageDefault' } provisionVMAgent: true - timeZone: 'Pacific Standard Time' } - adminUsername: 'testadmin' - adminPassword: vmAdminPassword - allowExtensionOperations: true } storageProfile: { + dataDisks: [] + imageReference: { + offer: 'SQL2017-WS2016' + publisher: 'MicrosoftSQLServer' + sku: 'SQLDEV' + version: 'latest' + } osDisk: { - name: 'acctvm-250116171212663925OSDisk' - writeAcceleratorEnabled: false - deleteOption: 'Detach' diskSizeGB: 127 managedDisk: { storageAccountType: 'Premium_LRS' } + name: 'acctvm-250116171212663925OSDisk' osType: 'Windows' + writeAcceleratorEnabled: false caching: 'ReadOnly' createOption: 'FromImage' - } - dataDisks: [] - imageReference: { - sku: 'SQLDEV' - version: 'latest' - offer: 'SQL2017-WS2016' - publisher: 'MicrosoftSQLServer' + deleteOption: 'Detach' } } hardwareProfile: { @@ -170,3 +115,63 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { } } } + +resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { + name: resourceName + location: 'azapi_resource.resourceGroup.location' + properties: { + disableTcpStateTracking: false + dnsSettings: { + dnsServers: [] + } + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + type: 'Microsoft.Network/networkInterfaces/ipConfigurations' + name: 'testconfiguration1' + properties: { + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + publicIPAddress: { + id: publicIPAddress.id + } + subnet: { + id: subnet.id + } + primary: true + privateIPAddress: '10.0.0.4' + } + } + ] + nicType: 'Standard' + auxiliaryMode: 'None' + auxiliarySku: 'None' + } +} + +resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2024-05-01' = { + name: resourceName + location: 'azapi_resource.resourceGroup.location' + properties: { + securityRules: [ + { + name: 'MSSQLRule' + properties: { + access: 'Allow' + destinationAddressPrefix: '*' + destinationAddressPrefixes: [] + destinationPortRange: '1433' + destinationPortRanges: [] + direction: 'Inbound' + priority: 1001 + protocol: 'Tcp' + sourceAddressPrefix: '167.220.255.0/25' + sourceAddressPrefixes: [] + sourcePortRange: '*' + sourcePortRanges: [] + } + } + ] + } +} diff --git a/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/sqlbestpracticesassessment/main.bicep b/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/sqlbestpracticesassessment/main.bicep index affbf7b1..0276f199 100644 --- a/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/sqlbestpracticesassessment/main.bicep +++ b/settings/remarks/microsoft.sqlvirtualmachine/samples/sqlvirtualmachines/sqlbestpracticesassessment/main.bicep @@ -27,6 +27,50 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { } } +resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2024-05-01' = { + name: resourceName + location: 'azapi_resource.resourceGroup.location' + properties: { + securityRules: [ + { + name: 'MSSQLRule' + properties: { + access: 'Allow' + destinationAddressPrefix: '*' + destinationAddressPrefixes: [] + destinationPortRange: '1433' + destinationPortRanges: [] + direction: 'Inbound' + priority: 1001 + protocol: 'Tcp' + sourceAddressPrefix: '167.220.255.0/25' + sourceAddressPrefixes: [] + sourcePortRange: '*' + sourcePortRanges: [] + } + } + ] + } +} + +resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = { + name: resourceName + location: 'azapi_resource.resourceGroup.location' + sku: { + name: 'Basic' + tier: 'Regional' + } + properties: { + ddosSettings: { + protectionMode: 'VirtualNetworkInherited' + } + idleTimeoutInMinutes: 4 + ipTags: [] + publicIPAddressVersion: 'IPv4' + publicIPAllocationMethod: 'Dynamic' + } +} + resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-07-01' = { name: resourceName location: 'azapi_resource.resourceGroup.location' @@ -56,16 +100,16 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-07-01' = { version: 'latest' } osDisk: { + diskSizeGB: 127 managedDisk: { storageAccountType: 'Premium_LRS' } name: 'acctvm-250116171212663925OSDisk' - caching: 'ReadOnly' - deleteOption: 'Detach' - diskSizeGB: 127 osType: 'Windows' writeAcceleratorEnabled: false + caching: 'ReadOnly' createOption: 'FromImage' + deleteOption: 'Detach' } } hardwareProfile: { @@ -84,41 +128,17 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-07-01' = { } } -resource dataCollectionRuleAssociation 'Microsoft.Insights/dataCollectionRuleAssociations@2022-06-01' = { - name: 'azapi_resource.workspace.output.properties.customerId_azapi_resource.resourceGroup.location_DCRA_1' - scope: virtualMachine - properties: { - dataCollectionRuleId: dataCollectionRule.id - } -} - -resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { - name: resourceName - location: 'azapi_resource.resourceGroup.location' +resource extension 'Microsoft.Compute/virtualMachines/extensions@2024-07-01' = { + name: 'AzureMonitorWindowsAgent' + location: 'westeurope' + parent: virtualMachine properties: { - dnsSettings: { - dnsServers: [] - } - enableAcceleratedNetworking: false - ipConfigurations: [ - { - properties: { - subnet: {} - primary: true - privateIPAddress: '10.0.0.4' - privateIPAddressVersion: 'IPv4' - privateIPAllocationMethod: 'Dynamic' - publicIPAddress: {} - } - type: 'Microsoft.Network/networkInterfaces/ipConfigurations' - name: 'testconfiguration1' - } - ] - disableTcpStateTracking: false - enableIPForwarding: false - nicType: 'Standard' - auxiliaryMode: 'None' - auxiliarySku: 'None' + autoUpgradeMinorVersion: true + enableAutomaticUpgrade: true + publisher: 'Microsoft.Azure.Monitor' + suppressFailures: false + type: 'AzureMonitorWindowsAgent' + typeHandlerVersion: '1.0' } } @@ -181,6 +201,21 @@ resource dataCollectionRule 'Microsoft.Insights/dataCollectionRules@2022-06-01' table ] properties: { + streamDeclarations: { + 'Custom-SqlAssessment_CL': { + columns: [ + { + name: 'TimeGenerated' + type: 'datetime' + } + { + type: 'string' + name: 'RawData' + } + ] + } + } + dataCollectionEndpointId: dataCollectionEndpoint.id dataFlows: [ { outputStream: 'Custom-SqlAssessment_CL' @@ -188,7 +223,9 @@ resource dataCollectionRule 'Microsoft.Insights/dataCollectionRules@2022-06-01' 'Custom-SqlAssessment_CL' ] transformKql: 'source' - destinations: [] + destinations: [ + workspace.name + ] } ] dataSources: { @@ -213,82 +250,54 @@ resource dataCollectionRule 'Microsoft.Insights/dataCollectionRules@2022-06-01' description: '' destinations: { logAnalytics: [ - {} + { + name: workspace.name + workspaceResourceId: workspace.id + } ] } - streamDeclarations: { - 'Custom-SqlAssessment_CL': { - columns: [ - { - name: 'TimeGenerated' - type: 'datetime' - } - { - type: 'string' - name: 'RawData' - } - ] - } - } - dataCollectionEndpointId: dataCollectionEndpoint.id } } -resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2024-05-01' = { - name: resourceName - location: 'azapi_resource.resourceGroup.location' +resource dataCollectionRuleAssociation 'Microsoft.Insights/dataCollectionRuleAssociations@2022-06-01' = { + name: 'azapi_resource.workspace.output.properties.customerId_azapi_resource.resourceGroup.location_DCRA_1' + scope: virtualMachine properties: { - securityRules: [ - { - name: 'MSSQLRule' - properties: { - destinationPortRange: '1433' - priority: 1001 - sourceAddressPrefix: '167.220.255.0/25' - sourcePortRange: '*' - access: 'Allow' - destinationAddressPrefixes: [] - destinationPortRanges: [] - direction: 'Inbound' - protocol: 'Tcp' - sourceAddressPrefixes: [] - sourcePortRanges: [] - destinationAddressPrefix: '*' - } - } - ] + dataCollectionRuleId: dataCollectionRule.id } } -resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = { +resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = { name: resourceName location: 'azapi_resource.resourceGroup.location' - sku: { - name: 'Basic' - tier: 'Regional' - } properties: { - ddosSettings: { - protectionMode: 'VirtualNetworkInherited' + disableTcpStateTracking: false + dnsSettings: { + dnsServers: [] } - idleTimeoutInMinutes: 4 - ipTags: [] - publicIPAddressVersion: 'IPv4' - publicIPAllocationMethod: 'Dynamic' - } -} - -resource extension 'Microsoft.Compute/virtualMachines/extensions@2024-07-01' = { - name: 'AzureMonitorWindowsAgent' - location: 'westeurope' - parent: virtualMachine - properties: { - suppressFailures: false - type: 'AzureMonitorWindowsAgent' - typeHandlerVersion: '1.0' - autoUpgradeMinorVersion: true - enableAutomaticUpgrade: true - publisher: 'Microsoft.Azure.Monitor' + enableAcceleratedNetworking: false + enableIPForwarding: false + ipConfigurations: [ + { + type: 'Microsoft.Network/networkInterfaces/ipConfigurations' + name: 'testconfiguration1' + properties: { + privateIPAddressVersion: 'IPv4' + privateIPAllocationMethod: 'Dynamic' + publicIPAddress: { + id: publicIPAddress.id + } + subnet: { + id: subnet.id + } + primary: true + privateIPAddress: '10.0.0.4' + } + } + ] + nicType: 'Standard' + auxiliaryMode: 'None' + auxiliarySku: 'None' } } @@ -300,6 +309,11 @@ resource sqlvirtualMachine 'Microsoft.SqlVirtualMachine/sqlVirtualMachines@2023- extension ] properties: { + sqlServerLicenseType: 'PAYG' + virtualMachineResourceId: virtualMachine.id + enableAutomaticUpgrade: true + leastPrivilegeMode: 'Enabled' + sqlImageOffer: 'SQL2017-WS2016' sqlImageSku: 'Developer' sqlManagement: 'Full' assessmentSettings: { @@ -312,9 +326,5 @@ resource sqlvirtualMachine 'Microsoft.SqlVirtualMachine/sqlVirtualMachines@2023- weeklyInterval: 1 } } - sqlServerLicenseType: 'PAYG' - enableAutomaticUpgrade: true - leastPrivilegeMode: 'Enabled' - sqlImageOffer: 'SQL2017-WS2016' } } diff --git a/settings/remarks/microsoft.standbypool/samples/standbycontainergrouppools/basic/main.bicep b/settings/remarks/microsoft.standbypool/samples/standbycontainergrouppools/basic/main.bicep index 4ac3b4cd..4382bb32 100644 --- a/settings/remarks/microsoft.standbypool/samples/standbycontainergrouppools/basic/main.bicep +++ b/settings/remarks/microsoft.standbypool/samples/standbycontainergrouppools/basic/main.bicep @@ -1,44 +1,17 @@ param resourceName string = 'acctest0001' param location string = 'eastus' -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { - name: '${resourceName}-vnet' - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - subnets: [] - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { - name: '${resourceName}-subnet' - parent: virtualNetwork - properties: { - privateEndpointNetworkPolicies: 'Enabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] - addressPrefix: '10.0.2.0/24' - delegations: [] - } -} - resource containerGroupProfile 'Microsoft.ContainerInstance/containerGroupProfiles@2024-05-01-preview' = { name: '${resourceName}-contianerGroup' location: location properties: { - sku: 'Standard' containers: [ { name: 'mycontainergroupprofile' properties: { + command: [] + environmentVariables: [] + image: 'mcr.microsoft.com/azuredocs/aci-helloworld:latest' ports: [ { port: 8000 @@ -50,9 +23,6 @@ resource containerGroupProfile 'Microsoft.ContainerInstance/containerGroupProfil memoryInGB: any('1.5') } } - command: [] - environmentVariables: [] - image: 'mcr.microsoft.com/azuredocs/aci-helloworld:latest' } } ] @@ -67,29 +37,61 @@ resource containerGroupProfile 'Microsoft.ContainerInstance/containerGroupProfil type: 'Public' } osType: 'Linux' + sku: 'Standard' } } resource standbyContainerGroupPool 'Microsoft.StandbyPool/standbyContainerGroupPools@2025-03-01' = { name: '${resourceName}-CGPool' properties: { - zones: [ - '1' - '2' - '3' - ] containerGroupProperties: { containerGroupProfile: { id: containerGroupProfile.id revision: 1 } subnetIds: [ - {} + { + id: subnet.id + } ] } elasticityProfile: { - refillPolicy: 'always' maxReadyCapacity: 5 + refillPolicy: 'always' + } + zones: [ + '1' + '2' + '3' + ] + } +} + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { + name: '${resourceName}-vnet' + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] } + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { + name: '${resourceName}-subnet' + parent: virtualNetwork + properties: { + addressPrefix: '10.0.2.0/24' + delegations: [] + privateEndpointNetworkPolicies: 'Enabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/basic/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/basic/main.bicep index a893d66e..0adb63db 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/basic/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/basic/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName @@ -9,15 +9,9 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { + accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: true - isHnsEnabled: false - isSftpEnabled: false - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true allowSharedKeyAccess: true defaultToOAuthAuthentication: false encryption: { @@ -31,8 +25,14 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } + isHnsEnabled: false isNfsV3Enabled: false + isSftpEnabled: false minimumTlsVersion: 'TLS1_2' - accessTier: 'Hot' + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true } } diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/containers/immutabilitypolicies/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/containers/immutabilitypolicies/main.bicep index 8bf8ac41..d6a97bd0 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/containers/immutabilitypolicies/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/containers/immutabilitypolicies/main.bicep @@ -6,6 +6,15 @@ resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' parent: storageAccount } +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_LRS' + } + properties: {} +} + resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { name: resourceName parent: blobService @@ -24,12 +33,3 @@ resource immutabilityPolicy 'Microsoft.Storage/storageAccounts/blobServices/cont immutabilityPeriodSinceCreationInDays: 4 } } - -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - sku: { - name: 'Standard_LRS' - } - properties: {} -} diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/main.bicep index 530e54d4..0268ab66 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/blobservices/main.bicep @@ -9,8 +9,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { + accessTier: 'Hot' + allowBlobPublicAccess: true allowCrossTenantReplication: true allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -23,17 +26,14 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' - accessTier: 'Hot' - defaultToOAuthAuthentication: false - isNfsV3Enabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' supportsHttpsTrafficOnly: true - allowBlobPublicAccess: true } } @@ -41,12 +41,6 @@ resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2021-09-01' name: 'default' parent: storageAccount properties: { - lastAccessTimeTrackingPolicy: { - enable: false - } - restorePolicy: { - enabled: false - } changeFeed: { enabled: true } @@ -58,5 +52,11 @@ resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2021-09-01' enabled: false } isVersioningEnabled: true + lastAccessTimeTrackingPolicy: { + enable: false + } + restorePolicy: { + enabled: false + } } } diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/encryptionscopes/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/encryptionscopes/main.bicep index f109f86b..7197c7b9 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/encryptionscopes/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/encryptionscopes/main.bicep @@ -12,9 +12,9 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: false + allowSharedKeyAccess: true defaultToOAuthAuthentication: false - minimumTlsVersion: 'TLS1_2' - supportsHttpsTrafficOnly: true + dnsEndpointType: 'Standard' encryption: { keySource: 'Microsoft.Storage' services: { @@ -28,18 +28,18 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } isHnsEnabled: false isLocalUserEnabled: true + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' networkAcls: { - resourceAccessRules: [] - virtualNetworkRules: [] bypass: 'AzureServices' defaultAction: 'Allow' ipRules: [] + resourceAccessRules: [] + virtualNetworkRules: [] } publicNetworkAccess: 'Enabled' - allowSharedKeyAccess: true - dnsEndpointType: 'Standard' - isNfsV3Enabled: false - isSftpEnabled: false + supportsHttpsTrafficOnly: true } } @@ -50,15 +50,11 @@ resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { storageAccount ] properties: { - createMode: 'default' - enableRbacAuthorization: false - enableSoftDelete: true - enabledForDiskEncryption: false - publicNetworkAccess: 'Enabled' - tenantId: tenant().tenantId accessPolicies: [ { + objectId: deployer().objectId permissions: { + certificates: [] keys: [ 'Get' 'Create' @@ -77,12 +73,11 @@ resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { ] secrets: [] storage: [] - certificates: [] } tenantId: tenant().tenantId - objectId: deployer().objectId } { + objectId: storageAccount.identity.principalId permissions: { certificates: [] keys: [ @@ -94,16 +89,21 @@ resource vault 'Microsoft.KeyVault/vaults@2023-02-01' = { storage: [] } tenantId: tenant().tenantId - objectId: storageAccount.identity.principalId } ] + createMode: 'default' enablePurgeProtection: true + enableRbacAuthorization: false + enableSoftDelete: true enabledForDeployment: false + enabledForDiskEncryption: false enabledForTemplateDeployment: false + publicNetworkAccess: 'Enabled' sku: { family: 'A' name: 'standard' } + tenantId: tenant().tenantId } } @@ -114,7 +114,9 @@ resource encryptionScope 'Microsoft.Storage/storageAccounts/encryptionScopes@202 vault ] properties: { - keyVaultProperties: {} + keyVaultProperties: { + keyUri: key.properties.keyUriWithVersion + } source: 'Microsoft.KeyVault' state: 'Enabled' } diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/fileservices/shares/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/fileservices/shares/main.bicep index 399462b2..78323224 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/fileservices/shares/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/fileservices/shares/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource fileService 'Microsoft.Storage/storageAccounts/fileServices@2022-09-01' existing = { name: 'default' diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/localusers/basic/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/localusers/basic/main.bicep index 828bbddc..b4f53114 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/localusers/basic/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/localusers/basic/main.bicep @@ -9,11 +9,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { - isHnsEnabled: false - isNfsV3Enabled: false - minimumTlsVersion: 'TLS1_2' - supportsHttpsTrafficOnly: true + accessTier: 'Hot' allowBlobPublicAccess: true + allowCrossTenantReplication: true + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -25,15 +25,15 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } + isHnsEnabled: false + isNfsV3Enabled: false isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' - accessTier: 'Hot' - allowCrossTenantReplication: true - allowSharedKeyAccess: true - defaultToOAuthAuthentication: false + supportsHttpsTrafficOnly: true } } @@ -41,16 +41,16 @@ resource localUser 'Microsoft.Storage/storageAccounts/localUsers@2021-09-01' = { name: resourceName parent: storageAccount properties: { + hasSharedKey: true + hasSshKey: false hasSshPassword: false homeDirectory: 'containername/' permissionScopes: [ { - service: 'blob' permissions: 'cwl' resourceName: 'containername' + service: 'blob' } ] - hasSharedKey: true - hasSshKey: false } } diff --git a/settings/remarks/microsoft.storage/samples/storageaccounts/managementpolicies/main.bicep b/settings/remarks/microsoft.storage/samples/storageaccounts/managementpolicies/main.bicep index b2045bed..087a741a 100644 --- a/settings/remarks/microsoft.storage/samples/storageaccounts/managementpolicies/main.bicep +++ b/settings/remarks/microsoft.storage/samples/storageaccounts/managementpolicies/main.bicep @@ -9,20 +9,13 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'BlobStorage' properties: { - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true accessTier: 'Hot' allowBlobPublicAccess: true allowCrossTenantReplication: true allowSharedKeyAccess: true defaultToOAuthAuthentication: false - isHnsEnabled: false - isNfsV3Enabled: false - isSftpEnabled: false encryption: { + keySource: 'Microsoft.Storage' services: { queue: { keyType: 'Service' @@ -31,9 +24,16 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { keyType: 'Service' } } - keySource: 'Microsoft.Storage' } + isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false minimumTlsVersion: 'TLS1_2' + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true } } @@ -44,7 +44,6 @@ resource managementPolicy 'Microsoft.Storage/storageAccounts/managementPolicies@ policy: { rules: [ { - type: 'Lifecycle' definition: { actions: { baseBlob: { @@ -75,6 +74,7 @@ resource managementPolicy 'Microsoft.Storage/storageAccounts/managementPolicies@ } enabled: true name: 'rule-1' + type: 'Lifecycle' } ] } diff --git a/settings/remarks/microsoft.storagecache/samples/amlfilesystems/main.bicep b/settings/remarks/microsoft.storagecache/samples/amlfilesystems/main.bicep index 83835bb3..565d7c1a 100644 --- a/settings/remarks/microsoft.storagecache/samples/amlfilesystems/main.bicep +++ b/settings/remarks/microsoft.storagecache/samples/amlfilesystems/main.bicep @@ -1,12 +1,26 @@ -param location string = 'westus' param resourceName string = 'acctest0001' +param location string = 'westus' + +resource amlFilesystem 'Microsoft.StorageCache/amlFilesystems@2024-07-01' = { + name: '${resourceName}-amlfs' + location: location + sku: { + name: 'AMLFS-Durable-Premium-250' + } + properties: { + filesystemSubnet: subnet.id + maintenanceWindow: { + dayOfWeek: 'Friday' + timeOfDayUTC: '22:00' + } + storageCapacityTiB: 8 + } +} resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { name: '${resourceName}-vnet' location: location properties: { - privateEndpointVNetPolicies: 'Disabled' - subnets: [] addressSpace: { addressPrefixes: [ '10.0.0.0/16' @@ -15,6 +29,8 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { dhcpOptions: { dnsServers: [] } + privateEndpointVNetPolicies: 'Disabled' + subnets: [] } } @@ -22,27 +38,12 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { name: '${resourceName}-subnet' parent: virtualNetwork properties: { - serviceEndpoints: [] addressPrefix: '10.0.2.0/24' defaultOutboundAccess: true delegations: [] privateEndpointNetworkPolicies: 'Disabled' privateLinkServiceNetworkPolicies: 'Enabled' serviceEndpointPolicies: [] - } -} - -resource amlFilesystem 'Microsoft.StorageCache/amlFilesystems@2024-07-01' = { - name: '${resourceName}-amlfs' - location: location - sku: { - name: 'AMLFS-Durable-Premium-250' - } - properties: { - maintenanceWindow: { - dayOfWeek: 'Friday' - timeOfDayUTC: '22:00' - } - storageCapacityTiB: 8 + serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.storagecache/samples/caches/main.bicep b/settings/remarks/microsoft.storagecache/samples/caches/main.bicep index 2e65192d..6d0963a7 100644 --- a/settings/remarks/microsoft.storagecache/samples/caches/main.bicep +++ b/settings/remarks/microsoft.storagecache/samples/caches/main.bicep @@ -1,6 +1,22 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource cach 'Microsoft.StorageCache/caches@2023-01-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_2G' + } + properties: { + cacheSizeGB: 3072 + networkSettings: { + mtu: 1500 + ntpServer: 'time.windows.com' + } + subnet: subnet.id + } +} + resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = { name: resourceName location: location @@ -21,26 +37,11 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-07-01' = { name: resourceName parent: virtualNetwork properties: { - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] addressPrefix: '10.0.2.0/24' delegations: [] privateEndpointNetworkPolicies: 'Enabled' - } -} - -resource cach 'Microsoft.StorageCache/caches@2023-01-01' = { - name: resourceName - location: location - sku: { - name: 'Standard_2G' - } - properties: { - networkSettings: { - mtu: 1500 - ntpServer: 'time.windows.com' - } - cacheSizeGB: 3072 + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } diff --git a/settings/remarks/microsoft.storagemover/samples/storagemovers/endpoints/main.bicep b/settings/remarks/microsoft.storagemover/samples/storagemovers/endpoints/main.bicep index 586d5994..a7979520 100644 --- a/settings/remarks/microsoft.storagemover/samples/storagemovers/endpoints/main.bicep +++ b/settings/remarks/microsoft.storagemover/samples/storagemovers/endpoints/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'eastus' +param resourceName string = 'acctest0001' resource storageMover 'Microsoft.StorageMover/storageMovers@2023-03-01' = { name: resourceName diff --git a/settings/remarks/microsoft.storagemover/samples/storagemovers/main.bicep b/settings/remarks/microsoft.storagemover/samples/storagemovers/main.bicep index 1fdd4632..377c47f9 100644 --- a/settings/remarks/microsoft.storagemover/samples/storagemovers/main.bicep +++ b/settings/remarks/microsoft.storagemover/samples/storagemovers/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'eastus' +param resourceName string = 'acctest0001' resource storageMover 'Microsoft.StorageMover/storageMovers@2023-03-01' = { name: resourceName diff --git a/settings/remarks/microsoft.storagemover/samples/storagemovers/projects/main.bicep b/settings/remarks/microsoft.storagemover/samples/storagemovers/projects/main.bicep index 58772540..3205bffa 100644 --- a/settings/remarks/microsoft.storagemover/samples/storagemovers/projects/main.bicep +++ b/settings/remarks/microsoft.storagemover/samples/storagemovers/projects/main.bicep @@ -1,5 +1,5 @@ -param location string = 'eastus' param resourceName string = 'acctest0001' +param location string = 'eastus' resource storageMover 'Microsoft.StorageMover/storageMovers@2023-03-01' = { name: resourceName diff --git a/settings/remarks/microsoft.storagesync/samples/storagesyncservices/syncgroups/main.bicep b/settings/remarks/microsoft.storagesync/samples/storagesyncservices/syncgroups/main.bicep index 58353ad4..d1000e90 100644 --- a/settings/remarks/microsoft.storagesync/samples/storagesyncservices/syncgroups/main.bicep +++ b/settings/remarks/microsoft.storagesync/samples/storagesyncservices/syncgroups/main.bicep @@ -1,5 +1,5 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource storageSyncService 'Microsoft.StorageSync/storageSyncServices@2020-03-01' = { name: resourceName diff --git a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/functions/main.bicep b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/functions/main.bicep index 485e81d0..b8de2145 100644 --- a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/functions/main.bicep +++ b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/functions/main.bicep @@ -5,28 +5,28 @@ resource streamingJob 'Microsoft.StreamAnalytics/streamingJobs@2020-03-01' = { name: resourceName location: location properties: { - transformation: { - name: 'main' - properties: { - query: ''' SELECT * - INTO [YourOutputAlias] - FROM [YourInputAlias] -''' - streamingUnits: 3 - } - } cluster: {} compatibilityLevel: '1.0' contentStoragePolicy: 'SystemAccount' - eventsOutOfOrderMaxDelayInSeconds: 50 - outputErrorPolicy: 'Drop' dataLocale: 'en-GB' eventsLateArrivalMaxDelayInSeconds: 60 + eventsOutOfOrderMaxDelayInSeconds: 50 eventsOutOfOrderPolicy: 'Adjust' jobType: 'Cloud' + outputErrorPolicy: 'Drop' sku: { name: 'Standard' } + transformation: { + name: 'main' + properties: { + query: ''' SELECT * + INTO [YourOutputAlias] + FROM [YourInputAlias] +''' + streamingUnits: 3 + } + } } } diff --git a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/inputs/main.bicep b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/inputs/main.bicep index 26a40090..deee29cd 100644 --- a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/inputs/main.bicep +++ b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/inputs/main.bicep @@ -1,22 +1,47 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { + name: resourceName + location: location + sku: { + capacity: 1 + name: 'S1' + } + properties: { + cloudToDevice: {} + enableFileUploadNotifications: false + messagingEndpoints: {} + routing: { + fallbackRoute: { + condition: 'true' + endpointNames: [ + 'events' + ] + isEnabled: true + source: 'DeviceMessages' + } + } + storageEndpoints: {} + } +} + resource streamingJob 'Microsoft.StreamAnalytics/streamingJobs@2020-03-01' = { name: resourceName location: location properties: { cluster: {} compatibilityLevel: '1.0' + contentStoragePolicy: 'SystemAccount' dataLocale: 'en-GB' eventsLateArrivalMaxDelayInSeconds: 60 eventsOutOfOrderMaxDelayInSeconds: 50 eventsOutOfOrderPolicy: 'Adjust' + jobType: 'Cloud' outputErrorPolicy: 'Drop' sku: { name: 'Standard' } - contentStoragePolicy: 'SystemAccount' - jobType: 'Cloud' transformation: { name: 'main' properties: { @@ -51,28 +76,3 @@ resource input 'Microsoft.StreamAnalytics/streamingJobs/inputs@2020-03-01' = { type: 'Stream' } } - -resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { - name: resourceName - location: location - sku: { - capacity: 1 - name: 'S1' - } - properties: { - routing: { - fallbackRoute: { - endpointNames: [ - 'events' - ] - isEnabled: true - source: 'DeviceMessages' - condition: 'true' - } - } - storageEndpoints: {} - cloudToDevice: {} - enableFileUploadNotifications: false - messagingEndpoints: {} - } -} diff --git a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/main.bicep b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/main.bicep index 0b564dec..d84d889c 100644 --- a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/main.bicep +++ b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/main.bicep @@ -5,7 +5,14 @@ resource streamingJob 'Microsoft.StreamAnalytics/streamingJobs@2020-03-01' = { name: resourceName location: location properties: { + cluster: {} + compatibilityLevel: '1.0' + contentStoragePolicy: 'SystemAccount' dataLocale: 'en-GB' + eventsLateArrivalMaxDelayInSeconds: 60 + eventsOutOfOrderMaxDelayInSeconds: 50 + eventsOutOfOrderPolicy: 'Adjust' + jobType: 'Cloud' outputErrorPolicy: 'Drop' sku: { name: 'Standard' @@ -20,12 +27,5 @@ resource streamingJob 'Microsoft.StreamAnalytics/streamingJobs@2020-03-01' = { streamingUnits: 3 } } - compatibilityLevel: '1.0' - contentStoragePolicy: 'SystemAccount' - eventsLateArrivalMaxDelayInSeconds: 60 - eventsOutOfOrderMaxDelayInSeconds: 50 - eventsOutOfOrderPolicy: 'Adjust' - jobType: 'Cloud' - cluster: {} } } diff --git a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/outputs/main.bicep b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/outputs/main.bicep index 643315ba..1ee75b68 100644 --- a/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/outputs/main.bicep +++ b/settings/remarks/microsoft.streamanalytics/samples/streamingjobs/outputs/main.bicep @@ -1,32 +1,68 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' -resource streamingJob 'Microsoft.StreamAnalytics/streamingJobs@2020-03-01' = { +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' properties: { - eventsOutOfOrderMaxDelayInSeconds: 50 - transformation: { - name: 'main' - properties: { - query: ''' SELECT * - INTO [YourOutputAlias] - FROM [YourInputAlias] -''' - streamingUnits: 3 + accessTier: 'Hot' + allowBlobPublicAccess: true + allowCrossTenantReplication: true + allowSharedKeyAccess: true + defaultToOAuthAuthentication: false + encryption: { + keySource: 'Microsoft.Storage' + services: { + queue: { + keyType: 'Service' + } + table: { + keyType: 'Service' + } } } + isHnsEnabled: false + isNfsV3Enabled: false + isSftpEnabled: false + minimumTlsVersion: 'TLS1_2' + networkAcls: { + defaultAction: 'Allow' + } + publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true + } +} + +resource streamingJob 'Microsoft.StreamAnalytics/streamingJobs@2020-03-01' = { + name: resourceName + location: location + properties: { cluster: {} compatibilityLevel: '1.0' contentStoragePolicy: 'SystemAccount' + dataLocale: 'en-GB' eventsLateArrivalMaxDelayInSeconds: 60 + eventsOutOfOrderMaxDelayInSeconds: 50 eventsOutOfOrderPolicy: 'Adjust' jobType: 'Cloud' outputErrorPolicy: 'Drop' sku: { name: 'Standard' } - dataLocale: 'en-GB' + transformation: { + name: 'main' + properties: { + query: ''' SELECT * + INTO [YourOutputAlias] + FROM [YourInputAlias] +''' + streamingUnits: 3 + } + } } } @@ -34,53 +70,16 @@ resource output 'Microsoft.StreamAnalytics/streamingJobs/outputs@2021-10-01-prev name: resourceName parent: streamingJob properties: { - serialization: null datasource: { properties: { + accountKey: storageAccount.listKeys().keys[0].value + accountName: storageAccount.name batchSize: 100 partitionKey: 'foo' rowKey: 'bar' table: 'foobar' - accountKey: storageAccount.listKeys().keys[0].value - accountName: storageAccount.name } type: 'Microsoft.Storage/Table' } } } - -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - sku: { - name: 'Standard_LRS' - } - kind: 'StorageV2' - properties: { - allowBlobPublicAccess: true - allowCrossTenantReplication: true - defaultToOAuthAuthentication: false - networkAcls: { - defaultAction: 'Allow' - } - publicNetworkAccess: 'Enabled' - supportsHttpsTrafficOnly: true - accessTier: 'Hot' - allowSharedKeyAccess: true - encryption: { - keySource: 'Microsoft.Storage' - services: { - queue: { - keyType: 'Service' - } - table: { - keyType: 'Service' - } - } - } - isHnsEnabled: false - isNfsV3Enabled: false - isSftpEnabled: false - minimumTlsVersion: 'TLS1_2' - } -} diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/azureadonlyauthentications/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/azureadonlyauthentications/main.bicep index 764a8af2..e223dbca 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/azureadonlyauthentications/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/azureadonlyauthentications/main.bicep @@ -15,13 +15,14 @@ resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { name: resourceName location: location properties: { - publicNetworkAccess: 'Enabled' - sqlAdministratorLogin: sqlAdministratorLogin - sqlAdministratorLoginPassword: sqlAdministratorLoginPassword defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs + filesystem: container.name } managedVirtualNetwork: '' + publicNetworkAccess: 'Enabled' + sqlAdministratorLogin: sqlAdministratorLogin + sqlAdministratorLoginPassword: sqlAdministratorLoginPassword } } diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/bigdatapools/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/bigdatapools/main.bicep index f2f22d6f..a144be99 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/bigdatapools/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/bigdatapools/main.bicep @@ -1,37 +1,28 @@ +@description('The SQL administrator login for the Synapse workspace') +param sqlAdministratorLogin string @secure() @description('The SQL administrator login password for the Synapse workspace') param sqlAdministratorLoginPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' -@description('The SQL administrator login for the Synapse workspace') -param sqlAdministratorLogin string resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { name: 'default' parent: storageAccount } -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - sku: { - name: 'Standard_LRS' - } - kind: 'StorageV2' - properties: {} -} - resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { name: resourceName location: location properties: { - sqlAdministratorLoginPassword: sqlAdministratorLoginPassword defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs + filesystem: container.name } managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' sqlAdministratorLogin: sqlAdministratorLogin + sqlAdministratorLoginPassword: sqlAdministratorLoginPassword } } @@ -40,26 +31,26 @@ resource bigDataPool 'Microsoft.Synapse/workspaces/bigDataPools@2021-06-01-previ location: location parent: workspace properties: { + autoPause: { + enabled: false + } + autoScale: { + enabled: false + } + cacheSize: 0 defaultSparkLogFolder: '/logs' dynamicExecutorAllocation: { - minExecutors: 0 enabled: false maxExecutors: 0 + minExecutors: 0 } + isComputeIsolationEnabled: false nodeCount: 3 nodeSize: 'Small' nodeSizeFamily: 'MemoryOptimized' - isComputeIsolationEnabled: false sessionLevelPackagesEnabled: false sparkEventsFolder: '/events' sparkVersion: '2.4' - autoPause: { - enabled: false - } - autoScale: { - enabled: false - } - cacheSize: 0 } } @@ -72,3 +63,13 @@ resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@20 } } } + +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + properties: {} +} diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/firewallrules/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/firewallrules/main.bicep index 5315008a..c28fadf5 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/firewallrules/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/firewallrules/main.bicep @@ -1,22 +1,43 @@ -param location string = 'westeurope' @description('The SQL administrator login for the Synapse workspace') param sqlAdministratorLogin string @secure() @description('The SQL administrator login password for the Synapse workspace') param sqlAdministratorLoginPassword string param resourceName string = 'acctest0001' +param location string = 'westeurope' resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { name: 'default' parent: storageAccount } +resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { + name: resourceName + parent: blobService + properties: { + metadata: { + key: 'value' + } + } +} + +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + properties: {} +} + resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { name: resourceName location: location properties: { defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs + filesystem: container.name } managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' @@ -33,23 +54,3 @@ resource firewallRule 'Microsoft.Synapse/workspaces/firewallRules@2021-06-01' = startIpAddress: '0.0.0.0' } } - -resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - name: resourceName - parent: blobService - properties: { - metadata: { - key: 'value' - } - } -} - -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - sku: { - name: 'Standard_LRS' - } - kind: 'StorageV2' - properties: {} -} diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/integrationruntimes/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/integrationruntimes/main.bicep index 28246e5a..ee013275 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/integrationruntimes/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/integrationruntimes/main.bicep @@ -11,17 +11,28 @@ resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' parent: storageAccount } +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + properties: {} +} + resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { name: resourceName location: location properties: { - publicNetworkAccess: 'Enabled' - sqlAdministratorLogin: sqlAdministratorLogin - sqlAdministratorLoginPassword: sqlAdministratorLoginPassword defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs + filesystem: container.name } managedVirtualNetwork: 'default' + publicNetworkAccess: 'Enabled' + sqlAdministratorLogin: sqlAdministratorLogin + sqlAdministratorLoginPassword: sqlAdministratorLoginPassword } } @@ -43,13 +54,3 @@ resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@20 } } } - -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - sku: { - name: 'Standard_LRS' - } - kind: 'StorageV2' - properties: {} -} diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/main.bicep index 070a8e49..7f948c3e 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/main.bicep @@ -11,17 +11,28 @@ resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' parent: storageAccount } +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: resourceName + location: location + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + properties: {} +} + resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { name: resourceName location: location properties: { - sqlAdministratorLoginPassword: sqlAdministratorLoginPassword defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs + filesystem: container.name } managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' sqlAdministratorLogin: sqlAdministratorLogin + sqlAdministratorLoginPassword: sqlAdministratorLoginPassword } } @@ -34,13 +45,3 @@ resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@20 } } } - -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { - name: resourceName - location: location - sku: { - name: 'Standard_LRS' - } - kind: 'StorageV2' - properties: {} -} diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/managedidentitysqlcontrolsettings/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/managedidentitysqlcontrolsettings/main.bicep index aed187c0..e15468fc 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/managedidentitysqlcontrolsettings/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/managedidentitysqlcontrolsettings/main.bicep @@ -1,10 +1,10 @@ -param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The SQL administrator login name for the Synapse workspace') param sqlAdministratorLogin string @secure() @description('The SQL administrator login password for the Synapse workspace') param sqlAdministratorLoginPassword string +param resourceName string = 'acctest0001' resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { name: 'default' @@ -37,6 +37,7 @@ resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { properties: { defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs + filesystem: container.name } managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/securityalertpolicies/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/securityalertpolicies/main.bicep index abc963de..82b2e0a9 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/securityalertpolicies/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/securityalertpolicies/main.bicep @@ -1,16 +1,26 @@ +param location string = 'westeurope' +@description('The SQL administrator login name for the Synapse workspace') +param sqlAdministratorLogin string @secure() @description('The SQL administrator login password for the Synapse workspace') param sqlAdministratorLoginPassword string param resourceName string = 'acctest0001' -param location string = 'westeurope' -@description('The SQL administrator login name for the Synapse workspace') -param sqlAdministratorLogin string resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { name: 'default' parent: storageAccount } +resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { + name: resourceName + parent: blobService + properties: { + metadata: { + key: 'value' + } + } +} + resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location @@ -27,6 +37,7 @@ resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { properties: { defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs + filesystem: container.name } managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' @@ -44,13 +55,3 @@ resource securityAlertPolicy 'Microsoft.Synapse/workspaces/securityAlertPolicies storageEndpoint: storageAccount.properties.primaryEndpoints.blob } } - -resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - name: resourceName - parent: blobService - properties: { - metadata: { - key: 'value' - } - } -} diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/main.bicep index 86f971a0..766e4766 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/main.bicep @@ -11,48 +11,49 @@ resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' parent: storageAccount } -resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { +resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { name: resourceName - parent: blobService + location: location properties: { - metadata: { - key: 'value' + defaultDataLakeStorage: { + accountUrl: storageAccount.properties.primaryEndpoints.dfs + filesystem: container.name } + managedVirtualNetwork: '' + publicNetworkAccess: 'Enabled' + sqlAdministratorLogin: sqlAdministratorLogin + sqlAdministratorLoginPassword: sqlAdministratorLoginPassword } } -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { +resource sqlPool 'Microsoft.Synapse/workspaces/sqlPools@2021-06-01' = { name: resourceName location: location + parent: workspace sku: { - name: 'Standard_LRS' + name: 'DW100c' + } + properties: { + createMode: 'Default' } - kind: 'StorageV2' - properties: {} } -resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { +resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { name: resourceName - location: location + parent: blobService properties: { - publicNetworkAccess: 'Enabled' - sqlAdministratorLogin: sqlAdministratorLogin - sqlAdministratorLoginPassword: sqlAdministratorLoginPassword - defaultDataLakeStorage: { - accountUrl: storageAccount.properties.primaryEndpoints.dfs + metadata: { + key: 'value' } - managedVirtualNetwork: '' } } -resource sqlPool 'Microsoft.Synapse/workspaces/sqlPools@2021-06-01' = { +resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { name: resourceName location: location - parent: workspace sku: { - name: 'DW100c' - } - properties: { - createMode: 'Default' + name: 'Standard_LRS' } + kind: 'StorageV2' + properties: {} } diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/vulnerabilityassessments/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/vulnerabilityassessments/main.bicep index 5c29a75c..8691fe46 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/vulnerabilityassessments/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/vulnerabilityassessments/main.bicep @@ -25,13 +25,14 @@ resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { name: resourceName location: location properties: { - sqlAdministratorLoginPassword: sqlAdministratorLoginPassword defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs + filesystem: container.name } managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' sqlAdministratorLogin: sqlAdministratorLogin + sqlAdministratorLoginPassword: sqlAdministratorLoginPassword } } diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/main.bicep index 9cd2219a..73b1db1d 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/main.bicep @@ -1,10 +1,10 @@ -@secure() -@description('The SQL administrator login password for the Synapse workspace') -param sqlAdministratorLoginPassword string param resourceName string = 'acctest0001' param location string = 'westeurope' @description('The SQL administrator login for the Synapse workspace') param sqlAdministratorLogin string +@secure() +@description('The SQL administrator login password for the Synapse workspace') +param sqlAdministratorLoginPassword string resource blobService 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' existing = { name: 'default' @@ -27,6 +27,7 @@ resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { properties: { defaultDataLakeStorage: { accountUrl: storageAccount.properties.primaryEndpoints.dfs + filesystem: container.name } managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' diff --git a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/workloadclassifiers/main.bicep b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/workloadclassifiers/main.bicep index d973c11b..9fbb2832 100644 --- a/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/workloadclassifiers/main.bicep +++ b/settings/remarks/microsoft.synapse/samples/workspaces/sqlpools/workloadgroups/workloadclassifiers/main.bicep @@ -15,13 +15,14 @@ resource workspace 'Microsoft.Synapse/workspaces@2021-06-01' = { name: resourceName location: location properties: { + defaultDataLakeStorage: { + accountUrl: storageAccount.properties.primaryEndpoints.dfs + filesystem: container.name + } managedVirtualNetwork: '' publicNetworkAccess: 'Enabled' sqlAdministratorLogin: sqlAdministratorLogin sqlAdministratorLoginPassword: sqlAdministratorLoginPassword - defaultDataLakeStorage: { - accountUrl: storageAccount.properties.primaryEndpoints.dfs - } } } @@ -37,25 +38,15 @@ resource sqlPool 'Microsoft.Synapse/workspaces/sqlPools@2021-06-01' = { } } -resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { - name: resourceName - parent: blobService - properties: { - metadata: { - key: 'value' - } - } -} - resource workloadGroup 'Microsoft.Synapse/workspaces/sqlPools/workloadGroups@2021-06-01' = { name: resourceName parent: sqlPool properties: { - minResourcePercent: 0 - minResourcePercentPerRequest: 3 importance: 'normal' maxResourcePercent: 100 maxResourcePercentPerRequest: 3 + minResourcePercent: 0 + minResourcePercentPerRequest: 3 } } @@ -76,3 +67,13 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { kind: 'StorageV2' properties: {} } + +resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = { + name: resourceName + parent: blobService + properties: { + metadata: { + key: 'value' + } + } +} diff --git a/settings/remarks/microsoft.timeseriesinsights/samples/environments/eventsources/main.bicep b/settings/remarks/microsoft.timeseriesinsights/samples/environments/eventsources/main.bicep index 2b154826..d983415d 100644 --- a/settings/remarks/microsoft.timeseriesinsights/samples/environments/eventsources/main.bicep +++ b/settings/remarks/microsoft.timeseriesinsights/samples/environments/eventsources/main.bicep @@ -1,6 +1,34 @@ param resourceName string = 'acctest0001' param location string = 'westeurope' +resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { + name: resourceName + location: location + sku: { + capacity: 1 + name: 'B1' + } + properties: { + cloudToDevice: {} + enableFileUploadNotifications: false + messagingEndpoints: {} + routing: { + fallbackRoute: { + condition: 'true' + endpointNames: [ + 'events' + ] + isEnabled: true + source: 'DeviceMessages' + } + } + storageEndpoints: {} + } + tags: { + purpose: 'testing' + } +} + resource environment 'Microsoft.TimeSeriesInsights/environments@2020-05-15' = { name: resourceName location: location @@ -11,6 +39,7 @@ resource environment 'Microsoft.TimeSeriesInsights/environments@2020-05-15' = { kind: 'Gen2' properties: { storageConfiguration: { + accountName: storageAccount.name managementKey: storageAccount.listKeys().keys[0].value } timeSeriesIdProperties: [ @@ -30,8 +59,11 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } kind: 'StorageV2' properties: { + accessTier: 'Hot' + allowBlobPublicAccess: true allowCrossTenantReplication: true allowSharedKeyAccess: true + defaultToOAuthAuthentication: false encryption: { keySource: 'Microsoft.Storage' services: { @@ -43,18 +75,15 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = { } } } + isHnsEnabled: false + isNfsV3Enabled: false isSftpEnabled: false minimumTlsVersion: 'TLS1_2' networkAcls: { defaultAction: 'Allow' } publicNetworkAccess: 'Enabled' - allowBlobPublicAccess: true - defaultToOAuthAuthentication: false - isHnsEnabled: false - isNfsV3Enabled: false supportsHttpsTrafficOnly: true - accessTier: 'Hot' } } @@ -64,39 +93,11 @@ resource eventSource 'Microsoft.TimeSeriesInsights/environments/eventSources@202 parent: environment kind: 'Microsoft.IoTHub' properties: { - sharedAccessKey: iotHub.listKeys().value[0].primaryKey - timestampPropertyName: '' consumerGroupName: 'test' eventSourceResourceId: iotHub.id iotHubName: iotHub.name keyName: 'iothubowner' - } -} - -resource iotHub 'Microsoft.Devices/IotHubs@2022-04-30-preview' = { - name: resourceName - location: location - sku: { - capacity: 1 - name: 'B1' - } - properties: { - cloudToDevice: {} - enableFileUploadNotifications: false - messagingEndpoints: {} - routing: { - fallbackRoute: { - condition: 'true' - endpointNames: [ - 'events' - ] - isEnabled: true - source: 'DeviceMessages' - } - } - storageEndpoints: {} - } - tags: { - purpose: 'testing' + sharedAccessKey: iotHub.listKeys().value[0].primaryKey + timestampPropertyName: '' } } diff --git a/settings/remarks/microsoft.timeseriesinsights/samples/environments/main.bicep b/settings/remarks/microsoft.timeseriesinsights/samples/environments/main.bicep index 08f2ef40..6f362691 100644 --- a/settings/remarks/microsoft.timeseriesinsights/samples/environments/main.bicep +++ b/settings/remarks/microsoft.timeseriesinsights/samples/environments/main.bicep @@ -5,8 +5,8 @@ resource environment 'Microsoft.TimeSeriesInsights/environments@2020-05-15' = { name: resourceName location: location sku: { - name: 'S1' capacity: 1 + name: 'S1' } kind: 'Gen1' properties: { diff --git a/settings/remarks/microsoft.timeseriesinsights/samples/environments/referencedatasets/main.bicep b/settings/remarks/microsoft.timeseriesinsights/samples/environments/referencedatasets/main.bicep index d3cdcd15..134b2573 100644 --- a/settings/remarks/microsoft.timeseriesinsights/samples/environments/referencedatasets/main.bicep +++ b/settings/remarks/microsoft.timeseriesinsights/samples/environments/referencedatasets/main.bicep @@ -20,12 +20,12 @@ resource referenceDataSet 'Microsoft.TimeSeriesInsights/environments/referenceDa location: location parent: environment properties: { + dataStringComparisonBehavior: 'Ordinal' keyProperties: [ { - type: 'String' name: 'keyProperty1' + type: 'String' } ] - dataStringComparisonBehavior: 'Ordinal' } } diff --git a/settings/remarks/microsoft.videoindexer/samples/accounts/main.bicep b/settings/remarks/microsoft.videoindexer/samples/accounts/main.bicep index d2c42689..5b870ee1 100644 --- a/settings/remarks/microsoft.videoindexer/samples/accounts/main.bicep +++ b/settings/remarks/microsoft.videoindexer/samples/accounts/main.bicep @@ -6,6 +6,7 @@ resource account 'Microsoft.VideoIndexer/accounts@2025-04-01' = { location: location properties: { storageServices: { + resourceId: storageAccount.id userAssignedIdentity: '' } } @@ -19,21 +20,12 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } kind: 'StorageV2' properties: { - minimumTlsVersion: 'TLS1_2' - networkAcls: { - bypass: 'AzureServices' - defaultAction: 'Allow' - ipRules: [] - resourceAccessRules: [] - virtualNetworkRules: [] - } accessTier: 'Hot' - allowSharedKeyAccess: true - dnsEndpointType: 'Standard' - isLocalUserEnabled: true + allowBlobPublicAccess: true allowCrossTenantReplication: false - isNfsV3Enabled: false + allowSharedKeyAccess: true defaultToOAuthAuthentication: false + dnsEndpointType: 'Standard' encryption: { keySource: 'Microsoft.Storage' services: { @@ -46,10 +38,19 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { } } isHnsEnabled: false + isLocalUserEnabled: true + isNfsV3Enabled: false isSftpEnabled: false - supportsHttpsTrafficOnly: true - allowBlobPublicAccess: true + minimumTlsVersion: 'TLS1_2' + networkAcls: { + bypass: 'AzureServices' + defaultAction: 'Allow' + ipRules: [] + resourceAccessRules: [] + virtualNetworkRules: [] + } publicNetworkAccess: 'Enabled' + supportsHttpsTrafficOnly: true } } diff --git a/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/main.bicep b/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/main.bicep index ecf4b9b7..259c0806 100644 --- a/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/main.bicep +++ b/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/main.bicep @@ -5,7 +5,6 @@ resource communicationsGateway 'Microsoft.VoiceServices/communicationsGateways@2 name: resourceName location: location properties: { - teamsVoicemailPilotNumber: '1234567890' autoGeneratedDomainNameLabelScope: 'NoReuse' codecs: [ 'PCMA' @@ -45,5 +44,6 @@ resource communicationsGateway 'Microsoft.VoiceServices/communicationsGateways@2 } } ] + teamsVoicemailPilotNumber: '1234567890' } } diff --git a/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/testlines/main.bicep b/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/testlines/main.bicep index 2c48e352..bb3bb382 100644 --- a/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/testlines/main.bicep +++ b/settings/remarks/microsoft.voiceservices/samples/communicationsgateways/testlines/main.bicep @@ -5,6 +5,12 @@ resource communicationsGateway 'Microsoft.VoiceServices/communicationsGateways@2 name: resourceName location: location properties: { + autoGeneratedDomainNameLabelScope: 'NoReuse' + codecs: [ + 'PCMA' + ] + connectivity: 'PublicAddress' + e911Type: 'Standard' platforms: [ 'OperatorConnect' ] @@ -39,12 +45,6 @@ resource communicationsGateway 'Microsoft.VoiceServices/communicationsGateways@2 } ] teamsVoicemailPilotNumber: '1234567890' - autoGeneratedDomainNameLabelScope: 'NoReuse' - codecs: [ - 'PCMA' - ] - connectivity: 'PublicAddress' - e911Type: 'Standard' } } diff --git a/settings/remarks/microsoft.web/samples/sites/config/main.bicep b/settings/remarks/microsoft.web/samples/sites/config/main.bicep index ec3bfea2..ede0aff4 100644 --- a/settings/remarks/microsoft.web/samples/sites/config/main.bicep +++ b/settings/remarks/microsoft.web/samples/sites/config/main.bicep @@ -1,50 +1,36 @@ param location string = 'westeurope' param resourceName string = 'acctest0001' -resource serverfarm 'Microsoft.Web/serverfarms@2022-09-01' = { - name: resourceName - location: location - sku: { - name: 'S1' - } - properties: { - zoneRedundant: false - hyperV: false - perSiteScaling: false - reserved: false - } -} - resource site 'Microsoft.Web/sites@2022-09-01' = { name: resourceName location: location properties: { clientAffinityEnabled: false + clientCertEnabled: false clientCertMode: 'Required' + enabled: true httpsOnly: false publicNetworkAccess: 'Enabled' + serverFarmId: serverfarm.id siteConfig: { + acrUseManagedIdentityCreds: false alwaysOn: true autoHealEnabled: false + ftpsState: 'Disabled' http20Enabled: false - remoteDebuggingEnabled: false + loadBalancing: 'LeastRequests' localMySqlEnabled: false managedPipelineMode: 'Integrated' minTlsVersion: '1.2' - scmIpSecurityRestrictionsUseMain: false - vnetRouteAllEnabled: false - webSocketsEnabled: false publicNetworkAccess: 'Enabled' - acrUseManagedIdentityCreds: false - ftpsState: 'Disabled' - loadBalancing: 'LeastRequests' + remoteDebuggingEnabled: false + scmIpSecurityRestrictionsUseMain: false scmMinTlsVersion: '1.2' use32BitWorkerProcess: true + vnetRouteAllEnabled: false + webSocketsEnabled: false windowsFxVersion: '' } - clientCertEnabled: false - enabled: true - serverFarmId: serverfarm.id vnetRouteAllEnabled: false } } @@ -54,3 +40,17 @@ resource config 'Microsoft.Web/sites/config@2022-09-01' = { parent: site properties: {} } + +resource serverfarm 'Microsoft.Web/serverfarms@2022-09-01' = { + name: resourceName + location: location + sku: { + name: 'S1' + } + properties: { + hyperV: false + perSiteScaling: false + reserved: false + zoneRedundant: false + } +} diff --git a/settings/remarks/microsoft.web/samples/sites/main.bicep b/settings/remarks/microsoft.web/samples/sites/main.bicep index 826bdab9..b263bcf3 100644 --- a/settings/remarks/microsoft.web/samples/sites/main.bicep +++ b/settings/remarks/microsoft.web/samples/sites/main.bicep @@ -19,32 +19,32 @@ resource site 'Microsoft.Web/sites@2022-09-01' = { name: resourceName location: location properties: { + clientAffinityEnabled: false clientCertEnabled: false clientCertMode: 'Required' enabled: true httpsOnly: false publicNetworkAccess: 'Enabled' - vnetRouteAllEnabled: false - clientAffinityEnabled: false serverFarmId: serverfarm.id siteConfig: { - windowsFxVersion: '' - scmMinTlsVersion: '1.2' acrUseManagedIdentityCreds: false alwaysOn: true + autoHealEnabled: false ftpsState: 'Disabled' http20Enabled: false loadBalancing: 'LeastRequests' localMySqlEnabled: false - minTlsVersion: '1.2' managedPipelineMode: 'Integrated' + minTlsVersion: '1.2' + publicNetworkAccess: 'Enabled' remoteDebuggingEnabled: false + scmIpSecurityRestrictionsUseMain: false + scmMinTlsVersion: '1.2' use32BitWorkerProcess: true vnetRouteAllEnabled: false webSocketsEnabled: false - scmIpSecurityRestrictionsUseMain: false - autoHealEnabled: false - publicNetworkAccess: 'Enabled' + windowsFxVersion: '' } + vnetRouteAllEnabled: false } } diff --git a/settings/remarks/microsoft.web/samples/sites/publiccertificates/main.bicep b/settings/remarks/microsoft.web/samples/sites/publiccertificates/main.bicep index 6e6d45c3..c1bd1e0b 100644 --- a/settings/remarks/microsoft.web/samples/sites/publiccertificates/main.bicep +++ b/settings/remarks/microsoft.web/samples/sites/publiccertificates/main.bicep @@ -5,10 +5,10 @@ resource serverfarm 'Microsoft.Web/serverfarms@2021-02-01' = { name: resourceName location: location sku: { + capacity: 1 name: 'S1' size: 'S1' tier: 'Standard' - capacity: 1 } kind: 'Windows' properties: { @@ -20,12 +20,12 @@ resource site 'Microsoft.Web/sites@2021-02-01' = { name: resourceName location: location properties: { - siteConfig: {} clientAffinityEnabled: false clientCertEnabled: false enabled: true httpsOnly: false serverFarmId: serverfarm.id + siteConfig: {} } } diff --git a/settings/remarks/microsoft.web/samples/sites/siteextensions/main.bicep b/settings/remarks/microsoft.web/samples/sites/siteextensions/main.bicep index 7e69e425..5860e8f5 100644 --- a/settings/remarks/microsoft.web/samples/sites/siteextensions/main.bicep +++ b/settings/remarks/microsoft.web/samples/sites/siteextensions/main.bicep @@ -2,37 +2,51 @@ param location string = 'westeurope' param resourceName string = 'acctest0001' param resourceSiteName string = 'acctestsite0001' +resource serverfarm 'Microsoft.Web/serverfarms@2022-09-01' = { + name: resourceName + location: location + sku: { + name: 'S1' + } + properties: { + hyperV: false + perSiteScaling: false + reserved: false + zoneRedundant: false + } +} + resource site 'Microsoft.Web/sites@2022-09-01' = { name: resourceSiteName location: location properties: { - publicNetworkAccess: 'Enabled' - serverFarmId: serverfarm.id clientAffinityEnabled: false clientCertEnabled: false + clientCertMode: 'Required' + enabled: true + httpsOnly: false + publicNetworkAccess: 'Enabled' + serverFarmId: serverfarm.id siteConfig: { acrUseManagedIdentityCreds: false + alwaysOn: true autoHealEnabled: false ftpsState: 'Disabled' http20Enabled: false - use32BitWorkerProcess: true loadBalancing: 'LeastRequests' + localMySqlEnabled: false managedPipelineMode: 'Integrated' minTlsVersion: '1.2' - webSocketsEnabled: false - windowsFxVersion: '' + publicNetworkAccess: 'Enabled' remoteDebuggingEnabled: false scmIpSecurityRestrictionsUseMain: false scmMinTlsVersion: '1.2' - alwaysOn: true - localMySqlEnabled: false - publicNetworkAccess: 'Enabled' + use32BitWorkerProcess: true vnetRouteAllEnabled: false + webSocketsEnabled: false + windowsFxVersion: '' } vnetRouteAllEnabled: false - clientCertMode: 'Required' - enabled: true - httpsOnly: false } } @@ -41,17 +55,3 @@ resource dynatraceSiteExtension 'Microsoft.Web/sites/siteextensions@2022-09-01' location: location parent: site } - -resource serverfarm 'Microsoft.Web/serverfarms@2022-09-01' = { - name: resourceName - location: location - sku: { - name: 'S1' - } - properties: { - hyperV: false - perSiteScaling: false - reserved: false - zoneRedundant: false - } -} diff --git a/settings/remarks/microsoft.web/samples/sites/slots/config/main.bicep b/settings/remarks/microsoft.web/samples/sites/slots/config/main.bicep index adba0877..53f92c69 100644 --- a/settings/remarks/microsoft.web/samples/sites/slots/config/main.bicep +++ b/settings/remarks/microsoft.web/samples/sites/slots/config/main.bicep @@ -22,30 +22,30 @@ resource site 'Microsoft.Web/sites@2022-09-01' = { clientAffinityEnabled: false clientCertEnabled: false clientCertMode: 'Required' + enabled: true httpsOnly: false + publicNetworkAccess: 'Enabled' serverFarmId: serverfarm.id siteConfig: { - ftpsState: 'Disabled' - minTlsVersion: '1.2' - publicNetworkAccess: 'Enabled' - webSocketsEnabled: false - windowsFxVersion: '' acrUseManagedIdentityCreds: false - http20Enabled: false - managedPipelineMode: 'Integrated' - remoteDebuggingEnabled: false - scmMinTlsVersion: '1.2' - use32BitWorkerProcess: true alwaysOn: true autoHealEnabled: false + ftpsState: 'Disabled' + http20Enabled: false loadBalancing: 'LeastRequests' localMySqlEnabled: false + managedPipelineMode: 'Integrated' + minTlsVersion: '1.2' + publicNetworkAccess: 'Enabled' + remoteDebuggingEnabled: false scmIpSecurityRestrictionsUseMain: false + scmMinTlsVersion: '1.2' + use32BitWorkerProcess: true vnetRouteAllEnabled: false + webSocketsEnabled: false + windowsFxVersion: '' } vnetRouteAllEnabled: false - enabled: true - publicNetworkAccess: 'Enabled' } } @@ -54,34 +54,34 @@ resource slot 'Microsoft.Web/sites/slots@2022-09-01' = { location: location parent: site properties: { - publicNetworkAccess: 'Enabled' - serverFarmId: serverfarm.id - vnetRouteAllEnabled: false clientAffinityEnabled: false + clientCertEnabled: false clientCertExclusionPaths: '' clientCertMode: 'Required' enabled: true httpsOnly: false + publicNetworkAccess: 'Enabled' + serverFarmId: serverfarm.id siteConfig: { acrUseManagedIdentityCreds: false + alwaysOn: true autoHealEnabled: false - loadBalancing: 'LeastRequests' - minTlsVersion: '1.2' ftpsState: 'Disabled' http20Enabled: false - vnetRouteAllEnabled: false + loadBalancing: 'LeastRequests' localMySqlEnabled: false + managedPipelineMode: 'Integrated' + minTlsVersion: '1.2' publicNetworkAccess: 'Enabled' remoteDebuggingEnabled: false scmIpSecurityRestrictionsUseMain: false scmMinTlsVersion: '1.2' use32BitWorkerProcess: false - alwaysOn: true - managedPipelineMode: 'Integrated' + vnetRouteAllEnabled: false webSocketsEnabled: false windowsFxVersion: '' } - clientCertEnabled: false + vnetRouteAllEnabled: false } } diff --git a/settings/remarks/microsoft.web/samples/sites/slots/main.bicep b/settings/remarks/microsoft.web/samples/sites/slots/main.bicep index c5ec42b8..adfa6f3f 100644 --- a/settings/remarks/microsoft.web/samples/sites/slots/main.bicep +++ b/settings/remarks/microsoft.web/samples/sites/slots/main.bicep @@ -1,5 +1,5 @@ -param location string = 'westeurope' param resourceName string = 'acctest0001' +param location string = 'westeurope' resource serverfarm 'Microsoft.Web/serverfarms@2022-09-01' = { name: resourceName @@ -19,33 +19,33 @@ resource site 'Microsoft.Web/sites@2022-09-01' = { name: resourceName location: location properties: { + clientAffinityEnabled: false clientCertEnabled: false clientCertMode: 'Required' - httpsOnly: false - serverFarmId: serverfarm.id enabled: true + httpsOnly: false publicNetworkAccess: 'Enabled' + serverFarmId: serverfarm.id siteConfig: { acrUseManagedIdentityCreds: false alwaysOn: true - http20Enabled: false - scmIpSecurityRestrictionsUseMain: false - windowsFxVersion: '' - ftpsState: 'Disabled' - publicNetworkAccess: 'Enabled' - webSocketsEnabled: false autoHealEnabled: false - minTlsVersion: '1.2' - remoteDebuggingEnabled: false + ftpsState: 'Disabled' + http20Enabled: false loadBalancing: 'LeastRequests' localMySqlEnabled: false managedPipelineMode: 'Integrated' + minTlsVersion: '1.2' + publicNetworkAccess: 'Enabled' + remoteDebuggingEnabled: false + scmIpSecurityRestrictionsUseMain: false scmMinTlsVersion: '1.2' use32BitWorkerProcess: true vnetRouteAllEnabled: false + webSocketsEnabled: false + windowsFxVersion: '' } vnetRouteAllEnabled: false - clientAffinityEnabled: false } } @@ -54,33 +54,33 @@ resource slot 'Microsoft.Web/sites/slots@2022-09-01' = { location: location parent: site properties: { + clientAffinityEnabled: false + clientCertEnabled: false + clientCertExclusionPaths: '' clientCertMode: 'Required' + enabled: true + httpsOnly: false publicNetworkAccess: 'Enabled' + serverFarmId: serverfarm.id siteConfig: { - use32BitWorkerProcess: false acrUseManagedIdentityCreds: false - minTlsVersion: '1.2' - remoteDebuggingEnabled: false - scmMinTlsVersion: '1.2' - webSocketsEnabled: false alwaysOn: true autoHealEnabled: false + ftpsState: 'Disabled' http20Enabled: false + loadBalancing: 'LeastRequests' + localMySqlEnabled: false + managedPipelineMode: 'Integrated' + minTlsVersion: '1.2' publicNetworkAccess: 'Enabled' + remoteDebuggingEnabled: false scmIpSecurityRestrictionsUseMain: false - ftpsState: 'Disabled' - managedPipelineMode: 'Integrated' + scmMinTlsVersion: '1.2' + use32BitWorkerProcess: false vnetRouteAllEnabled: false + webSocketsEnabled: false windowsFxVersion: '' - loadBalancing: 'LeastRequests' - localMySqlEnabled: false } vnetRouteAllEnabled: false - clientCertExclusionPaths: '' - enabled: true - httpsOnly: false - serverFarmId: serverfarm.id - clientAffinityEnabled: false - clientCertEnabled: false } } diff --git a/settings/remarks/microsoft.web/samples/sourcecontrols/main.bicep b/settings/remarks/microsoft.web/samples/sourcecontrols/main.bicep index a2fbe90d..f5c62621 100644 --- a/settings/remarks/microsoft.web/samples/sourcecontrols/main.bicep +++ b/settings/remarks/microsoft.web/samples/sourcecontrols/main.bicep @@ -1,18 +1,18 @@ targetScope = 'tenant' +param resourceName string = 'acctest0001' +param location string = 'eastus' @secure() @description('The GitHub access token for source control integration') param githubToken string @secure() @description('The GitHub token secret for source control integration') param githubTokenSecret string -param resourceName string = 'acctest0001' -param location string = 'eastus' resource sourcecontrol 'Microsoft.Web/sourcecontrols@2021-02-01' = { name: 'GitHub' properties: { - token: '${githubToken}' - tokenSecret: '${githubTokenSecret}' + token: githubToken + tokenSecret: githubTokenSecret } } diff --git a/settings/remarks/nginx.nginxplus/samples/nginxdeployments/configurations/main.bicep b/settings/remarks/nginx.nginxplus/samples/nginxdeployments/configurations/main.bicep index ef5224b8..590a826a 100644 --- a/settings/remarks/nginx.nginxplus/samples/nginxdeployments/configurations/main.bicep +++ b/settings/remarks/nginx.nginxplus/samples/nginxdeployments/configurations/main.bicep @@ -1,23 +1,6 @@ param resourceName string = 'acctest0001' param location string = 'westus' -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { - name: '${resourceName}-vnet' - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - privateEndpointVNetPolicies: 'Disabled' - subnets: [] - } -} - resource nginxDeployment 'Nginx.NginxPlus/nginxDeployments@2024-11-01-preview' = { name: '${resourceName}-nginx' location: location @@ -25,21 +8,58 @@ resource nginxDeployment 'Nginx.NginxPlus/nginxDeployments@2024-11-01-preview' = name: 'standardv2_Monthly' } properties: { + autoUpgradeProfile: { + upgradeChannel: 'stable' + } enableDiagnosticsSupport: false networkProfile: { frontEndIPConfiguration: { publicIPAddresses: [ - {} + { + id: publicIPAddress.id + } ] } - networkInterfaceConfiguration: {} + networkInterfaceConfiguration: { + subnetId: subnet.id + } } scalingProperties: { capacity: 10 } - autoUpgradeProfile: { - upgradeChannel: 'stable' + } +} + +resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = { + name: '${resourceName}-pip' + location: location + sku: { + name: 'Standard' + } + properties: { + ddosSettings: { + protectionMode: 'VirtualNetworkInherited' } + idleTimeoutInMinutes: 4 + publicIPAddressVersion: 'IPv4' + publicIPAllocationMethod: 'Static' + } +} + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { + name: '${resourceName}-vnet' + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + dhcpOptions: { + dnsServers: [] + } + privateEndpointVNetPolicies: 'Disabled' + subnets: [] } } @@ -47,7 +67,6 @@ resource configuration 'Nginx.NginxPlus/nginxDeployments/configurations@2024-11- name: 'default' parent: nginxDeployment properties: { - rootFile: '/etc/nginx/nginx.conf' files: [ { content: 'aHR0cCB7CiAgICBzZXJ2ZXIgewogICAgICAgIGxpc3RlbiA4MDsKICAgICAgICBsb2NhdGlvbiAvIHsKICAgICAgICAgICAgYXV0aF9iYXNpYyAiUHJvdGVjdGVkIEFyZWEiOwogICAgICAgICAgICBhdXRoX2Jhc2ljX3VzZXJfZmlsZSAvb3B0Ly5odHBhc3N3ZDsKICAgICAgICAgICAgZGVmYXVsdF90eXBlIHRleHQvaHRtbDsKICAgICAgICAgICAgcmV0dXJuIDIwMCAnPCFkb2N0eXBlIGh0bWw+PGh0bWwgbGFuZz0iZW4iPjxoZWFkPjwvaGVhZD48Ym9keT4KICAgICAgICAgICAgICAgIDxkaXY+dGhpcyBvbmUgd2lsbCBiZSB1cGRhdGVkPC9kaXY+CiAgICAgICAgICAgICAgICA8ZGl2PmF0IDEwOjM4IGFtPC9kaXY+CiAgICAgICAgICAgIDwvYm9keT48L2h0bWw+JzsKICAgICAgICB9CiAgICAgICAgaW5jbHVkZSBzaXRlLyouY29uZjsKICAgIH0KfQo=' @@ -60,6 +79,7 @@ resource configuration 'Nginx.NginxPlus/nginxDeployments/configurations@2024-11- virtualPath: '/opt/.htpasswd' } ] + rootFile: '/etc/nginx/nginx.conf' } } @@ -67,8 +87,6 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { name: '${resourceName}-subnet' parent: virtualNetwork properties: { - serviceEndpointPolicies: [] - serviceEndpoints: [] addressPrefix: '10.0.2.0/24' defaultOutboundAccess: true delegations: [ @@ -81,21 +99,7 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { ] privateEndpointNetworkPolicies: 'Disabled' privateLinkServiceNetworkPolicies: 'Enabled' - } -} - -resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = { - name: '${resourceName}-pip' - location: location - sku: { - name: 'Standard' - } - properties: { - ddosSettings: { - protectionMode: 'VirtualNetworkInherited' - } - idleTimeoutInMinutes: 4 - publicIPAddressVersion: 'IPv4' - publicIPAllocationMethod: 'Static' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } diff --git a/settings/remarks/nginx.nginxplus/samples/nginxdeployments/main.bicep b/settings/remarks/nginx.nginxplus/samples/nginxdeployments/main.bicep index d31d5805..33d9e335 100644 --- a/settings/remarks/nginx.nginxplus/samples/nginxdeployments/main.bicep +++ b/settings/remarks/nginx.nginxplus/samples/nginxdeployments/main.bicep @@ -1,65 +1,6 @@ param location string = 'westus' param resourceName string = 'acctest0001' -resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { - name: '${resourceName}-vnet' - location: location - properties: { - addressSpace: { - addressPrefixes: [ - '10.0.0.0/16' - ] - } - dhcpOptions: { - dnsServers: [] - } - privateEndpointVNetPolicies: 'Disabled' - subnets: [] - } -} - -resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { - name: '${resourceName}-subnet' - parent: virtualNetwork - properties: { - defaultOutboundAccess: true - delegations: [ - { - name: 'delegation' - properties: { - serviceName: 'NGINX.NGINXPLUS/nginxDeployments' - } - } - ] - privateEndpointNetworkPolicies: 'Disabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - serviceEndpoints: [] - addressPrefix: '10.0.2.0/24' - } -} - -resource subnet1 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { - name: '${resourceName}-subnet2' - parent: virtualNetwork - properties: { - serviceEndpoints: [] - addressPrefix: '10.0.3.0/24' - defaultOutboundAccess: true - delegations: [ - { - name: 'delegation' - properties: { - serviceName: 'NGINX.NGINXPLUS/nginxDeployments' - } - } - ] - privateEndpointNetworkPolicies: 'Disabled' - privateLinkServiceNetworkPolicies: 'Enabled' - serviceEndpointPolicies: [] - } -} - resource nginxDeployment 'Nginx.NginxPlus/nginxDeployments@2024-11-01-preview' = { name: '${resourceName}-nginx' location: location @@ -72,12 +13,16 @@ resource nginxDeployment 'Nginx.NginxPlus/nginxDeployments@2024-11-01-preview' = } enableDiagnosticsSupport: false networkProfile: { - networkInterfaceConfiguration: {} frontEndIPConfiguration: { publicIPAddresses: [ - {} + { + id: publicIPAddress.id + } ] } + networkInterfaceConfiguration: { + subnetId: subnet.id + } } scalingProperties: { autoScaleSettings: { @@ -123,11 +68,70 @@ resource publicipaddress1 'Microsoft.Network/publicIPAddresses@2024-05-01' = { tier: 'Regional' } properties: { + ddosSettings: { + protectionMode: 'VirtualNetworkInherited' + } idleTimeoutInMinutes: 4 publicIPAddressVersion: 'IPv4' publicIPAllocationMethod: 'Static' - ddosSettings: { - protectionMode: 'VirtualNetworkInherited' + } +} + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = { + name: '${resourceName}-vnet' + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] } + dhcpOptions: { + dnsServers: [] + } + privateEndpointVNetPolicies: 'Disabled' + subnets: [] + } +} + +resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { + name: '${resourceName}-subnet' + parent: virtualNetwork + properties: { + addressPrefix: '10.0.2.0/24' + defaultOutboundAccess: true + delegations: [ + { + name: 'delegation' + properties: { + serviceName: 'NGINX.NGINXPLUS/nginxDeployments' + } + } + ] + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] + } +} + +resource subnet1 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { + name: '${resourceName}-subnet2' + parent: virtualNetwork + properties: { + addressPrefix: '10.0.3.0/24' + defaultOutboundAccess: true + delegations: [ + { + name: 'delegation' + properties: { + serviceName: 'NGINX.NGINXPLUS/nginxDeployments' + } + } + ] + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Enabled' + serviceEndpointPolicies: [] + serviceEndpoints: [] } } diff --git a/settings/remarks/qumulo.storage/samples/filesystems/main.bicep b/settings/remarks/qumulo.storage/samples/filesystems/main.bicep index f6849b71..5021a125 100644 --- a/settings/remarks/qumulo.storage/samples/filesystems/main.bicep +++ b/settings/remarks/qumulo.storage/samples/filesystems/main.bicep @@ -10,10 +10,11 @@ resource qumuloFileSystem 'Qumulo.Storage/fileSystems@2024-06-19' = { properties: { adminPassword: qumuloPassword availabilityZone: '1' + delegatedSubnetId: subnet.id marketplaceDetails: { - publisherId: 'qumulo1584033880660' offerId: 'qumulo-saas-mpp' planId: 'azure-native-qumulo-v3' + publisherId: 'qumulo1584033880660' } storageSku: 'Cold_LRS' userDetails: { @@ -41,6 +42,8 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { location: location parent: vnet properties: { + addressPrefix: '10.0.1.0/24' + defaultOutboundAccess: true delegations: [ { name: 'delegation' @@ -54,7 +57,5 @@ resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = { ] privateEndpointNetworkPolicies: 'Disabled' privateLinkServiceNetworkPolicies: 'Enabled' - addressPrefix: '10.0.1.0/24' - defaultOutboundAccess: true } } From 6cc70b0dfba8c291c33b7ad15193d655fbd2a3bf Mon Sep 17 00:00:00 2001 From: Mingzhe Jiang Date: Sun, 17 May 2026 23:02:16 -0700 Subject: [PATCH 3/3] Updated baseline --- src/Directory.Packages.props | 1 + .../2022-04-01/roledefinitions.md | 2 +- .../microsoft.compute/2024-03-02/disks.md | 10 +++--- .../2024-05-15/databaseaccounts.md | 30 ++++++++--------- .../microsoft.keyvault/2023-07-01/vaults.md | 26 +++++++-------- .../TemplateRefGenerator.csproj | 32 +++++++++---------- 6 files changed, 51 insertions(+), 50 deletions(-) diff --git a/src/Directory.Packages.props b/src/Directory.Packages.props index cda51c33..7f505546 100644 --- a/src/Directory.Packages.props +++ b/src/Directory.Packages.props @@ -15,5 +15,6 @@ + \ No newline at end of file diff --git a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.authorization/2022-04-01/roledefinitions.md b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.authorization/2022-04-01/roledefinitions.md index 120408b0..efb08c84 100644 --- a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.authorization/2022-04-01/roledefinitions.md +++ b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.authorization/2022-04-01/roledefinitions.md @@ -105,7 +105,6 @@ param location string = 'eastus' resource roleDefinition 'Microsoft.Authorization/roleDefinitions@2018-01-01-preview' = { name: '6faae21a-0cd6-4536-8c23-a278823d12ed' properties: { - type: 'CustomRole' assignableScopes: [ subscription().id ] @@ -121,6 +120,7 @@ resource roleDefinition 'Microsoft.Authorization/roleDefinitions@2018-01-01-prev } ] roleName: resourceName + type: 'CustomRole' } } ``` diff --git a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.compute/2024-03-02/disks.md b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.compute/2024-03-02/disks.md index 923ada7a..5618dc2c 100644 --- a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.compute/2024-03-02/disks.md +++ b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.compute/2024-03-02/disks.md @@ -305,8 +305,8 @@ resource symbolicname 'Microsoft.Compute/disks@2024-03-02' = { A basic example of deploying Managed Disk. ```bicep -param resourceName string = 'acctest0001' param location string = 'westeurope' +param resourceName string = 'acctest0001' resource disk 'Microsoft.Compute/disks@2022-03-02' = { name: resourceName @@ -315,16 +315,16 @@ resource disk 'Microsoft.Compute/disks@2022-03-02' = { name: 'Standard_LRS' } properties: { + creationData: { + createOption: 'Empty' + } + diskSizeGB: 10 encryption: { type: 'EncryptionAtRestWithPlatformKey' } networkAccessPolicy: 'AllowAll' osType: '' publicNetworkAccess: 'Enabled' - creationData: { - createOption: 'Empty' - } - diskSizeGB: 10 } } ``` diff --git a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.documentdb/2024-05-15/databaseaccounts.md b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.documentdb/2024-05-15/databaseaccounts.md index b82315a4..4642b1fb 100644 --- a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.documentdb/2024-05-15/databaseaccounts.md +++ b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.documentdb/2024-05-15/databaseaccounts.md @@ -435,33 +435,33 @@ resource databaseAccount 'Microsoft.DocumentDB/databaseAccounts@2021-10-15' = { location: location kind: 'GlobalDocumentDB' properties: { + capabilities: [] + consistencyPolicy: { + defaultConsistencyLevel: 'BoundedStaleness' + maxIntervalInSeconds: 10 + maxStalenessPrefix: 200 + } + databaseAccountOfferType: 'Standard' + defaultIdentity: 'FirstPartyIdentity' disableKeyBasedMetadataWriteAccess: false disableLocalAuth: false + enableAnalyticalStorage: false enableAutomaticFailover: false + enableFreeTier: false + enableMultipleWriteLocations: false + ipRules: [] + isVirtualNetworkFilterEnabled: false locations: [ { + failoverPriority: 0 isZoneRedundant: false locationName: 'West Europe' - failoverPriority: 0 } ] networkAclBypass: 'None' - databaseAccountOfferType: 'Standard' - enableAnalyticalStorage: false - defaultIdentity: 'FirstPartyIdentity' - isVirtualNetworkFilterEnabled: false networkAclBypassResourceIds: [] - virtualNetworkRules: [] - capabilities: [] - enableFreeTier: false - enableMultipleWriteLocations: false - ipRules: [] publicNetworkAccess: 'Enabled' - consistencyPolicy: { - defaultConsistencyLevel: 'BoundedStaleness' - maxIntervalInSeconds: 10 - maxStalenessPrefix: 200 - } + virtualNetworkRules: [] } } ``` diff --git a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.keyvault/2023-07-01/vaults.md b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.keyvault/2023-07-01/vaults.md index 7aa708bb..a9414152 100644 --- a/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.keyvault/2023-07-01/vaults.md +++ b/src/TemplateRefGenerator.Tests/Files/markdown/microsoft.keyvault/2023-07-01/vaults.md @@ -210,37 +210,37 @@ resource vault 'Microsoft.KeyVault/vaults@2021-10-01' = { name: resourceName location: location properties: { - publicNetworkAccess: 'Enabled' - sku: { - family: 'A' - name: 'standard' - } - softDeleteRetentionInDays: 7 - tenantId: tenant().tenantId accessPolicies: [ { objectId: deployer().objectId permissions: { - secrets: [ - 'Set' - ] - storage: [] certificates: [ 'ManageContacts' ] keys: [ 'Create' ] + secrets: [ + 'Set' + ] + storage: [] } tenantId: tenant().tenantId } ] + createMode: 'default' enableRbacAuthorization: false + enableSoftDelete: true enabledForDeployment: false enabledForDiskEncryption: false enabledForTemplateDeployment: false - createMode: 'default' - enableSoftDelete: true + publicNetworkAccess: 'Enabled' + sku: { + family: 'A' + name: 'standard' + } + softDeleteRetentionInDays: 7 + tenantId: tenant().tenantId } } ``` diff --git a/src/TemplateRefGenerator/TemplateRefGenerator.csproj b/src/TemplateRefGenerator/TemplateRefGenerator.csproj index 4b8e608f..d13b0e0f 100644 --- a/src/TemplateRefGenerator/TemplateRefGenerator.csproj +++ b/src/TemplateRefGenerator/TemplateRefGenerator.csproj @@ -1,17 +1,17 @@ - - - Exe - - - - - - - - - - - - - + + + Exe + + + + + + + + + + + + + \ No newline at end of file